Merge 3.5.4 in upstream branch

git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream@3574 fc4039ab-9d04-0410-8cac-899223bdd6b0

1 files changed, 161 insertions, 0 deletions

diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c
new file mode 100644
index 0000000000..f7f04316bf
--- /dev/null
+++ b/lib/uid_wrapper/uid_wrapper.c
@@ -0,0 +1,161 @@
+/*
+   Copyright (C) Andrew Tridgell 2009
+ 
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#define UID_WRAPPER_NOT_REPLACE
+#include "includes.h"
+#include "system/passwd.h"
+#include "system/filesys.h"
+
+#ifndef _PUBLIC_
+#define _PUBLIC_
+#endif
+
+/*
+  we keep the virtualised euid/egid/groups information here
+ */
+static struct {
+	bool initialised;
+	bool enabled;
+	uid_t euid;
+	gid_t egid;
+	unsigned ngroups;
+	gid_t *groups;
+} uwrap;
+
+static void uwrap_init(void)
+{
+	if (uwrap.initialised) return;
+	uwrap.initialised = true;
+	if (getenv("UID_WRAPPER")) {
+		uwrap.enabled = true;
+		/* put us in one group */
+		uwrap.ngroups = 1;
+		uwrap.groups = talloc_array(talloc_autofree_context(), gid_t, 1);
+		uwrap.groups[0] = 0;
+	}
+}
+
+#undef uwrap_enabled
+_PUBLIC_ int uwrap_enabled(void)
+{
+	uwrap_init();
+	return uwrap.enabled?1:0;
+}
+
+_PUBLIC_ int uwrap_seteuid(uid_t euid)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return seteuid(euid);
+	}
+	/* assume for now that the ruid stays as root */
+	uwrap.euid = euid;
+	return 0;
+}
+
+_PUBLIC_ uid_t uwrap_geteuid(void)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return geteuid();
+	}
+	return uwrap.euid;
+}
+
+_PUBLIC_ int uwrap_setegid(gid_t egid)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return setegid(egid);
+	}
+	/* assume for now that the ruid stays as root */
+	uwrap.egid = egid;
+	return 0;
+}
+
+_PUBLIC_ uid_t uwrap_getegid(void)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return getegid();
+	}
+	return uwrap.egid;
+}
+
+_PUBLIC_ int uwrap_setgroups(size_t size, const gid_t *list)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return setgroups(size, list);
+	}
+
+	talloc_free(uwrap.groups);
+	uwrap.ngroups = 0;
+	uwrap.groups = NULL;
+
+	if (size != 0) {
+		uwrap.groups = talloc_array(talloc_autofree_context(), gid_t, size);
+		if (uwrap.groups == NULL) {
+			errno = ENOMEM;
+			return -1;
+		}
+		memcpy(uwrap.groups, list, size*sizeof(gid_t));
+		uwrap.ngroups = size;
+	}
+	return 0;
+}
+
+_PUBLIC_ int uwrap_getgroups(int size, gid_t *list)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return getgroups(size, list);
+	}
+
+	if (size > uwrap.ngroups) {
+		size = uwrap.ngroups;
+	}
+	if (size == 0) {
+		return uwrap.ngroups;
+	}
+	if (size < uwrap.ngroups) {
+		errno = EINVAL;
+		return -1;
+	}
+	memcpy(list, uwrap.groups, size*sizeof(gid_t));
+	return uwrap.ngroups;
+}
+
+_PUBLIC_ uid_t uwrap_getuid(void)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return getuid();
+	}
+	/* we don't simulate ruid changing */
+	return 0;
+}
+
+_PUBLIC_ gid_t uwrap_getgid(void)
+{
+	uwrap_init();
+	if (!uwrap.enabled) {
+		return getgid();
+	}
+	/* we don't simulate rgid changing */
+	return 0;
+}