smbd: Simplify chroot option in smbd

rpmlint has a check for this and prefers to call chdir() before
chroot(). If not it will complain with
missing-call-to-chdir-with-chroot. The old code equivalent secure. See

    http://unixwiz.net/techtips/chroot-practices.html

This removes several unneeded talloc_tos() calls.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Feb 13 03:50:54 CET 2016 on sn-devel-144

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 25c6d0539bc2ddf89c1dc7618cc5f9960245ca5a..34939f088f89420de8861adda59a6192cce72d6b 100644 (file)
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -3903,6 +3903,8 @@ void smbd_process(struct tevent_context *ev_ctx,
        NTSTATUS status;
        struct timeval tv = timeval_current();
        NTTIME now = timeval_to_nttime(&tv);
+       char *chroot_dir = NULL;
+       int rc;
 
        status = smbXsrv_client_create(ev_ctx, ev_ctx, msg_ctx, now, &client);
        if (!NT_STATUS_IS_OK(status)) {
@@ -4024,17 +4026,22 @@ void smbd_process(struct tevent_context *ev_ctx,
                exit_server("Could not open account policy tdb.\n");
        }
 
-       if (*lp_root_directory(talloc_tos())) {
-               if (chroot(lp_root_directory(talloc_tos())) != 0) {
-                       DEBUG(0,("Failed to change root to %s\n",
-                                lp_root_directory(talloc_tos())));
-                       exit_server("Failed to chroot()");
+       chroot_dir = lp_root_directory(talloc_tos());
+       if (chroot_dir[0] != '\0') {
+               rc = chdir(chroot_dir);
+               if (rc != 0) {
+                       DBG_ERR("Failed to chdir to %s\n", chroot_dir);
+                       exit_server("Failed to chdir()");
                }
-               if (chdir("/") == -1) {
-                       DEBUG(0,("Failed to chdir to / on chroot to %s\n", lp_root_directory(talloc_tos())));
+
+               rc = chroot(chroot_dir);
+               if (rc != 0) {
+                       DBG_ERR("Failed to change root to %s\n", chroot_dir);
                        exit_server("Failed to chroot()");
                }
-               DEBUG(0,("Changed root to %s\n", lp_root_directory(talloc_tos())));
+               DBG_WARNING("Changed root to %s\n", chroot_dir);
+
+               TALLOC_FREE(chroot_dir);
        }
 
        if (!file_init(sconn)) {