git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dc16162)
Revert "open.c: prefer capabilities over become_root"
authorBjörn Jacke <bjacke@samba.org>
Mon, 25 Mar 2024 16:03:35 +0000 (17:03 +0100)
committerJule Anger <janger@samba.org>
Wed, 27 Mar 2024 15:45:13 +0000 (15:45 +0000)
This reverts commit b250f25fe407f9a6269b804382de4854501f2d86.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 88eb58af6783ad23d2e2b602ee9fdbbdf556b354)

source3/smbd/open.c patch | blob | history

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index c9c64fc4b767fe4c63ba2bd3708af61eabefd465..95034b147a8af522c12bd95a6c350db9a072e513 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -999,11 +999,11 @@ static void change_file_owner_to_parent_fsp(struct files_struct *parent_fsp,
                 return;
        }
 
-       set_effective_capability(DAC_OVERRIDE_CAPABILITY);
+       become_root();
        ret = SMB_VFS_FCHOWN(fsp,
                             parent_fsp->fsp_name->st.st_ex_uid,
                             (gid_t)-1);
-       drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
+       unbecome_root();
        if (ret == -1) {
                DBG_ERR("failed to fchown "
                        "file %s to parent directory uid %u. Error "
@@ -1036,11 +1036,11 @@ static NTSTATUS change_dir_owner_to_parent_fsp(struct files_struct *parent_fsp,
                return NT_STATUS_OK;
        }
 
-       set_effective_capability(DAC_OVERRIDE_CAPABILITY);
+       become_root();
        ret = SMB_VFS_FCHOWN(fsp,
                             parent_fsp->fsp_name->st.st_ex_uid,
                             (gid_t)-1);
-       drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
+       unbecome_root();
        if (ret == -1) {
                status = map_nt_error_from_unix(errno);
                DBG_ERR("failed to chown "
@@ -5542,13 +5542,13 @@ static NTSTATUS inherit_new_acl(files_struct *dirfsp, files_struct *fsp)
 
        if (inherit_owner) {
                /* We need to be root to force this. */
-               set_effective_capability(DAC_OVERRIDE_CAPABILITY);
+               become_root();
        }
        status = SMB_VFS_FSET_NT_ACL(metadata_fsp(fsp),
                        security_info_sent,
                        psd);
        if (inherit_owner) {
-               drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
+               unbecome_root();
        }
        TALLOC_FREE(frame);
        return status;
Samba Shared Repository