From eac9d9b5e6c85866768a5455326aa9a6e3afcf9d Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 23 Apr 2012 16:19:50 -0700
Subject: [PATCH] Fix bug #8882 - Broken processing of %U with vfs_full_audit
 when force user is set.

When doing a "force user" we need to remember what the "sanitized_username"
was from the original connect.
(cherry picked from commit 0529cf9d039d0ae449f4b167952b42b2039238be)
---
 source3/smbd/service.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index bc2cdaf2d85..2de93848935 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -746,6 +746,14 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
 			return NULL;
 		}
 
+		/* We don't want to replace the original sanitized_username
+		   as it is the original user given in the connect attempt.
+		   This is used in '%U' substitutions. */
+		TALLOC_FREE(forced_serverinfo->sanitized_username);
+		forced_serverinfo->sanitized_username =
+			talloc_move(forced_serverinfo,
+					&conn->server_info->sanitized_username);
+
 		TALLOC_FREE(conn->server_info);
 		conn->server_info = forced_serverinfo;
 
-- 
2.34.1