rpms/samba/FC-6 samba-3.0.24-force_group_fix.patch, NONE, 1.1 samba-3.0.24-nmbd_segv.patch, NONE, 1.1 samba.spec, 1.77, 1.78
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon May 21 15:49:10 UTC 2007
Author: ssorce
Update of /cvs/dist/rpms/samba/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv13062
Modified Files:
samba.spec
Added Files:
samba-3.0.24-force_group_fix.patch
samba-3.0.24-nmbd_segv.patch
Log Message:
Fix an nmbd segfault in some conditions
Fix a problem introduced with one of the security patches, forcing groups
broke in some configurations
samba-3.0.24-force_group_fix.patch:
uid.c | 22 +++++++++++++++-------
1 files changed, 15 insertions(+), 7 deletions(-)
--- NEW FILE samba-3.0.24-force_group_fix.patch ---
Author: jerry
Revision: r22978
Modified: source/smbd/uid.c /branches/SAMBA_3_0_25/source/smbd/uid.c /branches/SAMBA_3_0_26/source/smbd/uid.c
Added:
Removed:
Don't use current_user to prep the security ctx in change_to_user
since any SID/uid/gid translation calls will reset the struct when
popping the security ctx. This should fix the standalone server
configuration issues reported by David Rankin (thanks for the logs).
Index: source/smbd/uid.c
===================================================================
--- source/smbd/uid.c (revision 22977)
+++ source/smbd/uid.c (revision 22978)
@@ -156,7 +156,9 @@
char group_c;
BOOL must_free_token = False;
NT_USER_TOKEN *token = NULL;
-
+ int num_groups = 0;
+ gid_t *group_list = NULL;
+
if (!conn) {
DEBUG(2,("change_to_user: Connection not open\n"));
return(False);
@@ -195,14 +197,14 @@
if (conn->force_user) /* security = share sets this too */ {
uid = conn->uid;
gid = conn->gid;
- current_user.ut.groups = conn->groups;
- current_user.ut.ngroups = conn->ngroups;
+ group_list = conn->groups;
+ num_groups = conn->ngroups;
token = conn->nt_user_token;
} else if (vuser) {
uid = conn->admin_user ? 0 : vuser->uid;
gid = vuser->gid;
- current_user.ut.ngroups = vuser->n_groups;
- current_user.ut.groups = vuser->groups;
+ num_groups = vuser->n_groups;
+ group_list = vuser->groups;
token = vuser->nt_user_token;
} else {
DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
@@ -235,8 +237,8 @@
*/
int i;
- for (i = 0; i < current_user.ut.ngroups; i++) {
- if (current_user.ut.groups[i] == conn->gid) {
+ for (i = 0; i < num_groups; i++) {
+ if (group_list[i] == conn->gid) {
gid = conn->gid;
gid_to_sid(&token->user_sids[1], gid);
break;
@@ -248,6 +250,12 @@
}
}
+ /* Now set current_user since we will immediately also call
+ set_sec_ctx() */
+
+ current_user.ut.ngroups = num_groups;
+ current_user.ut.groups = group_list;
+
set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
token);
samba-3.0.24-nmbd_segv.patch:
nmbd_subnetdb.c | 7 +++++++
1 files changed, 7 insertions(+)
--- NEW FILE samba-3.0.24-nmbd_segv.patch ---
Index: branches/SAMBA_3_0/source/nmbd/nmbd_subnetdb.c
===================================================================
--- branches/SAMBA_3_0/source/nmbd/nmbd_subnetdb.c (revision 22156)
+++ branches/SAMBA_3_0/source/nmbd/nmbd_subnetdb.c (revision 22157)
@@ -223,6 +223,13 @@
return False;
}
+ /* We must have at least one subnet. */
+ if (subnetlist == NULL) {
+ DEBUG(0,("create_subnets: unable to create any subnet from "
+ "given interfaces. nmbd is terminating\n"));
+ return False;
+ }
+
if (lp_we_are_a_wins_server()) {
/* Pick the first interface ip address as the WINS server ip. */
struct in_addr *nip = iface_n_ip(0);
Index: samba.spec
===================================================================
RCS file: /cvs/dist/rpms/samba/FC-6/samba.spec,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- samba.spec 14 May 2007 14:34:44 -0000 1.77
+++ samba.spec 21 May 2007 15:49:07 -0000 1.78
@@ -3,7 +3,7 @@
Summary: The Samba SMB server.
Name: samba
Version: 3.0.24
-Release: 5%{?dist}
+Release: 6%{?dist}
Epoch: 0
License: GNU GPL Version 2
Group: System Environment/Daemons
@@ -55,6 +55,8 @@
Patch122: samba-3.0.24-become_root.patch
Patch123: samba-3.0.24-parse_validation.patch
Patch124: samba-3.0.24-smbrun.patch
+Patch125: samba-3.0.24-nmbd_segv.patch
+Patch126: samba-3.0.24-force_group_fix.patch
Requires: pam >= 0:0.64 %{auth} samba-common = %{epoch}:%{version}-%{release}
Requires: logrotate >= 0:3.4 initscripts >= 0:5.54-1
@@ -148,6 +150,8 @@
%patch122 -p0 -b .become_root
%patch123 -p0 -b .parse_validation
%patch124 -p0 -b .smbrun
+%patch125 -p2 -b .nmbd_segv
+%patch126 -p0 -b .force_group
# crap
rm -f examples/VFS/.cvsignore
More information about the fedora-cvs-commits
mailing list