On 07/02/2023 14:51, Andrea Cucciarre wrote:> Hello Rowland, > > It seems to me that it proceeds in the code?you pastedIf you follow the code in try_chown, if you have the restore privilege it doesn't seem to do anything (Case 2): /* Case (2) / (3) */ if (lp_enable_privileges()) { bool has_take_ownership_priv = security_token_has_privilege( get_current_nttok(fsp->conn), SEC_PRIV_TAKE_OWNERSHIP); bool has_restore_priv = security_token_has_privilege( get_current_nttok(fsp->conn), SEC_PRIV_RESTORE); if (has_restore_priv) { ; /* Case (2) */ } else if (has_take_ownership_priv) { /* Case (3) */ if (uid == get_current_uid(fsp->conn)) { gid = (gid_t)-1; } else { has_take_ownership_priv = false; } } (since dos> filemode = Yes) cause in the following previous piece of code it > establishes that the user doesn't have the SEC_PRIV_RESTORE, which is > what I don't understand cause that user has the SeRestorePrivilege:But from my reading, having that privilege doesn't do anything. It gets nearly all the way through that block of code and fails at the block I posted earlier and returns with 'NT_STATUS_INVALID_OWNER'> > ==========> ?if (lp_enable_privileges()) { > bool has_take_ownership_priv = security_token_has_privilege( > get_current_nttok(fsp->conn), > SEC_PRIV_TAKE_OWNERSHIP); > bool has_restore_priv = security_token_has_privilege( > get_current_nttok(fsp->conn), > SEC_PRIV_RESTORE); > > if (has_restore_priv) { > ; /* Case (2) */ > } else if (has_take_ownership_priv) { > /* Case (3) */ > if (uid == get_current_uid(fsp->conn)) { > gid = (gid_t)-1; > } else { > has_take_ownership_priv = false; > } > } > > if (has_take_ownership_priv || has_restore_priv) { > status = NT_STATUS_OK; > become_root(); > ret = SMB_VFS_FCHOWN(fsp, uid, gid); > if (ret != 0) { > status = map_nt_error_from_unix(errno); > } > unbecome_root(); > return status; > =======> > Please note that? windows Administrator user can successfully change the > owner. > Below the output you requested [note that the user 'andrea' (id 11142) > wants to set the owner of the directory to user 'betty' (id 11150)]: > > # testparm -s > Load smb config files from /opt/samba/etc/smb.conf > lpcfg_do_global_parameter: WARNING: The "enable privileges" option is > deprecated > Loaded services file OK. > Weak crypto is allowed > Server role: ROLE_DOMAIN_MEMBER > > # Global parameters > [global] > ? ? ? ? client ldap sasl wrapping = plain > ? ? ? ? dedicated keytab file = /etc/krb5.keytab > ? ? ? ? disable spoolss = Yes > ? ? ? ? host msdfs = No > ? ? ? ? kerberos method = secrets and keytab > ? ? ? ? load printers = No > ? ? ? ? local master = No > ? ? ? ? log file = /opt/samba/log/%I-%M-%m.log > ? ? ? ? map to guest = Bad User > ? ? ? ? max log size = 100000 > ? ? ? ? preferred master = No > ? ? ? ? printcap name = /dev/null > ? ? ? ? realm = HF3.LOCAL > ? ? ? ? security = ADS > ? ? ? ? server string = Data %h > ? ? ? ? winbind enum groups = Yes > ? ? ? ? winbind enum users = Yes > ? ? ? ? winbind expand groups = 4 > ? ? ? ? winbind nss info = rfc2307 > ? ? ? ? winbind refresh tickets = Yes > ? ? ? ? workgroup = HYPERFILE3 > ? ? ? ? idmap config hyperfile3 : schema_mode = rfc2307 > ? ? ? ? idmap config hyperfile3 : range = 10000-20000000 > ? ? ? ? idmap config hyperfile3 : backend = rid > ? ? ? ? idmap config * : schema_mode = rfc2307 > ? ? ? ? idmap config * : range = 3000-4000 > ? ? ? ? idmap config * : backend = tdb > ? ? ? ? map acl inherit = Yes > ? ? ? ? vfs objects = zfsaclWhat distro is this ? Freebsd ? Rowland
Hello Rowland,
If has_restore_priv is true it runs SMB_VFS_FCHOWN as root:
=== if (has_take_ownership_priv || has_restore_priv) {
status = NT_STATUS_OK;
become_root();
ret = SMB_VFS_FCHOWN(fsp, uid, gid);
if (ret != 0) {
status = map_nt_error_from_unix(errno);
}
unbecome_root();
return status;
===
It' Solaris Unix.
Regards
Andrea
On Tue, Feb 7, 2023 at 4:26 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:
>
>
> On 07/02/2023 14:51, Andrea Cucciarre wrote:
> > Hello Rowland,
> >
> > It seems to me that it proceeds in the code you pasted
>
> If you follow the code in try_chown, if you have the restore privilege
> it doesn't seem to do anything (Case 2):
>
> /* Case (2) / (3) */
> if (lp_enable_privileges()) {
> bool has_take_ownership_priv >
security_token_has_privilege(
>
> get_current_nttok(fsp->conn),
> SEC_PRIV_TAKE_OWNERSHIP);
> bool has_restore_priv = security_token_has_privilege(
>
> get_current_nttok(fsp->conn),
> SEC_PRIV_RESTORE);
>
> if (has_restore_priv) {
> ; /* Case (2) */
> } else if (has_take_ownership_priv) {
> /* Case (3) */
> if (uid == get_current_uid(fsp->conn)) {
> gid = (gid_t)-1;
> } else {
> has_take_ownership_priv = false;
> }
> }
>
>
> (since dos
> > filemode = Yes) cause in the following previous piece of code it
> > establishes that the user doesn't have the SEC_PRIV_RESTORE, which
is
> > what I don't understand cause that user has the
SeRestorePrivilege:
>
> But from my reading, having that privilege doesn't do anything.
> It gets nearly all the way through that block of code and fails at the
> block I posted earlier and returns with 'NT_STATUS_INVALID_OWNER'
>
> >
> > ==========> > if (lp_enable_privileges()) {
> > bool has_take_ownership_priv = security_token_has_privilege(
> > get_current_nttok(fsp->conn),
> > SEC_PRIV_TAKE_OWNERSHIP);
> > bool has_restore_priv = security_token_has_privilege(
> > get_current_nttok(fsp->conn),
> > SEC_PRIV_RESTORE);
> >
> > if (has_restore_priv) {
> > ; /* Case (2) */
> > } else if (has_take_ownership_priv) {
> > /* Case (3) */
> > if (uid == get_current_uid(fsp->conn)) {
> > gid = (gid_t)-1;
> > } else {
> > has_take_ownership_priv = false;
> > }
> > }
> >
> > if (has_take_ownership_priv || has_restore_priv) {
> > status = NT_STATUS_OK;
> > become_root();
> > ret = SMB_VFS_FCHOWN(fsp, uid, gid);
> > if (ret != 0) {
> > status = map_nt_error_from_unix(errno);
> > }
> > unbecome_root();
> > return status;
> > =======> >
> > Please note that windows Administrator user can successfully change
the
> > owner.
> > Below the output you requested [note that the user 'andrea'
(id 11142)
> > wants to set the owner of the directory to user 'betty' (id
11150)]:
> >
> > # testparm -s
> > Load smb config files from /opt/samba/etc/smb.conf
> > lpcfg_do_global_parameter: WARNING: The "enable privileges"
option is
> > deprecated
> > Loaded services file OK.
> > Weak crypto is allowed
> > Server role: ROLE_DOMAIN_MEMBER
> >
> > # Global parameters
> > [global]
> > client ldap sasl wrapping = plain
> > dedicated keytab file = /etc/krb5.keytab
> > disable spoolss = Yes
> > host msdfs = No
> > kerberos method = secrets and keytab
> > load printers = No
> > local master = No
> > log file = /opt/samba/log/%I-%M-%m.log
> > map to guest = Bad User
> > max log size = 100000
> > preferred master = No
> > printcap name = /dev/null
> > realm = HF3.LOCAL
> > security = ADS
> > server string = Data %h
> > winbind enum groups = Yes
> > winbind enum users = Yes
> > winbind expand groups = 4
> > winbind nss info = rfc2307
> > winbind refresh tickets = Yes
> > workgroup = HYPERFILE3
> > idmap config hyperfile3 : schema_mode = rfc2307
> > idmap config hyperfile3 : range = 10000-20000000
> > idmap config hyperfile3 : backend = rid
> > idmap config * : schema_mode = rfc2307
> > idmap config * : range = 3000-4000
> > idmap config * : backend = tdb
> > map acl inherit = Yes
> > vfs objects = zfsacl
>
> What distro is this ? Freebsd ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Andrea Cucciarre'
Global Technical Support Manager
Cloudian Inc.