STABLE12-allow-chown-on-storedata-20020820

Allow users with admin bits to store different user/group IDs
along with a StoreData call; they can already do so anyway by
using StoreStatus.  Fixes a spurious permission denied error
with arla clients.

(cherry picked from commit 847a5af3beea35af5f80078a8b24f01582f53824)

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index e35d7aba4258312125165949aa45ef9cf672b6c1..fe272124859092727d497634fa6b09ca6737601c 100644 (file)
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -5530,8 +5530,14 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus)
            }
            else {      /* store data or status */
              /* watch for chowns and chgrps */
-             if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr))
-               return(EPERM);      /* Was EACCES */
+             if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) {
+               if (VanillaUser (client)) 
+                 return(EPERM);        /* Was EACCES */
+               else
+                 osi_audit(PrivilegeEvent, 0,
+                           AUD_INT, (client ? client->ViceId : 0), 
+                           AUD_INT, CallingRoutine, AUD_END);
+             }
              /* must be sysadmin to set suid/sgid bits */
              if ((InStatus->Mask & AFS_SETMODE) &&
 #ifdef AFS_NT40_ENV