From: Nickolai Zeldovich <kolya@mit.edu>
Date: Tue, 20 Aug 2002 22:39:31 +0000 (+0000)
Subject: Allow users with admin bits to store different user/group IDs
X-Git-Tag: openafs-devel_1_3_3~2
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=847a5af3beea35af5f80078a8b24f01582f53824;p=packages%2Fo%2Fopenafs.git

Allow users with admin bits to store different user/group IDs
along with a StoreData call; they can already do so anyway by
using StoreStatus.  Fixes a spurious permission denied error
with arla clients.
---

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index 571ff046e..1b28e108f 100644
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -5619,8 +5619,14 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus)
 	    }
 	    else {	/* store data or status */
 	      /* watch for chowns and chgrps */
-	      if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr))
-		return(EPERM);      /* Was EACCES */
+	      if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) {
+		if (VanillaUser (client)) 
+		  return(EPERM);	/* Was EACCES */
+		else
+		  osi_audit(PrivilegeEvent, 0,
+			    AUD_INT, (client ? client->ViceId : 0), 
+			    AUD_INT, CallingRoutine, AUD_END);
+	      }
 	      /* must be sysadmin to set suid/sgid bits */
 	      if ((InStatus->Mask & AFS_SETMODE) &&
 #ifdef AFS_NT40_ENV