From fa3cbaf67a6dff553fa0430f5c3abdd15bf98311 Mon Sep 17 00:00:00 2001
From: Matthieu Patou <mat@matws.net>
Date: Mon, 1 Mar 2010 16:48:39 +0300
Subject: [PATCH] s4: Become root when changing uid/gid as the user can be != root but have the right to change owner

---
 source4/ntvfs/posix/pvfs_acl.c |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c
index 3336cd0..361e2dc 100644
--- a/source4/ntvfs/posix/pvfs_acl.c
+++ b/source4/ntvfs/posix/pvfs_acl.c
@@ -25,6 +25,7 @@
 #include "librpc/gen_ndr/xattr.h"
 #include "libcli/security/security.h"
 #include "param/param.h"
+#include "../lib/util/unix_privs.h"
 
 #if defined(UID_WRAPPER)
 #if !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE)
@@ -387,11 +388,14 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
 	/* if there's something to change try it */
 	if (new_uid != -1 || new_gid != -1) {
 		int ret;
+		void *privs;
+		privs = root_privileges();
 		if (fd == -1) {
 			ret = chown(name->full_name, new_uid, new_gid);
 		} else {
 			ret = fchown(fd, new_uid, new_gid);
 		}
+		talloc_free(privs);
 		if (errno == EPERM && uwrap_enabled()) {
 			ret = 0;
 		}
-- 
1.6.3.3