| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Rename functions to be internally consistent. Next step is
to cope queueing single (non-compounded) SMB2 requests to
put some code inside the stubs.
Jeremy.
|
|
Guenther
|
|
In the refactoring around filename_convert, the split between the functions
resolve_dfspath() and resolve_dfspath_wcard() was lost, leaving us only with
resolve_dfspath_wcard().
Internally resolve_dfspath_wcard() calls dfs_redirect() only with a
"allow_wcards" flag of true, wheras the old resolve_dfspath() would call with a
value of false. The loss of this case causes dfs_redirect to always masquerade
DFS links as directories, even when they are being queried directly by a trans2
QPATHINFO call. We should only masquerade DFS links as directories when called
from a SMBsearch or trans2 findfirst/findnext - which was the intent of the
"allow_wcards" flag.
This patch adds back an allow_wcards bool parameter to
resolve_dfspath_wcard(). This bool is set from the state of the ucf_flags when
filename_convert() is called.
I will follow this up with a new smbclient-based torture test that will prevent
us from ever regressing our DFS support again.
Jeremy.
|
|
Set to 64k by default.
Jeremy.
|
|
Change schedule_aio_read_and_X/schedule_aio_write_and_X to
return NTSTATUS. Move the grant and release of the lock into
the aio code.
Jeremy
|
|
Call from actual aio read or write. No reason to call this globally on startup.
Jeremy.
|
|
Contains for by Sebastian Kloska <oncaphillis@snafu.de>. Submitter
confirms this fixes the problem.
Jeremy.
|
|
metze
|
|
metze
|
|
metze
|
|
|
|
Updates usershare files in a backwards compatible way.
I don't intend to back port this fix to 3.5.x as it
depends on a version upgrade in the share_info.tdb share security database.
Jeremy.
|
|
cups_pull_comment_location.
Guenther
|
|
Based on a patch from Michael Karcher <samba@mkarcher.dialup.fu-berlin.de>.
I think this is the correct fix. It causes cups_job_submit to use
print_parse_jobid(), which I've moved into printing/lpq_parse.c (to allow the
link to work).
It turns out the old print_parse_jobid() was *broken*, in that the pjob
filename was set as an absolute path - not relative to the sharename (due to it
not going through the VFS calls).
This meant that the original code doing a strncmp on the first part of the
filename would always fail - it starts with a "/", not the relative pathname of
PRINT_SPOOL_PREFIX ("smbprn.").
This fix could fix some other mysterious printing bugs - probably the ones
Guenther noticed where job control fails on non-cups backends.
Guenther PLEASE CHECK !
Jeremy.
|
|
The notify tdb files are opened at tconX time, which leads to one fcntl lock
for CLEAR_IF_FIRST detection per smbd. This opens the tdbs in the parent and
holds it, so that tdb_reopen_all correctly catches the CLEAR_IF_FIRST bit.
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Only data needs to be non-const.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
metze
|
|
Fix this by moving canonicalization into lib/sharesec.c. Update the
db version to 3. Ensures we always find share names with security
descriptors attached.
Jeremy.
|
|
This is mainly a debugging aid for post-mortem analysis in case a cluster file
system is slow.
|
|
This will enable an extra forked process that will reply
to SMBecho requests, while the main process is blocked by another
request.
metze
|
|
trusted channels
metze
|
|
This boolean option controls whether at exit time the server dumps a list of
files with debug level 0 that were still open for write. This is an
administrative aid to find the files that were potentially corrupt if the
network connection died.
|
|
This is more in line with the rest of the Samba code, like connections_forall
etc.
|
|
metze
|
|
|
|
|
|
|
|
"current_user.XXX"
Will allow me to replace them with accessor functions.
Jeremy.
|
|
Jeremy.
|
|
struct current_user current_user;"."
As requested by Volker, split this into smaller commits.
Jeremy.
|
|
get_current_nttok(conn)
Centralize the root check into smb1_file_se_access_check()
so this is used by modules/vfs_acl_common.c also.
Jeremy.
|
|
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.
Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.
Jeremy.
|
|
|
|
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
|
|
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.
Jeremy.
|
|
Guenther
|
|
|
|
In a cluster, this makes a large difference: For r/w traverse, we have to do a
fetch_locked on every record which for most users of connections_forall is just
overkill.
|
|
|
|
|
|
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
|
|
|
|
|
|
|
