| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
get_current_nttok(conn)
Centralize the root check into smb1_file_se_access_check()
so this is used by modules/vfs_acl_common.c also.
Jeremy.
|
|
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.
Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.
Jeremy.
|
|
|
|
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
|
|
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.
Jeremy.
|
|
Guenther
|
|
|
|
In a cluster, this makes a large difference: For r/w traverse, we have to do a
fetch_locked on every record which for most users of connections_forall is just
overkill.
|
|
|
|
|
|
Make calling schannel much easier by removing the need to explicitly open the
database. Let the abstraction do it instead.
|
|
|
|
|
|
|
|
This is a sync wrapper around cli_smb_send/cli_smb_recv. This is a hack to
speed up converting libsmb/ away from cli_send_smb/cli_receive_smb. Some
routines in libsmb/ are only called in one place in smbtorture for example,
where making it async right now is not worth it. With cli_smb_send/cli_smb_recv
in place, pushing the asynchronosity out one level is "just" boilerplate code
that is easy to do should it become necessary.
|
|
Volker.
Create widelinks_warning(int snum) to cover the message needed in make_connection.
Jeremy.
|
|
This way we avoid any chance that a configuration reload may turn
back on wide links when unix extensions are enabled.
|
|
broadcast"
metze
|
|
|
|
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Passing NULL as dest_realm for cli_session_setup_spnego() was
always using our own realm (as for a NetBIOS name). Change this
to look for the mapped realm using krb5_get_host_realm() if
the destination machine name is a DNS name (contains a '.').
Could get fancier with DNS name detection (length, etc.) but
this will do for now.
Jeremy.
|
|
|
|
All but one call were pointless, so I think this API should go
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
we have nt_time_equal doing the same in lib/util/
|
|
lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
|
|
|
|
metze
|
|
|
|
|
|
struct in the fsp->fsp_name pointer incorrectly for a directory.
Fix this. Make map_canon_ace_perms() public.
Jeremy.
|
|
Andrew Bartlett
|
|
Rewrite all calls to reply_nterror(NT_STATUS_DOS()) to
reply_force_doserror() and update the comment in smbd/error.c
Jeremy.
|
|
Jeremy.
|
|
|
|
Guenther
|
|
calls are now handle based. Put rmdir into close.c
and make it private.
Jeremy.
|
|
can_set_delete_on_close() is correctly called before any setting
of the disposition bit (clean up the do_unlink() call).
Jeremy.
|
|
right. The previous bugs were due to the fact that get_nt_acl_internal()
could return an NTSTATUS error if there was no stored ACL blob, but
otherwise would return the underlying ACL from the filysystem. Fix
this so it always returns a valid acl if it can, and if it does not
its an error to be reported back to the client. This then changes
the inherit acl code. Previously we were trying to match Windows
by setting a minimal ACL on a new file that didn't inherit anything
from a parent directory. This is silly - the returned ACL wouldn't
match the underlying UNIX permissions. The current code will correctly
inherit from a parent if a parent has any inheritable ACE entries
that apply to the new object, but will return a mapping from the
underlying UNIX permissions if the parent has no inheritable entries.
This makes much more sense for new files/directories.
Jeremy.
|
|
posix_fallocate is more efficient than manual zero'ing the file. When
preallocation in kernel space is supported it's extremely fast. Support for
preallocation at fs layer via posix_fallocate and fallocate at kernel site
can be found in Linux kernel 2.6.23/glibc 2.10 with ext4, XFS and OCFS2. Other
systems that I know of which support fast preallocation in kernel space are
AIX 6.1 with JFS2 and recent Solaris versions with ZFS maybe UFS2, too.
People who have a system with preallocation in kernel space might want to set
"strict allocate = yes". This reduces file fragentation and it's also safer for
setups with quota being turned on.
As of today most systems still don't have preallocation in kernel space, and
that's why "strict allocate = no" will stay the default for now.
|
|
|
