Age | Commit message (Collapse) | Author | Files | Lines |
|
it should already be pointing to a token with uid == 0.
Jeremy.
|
|
struct current_user current_user;"."
As requested by Volker, split this into smaller commits.
Jeremy.
|
|
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.
Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.
Jeremy.
|
|
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
|
|
rights fails even if the delete right is set on the object.
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.
Jeremy.
|
|
can_set_delete_on_close() is correctly called before any setting
of the disposition bit (clean up the do_unlink() call).
Jeremy.
|
|
For a netbench run this gains around 2% user-space CPU, fetching a 100MB file
takes around 4% less.
|
|
smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already
freed.
|
|
This might help finding why bug 6518 happens
|
|
|
|
|
|
|
|
|
|
making an arg const
|
|
|
|
To me "fill_share_mode_lock failed" is a "can't happen" alert. There is
however a perfectly valid case in get_file_infos() when the file is not open.
Change the corresponding debug message to level 10 and explain more.
|
|
|
|
Jeremy.
|
|
This extends the file_id struct to add an additional generic uint64_t
field: extid. For backwards compatibility with dev/inodes stored in
xattr_tdbs and acl_tdbs, the ext id is ignored for these databases.
This patch should cause no functional change on systems that don't use
SMB_VFS_FILE_ID_CREATE to set the extid.
Existing code that uses the smb_share_mode library will need to be
updated to be compatibile with the new extid.
|
|
|
|
This patch adds 3 new VFS OPs for Windows byte range locking: BRL_LOCK_WINDOWS,
BRL_UNLOCK_WINDOWS and BRL_CANCEL_WINDOWS. Specifically:
* I renamed brl_lock_windows, brl_unlock_windows and brl_lock_cancel to
*_default as the default implementations of the VFS ops.
* The blocking_lock_record (BLR) is now passed into the brl_lock_windows and
brl_cancel_windows paths. The Onefs implementation uses it - future
implementations may find it useful too.
* Created brl_lock_cancel to do what brl_lock/brl_unlock do: set up a
lock_struct and call either the Posix or Windows lock function. These happen
to be the same for the default implementation.
* Added helper functions: increment_current_lock_count() and
decrement_current_lock_count().
* Minor spelling correction in brl_timeout_fn: brl -> blr.
* Changed blocking_lock_cancel() to return the BLR that it has cancelled. This
allows us to assert its the lock that we wanted to cancel. If this assert ever
fires, this path will need to take in the BLR to cancel, rather than choosing
on its own.
* Adds a small helper function: find_blocking_lock_record_by_id(). Used by the
OneFS implementation, but could be useful for others.
|
|
Jeremy.
|
|
torture test
This third patch cleans up by removing all of the code that is made
obsolete by the first patch. It should cause no functional changes.
|
|
|
|
Jeremy.
(This used to be commit 079c75ef3c169c7a5d81bcaa0b70b6e0df2c464d)
|
|
Ok, here's the fix for the write times breakage
with the new tests in S4 smbtorture.
The key is keeping in the share mode struct
the "old_file_time" as the real write time,
set by all the write and allocation calls,
and the "changed_write_time" as the "sticky"
write time - set by the SET_FILE_TIME calls.
We can set them independently (although I
kept the optimization of not setting the
"old_file_time" is a "changed_write_time"
was already set, as we'll never see it.
This allows us to update the write time
immediately on the SMBwrite truncate case,
SET_END_OF_FILE and SET_ALLOCATION_SIZE calls,
whilst still have the 2 second delay on the
"normal" SMBwrite, SMBwriteX calls.
I think in a subsequent patch I'd like to
change the name of these from "old_file_time"
to "write_time" and "changed_write_time" to
"sticky_write_time" to make this clearer.
I think I also fixed a bug in Metze's original
code in that once a write timestamp had been
set from a "normal" SMBwriteX call the fsp->update_write_time_triggered
variable was set and then never reset - thus
meaning the write timestamp would never get
updated again on subsequent SMBwriteX's.
The new code checks the update_write_time_event
event instead, and doesn't update is there's
an event already scheduled.
Metze especially, please check this over for
your understanding.
Jeremy.
(This used to be commit 6f20585419046c4aca1f7d6c863cf79eb6ae53b0)
|
|
Patch successfully tested by Christoph Kaegi <kaph@zhaw.ch>, thanks.
(cherry picked from commit 9f8df16f476c49da85000b7365c8a6e33b8b71fc)
(This used to be commit 82ed19ff64fc815a8ca9fbd7d3331671ecf5d12b)
|
|
Jeremy.
(This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
|
|
being (correctly) used in the can_read/can_write checks for hide unreadable/unwritable
and this is more properly done using the functions in smbd/file_access.c.
Preparing to do NT access checks on all file access.
Jeremy.
(This used to be commit 6bfb06ad95963ae2acb67c4694a98282d3b29faa)
|
|
get_file_infos()
This means we need to fetch the record only once.
metze
(This used to be commit 4130b873291d39e363184fe4e38dc1f24ebe5056)
|
|
This is needed to implement the strange write time update
logic later. We need to store 2 time timestamps to
distinguish between the time the file system had before
the first client opened the file and a forced timestamp update.
metze
(This used to be commit 6aaa2ce0eeb46f6735ec984a2e7aadde7a7f456d)
|
|
(This used to be commit 64b1625f8e3bca43504871747bef6631e1b18f44)
|
|
We now refer directly to the file name in the tdb data, so don't delete it.
(This used to be commit 71de4946cf00cf8b7bb2f2d92832166bee12e84a)
|
|
(This used to be commit 616bc34744487450edd47e212a29c0f57eabb722)
|
|
(This used to be commit 444e35e7df1f13fc285183da8fb41b30ad99a3fa)
|
|
(This used to be commit 65dd869bea351010c67f02046ae4134bdada1a4c)
|
|
(This used to be commit 66be770993acf4e1673e9615bcddb21768c33e62)
|
|
(This used to be commit a98693bfa7bfe72ffa164d21b3e9636e268708aa)
|
|
locking.c:open_read_only was unused
don't export the silly boolean flag locking_init(bool read_only)
(This used to be commit 2f3c865707010bc7c463a02782dbee3dc2479da1)
|
|
(This used to be commit 1f317f471af72f8bbc6c9fdd3e79a27c59e6fb6e)
|
|
(This used to be commit 144014096a41de293ce7ec15f82681a469dd3aa1)
|
|
(This used to be commit b82120f9b7f5aad83d8b4ece0261e9693eedca0c)
|
|
Jeremy.
(This used to be commit a1725f4ff7ed375808c78ac661b539557748d0a5)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
This removes file_id_string_static and file_id_string_static2
(This used to be commit 638c848c9afe374feb30e34c494f89b2a6c64f7b)
|
|
This has been superseded by the "tdb_hashsize:<tdbname>" parameter
(This used to be commit df40d336afd256f05a0ec3724cc2096fb7114d81)
|
|
by hand
metze
(This used to be commit a7449e4ab390b3c1d9d5a0bbc466f71de17918e0)
|
|
fixed a bug with dead share mode entries
jra: please tell me if it's ok to merge this to 3_2_0.
metze
(This used to be commit 044ac6afa7a36b352f4cb203879af082d4726417)
|
|
POSIX locking. We can't do lock counts with POSIX,
so stop counting if we get a POSIX lock request.
Jeremy.
(This used to be commit a48e4a29e6774e5e72b9b361a17207b053474521)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|