summaryrefslogtreecommitdiff
path: root/source3/modules/vfs_acl_tdb.c
AgeCommit message (Collapse)AuthorFilesLines
2011-10-11s3:vfs: convert the acl_tdb module to use dbwrap wrapper functions.Michael Adam1-13/+14
Avoid direct use of the db_record and db_context structs.
2011-09-27These modules are no longer experimental but production-ready (especiallyJeremy Allison1-2/+0
the acl_xattr code). Remove the "experimental" tag. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Sep 27 21:00:12 CEST 2011 on sn-devel-104
2011-07-29s3:dbwrap: move all .c and .h files of dbwrap to lib/dbwrap/Michael Adam1-1/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
2011-07-29s3:dbwrap: move db_open() to a file dbwrap_open.c of its own.Michael Adam1-0/+1
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and make the fallbacke implementation functoins non-static and create a dbwrap_private.h header file that contains their prototypes.
2011-06-20tdb_compat: Higher level API fixes.Rusty Russell1-1/+1
My previous patches fixed up all direct TDB callers, but there are a few utility functions and the db_context functions which are still using the old -1 / 0 return codes. It's clearer to fix up all the callers of these too, so everywhere is consistent: non-zero means an error. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-05-06s3: only include tdb headers where needed.Günther Deschner1-0/+1
Guenther
2011-04-21s3-vfs: rename open function to open_fn.Günther Deschner1-1/+1
This should finally fix the AIX build and allow to remove AIX specific ifdefs. Guenther Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Apr 21 02:01:20 CEST 2011 on sn-devel-104
2011-04-02Fix bug #7987 - ACL can get lost when files are being renamed.Jeremy Allison1-1/+5
There is no reason for smbd with Windows ACLs to use chmod or fchmod unless it's a file opened with UNIX extensions or with posix pathnames. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Apr 2 02:40:43 CEST 2011 on sn-devel-104
2011-03-30s3-auth: vfs modules need auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3-vfs: include smbd/smbd.h in vfs modules.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2010-10-16Ensure we have correct parameters to use Windows ACL modules.Jeremy Allison1-2/+5
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 16 03:36:04 UTC 2010 on sn-devel-104
2010-10-16Add acl_xattr:ignore system acls boolean (normally false) to allowJeremy Allison1-0/+1
Samba ACL module to ignore mapping to lower POSIX layer. With this fix Samba 3.6.x now passes RAW-ACLs (with certain smb.conf parameters set). Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 16 01:26:31 UTC 2010 on sn-devel-104
2010-08-26s3-build: use dbwrap.h only where needed.Günther Deschner1-0/+1
Guenther
2010-03-24Fix bug #7283 - vfs_acl_tdb does not work as expected.Jeremy Allison1-34/+14
both vfs_acl_common.c and vfs_acl_tdb.c were using the connection handle, thus conflicted. Fix this. Jeremy.
2010-02-18s3-modules: fix get_acl_blob in the acl_tdb VFS module.Günther Deschner1-1/+1
Shuttle-reviewed by jra :) Guenther
2010-02-08Fix bug #6876 for acl_tdb module.Jeremy Allison1-2/+1
As pointed out by bj@sernet.de, the rmdir module initializer was duplicated. Fix this properly. Jeremy.
2010-01-12Fix bug #6876 - Delete of an object whose parent folder does not have delete ↵Jeremy Allison1-1/+2
rights fails even if the delete right is set on the object. Final fix for the vfs_acl_xattr and vfs_acl_tdb code. Ensure we can delete a file even if the underlying POSIX permissions don't allow it, if the Windows permissions do. Jeremy.
2009-12-07Hopefullt final fix for 6802 - acl_xattr.c module: A created folder does not ↵Jeremy Allison1-50/+1
properly inherit permissions from parent and 6938 - No hook exists to check creation rights when using acl_xattr module Volker was right (dammit :-). It's much easier to catch this case in the create_file() vfs call instead of trying to do everything inside open() and mkdir(). Hook all these functions to gain the desired effect. Jeremy.
2009-12-02Ensure get_nt_acl_internal() only looks at the ACL blobs, notJeremy Allison1-1/+1
reads off the underlying filesystem. Ensure that vfs_acl_tdb.c returns NT_STATUS_NOT_FOUND, not NT_STATUS_OBJECT_NAME_NOT_FOUND when it can't find a blob matching the file. Jeremy.
2009-11-30Fix bug 6938 : No hook exists to check creation rights when using acl_xattr ↵Jeremy Allison1-0/+1
module Fix ACL modules to test for permissions on open/mkdir/opendir. Ensure that underlying ACLs are returned for directories/files with no Windows xattr or tdb acls stored. Jeremy.
2009-11-30Restructure the connect function code to always callJeremy Allison1-5/+4
down to NEXT-> before initializing. This allows us to do cleanup (by calling DISCONNECT) if initialization fails. Also fix vfs_acl_xattr which was failing to call the NEXT connect function. Jeremy.
2009-11-11Second part of bugfix for 6865 - acl_xattr module: Has dependency that ↵Jeremy Allison1-2/+4
inherit acls = yes or xattrs are removed. We also need dos filemode = true set as well. Jeremy.
2009-11-06Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or ↵Jeremy Allison1-0/+6
xattrs are removed. Jeremy.
2009-10-02Remove lots of duplicate code and move it into oneJeremy Allison1-32/+18
function vfs_stat_fsp(). Stops code looking at fsp->posix_open except for exceptional circumstances. Jeremy.
2009-07-27Fix the build breakage by #including modules/vfs_acl_common.cJeremy Allison1-3/+5
into acl_tdb and acl_xattr. Duplicates the code size, but keeps the code in common so I don't have to do bug fixes in two places (which is what I really cared about). Jeremy.
2009-07-24Factor out common code into vfs_acl_common.c.Jeremy Allison1-638/+8
Jeremy.
2009-07-24Make acl_tdb match acl_xattr. Large duplication ofJeremy Allison1-68/+225
code here needs tidying up. Compiles but not yet tested. Jeremy.
2009-07-24Fix hash function in acl_xattr to be SHA256, makeJeremy Allison1-10/+10
the hash function selectable. Upgrade version. Compiles but not fully tested yet (coming). Make vfs_acl_tdb.c compile - this needs updating to match acl_xattr (also coming soon). Jeremy.
2009-07-24Make the smbd VFS typesafeVolker Lendecke1-24/+13
2009-07-20s3: Finish plumbing the fsp->fsp_name smb_fname conversion through the modules.Tim Prouty1-53/+45
2009-07-06s3: Plumb smb_filename through SMB_VFS_UNLINKTim Prouty1-9/+18
2009-06-24s3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTATTim Prouty1-18/+28
This patch introduces two new temporary helper functions vfs_stat_smb_fname and vfs_lstat_smb_fname. They basically allowed me to call the new smb_filename version of stat, while avoiding plumbing it through callers that are still too inconvenient. As the conversion moves along, I will be able to remove callers of this, with the goal being to remove all callers. There was also a bug in create_synthetic_smb_fname_split (also a temporary utility function) that caused it to incorrectly handle filenames with ':'s in them when in posix mode. This is now fixed.
2009-06-17s3: Change SMB_VFS_OPEN to take an smb_filename structTim Prouty1-5/+15
This was a little messy because of all of the vfs modules I had to touch. Most of them were pretty straight forward, but the streams modules required a little attention to handle smb_filename. Since the use of smb_filename enables the vfs modules to access the raw, over-the-wire stream, a little bit of the handling that was being done by split_ntfs_stream_name has now been shifted into the individual stream modules. It may be a little more code, but overall it gives more flexibility to the streams modules, while also allowing correct stream handling.
2009-05-26Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STATVolker Lendecke1-2/+2
This patch introduces struct stat_ex { dev_t st_ex_dev; ino_t st_ex_ino; mode_t st_ex_mode; nlink_t st_ex_nlink; uid_t st_ex_uid; gid_t st_ex_gid; dev_t st_ex_rdev; off_t st_ex_size; struct timespec st_ex_atime; struct timespec st_ex_mtime; struct timespec st_ex_ctime; struct timespec st_ex_btime; /* birthtime */ blksize_t st_ex_blksize; blkcnt_t st_ex_blocks; }; typedef struct stat_ex SMB_STRUCT_STAT; It is really large because due to the friendly libc headers playing macro tricks with fields like st_ino, so I renamed them to st_ex_xxx. Why this change? To support birthtime, we already have quite a few #ifdef's at places where it does not really belong. With a stat struct that we control, we can consolidate the nanosecond timestamps and the birthtime deep in the VFS stat calls. At this moment it is triggered by a request to support the birthtime field for GPFS. GPFS does not extend the system level struct stat, but instead has a separate call that gets us the additional information beyond posix. Without being able to do that within the VFS stat calls, that support would have to be scattered around the main smbd code. It will very likely break all the onefs modules, but I think the changes will be reasonably easy to do.
2009-03-04Fix crashes when running RAW-ACLs against system with tdb ACL modulesJeremy Allison1-2/+2
(caused by the POSIX pathname fixes). Jeremy.
2009-02-25Use fsp->posix_open in preference if we have it.Jeremy Allison1-5/+5
Jeremy.
2009-02-25Ensure ACL modules work with POSIX paths.Jeremy Allison1-20/+69
Jeremy.
2009-02-19s3: Add extid to the dev/inode pairTim Prouty1-0/+6
This extends the file_id struct to add an additional generic uint64_t field: extid. For backwards compatibility with dev/inodes stored in xattr_tdbs and acl_tdbs, the ext id is ignored for these databases. This patch should cause no functional change on systems that don't use SMB_VFS_FILE_ID_CREATE to set the extid. Existing code that uses the smb_share_mode library will need to be updated to be compatibile with the new extid.
2009-01-15s3: Remove an incorrect constTim Prouty1-1/+1
2009-01-16s3:vfs_acl_tdb: don't leak state_path() to talloc_tos() in acl_tdb_init()Michael Adam1-0/+2
Michael
2009-01-12Covert several persistant tdb files to use state_path() instead of lock_path()Steven Danneman1-1/+1
2008-12-31Rename parent_dirname_talloc() to parent_dirname()Volker Lendecke1-4/+1
2008-12-18Comment out the parent inheritance code (this is incorrect) as wasJeremy Allison1-0/+2
done for POSIX ACLs. Jeremy.
2008-11-19Add functions to delete NTACL on posix ACL set.Jeremy Allison1-77/+135
Jeremy.
2008-11-13Move v2 from timestamp to 16-byte hash. Got the change in before on disk ↵Jeremy Allison1-20/+10
format is fixed. Jeremy.
2008-11-11[s3]vfs_acl_tdb: fix the build.Michael Adam1-1/+1
ndr_push_struct_blob has a different signature in master as well. Michael
2008-11-10Fix the build (ndr_pull_struct_blob has a different signature in master).Jeremy Allison1-1/+1
Jeremy.
2008-11-10Added vfs_acl_tdb.c module to do ACLs completely in userspace. Passes all of ↵Jeremy Allison1-0/+843
RAW-ACLS except for the last test which uses a non-POSIX chown. More testing/documentation to follow. Jeremy.