summaryrefslogtreecommitdiff
path: root/source3/modules/vfs_acl_tdb.c
AgeCommit message (Collapse)AuthorFilesLines
2010-01-12Fix bug #6876 - Delete of an object whose parent folder does not have delete ↵Jeremy Allison1-1/+2
rights fails even if the delete right is set on the object. Final fix for the vfs_acl_xattr and vfs_acl_tdb code. Ensure we can delete a file even if the underlying POSIX permissions don't allow it, if the Windows permissions do. Jeremy.
2009-12-07Hopefullt final fix for 6802 - acl_xattr.c module: A created folder does not ↵Jeremy Allison1-50/+1
properly inherit permissions from parent and 6938 - No hook exists to check creation rights when using acl_xattr module Volker was right (dammit :-). It's much easier to catch this case in the create_file() vfs call instead of trying to do everything inside open() and mkdir(). Hook all these functions to gain the desired effect. Jeremy.
2009-12-02Ensure get_nt_acl_internal() only looks at the ACL blobs, notJeremy Allison1-1/+1
reads off the underlying filesystem. Ensure that vfs_acl_tdb.c returns NT_STATUS_NOT_FOUND, not NT_STATUS_OBJECT_NAME_NOT_FOUND when it can't find a blob matching the file. Jeremy.
2009-11-30Fix bug 6938 : No hook exists to check creation rights when using acl_xattr ↵Jeremy Allison1-0/+1
module Fix ACL modules to test for permissions on open/mkdir/opendir. Ensure that underlying ACLs are returned for directories/files with no Windows xattr or tdb acls stored. Jeremy.
2009-11-30Restructure the connect function code to always callJeremy Allison1-5/+4
down to NEXT-> before initializing. This allows us to do cleanup (by calling DISCONNECT) if initialization fails. Also fix vfs_acl_xattr which was failing to call the NEXT connect function. Jeremy.
2009-11-11Second part of bugfix for 6865 - acl_xattr module: Has dependency that ↵Jeremy Allison1-2/+4
inherit acls = yes or xattrs are removed. We also need dos filemode = true set as well. Jeremy.
2009-11-06Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or ↵Jeremy Allison1-0/+6
xattrs are removed. Jeremy.
2009-10-02Remove lots of duplicate code and move it into oneJeremy Allison1-32/+18
function vfs_stat_fsp(). Stops code looking at fsp->posix_open except for exceptional circumstances. Jeremy.
2009-07-27Fix the build breakage by #including modules/vfs_acl_common.cJeremy Allison1-3/+5
into acl_tdb and acl_xattr. Duplicates the code size, but keeps the code in common so I don't have to do bug fixes in two places (which is what I really cared about). Jeremy.
2009-07-24Factor out common code into vfs_acl_common.c.Jeremy Allison1-638/+8
Jeremy.
2009-07-24Make acl_tdb match acl_xattr. Large duplication ofJeremy Allison1-68/+225
code here needs tidying up. Compiles but not yet tested. Jeremy.
2009-07-24Fix hash function in acl_xattr to be SHA256, makeJeremy Allison1-10/+10
the hash function selectable. Upgrade version. Compiles but not fully tested yet (coming). Make vfs_acl_tdb.c compile - this needs updating to match acl_xattr (also coming soon). Jeremy.
2009-07-24Make the smbd VFS typesafeVolker Lendecke1-24/+13
2009-07-20s3: Finish plumbing the fsp->fsp_name smb_fname conversion through the modules.Tim Prouty1-53/+45
2009-07-06s3: Plumb smb_filename through SMB_VFS_UNLINKTim Prouty1-9/+18
2009-06-24s3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTATTim Prouty1-18/+28
This patch introduces two new temporary helper functions vfs_stat_smb_fname and vfs_lstat_smb_fname. They basically allowed me to call the new smb_filename version of stat, while avoiding plumbing it through callers that are still too inconvenient. As the conversion moves along, I will be able to remove callers of this, with the goal being to remove all callers. There was also a bug in create_synthetic_smb_fname_split (also a temporary utility function) that caused it to incorrectly handle filenames with ':'s in them when in posix mode. This is now fixed.
2009-06-17s3: Change SMB_VFS_OPEN to take an smb_filename structTim Prouty1-5/+15
This was a little messy because of all of the vfs modules I had to touch. Most of them were pretty straight forward, but the streams modules required a little attention to handle smb_filename. Since the use of smb_filename enables the vfs modules to access the raw, over-the-wire stream, a little bit of the handling that was being done by split_ntfs_stream_name has now been shifted into the individual stream modules. It may be a little more code, but overall it gives more flexibility to the streams modules, while also allowing correct stream handling.
2009-05-26Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STATVolker Lendecke1-2/+2
This patch introduces struct stat_ex { dev_t st_ex_dev; ino_t st_ex_ino; mode_t st_ex_mode; nlink_t st_ex_nlink; uid_t st_ex_uid; gid_t st_ex_gid; dev_t st_ex_rdev; off_t st_ex_size; struct timespec st_ex_atime; struct timespec st_ex_mtime; struct timespec st_ex_ctime; struct timespec st_ex_btime; /* birthtime */ blksize_t st_ex_blksize; blkcnt_t st_ex_blocks; }; typedef struct stat_ex SMB_STRUCT_STAT; It is really large because due to the friendly libc headers playing macro tricks with fields like st_ino, so I renamed them to st_ex_xxx. Why this change? To support birthtime, we already have quite a few #ifdef's at places where it does not really belong. With a stat struct that we control, we can consolidate the nanosecond timestamps and the birthtime deep in the VFS stat calls. At this moment it is triggered by a request to support the birthtime field for GPFS. GPFS does not extend the system level struct stat, but instead has a separate call that gets us the additional information beyond posix. Without being able to do that within the VFS stat calls, that support would have to be scattered around the main smbd code. It will very likely break all the onefs modules, but I think the changes will be reasonably easy to do.
2009-03-04Fix crashes when running RAW-ACLs against system with tdb ACL modulesJeremy Allison1-2/+2
(caused by the POSIX pathname fixes). Jeremy.
2009-02-25Use fsp->posix_open in preference if we have it.Jeremy Allison1-5/+5
Jeremy.
2009-02-25Ensure ACL modules work with POSIX paths.Jeremy Allison1-20/+69
Jeremy.
2009-02-19s3: Add extid to the dev/inode pairTim Prouty1-0/+6
This extends the file_id struct to add an additional generic uint64_t field: extid. For backwards compatibility with dev/inodes stored in xattr_tdbs and acl_tdbs, the ext id is ignored for these databases. This patch should cause no functional change on systems that don't use SMB_VFS_FILE_ID_CREATE to set the extid. Existing code that uses the smb_share_mode library will need to be updated to be compatibile with the new extid.
2009-01-15s3: Remove an incorrect constTim Prouty1-1/+1
2009-01-16s3:vfs_acl_tdb: don't leak state_path() to talloc_tos() in acl_tdb_init()Michael Adam1-0/+2
Michael
2009-01-12Covert several persistant tdb files to use state_path() instead of lock_path()Steven Danneman1-1/+1
2008-12-31Rename parent_dirname_talloc() to parent_dirname()Volker Lendecke1-4/+1
2008-12-18Comment out the parent inheritance code (this is incorrect) as wasJeremy Allison1-0/+2
done for POSIX ACLs. Jeremy.
2008-11-19Add functions to delete NTACL on posix ACL set.Jeremy Allison1-77/+135
Jeremy.
2008-11-13Move v2 from timestamp to 16-byte hash. Got the change in before on disk ↵Jeremy Allison1-20/+10
format is fixed. Jeremy.
2008-11-11[s3]vfs_acl_tdb: fix the build.Michael Adam1-1/+1
ndr_push_struct_blob has a different signature in master as well. Michael
2008-11-10Fix the build (ndr_pull_struct_blob has a different signature in master).Jeremy Allison1-1/+1
Jeremy.
2008-11-10Added vfs_acl_tdb.c module to do ACLs completely in userspace. Passes all of ↵Jeremy Allison1-0/+843
RAW-ACLS except for the last test which uses a non-POSIX chown. More testing/documentation to follow. Jeremy.