Age | Commit message (Collapse) | Author | Files | Lines |
|
This interface actually needs to match the get_nt_acl interface in
that the system ACL implmenetation may not be posix ACLs, and the blob
is not meant to be enforced to be of a particular system ACL
structure.
Andrew Bartlett
|
|
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett
|
|
This changes from allocation on NULL to allocation on the supplied
memory context.
Currently that supplied context is talloc_tos() at the the final consumer of
the ACL.
Andrew Bartlett
|
|
Signed-off-by: Jim McDonough <jmcd@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Sep 28 19:28:49 CEST 2012 on sn-devel-104
|
|
The op enum is used by audit_opname() as an index into the vfs_op_names
array, so any decrepencies cause bogus audit log entries.
Signed-off-by: Jim McDonough <jmcd@samba.org>
|
|
Plumb-in functions and use correct return types.
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Sep 20 20:42:09 CEST 2012 on sn-devel-104
|
|
|
|
This will allow us to hash this, rather than the NT ACL it maps to.
This will in turn allow us to know if the NT ACL is valid even if we
have to change the mapping code.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 12 07:06:01 CEST 2012 on sn-devel-104
|
|
We no longer do struct smb_acl_t manipuations via the VFS layer,
which is now reduced to handling the get/set functions.
The only backend that implemented these functions (aside from audit)
was the vfs_default module calling the sys_acl code. The various ACL
implementation modules either worked on the fully initilaised
smb_acl_t object or on NT ACLs.
This not only makes the operation of the posix ACL code more efficient
(as allocation and free is not put via the VFS), it makes it easier to
test and removes the fantasy that a module could safely redefine this
structure or the behaviour here.
The smb_acls.idl now defines the structure, and it is now allocated
with talloc.
These operations were originally added to the VFS in commit
3bb219161a270f12c27c3bc7e1220829c6e9f284.
Andrew Bartlett
|
|
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().
A simple patch, but hits a lot of files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Now that we always require a 64 bit off_t, we no longer need SMB_OFF_T.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Apr 6 01:47:43 CEST 2012 on sn-devel-104
|
|
If this is ever needed again, it would be more appropriate as an options argument
to removexattr.
Andrew Bartlett
|
|
If this is ever needed again, it would be more appropriate as an options argument
to listxattr.
Andrew Bartlett
|
|
If this is ever needed again, it would be more appropriate as an options argument
to listxattr.
Andrew Bartlett
|
|
|
|
|
|
|
|
This removes a dependency on "struct notify_entry" and makes the nature of the
API more explicit. We depend upon the VFS module to mask out elements from
e->filter and e->subdir_filter that it took over to handle.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Mon Mar 26 17:45:44 CEST 2012 on sn-devel-104
|
|
|
|
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Mon Dec 12 04:58:40 CET 2011 on sn-devel-104
|
|
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is closer to the layout of struct auth_session_info in auth.idl
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
This defines a common table format, so we can in future define a
common table.
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
|
|
returns malloc'ed memory.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 1 04:06:12 CEST 2011 on sn-devel-104
|
|
|
|
Found by freeserif@yahoo.com.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed May 25 22:37:23 CEST 2011 on sn-devel-104
|
|
without the proper terminations of the enums, invalid arguments
for the audit modules will lead to a smbd crash as the loop in
lp_enum() will attempt to access memory behind the array
|
|
This should finally fix the AIX build and allow to remove AIX specific ifdefs.
Guenther
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Apr 21 02:01:20 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
|
|
|
|
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
open by NtCreateX.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Feb 9 00:55:22 CET 2011 on sn-devel-104
|
|
vfs_fallocate_mode parameter.
It turns out we need the fallocate operations to be able to both
allocate and extend filesize, and to allocate and not extend
filesize, and posix_fallocate can only do the former. So by defining
the vfs op as posix_fallocate we lose the opportunity to use any
underlying syscalls (like Linux fallocate) that can do the latter
as well.
We don't currently use the non-extending filesize call, but now
I've changed the vfs op definition we can in the future. For the
moment simply map the fallocate op onto posix_fallocate for the
VFS_FALLOCATE_EXTEND_SIZE case and return ENOSYS for the
VFS_FALLOCATE_KEEP_SIZE case.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Dec 18 08:59:27 CET 2010 on sn-devel-104
|
|
Jeremy.
|
|
module, change the signature of VFS_REALPATH to always return a
malloc'ed string.
Needed to make some privileges work I plan on doing shortly
easier to code.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Nov 20 02:15:50 CET 2010 on sn-devel-104
|
|
This reduces precompiled headers by another 4 MB and also slightly speeds up the
build.
Guenther
|