summaryrefslogtreecommitdiff
path: root/source3/modules/vfs_zfsacl.c
AgeCommit message (Collapse)AuthorFilesLines
2013-05-09vfs: Allow CREATOR GROUP to be used with vfs_zfsaclAndrew Bartlett1-1/+1
The solaris acl() code requires that both ACE_GROUP|ACE_IDENTIFIER_GROUP be set to indicate the @group permissions. Otherwise, it would return Invalid Paramter to clients. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
2013-05-09vfs: Remove unused security_info argument in vfz_zfsacl.cAndrew Bartlett1-3/+1
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-05-09vfs: Allocate SMB4ACL_T on an explict memory contextAndrew Bartlett1-11/+22
This ensures the caller knows exactly what the memory lifetime of this returned object is. This makes the NFSv4 ACL code consistent with the POSIX and NT ACL code, to avoid supprising developers who have worked on those other parts of the ACL code. Most of this patch is adding a memory context to the callers and passing it in. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
2013-05-09vfs: Add vfs_handle_struct argument to smb_set_nt_acl_nfs4 and the callbackAndrew Bartlett1-3/+3
This allows the callback to call xattr based storage functions that need this argument. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
2013-01-09s3: Fix vfs_zfsacl to compile.Ira Cooper1-3/+3
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-10-11vfs: Use a blocking function in vfs_zfsacl for system ACL blobsAndrew Bartlett1-0/+12
This is so we do not query some other module for the ACL blob, as zfs ACLs are not posix ACLs. We may add a linearisation later. Andrew Bartlett
2012-10-11smbd: Add mem_ctx to {f,}get_nt_acl VFS callAndrew Bartlett1-7/+11
This makes it clear which context the returned SD is allocated on, as a number of callers do not want it on talloc_tos(). As the ACL transformation allocates and then no longer needs a great deal of memory, a talloc_stackframe() call is used to contain the memory that is not returned further up the stack. Andrew Bartlett
2011-12-12vfs: Make function pointer names consistent. They all end in _fnRichard Sharpe1-8/+8
Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Mon Dec 12 04:58:40 CET 2011 on sn-devel-104
2011-07-08s3-zfsacl: Fix a debug messageVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Jul 8 11:22:55 CEST 2011 on sn-devel-104
2011-03-30s3-vfs acl modules: more non-linux build fixes.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Mar 30 16:00:02 CEST 2011 on sn-devel-104
2011-03-30s3-vfs: include smbd/smbd.h in vfs modules.Günther Deschner1-0/+1
Guenther
2011-01-30s3: On FreeBSD, compile zfsacl if sunacl.h is aroundVolker Lendecke1-0/+4
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Jan 30 12:17:49 CET 2011 on sn-devel-104
2011-01-13Fix bug #7909 - map SYNCHRONIZE acl permission statically in zfs_acl vfs module.Paul B. Henson1-0/+3
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jan 13 20:02:32 CET 2011 on sn-devel-104
2011-01-08s3: Fix some warnings in the zfsacl moduleVolker Lendecke1-15/+15
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Jan 8 13:42:20 CET 2011 on sn-devel-104
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner1-1/+1
Guenther
2010-01-11s3: Add a zfsacl:denymissingspecial parameterVolker Lendecke1-0/+10
When setting an ACL without any of the user/group/other entries, ZFS automatically creates them. This can at times confuse users a lot. This parameter denies setting such an acl, users explicitly have to for example set an ACE with everyone allowing nothing. Users need to be educated about this, but this helps avoid a lot of confusion.
2009-07-24Make the smbd VFS typesafeVolker Lendecke1-27/+10
2009-07-20s3: Finish plumbing the fsp->fsp_name smb_fname conversion through the modules.Tim Prouty1-5/+6
2008-11-25[s3]zfsacl: "return" is not a function.Michael Adam1-3/+3
Michael
2008-11-25[s3]zfsacl: Prevent calling POSIX ACL vfs methods on zfs share.Nils Goroll1-0/+83
This is a proposed fix for Bugs #5135 and #5446. Signed-off-by: Michael Adam <obnox@samba.org>
2008-10-07Update vfs version as I've added a const to the security_descriptor paramter ↵Jeremy Allison1-2/+2
in fset_nt_acl(). Need to watch the build farm to make sure I haven't broken the AIX or Solaris ACL modules. Jeremy.
2008-07-18Fix the build of vfs_zfsacl.cVolker Lendecke1-16/+1
(cherry picked from commit b83beeda44e1c8d485c2ad6bb8ee539cdcbe8bda) (This used to be commit b46ce28039e8829f5188574ebe84ff3b7d9e65bc)
2008-05-08Yay ! Remove a VFS entry. Removed the set_nt_acl() call,Jeremy Allison1-10/+0
this can only be done via fset_nt_acl() using an open file/directory handle. I'd like to do the same with get_nt_acl() but am concerned about efficiency problems with "hide unreadable/hide unwritable" when doing a directory listing (this would mean opening every file in the dir on list). Moving closer to rationalizing the ACL model and maybe moving the POSIX calls into a posix_acl VFS module rather than having them as first class citizens of the VFS. Jeremy. (This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed)
2008-01-06Remove superfluous parameter fd from SMB_VFS_FSET_NT_ACL().Michael Adam1-1/+1
Michael (This used to be commit 4f2d139a186048f08180378a877b69d2f80ad51f)
2008-01-06Remove superfluous fd parameter from SMB_VFS_FGET_NT_ACL().Michael Adam1-1/+1
Michael (This used to be commit c0c7c1223da29c68359dac64a340c1c710d5f3d2)
2007-12-19Change the prototype of the vfs function get_nt_acl().Michael Adam1-1/+0
Up to now, get_nt_acl() took a files_struct pointer (fsp) and a file name. All the underlying functions should need and now do need (after the previous preparatory work), is a connection_struct and a file name. The connection_struct is already there in the vfs_handle passed to the vfs functions. So the files_struct argument can be eliminated. This eliminates the need of calling open_file_stat in a couple of places to produce the fsp needed. Michael (This used to be commit b5f600fab53c9d159a958c59795db3ba4a8acc63)
2007-12-19Fix two debug statements: Add missing printf parameter.Michael Adam1-2/+2
Michael (This used to be commit 1c4f74551f48429ee3af2022101a97679e25cdea)
2007-12-19Reformatting: wrap long lines and remove trailing spaces.Michael Adam1-3/+7
Michael (This used to be commit f6db5a0d0571130f765d8a0fb4e20e61cc8b2487)
2007-12-19Prepare the zfs acl module for the api change in get_nt_acl().Michael Adam1-9/+28
Michael (This used to be commit 04258231dc654df077638edb7cb08542e39b7547)
2007-12-19Split smb_get_nt_acl_nfs4 into two (f- and non-f-variant).Michael Adam1-1/+1
This is the next step in preparation of a get_nt_acl prototype change. Michael (This used to be commit 7afeb1c6cb1bdb58d1e61c54ae215d947d8dc3ea)
2007-11-13Fix build of the zfs_acl module.Michael Adam1-1/+3
There was one caller of smb_get_nt_acl_nfs4() forgotten in the change of return value. Michael (This used to be commit 4d3e84a3b3a39d3d2c9b86affa16c8124b1496e5)
2007-11-13Make [f]get_nt_acl return NTSTATUSVolker Lendecke1-8/+8
(This used to be commit dcbe1bf942d017a3cd5084c6ef605a13912f795b)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-1/+1
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r24809: Consolidate the use of temporary talloc contexts.Volker Lendecke1-2/+2
This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
2007-10-10r23856: Add Jiri.Sasek@Sun.COM;s fix from Axel Apitz for ZFS ACLs.Jeremy Allison1-2/+49
Jeremy. (This used to be commit 6ba12b6cb9f69297731c73071b627e8d7fbc6d73)
2007-10-10r23801: The FSF has moved around a lot. This fixes their Mass Ave address.Andrew Tridgell1-2/+1
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23620: Convert set_nt_acl to return NTSTATUS. Also fix the chownJeremy Allison1-3/+3
return to correctly return NT_STATUS_INVALID_OWNER if it should be disallowed. Matches better what W2K3R3 does. NFSv4 ACL module owners, please examine these changes. Jeremy. (This used to be commit fc6899a5506b272f8cd5f5837ca13300b4e69a5f)
2007-10-10r23396: Make VFS callbacks static. Mark operations as OPAQUE because theyJames Peach1-8/+9
do not pass through. (This used to be commit b9d6eee5d4d0894ded88455675a470cbf04d8f45)
2007-10-10r22872: Add vfs_zfsacl module from Jiri Sasek <Jiri.Sasek@Sun.COM>.Jeremy Allison1-0/+186
Jeremy. (This used to be commit bd80db71e71fc05b8b4875c386d8d58612cdbb06)