summaryrefslogtreecommitdiff
path: root/source3/modules
AgeCommit message (Collapse)AuthorFilesLines
2010-03-15Remove the bool admin_user from conn struct. We no longer look at this to ↵Jeremy Allison1-1/+0
make access decisions. Jeremy.
2010-03-15Pass "connection_struct *conn" into functions that currently use ↵Jeremy Allison1-1/+1
"current_user.XXX" Will allow me to replace them with accessor functions. Jeremy.
2010-03-15Rever e80ceb1d7355c8c46a2ed90d5721cf367640f4e8 "Remove more uses of "extern ↵Jeremy Allison1-1/+1
struct current_user current_user;"." As requested by Volker, split this into smaller commits. Jeremy.
2010-03-12Missed a couple more uses of conn->server_info->ptok that need to be ↵Jeremy Allison1-7/+9
get_current_nttok(conn) Centralize the root check into smb1_file_se_access_check() so this is used by modules/vfs_acl_common.c also. Jeremy.
2010-03-12Remove more uses of "extern struct current_user current_user;".Jeremy Allison1-1/+1
Use accessor functions to get to this value. Tidies up much of the user context code. Volker, please look at the changes in smbd/uid.c to familiarize yourself with these changes as I think they make the logic in there cleaner. Cause smbd/posix_acls.c code to look at current user context, not stored context on the conn struct - allows correct use of these function calls under a become_root()/unbecome_root() pair. Jeremy.
2010-03-10vfs_netatalk: Segfault if hide files or veto files has no ".AppleDouble"SATOH Fumiyasu1-1/+1
2010-03-08s3: add vfs_crossrenameBjörn Jacke1-0/+200
this module adds optional server-side support for limited rename operations beyond filesystem boundaries, which was the previously the default.
2010-03-08s3: remove cross-device rename support from vfs_defaultBjörn Jacke1-116/+0
cross-device rename support has some major limitations: - on huge files clients will timeout or hang - ACLs and EA information is not retained Usually a client will have to handle this. A Windows Server with a reparse point will also just return NT_STATUS_NOT_SAME_DEVICE. We will now by default do the same. I will add a vfs module which will restore the old cross-device renames.
2010-03-05Fix for bug #7189 - Open txt files with notepad on samba shares creates problem.Jeremy Allison5-10/+24
Ensure we don't use any of the create_options for Samba private use. Add a new parameter to the VFS_CREATE call (private_flags) which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code). Rev. the VFS interface to version 28. Jeremy.
2010-03-02s3:vfs_aixacl2: add missing semicolonBjörn Jacke1-1/+1
fixes #7197. Thanks to William Jojo for the correction.
2010-02-28s3: vfs_full_audit.c: implement negated vfs_ops in the success/failure listHolger Hetterich1-24/+31
Supports negated arguments in configuration like: full_audit:success = all !readdir !telldir !closedir Update the manpage accordingly. Part of BSO#4025
2010-02-18s3-modules: fix get_acl_blob in the acl_tdb VFS module.Günther Deschner1-1/+1
Shuttle-reviewed by jra :) Guenther
2010-02-14s3-vfs: use TYPESAFE_QSORT() in s3 VFS modulesAndrew Tridgell2-8/+6
2010-02-10Fix bad use when freeing linked list. Todd Stecher (Original author) please ↵Jeremy Allison1-6/+8
check ! Jeremy.
2010-02-10s3-perfcount: update to use new DLIST macrosAndrew Tridgell2-3/+2
(cherry picked from commit a13b507f2d8be7f90c8872094cd0732926a6fcbb)
2010-02-09vfs_catia: fix return type warningsBjörn Jacke1-2/+2
2010-02-08Fix bug #6876 for acl_tdb module.Jeremy Allison1-2/+1
As pointed out by bj@sernet.de, the rmdir module initializer was duplicated. Fix this properly. Jeremy.
2010-02-07s3: fix build issue on Tru64Björn Jacke1-7/+7
Thanks, Volker for the hint - acl_type is a macro on Tru64. Renamed it to acltype. This fixes #7103.
2010-02-04Fix bug 7075 - bug in vfs_scannedonly rmdir implementation.Jeremy Allison1-1/+5
Check for NULL on opendir, correctly call next rmdir. Jeremy.
2010-02-04s3:vfs_scannedonly: fix build on HP-UXBjörn Jacke1-0/+6
2010-02-03s3: Simplify the code a bit: Catch (len==0) earlyVolker Lendecke1-7/+4
2010-02-02Fix bug 7081 - vfs_expand_msdfs doesn't work correctly (with fix identified)Jeremy Allison1-3/+16
Fix inspired by idea from Eric Horst <erich@cac.washington.edu>. Jeremy.
2010-01-29AIX doesn't have MSG_DONTWAITolivier1-1/+1
2010-01-21Add localtime parameter to shadow_copy2.Ed Plese1-0/+22
2010-01-21Add format parameter to shadow_copy2.Ed Plese1-11/+73
2010-01-21Add sort parameter to shadow_copy2.Ed Plese1-0/+62
2010-01-16Modification of fix for bug 6876 - Delete of an object whose parent folder ↵Jeremy Allison1-8/+5
does not have delete rights fails even if the delete right is set on the object Suggested by Volker. Reduce the surface area of the become_root() unbecome_root() code to reduce the chance of errors. Jeremy.
2010-01-14Part 4 of bug #7028 - include scannedonly VFS moduleOlivier Sessink1-13/+8
Fix some issues with handling names ending in '/'.
2010-01-12Fix bug #7034 - vfs_cap causes signal 11 (SIGSEGV)SASAJIMA Toshihiro1-1/+2
2010-01-12Fix two uses of strncat -> strlcat. Ensure proper use of strncpy when ↵Jeremy Allison1-3/+3
setting socket name. Jeremy.
2010-01-12Fix bug #6876 - Delete of an object whose parent folder does not have delete ↵Jeremy Allison3-1/+131
rights fails even if the delete right is set on the object. Final fix for the vfs_acl_xattr and vfs_acl_tdb code. Ensure we can delete a file even if the underlying POSIX permissions don't allow it, if the Windows permissions do. Jeremy.
2010-01-12s3: Lift the version of the scannedonly VFS moduleVolker Lendecke1-1/+1
2010-01-12s3: Add the "scannedonly" vfs virus scanner interface moduleOlivier Sessink1-0/+995
2010-01-11s3: Add a zfsacl:denymissingspecial parameterVolker Lendecke1-0/+10
When setting an ACL without any of the user/group/other entries, ZFS automatically creates them. This can at times confuse users a lot. This parameter denies setting such an acl, users explicitly have to for example set an ACE with everyone allowing nothing. Users need to be educated about this, but this helps avoid a lot of confusion.
2010-01-06vfs_commit: print warning when no fsync support is thereBjörn Jacke1-0/+2
this one was part of an old patch from jpeach.
2009-12-23Attempt to fix one of the last two bugs with the full Windows ACL support.Jeremy Allison1-0/+106
When returning an underlying ACL on a directory, normally on a POSIX system it has no inheritable entries, which breaks the Windows ACL when a user does a get/set of a Windows ACL on a POSIX directory with no existing stored Windows ACL from the Windows ACL editor. What happens is any new entry added by the user gets set inheritable, but none of the others entries are (as returned by default). So any new files then only inherit the single new ACE entry (the one marked inheritable by the ACL editor). Fix this by faking up a default 3 element inheritable ACL that represents what a user creating a POSIX file or directory will get by default from the smbd code. Jeremy.
2009-12-09s3: keep subsecond times on cross-filesystem moves and don't follow linksBjörn Jacke1-0/+22
2009-12-08s3: make sys_posix_fallocate more genericBjörn Jacke1-14/+11
this is in preparation for other preallocation methods to be introduced.
2009-12-08s3: allocate only "new" space, not "old" sparse space in the posix_fallocate ↵Björn Jacke1-2/+3
path this makes the posix_fallocate path work analogous to the manual allocate path.
2009-12-07parent_sd can never be null in this function, so don'tJeremy Allison1-1/+5
check for it. Jeremy.
2009-12-07Hopefullt final fix for 6802 - acl_xattr.c module: A created folder does not ↵Jeremy Allison3-267/+168
properly inherit permissions from parent and 6938 - No hook exists to check creation rights when using acl_xattr module Volker was right (dammit :-). It's much easier to catch this case in the create_file() vfs call instead of trying to do everything inside open() and mkdir(). Hook all these functions to gain the desired effect. Jeremy.
2009-12-03Remove smb_fname duplicates that just keep the same information as in ↵Jeremy Allison2-11/+0
fsp->fsp_name. Moving towards making VFS_OPEN/VFS_MKDIR/VFS_RMDIR handle based... Jeremy.
2009-12-02Remove unneeded argument from can_set_delete_on_close(). EnsureJeremy Allison1-2/+2
can_set_delete_on_close() is correctly called before any setting of the disposition bit (clean up the do_unlink() call). Jeremy.
2009-12-03ѕ3: remove superfluous option checkBjörn Jacke1-13/+10
this function is only called when strict alloc is set, no reason to check that twice.
2009-12-02Restructure the ACL code some more, get the internal semanticsJeremy Allison1-169/+130
right. The previous bugs were due to the fact that get_nt_acl_internal() could return an NTSTATUS error if there was no stored ACL blob, but otherwise would return the underlying ACL from the filysystem. Fix this so it always returns a valid acl if it can, and if it does not its an error to be reported back to the client. This then changes the inherit acl code. Previously we were trying to match Windows by setting a minimal ACL on a new file that didn't inherit anything from a parent directory. This is silly - the returned ACL wouldn't match the underlying UNIX permissions. The current code will correctly inherit from a parent if a parent has any inheritable ACE entries that apply to the new object, but will return a mapping from the underlying UNIX permissions if the parent has no inheritable entries. This makes much more sense for new files/directories. Jeremy.
2009-12-02Ensure check_parent_acl_common() only looks at storedJeremy Allison1-2/+16
blobs - returns NT_STATUS_OK if there aren't any. Jeremy.
2009-12-02s3: prefer posix_fallocate for doing "strict allocate"Björn Jacke1-4/+21
posix_fallocate is more efficient than manual zero'ing the file. When preallocation in kernel space is supported it's extremely fast. Support for preallocation at fs layer via posix_fallocate and fallocate at kernel site can be found in Linux kernel 2.6.23/glibc 2.10 with ext4, XFS and OCFS2. Other systems that I know of which support fast preallocation in kernel space are AIX 6.1 with JFS2 and recent Solaris versions with ZFS maybe UFS2, too. People who have a system with preallocation in kernel space might want to set "strict allocate = yes". This reduces file fragentation and it's also safer for setups with quota being turned on. As of today most systems still don't have preallocation in kernel space, and that's why "strict allocate = no" will stay the default for now.
2009-12-02Ensure get_nt_acl_internal() only looks at the ACL blobs, notJeremy Allison2-19/+23
reads off the underlying filesystem. Ensure that vfs_acl_tdb.c returns NT_STATUS_NOT_FOUND, not NT_STATUS_OBJECT_NAME_NOT_FOUND when it can't find a blob matching the file. Jeremy.
2009-11-30Fix DEBUG 0 -> DEBUG 10 (left over code).Jeremy Allison1-2/+4
Fix opendir status return if access denied. Jeremy.
2009-11-30Fix bug 6938 : No hook exists to check creation rights when using acl_xattr ↵Jeremy Allison3-7/+104
module Fix ACL modules to test for permissions on open/mkdir/opendir. Ensure that underlying ACLs are returned for directories/files with no Windows xattr or tdb acls stored. Jeremy.