Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.
Guenther
|
|
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
|
|
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.
Jeremy.
|
|
|
|
samba.
Guenther
|
|
Add good error message for share modification denial.
Jeremy.
|
|
metze
|
|
caller know if the path has a wildcard
This also eliminates the need for resolve_dfspath().
|
|
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
|
|
Fix a couple more unix_convert uses to filename_convert.
Fix bug in acl_group_override() where an uninitialized
struct could be used. Move unix_convert with wildcard
use in SMBsearch reply to boilerplate code.
Jeremy.
|
|
pull the pathname, then call resolve_dfspath(), before unix_convert().
Jeremy.
|
|
|
|
This step is a requirement to change SMB_VFS_CREATEFILE to take an
smb_filename struct.
|
|
|
|
Without this, remotely adding a share via MMC fails
|
|
Guenther
|
|
Guenther
|
|
|
|
Guenther
|
|
|
|
This replaces the is_dos_path bool with a more future-proof argument.
The next step is to plumb INTERNAL_OPEN_ONLY through this flag instead
of overridding the oplock_request.
|
|
Now unix paths can be differentiated from windows paths so the
underlying create_file implementations can convert paths correctly.
|
|
Modify all callers of create_file to go through SMB_VFS_CREATE_FILE
|
|
|
|
srvsvc needs it, as will printing
|
|
previously present in Samba 3.
|
|
on the way to get rid of chain_fsp
|
|
to specific bits every time a security descriptor is set. The S4 torture suite proves
that generic bits are not returned when querying an ACL set using them (ie. only
the specific bits are stored on disk).
Jeremy.
|
|
parm_err is not a ref pointer.
Guenther
|
|
There were two bugs in those routines: They did not send INTERNAL_OPEN_ONLY to
open_file_ntcreate() and they did not chdir, so the file could never be found.
While there I decided to remove the become_root() calls and call create_file()
instead of the lower-level routines.
(This used to be commit 669771738422776f8c81086ffea4924b62d72957)
|
|
Very likely the client is not interested in the values for the IPC$ share :-)
(This used to be commit 40ca5764cf4310769c002b8cb6041fe2af4e6d0b)
|
|
Jeremy.
(This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
|
|
as they are no longer needed now we have IDL marshalling.
Change the calculation of the 32-bit fileid we return
to a Windows client. We can't just use the generation
count as it starts at zero for every smbd - and this
command must enumerate all files open across all smbds.
We'd really like combination of process-id + dev + inode +
generation count to be unique, but as we can't fit that
into 32 bits just use 16 bits of pid + generation count.
Jeremy.
(This used to be commit 8b926d5a93d04b828990057ae6f1e090764305c1)
|
|
This reverts commit 1078b5c53ae9d6f9532eecebf9cf4a1712200b7e.
This message doesn't match the actual change.
(This used to be commit a65abb49cf8d291c7deb659912c0df34ec37da02)
|
|
Jeremy.
(This used to be commit 1078b5c53ae9d6f9532eecebf9cf4a1712200b7e)
|
|
Jeremy.
(This used to be commit 2281274480d8cf9e773874301dbbc7bf06346901)
|
|
the IDL is documented incorrectly in the MS-DOCS.
Username and path need to be reversed (yes I will
raise this with MS). Secondly, we need to check
access_mask for the permissions, not share_access
(share_access are the deny modes).
Jeremy.
(This used to be commit bdaad19f90e991aba2afccfa13afbbfe2ac7baaf)
|
|
SMB_VFS_FGET_NT_ACL instead. I'd like to ultimately
remove SMB_VFS_GET_NT_ACL.
Jeremy.
(This used to be commit 4221937b68e2414295279b27c5f12a80f826ed4b)
|
|
this can only be done via fset_nt_acl() using an open
file/directory handle. I'd like to do the same with
get_nt_acl() but am concerned about efficiency
problems with "hide unreadable/hide unwritable" when
doing a directory listing (this would mean opening
every file in the dir on list).
Moving closer to rationalizing the ACL model and
maybe moving the POSIX calls into a posix_acl VFS
module rather than having them as first class citizens
of the VFS.
Jeremy.
(This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed)
|
|
being (correctly) used in the can_read/can_write checks for hide unreadable/unwritable
and this is more properly done using the functions in smbd/file_access.c.
Preparing to do NT access checks on all file access.
Jeremy.
(This used to be commit 6bfb06ad95963ae2acb67c4694a98282d3b29faa)
|
|
Guenther
(This used to be commit 776facabf6f09f643d6dc526aa83f8db517465f9)
|
|
Guenther
(This used to be commit b4d944e724f7ae2a97ba788b185aba7b7308b475)
|
|
Guenther
(This used to be commit 2fd90b62d7e61fa0c23f8f41e9f12fc16f29a8b1)
|
|
Günther, please check -- in all infolevels we do a comment=talloc_strdup
Thanks,
Volker
(This used to be commit e2021c5b5710768968ae724220eb1e3f47c9e639)
|