| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
execute aways"
3.6 and earlier allowed open for execution when execute permissions are
not present on a file. This has been fixed in Samba 4.0.
This patch changes smbd to skip the execute bit from the ACL check
in the open code if "acl allow execute always = yes", hence
re-establishing the old behaviour in this case.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
We don't have lck allocated yet at these points. Remove the TALLOC_FREE
calls that triggered me looking for the get_share_mode_lock calls.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
This flag existed to break an exclusive or batch oplock in just one
instead of two steps down to "no oplock" when we did an allocation or file
size change. Running raw.oplock against W2k12 differs in this respect
from W2k3: W2k12 takes two steps (via level2) to break to none. This
removes the special flag that we only had for compatibility with systems
older than W2k12...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 6 00:47:07 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Match Windows behavior.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 27 02:06:10 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Mon Apr 15 18:05:06 CEST 2013 on sn-devel-104
|
|
group
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
one sid
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
We do this if the idmap layer resolves Builtin_Administrators
as ID_TYPE_BOTH and if the current token has the
Builtin_Administrators SID or it's SYSTEM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
when evaluating file/directory ACE's.
If we can access the path to this file, by
default we have FILE_READ_ATTRIBUTES from the
containing directory. See the section.
"Algorithm to Check Access to an Existing File"
in MS-FSA.pdf.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
according to coding guidelines
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 17 14:37:58 CEST 2012 on sn-devel-104
|
|
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett
|
|
mask/directory mask parameters."
This reverts commit c251a6b0442abc13bc8be4ff8de324c1d7706a78.
Remove this as we're planning to remove the security mask,
directory security mask parameters and only use create mask/directory mask.
|
|
mask/directory mask parameters.
Currently we call FSET_NT_ACL to inherit any ACLs on create. However
FSET_NT_ACL uses the security mask/directory security mask parameters
instead of the create mask/directory mask parameters.
Swap them temporarily when creating to ensure the correct masks
are applied.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 2 22:27:17 CEST 2012 on sn-devel-104
|
|
With the prior code we assumed that we do not have kernel oplocks around
when we open a file because we handled samba-internal oplock breaks
before the open attempt.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Sep 29 19:29:36 CEST 2012 on sn-devel-104
|
|
With the simplified logic this became unnecessary
|
|
|
|
Look at this with "git diff -b" if you don't believe me :-)
|
|
This is a significant behaviour change: We do not open the file under
the share mode lock anymore. This might lead to more open calls in case
of oplock breaks or sharing violations, but those are slow error paths
and as such might be not too performance sensitive. The benefit of this
patch is a significant reduction of complexity of open_file_ntcreate()
|
|
With the new behaviour, we call fcb_or_dos_open after open_file(). It
is open_file() that sets up the fsp so that fcb_or_dos_open can find it
in the list of fsps. Avoid finding the fsp we are just setting up.
|
|
This is a 1:1 copy&paste of the oplock/sharemode code that we do before
an existing file is opened. It is a prerequiste for a patch that removes
all of that handling before we open the file.
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
The "else" is not necessary. In the if-branch we just returned.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 26 18:08:03 CEST 2012 on sn-devel-104
|
|
|
|
|
|
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 26 00:22:56 CEST 2012 on sn-devel-104
|
|
|
|
The "access_bits" clause is redundant. is_stat_open says that exactly
at least one of the stat_open_bits must be set and none else.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 25 20:05:06 CEST 2012 on sn-devel-104
|
|
|
|
To me this makes open_file_ntcreate a little easier to understand
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 25 10:08:15 CEST 2012 on sn-devel-104
|
|
blob.
If we aren't already granted DELETE access, check if we have
DELETE_CHILD in the containing directory.
|
|
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 21 22:36:57 CEST 2012 on sn-devel-104
|
|
Replaces blanket root allow if set. Set to 'false' for
all current callers.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 15 00:37:49 CEST 2012 on sn-devel-104
|
|
|
|
If this is set we should use it in preference to blindly assuming
root can do anything. Currently set to 'false' in (most) callers.
|
|
The only difference between batch and exclusive oplocks is the time of
the check: Batch is checked before the share mode check, exclusive after.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
|
