summaryrefslogtreecommitdiff
path: root/source3/smbd/posix_acls.c
AgeCommit message (Collapse)AuthorFilesLines
2012-05-17s3-smbd: Avoid creating a UID ACL entry for SIDs that are mapped as ↵Andrew Bartlett1-0/+35
ID_TYPE_BOTH The GID ACL entry is what will be mapped in most cases, and so is sufficient. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 17 05:08:44 CEST 2012 on sn-devel-104
2012-05-17s3-smbd: Consider a group with the same SID as sufficient duplicationAndrew Bartlett1-0/+7
This code is to ensure that the user does not loose rights when their file ownership is taken away. If the owner (an IDMAP_BOTH SID) appears as a group then a duplicate user is not required. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3-smbd: Handle ID_TYPE_BOTH by mapping to both a group ACL entry and file ↵Andrew Bartlett1-39/+109
ownership This will allow groups, such as domain administrators, to own files while correctly handling the rest of the ACL permissions. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17We need to split things up into a new helper function ↵Andrew Bartlett1-172/+184
add_current_ace_to_acl() in order for there to be more posix ACL elements than NT ACL elements (so a group SID can own a file, but also get the group permissions that will be honoured) Andrew Bartlett Slightly modified by Jeremy to reduce diff size. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17This covers a case where an ID_TYPE_BOTH mapping creates group permissions, ↵Jeremy Allison1-2/+5
but must own the file. Based on an original patch by Andrew Bartlett.
2012-05-17s3-smbd: Do not merge UID ACE values with GID ACE values for posix ACLAndrew Bartlett1-5/+12
This might happen when we get a SID mapped to IDMAP_BOTH. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-09s3-smbd: Fix the creation of duplicate SMB_ACL_GROUP entriesAndrew Bartlett1-2/+2
The issue was a simple copy and paste bug, which casued a duplicate SMB_ACL_GROUP to be added when we already had one. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 9 13:17:29 CEST 2012 on sn-devel-104
2012-03-13Second part of fix for bug #7933 - samba fails to honor SEC_STD_WRITE_OWNER ↵Jeremy Allison1-4/+6
bit with the acl_xattr module. Error found by Andrew Bartlett <abartlet@samba.org> and Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Don't use a pointer when you really mean a bool flag. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Mar 13 21:56:15 CET 2012 on sn-devel-104
2012-02-03Ensure when setting a POSIX ACL, that the uid for aJeremy Allison1-0/+60
SMB_ACL_USER_OBJ ACE (the owner ACE entry) has a duplicate permission entry as an SMB_ACL_USER, and a gid for a SMB_ACL_GROUP_OBJ ACE (the primary group ACE entry) also has a duplicate permission entry as an SMB_ACL_GROUP. If not, then if the ownership or group ownership of this file or directory gets changed, the user or group can lose their access.
2012-02-03Fix mistaken assignment of gid to uid field.Jeremy Allison1-1/+1
2012-02-03Replace bool flags inside ensure_canon_entry_valid() with pointers.Jeremy Allison1-11/+12
This will make the second tweak to the ACL mapping on set easier.
2012-02-03Replace all malloc/free with talloc on tos.Jeremy Allison1-41/+41
2011-11-29Fix bug 8631 - POSIX ACE x permission becomes rx following mapping to and ↵Jeremy Allison1-2/+2
from a DACL Reported by David Disseldorp. Fix based on a patch by David. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Nov 29 22:32:27 CET 2011 on sn-devel-104
2011-09-09Second part of fix for bug #8443 - Default user entry is set to minimal ↵Jeremy Allison1-8/+11
permissions on incoming ACL change with no user specified. Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Sep 9 00:26:08 CEST 2011 on sn-devel-104
2011-09-08First part of fix for bug #8443 - Default user entry is set to minimal ↵Jeremy Allison1-58/+2
permissions on incoming ACL change with no user specified. create_default_mode() is not needed - it's taken care of by code inside ensure_canon_entry_valid().
2011-09-08Revert "Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid ↵Jeremy Allison1-11/+8
for set (Invalid argument)" This belongs as part of the bugfix for bug #8443 - Default user entry is set to minimal permissions on incoming ACL change with no user specified. Not as part of #7509. This reverts commit 2a1453e2318af77a79180f3137f8a8d3f1240233. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Sep 8 08:50:12 CEST 2011 on sn-devel-104
2011-09-07Revert "Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid ↵Jeremy Allison1-21/+4
for set (Invalid argument)" This reverts commit 17f6e0272370f764d4a0053c8e74f20b0444c721. Using the existing default permissions for group access is incorrect when no such permissions are given in the incoming ACL. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Sep 7 03:50:21 CEST 2011 on sn-devel-104
2011-09-03Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-4/+21
(Invalid argument) Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
2011-09-02Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-8/+11
(Invalid argument) Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user.
2011-09-02Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-7/+6
(Invalid argument) Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately inside ensure_canon_entry_valid().
2011-09-02Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-0/+38
(Invalid argument) Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in a default(directory) ACL set.
2011-09-02Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-72/+0
(Invalid argument) Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect and causes the POSIX ACL ACL_USER_OBJ duplication.
2011-06-09s3-talloc Change TALLOC_ZERO_ARRAY() to talloc_zero_array()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_ARRAY isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_P() to talloc()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_P isn't standard talloc.
2011-03-30Fix bug #7996 - sgid bit lost on folder rename.Jeremy Allison1-1/+1
Refuse to set dos attributes into unix mode bits on such a folder.
2011-03-30s3-auth: smbd needs auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3: include smbd/smbd.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-passdb: use passdb headers where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-trans2: only include trans2.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-27s3: Fix Coverity ID 2329: RESOURCE_LEAKVolker Lendecke1-0/+1
2011-03-27s3: Fix Coverity ID 2330: RESOURCE_LEAKVolker Lendecke1-0/+1
2011-03-01s3-auth struct security_unix_token replaces UNIX_USER_TOKENAndrew Bartlett1-2/+2
2011-02-05Fix try_chown code. Use new vfs_chown_fsp() which always trys fd first.Jeremy Allison1-75/+42
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Feb 5 03:33:59 CET 2011 on sn-devel-104
2010-12-29Fix bug #7892 - open_file_fchmod() leaves a stale lock.Jeremy Allison1-2/+2
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Dec 29 02:15:23 CET 2010 on sn-devel-104
2010-10-22Revert "Wrap security_token_has_privilege() with a check for ↵Jeremy Allison1-2/+2
lp_enable_privileges(). Needed" Not needed - privileges code prevents "enable privileges = no" from adding privileges anyway. This reverts commit a8b95686a7bde3f96f141b6938e24e101567ef54. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 22 23:41:36 UTC 2010 on sn-devel-104
2010-10-22Wrap security_token_has_privilege() with a check for lp_enable_privileges(). ↵Jeremy Allison1-2/+2
Needed to maintain compatibility with smb.conf manpage. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104
2010-10-15Add make_default_filesystem_acl() function to be used in following change to ↵Jeremy Allison1-0/+110
acl_xattr and acl_tdb module.
2010-10-15Fix handling of "NULL" DACL. Map to u/g/w - rwx.Jeremy Allison1-23/+33
Jeremy.
2010-10-15Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if ↵Jeremy Allison1-0/+8
they can't be mapped.
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-1/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-11Make the posix ACL module cope with a NULL incoming DACL and aJeremy Allison1-0/+31
missing owner/group. Jeremy.
2010-10-08Fix bug 7716 - acl_xattr and acl_tdb modules don't store unmodified copies ↵Jeremy Allison1-1/+13
of security descriptors. As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed a const pointer to a security descriptor, still modifies the ACE entries within it (which are not const pointers). This means ACLs stored in the extended attribute by the acl_xattr module have already been modified by the POSIX acl layer, and are not the original intent of storing the "unmodified" ACL from the client. Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that is what is then modified inside smbd/posix_acl.c, leaving the original ACL to be correctly stored in the xattr. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104
2010-09-20s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner1-17/+18
Guenther
2010-09-11s3-privs Convert from user_has_privileges() -> security_token_has_privilege()Andrew Bartlett1-4/+2
This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-06-10s3-smbd: Fix typo in comment.Karolin Seeger1-1/+1
Karolin
2010-06-03s3-security: remove duplicate Extra W2K flags.Günther Deschner1-1/+1
Guenther
2010-06-03s3-security: use shared SECINFO_DACL define.Günther Deschner1-6/+6
Guenther
2010-06-03s3-security: use shared SECINFO_GROUP define.Günther Deschner1-2/+2
Guenther