summaryrefslogtreecommitdiff
path: root/source3/smbd/posix_acls.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r18745: Use the Samba4 data structures for security descriptors and security ↵Jelmer Vernooij1-27/+27
descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
2007-10-10r18605: sync dlinklist.h with samba4, that means DLIST_ADD_END()Stefan Metzmacher1-10/+6
and DLIST_DEMOTE() now take the type of the tmp pointer not the tmp pointer itself anymore. metze (This used to be commit 2f58645b7094e81dff3734f11aa183ea2ab53d2d)
2007-10-10r18603: Add in the NFSv4 ACL mapping code from IBM.Jeremy Allison1-3/+3
Sorry for the delay :-). Jeremy. (This used to be commit a52fa218952ffcd784ea31e947aa4d17dfdc8ee0)
2007-10-10r17367: Reverting the ab code. Note I'm not saying thisJeremy Allison1-3/+3
code is wrong or bad or anything, just that it needs to be discussed & reviewed on the samba-technical list before we add a platform-specific NFSv4 mapping. That way lies a lot of future pain :-). Jeremy. (This used to be commit 330899ec30ffceb798e3a8362d20e103e20b2897)
2007-10-10r17358: Re-add JFS2 NFS4 ACLs support, move readme for it into AIX-specific ↵Alexander Bokovoy1-3/+3
examples directory. (This used to be commit c085355c323c65ee782516859eed8a76b53e6035)
2007-10-10r17354: Revert -r 17353 per Volker request while gpfs compatibility layer ↵Alexander Bokovoy1-3/+3
code will be released. (This used to be commit 5b1db0151461af18d994359e86c649922fc6de65)
2007-10-10r17353: Add support for JFS2 NFS4/AIXC and GPFS acls based on NFSv4 ACLs.Alexander Bokovoy1-3/+3
(This used to be commit 72312cb2e255301f978455a559461ad83b13b6cb)
2007-10-10r17348: Some C++ warningsVolker Lendecke1-3/+3
(This used to be commit ae6b9b34e59167e3958bfdb9997fa25340b9a0a3)
2007-10-10r17295: Back out the become_root_uid_only change on the POSIXJeremy Allison1-12/+12
acls code. I'm pretty sure this was safe, but become_root() does other things to the token stack that become_root_uid_only() does not, and as we're going into a vfs redirectred function I decided it wasn't safe for now. Jeremy. (This used to be commit b3e0f45488595aa96c852dab8e1349631a85dded)
2007-10-10r17294: Make the code a little cleaner. Instead of using the twoJeremy Allison1-12/+12
calls make it : become_root_uid_only() operation unbecome_root_uid_only() saving errno across the second call. Most of our internal change calls can be replaced with these simple calls. Jeremy (This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)
2007-10-10r17179: Merge the vl-posixacls tmp branch into mainline. ItJim McDonough1-11/+3
modularizes our interface into the special posix API used on the system. Without this patch the specific API flavor is determined at compile time, something which severely limits usability on systems with more than one file system. Our first targets are AIX with its JFS and JFS2 APIs, at a later stage also GPFS. But it's certainly not limited to IBM stuff, this abstraction is also necessary for anything that copes with NFSv4 ACLs. For this we will check in handling very soon. Major contributions can be found in the copyright notices as well as the checkin log of the vl-posixacls branch. The final merge to 3_0 post-3.0.23 was done by Peter Somogyi <psomogyi@gamax.hu> (This used to be commit ca0c73f281a2a65a988094a46bb3e46a94011a53)
2007-10-10r17125: Drastic problems require drastic solutions. There'sJeremy Allison1-33/+155
no way to get all the cases where kernel oplocks are on and we can't open the file and get the correct semantics (think about the open with truncate with an attribute only open - we'd need a vfs change to add the truncate(fname, len) call). So always drop the share mode lock before doing any real fd opens and then re-acquire it afterwards. We're already dealing with the race in the create case, and we deal with any other races in the same way. Volker, please examine *carefully* :-). This should fix the problems people reported with kernel oplocks being on. Jeremy. (This used to be commit 8171c4c404e9f382880c65daa0232f89e560f399)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison1-3/+9
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16616: Klocwork #2025. Stop null deref. I actually don'tJeremy Allison1-1/+1
think this can happen in real life but the code is too complicated to be sure.... Jerry please merge this for 3.0.23. Jeremy. (This used to be commit 1e5042d4c0d1a0d0a5cfbcb0d47815e1510ee52a)
2007-10-10r14855: Various fixes:Gerald Carter1-7/+9
* depreacte 'acl group control' after discussion with Jeremy and implement functionality as part of 'dos filemode' * fix winbindd on a non-member server to expand local groups * prevent code previously only used by smbd from blindly turning _NO_WINBINDD back on (This used to be commit 4ab372f4cab22225716b5c9a9a08f0c1dbc9928d)
2007-10-10r14357: Try and fix Coverity #169 by making the pointerJeremy Allison1-4/+6
aliasing clearer. This isn't a bug but a code clarification. Jeremy. line, and those below, will be ignored-- M source/smbd/posix_acls.c (This used to be commit b8397c9f33424e0d1ed3ff849e1c99812f978000)
2007-10-10r14207: Convert the lp_acl_compatibility() param into an enum.James Peach1-3/+3
(This used to be commit 5429c495c538e416010cf44e1d6fb771770a72ae)
2007-10-10r13759: As pointed out by Volker, it isn't much good creatingJeremy Allison1-0/+15
a new empty acl in remove_posix_acl if you don't bother to set it on the file in question :-). Jeremy. (This used to be commit 12eccc8fe4ed043698970de42921757eb0448c84)
2007-10-10r13497: Fix #3508 from jason@ncac.gwu.eduJeremy Allison1-4/+8
Jeremy. (This used to be commit a28bc614a0eb8409a98b254b32ad17c50c2eec0e)
2007-10-10r13494: Merge the stuff I've done in head the last days.Volker Lendecke1-9/+1
Volker (This used to be commit bb40e544de68f01a6e774753f508e69373b39899)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-5/+5
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13293: Rather a big patch I'm afraid, but this should fix bug #3347Jeremy Allison1-15/+15
by saving the UNIX token used to set a delete on close flag, and using it when doing the delete. libsmbsharemodes.so still needs updating to cope with this change. Samba4 torture tests to follow. Jeremy. (This used to be commit 23f16cbc2e8cde97c486831e26bcafd4ab4a9654)
2007-10-10r13125: Very well spotted crash bug fix for #3343 fromJeremy Allison1-2/+0
SATOH Fumiyasu <fumiyas@miraclelinux.com> Jerry please pick this up for 3.0.21b. Jeremy. (This used to be commit 3f5860b8fb37e854ccf5d9a80848ef759154f88c)
2007-10-10r12885: Oops. Missed last part of correct patch for #3348.Jeremy Allison1-1/+0
Caught by Samba4 oplock torture tester. Jeremy. (This used to be commit c2476b2f75f6521700107a46028f54110083aa52)
2007-10-10r12653: Patch from SATOH Fumiyasu <fumiyas@miraclelinux.com>Jeremy Allison1-2/+7
for bug #3348. Don't assume owning sticky bit directory means write access allowed. Jeremy. (This used to be commit 1032aa890f53097f87fa97689cb21d908b32093c)
2007-10-10r12194: Ensure that when we set a connection path we've canonicalizedJeremy Allison1-3/+3
the name (must be abolute - start with /, must not end in /, must have ./ and ../ removed). Of course for realpath resolved paths this won't be the case but for others we need this name to be canonicalized. This name is going into the sharemode db for #3303 so needs to be in a normalized format. Jeremy. (This used to be commit 22e3300911809692b595f49e87d91e3111923e6a)
2007-10-10r11237: Fix acl evaluation bug found by Marc Cousin <mcousin@sigma.fr>Jeremy Allison1-14/+34
We should only check the S_IWGRP permissions if we haven't already seen an owning group SMB_ACL_GROUP_OBJ ace entry. If there is an SMB_ACL_GROUP_OBJ ace entry then the group bits in st_gid are the same as the SMB_ACL_MASK bits, not the SMB_ACL_GROUP_OBJ bits. Thanks to Marc Cousin <mcousin@sigma.fr> for pointing this out. Jeremy. (This used to be commit 7e1318e09bd4b155707020142b08776a546a646e)
2007-10-10r11060: merging new eventlog code from trunkGerald Carter1-0/+55
(This used to be commit 1bcf7e82ede63a851a244162a3b939373787b693)
2007-10-10r10885: Fix bug where read-only share files are always seen asJeremy Allison1-4/+1
read-only. Noticed by Andrew Bartlett. Jeremy (This used to be commit a33f4f0d2afe28ca0e3ab6c9ecfcdbaa267a7fbe)
2007-10-10r9952: Adapt better to the Windows way of taking and assigning ownership:Günther Deschner1-11/+22
* Users with SeRestorePrivilege may chown files to anyone (be it as a backup software or directly using the ownership-tab in the security acl editor on xp), while * Users with SeTakeOwnershipPrivilege only can chown to themselves. Simo, Jeremy. I think this is correct now. Guenther (This used to be commit 1ef7a192eed457d302a08c692bb54a73a1af4afd)
2007-10-10r9946: allow the priv-based chown (se_take_ownership) to chown to other usersGünther Deschner1-1/+0
(not only to the current_user.uid). Jeremy, please have a look. Guenther (This used to be commit 8e48e8936ed59ed8d50b6eaa9954749168de3138)
2007-10-10r9293: Fix error path memory leak bug found by Coverity - also potential NULLJeremy Allison1-20/+28
deref bug (in unlikely error path) found by Coverity. Jeremy. (This used to be commit 9b5cc58f3abdb1945bfad340968ccabdfd040029)
2007-10-10r8615: Added "acl group control". Defaults to off. Docs to follow.Jeremy Allison1-34/+127
Jeremy. (This used to be commit f7b169ed57de81229c3b9089a05f4e73ea39010c)
2007-10-10r8547: Code tidyup from Jason Mader <jason@ncac.gwu.edu>. Bugid #2885.Jeremy Allison1-2/+0
Jeremy. (This used to be commit 4d69a682b3ab4f660455e6ea5a2970481a6ccffc)
2007-10-10r8219: Merge the new open code from HEAD to 3.0. Haven't yet run the tortureJeremy Allison1-20/+20
tests on this as it's very late NY time (just wanted to get this work into the tree). I'll test this over the weekend.... Jerry - in looking at the difference between the two trees there seem to be some printing/ntprinting.c and registry changes we might want to examine to try keep in sync. Jeremy. (This used to be commit c7fe18761e2c753afbffd3a78abff46472a9b8eb)
2007-10-10r7985: Add "acl map full control", true by default, to allow people to changeJeremy Allison1-7/+7
mapping of rwx to full control or not. Requested feature at SambaXP. Jeremy. (This used to be commit c870579f4cd91dc9e030134dd367109aed3e3469)
2007-10-10r7888: Fix use of "protected".Jeremy Allison1-11/+11
Jeremy. (This used to be commit af5fd615b37f555e5f2c7b9fef24299e99952a41)
2007-10-10r7693: Fix from James Peach @ SGI for null pointer ACL free.Jeremy Allison1-2/+6
Jeremy. (This used to be commit 000477943c3dd41fd44f2aef3755aa603ba5d595)
2007-10-10r7662: Allow someone with SeTakeOwnershipPrivilege to chown the userJeremy Allison1-6/+28
of a file to themself. Jeremy. (This used to be commit f3319e224db8f79baa10413e0e2a96d2bc871f38)
2007-10-10r6946: Allow mapping of POSIX ACLs to NT perms to differentiate between ↵Jeremy Allison1-6/+16
directories and files. Needed for Volker's coming changes. Jeremy. (This used to be commit b257744fdfd0a8d940ae834b3c21f0f298c7d1f9)
2007-10-10r6895: Add "acl check permissions" to turn on/off the new behaviour ofJeremy Allison1-9/+10
checking for write access in a directory before delete. Also controls checking for write access before labeling a file read-only if DOS attributes are not being stored in EA's. Docuementation to follow. Jeremy. (This used to be commit dd1a5e6e499dd721c5bb8d56a61810a7454a3449)
2007-10-10r6696: Another attempt to fix the (unreproducible for me) bug #2346 (read-onlyJeremy Allison1-6/+21
excel files). Ensures that any missing user ACL entry will be generated from a union of all group permissions that contain the user. Awaiting feedback from the reporters. Jeremy. (This used to be commit 874353e617b314429359e8e9516898f670bbf539)
2007-10-10r6533: Fix for bad comment from Andreas Gruenbacher <agruen@suse.de>.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 60325ab1281ebbe70665b5f763065ca60ee9f682)
2007-10-10r6385: Convert checking of egid and secondary egid list intoJeremy Allison1-32/+17
iterator functions so it can be used easily in a for loop. Drops duplicated code from posix_acls.c Jeremy. (This used to be commit 81f30bf5985f5c6dc8399c4695dfa6f14140fde1)
2007-10-10r6378: Other systems may not return 1 for checking WRITE permission.Jeremy Allison1-0/+13
Canaonicalise any +ve return to 1. Jeremy. (This used to be commit e594222d0ba7713088420f6c6603a74c1d5def8e)
2007-10-10r6365: Wow, how much worse does this get. From info provided byJeremy Allison1-0/+26
Eric Stewart <eric@lib.usf.edu> I realised we weren't checking against the current effective groupid (set by force group) as well as the group list. Fix this. Jeremy. (This used to be commit 0c4058c0732b1faa87ca64b8f95ad2fe3106a69f)
2007-10-10r6316: Remove over-cautious asserts. Damn wish I'd made the releaseJeremy Allison1-4/+9
with this.... Jeremy. (This used to be commit 11c464268df2a0a5155e93d4a7d053d2920fcff0)
2007-10-10r6263: Get rid of generate_wellknown_sids, they are const static and ↵Volker Lendecke1-8/+3
initializable statically. Volker (This used to be commit 3493d9f383567d286e69c0e60c0708ed400a04d9)
2007-10-10r6225: get rid of warnings from my compiler about nested externsHerb Lewis1-20/+8
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
2007-10-10r6060: It's not quite accurate to say not having write access causes a groupJeremy Allison1-8/+9
entry never to match - it matches but if doesn't grant access is recorded so the "other" entry isn't subsequently checked. Fix the algorithm. Jeremy. (This used to be commit e3c7d08bb68f51bc05768467feb0af896a059e91)