summaryrefslogtreecommitdiff
path: root/source3/smbd/posix_acls.c
AgeCommit message (Collapse)AuthorFilesLines
2012-08-23s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snumAndrew Bartlett1-2/+2
I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett
2012-08-23s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum()Andrew Bartlett1-3/+8
This is required because the functions it calls use talloc_tos(). Andrew Bartlett
2012-08-16s3-smbd: Do not check no_acl_syscall_error(errno) after sys_acl_init()Andrew Bartlett1-11/+2
This is no longer a VFS call, so will no longer fail in this way. Andrew Bartlett
2012-08-15s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-opAndrew Bartlett1-2/+0
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
2012-08-15s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE()Andrew Bartlett1-16/+16
2012-08-15s3-smbd: Remove unused conn argument from convert_permset_to_mode_t()Andrew Bartlett1-3/+3
2012-08-15s3-smbd: Call sys_acl_set_permset() directly rather than via the VFSAndrew Bartlett1-7/+7
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFSAndrew Bartlett1-3/+3
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_set_tag_type() directly rather than via the VFSAndrew Bartlett1-6/+6
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_create_entry() directly rather than via the VFSAndrew Bartlett1-6/+6
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_add_perm() directly rather than via the VFSAndrew Bartlett1-6/+6
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_clear_perms() directly rather than via the VFSAndrew Bartlett1-2/+2
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_init() directly rather than via the VFSAndrew Bartlett1-3/+3
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_free_acl() directly rather than via the VFSAndrew Bartlett1-16/+16
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_get_entry() directly rather than via the VFSAndrew Bartlett1-6/+6
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFSAndrew Bartlett1-2/+2
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_get_qualifier() directly rather than via the VFSAndrew Bartlett1-2/+2
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_get_tagtype() directly rather than via the VFSAndrew Bartlett1-4/+4
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_get_permset() directly rather than via the VFSAndrew Bartlett1-7/+7
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-15s3-smbd: Call sys_acl_get_perm() directly rather than via the VFSAndrew Bartlett1-6/+6
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer, which will be reduced to handling the get/set functions. Andrew Bartlett
2012-08-10s3-smbd: Merge ACE entries based on mapped UID/GID not SIDAndrew Bartlett1-4/+4
As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL the merge process also needs to be UID/GID based. This is a problem when we have multiple builtin groups mapped to the same POSIX group as happens in a Samba4 provision. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-08-10s3-smbd: Convert posix_acls.c to use struct unixid internallyAndrew Bartlett1-57/+72
This is consistent with the rest of Samba which uses this structure to represent a unix uid or gid. World values remain represented by the owner_type being WORLD_ACE in the containing structure. A -1 value is filled in to the unixid.id in the same way the .world value was initialised in the union. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-08-10s3-smbd: Create a shortcut for building the token of a user by SID for ↵Andrew Bartlett1-10/+2
posix_acls When a user owns a file, but does not have specific permissions on that file, we need to make up the user permissions. This change ensures that the first thing that we do is to look up the SID, and confirm it is a user. Then, we avoid the getpwnam() and directly create the token via the SID. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-07-24lib/param: Move all enum declarations to lib/paramAndrew Bartlett1-0/+1
This is in preperation for the parameter table being made common. Andrew Bartlett Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-06-15s3:smbd: use FNUM_FIELD_INVALID instead of literal -1Michael Adam1-1/+1
This is in preparation of changing fnum to uint64_t Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-05-17s3-smbd: Avoid creating a UID ACL entry for SIDs that are mapped as ↵Andrew Bartlett1-0/+35
ID_TYPE_BOTH The GID ACL entry is what will be mapped in most cases, and so is sufficient. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 17 05:08:44 CEST 2012 on sn-devel-104
2012-05-17s3-smbd: Consider a group with the same SID as sufficient duplicationAndrew Bartlett1-0/+7
This code is to ensure that the user does not loose rights when their file ownership is taken away. If the owner (an IDMAP_BOTH SID) appears as a group then a duplicate user is not required. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3-smbd: Handle ID_TYPE_BOTH by mapping to both a group ACL entry and file ↵Andrew Bartlett1-39/+109
ownership This will allow groups, such as domain administrators, to own files while correctly handling the rest of the ACL permissions. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17We need to split things up into a new helper function ↵Andrew Bartlett1-172/+184
add_current_ace_to_acl() in order for there to be more posix ACL elements than NT ACL elements (so a group SID can own a file, but also get the group permissions that will be honoured) Andrew Bartlett Slightly modified by Jeremy to reduce diff size. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17This covers a case where an ID_TYPE_BOTH mapping creates group permissions, ↵Jeremy Allison1-2/+5
but must own the file. Based on an original patch by Andrew Bartlett.
2012-05-17s3-smbd: Do not merge UID ACE values with GID ACE values for posix ACLAndrew Bartlett1-5/+12
This might happen when we get a SID mapped to IDMAP_BOTH. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-09s3-smbd: Fix the creation of duplicate SMB_ACL_GROUP entriesAndrew Bartlett1-2/+2
The issue was a simple copy and paste bug, which casued a duplicate SMB_ACL_GROUP to be added when we already had one. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 9 13:17:29 CEST 2012 on sn-devel-104
2012-03-13Second part of fix for bug #7933 - samba fails to honor SEC_STD_WRITE_OWNER ↵Jeremy Allison1-4/+6
bit with the acl_xattr module. Error found by Andrew Bartlett <abartlet@samba.org> and Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Don't use a pointer when you really mean a bool flag. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Mar 13 21:56:15 CET 2012 on sn-devel-104
2012-02-03Ensure when setting a POSIX ACL, that the uid for aJeremy Allison1-0/+60
SMB_ACL_USER_OBJ ACE (the owner ACE entry) has a duplicate permission entry as an SMB_ACL_USER, and a gid for a SMB_ACL_GROUP_OBJ ACE (the primary group ACE entry) also has a duplicate permission entry as an SMB_ACL_GROUP. If not, then if the ownership or group ownership of this file or directory gets changed, the user or group can lose their access.
2012-02-03Fix mistaken assignment of gid to uid field.Jeremy Allison1-1/+1
2012-02-03Replace bool flags inside ensure_canon_entry_valid() with pointers.Jeremy Allison1-11/+12
This will make the second tweak to the ACL mapping on set easier.
2012-02-03Replace all malloc/free with talloc on tos.Jeremy Allison1-41/+41
2011-11-29Fix bug 8631 - POSIX ACE x permission becomes rx following mapping to and ↵Jeremy Allison1-2/+2
from a DACL Reported by David Disseldorp. Fix based on a patch by David. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Nov 29 22:32:27 CET 2011 on sn-devel-104
2011-09-09Second part of fix for bug #8443 - Default user entry is set to minimal ↵Jeremy Allison1-8/+11
permissions on incoming ACL change with no user specified. Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Sep 9 00:26:08 CEST 2011 on sn-devel-104
2011-09-08First part of fix for bug #8443 - Default user entry is set to minimal ↵Jeremy Allison1-58/+2
permissions on incoming ACL change with no user specified. create_default_mode() is not needed - it's taken care of by code inside ensure_canon_entry_valid().
2011-09-08Revert "Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid ↵Jeremy Allison1-11/+8
for set (Invalid argument)" This belongs as part of the bugfix for bug #8443 - Default user entry is set to minimal permissions on incoming ACL change with no user specified. Not as part of #7509. This reverts commit 2a1453e2318af77a79180f3137f8a8d3f1240233. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Sep 8 08:50:12 CEST 2011 on sn-devel-104
2011-09-07Revert "Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid ↵Jeremy Allison1-21/+4
for set (Invalid argument)" This reverts commit 17f6e0272370f764d4a0053c8e74f20b0444c721. Using the existing default permissions for group access is incorrect when no such permissions are given in the incoming ACL. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Sep 7 03:50:21 CEST 2011 on sn-devel-104
2011-09-03Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-4/+21
(Invalid argument) Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the principle of least surprises for the user. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
2011-09-02Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-8/+11
(Invalid argument) Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user.
2011-09-02Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-7/+6
(Invalid argument) Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately inside ensure_canon_entry_valid().
2011-09-02Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-0/+38
(Invalid argument) Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in a default(directory) ACL set.
2011-09-02Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set ↵Jeremy Allison1-72/+0
(Invalid argument) Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect and causes the POSIX ACL ACL_USER_OBJ duplication.
2011-06-09s3-talloc Change TALLOC_ZERO_ARRAY() to talloc_zero_array()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_ARRAY isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_ZERO_P() to talloc_zero()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_ZERO_P isn't standard talloc.
2011-06-09s3-talloc Change TALLOC_P() to talloc()Andrew Bartlett1-1/+1
Using the standard macro makes it easier to move code into common, as TALLOC_P isn't standard talloc.