Age | Commit message (Collapse) | Author | Files | Lines |
|
Up to now, get_nt_acl() took a files_struct pointer (fsp) and
a file name. All the underlying functions should need and now
do need (after the previous preparatory work), is a connection_struct
and a file name. The connection_struct is already there in the
vfs_handle passed to the vfs functions. So the files_struct
argument can be eliminated.
This eliminates the need of calling open_file_stat in a couple
of places to produce the fsp needed.
Michael
(This used to be commit b5f600fab53c9d159a958c59795db3ba4a8acc63)
|
|
Replace smbd/posix_acls.c:get_nt_acl() by two funcions:
posix_get_nt_acl() and posix_fget_nt_acl(). The first
takes a connection struct and a file name instead of a
files_struct pointer. This is in preparation of changing
the vfs api for SMB_VFS_GET_NT_ACL.
Michael
(This used to be commit 50c82cc1456736fa634fb656e63555319742f725)
|
|
It can be retrieved from the stat buffer.
Michael
(This used to be commit b0ae830bf57dcaec00b2a2eabfec7221a3b7f791)
|
|
Convert canonicalise_acl() to take connection_struct, is_directory
and file name instead of files_struct pointer.
Michael
(This used to be commit d579a7f84fd47a3f00215725cecd65b21a5ff2e0)
|
|
Convert ensure_canon_entry_valid() to take share_params and an is_directory
flag instead of an files_struct pointer.
Michael
(This used to be commit bdb208124bd703edee03ac4d2a4ec45ecdfc135e)
|
|
This is a first change in a series: Pass what is needed instead of files_struct
pointers to some functions. This is in preparation of introducing two variants
of get_nt_acl - one for fname (which does not need an fsp), one for file
descriptor.
This changes apply_default_perms to take share_params (rather thatn snum)
and an is_directory flag instead of an fsp.
Michael
(This used to be commit d7e2e93758f6598a0459db3255300558618f066e)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
(This used to be commit dcbe1bf942d017a3cd5084c6ef605a13912f795b)
|
|
to a new source file of their own.
Michael
(This used to be commit 9dd18bb534bca6b5de6cad9580b48681b36c0832)
|
|
Michael
(This used to be commit c61b4222d30288add216fac4da3cfaa537f5cd01)
|
|
The three can_* access check functions in smbd/posix_acls.c that are used in
smbd/open.c and smbd/nttrans.c explicitly called check_posix_acl_group_access()
This lead to errors with nfsv4 acls (ZFS and GPFS).
This changes the can_* functions to get the nt_acl via VFS layer and call
se_access_check on that. It also removes check_posix_acl_group_access()
which has no more callers.
NOTE: The can_* functions should really not be in smbd/posix_acls.c but
in a separate file (I propose smbd/access.c).
Michael
(This used to be commit 6f961a23de745aba5dcd4585b731e651b8cbeef4)
|
|
Michael
(This used to be commit 7b582af2107bed3b864bb408b5c9bcce4b8e4c72)
|
|
Michael
(This used to be commit bf23c4ddff617dd3cd1e2d5cedb1b5c023356dc3)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
Why? It moves these structs from the data into the text segment, so they
will never been copy-on-write copied. Not much, but as in German you say
"Kleinvieh macht auch Mist...."
(This used to be commit 0141e64ad4972232de867137064d0dae62da22ee)
|
|
the main server code paths. We should now be able to cope with
paths up to PATH_MAX length now.
Final job will be to add the TALLOC_CTX * parameter to
unix_convert to make it explicit (for Volker).
Jeremy.
(This used to be commit 7f0db75fb0f24873577dcb758a2ecee74fdc4297)
|
|
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
|
|
/usr/include/sys/acl.h:#define acl_type acl_common.entry_type
was the problem...
metze
(This used to be commit 8557b8b570ac8f8d3d14aaeb894c8b3532558736)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
that contains some of the fields from the SMB header, removing the need
to access inbuf directly. This right now is used only in the open file
code & friends, and creating that header is only done when needed. This
needs more work, but it is a start.
Jeremy, I'm only checking this into 3_0, please review before I merge it
to _26.
Volker
(This used to be commit ca988f4e79e977160d82e86486972afd15d4acf5)
|
|
live without valgrind :-).
Jeremy.
(This used to be commit 9b231149c78c8bbfb70c5675cffb652705ba2cd2)
|
|
You don't want to know what I discovered about Windows
ACLs to make this work :-(. See :
http://www.codeproject.com/win32/accessctrl2.asp
Search for "Q. How does Inheritance come into this?"
for details.
Jeremy.
(This used to be commit e1d3a80d2bff2e3540637fd741fc149eeca5fb9d)
|
|
return to correctly return NT_STATUS_INVALID_OWNER if it
should be disallowed. Matches better what W2K3R3 does.
NFSv4 ACL module owners, please examine these changes.
Jeremy.
(This used to be commit fc6899a5506b272f8cd5f5837ca13300b4e69a5f)
|
|
memory leak I introduced into acl code, also remove
redundent extra check for global_sid_System :
global_sid_System == S-1-5-18 which is already
included in the check for a domain of
global_sid_NT_Authority == S-1-5
Jeremy.
(This used to be commit 10649540ac11e679997f414d4a6b12d057bd7913)
|
|
sid_to_gid mapping, add LocalSystem to non-mappable
list.
Jeremy.
(This used to be commit 805f01464f3feb30725dbce1f90d4296380dd796)
|
|
Based on work from Joe Meadows <jameadows@webopolis.com>.
One for the Vista patchset.
Jeremy.
(This used to be commit 470a4dc30874b00c599806cb6dbc06fe2775144c)
|
|
Allow us to correctly refuse to set delete on close on a
non-empty directory. There are still some delete-on-close
wrinkles to be fixed, but I understand how to do that better
now. I'll fix this tomorrow.
Jeremy.
(This used to be commit 029635885825a5562e7974a6f5675cce3bf1b5dc)
|
|
This involved passing the dirname as argument to a few routines instead of
calling parent_dirname() deep down.
Volker
(This used to be commit 7977fd78652897bb7d4db1c21c5749043428f911)
|
|
change_owner_to_parent
a bit closer together: Move the lp_inherit_perms() check into the callers.
Volker
(This used to be commit 0874093e5fff480d8ec442072318525079add633)
|
|
function. Fix from Jim Wang of Wesoft.
Jeremy.
(This used to be commit eb78ce1f550377bfb1fd43f550641cf8a606e973)
|
|
descriptor
buffers.
Make security access masks simply a uint32 rather than a structure
with a uint32 in it.
(This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
|
|
and DLIST_DEMOTE() now take the type of the tmp pointer
not the tmp pointer itself anymore.
metze
(This used to be commit 2f58645b7094e81dff3734f11aa183ea2ab53d2d)
|
|
Sorry for the delay :-).
Jeremy.
(This used to be commit a52fa218952ffcd784ea31e947aa4d17dfdc8ee0)
|
|
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30ffceb798e3a8362d20e103e20b2897)
|
|
examples directory.
(This used to be commit c085355c323c65ee782516859eed8a76b53e6035)
|
|
code will be released.
(This used to be commit 5b1db0151461af18d994359e86c649922fc6de65)
|
|
(This used to be commit 72312cb2e255301f978455a559461ad83b13b6cb)
|
|
(This used to be commit ae6b9b34e59167e3958bfdb9997fa25340b9a0a3)
|
|
acls code. I'm pretty sure this was safe, but become_root()
does other things to the token stack that become_root_uid_only()
does not, and as we're going into a vfs redirectred function
I decided it wasn't safe for now.
Jeremy.
(This used to be commit b3e0f45488595aa96c852dab8e1349631a85dded)
|
|
calls make it :
become_root_uid_only()
operation
unbecome_root_uid_only()
saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.
Jeremy
(This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)
|
|
modularizes our interface into the special posix API used on
the system. Without this patch the specific API flavor is
determined at compile time, something which severely limits
usability on systems with more than one file system. Our
first targets are AIX with its JFS and JFS2 APIs, at a later
stage also GPFS. But it's certainly not limited to IBM
stuff, this abstraction is also necessary for anything that
copes with NFSv4 ACLs. For this we will check in handling
very soon.
Major contributions can be found in the copyright notices as
well as the checkin log of the vl-posixacls branch. The
final merge to 3_0 post-3.0.23 was done by Peter Somogyi
<psomogyi@gamax.hu>
(This used to be commit ca0c73f281a2a65a988094a46bb3e46a94011a53)
|
|
no way to get all the cases where kernel oplocks are
on and we can't open the file and get the correct
semantics (think about the open with truncate with
an attribute only open - we'd need a vfs change to
add the truncate(fname, len) call). So always drop
the share mode lock before doing any real fd opens and
then re-acquire it afterwards. We're already dealing
with the race in the create case, and we deal with
any other races in the same way. Volker, please
examine *carefully* :-). This should fix the problems
people reported with kernel oplocks being on.
Jeremy.
(This used to be commit 8171c4c404e9f382880c65daa0232f89e560f399)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
think this can happen in real life but the code is
too complicated to be sure....
Jerry please merge this for 3.0.23.
Jeremy.
(This used to be commit 1e5042d4c0d1a0d0a5cfbcb0d47815e1510ee52a)
|
|
* depreacte 'acl group control' after discussion with Jeremy
and implement functionality as part of 'dos filemode'
* fix winbindd on a non-member server to expand local groups
* prevent code previously only used by smbd from blindly
turning _NO_WINBINDD back on
(This used to be commit 4ab372f4cab22225716b5c9a9a08f0c1dbc9928d)
|
|
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
line, and those below, will be ignored--
M source/smbd/posix_acls.c
(This used to be commit b8397c9f33424e0d1ed3ff849e1c99812f978000)
|
|
(This used to be commit 5429c495c538e416010cf44e1d6fb771770a72ae)
|
|
a new empty acl in remove_posix_acl if you don't bother
to set it on the file in question :-).
Jeremy.
(This used to be commit 12eccc8fe4ed043698970de42921757eb0448c84)
|
|
Jeremy.
(This used to be commit a28bc614a0eb8409a98b254b32ad17c50c2eec0e)
|