summaryrefslogtreecommitdiff
path: root/source3/smbd/service.c
AgeCommit message (Collapse)AuthorFilesLines
2011-03-04s3-printing: follow force user/group for driver IODavid Disseldorp1-56/+71
Configuring force user/group settings for the print$ share currently has unexpected results, this is explained by how the driver upload/add process takes place. Consider the following example: [print$] path = /print-drv write list = $DRIVER_UPLOAD_USER force group = ntadmin - the client connects to the [print$] share and uploads all driver files to the /print-drv/W32X86 directory. - This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and the "force group = ntadmin" takes effect for the [print$] session. - Once all files are uploaded, the client connects to the [ipc$] share and issues an AddPrinterDriverEx spoolss request. - In handling this request move_driver_to_download_area() is called, which attempts to create the directory /print-drv/W32X86/3 - The create directory fails, as it is done as the user connected to the [ipc$] share which does not have permission to write to the driver directory. The [print$] "force group = ntadmin" has no effect. This is a regression from previous behaviour prior to the commit: 783ab04 Convert move_driver_to_download_area to use create_conn_struct. https://bugzilla.samba.org/show_bug.cgi?id=7921 Signed-off-by: Andreas Schneider <asn@samba.org>
2011-02-22s3-printing: fix pcacp prototypes and includes.Günther Deschner1-0/+1
Guenther
2011-02-22s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett1-40/+40
These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-02-10s3-auth Rename cryptic 'ptok' to security_tokenAndrew Bartlett1-4/+4
This will allow the auth_serversupplied_info struct to be migrated to auth_session_info easier. Adnrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-11-20Move the uglyness of #ifdef REALPATH_TAKES_NULL into the vfs_defaultJeremy Allison1-10/+1
module, change the signature of VFS_REALPATH to always return a malloc'ed string. Needed to make some privileges work I plan on doing shortly easier to code. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Nov 20 02:15:50 CET 2010 on sn-devel-104
2010-11-10Fix bug 7781 - Samba transforms ShareName to lowercase (sharename) when ↵Jeremy Allison1-36/+74
adding new share via MMC Change the find_service() interface to not depend on fstring, and create a useable talloc-based interface. Jeremy.
2010-11-10Remove fstring from map_username. Create a more sane interface than the ↵Jeremy Allison1-6/+13
called-parameter-is-modified. Jeremy.
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-0/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-08-31s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett1-1/+1
This is closer to the struct security_token from security.idl
2010-08-22s3: Replace calls to check_access by allow_accessVolker Lendecke1-4/+5
We already have both the name and address of the client stored now
2010-08-18s3: Remove an unused variableVolker Lendecke1-1/+0
2010-08-18s3: Remove unneeded "client_address" from connection_structVolker Lendecke1-12/+2
2010-08-16s3: Remove smbd_server_fd() from make_connectionVolker Lendecke1-2/+2
2010-08-16s3: Remove smbd_server_fd() from share_sanity_checksVolker Lendecke1-3/+4
2010-08-16s3: Remove smbd_server_fd() from make_connection_snumVolker Lendecke1-4/+11
2010-08-16s3: Remove get_client_fd()Volker Lendecke1-2/+2
2010-08-06s3-netlogon: remove global include of netlogon.h.Günther Deschner1-0/+1
This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther
2010-07-05s3: Remove smbd_messaging_context() from make_connection_snum()Volker Lendecke1-1/+1
2010-07-05s3: Remove procid_self() from make_connection_snum()Volker Lendecke1-1/+2
2010-07-04s3: Remove unused msg_flags from connections.tdbVolker Lendecke1-1/+1
This breaks rolling code upgrade!
2010-06-12s3: Remove smbd_server_conn from make_connection_snumVolker Lendecke1-1/+1
2010-06-12s3: Fix some nonempty linesVolker Lendecke1-8/+7
2010-05-31s3:smbd map_username() doesn't need sconn anymoreSimo Sorce1-3/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-05-28s3:auth use info3 in auth_serversupplied_infoSimo Sorce1-6/+6
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-2/+2
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-20Fix bug #7410 - samba sends "raw" inode number as uniqueid with unix ↵Jeremy Allison1-0/+1
extensions. Move to a consistent get_FileIndex() function for all inode returns, that checks if st_dev on the file is identical to the top directory dev_t of the exported share, and if so uses the raw 64-bit inode number. If it isn't (we've traversed a mount point) - return what we used to do for Windows which is the concatination of the bottom 32-bits of the inode with the 32-bit device number. We can get more creative with this over time (hashing?) if we want as now all inode returns go through this single function. Jeremy.
2010-03-25Fix bug 7297 - smbd crashes with CUPS printers and no [printers] share defined.Jeremy Allison1-1/+1
Ensure we don't dereference an array with an index of -1. Jeremy.
2010-03-15Remove the bool admin_user from conn struct. We no longer look at this to ↵Jeremy Allison1-1/+0
make access decisions. Jeremy.
2010-02-23s3: Consolidate server_id_self into the equivalent procid_self()Volker Lendecke1-1/+1
2010-02-17Fix bug #6557 - Do not work VFS full_auditJeremy Allison1-51/+34
Re-arrange the operations order so SMB_VFS_CONNECT is done first as root (to allow modules to correctly initialize themselves). Reviewed modules to check if they needed CONNECT invoked as a user (which we previously did) and it turns out any of them that cared needed root permissions anyway. Jeremy.
2010-02-13s3: Fix a C++ warningVolker Lendecke1-1/+1
2010-02-12Use sec_initial_uid() in the places where being root doesn't matter,Jeremy Allison1-1/+1
and 0 in the places where it does. Jeremy
2010-02-12Simplify the logic in make_connection_snum(), and make it match Windows ↵Jeremy Allison1-41/+63
behavior. Cause all exit paths to go through one place, where all cleanup is done. change_to_root_user() for pathname operations that should succeed if the path exists, even if the connecting user has no access. For example, a share can now be defined with a path of /root/only/access (where /root/only/access is a directory path with all components only accessible to root e.g. root owned, permissions 700 on every component). Non-root users will now correctly connect, but get ACCESS_DENIED on all activities (which matches Windows behavior). Previously, non-root users would get NT_STATUS_BAD_NETWORK_NAME on doing a TConX to this share, even though it's a perfectly valid share path (just not accessible to them). This change was inspired by the research I did for bug #7126, which was reported by bepi@adria.it. As this is a change in a core function, I'm proposing to leave this only in master for 3.6.0, not back-port to any existing releases. This should give us enough time to decide if this is the way we want this to behave (as Windows) or if we prefer the previous behavior. Jeremy.
2010-02-12Remove #if SOFTLINK_OPTIMIZATION code.Jeremy Allison1-17/+0
This hasn't been turned on or been capable of doing so for many years now. Makes this jumbo function smaller... Jeremy.
2010-02-12Revert "Fix bug #7126 - [SMBD] With access denied error smbd return wrong ↵Jeremy Allison1-16/+9
NT_STATUS_OBJECT_PATH_INVALID error" This reverts commit 2fdd8b10c6abadd27c579e772c0482214d2363a5. This fix is incorrect. The original code works as desired, I made a mistake here. Jeremy.
2010-02-12Fix bug #7126 - [SMBD] With access denied error smbd return wrong ↵Jeremy Allison1-9/+16
NT_STATUS_OBJECT_PATH_INVALID error As tridge's comment says, we should be ignoring ACCESS_DENIED on the share path in a TconX call, instead allowing the mount and having individual SMB calls fail (as Windows does). The original code erroneously caught SMB_VFS_STAT != 0 and errored out on that. Jeremy.
2010-02-11Remove the code replaced by widelinks warning.Jeremy Allison1-7/+0
Jeremy.
2010-02-11Remove lp_safe_widelinks() -> convert to just lp_widelinks. Suggestion from ↵Jeremy Allison1-4/+5
Volker. Create widelinks_warning(int snum) to cover the message needed in make_connection. Jeremy.
2010-02-11Final part of jumbo patch for bug #7104 - "wide links" and "unix extensions" ↵Jeremy Allison1-0/+12
are incompatible. Volker pointed out that the preexec scripts get passed the conn->connectpath as a parameter, so call canonicalize_connect_path() both *before* and after the preexec scripts. Ignore errors on the call before the preexec scripts, as the path may not exist until created by the preexec scripts. Jeremy.
2010-02-11Introduce lp_safe_widelinks()Simo Sorce1-3/+5
This way we avoid any chance that a configuration reload may turn back on wide links when unix extensions are enabled.
2010-02-11Fine changes to previous fix for bug #7104 - "wide links" and "unix ↵Jeremy Allison1-20/+18
extensions" are incompatible. Make sure we match the previous allow widelinks behavior, in that non-root preexec scripts can create share directories for a share definition. Jeremy
2010-02-11Suplementary patch for bug #7104 - "wide links" and "unix extensions" are ↵Jeremy Allison1-27/+28
incompatible. Bug reported by Ralf Zimmermann <r.zimmermann@siegnetz.de>. Reproduced by jra. If the target directory of a share doesn't exist, but is designed to be created by a "root preexec" script call, then the widelinks check is done too early - thus preventing the user from connecting to the share. Fix is to re-arrange the order of checks in make_connection_snum() to always do the following order of operations: (1). Turn off wide links if unix extensions = yes. (2). Call any root preexec scripts. (3). Canonicalize the share path to remove any symlinks (ie. end up with the realpath in the connection_struct). Jeremy.
2010-02-05Fix bug 7104 - "wide links" and "unix extensions" are incompatible.Jeremy Allison1-0/+8
Change parameter "wide links" to default to "no". Ensure "wide links = no" if "unix extensions = yes" on a share. Fix man pages to refect this. Remove "within share" checks for a UNIX symlink set - even if widelinks = no. The server will not follow that link anyway. Correct DEBUG message in check_reduced_name() to add missing "\n" so it's really clear when a path is being denied as it's outside the enclosing share path. Jeremy.
2010-01-30s3/smbd: Fix string buffer overflow causing heap corruptionSteven Danneman1-1/+2
The destname malloc size was not taking into account the 1 extra byte needed if a string without a leading '/' was passed in and that slash was added. This would cause the '\0' byte to be written past the end of the malloced destname string and corrupt whatever heap memory was there. This problem would be hit if a share name was given in smb.conf without a leading '/' and if it was the exact size of the allocated STRDUP memory which in some implementations of malloc is a power of 2.
2009-12-06streamline some log levels for invalid servicenamesChristian Ambach1-1/+1
I don't think we need to log the fact that a user gave a wrong sharename in Explorer with the highest log level. The level of this was not very consistent: service.c: DEBUG(3,("find_service() failed to find service %s\n", service)); service.c: DEBUG(0,("%s (%s) couldn't find service %s\n", smb2_tcon.c: DEBUG(1,("smbd_smb2_tree_connect: couldn't find service %s\n", This changes the last two to 3 as the first one. Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
2009-10-01Fix for CVE-2009-2813.Jeremy Allison1-1/+5
=========================================================== == Subject: Misconfigured /etc/passwd file may share folders unexpectedly == == CVE ID#: CVE-2009-2813 == == Versions: All versions of Samba later than 3.0.11 == == Summary: If a user in /etc/passwd is misconfigured to have == an empty home directory then connecting to the home == share of this user will use the root of the filesystem == as the home directory. ===========================================================
2009-08-24Second attempt at fix for bug 6529 - Offline files conflict with Vista and ↵Jeremy Allison1-18/+1
Office 2003. Confirmation from reporter that this fixes the issue in master on ext3/ext4. Back-ports to follow. Jeremy.
2009-08-21Log debug message when hires timestamps are available on theJeremy Allison1-0/+4
share. Jeremy.
2009-08-21Fix bug 6529 - Offline files conflict with Vista and Office 2003Jeremy Allison1-0/+13
On filesystems that can't store less than one second timestamps, round the incoming timestamp set requests so the client can't discover that a time set request has been truncated by the filesystem. Needs backporting to 3.4, 3.3, 3.2 and (even) 3.0. Jeremy
2009-08-07s3:smbd: remove dirptr and dirpath from connection_structStefan Metzmacher1-2/+0
They're both only used in the context of a function, so we can make them stack variables. metze