summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2012-05-17s3: Check for serverid_exists in smb_posix_unlinkVolker Lendecke1-0/+3
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3: Check for serverid_exists in open_mode_checkVolker Lendecke1-0/+5
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3: Check for serverid_exists in notify_deferred_opensVolker Lendecke1-2/+8
We will remove the check in parse_share_modes soon Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3:smb2_sesssetup: make use of nt_status_squash() in ↵Stefan Metzmacher1-1/+1
smbd_smb2_session_setup_recv() metze
2012-05-17s3-smbd: Avoid creating a UID ACL entry for SIDs that are mapped as ↵Andrew Bartlett1-0/+35
ID_TYPE_BOTH The GID ACL entry is what will be mapped in most cases, and so is sufficient. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 17 05:08:44 CEST 2012 on sn-devel-104
2012-05-17s3-smbd: Consider a group with the same SID as sufficient duplicationAndrew Bartlett1-0/+7
This code is to ensure that the user does not loose rights when their file ownership is taken away. If the owner (an IDMAP_BOTH SID) appears as a group then a duplicate user is not required. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17s3-smbd: Handle ID_TYPE_BOTH by mapping to both a group ACL entry and file ↵Andrew Bartlett1-39/+109
ownership This will allow groups, such as domain administrators, to own files while correctly handling the rest of the ACL permissions. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17We need to split things up into a new helper function ↵Andrew Bartlett1-172/+184
add_current_ace_to_acl() in order for there to be more posix ACL elements than NT ACL elements (so a group SID can own a file, but also get the group permissions that will be honoured) Andrew Bartlett Slightly modified by Jeremy to reduce diff size. Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-17This covers a case where an ID_TYPE_BOTH mapping creates group permissions, ↵Jeremy Allison1-2/+5
but must own the file. Based on an original patch by Andrew Bartlett.
2012-05-17s3-smbd: Do not merge UID ACE values with GID ACE values for posix ACLAndrew Bartlett1-5/+12
This might happen when we get a SID mapped to IDMAP_BOTH. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
2012-05-16s3:onefs: remove all onefs related code as it not maintained anymoreStefan Metzmacher3-740/+0
See https://lists.samba.org/archive/samba-technical/2012-May/083631.html for the discussion. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed May 16 11:23:05 CEST 2012 on sn-devel-104
2012-05-15s3: Fix a likely cut&paste errorVolker Lendecke1-1/+1
2012-05-15s3-auth: Rename to init_system_session_info().Andreas Schneider1-1/+1
Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Tue May 15 13:56:00 CEST 2012 on sn-devel-104
2012-05-14s3:smb2_close: make the top level code async usingStefan Metzmacher1-39/+66
metze
2012-05-14s3:smb2_close: add add smbd_smb2_close_send/recv as wrapperStefan Metzmacher1-0/+99
metze
2012-05-14s3:smb2_close: don't do any marshalling in smbd_smb2_close() let the caller ↵Stefan Metzmacher1-19/+71
to it metze
2012-05-14s3:smb2_tcon: make the top level code async usingStefan Metzmacher1-24/+58
metze
2012-05-14s3:smb2_tcon: add smbd_smb2_tree_connect_send/recv as wrapperStefan Metzmacher1-0/+79
metze
2012-05-14s3: Make SMB_QUERY_FILE_UNIX_BASIC's devno work for filesVolker Lendecke1-2/+9
According to susv3, st_rdev is valid exactly for char and block devices. Normal files have st_dev set.
2012-05-13s3:smb2_sesssetup: make the top level code async usingStefan Metzmacher1-30/+62
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun May 13 17:59:39 CEST 2012 on sn-devel-104
2012-05-13s3:smb2_sesssetup: add smbd_smb2_session_setup_send/recv as wrapperStefan Metzmacher1-0/+105
This just adds smbd_smb2_session_setup_send/recv as wrapper to the sync smbd_smb2_session_setup function. This will allow us to change to top level code to work async, then we can have a 2nd step where we remove the sync smbd_smb2_session_setup function. metze
2012-05-13s3:smb2_sesssetup: pass down in_flags to smbd_smb2_session_setup()Stefan Metzmacher1-1/+5
metze
2012-05-13s3:smb2_sesssetup: pass down in_previous_session_id to all layersStefan Metzmacher1-2/+15
metze
2012-05-12s3:smb2_ioctl: implement FSCTL_VALIDATE_NEGOTIATE_INFOStefan Metzmacher1-0/+86
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat May 12 02:50:42 CEST 2012 on sn-devel-104
2012-05-12s3:smb2_ioctl: implement FSCTL_VALIDATE_NEGOTIATE_INFO_224Stefan Metzmacher1-0/+73
metze
2012-05-12s3:smbd: introduce struct smbXsrv_connectionStefan Metzmacher4-7/+122
This will represent a transport connection for SMB 1 or 2 in the server. smbd_server_connection will slowly be moved to the SMB_VFS layer to satisfy the existing modules, but it will hopefully be protocol independend in future. metze
2012-05-12s3:smb2_negprot: setup the protocol at the end of the negprot with a real ↵Stefan Metzmacher1-7/+8
dialect metze
2012-05-11s3:smb2_ioctl: allow functions to disconnect the smb connectionStefan Metzmacher1-3/+18
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri May 11 20:15:37 CEST 2012 on sn-devel-104
2012-05-11s3:smb2_ioctl: FSCTL_SRV_ENUMERATE_SNAPSHOTS is handles in SMB_VFS_FSCTL()Stefan Metzmacher1-125/+0
metze
2012-05-11s3:smb2_ioctl: call SMB_VFS_FSCTL() as fallback for non SMB2 specific functionsStefan Metzmacher1-4/+33
metze
2012-05-09s3-smbd: Fix the creation of duplicate SMB_ACL_GROUP entriesAndrew Bartlett1-2/+2
The issue was a simple copy and paste bug, which casued a duplicate SMB_ACL_GROUP to be added when we already had one. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 9 13:17:29 CEST 2012 on sn-devel-104
2012-05-08s3:smbd fix some compiler warningsChristian Ambach1-2/+2
2012-05-08s3-python: Add python bindings for posix ACL layerAndrew Bartlett1-0/+203
This will allow us to check that posix ACLs work in the s4 provision, and avoid --use-s3fs if they do not. Andrew Bartlett
2012-05-06s3:smb2_negprot: add support for PROTOCOL_SMB3_00Stefan Metzmacher1-0/+15
metze
2012-05-05s3:smbd: comment the lp_load call in reload_services()Michael Adam1-1/+5
2012-05-04s3: Remove an unused extern declarationVolker Lendecke1-2/+0
2012-05-04s3: Remove an unused parameter from check_parent_access()Volker Lendecke1-10/+3
2012-05-04s3: In mkdir_internal, don't retrieve parent_dir from check_parent_accessVolker Lendecke1-1/+1
We have already created that ourselves a few lines above
2012-05-04s3: Fix a typoVolker Lendecke1-1/+1
2012-05-02s3-smbd: Use security_session_user_level() rather than nt_token_check_sid()Andrew Bartlett1-13/+1
This allows the unix.whoami test to pass when configured as part of the AD DC. The struct auth_session_info is slightly different in the AD DC configuration when using auth_samba4. In particular, there is a distinction between Guest and Anonymous logins. Andrew Bartlett
2012-04-28Add an audit file VFS routine so we can handle auditing with SACLs.Richard Sharpe1-0/+14
Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Sat Apr 28 08:05:00 CEST 2012 on sn-devel-104
2012-04-26s3: oplock_timeout is a talloc child of fspVolker Lendecke1-3/+0
Jeremy, I know you like it explicit, but I stumbled across this explicit TALLOC_FREE and asked myself about a potentially wrong talloc hierarchy. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu Apr 26 23:00:03 CEST 2012 on sn-devel-104
2012-04-26s3: Remove code TALLOC_FREE already doesVolker Lendecke1-5/+1
2012-04-24s3: Simplify check_reduced_name a bitVolker Lendecke1-9/+5
It's pointless to do a talloc_asprintf with a SMB_STRDUP on the result. Use asprintf directly. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Tue Apr 24 18:18:05 CEST 2012 on sn-devel-104
2012-04-24s3: Fix a typoVolker Lendecke1-1/+1
2012-04-24s3: Introduce variable "indyniov" for easier readingVolker Lendecke1-8/+10
2012-04-23Fix bug #8882 - Broken processing of %U with vfs_full_audit when force user ↵Jeremy Allison1-0/+11
is set. When doing a "force user" we need to remember what the "sanitized_username" was from the original connect. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Apr 23 19:52:19 CEST 2012 on sn-devel-104
2012-04-20s3:id_cache: do not use the in-memory idmap cache (it is going to be removed)Michael Adam1-13/+0
This also removes the ID_CACHE_FLUSH message.
2012-04-19s3: Fix Coverity ID 2747: FORWARD_NULLVolker Lendecke1-1/+1
For the notify cleanup process we have a notify context without a messaging entry. We will never call notify_add/remove for this, but the code should protect against this.
2012-04-19s3: Fix Coverity ID 2749: REVERSE_INULLVolker Lendecke1-1/+3