Age | Commit message (Collapse) | Author | Files | Lines |
|
Based on a patch submitted by Tsukasa Hamano <hamano@osstech.co.jp>,
this is a change in the POSIX ACL mapping to deal with the lossy
mapping for directory ACE entries:
We have a lossy mapping: directory ACE entries
CREATOR_OWNER ------\
(map to) +---> SMB_ACL_USER_OBJ
owning sid ------/
CREATOR_GROUP ------\
(map to) +---> SMB_ACL_GROUP_OBJ
primary group sid --/
on set. And on read of a directory ACL
SMB_ACL_USER_OBJ ----> CREATOR_OWNER
SMB_ACL_GROUP_OBJ ---> CREATOR_GROUP.
Deal with this on set by duplicating
owning sid and primary group sid ACE
entries into the directory ACL.
Jeremy.
|
|
Guenther
|
|
The code to read the new V2 SAMBA_PAI entries had
two errors.
Jeremy.
|
|
BASE-DELAYWRITE and also RAW-CLOSE.
Jeremy.
|
|
the logic. This was incorrect (I'll revisit this tomorrow).
Jeremy.
|
|
set_close_write_time().
We were treating a file time set on close as a sticky write time set, and I don't
think it is. I will add a torture test later to RAW-CLOSE to confirm this.
Jeremy.
|
|
Jeremy.
|
|
"Normal" non truncate writes always cause the timestamp to
be set on close. Once a close is done on a handle this can
reset the sticky write time to current time also.
Updated smbtorture4 confirms this.
Jeremy.
|
|
|
|
We want to free the record early, not when talloc_tos() is free'ed.
|
|
Jeremy.
|
|
using older protocols (LANMAN2 or below).
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
not 4 byte aligned (levels 1 - 3).
Jeremy.
|
|
smbd just crashed on me: In a debug message I called a routine preparing a
string that itself used debug_ctx. The outer routine also used it after the
inner routine had returned. It was still referencing the talloc context
that the outer debug_ctx() had given us, which the inner DEBUG had already
freed.
|
|
directory with a lot of files.
Jeremy.
|
|
used to store the stream info in streams_depot.so is not
seen in when enumerating EAs.
Jeremy.
|
|
held outside of samba.
Fixes case where a connection with a pending lock can me marked "idle", and ensures
that the lock queue timeout is always recalculated.
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
|
|
symlinks instead of trans2:posix_unlink.
Jeremy.
|
|
Windows 7 is a bit more picky on our NT_STATUS_BUFFER_TOO_SMALL. Announce the
right buffer size, the same amount we later check for.
|
|
|
|
Jeremy.
|
|
Jeremy
|
|
recent versions of Samba.
Without this fix, renaming a directory ./a to ./b, whilst a directory ./aa was already open
would fail.
Jeremy.
|
|
|
|
function vfs_stat_fsp(). Stops code looking at fsp->posix_open
except for exceptional circumstances.
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
|
|
Summary:
Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.
|
|
|
|
Jeremy.
|
|
|
|
deferred open state.
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
|
|
open.
Since the catia translation is implemented for open, it should not
also be done in createfile. By removing createfile from catia,
translation is now done correctly for the primary open path.
In order to support systems that have custom createfile
implementations that don't eventually call SMB_VFS_OPEN,
SMB_VFS_TRANSLATE_NAME has been expanded to take an additional
argument that specifies direction.
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
This fixes smbd from crashing all the time.
Jeremy, Volker, please check.
Guenther
|
|
|
|
Jeremy.
|
|
Guenther
|
|
Lookup the EA and Stream status on CreateX.
Jeremy.
|
|
This is needed to support some special app I've just come across where I had to
set the SPARSE_FILES bit (0x40) to make it work against Samba at all. There
might be others to fake. This is definitely a "Don't touch if you don't know
what you're doing" thing, so I decided to make this an undocumented parametric
parameter.
I know this sucks, so feel free to beat me up on this. But I don't think it
will hurt.
|
|
Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed
from sys_read() to sys_recv(). read_socket_with_timeout() is called
with non-fd's (with a pty in chgpasswd.c and with a disk file in
lib/dbwrap_file.c via read_data()). recv works for the disk file,
but not the pty. Change the name of read_socket_with_timeout() to
read_fd_with_timeout() to make this clear (and add comments).
Jeremy.
|
|
The kernel may return a short read, so we must use read_data() to make sure we
read off the full buffer. If somethign bad happens we also need to kill the
inotify watch because the filedescriptor will return out of sync structures if
we read only part of the data.
|