Age | Commit message (Collapse) | Author | Files | Lines |
|
Michael
(This used to be commit fae4c21b14b9d288e06f6b4b4e1527e2c6d58dca)
|
|
leaving panic or more appropriate action to callers.
This can for instance happen in a clustered setup, when
ctdb is not running. This allows for a more defined behaviour,
reducing chicken-egg-problems.
Michael
(This used to be commit 3b6541ff483d5fea4fd30bb6a01a560c05028d4e)
|
|
(This used to be commit 7db382588ac90fe250b72cf4cd07afb39fcae7c0)
|
|
Jeremy, setting "exists" to True in _dfs_Add prevented the initial creation of
a new symlink for me, because the SMB_VFS_UNLINK failed. This also exists in
3.2. I only check it into 3.3 as I would like you to look at it first.
Thanks,
Volker
(This used to be commit f58b098a4172949018e84c4d0c722d6eb9bba514)
|
|
(This used to be commit d031e6d8cabe2dd0b29e90d173d45843e145176a)
|
|
(This used to be commit 587bd636cb70d09600111ced040adaa55af35d0f)
|
|
(cherry picked from commit 4a996476297963d4cb300b4d45c23e83a493c339)
(This used to be commit 86cae83a7db87063ecd6e58eaa15f11441c45040)
|
|
At least form_junctions() does not initialize refcount, and I don't see it in
get_referred_path(). For the latters, the callers might initialize it. But even
if they did, I think parse_msdfs_symlink() should unconditionally return the
number of referrals it found. I don't think it makes sense to count them up
from somewhere else.
(This used to be commit 73172113484a2c6c9af014f59e84707716c61a7d)
|
|
(This used to be commit 1d7ad0dea7ebf7a46af6e695797e5132264307d6)
|
|
(This used to be commit 5f8a5e68ea166fbeda3af6e5ec381ec09d06f0f6)
|
|
This involved replacing the CHECK_NTQUOTA_HANDLE_OK macro by a function.
(This used to be commit 5595cdf837edb82db69a3e57bcf3108be7feeeb8)
|
|
(This used to be commit 4c31cc0b62f532eafdc44398b29b773ad8cb0646)
|
|
(This used to be commit e895e44cc7d675d128430fb53c138e5e8736e59f)
|
|
No functional change, this is a preparation for more current_user ref removal
(This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
|
|
fsp_belongs_conn only used the vuid struct member anyway, and this is available
in the smb_request structure as well.
(This used to be commit 64e9372ab997739d46669c0cc4a4c6edb11d5e64)
|
|
check_fsp only used the vuid struct member anyway, and this is available in the
smb_request structure as well.
(This used to be commit 8d364c4c3311b406847158fc37e9208d298cf8ba)
|
|
Without this the changed checks in can_delete_file_in_directory give DELETE
access where there is none. So we can end up granting the ntcreate&x preparing
the unlink where we should not, which leads to a NT_STATUS_ACCESS_DENIED at
close time later, which in turn does *not* give the access denied error message
in the Windows GUI.
can_delete_file_in_directory will grant access now by looking at the directory
permissions.
(This used to be commit 51b5364c2afb3a18df4bec2bc1624760ccc01676)
|
|
With at least NFSv4 ACLs around the write permission for the owner is a bogus
check if we can delete a file in a directory. Like in Windows, there are two
ways which can grant us such: First, the DELETE permission on the file itself,
or if that does not help, the DELETE_CHILD permission on the directory. It
might be a bit more code that runs, but essentially we should end up with the
same set of syscalls in the non-acl case.
(This used to be commit daa9b056645a45edfb3a70e3536011ebe5678970)
|
|
Did not measure it, but I think a single write is better than a read and a
conditional branch
(This used to be commit abe1bed665ad8d1dbf9177dcbb9344b25df9594c)
|
|
Michael
(This used to be commit 7d5fb873bde0a84de522650945effeaf602c759e)
|
|
This is not needed anymore since user_can_access_file_acl() ist used.
Michael
(This used to be commit 3c349f773a52e3de693d3bb79f5060c9f1e01e41)
|
|
This is a security descriptor level function only.
Michael
(This used to be commit 5931540fa1681f026fed42df387d17e43c493c47)
|
|
(This used to be commit 4394235378f85ccb911d662d95f1545a14240bdf)
|
|
current_user_info was "only" used in a debug msg, and current_user.ut.uid is
also available via conn->server_info
(This used to be commit d0386914ff0f7b0f1edc3302fdc6a25f211712fa)
|
|
The current vuid is not only available there, it is also in the current
smb_request structure.
(This used to be commit c8fd5eef32a86888c7a28317f0fdf717a26b7d4c)
|
|
(This used to be commit b92cfd19b459caad34229dfe941cf15fd14a5ce0)
|
|
conn holds the current user info
(This used to be commit 093bc5f2b33ebf90e04bc17e51b1695b1b932bf2)
|
|
(This used to be commit 1025f687910ce40283c7344ed67ebd5bf31217b7)
|
|
(This used to be commit 68944ea1ea7a0a63b08cbfc703f5ee29d2627696)
|
|
(This used to be commit 45662b5e8b3c7bc39cb33c5d7deb7e9a91f30a8b)
|
|
Most already used it, these two still used SNUM(conn), where the only caller of
this routine (change_to_user) had set snum = SNUM(conn).
(This used to be commit b14e59bfdbfb62494002e22d0665c4d420484245)
|
|
(This used to be commit 5c916549f002d5e4e06f24d396a2bdca73d384c7)
|
|
can result in a buffer overrun.
Jeremy.
(This used to be commit 23b825e9d2c74c5b940cf4d3aa56c18692259972)
|
|
Can someone with gpfs available test this ? The only codepath using this
function is the modules/gpfs.c module. The fix resolves at least the build
issues Samba has with recent kernel / libcap versions by using the portable
cap_get_proc()/cap_set_proc() interface (instead of using capget/capset).
Guenther
(This used to be commit 177955141247a4eb56ba0d82dc1add7f52175c40)
|
|
Jeremy.
(This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
|
|
Jeremy.
(This used to be commit 5d22ca00bcdf49dcb35468400ac8cc3c57808d0d)
|
|
(This used to be commit 344d69f95e217d16213eaa6b53141af6ab459708)
|
|
This required to pass around the domain a bit
(This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c)
|
|
(This used to be commit f52d7c3faba4aa815d95883775f4859251406161)
|
|
(This used to be commit eb281532b1721ded39c39bb00c26202080dcd735)
|
|
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
|
|
Jeremy.
(This used to be commit 830337f054a6c0646d85df33d9958e99283e727a)
|
|
Log when we kill other smbd sessions like when we hit the VC == 0 case.
This one fixes BUG #5476.
Initial patch from Björn Jacke <bj@sernet.de>.
Karolin
(This used to be commit 1429f3b7cf293994b334052428fcdadcee162dea)
|
|
by name code from conn, we were already doing the
same check in the dfs_redirect() function, so move
it into parse_dfs_path() instead.
Jeremy.
(This used to be commit 8a7c6df122c5e4a1d0f74ab0f1bc9376a0a8bcb1)
|
|
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
|
|
not the start of the list.
Jeremy.
(This used to be commit 15857534b76bc66ad122510100aa224f17250465)
|
|
Jeremy.
(This used to be commit 08d168f0e5b8fb07e95a5118a839e0da53e9d363)
|
|
that don't look like \xxx\yyy, cope with arbitrary length.
Jeremy.
(This used to be commit 635035d999fcd8e06b70c8cb1137127c289dc9e6)
|
|
that sets the DFS bit on pathnames but doesn't
send DFS paths. This causes lookups to fail as
the smbd/msdfs.c code now just eats the first
two parts of the pathname and uses the rest as
the local path. The previous hostname check
used to protect us from that as we knew that
when the hostname was invalid it was a local
path (and a broken client).
I didn't want to put that check back in, but
came up with another idea - even though the
hostname can be a different one, the sharename
must be valid on this machine. So we can check
for a valid sharename instead.
Jeremy.
(This used to be commit e1cda82f6f7de3306a653af920756c1640057f2d)
|
|
(This used to be commit 0f19bc3f65bfc132aea1de1e76fcb4ee625a050f)
|