summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2010-10-15Fix handling of "NULL" DACL. Map to u/g/w - rwx.Jeremy Allison1-23/+33
Jeremy.
2010-10-15Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if ↵Jeremy Allison1-0/+8
they can't be mapped.
2010-10-15Add debug message to get_nt_acl_internal() to see what we got.Jeremy Allison1-0/+7
2010-10-15Fix valgrind "uninitialized read" error on "info" when returning !NT_STATUS_OK.Jeremy Allison1-1/+5
Jeremy.
2010-10-15Fix bug #7734 - When creating files with "inherit ACLs" set to true, we ↵Jeremy Allison2-2/+2
neglect to apply appropriate create masks. Jeremy.
2010-10-15Fix bug #7733 - Invalid client DOS attributes on create can cause incorrect ↵Jeremy Allison1-0/+9
unix mode_t to be generated. It turns out a client can send an NTCreateX call for a new file, but specify FILE_ATTRIBUTE_DIRECTORY in the attribute list. Windows silently strips this, but we don't - causing the unix_mode() function to go through the "mode bits for new directory" codepath, instead of the "mode bits for new file" codepath. Jeremy.
2010-10-15s3-rpc_server: Normalize rpc_pipe_open_interface pipe name.Andreas Schneider1-1/+6
Autobuild-User: Andreas Schneider <asn@samba.org> Autobuild-Date: Fri Oct 15 12:15:45 UTC 2010 on sn-devel-104
2010-10-15s3-rpc_server: Make auth_serversupplied_info const.Andreas Schneider4-11/+11
2010-10-15s3-winbind: Fixed the build of idmap_rid.Andreas Schneider1-0/+1
2010-10-14s3: Remove smbd_server_conn from construct_replyVolker Lendecke1-4/+6
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Oct 14 12:35:07 UTC 2010 on sn-devel-104
2010-10-14s3: Lift smbd_server_conn from receive_smb_tallocVolker Lendecke1-10/+9
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_tallocVolker Lendecke1-8/+10
2010-10-14s3: Lift smbd_server_conn from receive_smb_raw_talloc_partial_readVolker Lendecke1-10/+10
2010-10-14s3: Remove some explicit smbd_server_conn refs in process_smb()Volker Lendecke1-2/+2
2010-10-14s3: Rename "conn" to the more used "sconn" in process_smb()Volker Lendecke1-7/+7
2010-10-14libcli/auth Merge source4/libcli/security and util_sid.c into the common codeAndrew Bartlett5-360/+5
This should ensure we only have one copy of these core functions in the tree. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14libcli/security Define traditional constants in terms of IDL macrosAndrew Bartlett1-65/+0
The source3/ code uses these constants in a lot of places, and it will take time and care to rename them, if that is desired. Linking the macros here will at least allow common code to use the IDL based macros, and preserve a documentary link between the constants (other than just their value) Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14libcli/security Move source3/lib/util_seaccess.c into the common codeAndrew Bartlett3-260/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-acl Use uint32_t for counting the ACEsAndrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-acl Merge source4-supported privileges into se_access_checkAndrew Bartlett1-5/+9
This will shortly be the common se_access_check function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-util_nttoken.c Also copy the rights_mask when copying a security_tokenAndrew Bartlett1-0/+4
These are unused in source3/ code at the moment, but it would be unfortunate if that were to change, and this function not be updated. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-auth Use security_token_debug() from common codeAndrew Bartlett8-35/+7
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3-auth use security_token_has_sid() from the common codeAndrew Bartlett1-9/+2
The wrapper call is left here to avoid changing semantics for the NULL parameter case. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-14s3 Replace is_sid_in_token() with security_token_has_sid() from common codeAndrew Bartlett6-21/+10
The two routines are identical, so there is no need to keep both. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-10-13s3:gpfs: Add support for the gpfs_ftruncate callChristian Ambach3-2/+28
ported from the v3-4-ctdb branch to master This used to be commit 1f138cc9f4a Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 13 13:34:25 UTC 2010 on sn-devel-104
2010-10-13s3:vfs:gpfs convert sharemodes/leases parameterChristian Ambach2-20/+64
convert gpfs:sharemodes and gpfs:leases parameters from a global setting to a per share setting
2010-10-13s3:vfs:syncops add option to disable module per shareChristian Ambach1-6/+35
add an option to disable the syncops module completely for a share with syncops:disable = true
2010-10-13s3:vfs:syncops make it possible to specify syncops:onclose per shareChristian Ambach1-7/+43
convert the onclose option of the vfs_syncops module from a global option to a service-specific one as preparation for further flags, use a struct to store in the VFS handle instead of just the onclose flag
2010-10-12s3:registry: fix some trailing spaces in reg_backend_dbMichael Adam1-6/+6
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue Oct 12 14:15:42 UTC 2010 on sn-devel-104
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett145-45/+145
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12Make the vfs_acl_xattr and other modules work with NULL SD's. FixJeremy Allison1-41/+29
the "protected" inheritance problem (bleeding up from the POSIX layer). Jeremy Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Oct 12 00:57:41 UTC 2010 on sn-devel-104
2010-10-11Canonicalize incoming and outgoing ACLs.Jeremy Allison1-4/+55
Jeremy.
2010-10-11Make the posix ACL module cope with a NULL incoming DACL and aJeremy Allison1-0/+31
missing owner/group. Jeremy.
2010-10-11s3-spoolss: add more userlevel info validation to _spoolss_OpenPrinterEx.Günther Deschner1-0/+9
Guenther
2010-10-11s3-spoolss: let set_printer_hnd_name return WERROR.Günther Deschner1-17/+19
Guenther
2010-10-11s3-spoolss: convert open_printer_hnd to return WERROR.Günther Deschner1-11/+16
Guenther
2010-10-11s3-spoolss: fix set_printer_hnd_name() to match torture test.Günther Deschner1-9/+15
Guenther
2010-10-09More neccessary const.Jeremy Allison2-2/+2
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 9 01:47:25 UTC 2010 on sn-devel-104
2010-10-08s3: Hang the isilon kernel oplocks off the NULL contextVolker Lendecke1-1/+2
All I see is a fd_event that does not need a special destructor. Tim, Steven, I've added the #error as well for you to remove after review. Thanks, Volker Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 20:48:11 UTC 2010 on sn-devel-104
2010-10-08s3: Hang the irix kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
Just a fd_event to be cleaned up. The pipe is closed implicitly.
2010-10-08s3: Hang the linux kernel oplocks off the NULL ctxVolker Lendecke1-1/+1
The destructor that is called removes the signal handler. But at process exit the signal handling is lost anyway.
2010-10-08s3: Call printer_list_parent_init in the parentVolker Lendecke1-0/+5
Simo, please check!
2010-10-08s3: Remove talloc_autofree_context() from get_printer_list_db()Volker Lendecke1-1/+1
Another db that does not need explicit closing
2010-10-08s3: Remove talloc_autofree_context() from loadparm.cVolker Lendecke1-6/+5
None of these uses requires a special destructor
2010-10-08s3: Add a little test for the echo responderVolker Lendecke4-1/+146
2010-10-08s3: Implement echo_TestSleepVolker Lendecke1-1/+1
2010-10-08Move talloc_enable_null_tracking() to the s3 daemonsVolker Lendecke3-3/+21
2010-10-08s3-waf: slowly getting modules to match how they look like in old build.Günther Deschner5-170/+170
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Oct 8 09:31:01 UTC 2010 on sn-devel-104
2010-10-08s3: Fix input check in is_encrypted_packetVolker Lendecke1-1/+3
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 07:40:52 UTC 2010 on sn-devel-104
2010-10-08Fix bug 7716 - acl_xattr and acl_tdb modules don't store unmodified copies ↵Jeremy Allison1-1/+13
of security descriptors. As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed a const pointer to a security descriptor, still modifies the ACE entries within it (which are not const pointers). This means ACLs stored in the extended attribute by the acl_xattr module have already been modified by the POSIX acl layer, and are not the original intent of storing the "unmodified" ACL from the client. Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that is what is then modified inside smbd/posix_acl.c, leaving the original ACL to be correctly stored in the xattr. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104