summaryrefslogtreecommitdiff
path: root/source4/ntvfs/posix/pvfs_acl.c
AgeCommit message (Collapse)AuthorFilesLines
2009-10-18s4-pvfs: more fixes for ACLs on file creationAndrew Tridgell1-11/+12
The passed in SD is not used to limit the access mask allowed on file create.
2009-10-18s4-pvfs: change the handling of access checking on createAndrew Tridgell1-46/+103
Previously when a file was created, we produces the resulting access mask based on an ACL check against the parent. This change means we now calculate the inherited ACL much earlier, and produce the resulting access mask from that ACL, or the user supplied ACL.
2009-10-17s4-pvfs: when uwrap is enabled, ignore chown errorsAndrew Tridgell1-0/+3
chown is expected to fail under uwrap
2009-10-17s4-pvfs: don't auto-apply privilege bits in unix acl handling eitherAndrew Tridgell1-7/+11
2009-10-17s4-pvfs: use privileges rather than "uid == 0" in unix access checkAndrew Tridgell1-6/+12
This makes the unix access check much closer to the full ACL check
2009-10-16s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-2/+2
This matches the sec_access_check() code
2009-10-15s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-1/+1
The CREATEX_ACCESS test shows that this is used as a bit test, not a equality test
2009-08-05fixed a problem with group policy writes causing policy corruptionAndrew Tridgell1-0/+37
This bug was caused by two things: 1) in the unix ACL mapping, we were not taking into account group write permssions for the SEC_STD_DELETE flag 2) when a file is created using OVERWRITE mode, a fchmod() would fail if the user is not the file owner. We resolve that by only doing the fchmod() if the mapped file attribute does not match the desired file attribute
2009-08-05fixed the sense of the pvfs_acl uwrap checkAndrew Tridgell1-1/+1
2009-08-05make the UID_WRAPPER skip checks at runtimeAndrew Tridgell1-7/+7
This fixes two issues pointed out by Andrew. It adds a runtime uwrap_enabled() call that wraps the skips needed for uid emulation. It also makes the skip in the directory_create_or_exist() function only change the uid checking code, not the permissions code
2009-08-05added a uid_wrapper libraryAndrew Tridgell1-0/+8
This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
2009-02-05s4:pvfs: fix some talloc related compiler warningsStefan Metzmacher1-1/+1
metze
2008-09-24empty access mask is only denied on SMB2Andrew Tridgell1-1/+3
2008-09-24zero access mask should give ACCESS_DENIEDAndrew Tridgell1-0/+4
2008-06-28pvfs: create a pvfs_acl subsystemStefan Metzmacher1-0/+22
That means that the pvfs_acl implementations no longer register as ntvfs modules (which was wrong) metze (This used to be commit 89e90556ec57fce24faf0ed3d6fe262edd974b28)
2008-05-29don't mask out SEC_FILE_READ_ATTRIBUTE on SMB2Andrew Tridgell1-1/+3
(This used to be commit 1dfa50a48040bdc1166be2dbe1063fd8a79166f8)
2008-05-29added support for returning the maximal access MXAC tag in SMB2 createAndrew Tridgell1-0/+12
(This used to be commit 4eb49335d5f0319f9aa47ded5215a2977d3336bf)
2008-05-29SEC_FILE_READ_ATTRIBUTE is only automatically granted on SMB, not SMB2Andrew Tridgell1-3/+10
(This used to be commit 7bff0691428ed3f75c1a9cbaae692bc9830640e6)
2008-05-27Vista returns ACCESS_DENIED hereAndrew Tridgell1-1/+1
(This used to be commit f5068c6e50215f6ea7108d58d783394a315ff14f)
2008-04-14fixed a valgrind error in id mappingAndrew Tridgell1-1/+1
the status field is sent on both call and reply, but was only being initialised on reply (This used to be commit 2ebd7b80998775168959d511fbc987f8b5b7bd34)
2008-04-02ntvfs: Use wbclient for pvfs_acl and pvfs_acl_nfs4Kai Blin1-18/+82
(This used to be commit ac5e5fee1db2999053dee82d1fcf97ca8799c9b5)
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-2/+2
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-11/+11
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r19199: split out the xattr NTACL code into a separate part of the posixAndrew Tridgell1-40/+68
backend, allowing other ACL backends to be added. The xattr backend is still the default backend (This used to be commit 90f044e63b12d32228310c7529382198bd7e6dfe)
2007-10-10r18581: also check for SEC_STD_DELETE, and split out the check into a separateAndrew Tridgell1-8/+21
static function (This used to be commit 024ca6a91cdf2c0f8999c220b4459a72c45bfd32)
2007-10-10r18580: map the PVFS_FLAG_READONLY bit in the posix backend ontoAndrew Tridgell1-0/+14
NT_STATUS_ACCESS_DENIED in the access mask checks (This used to be commit ceffc34f3e9f47a8a44dad52054688f9855eeb37)
2007-10-10r15774: take care of the SYSTEM_SECURITY flagStefan Metzmacher1-1/+7
metze (This used to be commit 98f58d710a4fe1cd3581b1fb25c4f0c0236b5092)
2007-10-10r15118: - do access checks also when the owner and group are not changedStefan Metzmacher1-19/+28
- only call chown/fchown when we want to change something metze (This used to be commit 46b3096d938331a2339a876649bc6cbfec883cb2)
2007-10-10r15071: fix typoStefan Metzmacher1-1/+1
metze (This used to be commit fde8922947551f5f7d50607c5c83feba062138c8)
2007-10-10r15069: - don't crash on a NULL aclStefan Metzmacher1-1/+9
- add the correct access checks for changing sd->group and sd->dacl metze (This used to be commit 2a61f65cd4084bf690caccf87efaf46551a13aee)
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r14487: split smbsrv_request into two parts, one will be moved to ntvfs_requestStefan Metzmacher1-1/+1
but I don't to get the commit to large, to I'll do this tomorrow... metze (This used to be commit 10e627032d7d04f1ebf6efed248c426614f5aa6f)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-1/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14173: change smb interface structures to always useStefan Metzmacher1-1/+1
a union smb_file, to abtract - const char *path fot qpathinfo and setpathinfo - uint16_t fnum for SMB - smb2_handle handle for SMB2 the idea is to later add a struct ntvfs_handle *ntvfs so that the ntvfs subsystem don't need to know the difference between SMB and SMB2 metze (This used to be commit 2ef3f5970901b5accdb50f0d0115b5d46b0c788f)
2007-10-10r14157: - pass a struct ntvfs_request to the ntvfs layerStefan Metzmacher1-9/+9
(for now we just do #define ntvfs_request smbsrv_request, but it's the first step...) - rename ntvfs_openfile() -> ntvfs_open() - fix the talloc hierachie in some places in the ntvfs_map_*() code metze (This used to be commit ed9ed1f48f602354810937c0b0de850b44322191)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machinesAndrew Tridgell1-1/+1
Thanks to lars and agruen for finding this (This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-1/+0
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5050: make sure we translate the generic to the specific bits before doing aAndrew Tridgell1-5/+4
pvfs_access_check_unix(). Fixes a problem with the cifsfs filesystem (This used to be commit 8ebc61a2297176515d767ef0f67ec912293ab905)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-4/+4
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4615: added acl checking on directory search in pvfsAndrew Tridgell1-4/+5
(This used to be commit 0e61a422bd9a1596a284c176f033e958bbeaa8ce)
2007-10-10r4595: on create check access against parent not child ...Andrew Tridgell1-2/+2
(This used to be commit 5a1a17d3fc771b1e1c61297067f38c87901891d3)
2007-10-10r4584: fix pvfs backend to pass the new enhanced RAW-ACLS test. Easy once I ↵Andrew Tridgell1-2/+32
really the strange behaviour I saw was a w2k3 bug :-) (This used to be commit e729061bcde25d0565a72222e4720ca8074ef23f)
2007-10-10r4501: when copying files it is common for clients to copy the ACL. When theAndrew Tridgell1-2/+8
ACL is the default ACL this menas the copied file would have an xattr but the original would not. Avoid this by checking if the ACL being set is the original ACL, and avoid the copy. (This used to be commit 1df985a49b200a41eed39023aa668afb233f2e53)
2007-10-10r4464: added pvfs backend support for the special CREATOR_OWNER and ↵Andrew Tridgell1-1/+37
CREATOR_GROUP inheritance rules (This used to be commit 0a29fb45c310b4b8c348d187b8ff1833deaac6c3)
2007-10-10r4448: - fixed access_mask checking on acl setAndrew Tridgell1-2/+36
- honor the change ownership requests of acl set, changing the underlying unix owner/group - fix the access mask on file create with SEC_FLAG_MAXIMUM_ALLOWED (This used to be commit 5761fa35ab727b51ef1b52459911bafbdd788755)
2007-10-10r4412: SEC_FILE_READ_ATTRIBUTE is always granted, even if not requested. ↵Andrew Tridgell1-0/+2
This was being done in the full ACL code, but not in the unix access check code, which meant that qfileinfo was failing for some parameters (This used to be commit 96d017e521f5a996a7a274682838855d077834bc)
2007-10-10r4411: when checking for create permissions, we need to check the parent, ↵Andrew Tridgell1-1/+1
not the child! (This used to be commit 30b4c20b1c9aea94dd2a0611b58860797d244e5a)
2007-10-10r4408: added the remaining access check hooks into pvfs. All calls should ↵Andrew Tridgell1-0/+21
now have acl checking, and obey the various inheritance rules. (This used to be commit 5fe51807d6b97e68b65f152c0f405e5c5a025d21)