summaryrefslogtreecommitdiff
path: root/source4/ntvfs/posix
AgeCommit message (Collapse)AuthorFilesLines
2009-10-18s4-pvfs: change the handling of access checking on createAndrew Tridgell4-60/+124
Previously when a file was created, we produces the resulting access mask based on an ACL check against the parent. This change means we now calculate the inherited ACL much earlier, and produce the resulting access mask from that ACL, or the user supplied ACL.
2009-10-17s4-pvfs: when uwrap is enabled, ignore chown errorsAndrew Tridgell1-0/+3
chown is expected to fail under uwrap
2009-10-17s4-pvfs: don't auto-apply privilege bits in unix acl handling eitherAndrew Tridgell1-7/+11
2009-10-17s4-pvfs: use privileges rather than "uid == 0" in unix access checkAndrew Tridgell1-6/+12
This makes the unix access check much closer to the full ACL check
2009-10-16s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-2/+2
This matches the sec_access_check() code
2009-10-15s4-pvfs: implement root_fid support in posix backendAndrew Tridgell1-0/+15
Construct the filename from the old handle and the new name.
2009-10-15s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell1-1/+1
The CREATEX_ACCESS test shows that this is used as a bit test, not a equality test
2009-08-12no need to shout about getting an oplockAndrew Tridgell1-1/+1
2009-08-05fixed a problem with group policy writes causing policy corruptionAndrew Tridgell3-4/+48
This bug was caused by two things: 1) in the unix ACL mapping, we were not taking into account group write permssions for the SEC_STD_DELETE flag 2) when a file is created using OVERWRITE mode, a fchmod() would fail if the user is not the file owner. We resolve that by only doing the fchmod() if the mapped file attribute does not match the desired file attribute
2009-08-05fixed the sense of the pvfs_acl uwrap checkAndrew Tridgell1-1/+1
2009-08-05make the UID_WRAPPER skip checks at runtimeAndrew Tridgell1-7/+7
This fixes two issues pointed out by Andrew. It adds a runtime uwrap_enabled() call that wraps the skips needed for uid emulation. It also makes the skip in the directory_create_or_exist() function only change the uid checking code, not the permissions code
2009-08-05added a uid_wrapper libraryAndrew Tridgell1-0/+8
This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
2009-08-04fixed support for readx greater than 64kAndrew Tridgell1-2/+2
This fixes bug 6547, where smbclient in S3 reads more than 64k at a time with readx.
2009-07-15s3:ntvfs/posix: avoid unnesessary talloc_reference()Stefan Metzmacher1-1/+4
This caused the panics on the RAW-SETFILEINFO.RENAME test, because we returned an empty strings. The problem was: ERROR: talloc_steal with references at ntvfs/posix/pvfs_setfileinfo.c:215 reference at ntvfs/posix/pvfs_resolve.c:799 metze
2009-06-05fixed handling of change notify buffer overrunsAndrew Tridgell1-2/+9
When the notify buffer overruns and there are no pending notify requests, the notify buffer doesn't actually get destroyed, it just gets put in a state where new notifies are discarded and the next notify change request will return 0 changes.
2009-05-30libwbclient: Add async call framework.Kai Blin1-1/+1
2009-05-20Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott1-1/+29
This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-04-23Add a new non-convenience version of push_codepoint.Jelmer Vernooij1-2/+2
2009-02-05s4:pvfs_aio: fix compiler warningStefan Metzmacher1-1/+1
metze
2009-02-05s4:pvfs: remove compiler warningStefan Metzmacher1-2/+1
metze
2009-02-05s4:pvfs: use talloc_get_type() to cast from void *Stefan Metzmacher17-49/+102
metze
2009-02-05s4:pvfs: fix some talloc related compiler warningsStefan Metzmacher4-4/+8
metze
2009-02-02s4:ntvfs/posix: s/private/private_dataStefan Metzmacher3-10/+10
metze
2009-01-30Fix the mess with ldb includes.Simo Sorce2-2/+1
Separate again the public from the private headers. Add a new header specific for modules. Also add service function for modules as now ldb_context and ldb_module are opaque structures for them.
2009-01-07added support for stream renames in Samba4Andrew Tridgell3-18/+285
This allows the RAW-STREAMS test to work again. We still have some limitations though: - renames of a stream to the default stream doesn't work - delete on close handling between streams and the main file is still broken
2009-01-04tevent: move samba4 stuff from libtevent.m4 to samba.m4Stefan Metzmacher2-3/+2
metze
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher5-10/+10
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-29s4:pvfs_aio: use teventStefan Metzmacher2-12/+12
metze
2008-12-23Fix more compiler warnings in various places.Jelmer Vernooij1-3/+3
2008-12-17s4: fix LIBEVENTS dependencies and use more forward declarationsStefan Metzmacher1-1/+1
We should only include events.h where we really need it and prefer forward declarations of 'struct event_context' metze
2008-12-01s4:pvfs: correctly check stream namesStefan Metzmacher1-15/+37
metze
2008-12-01s4:pvfs: return the correct error code for invalid namesStefan Metzmacher1-5/+16
metze
2008-10-28s4: ntvfs/posix: to set a DACL at open time SEC_DESC_DACL_PRESENT must be setStefan Metzmacher1-2/+4
metze
2008-10-24Remove unused include param/param.h.Jelmer Vernooij1-1/+0
2008-10-24Add version of next_codepoint without iconv_convenience.Jelmer Vernooij4-8/+7
2008-10-24Remove a few more usages of global_loadparm.Jelmer Vernooij1-1/+2
2008-10-24Split up codepoints code, use consistent _m suffix.Jelmer Vernooij1-1/+1
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij10-10/+10
2008-09-24empty access mask is only denied on SMB2Andrew Tridgell1-1/+3
2008-09-24zero access mask should give ACCESS_DENIEDAndrew Tridgell1-0/+4
2008-09-23added some debug codeAndrew Tridgell2-1/+3
2008-09-16Fix last few includes to use new tdb location.Jelmer Vernooij2-2/+2
2008-08-14pvfs: fix handling of create_option flagsStefan Metzmacher1-2/+12
metze (This used to be commit 3c6cadf76861d6522c5ec41953df1ba2fac4910d)
2008-07-24we can't query the ACL on a new file till it exists!Andrew Tridgell1-6/+6
(This used to be commit 4f6646f06988b1fb8be9e0c8ae833bb9792184af)
2008-07-24fixed spelling errorAndrew Tridgell1-1/+1
(This used to be commit 341f64834e13cdbc7d4742a4652ae39b70a4231f)
2008-07-18More 'must be ignored' options from the MS-SMB doc.Andrew Bartlett1-5/+18
Also in particular the 'sync' flags (which Samba has traditionally ignored). Thanks to Olivier Salamin <olivier.salamin@gmail.com> for pointing out more flags that needed to be handled. Andrew Bartlett (This used to be commit 370bb39cd79fe49efd36a1ceb3e896d386e6d3ce)
2008-07-16Ignore and handle more NT Create & X options.Andrew Bartlett1-1/+12
The MS-SMB document explains that some of these options should be ignored. The test proves it. /* Must be ignored by the server, per MS-SMB 2.2.8 */ /* Must be ignored by the server, per MS-SMB 2.2.8 */ If we implement HSM in samba4 (likely) we should honour this bit. /* Don't pull this file off tape in a HSM system */ Andrew Bartlett (This used to be commit 502739ff90d56d2c9aabe8e224317f6ceb175c17)
2008-06-28pvfs: create a pvfs_acl subsystemStefan Metzmacher4-7/+43
That means that the pvfs_acl implementations no longer register as ntvfs modules (which was wrong) metze (This used to be commit 89e90556ec57fce24faf0ed3d6fe262edd974b28)
2008-06-28pvfs: pvfs_aio should be a subsystem instead of an extra ntvfs moduleStefan Metzmacher1-2/+1
metze (This used to be commit c904e28bef95cb0d61bf86f2ba1cef2d4e018d5f)
2008-06-03Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell11-47/+277
(This used to be commit 9d74201e462f2f95ed5bd91200681db3bd2a9277)