Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This was needed only by Python 2.3 which we no longer support.
|
|
The includes of the UID wrapper headers werent't really efficient according
to metze's post on the technical mailing list (http://lists.samba.org/archive/samba-technical/2010-February/069165.html).
To achieve this move the "uid_wrapper.h" includes into "lib/util/unix_privs.c",
"lib/util/util.c", "ntvfs/posix/pvfs_acl.c" and "ntvfs/unixuid/vfs_unixuid.c".
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
do not depend on pvfs objects
Following a talk with tridge on IRC, this patch allow (pull|push)_xattr_blob to be called without
having a pvfs object. It's handy for programs that wants to manipulate xattr directly.
|
|
pvfs can be NULL if the directory a share points to does not exist. In
this case, there would be no open files, so it is safe to just return
from the function.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
bug 6989 is a rare crash that has occurred in production. My best
guess as to the cause is the talloc_free() not being specific enough
as to which parent needs to be freed.
|
|
The bug is that sometimes 'streams' is parent for 'new_name'.
With this said, 'new_name' must be dupped before 'streams'
pointer is freed.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
I removed one "const" in front of a string declaration to achieve this.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
I removed two "const"s in front of string declarations to achieve this.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
win7 also fails invalid lock ranges on SMB
|
|
matching windows behaviour is not always the right thing to do!
|
|
|
|
|
|
UNLOCK with FAIL_IMMEDIATELY is not allowed
|
|
|
|
metze
|
|
|
|
|
|
thanks to valgrind for this one
|
|
This caused havoc on the build farm. Interestingly, it only affected
gcc 4.3.3, not gcc 4.4.1
|
|
|
|
|
|
|
|
|
|
The data_blob_free() was changing the size we set the stream to
|
|
The passed in SD is not used to limit the access mask allowed on file
create.
|
|
The change to check for invalid \ prefix on SMB2 paths broke the
internal SMB2 code.
|
|
Previously when a file was created, we produces the resulting access
mask based on an ACL check against the parent. This change means we
now calculate the inherited ACL much earlier, and produce the
resulting access mask from that ACL, or the user supplied ACL.
|
|
chown is expected to fail under uwrap
|
|
|
|
This makes the unix access check much closer to the full ACL check
|
|
This matches the sec_access_check() code
|
|
Construct the filename from the old handle and the new name.
|
|
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
|
|
The CREATEX_ACCESS test shows that this is used as a bit test, not a
equality test
|
|
|
|
This segfault occoured in cases where we rejected (or never attempted)
the tree connect, so had an invalid private pointer for the logoff
codepath.
Andrew Bartlett
|
|
clients may provide arbitrary names, but we only want lowercase alnum
names
|
|
We now open a named via the named_pipe_auth
code and process IO via the tstream interface.
This means we support byte mode and message mode
named pipes.
We also correctly issue NT_STATUS_PIPE_BUSY
when a smb_trans request comes in and a read or smb_trans
is already pending.
We also have support for async dcerpc over ncacn_np now,
and we now can remove the ncacn_np specific hacks from the
rpc_server/ code.
metze
|
|
|
|
|
|
This bug was caused by two things:
1) in the unix ACL mapping, we were not taking into account group
write permssions for the SEC_STD_DELETE flag
2) when a file is created using OVERWRITE mode, a fchmod() would
fail if the user is not the file owner. We resolve that by only
doing the fchmod() if the mapped file attribute does not match the
desired file attribute
|
|
|
|
This fixes two issues pointed out by Andrew. It adds a runtime
uwrap_enabled() call that wraps the skips needed for uid emulation. It
also makes the skip in the directory_create_or_exist() function only
change the uid checking code, not the permissions code
|
|
This library intercepts seteuid and related calls, and simulates them
in a manner similar to the nss_wrapper and socket_wrapper
libraries. This allows us to enable the vfs_unixuid NTVFS module in
the build farm, which means we are more likely to catch errors in the
token manipulation.
The simulation is not complete, but it is enough for Samba4 for
now. The major areas of incompleteness are:
- no emulation of setreuid, setresuid or saved uids. These would be
needed for use in Samba3
- no emulation of ruid changing. That would also be needed for Samba3
- no attempt to emulate file ownership changing, so code that (for
example) tests whether st.st_uid matches geteuid() needs special
handling
|
|
This fixes bug 6547, where smbclient in S3 reads more than 64k at a
time with readx.
|
|
Changes the order of two commands. First set up the "priv" structure, then
assign it to the "ntvfs" structure.
|