sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-03 01:18:10 +03:00
Code

vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time

Browse Source 
This will be used in CI to have a gitlab runner without all modern Linux
features we make use of as part of path processing:

- O_PATH
- openat2() with RESOLVE_NO_SYMLINKS
- somehow safely reopen an O_PATH file handle

That gives what a classix UNIX like AIX or Solaris offers feature wise.

Other OSes support other combinations of those features, but we leave the
exersize of possibly adding more runners supporting those combinations to the
reader.

The following list shows which features are available and used by Samba on a few
OSes:

        | O_PATH         | RESOLVE_NO_SYMLINKS | Safe reopen    | CI covered
--------|----------------|---------------------|----------------------------
        | Supported Used | Supported Used      | Supported Used |
============================================================================
Linux   | +         +    | +         +         | +         +    | +
FreeBSD | +         +    | + [1]     -         | + [2]     -    | -
AIX     | -         -    | -         -         | -         -    | +

[1] via open() flag O_RESOLVE_BENEATH
[2] via open() flag O_EMPTY_PATH

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 5c2f96442a)
This commit is contained in:
Ralph Boehme 2023-12-19 11:11:55 +01:00 committed by Jule Anger
parent e6745b1510
commit 4b1f0c6e8b
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source3/modules/vfs_default.c
View File

@ -52,6 +52,9 @@ static int vfswrap_connect(vfs_handle_struct *handle, const char *service, const
bool bval;
handle->conn->have_proc_fds = sys_have_proc_fds();
#ifdef DISABLE_PROC_FDS
handle->conn->have_proc_fds = false;
#endif
/*
* assume the kernel will support openat2(),
@ -70,6 +73,9 @@ static int vfswrap_connect(vfs_handle_struct *handle, const char *service, const
handle->conn->open_how_resolve |=
VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS;
}
#ifdef DISABLE_VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS
handle->conn->open_how_resolve &= ~VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS;
#endif
return 0; /* Return >= 0 for success */
}