IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When "ignore system acls" is set to "yes, we need to ensure filesystem
permission always grant access so that when doing our own access checks
we don't run into situations where we grant access but the filesystem
doesn't.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144
(cherry picked from commit b72287514cc78c9019db7385af4c9b9d94f60894)
During path checking, the vfs connectpath_fn is called to
determine the share's root, relative to the file being
queried (for example, in snapshot file this may be other
than the share's "usual" root directory). connectpath_fn
must be able to answer this question even if the path does
not exist and its parent does exist. The convention in this
case is that this refers to a yet-uncreated file under the parent
and all queries are relative to the parent.
This also serves as a workaround for the case where connectpath_fn
has to handle wildcards, as with the case of SMB1 trans2 findfirst.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 25 05:35:29 CEST 2016 on sn-devel-144
(cherry picked from commit f41f439335efb352d03a842c370212a0af77262a)
Reintroduce Windows style default ACL, but this time as an optional
feature, not changing default behaviour.
Original bugreport that got reverted because it changed the default
behaviour: https://bugzilla.samba.org/show_bug.cgi?id=12028
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0730cb7e1ce33dbc5fc48a7363204c1220400c68)
Existing behaviour is "posix" style. Next commit will (re)add the
"windows" style. This commit doesn't change behaviour in any way.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 26a9867ae1a9c69659252ce03c280c7c18a6c58f)
If ignore_system_acls is set and we're synthesizing a default ACL, we
were fetching the filesystem ACL just to free it again. This change
avoids this.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit f46179ef7310959af095b0ea6234df7523d15457)
Will be reused in the next commit when moving the
make_default_filesystem_acl() stuff to a different place.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 10959698e20de381beec7ab532c8bdc32fa6401c)
Better for performance and a subsequent commit will add one more option
where this will pay off.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 0de5a128cee90694979d074c2590ddbca0071e82)
No change in behaviour (hopefully! :-). This paves the way for moving
the ACL blob validation to a helper function in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 335527c647331148927feea2a7ae2f2c88986bc6)
The variables are already set to NULL by TALLOC_FREE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e6f1254a00a6bf85b8d95bfbafef7d3e39ce1dde)
In most realistic cases the "next" VFS op will return the permissions
from the filesystem. This rename makes it explicit where the SD is
originating from. No change in behaviour.
This just paves the way for a later change that will simplify the whole
logic and talloc hierarchy.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 9f79084f166208820f586c8e43e1e315d32cd5ce)
This makes it explicit where the SD is originating from. No change in
behaviour.
This just paves the way for a later change that will simplify the whole
logic and talloc hierarchy, therefor this also strictly renames the
occurences after the out label.
Logically, behind the out label, we're dealing with a variable that
points to what we're going to return, so the name psd_blob is
misleading, but I'm desperately trying to avoid logic changes in this
commit and therefor I'm just strictly renaming.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 2367eea928593f12f8914f7e7ba613b1b15516de)
This reverts commit 961c4b591bb102751079d9cc92d7aa1c37f1958c.
Subsequent commits will add the same functionality as an optional
feature.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 590b80490c00587b5a4035856891e10defb654f6)
Even with "ignore system acls" set to "yes", for objects without NT ACL
xattr we use the underlying filesystem permissions to construct an NT
ACL. This can result in *very* unexpected permissions, eg:
- a directory with the following ACL:
$ ./bin/smbcacls -Uslow%pass //localhost/normal ""
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\root
ACL:SLOW\slow:ALLOWED/0x0/FULL
So only one non-inheritable(!) ACE.
- creating a subdirectory:
$ ./bin/smbclient -Uslow%pass //localhost/normal -c "mkdir dir1"
- checking whether there's an ACL xattr:
$ getfattr -m "" /Volumes/normal/dir1
getfattr: Removing leading '/' from absolute path names
system.posix_acl_access
system.posix_acl_default
user.DOSATTRIB
So there isn't an ACL xattr, because there where no inheritable ACEs on
the parent folder.
- reading the new subdirectories ACL:
$ ./bin/smbcacls -Uslow%pass //localhost/normal "dir1"
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\slow
ACL:SLOW\slow:ALLOWED/0x0/FULL
ACL:Unix Group\slow:ALLOWED/0x0/READ
ACL:Everyone:ALLOWED/0x0/READ
ACL:NT Authority\SYSTEM:ALLOWED/0x0/FULL
The ACES for "SLOW\slow", "Unix Group\slow" and "Everyone" are coming
from the underlying filesystem. This is the problem.
- Windows assigns the following ACL in this situation:
$ ./bin/smbcacls -UAdministrator%Passw0rd //10.10.10.14/data "dir"
REVISION:1
CONTROL:SR|PD|DI|DP
OWNER:VORDEFINIERT\Administratoren
GROUP:WIN2008R2\Domänen-Benutzer
ACL:WIN2008R2\Administrator:ALLOWED/0x0/FULL
$ ./bin/smbclient -UAdministrator%Passw0rd //10.10.10.14/data -c "mkdir dir\dir1"
$ ./bin/smbcacls -UAdministrator%Passw0rd //10.10.10.14/data "dir\dir1"
REVISION:1
CONTROL:SR|DI|DP
OWNER:VORDEFINIERT\Administratoren
GROUP:WIN2008R2\Domänen-Benutzer
ACL:VORDEFINIERT\Administratoren:ALLOWED/0x0/FULL
ACL:NT-AUTORITÄT\SYSTEM:ALLOWED/0x0/FULL
By changing make_default_filesystem_acl() to only adds user and system
ACE to the ACL of objects that lack an ACL xattr, we match Windows
behaviour:
$ ./bin/smbclient -Uslow%pass //localhost/normal -c "mkdir dir2"
$ ./bin/smbcacls -Uslow%pass //localhost/normal "dir2"
REVISION:1
CONTROL:SR|DP
OWNER:SLOW\slow
GROUP:Unix Group\slow
ACL:SLOW\slow:ALLOWED/0x0/FULL
ACL:NT Authority\SYSTEM:ALLOWED/0x0/FULL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12028
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 19 10:22:05 CEST 2016 on sn-devel-144
(cherry picked from commit 961c4b591bb102751079d9cc92d7aa1c37f1958c)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Wed Aug 3 14:42:05 CEST 2016 on sn-devel-104
This function is only used in vfs_acl_common.c and will be modified in
the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12028
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit afc2417b107af572081974ff9d013ddec890d31f)
https://bugzilla.samba.org/show_bug.cgi?id=11721
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 5 00:04:50 CEST 2016 on sn-devel-144
(cherry picked from commit 625dcef765adc75c34ee5955a08c6cb77b87f41b)
add_srt should add the mappings to the linked list even if
mappings==NULL (the default)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11827
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 11 14:25:59 CEST 2016 on sn-devel-144
(cherry picked from commit 3e2af1568d150de1cb12fef40580f4880ac787ff)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Mon Apr 18 16:24:45 CEST 2016 on sn-devel-104
When "ignore system acls" is set, do not mess at all with POSIX ACLS,
do not even calculate the would-be POSIX-ACL-based security descriptor
(for performance reasons).
Instead, just store a V3 blob with zero hash. This means that if we
later read the ACL without ignoring system ACLs, the NT ACL shall be
reset to the info derivable from the POSIX ACL.
File ownership is still modified as it has bearing on disk quotas.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11806
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 765e5f1f2670d3d5d8d62a04b4ccf38a680bcb37)
Adjust the connect path to the root of the share in the snapshot,
or to the root of the snapshot if the snapshot is "inside" the
share.
This way snapshot symlink regarded as "wide links" if and only if
they point outside the snapshot or they were wide links when
the snapshot was taken.
This allows mounting the snapshots outside the share's root.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11580
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 8a49a63a5a5d8014d32179df1789186223443b35)
Add a new routine shadow_copy2_do_convert() which is
like shadow_copy2_convert(), but beside calculating the
path of the snapshot file, it also returns the minimum length
of the subpath which is both inside the share and inside the
same snapshot as the file in question, i.e. (at least in the
classical case) the subdirectory of the the snapshot file's
snapshot directory that corresponds to the file's share root.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11580
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 3703bca4d9e494aec0b40243add3e076cf353601)
streams_xattr_get_name() fails to chop off the stream type in case
config->store_stream_type is false and the passed stream name contains a
stream type.
Eg when the passed in stream name is ":mystream:$DATA", but
config->store_stream_type is false, we must generate a xattr name of
"mystream" or "user.mystream".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 16 23:27:01 CEST 2015 on sn-devel-104
(cherry picked from commit 2881679e3ecbaf07cdd82ba65af8d55e5e3be800)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit fedd09662c889fb796135d86836c160171fac68d)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit c8ee1a059b4484575b03ac76b469df85cdabdd9a)
OS X ignores deletes on the AFP_Resource stream. This was discovered by
torture tests against OS X SMB server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ee431fc5254dc735662d152dd19a81d439ca5e44)
When reading from the AFP_AfpInfo stream, OS X ignores the offset from
the request and always reads from offset=0.
The offset bounds check has a off-by-1 bug in OS X, so a request
offset=60 (AFP_AfpInfo stream has a ficed size of 60 bytes), len=1
returns 1 byte from offset 0 insteaf of returning 0.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f569fd5e44300ab41aa7298b3efdcac99cd330f2)
When writing all 0 to AFP_AfpInfo stream we can remove the underlying
storage object. This beaviour of OS X SMB server was found with a
torture test.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e94b17715ea8049df8819b472178170b8e987946)
With help of some torture tests I verified the following behaviour of OS
X SMB server:
* ftruncate AFP_AfpInfo stream > 60 bytes results in an error
NT_STATUS_ALLOTTED_SPACE_EXCEEDED
* ftruncate AFP_AfpInfo stream <=60 returns success but has no effect
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4024153894a07b7b1115dbe1699cba94fee13f23)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0af7bf4249419ff7c88c5beece915db0a3697b72)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11347
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 748adea77f95d7d6114f96b7850f384b77d6f7d2)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 1d7bef5a75403f5baec13aa6264dfe763a4b278a)
Add a flag that tracks whether use of AAPL was negotiated, ensuring we
don't enable AAPL features for clients that didn't negotiate it.
Torture test that need AAPL must call the new function enable_aapl().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 89a7394d679b383920d73fef0d178b8f84bc393f)
This is in preperation of a more fine grained control of POSIX behaviour
in the SMB and VFS layers.
Inititally we use an uint8_t for the flags bitmap and add a define
posix_flags as posix_open in order to avoid breaking the VFS ABI.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d698cec1c7e700e57cab46d33df0dde13303b318)
is_ntfs_default_stream_smb_fname returns false for a NULL stream name, so for
streamless filenames we do not set gpfs share modes without this patch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11243
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Nov 6 03:21:01 CET 2015 on sn-devel-104
ad_pack() in vfs_fruit.c returns false on failure and 0 on success -
i.e. return value is interpreted as success even when it fails.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11543
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Tue Oct 6 16:14:42 CEST 2015 on sn-devel-104
(cherry picked from commit 5d7eaf959a0f11be878f698305fcb8908d7ba047)
Autobuild-User(v4-3-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-3-test): Tue Oct 13 12:29:33 CEST 2015 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11547
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 8 02:56:41 CEST 2015 on sn-devel-104
(cherry picked from commit 5709dece4860f205e31309e31ec4e3e938d9f6a5)
0 byte resource fork streams are not listed by vfs_streaminfo, as a
result stream cleanup/deletion of file deletion doesn't remove the
resourcefork stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11467
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Opening the resource fork stream with O_CREAT mustn't create a visible
node in the filesystem, only create a file handle. As long as the
creator didn't write into the stream, other openers withour O_CREAT
MUST get an ENOENT error. This is way OS X SMB server implements it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11467
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This should be an implementation detail in lib/crypto/aes.h.
In future we may add support for other implementations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 64c6cc34d7cdc48443a9427d2448ede9727aad47)
With vfs_fruit option "fruit:encoding = native" we're already converting
stream names that contain illegal NTFS characters from their on-the-wire
Unicode Private Range encoding to their native ASCII representation.
Unfortunately the reverse mapping for stream names was not perfomed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1db11998bf1b0eef5f543377700b03ab8739338d)
With vfs_fruit option "fruit:encoding = native" we're already converting
stream names that contain illegal NTFS characters from their on-the-wire
Unicode Private Range encoding to their native ASCII representation.
As as result the name of xattrs storing the streams (via
vfs_streams_xattr) may contain a colon, so we have to use strrchr_m()
instead of strchr_m() for matching the stream type suffix.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit fb9a64ea37dd4b0cd754fe6d421417a4c8ccbc57)
"z" is only for size_t, here we have off_t
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 13 11:53:47 CEST 2015 on sn-devel-104
