Günther Deschner
0595963632
samr: add missing samr_ValidationStatus codes.
...
Guenther
2009-07-14 12:09:56 +02:00
Christian Ambach
bd58a14617
reject ACLs with DESC_DACL_PROTECTED on GPFS
...
as GPFS does not support the ACE4_FLAG_NO_PROPAGATE NFSv4 flag (which would be the mapping for the DESC_DACL_PROTECTED flag), the status of this flag is currently silently ignored by Samba. That means that if you deselect the "Allow inheritable permissions..." checkbox in Windows' ACL dialog and then apply the ACL, the flag will be back immediately.
To make sure that automatic migration with e.g. robocopy does not lead to ACLs silently (and unintentionally) changed, this patch adds an explicit check for this flag and if set, it will return NT_STATUS_NOT_SUPPORTED so errors are shown up on the Windows side and the Administrator is aware of the ACLs not being settable like intended
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
2009-07-14 09:21:26 +02:00
Jeremy Allison
e67de63ba6
Make cli_posix_lock/unlock asynchronous.
...
Jeremy.
2009-07-13 18:43:10 -07:00
Jeremy Allison
b25e3b6c8a
Fix set_posix_lock check which had been reversed in the recent
...
changes.
Jeremy.
2009-07-13 17:17:37 -07:00
Günther Deschner
e4fca7466d
s3-pdb_ads: set correct pdb field with the value from 'accountExpires' attribute.
...
Guenther
2009-07-13 21:56:31 +02:00
Stefan Metzmacher
8646b9521d
s3:net: Fix Bug #6222 . Default to DRSUAPI replication for net rpc vampire keytab
...
metze
Signed-off-by: Günther Deschner <gd@samba.org>
2009-07-13 16:52:12 +02:00
Günther Deschner
f7ff6bd142
s3-rpc_server: pass down full unix token to map_max_allowed_access().
...
Also use unix_token->uid instead of geteuid() when checking for mapping of the
SEC_FLAG_MAXIMUM_ALLOWED flag.
Guenther
2009-07-13 15:38:20 +02:00
Günther Deschner
05fbe0c7f7
libds: merge the UF<->ACB flag mapping functions.
...
Guenther
2009-07-13 15:36:07 +02:00
Günther Deschner
8db45607f8
libds: share UF_ flags between samba3 and 4.
...
Guenther
2009-07-13 15:36:06 +02:00
Stefan Metzmacher
3ee3eb3acf
s3:smbd: close_file() handles named pipes just fine, no reason to return NOT_SUPPORTED
...
metze
2009-07-13 14:13:06 +02:00
Stefan Metzmacher
ed99bf7317
s3:smbd: make smbd_do_qfsinfo() non static for use in SMB2 GetInfo
...
metze
2009-07-13 14:13:06 +02:00
Stefan Metzmacher
2a92139a1c
s3:smbd: split out smbd_do_qfsinfo() from call_trans2qfsinfo()
...
metze
2009-07-13 14:12:33 +02:00
Stefan Metzmacher
7d735519d7
s3:smbd: make smbd_do_setfilepathinfo() non static for use in SMB2 SetInfo
...
metze
2009-07-13 11:18:59 +02:00
Stefan Metzmacher
f26a2ca8e4
s3:smbd: split out smbd_do_setfilepathinfo() from call_trans2setfilepathinfo()
...
metze
2009-07-13 11:18:50 +02:00
Stefan Metzmacher
d7809f65cf
s3:smbd: start SMB2 GetInfo support for File*Information levels
...
TODO: the EA levels are not fully supported.
metze
2009-07-12 17:14:04 +02:00
Stefan Metzmacher
64221bc3fa
s3:smbd: add support for marshalling SMB2 FileFullEaInformation
...
metze
2009-07-12 17:11:08 +02:00
Stefan Metzmacher
e9865150df
s3:smbd: add support for marshalling SMB2 FileAllInformation
...
metze
2009-07-12 17:10:03 +02:00
Stefan Metzmacher
0851d73f4d
s3:smbd: filter out SMB2 specific private query info levels for SMB1
...
metze
2009-07-12 17:07:34 +02:00
Stefan Metzmacher
0ba532e1b2
s3:smbd: make smbd_do_qfilepathinfo() non static for use in SMB2
...
metze
2009-07-12 16:55:22 +02:00
Stefan Metzmacher
ee690df294
s3:smbd: split calculation and mashalling of file index and access_mask
...
metze
2009-07-12 16:54:46 +02:00
Stefan Metzmacher
8422e03233
s3:smbd: split out smbd_do_qfilepathinfo() from call_trans2qfilepathinfo()
...
This prepares SMB2 GetInfo.
metze
2009-07-12 16:54:29 +02:00
Stefan Metzmacher
20bc933c5b
s3:smbd: add missing return after reply_nterror()
...
metze
2009-07-12 16:42:43 +02:00
Jeremy Allison
2000421c59
Remove reply_unixerror() - no longer needed. Should make Metze's refactoring a lot easier.
...
Jeremy.
2009-07-10 18:23:00 -07:00
Jeremy Allison
361aa19e69
Add hash values to the xattr ACLS to determine when
...
an underlying POSIX ACL is changed out from under us.
Passes RAW-ACL test up to "invalid owner" problem when
trying to create a file owned by Everyone. Now needs
porting to modules/vfs_acl_tdb.c
Jeremy.
2009-07-10 15:50:40 -07:00
Volker Lendecke
afc6f607d5
Return 0 domains from enum_trusteddoms
2009-07-10 22:01:56 +02:00
Volker Lendecke
d8556bbf13
Quieten events and tldap debug messages
2009-07-10 22:01:56 +02:00
Tim Prouty
4e516fb191
s3 smb2: Remove unused variable
2009-07-10 12:04:38 -07:00
Volker Lendecke
3969f65aaa
Fix&Run local-gencache
2009-07-10 18:16:46 +02:00
Volker Lendecke
0a0bff353e
Fix our base64 implementation for blobs of length 4....
...
The additional length check bit us exactly at 4, removing it. The
torture test survives valgrind up to 2000 bytes :-)
2009-07-10 18:16:46 +02:00
Stefan Metzmacher
67c7b7f90b
s3:smbd: add support for SMB2 Lock
...
metze
2009-07-10 12:24:25 +02:00
Stefan Metzmacher
8d534d45a5
s3:smbd: make smbd_do_locking() non static
...
metze
2009-07-10 12:24:24 +02:00
Stefan Metzmacher
598a9892bc
s3:smbd: abstract the main locking logic from the LockingAndX parsing
...
This prepares SMB2 Lock support.
metze
2009-07-10 12:24:24 +02:00
Stefan Metzmacher
be1e5493c5
s3:smbd: pass down the client pid to smbd_smb2_lock_send()
...
metze
2009-07-10 12:24:24 +02:00
Stefan Metzmacher
24c8e786bc
s3:smbd: fix parsing of SMB2 Lock requests with lock_count > 1
...
We should not reuse the variable 'i'.
metze
2009-07-10 12:24:23 +02:00
Stefan Metzmacher
12ed9ca36a
s3:smbd: fix parsing of invalid SMB2 requests.
...
Because of 0 - 2 => 0xFFFFFFFE, we got EMSGSIZE
from the tstream layer. And terminate the transport
connection. Instead we should let the caller deal with
the invalid parameter, when checking the body size.
So the caller always gets at least a 2 byte body.
metze
2009-07-10 12:24:23 +02:00
Volker Lendecke
db1e582568
Attempt to fix the build -- jlayton, please check!
2009-07-10 12:00:11 +02:00
Jeff Layton
8d1b061b51
cifs.upcall: use pid value from kernel to determine KRB5CCNAME to use
...
If the kernel sends the upcall a pid of the requesting process, we can
open that process' /proc/<pid>/environ file and scrape the KRB5CCNAME
value out of it.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
2009-07-09 21:04:08 -04:00
Tim Prouty
f1fad2efe4
s3: Fix two arguments that broke when plumbing smb_filneame through dos_mode()
2009-07-09 15:56:53 -07:00
Volker Lendecke
c624a704be
Make escape_ldap_string take a talloc context
2009-07-09 22:25:29 +02:00
Andrew Bartlett
2481ce8942
s4:dsdb Allow unicodePwd to be set when adding a user
...
Windows 7 sets it's join password using the unicodePwd attribute (as a
quoted, utf16 string), and does so during the LDAPAdd of the object.
Previously, this code only handled unicodePwd for modifies.
Andrew Bartlett
2009-07-09 14:56:14 +10:00
Andrew Bartlett
2c873c4353
Add const
2009-07-09 14:56:14 +10:00
Tim Prouty
fbaa8497a5
s3: Repace a char * with an smb_filename struct in reply_rmdir
2009-07-08 21:36:04 -07:00
Tim Prouty
02aad05e0e
s3: Prepare open.c to switch fsp_name to an smb_filename struct
2009-07-08 21:36:04 -07:00
Tim Prouty
dcc97c5ad7
s3 plumb smb_filename through smb_set_file_allocation_info()
2009-07-08 21:36:04 -07:00
Tim Prouty
3a7d372e2e
s3: Change the share_mode_lock struct to store a base_name and stream_name
2009-07-08 21:36:04 -07:00
Tim Prouty
83e5ac5695
s3: Make some arguments to (parse|unparse)_share_modes() const
2009-07-08 21:36:04 -07:00
Tim Prouty
161e182b65
s3: Remove is_ntfs_stream_name() and split_ntfs_stream_name()
...
Actually I moved split_ntfs_stream_name into torture.c which is the one
consumer of it. This could probably be changed at some point.
2009-07-08 21:36:04 -07:00
Tim Prouty
1a1d10d22f
s3: Plumb smb_filename through dos_mode() and related funtions
2009-07-08 21:36:03 -07:00
Tim Prouty
69c8795b67
s3: convert unix_mode to take an smb_filename
2009-07-08 21:36:03 -07:00
Jeremy Allison
400c18a8c4
Rename update_stat_ex_writetime() -> update_stat_ex_mtime()
...
to better describe what we're doing here.
Jeremy
2009-07-08 18:05:30 -07:00