IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Without this the changed checks in can_delete_file_in_directory give DELETE
access where there is none. So we can end up granting the ntcreate&x preparing
the unlink where we should not, which leads to a NT_STATUS_ACCESS_DENIED at
close time later, which in turn does *not* give the access denied error message
in the Windows GUI.
can_delete_file_in_directory will grant access now by looking at the directory
permissions.
(This used to be commit 51b5364c2afb3a18df4bec2bc1624760ccc01676)
Did not measure it, but I think a single write is better than a read and a
conditional branch
(This used to be commit abe1bed665ad8d1dbf9177dcbb9344b25df9594c)
ACL interface inside the VFS modules. Will help when moving
to storing NT ACLs.
Jeremy.
(This used to be commit b08ea48f883d1b000f6364c1ff8f62bc25741244)
Coverity ID 545 falsely classified this as a NULL dereferencing bug.
By putting the loop of walking the list of aces more naturely not using
additional counters, it becomes much more obvious that it is not entered
when dir_ace == NULL.
The same modifications are done for the file_ace loop.
Michael
(This used to be commit 6dab6cf0647d7db01e5e472f8b5cf21395b7dbf0)
NT ACL into a POSIX one, if the group being set is the primary group
of the file, map it into a SMB_ACL_GROUP_OBJ, not a SMB_ACL_GROUP.
Otherwise we get an extra bogus group entry in the POSIX ACL.
Jeremy.
(This used to be commit 4d302254fdfce2c267cf6b21f662d5aa2dc9c72c)
Up to now, get_nt_acl() took a files_struct pointer (fsp) and
a file name. All the underlying functions should need and now
do need (after the previous preparatory work), is a connection_struct
and a file name. The connection_struct is already there in the
vfs_handle passed to the vfs functions. So the files_struct
argument can be eliminated.
This eliminates the need of calling open_file_stat in a couple
of places to produce the fsp needed.
Michael
(This used to be commit b5f600fab53c9d159a958c59795db3ba4a8acc63)
Replace smbd/posix_acls.c:get_nt_acl() by two funcions:
posix_get_nt_acl() and posix_fget_nt_acl(). The first
takes a connection struct and a file name instead of a
files_struct pointer. This is in preparation of changing
the vfs api for SMB_VFS_GET_NT_ACL.
Michael
(This used to be commit 50c82cc1456736fa634fb656e63555319742f725)
Convert canonicalise_acl() to take connection_struct, is_directory
and file name instead of files_struct pointer.
Michael
(This used to be commit d579a7f84fd47a3f00215725cecd65b21a5ff2e0)
Convert ensure_canon_entry_valid() to take share_params and an is_directory
flag instead of an files_struct pointer.
Michael
(This used to be commit bdb208124bd703edee03ac4d2a4ec45ecdfc135e)
This is a first change in a series: Pass what is needed instead of files_struct
pointers to some functions. This is in preparation of introducing two variants
of get_nt_acl - one for fname (which does not need an fsp), one for file
descriptor.
This changes apply_default_perms to take share_params (rather thatn snum)
and an is_directory flag instead of an fsp.
Michael
(This used to be commit d7e2e93758f6598a0459db3255300558618f066e)
The three can_* access check functions in smbd/posix_acls.c that are used in
smbd/open.c and smbd/nttrans.c explicitly called check_posix_acl_group_access()
This lead to errors with nfsv4 acls (ZFS and GPFS).
This changes the can_* functions to get the nt_acl via VFS layer and call
se_access_check on that. It also removes check_posix_acl_group_access()
which has no more callers.
NOTE: The can_* functions should really not be in smbd/posix_acls.c but
in a separate file (I propose smbd/access.c).
Michael
(This used to be commit 6f961a23de745aba5dcd4585b731e651b8cbeef4)
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
Why? It moves these structs from the data into the text segment, so they
will never been copy-on-write copied. Not much, but as in German you say
"Kleinvieh macht auch Mist...."
(This used to be commit 0141e64ad4972232de867137064d0dae62da22ee)
the main server code paths. We should now be able to cope with
paths up to PATH_MAX length now.
Final job will be to add the TALLOC_CTX * parameter to
unix_convert to make it explicit (for Volker).
Jeremy.
(This used to be commit 7f0db75fb0f24873577dcb758a2ecee74fdc4297)
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b)
/usr/include/sys/acl.h:#define acl_type acl_common.entry_type
was the problem...
metze
(This used to be commit 8557b8b570ac8f8d3d14aaeb894c8b3532558736)
that contains some of the fields from the SMB header, removing the need
to access inbuf directly. This right now is used only in the open file
code & friends, and creating that header is only done when needed. This
needs more work, but it is a start.
Jeremy, I'm only checking this into 3_0, please review before I merge it
to _26.
Volker
(This used to be commit ca988f4e79e977160d82e86486972afd15d4acf5)
You don't want to know what I discovered about Windows
ACLs to make this work :-(. See :
http://www.codeproject.com/win32/accessctrl2.asp
Search for "Q. How does Inheritance come into this?"
for details.
Jeremy.
(This used to be commit e1d3a80d2bff2e3540637fd741fc149eeca5fb9d)
return to correctly return NT_STATUS_INVALID_OWNER if it
should be disallowed. Matches better what W2K3R3 does.
NFSv4 ACL module owners, please examine these changes.
Jeremy.
(This used to be commit fc6899a5506b272f8cd5f5837ca13300b4e69a5f)
memory leak I introduced into acl code, also remove
redundent extra check for global_sid_System :
global_sid_System == S-1-5-18 which is already
included in the check for a domain of
global_sid_NT_Authority == S-1-5
Jeremy.
(This used to be commit 10649540ac11e679997f414d4a6b12d057bd7913)
