1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

61240 Commits

Author SHA1 Message Date
Jeremy Allison
8f42b8431e s3: smbd: Allow fchmod from the NFS-style mode ACL in set_nt_acl() for a SMB2 POSIX handle.
To set a mode, send a one-element ACL.

Pair-Programmed-With: Ralph Boehme <slow@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 27 19:31:01 UTC 2023 on atb-devel-224
2023-11-27 19:31:01 +00:00
Ralph Boehme
631e6aa0d0 smbd: bring back "smb3 unix extensions" option
This basically reverts commit b3cae8dcf1
with a few important differences:

* SMB3 UNIX extensions are always built, but disabled by default at runtime.

* They are globally enabled in the fileserver test environment.

* It's now a per-share option, so admins can selectively disable them
  on a per-share basis. This allows clients to detect early that a share
  doesn't support user mount requested POSIX and fail appropiately, passing
  the failure to the requesting application (mount command).

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
b124c2e182 smbd: factor out smb2_negotiate_context_process_posix()
No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
6e300ef731 smbd: tweak POSIX check in smbd_do_qfilepathinfo()
This check is only needed for SMB2, so check for that, and in the SMB2 codepath
we'll always have a valid fsp, so we can drop that check.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
55d98b29eb smbd: check is POSIX is enabled on the fsp in fsinfo_unix_valid_level()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
01022d036f smbd: pass fsp to fsinfo_unix_valid_level()
We need the fsp down in fsinfo_unix_valid_level(), pass it down.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
bca6f0298f smbd: pass fsp to smbd_do_qfsinfo()
We need the fsp down in fsinfo_unix_valid_level(), start passing it down.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Ralph Boehme
3f73bb591c smbd: leave comment on broken SMB1 POSIX open handling of SMB_O_DIRECT
Since e0814dc508 the passed in attributes get
replaced by the mode in create_file_default().

As FILE_FLAG_NO_BUFFERING is never checked when doing the final IO, it doesn't
really matter.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-27 18:31:35 +00:00
Björn Jacke
5e925f9755 dosmode: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-27 01:12:40 +00:00
Volker Lendecke
f955d9aa49 smbd: Fix Coverity ID 1499372 Uninitialized scalar variable
This is real.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 21 18:33:51 UTC 2023 on atb-devel-224
2023-11-21 18:33:51 +00:00
Volker Lendecke
bc0df4fd97 winbind: Fix Coverity ID 1398910
Coverity isn't smart enough for talloc

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-21 17:34:36 +00:00
Volker Lendecke
66a8a4f02e utils: Fix Coverity ID 240113
Not a leak, but Coverity does not understand talloc well enough.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-21 17:34:36 +00:00
Volker Lendecke
2651a7b03d smbd: Fix/remove a comment that became irrelevant
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-21 17:34:36 +00:00
Volker Lendecke
7c5380c958 smbd: Fix a comment
See 84cf205ff4

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-21 17:34:36 +00:00
Volker Lendecke
af69ea73a4 smbd: Convert a void* into the real DIR*
Not sure why this was a void*

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-11-21 17:34:36 +00:00
Andreas Schneider
8863d84d53 s3:rpc_client: Remove unused rpccli_lsa_open_policy2()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Nov 21 12:21:18 UTC 2023 on atb-devel-224
2023-11-21 12:21:18 +00:00
Andreas Schneider
417c8180c4 s3:winbind: Always close the policy handle we opened
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
05a006fab9 s3:winbind: Use dcerpc_lsa_open_policy_fallback() in winbindd_cm.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
6b6a88cddd s3:utils: Use any_nt_status_not_ok() in rpc_rights_grant_internal()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
28e7a754c8 s3:utils: Use goto to close the policy in rpc_rights_grant_internal()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
e5abb584b6 s3:utils: Use dcerpc_lsa_open_policy_fallback() in net_rpc_rights.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
5b3e562006 s3:utils: Use dcerpc_lsa_open_policy_fallback() in net_rpc.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
48fe294e51 s3:rpcclient: Use dcerpc_lsa_open_policy_fallback() in cmd_lsarpc.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
367b946a34 s3:rpcclient: Remove trailing white spaces from cmd_lsarpc.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
4f7c395cd3 s3:libnetapi: Use dcerpc_lsa_open_policy_fallback() in localgroup.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
bea13a02d4 s3:utils: Use dcerpc_lsa_open_policy_fallback() in net_rpc_trust.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
070cfeae52 s3:rpc_server: Use dcerpc_lsa_open_policy_fallback() for netlogon
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
0db702322c s3:rpc_client: Implement dcerpc_lsa_open_policy_fallback()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
aecd73becc s3:rpc_client: Implement dcerpc_lsa_open_policy3()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
d18ce28905 s3:rpc_server: Implement _lsa_OpenPolicy3()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-11-21 11:16:37 +00:00
Stefan Metzmacher
5c72df15a8 lsa.idl: Add new functions and types
[MS-LSAD] got new functions in order to use AES encryption
and other security related features.

For our servers we still pretent we don't
know about the new functions and return DCERPC_FAULT_OP_RNG_ERROR.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-11-21 11:16:37 +00:00
Andreas Schneider
9621a3d7a6 Use python.h from libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 15:37:33 +00:00
Günther Deschner
1fd0689f0e s3-winreg: fix _winreg_EnumValue behavior
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Günther Deschner
9501dbeeb1 s3-rpcclient: add winreg_enumval command
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Björn Jacke
55d895dc42 profile: issues info message with lower log level
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Björn Jacke
72f20311ac source3/nmbd/nmbd.c: use DBG_STARTUP_NOTICE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Björn Jacke
159cfde446 logging: use DBG_STARTUP_NOTICE for startup message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Björn Jacke
b7631bf603 lib/util: move copyright define to copyright.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Anoop C S
19105f51d0 vfs_ceph: Fix some uninitialized structs and pointers
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Nov 17 18:04:43 UTC 2023 on atb-devel-224
2023-11-17 18:04:43 +00:00
MikeLiu
88174f48d2 vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble()
adouble_path() inside fruit_unlink_rsrc_adouble() prepend "._" to a basename,
lenth of apple double filename will exceed NAME_MAX if length of basename
is equal to NAME_MAX (or NAME_MAX-1).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15504

Signed-off-by: MikeLiu <mikeliu@qnap.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Nov 17 11:07:01 UTC 2023 on atb-devel-224
2023-11-17 11:07:01 +00:00
Björn Jacke
1edf9ecaf5 posix_acls.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Thu Nov 16 22:39:05 UTC 2023 on atb-devel-224
2023-11-16 22:39:05 +00:00
Björn Jacke
b250f25fe4 open.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
4227b011f6 vfs_recycle.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
92278418dc vfs_posix_eadb.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
62464bd2db vfs_default.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
0e3836e396 vfs_acl_xattr.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
12734848dc vfs_acl_common.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
06e5c1e32e nfs4_acls.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
944cb51506 token_util.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:38 +00:00
Björn Jacke
c1e2fbb1b9 dosmode.c: prefer use of capabilities at two places over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2023-11-16 21:38:37 +00:00