1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

819 Commits

Author SHA1 Message Date
Jeremy Allison
8303bc49a4 Restructure the connect function code to always call
down to NEXT-> before initializing. This allows us to
do cleanup (by calling DISCONNECT) if initialization
fails. Also fix vfs_acl_xattr which was failing to
call the NEXT connect function.
Jeremy.
2009-11-30 15:53:04 -08:00
Volker Lendecke
69a68208bd s3: Restore "fake directory create times" as a share parameter 2009-11-29 11:22:05 +01:00
Volker Lendecke
e71c17b2b0 s3: "copy_reg" only looks at mode, uid, gid, atime and mtime (no birthtime) 2009-11-29 11:22:05 +01:00
Volker Lendecke
224691aa53 s3: Pass up fake_dir_create_times from atalk_build_paths
The callers only look at the mode
2009-11-29 11:22:04 +01:00
Volker Lendecke
44ce5603dd s3: Pass the "fake dir create times" parameter to sys_*stat
Step 0 to restore it as a per-share paramter
2009-11-29 11:22:01 +01:00
Jeremy Allison
7ed6f9f096 Fix bug 6892 - When a chown operation is issued via Windows Explorer, all ACLS are wiped out.
Merges existing DACLs when a ACL set operation comes in with only owner or group values set.
Jeremy.
2009-11-25 10:20:38 -08:00
Volker Lendecke
5c4885a26b Revert "s3: Make the implicit reference to Protocol in is_in_path() explicit"
This reverts commit f7b4151a64.
2009-11-23 16:35:00 +01:00
Volker Lendecke
0f8e2a6ebb Revert "s3: Move the global variable Protocol to struct smbd_server_connection"
This reverts commit c85a4c9ba4.
2009-11-23 16:34:59 +01:00
Volker Lendecke
c85a4c9ba4 s3: Move the global variable Protocol to struct smbd_server_connection 2009-11-21 20:49:17 +01:00
Volker Lendecke
f7b4151a64 s3: Make the implicit reference to Protocol in is_in_path() explicit 2009-11-21 20:49:17 +01:00
Volker Lendecke
d1c34d4054 s3: Replace some create_synthetic_smb_fname() calls
In very hot codepaths like the statcache copy_smb_filename and the subsequent
recursive talloc_free is noticable in the CPU load.
2009-11-18 23:16:13 +01:00
Volker Lendecke
f6650f5d19 s3: Do not talloc in readdir
This is a hot codepath (called from the stat cache)
2009-11-18 23:16:13 +01:00
Jeremy Allison
a770caed0f Remove "store create time" code, cause create time to be stored
in the "user.DOSATTRIB" EA. From the docs:
In Samba 3.5.0 and above the "user.DOSATTRIB" extended attribute has been extended to store
the create time for a file as well as the DOS attributes. This is done in a backwards compatible
way so files created by Samba 3.5.0 and above can still have the DOS attribute read from this
extended attribute by earlier versions of Samba, but they will not be able to read the create
time stored there. Storing the create time separately from the normal filesystem meta-data
allows Samba to faithfully reproduce NTFS semantics on top of a POSIX filesystem.
Passes make test but will need more testing.
Jeremy.
2009-11-17 14:55:02 -08:00
Jeremy Allison
a8769e6675 Second part of bugfix for 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs are removed.
We also need dos filemode = true set as well.
Jeremy.
2009-11-11 18:35:18 -08:00
Michael Adam
73860163e7 s3:vfs_fs_capabilities: fix a debug message
Michael
2009-11-11 14:50:17 +01:00
Jeremy Allison
bd2ffb1c7a Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs are removed.
Jeremy.
2009-11-06 21:53:07 -08:00
Björn Jacke
51cb96271b s3: add support for full windows timestamps resolution on files
setting nanosecond timestamps using utimensat() was first supported by Linux
kernel 2.6.22 and glibc 2.6. It's specified in POSIX.1-2008.

This effectively makes us use Windows' full 100ns timestamp resolution -
actually just an improvement from 10^-6 to 10^-7.

For now Linux CIFS vfs will also just be able to make use of 100ns resolution,
not 1ns.
2009-11-04 15:54:51 +01:00
Jeremy Allison
921aa99b37 Start fixing the RAW-STREAMS test - ensure that the xattr
used to store the stream info in streams_depot.so is not
seen in when enumerating EAs.
Jeremy.
2009-10-29 16:14:12 -07:00
Barry Sabsevitz
3054fe46d9 Fix bug 6802 - A created folder does not properly inherit permissions from parent. 2009-10-23 11:50:29 -07:00
Jeremy Allison
f1d9960284 Add comment explaining about symlink following & posix.
Jeremy.
2009-10-16 18:13:06 -07:00
Jeremy Allison
ea3c077236 Last 2 VFS_STAT -> LSTAT fixes I can see in the modules code.
Jeremy.
2009-10-16 17:20:40 -07:00
Jeremy Allison
010dfbf1fd Fix one missing STAT -> LSTAT with POSIX pathnames in vfs_xattr_tdb.c. Caught by the torture tester. I love unit tests :-). Jeremy. 2009-10-16 16:38:59 -07:00
Andrew Tridgell
6e48aad3be s3: Fix vfs_shadow_copy2 to allow in-path @GMT-xxx 2009-10-13 20:34:24 +02:00
Abhidnya P Chirmule
ac774c4969 s3: Add access_mask to the flock VFS call 2009-10-06 18:52:06 +02:00
Jeremy Allison
6f22cd10ad Remove lots of duplicate code and move it into one
function vfs_stat_fsp(). Stops code looking at fsp->posix_open
except for exceptional circumstances.
Jeremy.
2009-10-02 13:45:38 -07:00
Jeremy Allison
1e322cf6a9 Fix more use of VFS_STAT when posix pathnames selected.
Jeremy.
2009-10-02 11:05:03 -07:00
Jeremy Allison
ce791d6645 Fix bug #6769 - symlink unlink does nothing.
Always use LSTAT for POSIX pathnames.
Jeremy.
2009-10-01 16:54:06 -07:00
Christian Ambach
de0f3b657d changed debuglevel for two messages in the GPFS module from 0 to 10 they spammed the logs on a test machine and they are just debug messages, so let's move them to the level of the other debug messages in the file
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
2009-09-28 16:37:28 +02:00
Matthias Dieter Wallnöfer
506b0b6435 s3:vfs_default - correct function parameters 2009-09-24 23:49:41 +02:00
Steven Danneman
60433b154d s3 onefs: Fix 1 second share mode delay handling
When racing to the open and loosing we may get a share_mode violation.
In this case handle the 1-second delay via a defferred open properly.

This requires us to retrieve the share_mode_lock before deferring
open so we don't dereference a NULL pointer assuming we already had
the lck because we were the first opener.
2009-09-24 11:31:35 -07:00
Steven Danneman
74c0a7a1d3 s3 onefs: Fix a race condition exists in onefs_open.c between multiple opens to the same file.
Two openers can stat a file at the same time, see that it doesn't exist,
and then both race to open it first.  The loser will enter
onefs_open_file_ntcreate believing that the file doesnt exist, and thus
skip any current state lookups for that file.  This includes setting
the file_id, and having a valid stat buffer.

Normally on first create the file_id will be set during the open, but
the second opener in this scenario may fail the open (oplock/share mode)
and file_id will not be set, nor will the stat buffer be valid.

In the error paths of this patch, we now double check that the file_id
and the stat buffer are valid before doing other operations.
2009-09-24 11:31:21 -07:00
Zack Kirsch
5e9aade516 s3 onefs: Add some debugging/asserts to give more info when there is bad deferred open state.
Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-09-24 11:19:00 -07:00
Tim Prouty
86b1a4cb86 s3: Add more helpful debugging to some of the streams code 2009-09-24 10:59:33 -07:00
Aravind Srinivasan
32ee976708 vfs catia: Fix a NULL dereference when CATIA is loaded with no mappings specified.
When we use the CATIA vfs module and don't have any mapping specified,
we return NULL for the mapped_name, thereby resulting in segfaults.
When we don't have catia mapping, we should just use the old name
instead of returning NULL for the mapped_name.

Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-09-24 10:59:33 -07:00
Aravind Srinivasan
637901c242 vfs catia: Fix the double translation that was happening with createfile and open.
Since the catia translation is implemented for open, it should not
also be done in createfile.  By removing createfile from catia,
translation is now done correctly for the primary open path.

In order to support systems that have custom createfile
implementations that don't eventually call SMB_VFS_OPEN,
SMB_VFS_TRANSLATE_NAME has been expanded to take an additional
argument that specifies direction.

Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-09-24 10:59:33 -07:00
Aravind Srinivasan
c870043b27 vfs catia: Fix a possible NULL dereference
Also free some unfreed memory.

Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-09-24 10:59:33 -07:00
Volker Lendecke
50f248a06c s3: Forgot to check in one build failure for vfs_gpfs.c 2009-09-24 13:11:46 +02:00
Volker Lendecke
69447de175 s3: Remove an unused variable 2009-09-24 13:11:46 +02:00
Volker Lendecke
568f818a0f s3: Make the vfs_gpfs compile at least
Not sure whether it works in this state :-)
2009-09-24 12:55:14 +02:00
Volker Lendecke
44674efc81 s3:smbd: Attempt to fix the build on HP/UX 2009-09-18 03:42:45 +02:00
Abhidnya Chirmule
277597de85 To set file create/birth time in GPFS. Signed-off-by: Abhidnya Chirmule <achirmul@in.ibm.com> 2009-09-17 02:24:13 +02:00
Volker Lendecke
919559573c s3:vfs: Fix the build of vfs_tsmsm after the VFS rewrite 2009-09-17 02:07:11 +02:00
Volker Lendecke
444a05c28d s3: Fix reading beyond the end of a named stream in xattr_streams
This was found thanks to a test by Sivani from Microsoft against Samba at the
SDC plugfest
2009-09-16 03:42:36 +02:00
Volker Lendecke
00d7aad85a s3: Add some debugs to streams_xattr 2009-09-16 03:42:36 +02:00
Volker Lendecke
e94361e1e2 s3:vfs_catia: Make some fns static 2009-09-14 22:48:45 +02:00
Volker Lendecke
d3a6914e3b s3:vfs_catia: Use talloc_zero for simplification 2009-09-14 22:48:45 +02:00
Volker Lendecke
9dae2501f1 s3:vfs_modules: Fix Coverity ID 946: OVERRUN_STATIC
Tim, please check!
2009-09-14 22:48:45 +02:00
Volker Lendecke
0f65d33502 s3: Test short reads in the build farm 2009-09-14 07:13:22 +02:00
Jeremy Allison
f20c2e0fd4 Fix compile in a usually non-selected define.
Jeremy.
2009-09-09 13:54:47 -07:00
Aravind Srinivasan
ad88284038 s3: Major revamp for catia vfs module
This patch builds out catia to allow fully configurable mappings,
including mappings from single byte to multi-byte characters.
Additionally, a much more complete list of vfs operations are now
covered.

Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-08-28 16:38:57 -07:00
Aravind Srinivasan
e046b382f2 s3: Add a new VFS op called SMB_VFS_TRANSLATE_NAME
This vop is designed to work in tandem with SMB_VFS_READDIR to allow
vfs modules to make modifications to arbitrary filenames before
they're consumed by callers.  Subsequently the core directory
enumeration code in smbd is now changed to free the memory that may be
allocated in a module.  This vop enables the new version of catia in
the following patch.

Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-08-28 16:38:57 -07:00
Stefan Metzmacher
09fe57923a s3:streams: check for :$DATA only in the backend (fix bug #6642)
We need to allow "\\$Extend\\$Quota:$Q:$INDEX_ALLOCATION" to pass
check_path(), so that the Quota Dialog works.

metze
2009-08-27 16:45:40 +02:00
tprouty
17829cbc82 s3 onefs: Canonicalize the ACL in the correct order 2009-08-26 10:41:55 -07:00
tprouty
3ad9d108a7 s3: Allow full_audit to play nice with smbd if it's using syslog
Explictly pass the facility from both smbd and full_audit to syslog.
Really the only major change is to not call openlog() in full_audit if
WITH_SYSLOG is defined, which implies that smbd is already using
syslog.  This allows full audit to piggy-back on the same ident as
smbd, while still differentiating the logging via the facility.
2009-08-26 10:41:54 -07:00
tprouty
22ee1cd7db s3 audit: Change create_file in full_audit to print whether a directory or file was requested
full_audit will now print out whether the createfile was requested for
a file or directory.  The create disposition is also printed out.
2009-08-26 10:41:54 -07:00
Jeremy Allison
c69f92d16d Second attempt at fix for bug 6529 - Offline files conflict with Vista and Office 2003.
Confirmation from reporter that this fixes the issue in master on ext3/ext4.
Back-ports to follow.
Jeremy.
2009-08-24 20:57:37 -07:00
Volker Lendecke
c54a8db006 Make refusal of SEC_DESC_DACL_PROTECTED configurable
This adds a parameter "gpfs:refuse_dacl_protected" that defaults to false.

GPFS has no place to store the SEC_DESC_DACL_PROTECTED ACL bit. With this
parameter we give customers an option to either ignore this bit or refuse
setting an ACL with it.
2009-08-19 11:39:44 +02:00
Jeremy Allison
a023b6c64b Use defined names rather than numeric constants to make code
clearer.
Jeremy.
2009-08-14 15:06:11 -07:00
Michael Adam
12864ffd51 gpfs.so: map the file_inherit and dir_inherit flags away for files
GPFS sets inherits dir_inhert and file_inherit flags
to files, too, which confuses windows, and seems to
be wrong anyways.

So when mapping a nfs4 acl to a windows acl, we map these
flags away for files.

Michael
2009-08-14 23:23:20 +02:00
Jeremy Allison
d91edeaa94 When mapping EA's into a TDB, don't remove the EA
until the last link to the file is gone (fixes the
build farm RAW-RENAME test with xattr's in tdb's).
Jeremy.
2009-08-12 16:27:17 -07:00
Jeremy Allison
d6270df748 Add "store create time" parameter (docs to follow)
that stores the create time in the user.DosTimestamps EA.
Jeremy.
2009-08-12 13:00:54 -07:00
Jeremy Allison
1ddd10b56a Fix some warnings in the AIX ACL code.
Jeremy.
2009-08-12 10:58:00 -07:00
Jeremy Allison
d296c774c5 Move the checks for null timestamps down below the VFS_NTIMES
layer (as it's done in onefs). This simplifies greatly the
code in smb_set_file_time() w.r.t. changenotify messages.
Jeremy.
2009-08-07 12:38:31 -07:00
Alexander Bokovoy
20d93b5b60 Fix breakage for connect function after API change (connect -> connect_fn) 2009-08-02 20:31:19 +03:00
Tim Prouty
9b461ad7eb s3: Attempt to fix hpuxacl module 2009-07-29 10:12:23 -07:00
Volker Lendecke
94a139afe5 shadow_copy2: The system getrealfilename() can't deal with a 0-length fname
This fixes viewing the content of snapshots in the share root directory. We
have to treat the filename that *just* consists of "@GMT-YYYY.MM.DD-HH.MM.SS"
like the share root, which is the current working directory.
2009-07-29 06:28:50 -04:00
Jeremy Allison
9297b975f5 Fix the build breakage by #including modules/vfs_acl_common.c
into acl_tdb and acl_xattr. Duplicates the code size, but keeps
the code in common so I don't have to do bug fixes in two places
(which is what I really cared about).
Jeremy.
2009-07-27 12:09:40 -07:00
Volker Lendecke
b9756de20a Cleanup patch after "new VFS" 2009-07-25 13:12:08 -04:00
Volker Lendecke
db5d3465ab Cleanup patch after "struct stat_ex" 2009-07-25 13:12:06 -04:00
Tim Prouty
247a77a422 s3 onefs: Fix the onefs modules after the big refactoring 2009-07-24 18:46:07 -07:00
Jeremy Allison
ff547a23ae Factor out common code into vfs_acl_common.c.
Jeremy.
2009-07-24 17:06:41 -07:00
Jeremy Allison
c472bca42c Make acl_tdb match acl_xattr. Large duplication of
code here needs tidying up. Compiles but not yet tested.
Jeremy.
2009-07-24 14:47:52 -07:00
Jeremy Allison
1bab4fdaaf Fix hash function in acl_xattr to be SHA256, make
the hash function selectable. Upgrade version.
Compiles but not fully tested yet (coming). Make
vfs_acl_tdb.c compile - this needs updating to
match acl_xattr (also coming soon).
Jeremy.
2009-07-24 14:09:42 -07:00
Volker Lendecke
d2403dc231 Move the "enum _vfs_op_type" to full_audit
It's only used there now. Someone should now go in and simplify full_audit...
:-)
2009-07-24 11:42:05 -04:00
Volker Lendecke
033185e2a1 Make the smbd VFS typesafe 2009-07-24 11:42:05 -04:00
Volker Lendecke
68028a73b6 Some more VFS type errors 2009-07-24 02:16:17 +02:00
Volker Lendecke
19245509fc Fix some C++ warnings 2009-07-24 02:15:28 +02:00
Tim Prouty
23c703a01e s3: Remove unnecessary callers of get_full_smb_filename
This often times means explicitly denying certain operations on a stream
as they are not supported or don't make sense at a particular level.  At
some point in the future these can be enabled, but for now it's better to
remove ambiguity
2009-07-21 12:04:59 -07:00
Tim Prouty
c9b8a01714 s3: Finish plumbing the fsp->fsp_name smb_fname conversion through the modules. 2009-07-20 17:26:57 -07:00
Volker Lendecke
ce378e7c51 Fix a few type errors in VFS modules 2009-07-19 02:36:59 +02:00
Christian Ambach
bd58a14617 reject ACLs with DESC_DACL_PROTECTED on GPFS
as GPFS does not support the ACE4_FLAG_NO_PROPAGATE NFSv4 flag (which would be the mapping for the DESC_DACL_PROTECTED flag), the status of this flag is currently silently ignored by Samba. That means that if you deselect the "Allow inheritable permissions..." checkbox in Windows' ACL dialog and then apply the ACL, the flag will be back immediately.

To make sure that automatic migration with e.g. robocopy does not lead to ACLs silently (and unintentionally) changed, this patch adds an explicit check for this flag and if set, it will return NT_STATUS_NOT_SUPPORTED so errors are shown up on the Windows side and the Administrator is aware of the ACLs not being settable like intended

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
2009-07-14 09:21:26 +02:00
Jeremy Allison
361aa19e69 Add hash values to the xattr ACLS to determine when
an underlying POSIX ACL is changed out from under us.
Passes RAW-ACL test up to "invalid owner" problem when
trying to create a file owned by Everyone. Now needs
porting to modules/vfs_acl_tdb.c
Jeremy.
2009-07-10 15:50:40 -07:00
Tim Prouty
02aad05e0e s3: Prepare open.c to switch fsp_name to an smb_filename struct 2009-07-08 21:36:04 -07:00
Tim Prouty
3a7d372e2e s3: Change the share_mode_lock struct to store a base_name and stream_name 2009-07-08 21:36:04 -07:00
Tim Prouty
161e182b65 s3: Remove is_ntfs_stream_name() and split_ntfs_stream_name()
Actually I moved split_ntfs_stream_name into torture.c which is the one
consumer of it.  This could probably be changed at some point.
2009-07-08 21:36:04 -07:00
Tim Prouty
1a1d10d22f s3: Plumb smb_filename through dos_mode() and related funtions 2009-07-08 21:36:03 -07:00
Tim Prouty
69c8795b67 s3: convert unix_mode to take an smb_filename 2009-07-08 21:36:03 -07:00
Tim Prouty
dad9131183 s3 onefs: Fix a few bugs from the smb_filename migration 2009-07-07 21:33:48 -07:00
Volker Lendecke
5ab0677b45 Attempt to fix the build of vfs_catia.c -- Tim, please check! 2009-07-07 20:43:21 +02:00
Tim Prouty
431e63cd8b s3: Update streaminfo implementations now that only base names are passed through the vfs 2009-07-06 15:38:47 -07:00
Tim Prouty
fd73ab5782 s3 audit: Fix a memory leak 2009-07-06 15:38:47 -07:00
Tim Prouty
3cb0e521e1 s3: Plumb smb_filename through SMB_VFS_NTIMES 2009-07-06 15:38:42 -07:00
Tim Prouty
f39232a8fb s3 catia: Remove pointless VOPs from catia 2009-07-06 15:38:41 -07:00
Tim Prouty
99bd4fda0c s3: Plumb smb_filename around SMB_VFS_CHFLAGS
SMB_VFS_CHFLAGS isn't actually getting the smb_filename struct for now
since it only operates on the basefile.  This is the strategy for all
path-based operations that will never actually operate on a stream.

By clarifying the meaning of path based operations that don't take an
smb_filename struct, modules that implement streams such as vfs_onefs
no longer need to implement SMB_VFS_CHFLAGS to ensure it's only called
on the base_name.
2009-07-06 15:38:41 -07:00
Tim Prouty
258952aa85 s3: Plumb smb_filename through SMB_VFS_UNLINK 2009-07-06 15:38:36 -07:00
Tim Prouty
133e915a81 s3 audit: Remove some recently introduced memory leaks in the audit modules 2009-07-06 15:38:36 -07:00
Tim Prouty
1b8ffb36b1 s3 audit: Remove the usesless static function declarations from the audit modules 2009-07-06 15:38:35 -07:00
Tim Prouty
e4a85da570 s3 onefs: Fix failure in POSIX smbtorture test
The return value of readlink was a bool instead of an int,
which caused the length of the returned value to never be
>1.
2009-07-06 15:38:35 -07:00
Tim Prouty
5a09ba460c s3: Plumb smb_filename through SMB_VFS_RENAME 2009-07-06 15:38:29 -07:00
Christian Ambach
5e7da42f6e do not merge ACEs with different SMB_ACE4_INHERIT_ONLY_ACE flag, this leads to wrong inheritance flags in the ACL e.g. (on GPFS) user:10000036:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly
 (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL  (X)READ_ATTR  (X)READ_NAMED
 (X)DELETE    (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED

group:10000005:rwxc:allow
 (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL  (X)READ_ATTR  (X)READ_NAMED
 (X)DELETE    (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED

group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly
 (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL  (X)READ_ATTR  (X)READ_NAMED
 (X)DELETE    (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED

would be merged to

user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly
 (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL  (X)READ_ATTR  (X)READ_NAMED
 (X)DELETE    (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED

group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly
 (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL  (X)READ_ATTR  (X)READ_NAMED
 (X)DELETE    (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED

so the explicit right for the user on the parent directory will be gone (the InheritOnly flag only accounts to subdirectories)
thus leaving the user without access to the directory itself

Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
2009-07-06 12:28:52 +02:00
Stefan Metzmacher
b292af0c38 s3:onefs_open: remove unused variable passed to parent_dirname()
metze
2009-07-01 12:53:41 +02:00
Tim Prouty
2ccd501220 s3 onefs: Plumb smb_filename through onefs createfile path 2009-06-25 18:25:47 -07:00
Volker Lendecke
6a66114f25 Add a \n to a debug message in smbacl4_nfs42win 2009-06-25 14:47:27 +02:00
Tim Prouty
e129384d7c s3: Plumb smb_filename through SMB_VFS_STAT and SMB_VFS_LSTAT
This patch introduces two new temporary helper functions
vfs_stat_smb_fname and vfs_lstat_smb_fname.  They basically allowed me
to call the new smb_filename version of stat, while avoiding plumbing
it through callers that are still too inconvenient.  As the conversion
moves along, I will be able to remove callers of this, with the goal
being to remove all callers.

There was also a bug in create_synthetic_smb_fname_split (also a
temporary utility function) that caused it to incorrectly handle
filenames with ':'s in them when in posix mode.  This is now fixed.
2009-06-24 21:15:25 -07:00
Tim Prouty
5eac92697e s3 onefs: Remove dfs resolution from create_file() now that it's being done at a higher level 2009-06-17 20:11:53 -07:00
Tim Prouty
4e3656b8d1 s3: Change SMB_VFS_OPEN to take an smb_filename struct
This was a little messy because of all of the vfs modules I had to
touch.  Most of them were pretty straight forward, but the streams
modules required a little attention to handle smb_filename.  Since the
use of smb_filename enables the vfs modules to access the raw,
over-the-wire stream, a little bit of the handling that was being done
by split_ntfs_stream_name has now been shifted into the individual
stream modules.  It may be a little more code, but overall it gives
more flexibility to the streams modules, while also allowing correct
stream handling.
2009-06-17 20:11:53 -07:00
Tim Prouty
5cfac1a1bd s3: Plumb smb_filename from create_file all of the way down to fd_open
I used the smb_filename struct everywhere that was feasible for the
first pass.  There are still some places in this path that need to be
changed to use smb_filename, but this is a good start.

I also:
- Removed fname/path arguments from a few functions that weren't
  really using them.
- Added a utility function for detecting whether an smb_filename is a
  stream.
2009-06-17 20:11:53 -07:00
Tim Prouty
537aa4cf51 s3 onefs: Fix reading over the end of the array, because the incorrect array was being read. 2009-06-15 14:11:39 -07:00
Tim Prouty
6f335036fd s3 onefs: Change onefs modules to use the new createfile api 2009-06-15 14:03:40 -07:00
Tim Prouty
04afa4b6b5 s3: Plumb smb_filename through SMB_VFS_CREATE_FILE 2009-06-12 16:14:50 -07:00
Tim Prouty
2481d8dcd0 s3: Remove unix_convert handling from createfile implementations 2009-06-10 13:13:27 -07:00
Volker Lendecke
e0a6a344be Support getting gpfs birthtime 2009-06-02 18:15:20 +02:00
Mathias Dietz
15e10c6a84 Store winattrs in GPFS
1. Store win attributes in gpfs instead of posix bits.
    2. use of path based winattr calls of gpfs.

    Signed-off-by: Mathias Dietz <mdietz@de.ibm.com>
2009-06-02 17:03:59 +02:00
Volker Lendecke
84090c95a5 Add a "connectpath" operation to the shadow_copy2 module 2009-06-02 11:58:22 +02:00
Volker Lendecke
56efcb7b72 Add SMB_VFS_CONNECTPATH operation
This is required for the shadow_copy2 module and "wide links = no". The file
system snapshots by nature are typically outside of share directory. So the
REALPATH result fails the wide links = no test.
2009-06-02 11:58:22 +02:00
Tim Prouty
5c623e6c2e s3 onefs: update the onefs module to be compliant with stat_ex 2009-05-28 15:13:53 -07:00
Volker Lendecke
4df33ec4a7 Fix the build of nfs4_acls.c 2009-05-27 11:54:15 +02:00
Volker Lendecke
a8ffc286a4 Fix a size_t/int warning 2009-05-27 11:54:14 +02:00
Volker Lendecke
49ca690b4b Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STAT
This patch introduces

struct stat_ex {
        dev_t           st_ex_dev;
        ino_t           st_ex_ino;
        mode_t          st_ex_mode;
        nlink_t         st_ex_nlink;
        uid_t           st_ex_uid;
        gid_t           st_ex_gid;
        dev_t           st_ex_rdev;
        off_t           st_ex_size;
        struct timespec st_ex_atime;
        struct timespec st_ex_mtime;
        struct timespec st_ex_ctime;
        struct timespec st_ex_btime; /* birthtime */
        blksize_t       st_ex_blksize;
        blkcnt_t        st_ex_blocks;
};
typedef struct stat_ex SMB_STRUCT_STAT;

It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.

Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.

At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.

It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.
2009-05-26 17:48:23 +02:00
Tim Prouty
cfc68fc9d9 s3 onefs: Fix invalid argument from the unix_convert smb_filename struct patch 2009-05-21 12:17:33 -07:00
Tim Prouty
c1a21d085d s3: Change unix_convert (and its callers) to use struct smb_filename
This is the first of a series of patches that change path based
operations to operate on a struct smb_filename instead of a char *.
This same concept already exists in source4.

My goals for this series of patches are to eventually:

1) Solve the stream vs. posix filename that contains a colon ambiguity
   that currently exists.
2) Make unix_convert the only function that parses the stream name.
3) Clean up the unix_convert API.
4) Change all path based vfs operation to take a struct smb_filename.
5) Make is_ntfs_stream_name() a constant operation that can simply
   check the state of struct smb_filename rather than re-parse the
   filename.
6) Eliminate the need for split_ntfs_stream_name() to exist.

My strategy is to start from the inside at unix_convert() and work my
way out through the vfs layer, call by call.  This first patch does
just that, by changing unix_convert and all of its callers to operate
on struct smb_filename.  Since this is such a large change, I plan on
pushing the patches in phases, where each phase keeps full
compatibility and passes make test.

The API of unix_convert has been simplified from:

NTSTATUS unix_convert(TALLOC_CTX *ctx,
		      connection_struct *conn,
		      const char *orig_path,
		      bool allow_wcard_last_component,
		      char **pp_conv_path,
		      char **pp_saved_last_component,
		      SMB_STRUCT_STAT *pst)
to:

NTSTATUS unix_convert(TALLOC_CTX *ctx,
		      connection_struct *conn,
		      const char *orig_path,
		      struct smb_filename *smb_fname,
		      uint32_t ucf_flags)

Currently the smb_filename struct looks like:

struct smb_filename {
       char *base_name;
       char *stream_name;
       char *original_lcomp;
       SMB_STRUCT_STAT st;
};

One key point here is the decision to break up the base_name and
stream_name.  I have introduced a helper function called
get_full_smb_filename() that takes an smb_filename struct and
allocates the full_name.  I changed the callers of unix_convert() to
subsequently call get_full_smb_filename() for the time being, but I
plan to eventually eliminate get_full_smb_filename().
2009-05-20 17:40:15 -07:00
Volker Lendecke
f024ca961e Use SMB_VFS_NEXT_CLOSE. This VFS stuff is really opaque to me...
Thanks Michael to provide some transparency :-)
2009-05-20 15:44:27 +02:00
Volker Lendecke
54973d0422 Fix bug disclosed by lock8 torture test
We have to drop the gpfs level share modes, regardless of whether we put
the file into the pending close queue.
2009-05-20 15:15:57 +02:00
Aravind Srinivasan
bb454b5fd9 s3 onefs: Removing an incorrect TALLOC_FREE
Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-05-19 10:01:15 -07:00
Volker Lendecke
5fb3b8e377 Move down the become_root()/unbecome_root() calls into the VFS modules
The aio_fork module does not need this, as it does not communicate via signals
but with pipes. Watching a strace log with those become_root() calls in aio.c
is absolutely awful, and it does affect performance.
2009-05-18 13:38:56 +02:00
Volker Lendecke
67a2e62991 In aio_fork, we have to close all fd's, we might hold a gpfs share mode
Keeping such an fd open prohibits another open of that same file.
2009-05-18 10:42:22 +02:00
Volker Lendecke
8b9c5f0483 Fix a race condition in vfs_aio_fork with gpfs share modes 2009-05-18 10:42:22 +02:00
Zack Kirsch
3627ceb5e2 s3 onefs: Self-contend level2 oplocks on BRL 2009-05-12 17:53:16 -07:00
Tim Prouty
c2482d6b23 s3 onefs: Fix ignore sacl parameter 2009-05-12 17:52:00 -07:00
Jeremy Allison
ad9d64ee1b Clean up assignments to iov_base, ensure it's always cast to void *. This should quieten some warnings with picky compilers on the buildfarm.
Jeremy.
2009-05-12 11:45:37 -07:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types.
Should make Solaris 10 builds look cleaner.
Jeremy.
2009-05-11 21:56:57 -07:00
tprouty
3242c6caf7 s3 onefs: Turn up the debug level for non-error cases 2009-05-05 16:43:53 -07:00
tprouty
69d61453df s3: Fix trans2 path to use case-insensitive stat optimization
Often times before creating a file, a client will first query to see
if it already exists.  Since some systems have a case-insensitive stat
that is called from unix_convert, we can definitively return
STATUS_NO_SUCH_FILE to the client without scanning the whole
directory.

This code path is taken from trans2querypathinfo, but trans2findfirst
still does a full directory scan even though the get_real_filename
(the case-insensitive stat vfs call) can prevent this.

This patch adds the get_real_filename call to the trans2find* path,
and also changes the vfs_default behavior for
SMB_VFS_GET_REAL_FILENAME.  Previously, in the absence of a
get_real_filename implementation, we would fallback to the full
directory scan.  The default behavior now returns -1 and sets errno to
EOPNOTSUPP.  This allows SMB_VFS_GET_REALFILENAME to be called from
trans2* and unix_convert.
2009-05-05 16:43:53 -07:00
Steven Danneman
798389c49a s3:onefs.so Change system function names
Addendum to c49730e1.  Use newer cookie conversion names.
2009-05-05 14:42:19 -07:00
Steven Danneman
c49730e15b s3:onefs.so fix issue with missing entries when enumerating directories
This bug prompted several, fairly large changes to the of OneFS's
readdirplus() within Samba.

One fundamental problem is that we kept our cache cursor pointed at the
next entry to be returned from onefs_readdir(), while the resume cookie
needed to refill the cache such that our cursor would be on this entry,
was located in the previous cache entry.  This meant that to correctly handle
seekdir() cases which could be found within the existing cache, and cases
where a cache reload was needed, required that the cache always hold
at least two entries: the entry we wished to return, and the previous entry
which held the resume cookie.  Since the readdirplus() syscall gives us no
guarantee that it will always return these two direntries, there was a
fundamental problem with this design.

To fix this problem, I have rearchitected the onefs_readdir() path to keep
its pointer on the entry which contains the resume_cookie, not the entry
which will be returned next.  Essentially, I changed onefs_readdir() from a
"return an entry then increment the cursor" model to "increment the cursor
then return an entry".  By doing this, we only require that a single entry
be within the cache: the entry containing the resume cookie.

Second, there have been numerous off-by-one bugs in my implementation of
onefs_seekdir() which did a mapping between the 64-bit resume cookie
returned by readdirplus() and its own monotonically increasing "location"
offset.  Furthermore, this design caused a somewhat frequent waste of
cycles, as in some cases we'd need to re-enumerate the entire directory to
recover the current "location" from an old resume cookie.  As this code was
somewhat difficult to understand, prone to bugs, and innefficient in some
cases I decided it was better to wholesale replace it now, rather than later.

It is possible to algorithmically map the 64-bit resume cookies from
readdirplus() into 32-bit offset values which SMB requires.  The onefs.so
module now calls into a system library to do this conversion.  This greatly
simplifies both the seekdir() and telldir() paths and is more efficient.
2009-05-04 15:02:17 -07:00
Volker Lendecke
c33291d49f Fix annoying debug messages when no snapshots are used
Not being able to open the shadow copy directory is the same as having no
shadow copy support at all. The VFS module should in this case not log with
debug level 0 and set ENOSYS to indicate "no shadow copies used" to the higher
levels.
2009-04-28 11:21:49 +02:00
Tim Prouty
161bd7f78f s3 onefs: Fix case-insensitivity for mangled names
onefs_get_real_filename needs to demangle the filename before doing
the case-insensitive estat
2009-04-07 10:44:50 -07:00
Volker Lendecke
a2d5fe4a05 Make some functions static to vfs_gpfs.c 2009-04-06 13:29:59 +02:00
Volker Lendecke
f2e17a4b24 Add prototype for smbd_gpfs_get_realfilename_path 2009-04-06 13:29:59 +02:00
Volker Lendecke
54c2fe6583 Fix two c++ warnings in vfs_gpfs.c 2009-04-06 13:29:59 +02:00
Tim Prouty
87fe4d732d s3 onefs: Quiet a log message about oplocks being requested on streams 2009-04-01 20:06:18 -07:00
Tim Prouty
7424665061 s3 onefs: Add missing newlines to debug statements in the onefs module 2009-03-31 17:31:50 -07:00
Zack Kirsch
bfc7bb49ff s3 onefs: Async failures are resulting in SMB_ASSERT->smb_panic while running many of the LOCK torture tests.
Return true from the onefs cancel function if we've errored, which can happen
when the CBRL domain is configured to only give out 1 lock. :)
2009-03-31 17:29:07 -07:00
Scott Urban
ee22c417f3 s3: added per-client statistics to onefs perfcount module
* we now track, uid, remote ip, and local ip per CIFS operation
* removed perfcount_set_client() from perfcount interface as it's
  unecessary
2009-03-27 17:33:26 -07:00
Volker Lendecke
9e70a960b7 Fix the build of nfsv4_acls.c
.. after adding smb_iconv_convenience to ndr_size_security_descriptor()
2009-03-27 11:10:50 +01:00
Jeremy Allison
1f83aafac8 Try and fix the build farm RAW-STREAMS errors. Ordering of
modules shouldn't matter, so as vfs_streams_depot doesn't
implement get/setxattrs then call into the full VFS stack
at the top.
Jeremy
2009-03-26 15:30:42 -07:00
Steven Danneman
365b5cfcbe Add missing newlines to debug statements 2009-03-25 12:53:06 -07:00
David Kwan
ad98eae02e s3 onefs: Change error status to NT_ACCESS_DENIED for errors in SET_SECURITY_DESC 2009-03-24 17:27:37 -07:00
Tim Prouty
130582f170 s3 OneFS: Remove usage of non-existant function
The function was removed in:
c16c90a1cb
2009-03-23 11:57:13 -07:00
Volker Lendecke
14df86e9e3 Use StrCaseCmp in the dirsort module 2009-03-22 11:44:13 +01:00