IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
filed to be ignored when an upload is done.
Modified to code to goto err on problems, simplifies it.
Jeremy.
(This used to be commit 9157a6ab2646c035a731d53aa3be010488ccf51a)
A user can now pause, resume or delete their own job even if they don't
have the Manage Documents privilege.
Added call to se_access_check() for changing printer properties. The Full
Access privilege is required for the user to perform this.
Several uninitialised variables and memory leaks plugged.
Modified default ACL created on new printers to be Everyone / Print instead
of Everyone / Full Access. This required some random stuffing around with
the value of the revision field to correspond with the ACL that NT produces
when setting the same permission on the printer.
Fixed dodgy function call in printing/printfsp.c
(This used to be commit 2abce4dcfa351051df6e5f789b34fa99c9b81c22)
structure so authenticated pipe users can have their unix groups set when
become_authenticated_pipe_user() is called.
(This used to be commit 55c9bf124dc661df43bfe582ef14b1297aeaf0fa)
code. This code is now implemented as a stack of security contexts, where
a security context is defined as a set of effective user, group and
supplementary group ids.
The following functions are implemented:
BOOL push_sec_ctx(void);
Create a new security context on the stack which is the same as the
current security context.
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups);
Set the current security context to a given set of user and group
ids.
void set_root_sec_ctx(void);
Set to uid = gid = 0. No supplementary groups are set.
BOOL pop_sec_ctx(void);
Pop a security context from the stack and restore the user and group
permissions of the previous context.
void init_sec_ctx(void);
Initialise the security context stack. This must be called before any
of the other operations are used or weird things may happen.
The idea is that there is a base security context which is either root or
some authenticated unix user. Other security contexts can be pushed and
popped as needed for things like changing passwords, or rpc pipe operations
where the rpc pipe user is different from the smb user.
(This used to be commit 87c78d6d5a6bf8d0907d6f8ef5ee0d642946cad3)
prevent possible deadlocks with kernel leases and harmless when kernel
leases are not used.
basically we don't ever want smbd to block
(This used to be commit 9fd67b94a7e43c9dcbe098940b88879ae8743c00)
reporting a memory leak in the cache module. I've modified the cache
code to prevent insure getting confused, so the patch can now be removed.
(This used to be commit 50599b0fa2b78109e3bd2cf50007dc69c4059955)
handling in Samba. This was needed due to several limitations and
races in the previous code - as a side effect the new code is much
cleaner :)
in summary:
- changed sys_select() to avoid a signal/select race condition. It is a
rare race but once we have signals doing notification and oplocks it
is important.
- changed our main processing loop to take advantage of the new
sys_select semantics
- split the notify code into implementaion dependent and general
parts. Added the following structure that defines an implementation:
struct cnotify_fns {
void * (*register_notify)(connection_struct *conn, char *path, uint32 flags);
BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t);
void (*remove_notify)(void *data);
};
then I wrote two implementations, one using hash/poll (like our old
code) and the other using the new Linux kernel change notify. It
should be easy to add other change notify implementations by creating
a sructure of the above type.
- fixed a bug in change notify where we were returning the wrong error
code.
- rewrote the core change notify code to be much simpler
- moved to real-time signals for leases and change notify
Amazingly, it all seems to work. I was very surprised!
(This used to be commit 44766c39e0027c762bee8b33b12c621c109a3267)
smbd/notify.c. All the data structures are now private to that
module.
this is in preparation for Linux kernel support for change notify
(coming soon to a CVS tree near you)
(This used to be commit 1bb0aad4f66dbfa2d0f767ea90f926affff20b17)
I used a trick where CAP_LEASE isn't claimed until it is needed. This
means we avoid a system call per setreuid(), and never call capset()
unless a user tries to get a oplock on a file that they don't own
(This used to be commit afa98d511f70f455d599c3a36dd25e49fe74ac09)
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163bc2faaa80c5782fc02c8f03c410cdeb)
modular form. In this pass I added oplock_irix.c and added a "struct
kernel_oplocks" that describes a kernel oplock implementation.
(This used to be commit b5ceab810292602ea9a81696c20a781c16b706c2)
place to do this, not in smbd/passwd.c
Please don't change this without asking first, I have run this past
Andrew so talk to him (I'm on vacation next week).
I also removed the g_newXXX macros. There are essentially a private C extension,
not used anywhere else in the code, and add no functionality over malloc(XX)
and make the code harder to understand (everyone knows what malloc does).
Jeremy.
(This used to be commit e1b1b6fb6794ba02e1fea510a981fa0ce0d12b58)
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid,
array-of-group-rids (but array-of-group-sids would do).
please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you
that we really do need to store the entire NET_USER_INFO_3 structure.
then again, api_NetWkstaGetInfo is only used by win9x so who cares :)
(This used to be commit bd34f652390adc32c4959d164c628687f526d977)
to make "printer driver file" a share parameter. This fits better with
the new NT printing subsystem.
Jeremy.
(This used to be commit 7afb68461f3938a647a6c48689293af8ed36ccb7)
as there is no infrastructure for it. Replaced it with a dynamic array
of group SIDs plus a user.
passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done,
eventually calling winbind.
smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements.
smbd/reply.c: Removed extra parameter to register_vuid().
Jeremy.
(This used to be commit 425f4ad9a5e0e7d49620276100ade7a0cae47011)
