IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This reflects that the messaging context is also used outside of the
server processes.
The command used for the rename:
find . -name '*.[hc]' -print0 | xargs -0 sed -i 's/server_messaging_context/global_messaging_context/'
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
If session info was passed down from upstream, then try to use it to get
security token, other then creating token every time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
The vfs_fake_acl module will need it to implement chown/fchown.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The vfs_fake_acl module will need it to implement chown/fchown.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This synthesizes an ACL with a single ACE with full permissions for
everyone. Not used for now, this comes later.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will be used by another VFS module in a subsequent commit.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 1 02:58:53 CEST 2017 on sn-devel-144
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Requires a few extra cleanups in calling code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is a slight change in behaviour: We now also zero out
the space for num_profile_acls.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Brown-Paper-Bag bug in f85c2a6852. The assignment contains a self-reference
in get_pai_flags which I missed.
Fix an uninitialized read.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12551
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Feb 1 22:06:50 CET 2017 on sn-devel-144
Remove the user / group name in debug-printing of a
POSIX-ACL-derived ACE.
Obtaining the user name might result an extra lookup
to the domain. In a typical case, a user raises logging
level to 10 to troubleshoot an issue, so connectivity
problems are likely to exist. In that case we won't want
the extra debug printing to create more issues.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This can be used to emulate folder quotas, as explained in the
modified manpage.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This function is only used in vfs_acl_common.c and will be modified in
the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12028
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Get it from parent/deriving smb_filename if present.
Use 0 (as usually this a Windows-style lookup) if
not.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Bumps VFS version to 35.
Preparing to reduce use of lp_posix_pathnames().
Most of this is boilerplate, the only subtleties are in
the modules:
vfs_catia.c
vfs_media_harmony.c
vfs_shadow_copy2.c
vfs_unityed_media.c
Where the path is modified then passed to SMB_VFS_NEXT_GET_NT_ACL().
In these cases the change uses synthetic_smb_fname() to
create a new struct smb_filename from the modified path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <rb@sernet.de>
Since 4.0.x we add 2 additional ACE entries, one SMB_ACL_USER
and SMB_ACL_GROUP to match the existing SMB_ACL_USER_OBJ and
SMB_ACL_GROUP_OBJ entries. The two additional entries break
the simple "must have 3 entries" check done inside convert_canon_ace_to_posix_perms().
Replace this with a more complete test.
Problem and initial fix provided by <tcleamy@ucdavis.edu>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10489
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Thu Feb 11 11:14:53 CET 2016 on sn-devel-144
EA's and ACL paths are all post-stream name checks (and shouldn't
get stream names). This one took a *long* time to find.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored).
We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags
before sending the security_information to the server.
security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL
results in a NULL dacl being returned from an GetSecurityDecriptor
request. This happens because posix_get_nt_acl_common()
has the following logic:
if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) {
... create DACL ...
}
I'm not sure if the logic is correct or wrong in this place (I guess it's
wrong...).
But what I know is that the SMB server should filter the given
security_information flags before passing to the filesystem.
[MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY
...
The server MUST ignore any flag value in the AdditionalInformation field that
is not specified in section 2.2.37.
Section 2.2.37 lists:
OWNER_SECURITY_INFORMATION
GROUP_SECURITY_INFORMATION
DACL_SECURITY_INFORMATION
SACL_SECURITY_INFORMATION
LABEL_SECURITY_INFORMATION
ATTRIBUTE_SECURITY_INFORMATION
SCOPE_SECURITY_INFORMATION
BACKUP_SECURITY_INFORMATION
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
When the ID returned is ID_TYPE_BOTH we must *always* add it as both
a user and a group, not just in the owning case. Otherwise DENY
entries are not correctly processed.
Confirmed by the reporter as fixing the problem.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10196
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Fix for ACL problem - not accepting DENY. Code was checking for pointer and not for content.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat Sep 21 05:24:07 CEST 2013 on sn-devel-104
When 6adc7dad96 removed the calls to
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode
these calls were replaced with lp_create_mask() and lp_dir_mask()
The issue is that while lp_security_mask() and lp_dir_security_mask defaulted to
0777, the replacement calls did not. This changes behaviour, and incorrectly
prevents a posix mode being specified by the client from being applied to
the disk in the non-ACL enabled case.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
