IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Allow smbcacls to restore dacls to a directory from file created by
with smbcacls '--save' or icalcs /save
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add similar functionality to 'icacls name /save'
Save dacls for a file/directory to a restore/save file.
When saving dacls associated with a directory, using the 'recusive'
switch '-T' will recursively save the content of the directory.
Note: the save file produced by smbcacls and icacls are interchangeable
as smbcacls produces (and uses) the same file format.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Adds new switch (and associated help) note: nothing using it yet
Subsequent following commits will make use of this option with
'save' functionality
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
prior to this patch sddl_decode get_global_sam_sid was using
'get_global_sam_sid()' but the reciprocal call to sddl_encode uses
'get_domain_sid()' using the domain_sid (instead of local machine sid)
is 'correct'
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
To avoid collisions in random OID strings, we started using the epoch
date modulus 100 million. The trouble is we did not strip out the
leading zeros, so the field might be '00000123' when it should be
'123', if the date happened not to correspond to an epoch with a zero
in the eighth to last place. This has been the case for most of the
last 1041 days, but fortunately the bug was only introduced earlier
this year.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15520
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 14 00:10:19 UTC 2023 on atb-devel-224
It confused me that a function that supposedly just retrieves dos
attributes also updates something.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Given two opens on a file:
1. Windows open with delete-on-close
2. POSIX open with delete-on-close set
When handle 1 is closed processing in has_other_nonposix_opens_fn() will not
delete the file as (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) is false, so
has_other_nonposix_opens() will return true which is wrong.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15517
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 13 19:34:29 UTC 2023 on atb-devel-224
Allowing this broke a round-trip decode-encode fuzz test. Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62742
(Comments are from an earlier commit by Douglas Bagnall <douglas.bagnall@catalyst.net.nz>)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 13 02:30:23 UTC 2023 on atb-devel-224
This requires that, other than termination, no NUL (\0) codepoints
exist in the input string, because bytes beyon that will be lost
in the output string.
This in turn causes trouble for round-trip testing, so it is easiest
to reject it upfront (on an opt-in basis).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
The failure to talloc_strdup("") is just an error and all other cases set the
string or given an error.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
enum client_flavour does not define LINUX, it defines WINDOWS and
POSIX.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 10 02:33:33 UTC 2023 on atb-devel-224
ndr_wsp.h included standalone does not find struct timespec on FreeBSD
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Previously we tried to decode KERB-ERROR-DATA as METHOD-DATA,
resulting in a confusing error message. Now we just ignore it; but we
could also choose to set an error message containing the NTSTATUS code
in hexadecimal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15514
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 10 01:35:32 UTC 2023 on atb-devel-224
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 9 09:01:25 UTC 2023 on atb-devel-224
We should not leak error messages returned by sddl_decode_err_msg().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Windows treats Kerberos strings as UTF‐8, but by default, pyasn1 encodes
strings as ISO-8859-1. (There is a UTF8String type that gets encoded as
UTF‐8, but it has a different ASN.1 encoding from GeneralString, and so
can’t be used). asn1ate provides no way to override the encoding.
Except…
It turns out we can force UTF‐8 encoding by cunningly overriding
KerberosString.__getattribute__().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
‘rfc4120_pyasn1_generated’ is not to be used directly. Its contents are
now reexported from ‘rfc4120_pyasn1’, which becomes a simple wrapper.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(there will be a SERVICE_FAILURE_ACTIONSA variant also)
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 8 18:42:13 UTC 2023 on atb-devel-224
Use O_PATH when available; this avoids the need for READ/LIST access on
that directory. Keep using O_RDONLY if the system does not have O_PATH.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Such buffers are not to be trusted.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 7 22:54:42 UTC 2023 on atb-devel-224
