IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Now that we always require a 64 bit off_t, we no longer need SMB_OFF_T.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Apr 6 01:47:43 CEST 2012 on sn-devel-104
This fixes bug #8554, #8612 and #8748.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Feb 9 16:39:04 CET 2012 on sn-devel-104
Driver file paths stored in the registry do not include the server path
prefix. delete_driver_files() incorrectly assumes such a prefix.
https://bugzilla.samba.org/show_bug.cgi?id=8697
Signed-off-by: Andreas Schneider <asn@samba.org>
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
We create a fake connection here and don't have an vuid. So work with
the session_info directly here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Apr 11 22:56:12 CEST 2011 on sn-devel-104
Configuring force user/group settings for the print$ share currently has
unexpected results, this is explained by how the driver upload/add
process takes place. Consider the following example:
[print$]
path = /print-drv
write list = $DRIVER_UPLOAD_USER
force group = ntadmin
- the client connects to the [print$] share and uploads all driver
files to the /print-drv/W32X86 directory.
- This is permitted, as /print-drv/W32X86 is owned by group ntadmin, and
the "force group = ntadmin" takes effect for the [print$] session.
- Once all files are uploaded, the client connects to the [ipc$]
share and issues an AddPrinterDriverEx spoolss request.
- In handling this request move_driver_to_download_area() is called,
which attempts to create the directory /print-drv/W32X86/3
- The create directory fails, as it is done as the user connected to
the [ipc$] share which does not have permission to write to the driver
directory. The [print$] "force group = ntadmin" has no effect.
This is a regression from previous behaviour prior to the commit:
783ab04 Convert move_driver_to_download_area to use create_conn_struct.
https://bugzilla.samba.org/show_bug.cgi?id=7921
Signed-off-by: Andreas Schneider <asn@samba.org>
samba3.posix_s3.rpc.spoolss.driver fails with the xattr_tdb vfs module
loaded as a part of make test. The (now checked) create_directory() call
in move_driver_to_download_area() fails, uncovering another bug in the
printer driver upload code path.
move_driver_to_download_area() creates a new conn_struct for
manipulating files in [print$]. The VFS layer is plumbed through with
the call to create_conn_struct(), however SMB_VFS_CONNECT() is never
called. Many vfs modules expect state stored at connect time with
SMB_VFS_HANDLE_SET_DATA() to be available on any IO operation and fail
if this is not the case.
This fix adds a call to SMB_VFS_CONNECT() in create_conn_struct() prior
to IO.
https://bugzilla.samba.org/show_bug.cgi?id=7976
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 2 01:16:30 CET 2011 on sn-devel-104
WERR_ACCESS_DENIED errors are mapped to WERR_UNKNOWN_PRINTER_DRIVER,
resulting in incorrect error messages on Windows clients.
move_driver_to_download_area() returns the same error status values
to the caller via the *perr argument as well as the return value.
The create_directory() call is not checked for error.
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.
Adnrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Not needed - privileges code prevents "enable privileges = no" from adding privileges
anyway.
This reverts commit a8b95686a7.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 23:41:36 UTC 2010 on sn-devel-104
to maintain compatibility with smb.conf manpage.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
It is not universally guaranteed that an enum is represented as a uint32_t.
This starts to be THE BUG (tm) in Samba. What can I do to explain this
to people a bit better? It seems that the verbose explanations I put into
the recent checkins fixing similar bugs are not clear enough.
Anybody who does is not 100% clear about what this patch fixes please
contact me directly so that we can talk it through on the phone to agree
on a wording that everybody can understand.
Thanks,
Volker
This new call is available in the merged privileges code, and
takes an enum as the parameter, rather than a bitmask.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
