IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
smbd: Fix failure to check dstdir for delete on close
We're preventing ourselves from holding two locks here,
not protecting from waiting for a lock someone else
holds.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Nov 22 01:22:36 UTC 2020 on sn-devel-184
In smb2_setinfo.c the call to smbd_do_setfilepathinfo() to perform the
rename takes place while holding a share mode lock. The function
check_parent_access() called below tries to query the destination
directory's locking.tdb entry to check whether the delete on close
flag is set on the destination directory. This fails because the
file to be renamed already has the share mode entry locked, we can't
lock two share mode entries simultaneously.
Convert the check to use fetch_share_mode_unlocked(). This might
introduce races, but this whole check is racy anyway. It does not
really matter whether we do the check for delete_on_close under a lock
or not, fetch_share_mode_unlocked() retrieves a consistent status of
the locking.tdb entry at some point in time as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 20 00:20:06 UTC 2020 on sn-devel-184
There's no point in doing a copy here, we can just point smb_fname at
fsp->fsp_name.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 19 21:24:23 UTC 2020 on sn-devel-184
check_access() is a 1:1 wrapper arounf smbd_check_access_rights().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
I saw this test fail a few times on gitlab CI with
NT_STATUS_SHARING_VIOLATION:
Running OPLOCK-CANCEL
cli_unlink failed: NT_STATUS_SHARING_VIOLATION
TEST OPLOCK-CANCEL FAILED!
The only possible explanation I could come up for
this flapping test is that the fnum1 filehandle in cli1 is still not closed when
cli2 tries to open the file deletion 5 seconds after cli1 is thrown away. As
fnum1 doesn't have FILE_SHARE_DELELE the open-for-delete fails with a
SHARING_VIOLATION.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
No non-async callees are used anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 19 04:12:11 UTC 2020 on sn-devel-184
This prepares cli_list_recv() for the lowerlevel NT_STATUS_RETRY that
will come in once cli_list_send() uses cli_smb2_list_send() as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This converts the higher-level cli_list_recv() to the new
cli_smb2_list_recv() calling convention to just issue one entry per
recv() call in preparation of using the async cli_smb2_list_send() in
cli_list_send().
For SMB1 this will be a performance degradation, as we have to make
copies out of the arrays that cli_trans_recv() returns, but soon this
will become a performance improvement for the SMB2 directory
listing. And as hopefully most deployments these days are SMB2, I
think we can live with the SMB1 client directory listing
degradation. Also, we can also convert the lowerlevel SMB1 directory
listing routines in case someone actually sees problems from this
here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Return directory entries as soon as possible via
cli_smb2_list_recv(). This returns just one entry per call to
cli_smb2_list_recv() right out of the buffer without assembling
potentially thousands of entries in a big array. You must call
cli_smb2_recv() until an error (except NT_STATUS_RETRY) happens. This
reduces our latency for smbclient's "dir" command significantly for
large directories. In the future I hope I can do the same thing also for
SMBC_readdir_ctx() to improve all users of our published libsmbclient.
Initial attempts of this routine issued fresh smb2_query_directory
requests asynchronously while the receivers of the entries did their
processing, for example showing them in smbclient's "dir"
command. However, this breaks because for example the "showacls"
smbclient option needs to do synchronous smb requests to do their job,
which we can't do while async requests are pending. Thus I came up
with a semi-synchronous approach to issue additional
smb2_query_directory requests from within cli_smb2_list_recv() and
return NT_STATUS_RETRY. This means that we will call back our caller
via the tevent_req_notify function when a fresh entry is available.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 16 21:18:16 UTC 2020 on sn-devel-184
Now that delete_tree is in python code, align py_smb_rmdir() with the
other functions.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Now that delete_tree is in python code, align py_smb_unlink() with the
other functions.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is much shorter. There's also another aspect: I'm working on
improving cli_list() to not collect all files before starting to call
the callback function. This means that the cli_list cb will be called
from within tevent_loop_once(). In pylibsmb.c's deltree code this
would create a nested event loop. By moving the deltree code into the
python world this nested event loop is avoided. Now the python code
will first collect everything and then start to delete, avoiding the
nesting. A future development should make listing directories a
generator or something like that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Right now this is empty, but it is the basis for moving complexity out
or pylibsmb.c into python code.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Instead of replacing open flags with just O_RDONLY, filter out all those
flags unrelated to a Read Only File System
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14572
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Nov 12 15:13:47 UTC 2020 on sn-devel-184
file_lines_parse() plays horrible tricks with
the passed-in talloc pointers and the hierarcy
which makes freeing hard to get right.
As we know mem_ctx is freed by the caller, after
calling file_lines_parse don't free on exit and let the caller
handle it. This violates good Samba coding practice
but we know we're not leaking here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Nov 11 15:02:27 UTC 2020 on sn-devel-184
In FreeIPA deployment with active Global Catalog service, when a two-way
trust to Active Directory forest is established, Windows systems can
look up FreeIPA users and groups. When using a security tab in Windows
Explorer on AD side, a lookup over a trusted forest might come as
realm\name instead of NetBIOS domain name:
--------------------------------------------------------------------
[2020/01/13 11:12:39.859134, 1, pid=33253, effective(1732401004, 1732401004), real(1732401004, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
lsa_LookupNames3: struct lsa_LookupNames3
in: struct lsa_LookupNames3
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000000e-0000-0000-1c5e-a750e5810000
num_names : 0x00000001 (1)
names: ARRAY(1)
names: struct lsa_String
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'ipa.test\admins'
sids : *
sids: struct lsa_TransSidArray3
count : 0x00000000 (0)
sids : NULL
level : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
count : *
count : 0x00000000 (0)
lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
client_revision : LSA_CLIENT_REVISION_2 (2)
--------------------------------------------------------------------
If we are running as a DC and PASSDB supports returning domain info
(pdb_get_domain_info() returns a valid structure), check domain of the
name in lookup_name() against DNS forest name and allow the request to
be done against the primary domain. This corresponds to FreeIPA's use of
Samba as a DC. For normal domain members a realm-based lookup falls back
to a lookup over to its own domain controller with the help of winbindd.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Nov 11 10:59:01 UTC 2020 on sn-devel-184
This makes "struct share_mode_lock" an opaque data structure opened up
only to the code in locking/. This makes it much safer to modify the
data structure with defined accessor functions in share_mode_lock.c.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 10 21:12:48 UTC 2020 on sn-devel-184
