IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This ensures that getting/stting a security descriptor does not
contend an oplock. The correct access checks will be still be done in
the kernel on the get/set rather than the open.
Updates the onefs vfs module to add configurable behavior to deal
with sids that are unknown to us. The best examples are aces that
come from robocopy/xcopy.
Adds the following share level options (which are specific to the vfs_onefs
module):
onefs: ignore unmappable sids (Default = false)
If this option is set to true, sids which could not be resolved to
a uid/gid are ignored. If an unmappable sid is encountered as the owner
or group, the owner/group is converted to BUILTIN\Administrators.
onefs: unmappable sids ignore list (Default = empty)
Only the sids in the list are ignored.
onefs: ignore sacls (Default = false)
SACLs are ignored
onefs: unmappable sids deny everyone (Default = false)
If an unmappable sid is found in a deny ACE, the ACE's identity is
changed to Everyone.
This is the first pass at extending the onefs vfs module to support
the CIFS-specific enhancements available on OneFS. Most of this patch
is massaging the sama open path to work with ifs_createfile.
ifs_createfile is a CIFS-specific syscall for opening/files and
directories. It adds support for:
- Full in-kernel access checks using a windows access_mask
- Cluster-coherent share mode locks
- Cluster-coherent oplocks
- Streams
- Setting security descriptors at create time
- Setting dos_attributes at create time
This patch does not implement the samba side of the streams support or
oplocks support. Tests that expect oplocks to be granted or streams
to be supported will fail. This will be remedied in upcoming patches.
Add to the OneFS VFS module, support for NTFS ACLs through the calls:
SMB_VFS_FGET_NT_ACL()
SMB_VFS_GET_NT_ACL()
SMB_VFS_FSET_NT_ACL()
Also create several new onefs specific smb.conf parameters in onefs.h
