IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Use libcephfs' low-level APIs to do lookup-by-name via parent's open
reference followed by getattr on the inode itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 13671cefffb268d84c973583669681318a2ce3bb)
Use libcephfs' low-level APIs and apply the same logic as stat, but
via explicit inode-reference.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit f16183f90abba3c2d3d26262926f1454275a9d3f)
Implement openat, close and closedir and hooks using libcephfs'
low-level APIs. Cache the open Fh* from libcephfs and its related
meta-data using VFS fsp-extension mechanism.
Upon open-create of new vfs_ceph_fh store the caller credentials
(ceph's UserPerm*) within the same context object for subsequent calls.
In addition, provide a "pseudo" fd numbering which is reported back to
VFS layer and used as debugging hints.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 491676846458980944b76d1693726627a9a32503)
Allow direct access to ceph-mount cached-entry via 'handle->data'
private pointer. Required in order to allow more complex cached-state
with each cephfs mount. Users should now use the local-helper function
'cmount_of' to access the underlying ceph_mount_info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 31085c7efc3572bd6200d3d8e49c1e554cdbfbcc)
Use libcephfs' low-level API ceph_ll_setattr to implement VFS lchown_fn
hook. Use to standard pattern of iget/iput to allow operation by Inode
reference.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit beb21324c9a554f50d8d99af2a1b7fe8a17c8ebb)
Use libcephfs' low-level APIs and apply the same logic as stat, but
using AT_SYMLINK_NOFOLLOW flags.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 93d786b14358db5664e13b1aa43f3f03e7cf0be3)
Start migrating to libcephfs' low-level APIs, using explicit Inode*
reference. Implement the VFS 'stat' hook using a ceph_ll_getattr
function, encapsulated with a pair of iget/iput to hold a
pinned-to-cache Inode* instance.
Upon calling to libcephfs this new code crates and destroys on-the-fly
a Ceph UserPerm instance based on the uig, gid and groups from
'handle->conn->session_info->unix_token'. This logic ensures that the
correct caller-credentials are passed-on to cephfs (instead of those
set upon connection-creation in legacy 'vfs_ceph.c').
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 1b78d79663c48aa4b6810a875427de85ae49a2e8)
Start using libcephfs low-level APIs: get reference to root inode and
use it to query statfs. Requires an explicit put-inode to avoid resource
leakage by libcephfs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 192b0cf8717d79197b985539c9db8ca07a89c570)
Defined new module 'vfs_ceph_new.c' which serves as a place holder for
the next development phase of the bridge between samba's VFS layer and
libcephfs. Begin with a module which is almost identical to existing
'vfs_ceph.c', except for hooks-names prefix which is 'vfs_ceph_' in
order to make clear distinction from existing code base. Following
commits will also switch to low-level APIs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 3720452720b4760509875f0d2a8ed0d104bb1844)
This is done in check_user_ok now
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15688
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit b5169dd717ed5cf66d1e1e90aaf1a4646f7b5ea5)
For my taste this is a nicer configuration syntax than
/../username1/file1/../username2/file2/
Is this too expensive? I don't think so. The scanning only happens an
tcon time, and it only walks the parametric options. If this turns out
to be a performance problem, we should think about smarter data
structures for parametric options instead of just a linked list of
string triples for everything.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15688
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 17becb5f526015de56d00cd1c8f603f8ddacd0ba)
We'll have to add to an existing namearray soon.
This turns one talloc_array() into a set of reallocs. This is slower,
but set_namearray is only used for smb.conf entries where we don't
expect hundreds or more entries to add. I've done this to avoid array
length calculations, but if it turns out to be too slow we can get
smarter again.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15688
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit fcd595a4642a08169b427af534a00116daf220bf)
Admin should use this script in smb.conf parameter 'sync machine
password script' in clustered samba
TODO: onnode will update the keytab on all connected nodes, so the
update will happen on the triggering node twice. This can be improved in
the future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
It will be done in secrets_{prepare,finish}_password_change
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Function trust_pw_change() originally from library trustis_util was updated
to call functionality from ads library. This would introduce circular
dependency between the two libraries. To avoid it, trusts_util is merged
into ads.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
No change in behaviour as we still ignore lookup erros as well as a not-found
result.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Returns NTSTATUS instead of bool. lookup_name_smbconf() becomes a thin
wrapper around lookup_name_smbconf_ex().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
lookup_name() becomes a thin wrapper around lookup_name_internal(). Prepares for
adding more callers to lookup_name_internal() that are interested in the
NTSTATUS return value to distinguish between NAME_NOT_FOUND lookup results and
real errors.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
No change in behaviour, prepares for returning NTSTATUS instead of bool from
lookup_name().
Review-with: git show -w
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Differs from winbind_lookup_name() by
- returning NTSTATUS instead of bool, so callers can distinguish between
STATUS_NAME_NOT_FOUND lookup results and real errors.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This basically reverts commit 313db81ad3de6cf7759d6a0fc21ee32419b2e62b.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
In this case names that couldn't be resolved will be have a NULL sid pointer
which would trigger a crash in sid_copy().
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Previously LookupNames would fail if a name could not be translated, so winbindd
clients like libwbclient couldn't differentiate between not being able to talk
to a DC and just an unkown name.
As a visible change this alters
$ bin/wbinfo -n Idontexist
failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
Could not lookup name Idontexist
to
$ bin/wbinfo -n Idontexist
failed to call wbcLookupName: WBC_ERR_SOME_NOT_MAPPED
Could not lookup name Idontexist
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
No change in behaviour.
After calling set_domain_offline() domain->offline will be set to false, iow
everytime
if (!domain->internal && was_online)
is true,
if (!domain->internal &&
!domain->online &&
was_online)
will also true, so we can drop the second if expression.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
A lot easier to make sense of the complex logic when using this name.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Not adding a specific test for per-user hide files as that uses the exact same
mechanism as the per-user veto files.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Test files are stored beneath "$SHAREPATH/dir1", not "$SHAREPATH/dir_1".
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
