1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

62073 Commits

Author SHA1 Message Date
Ralph Boehme
679e12aee2 smbd: move trace_state variable behind tv variable
Next commit adds timestamp variables to trace_state that want to be initialized
with the current time, so moving behind tv we can then just reuse tv for that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Ralph Boehme
d8613d7ee2 smbd: add option "smbd lease break:debug hung procs"
By enabling this a process sending a lease break message to another process
holding a lease will start watching that process and if that process didn't
process the lease break within 10 seconds (cf server_id_watch_waited()), we log
a kernel stack backtrace of that process.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Ralph Boehme
b45e78871a smbd: log share_mode_watch_recv() errors as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Ralph Boehme
7add7dbf1a s3/lib: add option "serverid watch:debug script"
This takes just PID and NODE:PID on a cluster.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Ralph Boehme
5c57e84052 s3/lib: add option "serverid watch:debug = yes" to print kernel stack of hanging process
We only do if sys_have_proc_fds() returns true, so it's most likely
linux...

Enabled by default with log level 10...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Ralph Boehme
d76edcd484 s3/lib: add next helper variable in server_id_watch_*
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Alexander Bokovoy
4f577c7b68 sync machine password to keytab: handle FreeIPA use case
FreeIPA uses own procedure to retrieve keytabs and during the setup of
Samba on FreeIPA client the keytab is already present, only machine
account needs to be set in the secrets database.

'sync machine password to keytab' option handling broke this use case by
always attempting to contact a domain controller and failing to do so
(Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=2309199).

The original synchronizing machine account password to keytab feature
did not have a mechanism to disable its logic at all.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>

Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 13 13:16:09 UTC 2024 on atb-devel-224
2024-09-13 13:16:09 +00:00
Anoop C S
095ece43a2 wscript_build: Do not link vfs_ceph_new against libcephfs
vfs_ceph_new dynamically loads the appropriate libcephfs shared
libraries which means that we don't statically link against it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:32 +00:00
Anoop C S
962a40a6ff vfs_ceph_new: Use function pointers for API calls
Replace direct function calls with pointers holding their equivalent
addresses.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:32 +00:00
Anoop C S
d5926cf492 vfs_ceph_new: Pass module config to userperm helpers
userperm helpers will switch to function references instead of direct
invocation of APIs. This would mean the matching config structure is
passed to those helpers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:32 +00:00
Anoop C S
250af54250 vfs_ceph_new: Hold a config reference in vfs_ceph_fh
This is required to perform the cleanup when fsp extension destructor is
called as part of VFS_REMOVE_FSP_EXTENSION where mount information and
function references are to be used in upcoming changes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:32 +00:00
Anoop C S
8c1d774c7e vfs_ceph_new: Call vfs_ceph_userperm_new with handle->conn
vfs_ceph_userperm_new() only need connection structure from handle
for fetching the current unix token. Therefore modify the signature
to accept just handle->conn.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Guenther Deschner
e4fc1df4b4 vfs_ceph_new: Populate function pointers with addresses
Use dlysm() for assigning addresses to already declared libcephfs
low-level API function pointers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Guenther Deschner
0d2ad13d8e vfs_ceph_new: Add required function pointers to config
Declare necessary libcephfs low-level APIs as function pointers to be
assigned with corresponding loadable addresses.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Guenther Deschner
47812a2791 vfs_ceph_new: Dynamically open library for 'proxy' mode
Use dlopen() to load either of the shared libraries(libcephfs.so or
libcephfs_proxy.so) based on the configuration for 'proxy' module
parameter. Further down the line we will define the required APIs
as function pointers within the config structure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Guenther Deschner
90464bdcaf vfs_ceph_new: Introduce new parametric option 'proxy'
Provide early support for consuming yet to come libcephfs proxy[1] for
optimized resource utilization. For better control we make use of an
additional module specific option 'proxy' to specify the intent to load
proxy library. With the default value 'no' a regular cephfs connection
is established. There is also an 'auto' mode which can fall back to the
regular connection if proxy requirements are not met.

[1] https://github.com/ceph/ceph/pull/58376

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Guenther Deschner
f1d418181d vfs_ceph_new: Add a new struct to hold ceph module config
Consolidate all required configuration related data under a dedicated
structure named vfs_ceph_config. As of now it includes the location of
configuration file, file system name, ceph client user id and mount
related information. This is expected to grow in future with more
details as and when required. Apart from that small cleanups are also
done to make code more robust.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Pair-Programmed-With: Anoop C S <anoopcs@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-12 15:36:31 +00:00
Shachar Sharon
0cedd74e47 vfs_ceph_new: implement DFS hooks using libcephfs low-level APIs
Refactor the VFS hooks 'create_dfs_pathat_fn' and 'read_dfs_pathat_fn'
in 'vfs_ceph_new.c' to use libcephfs low-level APIs: instead of using
path-based operations (as done in legacy 'vfs_ceph.c') use inode based
operations to create and read msdfs symbolic-links values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Sep 11 19:09:41 UTC 2024 on atb-devel-224
2024-09-11 19:09:41 +00:00
Volker Lendecke
d416c8e078 util: Make show_msg call DEBUG just once
format_debug_text() still splits up lines with separate write-calls, but
DEBUGADD is something that I would like to get rid of.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-09-10 21:54:36 +00:00
David Disseldorp
22edd69503 smbd: improve reinit_after_fork error handling
reinit_after_fork() may panic or return an error on failure. When smbd
is started in interactive mode, it ignores the reinit_after_fork()
return status and unconditionally proceeds to smbd_process().

Similarly, if messaging_reinit() fails within reinit_after_fork() then
it will subsequently call ctdb_async_ctx_reinit() if clustering is
enabled.

There's no reason why these errors shouldn't be handled immediately, so
add appropriate error handling.

Found by code inspection; not seen in the wild.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Sep  4 09:53:01 UTC 2024 on atb-devel-224
2024-09-04 09:53:01 +00:00
Ralph Boehme
ecb8a99a2c smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.

Just passing the base fsp to the VFS fixes this.

vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.

If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep  2 08:55:28 UTC 2024 on atb-devel-224
2024-09-02 08:55:28 +00:00
Ralph Boehme
0983560830 smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-09-02 07:19:38 +00:00
Shachar Sharon
22182f90e8 vfs_ceph_new: handle case of readlinkat with empty name string
Commit 53c9269b (vfs_ceph_new: use low-level APIs for symlink/readlink)
introduced readlinkat using libcephfs low-level APIs. However, it does
not handle properly the case where readlinkat operates on empty name
string (see man readlinkat(2)), such as:

  fd = openat(dirfd, symname, O_PATH | O_NOFOLLOW, 0);
  readlinkat(fd, "", buf, bufsiz);

Handle this special case of readlinkat with empty name string by using
a reference to the symlink inode itself.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Aug 30 10:42:27 UTC 2024 on atb-devel-224
2024-08-30 10:42:27 +00:00
Stefan Metzmacher
41df9e1c74 s3:tests: make use of TMPDIR in test_symlink_traversal_*.sh
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
David Disseldorp
5e278a5264 smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
2024-08-28 08:54:11 +00:00
Volker Lendecke
1cdb9605b5 libsmb: Simplify pdb_sethexpwd with hex_byte()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
1602b0120b lib: Add libcli/util/ntstatus.h in a few headers where it's needed
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
25370c79af smbd: Inline set_sticky_write_time_path into set_sticky_write_time_fsp
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
6d356dcbaf smbd: Modernize a few DEBUGs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
367bea1ca5 smbd: Introduce "ace" helper variable
Use "psd->dacl->aces[0]" once instead of 3 times

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
56ec6fe5ed lib: Add a few explicit includes
Required to trim down includes from gen_ndr/*security*

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
93b2651896 smbd: Modernize a few DEBUGs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Anoop C S
232ab02faf source3/wscript: Introduce auto mode to build ceph vfs modules
Use 'auto' mode as the default for building ceph vfs modules so that an
explicit --enable-cephfs can reliably fail in the absence of required
dependencies.

ref: https://lists.samba.org/archive/samba/2024-August/249569.html

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Aug 27 06:18:51 UTC 2024 on atb-devel-224
2024-08-27 06:18:51 +00:00
Shachar Sharon
168966a053 s3:smbd: fix NULL dereference in case of readlink failure
When VFS readlinkat hook returns with error the following sequence
yields NULL-pointer dereference (SIGSEGV):

  symlink_target_below_conn (source3/smbd/open.c)
    char *target = NULL;
    ...
    readlink_talloc (source3/smbd/files.c)
      SMB_VFS_READLINKAT
        smb_vfs_call_readlinkat (source3/smbd/vfs.c)
          handle->fns->readlinkat_fn --> returns error

  status = safe_symlink_target_path(.., target /* NULL */ ..)
    safe_symlink_target_path (source3/smbd/filename.c)
      if (target[0] == '/') { /* NULL pointer dereference */

A failure in VFS module's readlinkat hook may happen due to run-time
error (e.g., network failure which cases libcephfs to disconnect from
MDS).

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15700
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 23 09:27:06 UTC 2024 on atb-devel-224
2024-08-23 09:27:06 +00:00
Martin Schwenke
b0996ed589 s3:tests: Fix spelling error
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Aug 22 10:38:09 UTC 2024 on atb-devel-224
2024-08-22 10:38:09 +00:00
Shachar Sharon
cbba4008a7 vfs_ceph_new: add missing newline in debug-logging
Commit d00f20f3 ("vfs_ceph_new: debug-log upon libcephfs low-level
calls") introduced debug-logging before each call to libcephfs low-level
APIs. Unfortunately, one of the logging messages missed the terminating
newline ('\n') character.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: John Mulligan <jmulligan@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Wed Aug 21 14:18:07 UTC 2024 on atb-devel-224
2024-08-21 14:18:07 +00:00
Volker Lendecke
dd03cf8b4c libsmb: Remove cli_state->rap_error
I could not find any caller which uses rap_error outside of the
routine implementing the rap client call itself.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Aug 21 12:49:45 UTC 2024 on atb-devel-224
2024-08-21 12:49:45 +00:00
Volker Lendecke
c3f73a905d libsmb: Remove unused cli_NetWkstaUserLogoff()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-08-21 11:33:31 +00:00
Volker Lendecke
c831e21d88 libsmb: Remove unused cli_ns_check_server_type()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-08-21 11:33:31 +00:00
Stefan Metzmacher
1bacaae526 s3:smbd: let mkdir_internal() try VFS_RENAME_HOW_NO_REPLACE first
With renameat2(RENAME_NOREPLACE) being available
it's even better, as we don't even have the short
window where the incomplete directory is visible
to others.

The flow will be this:

tmp_name = ".::TMPNAME:D:$PID:client_name"
mkdirat(tmp_name, mode=client_mode);
prepare_acls(tmp_name);
renameat2(tmp_name, client_name, NOREPLACE);
if (EEXIST) {
   unlinkat(tmp_name);
   return EEXIST;
}
if (EINVAL) {
   /* fallback if NOREPLACE is not supported */
   mkdirat(client_name, mode=0);
   if (EEXIST) {
      unlinkat(tmp_name);
      return EEXIST;
   }
   renameat(tmp_name, client_name);
}

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
fe8b4617dd s3:vfs_default: implement VFS_RENAME_HOW_NO_REPLACE in vfswrap_renameat()
We can use renameat2() without ifdef as libreplace always provides it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
adc8dea944 s3:vfs: add VFS_RENAME_HOW_NO_REPLACE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
5b305d1fbb s3:vfs: add vfs_rename_how to SMB_VFS_RENAMEAT()
This will support renameat2-like operations in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
7baeeece2d s3:smbd: let mkdir_internal() work more atomically using a temporary name
Currently we do this in mkdir_internal():

mkdirat(client_name);
if (EEXIST) {
   return EEXIST;
}
prepare_acls(client_name);

Note 'prepare_acls()' is a placeholder for the complex steps
it is doing to prepare the directory. During these steps
we have the problem that other clients already see
the directory and are able to create files or subdirectories
in it and these may not inherit the correct acls as
the their parent directory is not created completely.

I think I found a good strategie even without relying on
renameat2(RENAME_NOREPLACE).

We would do this instead:

tmp_name = ".::TMPNAME:D:$PID:client_name"
mkdirat(tmp_name, mode=client_mode);
prepare_acls(tmp_name);
mkdirat(client_name, mode=0);
if (EEXIST) {
   unlinkat(tmp_name);
   return EEXIST;
}
renameat(tmp_name, client_name);

So instead of having a long windows during prepare_acls,
we just have a short window between mkdirat(client_name, mode=0)
and renameat(tmp_name, client_name);
And in that short window the directory with the client_name
has a mode of 0, so it's not possible for other clients
to create files or subdirs in it.

As the mkdirat(client_name, mode=0) still catches
EEXIST the race where two clients try to create
the same client_name is closed as before,
so we don't need any other protection.

Following patches will make use of renameat2(RENAME_NOREPLACE),
but this already a very good improvement.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
460e280d3a docs-xml: add 'vfs mkdir use tmp name' option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
f8be83a0a3 s3:smbd: improve DEBUG messages in mkdir_internal()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
5d077cd442 s3:smbd: let mkdir_internal() use a talloc_stackframe()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
23f85e60ec s3:smbd: call apply_new_nt_acl() already in mkdir_internals()
We should have preparation steps as close as possible together.

We could move it for files as well, but that's a task for another
day...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Stefan Metzmacher
75fe450f98 s3:smbd: split out apply_new_nt_acl() helper
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Volker Lendecke
a18c45046d libsmb: Remove cli_state->raw_status
All callers which looked at this are gone

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Aug 20 10:57:12 UTC 2024 on atb-devel-224
2024-08-20 10:57:12 +00:00