IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This matches the notify_fname() argument name and the next commit is going to
add an "action" variable.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
notify_fname() for NOTIFY_ACTION_DIRLEASE_BREAK will soon need the lease of the
current open and to implement "MS-FSA 2.1.4.12 Algorithm to Check for an Oplock
Break" with flags=PARENT_OBJECT.
No change in behaviour for now, all callers pass lease=NULL;
Also change path arg to struct smb_filename.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Check for open files recursively when renaming a directory and wait for handle
lease breaks.
As delay_for_handle_lease_break_send() does the same check as
have_file_open_below(), remove have_file_open_below() from can_rename() so it is
not called twice for SMB2 renames, and add calls to have_file_open_below() to the
SMB1 entry rename entry points.
This is a bit ugly, but I don't see any other good way of doing this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15608
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Remove enum perm_type: Only the _NEW_ defines were actually used, and
this made the logic harder for me to understand than necessary.
On the other hand, it forced you to think about what this is. Now you
could theoretically miss applying masks. Still, I like it better with
this patch.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Mostly symmetry reasons, we have the opposite function here as well
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Regression introduced by 55d98b29eb294542cc4947573f233e0d5e6966cb. D'oh!
We'll add a regression test for this soon,
but for now we want to unblocking testing from the linux
client...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15639
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Sep 19 21:27:07 UTC 2024 on atb-devel-224
In order to support certain Windows applications that make use of copy reflink,
we need some way to allow configuring these values. According to testing, the
application somehow uses the value of phys_bytes_per_sector_atomic for some check
when requesting server-side reflink copies, eg for ZFS the following is needed
block size = 131072
fs:aligned bytes per sector = 131072
For some reason "block size" must also be set to the value of fs:aligned bytes
per sector, but fs:logical bytes per sector, which according to the spec should
match "block size", must stay at the default of 512, otherwise the application
does not work.
As the whole client behaviour could not be fully understood, I'm proposing to
introduce these options as undocumented parametric options, so we can at least
start testing with them.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Aug 20 07:01:19 UTC 2024 on atb-devel-224
This ensures the values we return via SMB_FS_ATTRIBUTE_INFORMATION is the same
we use internally via conn->fs_capabilities.
This deliberately preserves existing behaviour as much as possible and leaves
possible improvements as a future excercize. Particularily FILE_VOLUME_QUOTAS is
already set insided SMB_VFS_STATVFS() depending on backend filesystem flags
which is probably the correct way to do it instead of just setting the
capability when Samba was built with quota support.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
With this in the future we can avoid some special cases in our callees
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 6 17:37:39 UTC 2024 on atb-devel-224
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 4 17:39:21 UTC 2024 on atb-devel-224
We have the same information available via conn_using_smb2()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 24 00:35:33 UTC 2024 on atb-devel-224
Now that check_any_access_fsp() is broadly used consistently to
restrict access for all modifying operations, we can add a check for
previous versions to check_any_access_fsp() and it gets enforced
consistently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Replaces the direct access to fsp->access_mask with a call to
check_any_access_fsp() which allows doing additional checks if needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
smbd_check_access_rights_fsp() requires *all* rights in access_mask to
be granted by the underlying ACL, but the semantics of this function
is supposed to grant access if any one of the rights in
access_requested is allowed.
Fix this by looping over the requested access mask. If
smbd_check_access_rights_fsp() returns sucess, mask will be non-null
and when assigned to access_granted, the subsequent check will pass,
fail otherwise.
I'm not doing an early exit on purpose because a subsequent commit
adds additional security checks that are done in the subsequent code
path common for fsa and non-fsa fsps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The semantics of the access check in check_access_fsp() itself is to
allow access if *at least* one or more rights of the rights in
access_mask are allowed. The name check_any_access_fsp() better
reflects this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
All but one uses of srv_put_dos_date2() converted from struct
timespec. Put that into a new routine.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This check is only needed for SMB2, so check for that, and in the SMB2 codepath
we'll always have a valid fsp, so we can drop that check.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need the fsp down in fsinfo_unix_valid_level(), pass it down.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
