1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

139745 Commits

Author SHA1 Message Date
Volker Lendecke
3035f98364 winbind: Fix Coverity ID 1509002 Use of 32-bit time_t
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
de8babd6af printing: Remove a few obsolete openat_pathref_fsp() calls
driver_convert_unix calls filename_convert_dirfsp, which these days
fills smb_fname->fsp. So openat_pathref_fsp() will immediately return
success as it finds smb_fname->fsp != NULL.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
d745a0799b smbd: Remove an obsolete comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
aff7a1fde6 smbd: Simplify smb_set_file_end_of_file_info()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
ee3a7b31e0 smbd: Simplify call_trans2setfileinfo()
Avoid an "else"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
253e5f4a68 lib: Fix Coverity ID 1636566 Untrusted loop bound
Sanitize num_auths to [0,15] in sid_copy()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
06cca7bf02 smbd: Modernize DEBUGs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:31 +00:00
Volker Lendecke
69d74563ad smbd: Avoid a (double) cast
We don't need floating point here, intmax_t and %jd should be
sufficient

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
2d6d890f45 smbd: Pass "dirfsp" to get_posix_fsp()
The two places where get_posix_fsp() is called we do have the dirfsp
around. Pass this through to SMB_VFS_CREATE_FILE(), looks much cleaner
in strace.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
3a16c35ab4 smbd: Simplify smb_set_posix_acl()
Call get_posix_fsp() in the caller, this removes if-conditions in
smb_set_posix_acl() itself

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
b768c54bd5 smbd: Simplify smb_q_posix_acl()
Ensure it's called with a valid fsp. In the pathinfo case, use
get_posix_fsp() in the caller, in the fileinfo case the client has
sent us the fid. A client-visible fid is always a fsa fsp.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
a780c07c24 smbd: Simplify get_posix_fsp()
Remove three variables only set at initialization time

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
f41dc1440b libcli: Modernize a DEBUG
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
84faa9dbb4 libcli: Fix a potential 32-bit problem with PRIu32
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
ddc88fa8b6 libcli: Make handling implicit_owner_rights bit easier to read
The first time I came across this I missed the "FALL_THROUGH" and had
to look closely at what happens. I had expected
IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS to grant two rights,
which to me is now more obvious. It was correct before, but to me this
is now more obvious. YMMV.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
9312bdd271 libcli: Simplify disp_sec_ace_object()
Directly use GUID_buf_string()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
d6ec1f42c6 libcli: Align an integer type
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
391962e262 libcli: Remove the "mem_ctx" argument from pull_integer()
Not needed anymore

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
dddbab8e36 libcli: Simplify pull_integer()
Use ndr_pull_struct_blob_noalloc, we don't need talloc here.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
8f1d903524 vfs: Simplify connect_acl_tdb()
We don't need talloc for printing a mask with %o

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
d088738342 vfs: Simplify connect_acl_xattr()
We don't need talloc for printing a mask with %o

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
54124677f6 smbd: Pass "dirfsp" through posix_mkdir()
One less caller of SMB_VFS_CREATE_FILE with dirfsp==NULL

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
3b2134e231 libcli: Avoid an unnecessary "else"
We return in the if-branch

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Volker Lendecke
8ed1b9e874 libcli: Use ndr_deepcopy_struct() in security_token_duplicate()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2024-12-17 12:30:30 +00:00
Pavel Filipenský
e37e4d16e9 s3:open.c: Fix a typo
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Tue Dec 17 11:23:50 UTC 2024 on atb-devel-224
2024-12-17 11:23:50 +00:00
Pavel Filipenský
02d4f58a2f selftest: Add test for vfs crossrename module
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15724

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-17 10:27:34 +00:00
Pavel Filipenský
94c9a99c56 docs:manpage: vfs_crossrename is not fully stackable VFS module
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15724

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-17 10:27:34 +00:00
Jones Syue
1a089a16c4 s3:vfs_crossrename: add back checking for errno ENOENT
strace gives a clue: samba try to remove 'file.txt' in the dst folder but
actually it is not existed yet, and got an errno = ENOENT,

renameat(32, "file.txt", 31, "file.txt") = -1 EXDEV (Invalid cross-device link)
unlinkat(31, "file.txt", 0)             = -1 ENOENT (No such file or directory)

Commit 5c18f074be ("s3: VFS: crossrename. Use real dirfsp for
SMB_VFS_RENAMEAT()") seems unintentionally removed errno ENOENT checking,
so add it back could address 1st issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15724

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-17 10:27:34 +00:00
Pavel Filipenský
0a9adc85e7 s3:vfs_crossrename: crossrename_renameat() needs to return 0 if copy_reg() is successful
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15724

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-17 10:27:34 +00:00
Pavel Filipenský
0a5da82f75 s3:vfs_crossrename: avoid locking panic in copy_reg()
Use low level backend functions that don't go through the FSA layer.
Done via calling transfer_file() as it was in version before 5c18f07

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15724

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-17 10:27:34 +00:00
Pavel Filipenský
7b73c574d9 docs:manpages: Update 'net ads keytab create'
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Mon Dec 16 19:32:32 UTC 2024 on atb-devel-224
2024-12-16 19:32:31 +00:00
Martin Schwenke
86cdaf5a2e ctdb-scripts: Change default persistent DB for statd_callout_helper
This database isn't use throughout CTDB, so name the it more
specifically.

Note that this might cause locks to be lost during upgrade to the
first version containing this change.

For testing, a different name is chosen to exercise related
functionality.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Dec 13 15:01:10 UTC 2024 on atb-devel-224
2024-12-13 15:01:10 +00:00
Martin Schwenke
16df4de954 ctdb-scripts: Support CTDB_STATD_CALLOUT_SHARED_STORAGE=none
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
112c6b43bc ctdb-tests: Update statd-callout tests to handle both modes
Add support for shared_dir mode.

Instead of duplicating all of the tests, update them so they can be
wrapped.  Created new tests for shared_dir mode that source the
"original" tests.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
08310072aa ctdb-scripts: Support storing statd-callout state in cluster filesystem
CTDB_STATD_CALLOUT_SHARED_STORAGE is a new configuration variable
indicating where statd-callout should store its NFS client locking
data.  See the update to ctdb-script.options(5) for details.

This adds back functionality that was removed in commit
12cc826231.  The commit message doesn't
say why this was changed but it was most likely due to a cluster
filesystem hanging at inopportune times.  Hence, this is re-added as a
non-default option.  There are 2 justifications for re-adding it:

* The existing method (persistent_db) relies on dequeuing data during
  the monitor event, which loses any queued data on node crash.

* NFS-Ganesha writes NFSv4 client locking data to a cluster
  filesystem, by default.  Something similar might as well exist for
  NFSv3.

Note that this could create the files for sm-notify in add-client.
However, this would require an alternate implementation of
send_notifies() (or a change to the implementation for persistent_db
too).  It seems better to leave add-client lightweight and do the work
in notify, since add-client is a more frequent operation.

Unconditionally create the state directory on startup.  This is
currently implicitly created for persistent_db when the queue
directory is created.  However, it isn't created anywhere else for
shared_dir, so do it in a common place.

In test mode, the shared storage location has a prefix added so files
are created within the test environment.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
2e84621354 ctdb-scripts: Fix impending SM_NOTIFY versus record deletion race
SM_NOTIFYs are sent before client records are deleted.  Theoretically,
this means new records resulting from lock reclaim can be deleted.

This doesn't actually happen at the moment because any new "records"
resulting from lock reclaim are entered into the queue directory and
only dequeued to the database during a later monitor event.  Since a
monitor event can't collide with an ipreallocated event, no records
can be dequeeued into the database during the ipreallocated event, so
they can't be deleted by delete_records().

However, a subsequent commit will add direct writing of records into a
shared cluster filesystem directory.  This means that add-client
events will cause records to be added directly to that directory so,
without a fix, the race will be able to occur.

So, delete records before sending SM_NOTIFYs.  In theory, the script
could be killed before all SM_NOTIFYs are successfully sent, resulting
in loss of locks.  However, given the overall lack of error checking,
there are other, more likely problems.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
c415208a49 ctdb-scripts: Factor out some statd-callout functions
This captures all of the persistent database (currently ctdb.tdb)
implementation-specific details in functions.  Alternate
implementations can now be easily added.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
e6a85d128f ctdb-scripts: Improve update and listing code
Drop the complexity associated with using awk to escape dots in IPv4
addresses to protect them from sed, and generate a grep -F filter
instead.

For listing, the pipeline is now longer, but the steps are now
clearer:

1. List DB records
2. Extract keys
3. Keep only keys machine hosted public IPs
4. Parse out server IP and client IP
5. Sort

Performance here isn't critical, so having clearer code is preferable.

Use temporary files to avoid command-line length limits.

Also, drop the cd to the queue directory during update.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
b8fe8a5fd2 ctdb-scripts: Drop TCP tuning comments from statd_callout_helper
Commits caad5dc38d and
f022df1d40 commented out these lines
back in 2007.

2 things are clear from the commit messages:

* These setting should not be required in the real world - they are:

    mainly useful for avoiding ack-storms when doing very rapid
    failover/failback during testing

* If they are needed, they are not specific to
  statd_callout/statd_callout_helper

Let's remove these comments to avoid confusing people.

Reported-by: Ulrich Sibiller <ulrich.sibiller@eviden.com>
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
b2084281a4 ctdb-scripts: Fix some bit-rotted comments and whitespace
The top comment in the file is no longer true.

The comment about notifications doesn't really apply anymore since
upstream sm-notify is used and it does "the right thing".

shfmt wants to remove a space before a semicolon, so do that too.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Martin Schwenke
e704eb580a ctdb-scripts: Use CTDB_NFS_SHARED_STATE_DIR in nfs-ganesha-callout
Rename CTDB_NFS_STATE_MNT to CTDB_NFS_SHARED_STATE_DIR.  It doesn't
have to be a mount but can be any directory in a cluster filesystem.
CTDB_NFS_SHARED_STATE_DIR will soon be used in statd_callout_helper,
so the variable name might as well be better.

With this change, it will still only be used by nfs-ganesha-callout,
which isn't yet supported (i.e. it still lives in doc/examples).  The
rest of the comments below refer to behaviour changes in that script.

CTDB_NFS_SHARED_STATE_DIR is now mandatory when GPFS is used.  This is
much saner that choosing the first GPFS filesystem - if the state
directory changes then connection metadata can be lost.

Drop CTDB_NFS_STATE_FS_TYPE.  The filesystem type is now determined
from CTDB_NFS_SHARED_STATE_DIR and it is now checked against supported
filesystems.  This will catch the case when the filesystem for the
specified directory has not been mounted and the filesystem for the
mountpoint (e.g. ext4) is not a supported filesystem for shared state.

A side-effect is that the filesystem containing
CTDB_NFS_SHARED_STATE_DIR must be mounted when nfs-ganesha-callout is
first run.

While touching this file, my shfmt pre-commit hook wants to insert a
trailing ;; into a case statement.  Let's sneak that in here too.

Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2024-12-13 13:57:32 +00:00
Stefan Metzmacher
cb27914403 s4:rpc_server/netlogon: fix dcesrv_netr_LogonSamLogon_base_call() for ServerAuthenticateKerberos()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Dec 12 15:00:10 UTC 2024 on atb-devel-224
2024-12-12 15:00:10 +00:00
Stefan Metzmacher
5aa79e3263 s4:rpc_server/netlogon: fix dcesrv_netr_ServerPasswordSet[2] for ServerAuthenticateKerberos
Review with: git show --patience

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
ff16cb25c4 librpc/server: call dcesrv_netr_check_schannel() as schannel_check_creds_state() callback
If schannel is not used we need to return ACCESS_DENIED and discard
the effect of netlogon_creds_server_step_check().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
2cf8a8ea35 libcli/auth: let schannel_check_creds_state() take an access_check callback
This allows the callback to decide if the updated creds should be stored
or not.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
e830da448b selftest: add 'server support krb5 netlogon = yes' for ad_dc
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
f4547f2176 selftest add 'server reject aes schannel:COMPUTER$' rules
These avoid a lot of messages during the tests...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
1a18706bcd s4:rpc_server/netlogon: implement dcesrv_netr_ServerAuthenticateKerberos
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
4834b9dacc librpc/server: prepare schannel_util.c for netr_ServerAuthenticateKerberos
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00
Stefan Metzmacher
c58137aad9 docs-xml/smbdotconf: add "server support krb5 netlogon" options
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-12-12 13:59:29 +00:00