IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
this changes the level of logs caused by users trying to access shares
or subdirectories for which they do not have access to in the ACL
this can fill up the samba log even with log level 0 and is more an
expected kind of logs that IMHO should not be logged with such a high
level.
All other errors while chdir() will still be logged with level 0
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and
non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
For now. This is a feature request and I think we need
to design it a little differently so as not to touch
core change_to_user() code.
Jeremy.
This patch introduces two new temporary helper functions
vfs_stat_smb_fname and vfs_lstat_smb_fname. They basically allowed me
to call the new smb_filename version of stat, while avoiding plumbing
it through callers that are still too inconvenient. As the conversion
moves along, I will be able to remove callers of this, with the goal
being to remove all callers.
There was also a bug in create_synthetic_smb_fname_split (also a
temporary utility function) that caused it to incorrectly handle
filenames with ':'s in them when in posix mode. This is now fixed.
This patch introduces
struct stat_ex {
dev_t st_ex_dev;
ino_t st_ex_ino;
mode_t st_ex_mode;
nlink_t st_ex_nlink;
uid_t st_ex_uid;
gid_t st_ex_gid;
dev_t st_ex_rdev;
off_t st_ex_size;
struct timespec st_ex_atime;
struct timespec st_ex_mtime;
struct timespec st_ex_ctime;
struct timespec st_ex_btime; /* birthtime */
blksize_t st_ex_blksize;
blkcnt_t st_ex_blocks;
};
typedef struct stat_ex SMB_STRUCT_STAT;
It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.
Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.
At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.
It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.
instead of reading the registry directly with tdb and activating the
configure options by hand.
This eliminates the need for repeating checks done in loadparm.
For instance it disables registry shares without path in the server
as is the case with text based shares.
Michael
We need to store the "force group" uid separately from the
conn->server_info token as we need to apply it separately also.
Volker PLEASE CHECK !
Jeremy.
This only applies to a setup with "registry shares = yes"
Michael
(cherry picked from commit 288fa94ac7cfdf7457b5098c33fc840bed3d5410)
(cherry picked from commit e85526b184e66f86b7faa9d0a37288a09c12c19e)
Now that we have a token that is correctly set up with gids already, this saves
manual translation of the SIDs to GIDs.
(This used to be commit 6136a6d9d7301c65f37e2bf485681138cddd8bd2)
This will replace all the user identity stuff in connection_struct, for now it
is just a source where the other fields in connection_struct are filled from.
(This used to be commit 0f53f9e7db9f99f239c4d0950452d0e2cde2ae8b)
This is a first quick fix.
Registry shares should be rewritten to use libnet_conf.
Michael
(This used to be commit 71bd0bd0ea018e8c5033bbf904333c596330855a)
It turns out that this is a necessary operation, separate from statvfs. statvfs
can fail during tcon, so conn->fs_capabilities would never see that we support
streams on a particular share.
James, can you check that I got the darwin variant right? Thanks!
(This used to be commit 3ad798d803b3b023533bb48e6993885f22b96095)
Now homes and printers shares can be accessed through the
registry meachanism on demand in pure registry configurations
with "config backend = registry" without the need to
have a special handler for these two.
Michael
(This used to be commit eec3248ef90fbfe6e048394c875173b164a8b439)
on a share (or global) and have the server reply with
ACCESS_DENIED for all non-encrypted traffic (except
that used to query encryption requirements and set
encryption state).
Jeremy.
(This used to be commit d241bfa57729bb934ada6beabf842a2ca7b4f8a2)
This change alters the Samba connection code to cache the filesystem
capabilities when a new client connects. This can be used to enable
filesystem specific optimisations is a general manner.
(This used to be commit de3c5b808a941ac8e9ebe7169536d8290067eef5)
