1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

779 Commits

Author SHA1 Message Date
Holger Hetterich
9702dcfa91 Fetch the SID of the user we are running as and send with the common
data.
2010-03-16 09:52:09 -04:00
Holger Hetterich
654cff4cc3 Additionally send the vfs function id with the protocol. 2010-03-16 09:52:09 -04:00
Holger Hetterich
27f4f51d56 According to the linux kernel coding styleguide, it's better to
align the switch and it's case statements in the same column.
This saves us one indentation level.
2010-03-16 09:52:09 -04:00
Holger Hetterich
cdd1906728 Don't use typedefs on the VFS function data structures as
typedefs are evil according to the linux kernel coding
styleguide.
2010-03-16 09:52:09 -04:00
Holger Hetterich
8cb5bac9ee Add read,pread,write,pwrite support to the V2 protocol. 2010-03-16 09:52:09 -04:00
Holger Hetterich
541fb436cc Enable AES encryption of the data if a key was found in secrets.tdb. 2010-03-16 09:52:09 -04:00
Holger Hetterich
7bff1eabe5 Add rmdir, chdir, and rename as supported VFS functions 2010-03-16 09:52:09 -04:00
Holger Hetterich
e959bdcca4 The format of data we are sending over the network will be flexible when sending over the network in protocol v2. To be able to do this, we create a new va-list function that is creating the buffer to send. Also it makes it easier for the receiver to parse the data; it sends an initial header containing the full length of the buffer to be send. For the individual strings, it sends sub headers containing the length of the upcoming substring to be send. With the header-data-header-data [..] structure we don't need to quote the sub strings finally enabling having all possible character sets in filenames etc..
In the sending function, implement mkdir to actually send it's data
for testing.
2010-03-16 09:52:08 -04:00
Holger Hetterich
dcff7d3672 Create structs carrying the data of individual VFS functions, and hand those over to the send function, which then casts the void pointer to the struct required by looking at the id. This allows us to return different result data depending on the VFS function that is running. Make the protocol v1 sender compatible to this. Adapt the existing VFS functions to use the new data structures. Make use of the new functionality and extend the mkdir VFS logger function to return the creation mode additionally. 2010-03-16 09:52:08 -04:00
Holger Hetterich
2a643ef10c Introduce smb_traffic_analyzer protocol v2.
From Holger:
Make smb_traffic_analyzer differ the protocol versions to enable the development of version 2 of the protocol. To do this, a new parameter "protocol_version" has been introduced, which can be set to "V1", "V2", or nothing. If protocol_version is not set, V1 will be chosen automatically.

Created an enum for identifying VFS functions in the upcoming protocol v2. Converted the existing VFS functions to use the identifier, and set the read/write bool used in protocol v1 accordingly, also ignore any other VFS functions except read/write/pread/pwrite in v1. Added a first new VFS function for mkdir, which I use for testing and implementing both the sender and receiver for v2.
2010-03-16 09:52:08 -04:00
Jeremy Allison
c35c38075c Remove the bool admin_user from conn struct. We no longer look at this to make access decisions.
Jeremy.
2010-03-15 15:39:41 -07:00
Jeremy Allison
6b2358e15e Pass "connection_struct *conn" into functions that currently use "current_user.XXX"
Will allow me to replace them with accessor functions.

Jeremy.
2010-03-15 14:49:11 -07:00
Jeremy Allison
4b85a0ea7f Rever e80ceb1d73 "Remove more uses of "extern struct current_user current_user;"."
As requested by Volker, split this into smaller commits.

Jeremy.
2010-03-15 14:48:54 -07:00
Jeremy Allison
a2be29dfa3 Missed a couple more uses of conn->server_info->ptok that need to be get_current_nttok(conn)
Centralize the root check into smb1_file_se_access_check()
so this is used by modules/vfs_acl_common.c also.

Jeremy.
2010-03-12 14:31:47 -08:00
Jeremy Allison
e80ceb1d73 Remove more uses of "extern struct current_user current_user;".
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.

Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.

Jeremy.
2010-03-12 13:56:51 -08:00
SATOH Fumiyasu
c1fb657afc vfs_netatalk: Segfault if hide files or veto files has no ".AppleDouble" 2010-03-10 16:11:26 -08:00
Björn Jacke
0769a1833a s3: add vfs_crossrename
this module adds optional server-side support for limited rename operations
beyond filesystem boundaries, which was the previously the default.
2010-03-08 17:17:58 +01:00
Björn Jacke
583de7b582 s3: remove cross-device rename support from vfs_default
cross-device rename support has some major limitations:

- on huge files clients will timeout or hang
- ACLs and EA information is not retained

Usually a client will have to handle this. A Windows Server with a reparse
point will also just return NT_STATUS_NOT_SAME_DEVICE. We will now by default
do the same.

I will add a vfs module which will restore the old cross-device renames.
2010-03-08 17:17:52 +01:00
Jeremy Allison
c61c9c3a4c Fix for bug #7189 - Open txt files with notepad on samba shares creates problem.
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.

Jeremy.
2010-03-05 15:13:37 -08:00
Björn Jacke
d18840830e s3:vfs_aixacl2: add missing semicolon
fixes #7197. Thanks to William Jojo for the correction.
2010-03-02 13:00:19 +01:00
Holger Hetterich
99fc004e40 s3: vfs_full_audit.c: implement negated vfs_ops in the success/failure list
Supports negated arguments in configuration like:
full_audit:success = all !readdir !telldir !closedir
Update the manpage accordingly.
Part of BSO#4025
2010-02-28 11:35:18 +01:00
Günther Deschner
6cf10cc102 s3-modules: fix get_acl_blob in the acl_tdb VFS module.
Shuttle-reviewed by jra :)

Guenther
2010-02-18 02:17:50 +01:00
Andrew Tridgell
95e26884a8 s3-vfs: use TYPESAFE_QSORT() in s3 VFS modules 2010-02-14 18:44:20 +11:00
Jeremy Allison
ed0e0a2005 Fix bad use when freeing linked list. Todd Stecher (Original author) please check !
Jeremy.
2010-02-10 16:23:33 -08:00
Andrew Tridgell
f592d42047 s3-perfcount: update to use new DLIST macros
(cherry picked from commit a13b507f2d8be7f90c8872094cd0732926a6fcbb)
2010-02-10 15:41:22 -08:00
Björn Jacke
d1c7d7d21a vfs_catia: fix return type warnings 2010-02-09 10:11:29 +01:00
Jeremy Allison
e425162933 Fix bug #6876 for acl_tdb module.
As pointed out by bj@sernet.de, the rmdir module initializer was
duplicated. Fix this properly.

Jeremy.
2010-02-08 11:04:38 -08:00
Björn Jacke
328a6264a7 s3: fix build issue on Tru64
Thanks, Volker for the hint - acl_type is a macro on Tru64. Renamed it
to acltype. This fixes #7103.
2010-02-07 21:07:13 +01:00
Jeremy Allison
d899032636 Fix bug 7075 - bug in vfs_scannedonly rmdir implementation.
Check for NULL on opendir, correctly call next rmdir.

Jeremy.
2010-02-04 16:23:32 -08:00
Björn Jacke
ae95e8028c s3:vfs_scannedonly: fix build on HP-UX 2010-02-04 10:37:17 +01:00
Volker Lendecke
e00e6a2c96 s3: Simplify the code a bit: Catch (len==0) early 2010-02-03 12:34:25 -08:00
Jeremy Allison
de24209f0a Fix bug 7081 - vfs_expand_msdfs doesn't work correctly (with fix identified)
Fix inspired by idea from Eric Horst <erich@cac.washington.edu>.

Jeremy.
2010-02-02 16:43:41 -08:00
olivier
e95e3270d1 AIX doesn't have MSG_DONTWAIT 2010-01-29 15:26:36 +01:00
Ed Plese
a5ca70a867 Add localtime parameter to shadow_copy2. 2010-01-21 08:32:02 +01:00
Ed Plese
05cd30ba42 Add format parameter to shadow_copy2. 2010-01-21 08:30:01 +01:00
Ed Plese
bb6a917ece Add sort parameter to shadow_copy2. 2010-01-21 07:39:17 +01:00
Jeremy Allison
98a495f1e6 Modification of fix for bug 6876 - Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object
Suggested by Volker. Reduce the surface area of the
become_root() unbecome_root() code to reduce the chance
of errors.

Jeremy.
2010-01-16 17:03:06 -08:00
Olivier Sessink
3c42e11ff3 Part 4 of bug #7028 - include scannedonly VFS module
Fix some issues with handling names ending in '/'.
2010-01-14 12:13:14 -08:00
SASAJIMA Toshihiro
ca84795205 Fix bug #7034 - vfs_cap causes signal 11 (SIGSEGV) 2010-01-12 21:43:23 -08:00
Jeremy Allison
ed457e07b9 Fix two uses of strncat -> strlcat. Ensure proper use of strncpy when setting socket name.
Jeremy.
2010-01-12 21:18:36 -08:00
Jeremy Allison
47c1d9b39f Fix bug #6876 - Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object.
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.

Jeremy.
2010-01-12 16:04:44 -08:00
Volker Lendecke
2d4dda0688 s3: Lift the version of the scannedonly VFS module 2010-01-12 22:58:51 +01:00
Olivier Sessink
31e142854b s3: Add the "scannedonly" vfs virus scanner interface module 2010-01-12 22:57:18 +01:00
Volker Lendecke
0ad83813ee s3: Add a zfsacl:denymissingspecial parameter
When setting an ACL without any of the user/group/other entries, ZFS
automatically creates them. This can at times confuse users a lot. This
parameter denies setting such an acl, users explicitly have to for example set
an ACE with everyone allowing nothing. Users need to be educated about this,
but this helps avoid a lot of confusion.
2010-01-11 12:14:37 +01:00
Björn Jacke
350db0bf25 vfs_commit: print warning when no fsync support is there
this one was part of an old patch from jpeach.
2010-01-06 18:28:16 +01:00
Jeremy Allison
6dcbb84d48 Attempt to fix one of the last two bugs with the full Windows ACL support.
When returning an underlying ACL on a directory, normally on a
POSIX system it has no inheritable entries, which breaks the
Windows ACL when a user does a get/set of a Windows ACL on a
POSIX directory with no existing stored Windows ACL from
the Windows ACL editor. What happens is any new entry added
by the user gets set inheritable, but none of the others
entries are (as returned by default). So any new files then
only inherit the single new ACE entry (the one marked inheritable
by the ACL editor).

Fix this by faking up a default 3 element inheritable ACL that
represents what a user creating a POSIX file or directory will
get by default from the smbd code.

Jeremy.
2009-12-23 17:19:22 -08:00
Björn Jacke
fd5855608f s3: keep subsecond times on cross-filesystem moves and don't follow links 2009-12-09 02:58:40 +01:00
Björn Jacke
0d53ce7e07 s3: make sys_posix_fallocate more generic
this is in preparation for other preallocation methods to be introduced.
2009-12-08 21:16:31 +01:00
Björn Jacke
c8615b6a0c s3: allocate only "new" space, not "old" sparse space in the posix_fallocate path
this makes the posix_fallocate path work analogous to the manual allocate path.
2009-12-08 10:33:26 +01:00
Jeremy Allison
a24631007e parent_sd can never be null in this function, so don't
check for it.

Jeremy.
2009-12-07 14:41:09 -08:00