IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This will make it easier to convert locking.tdb to IDL, and I don't think there
will be enough entries to justify a linked list over an array.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 23 09:02:12 CET 2011 on sn-devel-104
The key is to only allow the lookup to succeed if it's a UNIX level lookup or readlink,
but disallow all other operations.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 01:37:41 CEST 2011 on sn-devel-104
This removes the duplicate definition between smb.h and lib/param/loadparm.c
which in turn allows this file to be compiled with the s3 includes.h
Andrew Bartlett
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This change has a number of purposes:
* It removes the fancy logic around pointers into sDefault for all
per-share parameters. Instead, this is always expressed as an
offset, rather than implicitly via PTR_DIFF macros.
* It makes struct parm_struct almost identical to that as used in
source4/param. This will very shortly allow the loadparm tables
and most of the 'special' helper functions to be placed in common.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 29 05:50:46 CEST 2011 on sn-devel-104
This will help with a change from .ptr to .offset
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 29 03:26:21 CEST 2011 on sn-devel-104
The only users I can find of this on the internet involve confused
users, and our own documentation recommends never setting this. Don't
confuse our users any longer.
Andrew Bartlett
This also makes unix_nt_errmap private to errmap_unix.c and errormap.c
so the tables themselves cannot be duplicate symbols until merged.
Andrew Bartlett
this starts the (long!) process of moving some of the SMB constants
into common files. This just moves the FLAGS2_ defines, which are
needed for common string routines (for FLAGS2_UNICODE_STRINGS)
This is the s3 debug system, with a number of changes to tidy it up
for common use. The debug class system is simplified by the removal of the
ISSET table, the system no longer attempts to cope with assignment of
DEBUGLEVEL, and the full class table is always available (rather than
just DEBUGLEVEL_CLASS[DBCG_ALL]) from startup. It is also no longer
confusingly described as a hack, but as the initial table.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Mar 1 04:32:12 CET 2011 on sn-devel-104
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Do this by keeping a linked list of delete on close tokens, one for
each filename that identifies a path to the dev/inode. Use the
jenkins hash of the pathname to identify the correct token.
strict allocation on sparse files. Files opened as POSIX opens are always
sparse.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Dec 21 04:12:22 CET 2010 on sn-devel-104
The source3/ code uses these constants in a lot of places, and it will
take time and care to rename them, if that is desired. Linking the
macros here will at least allow common code to use the IDL based macros,
and preserve a documentary link between the constants (other than just their value)
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
The all UPPER case typedef is no longer the preferred Samba style
and this makes it easier to see that this is the IDL-derivied structure
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
size_t is overkill here, and in struct security_token in the num_sids
is uint32_t.
This includes a change to the prototype of add_sid_to_array()
and add_sid_to_array_unique(), which has had a number of
consequnetial changes as I try to sort out all the callers using
a pointer to the number of sids.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This allows these structures to be shared across all of Samba
The additional name type ID_TYPE_BOTH is unused in source3 code at
this time.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
This way all code can reuse the same connection to spoolss
and not have to deal with the creation of a new pipe all over the
code every time we need to ask a service off spoolss.
Signed-off-by: Günther Deschner <gd@samba.org>
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
Move to a consistent get_FileIndex() function for all inode returns,
that checks if st_dev on the file is identical to the top directory
dev_t of the exported share, and if so uses the raw 64-bit inode
number. If it isn't (we've traversed a mount point) - return what
we used to do for Windows which is the concatination of the bottom
32-bits of the inode with the 32-bit device number. We can get more
creative with this over time (hashing?) if we want as now all inode returns go
through this single function.
Jeremy.
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
Rename functions to be internally consistent. Next step is
to cope queueing single (non-compounded) SMB2 requests to
put some code inside the stubs.
Jeremy.
Allocate a uint16_t internal SMB1 mid for an SMB2 request.
Add a back pointer from the faked up smb_request struct
to the smb2 request.
Getting ready to add restart code for blocking locks,
share mode violations and oplocks in SMB2.
Jeremy.
Updates usershare files in a backwards compatible way.
I don't intend to back port this fix to 3.5.x as it
depends on a version upgrade in the share_info.tdb share security database.
Jeremy.
This reverts commit a6ae7a552f.
This fixes bug #7222 (All users have full rigths on all shares) (CVE-2010-0728).
(cherry picked from commit 1c9494c76c)
Ensure we don't use any of the create_options for Samba private
use. Add a new parameter to the VFS_CREATE call (private_flags)
which is only used internally. Renumber NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
and NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to match the S4 code).
Rev. the VFS interface to version 28.
Jeremy.
Only works on Linux kernels 2.6.26 and above. Grants CAP_KILL capability
to allow Linux threads under different euids to send signals to each other.
Jeremy.
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.
Jeremy.
On filesystems that can't store less than one second timestamps,
round the incoming timestamp set requests so the client can't discover
that a time set request has been truncated by the filesystem.
Needs backporting to 3.4, 3.3, 3.2 and (even) 3.0.
Jeremy
This patch also changes the unix convert flags to make sure the
correct semantics are preservered for allowing/disallowing wildcards
in the last component of the path.
s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and
non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
For now. This is a feature request and I think we need
to design it a little differently so as not to touch
core change_to_user() code.
Jeremy.
Before 3.3, an smbcontrol debug message sent to the target "smbd" would
actually be sent to all running processes including nmbd and winbindd.
This behavior was changed in 3.3 so that the "smbd" target would only
send a message to the process found in smbd.pid, while the "all" target
would send a message to all processes.
The ability to set the debug level of all processes within a single
daemon, without specifying each pid is quite useful. This was implemented
in winbindd in 065760ed. This patch does the same thing for smbd.
Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of
its children.
The printing process has been added to the list of smbd child processes,
and we now always track the number of smbd children regardless of the
"max smbd processes" setting.
This is the first of a series of patches that change path based
operations to operate on a struct smb_filename instead of a char *.
This same concept already exists in source4.
My goals for this series of patches are to eventually:
1) Solve the stream vs. posix filename that contains a colon ambiguity
that currently exists.
2) Make unix_convert the only function that parses the stream name.
3) Clean up the unix_convert API.
4) Change all path based vfs operation to take a struct smb_filename.
5) Make is_ntfs_stream_name() a constant operation that can simply
check the state of struct smb_filename rather than re-parse the
filename.
6) Eliminate the need for split_ntfs_stream_name() to exist.
My strategy is to start from the inside at unix_convert() and work my
way out through the vfs layer, call by call. This first patch does
just that, by changing unix_convert and all of its callers to operate
on struct smb_filename. Since this is such a large change, I plan on
pushing the patches in phases, where each phase keeps full
compatibility and passes make test.
The API of unix_convert has been simplified from:
NTSTATUS unix_convert(TALLOC_CTX *ctx,
connection_struct *conn,
const char *orig_path,
bool allow_wcard_last_component,
char **pp_conv_path,
char **pp_saved_last_component,
SMB_STRUCT_STAT *pst)
to:
NTSTATUS unix_convert(TALLOC_CTX *ctx,
connection_struct *conn,
const char *orig_path,
struct smb_filename *smb_fname,
uint32_t ucf_flags)
Currently the smb_filename struct looks like:
struct smb_filename {
char *base_name;
char *stream_name;
char *original_lcomp;
SMB_STRUCT_STAT st;
};
One key point here is the decision to break up the base_name and
stream_name. I have introduced a helper function called
get_full_smb_filename() that takes an smb_filename struct and
allocates the full_name. I changed the callers of unix_convert() to
subsequently call get_full_smb_filename() for the time being, but I
plan to eventually eliminate get_full_smb_filename().
