IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
open_file() can now use parent_dir_fname->fsp for handle-based
access calls.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will allow us to change directory_has_default_acl() to
directory_has_default_acl_fsp() later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
atname is a better name, as base_name refers to the name without streams
and this is nothing to do with streams.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We don't need the parent_pathref() and more, and as we don't
own parent_dir_fname anymore, don't free it on exit.
Next step will be to remove the local variables.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Not yet used. Next step will be to use them to replace the
internal parent_dir_fname,base_name variables inside mkdir_internal().
Annotate them so we know what these extra params are.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Not yet used.
We will be passing this down to open_directory() and
open_file_ntcreate() and using it within create_file_unixpath()
as all of these functions need a parent pathref to check parent
ACLs etc.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We can now use SMB_VFS_SYS_ACL_GET_FD() on the directory fsp instead.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Modify all implementations (and the definitions) related to
SMB_VFS_SYS_ACL_GET_FD to accept additional SMB_ACL_TYPE_T type param.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
preparatory patch for api change to SMB_VFS_SYS_ACL_GET_FD to add new
SMB_ACL_TYPE_T arg to SMB_VFS_SYS_ACL_GET_FD.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now we have one common function for refusing access on symlinks.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Simplify the interals to check for everything that
would make an fsp something that is open on a symlink.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It makes no sense here and will allow us to rename
refuse_symlink() -> refuse_symlink_fsp() and clean it up.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
For the pathname verison of this function smbd_check_access_rights()
we return the st_mode bits turned into an NT ACL for a symlink.
For a symlink the mode bits are always 'lrwxrwxrwx' which means
smbd_check_access_rights() version always returned NT_STATUS_OK
for any access rights requested on a symlink.
For smbd_check_access_rights_fsp() to a symlink use the handle
access bits as this is a better representation of the access
allowed.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
smbd_check_access_rights() is checking permissions on a file *before*
open, so getting ACCESS_DENIED and mapping to NT_STATUS_OK when
reading the security descriptor is fine, as if we really don't have
access the open will fail.
smbd_check_access_rights_fsp() takes place *after* the open (pathref
or otherwise), so being unable to get the security decriptor should
be reported back to the caller and not mapped to NT_STATUS_OK.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It doesn't and never has skipped VETO or unreadable files.
It's only used in call_trans2findnext() in the SMB1 code
given a name already returned to the client to find a
resume position. Even if the client gave us a name that
it had never been given to it (client bug or malicious
client) we'd just start the search from the wrong position,
which doesn't cause problems (we still check for VETO
or unreadable before returning any names).
Worst thing that actually happens is the client messes
up their own search, which is what you'd expect from
giving an incorrect resume name.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This doesn't matter now, but later we will move to a handle-based call to
check access rights, so we will need the full handle setup.
Add a fd_close(fsp) in the error path now this is done after the fd open.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now we do an early check for opening a directory, this code
could never have been triggered.
The only case we need to consider now is when the filesystem
object exists as a file when we enter open_file() and another
smbd removes and then re-creates the object as a directory before we
call reopen_from_fsp(). In that case, we will open the object,
and come back out to open_file_ntcreate(), where the race
condition detection code that calls check_same_dev_ino()
will catch the case and error out the client request.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Makes sure we keep the pathref fd open for the NT_FILE_IS_A_DIRECTORY case.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
