IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Remove the link between an smb_fname and it's embedded smb_fname->fsp.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
open_pathref_fsp() opens an "embedded" fsp inside smb_fname as
smb_fname->fsp. We call such an fsp a "pathref" fsp.
On system that support O_PATH the low level openat() is done with O_PATH. On
systems that lack support for O_PATH, we impersonate the root user as a
fallback.
Setting "is_pathref" in the fsp_flags before calling fd_openat() is what
triggers the special low-level behaviour inside the VFS.
The use of pathref fsps allows updating all callers of path based VFS functions
like
dos_mode(smb_fname)
-> SMB_VFS_GET_DOS_ATTRIBUTES(smb_fname)
-> SMB_VFS_GETXATTR(smb_fname)
to use the handle based VFS function like
fdos_mode(smb_fname->fsp)
-> SMB_VFS_FGET_DOS_ATTRIBUTES(fsp)
-> SMB_VFS_FGETXATTR(fsp)
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This way we can avoid stating twice: once here and possibly a second time in
the caller open_file().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
non_widelink_open() now also returns NT_STATUS_STOPPED_ON_SYMLINK in case an
attempt was made to either
1. open a symlink from a POSIX client, or
2. open a symlink from a Windows client but any of the symlink behaviour
configuring options "follow symlink", "wide links" or "allow insecure wide
links" prevents access to the symlink target
Caller open_file() has already been updated to map NT_STATUS_STOPPED_ON_SYMLINK
to NT_STATUS_NT_STATUS_OBJECT_PATH_NOT_FOUND.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If we get a real dirfsp, skip the parent-directory logic. Just pass the dirfsp
to SMB_VFS_OPENAT() which by now supports real dirfsps.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Instead of setting and resetting the name to the relative name every time we
call into the VFS, just set it once and reset it at the end and when recursing
via process_symlink_open().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Callers still all pass conn->cwd_fsp so no change in behaviour yet.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For now no change in behaviour as all callers still pass conn->cwd_fsp. This
just prepared fd_openat() to deal with real dirfsp's pass by callers later on
when adding calls to fd_openat(dirfspm ...) in the directory enumeration loop.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Calling openat() with O_PATH|O_NOFOLLOW will open a handle on the symlink
itself. That would be a nice feature if it would be supported on more platforms,
but being a Linux only thing, we have to preserve the behaviour of failing to
open a handle on symlinks.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
A subsequent commit will add a consumer of the fd to non_widelink_open() (by
calling SMB_VFS_FSTAT()), so we need to set the fd already here. And it makes
more sense anyway. :)
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Don't try to set pathref fd's to non-blocking, they're not used with IO.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ceph supports O_PATH since v0.93 from 2015:
https://ceph.io/geen-categorie/v0-93-hammer-release-candidate-released/
This seems to be old enough so we can hopefully use this without a runtime
version check.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If the system supports O_PATH we use that, otherwise we fallback to root opens.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This flag is used by the VFS layer to tell the FSA layer that it is allowed to
reopen an fsp by using an exisiting pathref fd with /proc/PID/fd/FD to open a
full fd.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Allows the VFS layer to tell the higher layers if fds opened by the openat() VFS
implementation are visible objects inside a /proc/PID/fd/FD filesystem.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This avoids failing opens triggered by filename_convert() ->
openat_pathref_fsp().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If we can access the path to a file, by default we have FILE_READ_ATTRIBUTES
from the containing directory. See the section: "Algorithm to Check Access to an
Existing File" in MS-FSA.pdf.
So it's also safe to use a root opened pathref fd, as the root open is done on
the final component after a chdir() to the parent directory was done while still
impersonating the use. Qed.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We're using xattr data storage for internal reasons in these places, so in all
places it's safe to use a possibly root opened fd.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Nothing really dangerous is done with the fds here, so we can safely use
fsp_get_pathref_fd() in these cases.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
