IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
These demonstrate which durables handles are kept and which are purged
because of various opens, writes or renames.
smb2.durable-v2-open.keep-disconnected-rh-with-stat-open
smb2.durable-v2-open.keep-disconnected-rh-with-rh-open
smb2.durable-v2-open.keep-disconnected-rh-with-rwh-open
smb2.durable-v2-open.keep-disconnected-rwh-with-stat-open
smb2.durable-v2-open.purge-disconnected-rwh-with-rwh-open
smb2.durable-v2-open.purge-disconnected-rwh-with-rh-open
smb2.durable-v2-open.purge-disconnected-rh-with-share-none-open
smb2.durable-v2-open.purge-disconnected-rh-with-write
smb2.durable-v2-open.purge-disconnected-rh-with-rename
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15708
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9e98cd5c7a180521026b0d73a330bdaf2c8af73a)
These show that it's possible to have durable handles in addition
of stat opens, as well as multiple durable opens with RH leases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 77c7741f39a0a9789bede7c4722bd3f35d4af3fd)
This simplifies the reconnect assumptions, when we want to allow
more than one durable handle on a file for multiple clients with
READ+HANDLE leases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0893ae88180137d44f17196234f657d362543ff5)
It should be off by default, as this is not needed by default. It
crashes named on startup, if bind is built with jemalloc support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15643
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit dc6927fdca2ad77dbcf212ef4d3ba0d118ec7bdf)
Without this we leave stale sharemode entries around that can lead to all sorts
of havoc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 19 19:36:19 UTC 2024 on atb-devel-224
(cherry picked from commit 2ff3b9bc0d254a63a913ff9084de3d794fee27d0)
This demonstrates the dead lock after a durable reconnect failed
because the stat info changed, the file can't be accessed anymore
as we leak the incomplete share mode entry in a still running
process.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 14875448ca06a3a28800343a3a326f1a66bccec0)
On a cluster we need to use the ctdb controlled database and not
a local secrets.tdb...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15714
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 20 05:54:43 UTC 2024 on atb-devel-224
(cherry picked from commit f9ee4db2ba74e4f1f1b6d6f32082e5b0fe60f9b9)
This will allow doing tests and make sure using anonymous credentials
doesn't cause false positive results...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15714
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit ab3fc1595c0a2e0aa3719cc2fe4684e9a0a2f9d8)
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.
Just passing the base fsp to the VFS fixes this.
vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.
If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 2 08:55:28 UTC 2024 on atb-devel-224
(cherry picked from commit ecb8a99a2c7ba36f9adc50ef13cd8465a0c49b19)
Autobuild-User(v4-21-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-21-test): Mon Sep 9 08:29:43 UTC 2024 on atb-devel-224
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
(cherry picked from commit 5e278a52646a48e3671270e5b57ec5b852f9fb4b)
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f539021f1490285516d8cfb2a2ab483e0)
This reverts commit b6ebcd635a0cbcabb512230ced1392c68d008bae.
Wrong patchset applied. This is the one for 4.19/4.20. The correct patch
set will be the subsequent commits.
See: https://bugzilla.samba.org/show_bug.cgi?id=15699
Signed-off-by: Jule Anger <janger@samba.org>
This reverts commit 10dddd55152efbe578b01b25c8bb58a9ea7abc3b.
Wrong patchset applied. This is the one for 4.19/4.20. The correct patch
set will be the subsequent commits.
See: https://bugzilla.samba.org/show_bug.cgi?id=15699
Signed-off-by: Jule Anger <janger@samba.org>
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
(cherry picked from commit 5e278a52646a48e3671270e5b57ec5b852f9fb4b)
Autobuild-User(v4-21-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-21-test): Thu Aug 29 15:30:50 UTC 2024 on atb-devel-224
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f539021f1490285516d8cfb2a2ab483e0)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 13 22:29:28 UTC 2024 on atb-devel-224
(cherry picked from commit 4df1bfd07012dd3d2d2921281e6d6e309303b88d)
Autobuild-User(v4-21-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-21-test): Tue Aug 20 09:04:48 UTC 2024 on atb-devel-224
This shows that all compound related requests should get
NT_STATUS_NETWORK_SESSION_EXPIRED.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f6009aa73b9234df1e6ab689de322487ad1394ed)
Not adding a specific test for per-user hide files as that uses the exact same
mechanism as the per-user veto files.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Likely not needed anymore since we now cleanup the fileserver env.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This was likely taken by copy/paste from somewhere else where it might have made
sense.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This ensures provision() can remove st/fileserver/* from previous runs.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This ensures provision() can remove st/simpleserver/* from previous runs.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
provision_ctdb() was always called with $no_delete_prefix undefined
from setup_ctdb(), so we can just remove the check.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jo Sutton <jsutton@samba.org>
Autobuild-Date(master): Tue Jul 23 23:47:43 UTC 2024 on atb-devel-224
There is no longer any meaningful distinction between the two files.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
They are both only for debugging problems.
In normal runs we don't need them and this avoids leaving to many
/tmp/pam.* directories arround.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
The test needs --option="torture:Forest_Trust_Dom2_Binding=..." in order
to be useful, so the skip is correct, but the knownfail entry should
have been removed with e5163dfd57694351bf556565e92f74b71221db29.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
In standalone setups we use the PAM stack to verify
the plaintext authentication, so we need to pass it
down...
There are still production systems out there
(legacy audio/video recording systems...)
using this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 17 11:17:54 UTC 2024 on atb-devel-224
This allows testing a plaintext password authentication
on a standalone server using the PAM stack to verify it.
There are still production systems out in the wild using this...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Updating things like the bad pwd count should not clear the
stored LM HASH with 'lanman auth = no'.
This allows testing with 'lanman auth = no' and 'lanman auth = yes'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This demonstrates that we currently have problems with
plaintext and lanman authentication. In both domain member
and standalone setups.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Note that the LM HASH is only generated for passwords
up to 14 characters...
We use extra_options_before_inject in order to
allow overriding any existing parameter.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows overriding any existing parameter.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We burn arguments to all unknown options containing "pass" (e.g.
"--passionate=false") in case they are a password option, but is bad
in the case where the unknown option takes no argument but the next
option *is* a password (like "--overpass --password2 barney". In that
case "--password2" would be burnt and not "barney".
The burning behaviour doesn't change with this commit, but users will now
see an error message explaining that the option was unknown. This is not
so much aimed at end users -- for who an invalid option will hopefully
lead to --help like output -- but to developers who add a new "pass"
option.
This also slightly speeds up the processing of known password options,
which is a little bit important because we are in a race to replace the
command line in /proc before an attacker sees it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jul 10 06:28:08 UTC 2024 on atb-devel-224
