IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We can now use SMB_VFS_SYS_ACL_GET_FD() on the directory fsp instead.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Modify all implementations (and the definitions) related to
SMB_VFS_SYS_ACL_GET_FD to accept additional SMB_ACL_TYPE_T type param.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
preparatory patch for api change to SMB_VFS_SYS_ACL_GET_FD to add new
SMB_ACL_TYPE_T arg to SMB_VFS_SYS_ACL_GET_FD.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now we have one common function for refusing access on symlinks.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Simplify the interals to check for everything that
would make an fsp something that is open on a symlink.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It makes no sense here and will allow us to rename
refuse_symlink() -> refuse_symlink_fsp() and clean it up.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
For the pathname verison of this function smbd_check_access_rights()
we return the st_mode bits turned into an NT ACL for a symlink.
For a symlink the mode bits are always 'lrwxrwxrwx' which means
smbd_check_access_rights() version always returned NT_STATUS_OK
for any access rights requested on a symlink.
For smbd_check_access_rights_fsp() to a symlink use the handle
access bits as this is a better representation of the access
allowed.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
smbd_check_access_rights() is checking permissions on a file *before*
open, so getting ACCESS_DENIED and mapping to NT_STATUS_OK when
reading the security descriptor is fine, as if we really don't have
access the open will fail.
smbd_check_access_rights_fsp() takes place *after* the open (pathref
or otherwise), so being unable to get the security decriptor should
be reported back to the caller and not mapped to NT_STATUS_OK.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It doesn't and never has skipped VETO or unreadable files.
It's only used in call_trans2findnext() in the SMB1 code
given a name already returned to the client to find a
resume position. Even if the client gave us a name that
it had never been given to it (client bug or malicious
client) we'd just start the search from the wrong position,
which doesn't cause problems (we still check for VETO
or unreadable before returning any names).
Worst thing that actually happens is the client messes
up their own search, which is what you'd expect from
giving an incorrect resume name.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This doesn't matter now, but later we will move to a handle-based call to
check access rights, so we will need the full handle setup.
Add a fd_close(fsp) in the error path now this is done after the fd open.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now we do an early check for opening a directory, this code
could never have been triggered.
The only case we need to consider now is when the filesystem
object exists as a file when we enter open_file() and another
smbd removes and then re-creates the object as a directory before we
call reopen_from_fsp(). In that case, we will open the object,
and come back out to open_file_ntcreate(), where the race
condition detection code that calls check_same_dev_ino()
will catch the case and error out the client request.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Makes sure we keep the pathref fd open for the NT_FILE_IS_A_DIRECTORY case.
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This VFS function should really return an NTSTATUS but that is
a patch for another day.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We weren't maping or using the incoming SMB_ACL_TYPE_T type
parameter correctly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is really subtle. If someone passes in an smb_fname where smb_fname
actually is taken from fsp->fsp_name, then the lifetime of these objects is
meant to be the same.
This is commonly the case from an SMB1 path-based call
(eg call_trans2qfilepathinfo()) where we use the pathref fsp
(smb_fname->fsp) as the handle. In this case we must not unlink smb_fname->fsp
from it's owner.
The asserts below:
SMB_ASSERT(fsp->fsp_name->fsp != NULL);
SMB_ASSERT(fsp->fsp_name->fsp == fsp);
ensure the required invarients are met.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14732
Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jun 8 20:44:41 UTC 2021 on sn-devel-184
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 8 14:58:58 UTC 2021 on sn-devel-184
The NULL assert is not really required, it will crash nicely if that's
not fulfilled.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 4 17:34:06 UTC 2021 on sn-devel-184
Looking at the logic of "ha[d|ve]_share_mode_entry" d->modified=true
can only happen if we remove the last share mode entry . Make this
more explicit, avoid booleans.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This also adds proper error checks, the previous code could (very
theoretically) have leaked memory if an intermediate _add had failed.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
remove_from_jobs_changed() and remove_from_jobs_added() only differed
by the keystr.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
