IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This simply linearlises the SMB_ACL_T (default and access acl for
directories) and the file owner, group and mode into a blob.
It will be useful for an improved vfs_acl_common.c that uses this sets
that, rather than the hash of the NT ACL, in the xattr
This will in turn insulate the stored hash from changes in the ACL
mapping.
Andrew Bartlett
This interface actually needs to match the get_nt_acl interface in
that the system ACL implmenetation may not be posix ACLs, and the blob
is not meant to be enforced to be of a particular system ACL
structure.
Andrew Bartlett
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett
This changes from allocation on NULL to allocation on the supplied
memory context.
Currently that supplied context is talloc_tos() at the the final consumer of
the ACL.
Andrew Bartlett
they are different so should go through a mapping function. Ensure this is so.
Practically this does not matter, as for user permissions the mapping
function is an identity, and the extra bits we may add are ignored
anyway, but this makes the intent clear.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 6 03:04:14 CEST 2012 on sn-devel-104
This reverts commit c251a6b044.
Remove this as we're planning to remove the security mask,
directory security mask parameters and only use create mask/directory mask.
This reverts commit dfd3c31a3f.
As Metze pointed out:
From MS-SMB2 section 2.2.4:
SMB2_NEGOTIATE_SIGNING_ENABLED
When set, indicates that security signatures are enabled
on the server. The server MUST set this bit, and the client MUST return
STATUS_INVALID_NETWORK_RESPONSE if the flag is missing.
I'll submit a documentation bug to fix#9222 that way.
Still sign if client request is signed, just don't negotiate it in
negprot or sessionsetup.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 3 00:59:42 CEST 2012 on sn-devel-104
Currently we call FSET_NT_ACL to inherit any ACLs on create. However
FSET_NT_ACL uses the security mask/directory security mask parameters
instead of the create mask/directory mask parameters.
Swap them temporarily when creating to ensure the correct masks
are applied.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 2 22:27:17 CEST 2012 on sn-devel-104
With the prior code we assumed that we do not have kernel oplocks around
when we open a file because we handled samba-internal oplock breaks
before the open attempt.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Sep 29 19:29:36 CEST 2012 on sn-devel-104
This is a significant behaviour change: We do not open the file under
the share mode lock anymore. This might lead to more open calls in case
of oplock breaks or sharing violations, but those are slow error paths
and as such might be not too performance sensitive. The benefit of this
patch is a significant reduction of complexity of open_file_ntcreate()
With the new behaviour, we call fcb_or_dos_open after open_file(). It
is open_file() that sets up the fsp so that fcb_or_dos_open can find it
in the list of fsps. Avoid finding the fsp we are just setting up.
This is a 1:1 copy&paste of the oplock/sharemode code that we do before
an existing file is opened. It is a prerequiste for a patch that removes
all of that handling before we open the file.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 27 02:51:42 CEST 2012 on sn-devel-104
The "else" is not necessary. In the if-branch we just returned.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 26 18:08:03 CEST 2012 on sn-devel-104
We always set state->te = NULL of TALLOC_FREE(state->te),
before calling smbd_smb2_request_dispatch(), so
open_was_deferred_smb2() always returned false, while dispatching
it again.
But it's remove_deferred_open_message_smb2_internal() which
should reset this state.
In developer mode validate_my_share_entries() did call smb_panic()
before.
metze
The "access_bits" clause is redundant. is_stat_open says that exactly
at least one of the stat_open_bits must be set and none else.
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 25 20:05:06 CEST 2012 on sn-devel-104
To me this makes open_file_ntcreate a little easier to understand
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Sep 25 10:08:15 CEST 2012 on sn-devel-104
no point in calling this if printing was disabled and no spoolss service was started
this hurts CTDB clusters as the smbds on the cluster nodes will fight for the single record in the TDB
This fixes Bug 9197 - Disabling printing still makes smbd create and access printer_list.tdb
