1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

125177 Commits

Author SHA1 Message Date
Volker Lendecke
ebd5322e63 printing: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Volker Lendecke
49d0268f73 printing: Remove code to upgrade from before b0909cfa14
I think even back then "printing.tdb" would have just been a stale
tdb that would have been better handled externally. It might have been
a product requirement back then, but I think a startup script and not
core code might have been a better choice to handle this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Volker Lendecke
656a3d2e48 printing: Passing a fn pointer does not need "&"
Just looked a bit weird and different from all other fn pointer
references in Samba.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Volker Lendecke
249b0e3202 libcli: Add file specific access flags to sddl
See

https://docs.microsoft.com/en-us/windows/win32/secauthz/ace-strings

for reference.

We can only use them for decoding, many of our tests depend on our
string representation of the flags.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Volker Lendecke
2e60846859 winbindd: Fix a startup race with allocate_gid
If you try to allocate a GID before winbind is fully set up,
idmap_child_handle() is still NULL. Add the required
wb_parent_idmap_setup_send()/recv() to allocate_gid().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14678
RN: Fix a crash in winbind when allocate-gid is called early

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Björn Jacke
4288319770 dosmode: retry reading dos attributes as root for unreadable files
if there are files that the user can't access, he is still allowed to read the
dos attributes information, so we need to try reading them as root also.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14654

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Stefan Metzmacher
293ab5f20c ldb: bump version to 2.4.0, in order to be used for Samba 4.15
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 24 13:11:52 UTC 2021 on sn-devel-184
2021-03-24 13:11:52 +00:00
Douglas Bagnall
9532c44bae CVE-2020-27840: pytests: move Dn.validate test to ldb
We had the test in the Samba Python segfault suite because
a) the signal catching infrastructure was there, and
b) the ldb tests lack Samba's knownfail mechanism, which allowed us to
   assert the failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 12:05:32 +00:00
Douglas Bagnall
dbb3e65f7e CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode
A DN string with lots of trailing space can cause ldb_dn_explode() to
put a zero byte in the wrong place in the heap.

When a DN string has a value represented with trailing spaces,
like this

     "CN=foo   ,DC=bar"

the whitespace is supposed to be ignored. We keep track of this in the
`t` pointer, which is NULL when we are not walking through trailing
spaces, and points to the first space when we are. We are walking with
the `p` pointer, writing the value to `d`, and keeping the length in
`l`.

     "CN=foo   ,DC= "       ==>       "foo   "
            ^  ^                             ^
            t  p                             d
                                       --l---

The value is finished when we encounter a comma or the end of the
string. If `t` is not NULL at that point, we assume there are trailing
spaces and wind `d and `l` back by the correct amount. Then we switch
to expecting an attribute name (e.g. "CN"), until we get to an "=",
which puts us back into looking for a value.

Unfortunately, we forget to immediately tell `t` that we'd finished
the last value, we can end up like this:

     "CN=foo   ,DC= "       ==>        ""
            ^      ^                    ^
            t      p                    d
                                        l=0

where `p` is pointing to a new value that contains only spaces, while
`t` is still referring to the old value. `p` notices the value ends,
and we subtract `p - t` from `d`:

     "CN=foo   ,DC= "       ==>  ?     ""
            ^       ^            ^
            t       p            d
                                      l ~= SIZE_MAX - 8

At that point `d` wants to terminate its string with a '\0', but
instead it terminates someone else's byte. This does not crash if the
number of trailing spaces is small, as `d` will point into a previous
value (a copy of "foo" in this example). Corrupting that value will
ultimately not matter, as we will soon try to allocate a buffer `l`
long, which will be greater than the available memory and the whole
operation will fail properly.

However, with more spaces, `d` will point into memory before the
beginning of the allocated buffer, with the exact offset depending on
the length of the earlier attributes and the number of spaces.

What about a longer DN with more attributes? For example,
"CN=foo     ,DC= ,DC=example,DC=com" -- since `d` has moved out of
bounds, won't we continue to use it and write more DN values into
mystery memory? Fortunately not, because the aforementioned allocation
of `l` bytes must happen first, and `l` is now huge. The allocation
happens in a talloc_memdup(), which is by default restricted to
allocating 256MB.

So this allows a person who controls a string parsed by ldb_dn_explode
to corrupt heap memory by placing a single zero byte at a chosen
offset before the allocated buffer.

An LDAP bind request can send a string DN as a username. This DN is
necessarily parsed before the password is checked, so an attacker does
not need proper credentials. The attacker can easily cause a denial of
service and we cannot rule out more subtle attacks.

The immediate solution is to reset `t` to NULL when a comma is
encountered, indicating that we are no longer looking at trailing
whitespace.

Found with the help of Honggfuzz.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 12:05:32 +00:00
Douglas Bagnall
1996b79f37 CVE-2020-27840: pytests:segfault: add ldb.Dn validate test
ldb.Dn.validate wraps ldb_dn_explode.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 12:05:32 +00:00
Douglas Bagnall
1fe8c790b2 CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds
For a string that had N spaces at the beginning, we would
try to move N bytes beyond the end of the string.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14655

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 12:05:32 +00:00
Douglas Bagnall
ea4bd2c437 CVE-2021-20277 ldb tests: ldb_match tests with extra spaces
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14655

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 12:05:32 +00:00
Andreas Schneider
bf1c294adb auth:creds: Free the uname pointer in cli_credentials_parse_string()
The data is duplicated and we don't need it anymore.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 24 03:13:05 UTC 2021 on sn-devel-184
2021-03-24 03:13:05 +00:00
Andreas Schneider
aa34799600 auth:creds: Don't include credentials_internal.h twice
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 02:08:54 +00:00
Joseph Sutton
d7c111514a netcmd: Fix opening SamDB database for offline backup
When opening the backed-up SamDB database, open the top-level database
without loading any modules so the backend database files aren't
unnecessarily opened. The domain SID is now fetched from the original
database rather than from the backup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14676

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
2021-03-24 02:08:54 +00:00
Samuel Cabrero
bb3dcd403c netcmd: Workaround issue backing up offline domain with lmdb >= 0.9.26
The LMDB change "ITS#9278 fix robust mutex cleanup for FreeBSD" released
in version 0.9.26 makes samba-tool domain backup offline to fail with
the following error:

Failed to connect to 'mdb:///tmp/foo/private/sam.ldb.d/CN=CONFIGURATION,DC=FOO,DC=EXAMPLE,DC=COM.ldb' with backend 'mdb': Unable to load ltdb cache records for backend 'ldb_mdb backend'
module samba_dsdb initialization failed : Operations error
Unable to load modules for /tmp/foo/private/sam.ldb.bak-offline: Unable to load ltdb cache records for backend 'ldb_mdb backend'
ERROR(ldb): uncaught exception - Unable to load ltdb cache records for backend 'ldb_mdb backend'
  File "/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/__init__.py", line 186, in _run
    return self.run(*args, **kwargs)
  File "/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/domain_backup.py", line 1147, in run
    session_info=system_session(), lp=lp)
  File "/usr/local/samba/lib64/python3.6/site-packages/samba/samdb.py", line 72, in __init__
    options=options)
  File "/usr/local/samba/lib64/python3.6/site-packages/samba/__init__.py", line 114, in __init__
    self.connect(url, flags, options)
  File "/usr/local/samba/lib64/python3.6/site-packages/samba/samdb.py", line 87, in connect
    options=options)

The error occurs opening the backed ldb to write the backup date and the
next SID, a call to pthread_mutex_lock in mdb_txn_renew0 (frame 8) returns
EINVAL:

  #0  0x00007ff63c2f1bea in wait4 () from /lib64/libc.so.6
  #1  0x00007ff63c26f3a3 in do_system () from /lib64/libc.so.6
  #2  0x00007ff63bc71e94 in smb_panic_default (why=0x7ffed481b7d0 "Signal 6: Aborted") at ../../lib/util/fault.c:153
  #3  0x00007ff63bc72168 in smb_panic (why=0x7ffed481b7d0 "Signal 6: Aborted") at ../../lib/util/fault.c:200
  #4  0x00007ff63bc71c82 in fault_report (sig=6) at ../../lib/util/fault.c:81
  #5  0x00007ff63bc71c97 in sig_fault (sig=6) at ../../lib/util/fault.c:92
  #6  <signal handler called>
  #7  0x00007ff63c2178b5 in raise () from /lib64/libpthread.so.0
  #8  0x00007ff637602e65 in mdb_txn_renew0 (txn=txn@entry=0x55d6f97fb800) at mdb.c:2710
  #9  0x00007ff637603ae8 in mdb_txn_begin (env=0x55d6f85dfa80, parent=0x0, flags=131072, ret=0x55d6f89c0928)
      at mdb.c:2912
  #10 0x00007ff6376236cc in lmdb_lock_read (module=0x55d6f8c5f4b0) at ../../lib/ldb/ldb_mdb/ldb_mdb.c:585
  #11 0x00007ff637641de6 in ldb_kv_cache_load (module=0x55d6f8c5f4b0) at ../../lib/ldb/ldb_key_value/ldb_kv_cache.c:450
  #12 0x00007ff637638792 in ldb_kv_init_store (ldb_kv=0x55d6f8af2a80, name=0x7ff637625675 "ldb_mdb backend",
      ldb=0x55d6f8cd22b0, options=0x0, _module=0x7ffed481c248) at ../../lib/ldb/ldb_key_value/ldb_kv.c:2166
  #13 0x00007ff6376247ba in lmdb_connect (ldb=0x55d6f8cd22b0,
      url=0x55d6f85d41f0 "mdb:///tmp/foo/private/sam.ldb.d/CN=CONFIGURATION,DC=FOO,DC=EXAMPLE,DC=COM.ldb", flags=64,
      options=0x0, _module=0x7ffed481c248) at ../../lib/ldb/ldb_mdb/ldb_mdb.c:1143
  #14 0x00007ff63bd94d2f in ldb_module_connect_backend (ldb=0x55d6f8cd22b0,
      url=0x55d6f85d41f0 "mdb:///tmp/foo/private/sam.ldb.d/CN=CONFIGURATION,DC=FOO,DC=EXAMPLE,DC=COM.ldb",
      options=0x0, backend_module=0x7ffed481c248) at ../../lib/ldb/common/ldb_modules.c:221
  #15 0x00007ff6375a4baf in new_partition_from_dn (ldb=0x55d6f8cd22b0, data=0x55d6f858bed0, mem_ctx=0x55d6f8a03cd0,
      dn=0x55d6f9865450, filename=0x55d6f860b6da "sam.ldb.d/CN=CONFIGURATION,DC=FOO,DC=EXAMPLE,DC=COM.ldb",
      backend_db_store=0x55d6f9d378e0 "mdb", partition=0x7ffed481c308)
      at ../../source4/dsdb/samdb/ldb_modules/partition_init.c:257
  #16 0x00007ff6375a57b9 in partition_reload_if_required (module=0x55d6f8972d10, data=0x55d6f858bed0, parent=0x0)
      at ../../source4/dsdb/samdb/ldb_modules/partition_init.c:513
  #17 0x00007ff6375a3b04 in partition_read_lock (module=0x55d6f8972d10)
      at ../../source4/dsdb/samdb/ldb_modules/partition.c:1492
  #18 0x00007ff63bd9631e in ldb_next_read_lock (module=0x55d6f8972d10) at ../../lib/ldb/common/ldb_modules.c:662
  #19 0x00007ff637484857 in schema_read_lock (module=0x55d6f9377e40)
      at ../../source4/dsdb/samdb/ldb_modules/schema_load.c:614
  #20 0x00007ff63bd9631e in ldb_next_read_lock (module=0x55d6f9377e40) at ../../lib/ldb/common/ldb_modules.c:662
  #21 0x00007ff6374b5402 in samba_dsdb_init (module=0x55d6f91c3cd0)
      at ../../source4/dsdb/samdb/ldb_modules/samba_dsdb.c:483
  #22 0x00007ff63bd95283 in ldb_module_init_chain (ldb=0x55d6f8cd22b0, module=0x55d6f91c3cd0)
      at ../../lib/ldb/common/ldb_modules.c:363
  #23 0x00007ff63bd95645 in ldb_load_modules (ldb=0x55d6f8cd22b0, options=0x0)
      at ../../lib/ldb/common/ldb_modules.c:445
  #24 0x00007ff63bd90663 in ldb_connect (ldb=0x55d6f8cd22b0,
      url=0x7ff6377d98f8 "/tmp/foo/private/sam.ldb.bak-offline", flags=64, options=0x0)
      at ../../lib/ldb/common/ldb.c:274
  #25 0x00007ff63bddb32f in py_ldb_connect (self=0x7ff63778afc0, args=(), Python Exception <class 'gdb.error'> There is no member named ma_keys.:
  kwargs=) at ../../lib/ldb/pyldb.c:1235

Deleting the previous samdb instance by setting it to None before opening the
backed ldb workaround the problem until we find the real problem here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14676

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-03-24 02:08:54 +00:00
Andreas Schneider
c871c22461 s3:netapi: Add libnetapi_set_creds()
This will be used by the 'net' command in future!

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Mar 24 02:07:20 UTC 2021 on sn-devel-184
2021-03-24 02:07:20 +00:00
Andreas Schneider
6968a325d9 s3:netapi: Get rid of set_cmdline_auth_info_*()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
4e82150dc1 auth:creds: Use our own cli_credentials_set_cmdline_callbacks()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
9e5ac70a7e auth:creds: Add command line function for standard password callback
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
ca57356b78 s4:lib:cmdline: Rename cli_credentials_set_cmdline_callbacks()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
3f3093933a s3:netapi: Remove use_ccache from 'struct libnetapi_ctx'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
67d49ac148 s3:netapi: Remove use_kerberos from struct libnetapi_ctx
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
dd7adbfa8f s3:netapi: Remove workgroup from 'struct libnetapi_ctx'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
51d5bebcc1 s3:netapi: Remove password from 'struct libnetapi_ctx'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
d94053f9d8 s3:netapi: Remove username from 'struct libnetapi_ctx'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
fd78554d11 s3:netapi: Use public functions for username/password
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
0aeca4e5a1 s3:netapi: Get username/password from cli_credentials in joindomain.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
3506800d3e s3:netapi: Get username/password from cli_credentials in netapi.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
9285e64a62 s3:netapi: Fill also cli_credentials with netapi setters
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
7bb70f701e s3:netapi: Add a cli_credentials pointer to struct libnetapi_ctx
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
517f94f5bf s3:netapi: Remove unused ctx->krb5_cc_env
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
e79b067e23 s3:netapi: Make 'struct libnetapi_ctx' opaque
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
bcc3945e53 s3:netapi: Use public getters in getjoinableous example
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
44ef7f96e1 s3:netapi: Use public getters in remote_machine example
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Andreas Schneider
c9222ab838 s3:netapi: Implement public libnetapi_get_(username|password) functions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2021-03-24 00:55:32 +00:00
Joseph Sutton
17283de8fd netcmd: Fix typos in offline domain backup test
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 24 00:46:31 UTC 2021 on sn-devel-184
2021-03-24 00:46:31 +00:00
Joseph Sutton
05b17c9859 netcmd: Avoid database corruption by opting not to create database files during an offline domain backup
If backup dirs contain hardlinks, the backup process could previously
attempt to open an LMDB database already opened during the backup,
causing it to be recreated as a new TDB database. This commit ensures
that new database files are not created during this operation, and that
the main SamDB database is not modified.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14027

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz
2021-03-23 23:38:38 +00:00
Joseph Sutton
09995f780d netcmd: Determine which files are to be copied for an offline domain backup
The old behaviour attempted to check for and remove files with duplicate
names, but did not do so due to a bug, and would have left undetermined
which files were given priority when duplicate filenames were present.
Now when hardlinks are present, only one instance of each file is
chosen, with files in the private directory having priority. If one
backup dir is nested inside another, the files contained in the nested
directory are only added once. Additionally, the BIND DNS database is
omitted from the backup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14027

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz
2021-03-23 23:38:38 +00:00
Joseph Sutton
f52e6e5345 netcmd: Add test for an offline backup of nested directories
This test verifies that when performing an offline backup of a domain
where one of the directories to be backed up is nested inside another,
the contained files are only included once in the backup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14027

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz
2021-03-23 23:38:38 +00:00
Joseph Sutton
542678908a netcmd: Add test for an offline backup of a directory containing hardlinks
This test verifies that when performing an offline backup of a domain
where the directories to be backed up contain hardlinks, only one
instance of each file is backed up, and that files in the private
directory take precedence.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14027

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz
2021-03-23 23:38:38 +00:00
Rowland Penny
447ad46158 man winbind: Remove untrue statement, you can run winbind without running nmbd.
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Mar 23 15:15:02 UTC 2021 on sn-devel-184
2021-03-23 15:15:02 +00:00
Jeremy Allison
321703fbea s3: vxfs: Remove unused vxfs_setxattr_path().
Missed when SMB_VFS_SETXATTR() was removed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>

Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Mon Mar 22 22:36:05 UTC 2021 on sn-devel-184
2021-03-22 22:36:05 +00:00
Jeremy Allison
9bb890a2af s3: vxfs: Remove unused vxfs_listxattr_path().
Missed when SMB_VFS_LISTXATTR() was removed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
2021-03-22 21:25:31 +00:00
Trever L. Adams
d6a16ad00e s3:modules:vfs_virusfilter: Recent New_VFS changes break vfs_virusfilter_openat.
The_New_VFS introduces several changes that broke vfs_virusfilter_openat. The assert to make sure certain checks would work broke.

This patch fixes those breaks and converts to the SMB_VFS_FSTAT_NEXT instead of SMB_VFS_STAT_NEXT.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14671
RN: vfs_virusfilter_openat support New_VFS FSTAT, avoid SMB_ASSERT(fsp_get_pathref_fd(dirfsp) == AT_FDCWD); problem.

Signed-off-by: Trever L. Adams" <trever.adams@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Mar 22 19:44:30 UTC 2021 on sn-devel-184
2021-03-22 19:44:30 +00:00
Jeremy Allison
4af9868142 s3: VFS: default: vfswrap_create_dfs_pathat() isn't restricted to dirfsp->conn->cwd_fsp anymore.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
2021-03-22 18:37:34 +00:00
Jeremy Allison
8f38f886ff s3: VFS: time_audit: Log full pathname as smb_time_audit_create_dfs_pathat() isn't restricted to dirfsp->conn->cwd_fsp anymore.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
2021-03-22 18:37:34 +00:00
Jeremy Allison
49bcb91339 s3: VFS: full_audit: Log full pathname as smb_full_audit_create_dfs_pathat() isn't restricted to dirfsp->conn->cwd_fsp anymore.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
2021-03-22 18:37:34 +00:00
Jeremy Allison
ea5c15358f s3: VFS: gluster: vfs_gluster_create_dfs_pathat() isn't restricted to dirfsp->conn->cwd_fsp anymore.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2021-03-22 18:37:34 +00:00
Jeremy Allison
c344ade717 s3: VFS: ceph: cephwrap_create_dfs_pathat() isn't restricted to dirfsp->conn->cwd_fsp anymore.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
2021-03-22 18:37:34 +00:00