IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We need the parameters earlier in the code so we move up
the declaration of the params struct. Since reading the
parameters is closely related the definition of the function
smbacl4_get_vfs_params has also been moved up.
Reviewed-By: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This ensures the caller knows exactly what the memory lifetime of this
returned object is. This makes the NFSv4 ACL code consistent with the
POSIX and NT ACL code, to avoid supprising developers who have worked
on those other parts of the ACL code.
Most of this patch is adding a memory context to the callers and passing it in.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Nov 17 01:11:07 CET 2012 on sn-devel-104
the ACEs should be talloc children of the ACL itself and not be placed on talloc_tos()
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett
A full fsp is a bit overkill here
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 9 13:38:49 CEST 2012 on sn-devel-104
While it is possible to define inheritance flags on files on Windows, this will
be denied by GPFS and UFS (and potentially others).
So it will be better to strip of these bits when being set for files instead of
failing to set the ACL completely (this is current behavior).
Users that want to retain the full SD will have to use acl_xattr (acl_tdb), as
other pieces of the SD are also lost when translating to NFSv4. So this should
not be a too intrusive change, but allow users to migrate data with such flags
instead of failing to migrate the ACL completely.
By checking just the IDMAP, and by removing the sidmap and lookup_sid calls, we support
IDMAP_BOTH. This is because by checking for a mapping to a GID first, we can rely on
the fact that IDMAP_BOTH will resolve to a GID.
If the sidmap idea is valued - it allows multiple SIDs to map to a single unix ID, this should
be done in the IDMAP layer.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 11 01:17:36 CEST 2012 on sn-devel-104
Signed-off-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed Jul 18 17:45:05 CEST 2012 on sn-devel-104
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
Thanks to Youzhong Yang for discovering this issue.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Sep 7 22:56:06 CEST 2011 on sn-devel-104
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
simplify the check insmbacl4_find_equal_special()
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Thu Jul 28 13:20:38 CEST 2011 on sn-devel-104
we should not merge ACEs with different flags (e.g. CI/OI/I/)
Otherwise ACLs get wrong entries and thus wrong semantics
Example:
ACL:BUILTIN\Users:ALLOWED/0x0/FULL
ACL:BUILTIN\Users:ALLOWED/I/READ
got merged to
ACL:BUILTIN\Users:ALLOWED/I/FULL
This is not the same and also leads to wrong displays
in the Windows ACL dialog
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Wed Jul 27 16:03:51 CEST 2011 on sn-devel-104
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
into two separate functions rather than trying to do
it inline. Allows us to carefully control what flags
are mapped to what in one place. Modification to
bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE
same issue as with the audit modules:
using a wrong parameter leads to smbd crash as lp_enum()
will not terminate on last entry of the array
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue May 24 20:13:39 CEST 2011 on sn-devel-104
Start of the move towards handle-based code for directory access.
Currently makes fstat/fchown code work for directories rather than
falling back to pathnames.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 8 06:34:41 CET 2011 on sn-devel-104
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
Use accessor functions to get to this value. Tidies up much of
the user context code. Volker, please look at the changes in smbd/uid.c
to familiarize yourself with these changes as I think they make the
logic in there cleaner.
Cause smbd/posix_acls.c code to look at current user context, not
stored context on the conn struct - allows correct use of these
function calls under a become_root()/unbecome_root() pair.
Jeremy.
GPFS sets inherits dir_inhert and file_inherit flags
to files, too, which confuses windows, and seems to
be wrong anyways.
So when mapping a nfs4 acl to a windows acl, we map these
flags away for files.
Michael
user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly
(X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED
(X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
group:10000005:rwxc:allow
(X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED
(X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly
(X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED
(X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
would be merged to
user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly
(X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED
(X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly
(X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED
(X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED
so the explicit right for the user on the parent directory will be gone (the InheritOnly flag only accounts to subdirectories)
thus leaving the user without access to the directory itself
Signed-off-by: Christian Ambach <christian.ambach@de.ibm.com>
This patch introduces two new temporary helper functions
vfs_stat_smb_fname and vfs_lstat_smb_fname. They basically allowed me
to call the new smb_filename version of stat, while avoiding plumbing
it through callers that are still too inconvenient. As the conversion
moves along, I will be able to remove callers of this, with the goal
being to remove all callers.
There was also a bug in create_synthetic_smb_fname_split (also a
temporary utility function) that caused it to incorrectly handle
filenames with ':'s in them when in posix mode. This is now fixed.
This patch introduces
struct stat_ex {
dev_t st_ex_dev;
ino_t st_ex_ino;
mode_t st_ex_mode;
nlink_t st_ex_nlink;
uid_t st_ex_uid;
gid_t st_ex_gid;
dev_t st_ex_rdev;
off_t st_ex_size;
struct timespec st_ex_atime;
struct timespec st_ex_mtime;
struct timespec st_ex_ctime;
struct timespec st_ex_btime; /* birthtime */
blksize_t st_ex_blksize;
blkcnt_t st_ex_blocks;
};
typedef struct stat_ex SMB_STRUCT_STAT;
It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.
Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.
At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.
It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.
As the NFSv4 ACL mapping code doesn't map write directory into the DELETE_CHILD
permission bit (which we require before allowing a delete) no one can delete
files without an explicit DELETE_CHILD bit set on the directory. Add this mapping.
Jeremy.
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
(This used to be commit 6585ea2cb7)
return to correctly return NT_STATUS_INVALID_OWNER if it
should be disallowed. Matches better what W2K3R3 does.
NFSv4 ACL module owners, please examine these changes.
Jeremy.
(This used to be commit fc6899a550)
code is wrong or bad or anything, just that it
needs to be discussed & reviewed on the samba-technical
list before we add a platform-specific NFSv4 mapping.
That way lies a lot of future pain :-).
Jeremy.
(This used to be commit 330899ec30)
