IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
These and more are also defined in security_token.h, which is later included
from security.h anyway.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Doing the previous version access checks and semantics at the SMB
layer means we can simplify the shadow_copy2 and remove the kludge.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jan 8 16:58:26 UTC 2024 on atb-devel-224
Now that check_any_access_fsp() is broadly used consistently to
restrict access for all modifying operations, we can add a check for
previous versions to check_any_access_fsp() and it gets enforced
consistently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Replaces the direct access to fsp->access_mask with a call to
check_any_access_fsp() which allows doing additional checks if needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The additional check if fd underlying fd is valid and not -1 should not be done
at this place. I actually would prefer an write to fail with EBADF if this
happens, as it's likely easier to debug why this happened. These days we should
always have a valid fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
smbd_check_access_rights_fsp() requires *all* rights in access_mask to
be granted by the underlying ACL, but the semantics of this function
is supposed to grant access if any one of the rights in
access_requested is allowed.
Fix this by looping over the requested access mask. If
smbd_check_access_rights_fsp() returns sucess, mask will be non-null
and when assigned to access_granted, the subsequent check will pass,
fail otherwise.
I'm not doing an early exit on purpose because a subsequent commit
adds additional security checks that are done in the subsequent code
path common for fsa and non-fsa fsps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The semantics of the access check in check_access_fsp() itself is to
allow access if *at least* one or more rights of the rights in
access_mask are allowed. The name check_any_access_fsp() better
reflects this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Printer file handles went through SMB_VFS_CREATE_FILE() and are network
callable, so it makes sense to set this on them.
This ensures that check_access_fsp() doesn't take the codepath calling
smbd_check_access_rights_fsp(), but just checks the request rights from
fsp->access_mask.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Test more modifying operations are blocked and access masks are correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Frankly, I can't remember why I added this as part of bug 13688. The
goal of the corresponding test is to verify a write on a read-only
file handle fails. As the file is opened O_RDONLY, the write will fail
anyway and there's no need to inject the error.
To make things worse, having the error injected meant we didn't notice
when the underlying logic of forcing the open to be done with O_RDONLY
was done as O_RDWR, resulting in the write on the handle to succeed.
This happened when we introduced reopen_from_fsp(): the initial
pathref open of a path with a twrp value was correctly detected and
handled by shadow_copy2_openat(). However, when converting the pathref
open to a real one via reopen_from_fsp(), shadow_copy2_openat() only
sees the magic /proc/fd path and has no way of inferring that this was
originating from a prevous version open with a twrp value.
Tl;dr: we can just remove this error injection, it is not needed, the
correct fix is to implement this in the SMB layer which is done in the
subsequent commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
As of libcephfs version-10.0.3 the high-level API has few more '*at()'
calls. Prefer those newer hooks over path-based when having an
appropriate directory fd (namely: ceph_mkdirat, ceph_openat,
cepth_unlinkat, ceph_symlinkat, ceph_readlinkat).
Ceph commit: 3831aa12f3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15516
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Gunther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jan 4 21:09:54 UTC 2024 on atb-devel-224
gpfswrap_add_trace() seems not to have a format string that could
understand the %.*s notation.
While there this removes >4k of r/w memory from every smbd.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 4 17:06:19 UTC 2024 on atb-devel-224
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 4 12:45:58 UTC 2024 on atb-devel-224
It was completely unused...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The problem was that we used opt.PRIVATE_EXTENSION_DEFAULT('samba4') and
libndr as private will become libndr-samba4 and that already exists as
libndr-samba4 as we don't append the extension if it's already there.
So meant with --private-libraries=ALL we hit the following problem:
$ ./configure --private-libraries=ALL
$ make smbd/smbd
Waf: Leaving directory `/samba/bin/default'
Task dependency cycle in "run_after" constraints:
{task ...: cshlib dcerpc-samba4.empty.c.12.o,ndr_winbind_c.c.229.o -> libdcerpc-samba4.so}
make: *** [Makefile:131: smbd/smbd] Error 1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
I guess the problem was related to wrapper libraries...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This prevents --private-libraries=ALL from creating unuseable
wrapper libraries, as they can't work with symbol versioning.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This can be used in order to avoid a library to be
catched by --private-libraries=ALL.
It is needed for our wrapper libraries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15545
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
To maintain SMB Multichannel, windows client might periodically query with
FSCTL_QUERY_NETWORK_INTERFACE_INFO to get SMB server's network information,
in my case windows server 2022 would do this every 10 minutes (600 seconds).
Consider a scenario: the network information might have changed between
these queries, some become link down, new interface is link up, network
speed is changed, and etc. So far smbd might not aware of these changes and
still report out-of-date network information to windows client, until we
manually send a SIGHUP to smbd in order to trigger load_interfaces():
smbd_sig_hup_handler() > reload_services () > load_interfaces()
This might be a bit inconvenient because it is hard to decide when should
we manually send a SIGHUP to smbd for refreshing network information.
This patch adds load_interfaces() at fsctl_network_iface_info(), while smbd
received FSCTL_QUERY_NETWORK_INTERFACE_INFO would go through this and refresh
local_interfaces, then respond to client with up-to-date network information;
also refresh num_ifaces to make sure interfaces count is consistent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15547
Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
"addip"/"delip" are different from "moveip" so they don't need to
call ipreallocate() nor send_ipreallocated_control_to_nodes().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
This matches the behavior of takeover_send/recv() from
ctdb_takeover_helper.c.
It means we consistently call the ipreallocated event scripts
and also send CTDB_SRVID_IPREALLOCATED after moving ips.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
That makes the behavior more consistent compared to a takeover run
started from the within ctdbd.
The behavior is the same but ctdb_message_disable_ip_check() used
a legacy code path and the next commits will also touch some
of the moveip logic...
The logic and comments are copied from control_reloadips().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Event scripts run the "ipreallocated" hook in order to notice that some ip addresses
in the cluster potentially changed.
CTDB_SRVID_IPREALLOCATED gives C code a chance to get notified as well once the event
scripts are finished.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
In order to show correct values in the password prompt displayed by
cli_credentials_get_password*(). We need to set the domain and username
in the credentials system.
The credentials supplied via the SMB URL have a higher priority than the
command line options.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jan 4 11:26:52 UTC 2024 on atb-devel-224
The cli_credentials_get_password*() function will interactively ask the
user for a password if none has been supplied via another ways. To show
the correct domain and username in the prompt, we need handle domain
and user first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 2 20:37:01 UTC 2024 on atb-devel-224
Right now we can't traverse a subdirectory in a snapshot which was
deleted in the current set of files.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Dec 29 13:50:05 UTC 2023 on atb-devel-224
