1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/selftest/knownfail.d
Ralph Boehme 9559c00d06 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.

Just passing the base fsp to the VFS fixes this.

vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.

If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep  2 08:55:28 UTC 2024 on atb-devel-224

(cherry picked from commit ecb8a99a2c)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Sep  6 15:26:57 UTC 2024 on atb-devel-224
2024-09-06 15:26:57 +00:00
..
bug-14810 CVE-2020-25720 s4:dsdb/descriptor: Validate owner SIDs written to security descriptors 2022-09-16 02:32:36 +00:00
claims-client-tool netcmd: claims: rename claims and silo tests 2023-10-26 23:32:34 +00:00
complex_expressions
conditional_ace_claims libcli/security: claim_v1_to_ace_token(): avoid unnecessary re-sort 2023-11-27 22:37:32 +00:00
dfs_paths s3: smbd: Fix dumb typos that meant smb1.SMB1-DFS-* tests were running against an SMB2-only fileserver. 2023-03-31 06:07:01 +00:00
dirsync CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY 2023-10-10 14:49:39 +00:00
dns selftest: Fix code spelling 2023-07-05 06:34:32 +00:00
dns-aging dns update: zero flags and reserved 2021-07-05 04:16:34 +00:00
durable-v2-delay
empty-domain-name
getncchanges s4-rpc_server/drsupai: Avoid looping with Azure AD Connect by not incrementing temp_highest_usn for the NC root 2023-08-13 21:59:29 +00:00
gkdi tests/krb5: Test that root key data is the correct length in bytes 2023-12-22 05:33:31 +00:00
initshutdown
kdc-salt dsdb: Allow special chars like "@" in samAccountName when generating the salt 2021-10-20 12:54:54 +00:00
kinit_trust
krb5-no-preauth selftest: knownfail updates after Heimdal Upgrade 2022-01-19 20:50:35 +00:00
ldap CVE-2020-25722 Ensure the structural objectclass cannot be changed 2021-11-09 19:45:34 +00:00
ldap_spn CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object 2022-01-31 15:27:37 +00:00
lm-hash-support-gone torture: Allow Samba as an AD DC to use zeros for LM key 2022-03-17 02:47:13 +00:00
modify-order CVE-2020-25722 Ensure the structural objectclass cannot be changed 2021-11-09 19:45:34 +00:00
multichannel selftest: enable 'server multi channel support = yes' 2021-03-06 02:20:05 +00:00
netlogon
nt-hash-support-gone samba-tool user: Accomodate missing unicodePwd in getpassword command 2022-06-26 22:10:29 +00:00
ntlmv2-restrictions s4:torture: Migrate smbtorture to new cmdline option parser 2021-06-16 00:34:38 +00:00
oneway selftest: fl2000dc: Add outgoing trust from fl2000dc to ad_dc 2021-07-07 14:10:29 +00:00
priv_attr CVE-2020-25722 selftest/priv_attrs: Mention that these knownfails are OK (for now) 2021-11-09 19:45:32 +00:00
protected_users s4:auth: Disable NTLM authentication for Protected Users 2022-03-18 11:55:30 +00:00
python-segfaults pyldb: Fix deleting an ldb.Control critical flag 2021-09-28 09:44:35 +00:00
quota1
README selftest/knownfail.d: README memntions expectedfail.d 2023-12-10 21:24:38 +00:00
replica_sync knownfail: remove python[23] lines 2021-03-17 05:57:34 +00:00
rpc-dfs s3:rpc_server: Fix double blackslash issue in dfs path 2023-07-05 20:24:35 +00:00
rpc-netlogon-zerologon CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 max len password 2020-10-16 04:45:40 +00:00
rw-invalid
s3-logging tests: adapt logging test for s3. 2022-06-17 01:28:30 +00:00
s3-lsa-server
samba3.rpc.samr lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba3.vfs.fruit
samba4.ldap.confidential_attr CVE-2018-14628: s4:setup: set the correct nTSecurityDescriptor on the CN=Deleted Objects container 2023-10-16 14:39:33 +00:00
samba4.rpc.netlogon-s3 lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba4.rpc.samr lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba-tool-user-get-kerberos-ticket selftest: Add tests for "samba-tool user get-kerberos-ticket" 2023-12-21 02:05:38 +00:00
security-descriptors libcli/security/tests: remove duplicate TX-integer tests from oversized-ACLs 2023-11-27 01:12:40 +00:00
sid-strings libcli/security: SDDL accepts lowercase "s-" in SIDs 2023-11-01 20:10:45 +00:00
silo-client-tool netcmd: claims: rename claims and silo tests 2023-10-26 23:32:34 +00:00
smb1-tests Add test smbclient 'delree' of dir (on DFS share) 2022-06-17 16:20:35 +00:00
smb2.replay smb2_server: don't cancel pending request if at least one channel is still alive 2021-03-29 19:36:37 +00:00
smb2.session s3:smbd: really support AES-256* in the server 2021-07-20 16:13:28 +00:00
smbclient_machine_auth.plain s3:tests: Correctly implement tests for forceuser/forcegroup 2023-04-06 12:51:30 +00:00
smbclient-smb3 s3/client: fix dfs deltree, resolve dfs path 2022-06-17 17:12:07 +00:00
source3-epmapper s3:rpc_server: Add samba-dcerpcd helper programs 2021-12-10 14:02:30 +00:00
srvsvc
symlink libsmb: Fix parsing symlink reparse points 2023-09-08 17:24:19 +00:00
uac_objectclass_restrict CVE-2020-25722 Ensure the structural objectclass cannot be changed 2021-11-09 19:45:34 +00:00
upn_handling
usage s4:scripting: Generate HRESULT definitions as part of the build process 2024-01-15 00:48:40 +00:00
user_getpassword_gmsa python: tests: blackbox test for GMSA 2023-12-21 02:05:38 +00:00
vlv CVE-2020-10760 dsdb: Add tests for paged_results and VLV over the Global Catalog port 2020-07-02 09:01:41 +00:00
wkssvc

# Files in this directory contain lists of regular expressions
# matching the names of tests that are temporarily expected to fail.
#
# Tests that are intended to *always* fail (e.g. to prove that the
# test can't succeed under certain conditions) should be added under
# selftest/expectedfail.d instead.
#
# "make test" will not report failures for tests listed here and will consider
# a successful run for any of these tests an error.
#
# Empty lines and lines beginning with '#' are ignored.
# Please don't add tests to this README!