summaryrefslogtreecommitdiff
path: root/source3/lib/sharesec.c
Commit message (Collapse)AuthorAgeFilesLines
* sharesec: Remove error message for unmarshall_sec_desc failureChristof Schmitt2015-07-061-2/+0
| | | | | | | | | | In a cluster setup, running sharesec -D results in an empty record that triggers this message. The situation is correctly handled in the code (unmarshall_sec_desc fails and sharesec uses the default), so simply remove the message in this case. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Convert the few instances of int32 there were to int32_t.Richard Sharpe2015-05-161-1/+1
| | | | | | | | Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat May 16 03:09:12 CEST 2015 on sn-devel-104
* Change all uses of uint32/16/8 in proto.h to uint32_t/16_t/8_t.Richard Sharpe2015-04-291-6/+6
| | | | | Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* sharesec: don't leak state_path onto talloc tosDavid Disseldorp2014-11-031-2/+10
| | | | | | | Also check for allocation failures. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dbwrap: add a dbwrap_flags argument to db_open()Michael Adam2014-02-071-1/+1
| | | | | | | | | | This is in preparation to support handing flags to backends, in particular activating read only record support for ctdb databases. For a start, this does nothing but adding the parameter, and all databases use DBWRAP_FLAG_NONE. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Change the S3 fileserver over to se_file_access_check().Jeremy Allison2012-08-311-1/+1
| | | | | Don't set the priv_open_requested yet until the open-for-backup request is correctly passed in.
* dbwrap: dbwrap_store_int32->dbwrap_store_int32_bystringVolker Lendecke2012-06-151-6/+6
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* dbwrap: dbwrap_fetch_int32->dbwrap_fetch_int32_bystringVolker Lendecke2012-06-151-2/+2
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* s3: Add a "lock_order" argument to db_openVolker Lendecke2012-01-181-1/+2
| | | | | | | This will be used to enforce a lock hierarchy between the databases. We have seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb. These should be fixed by refusing a dbwrap_fetch_locked that does not follow a defined lock hierarchy.
* s3:dbwrap: change dbwrap_store_int32() to NTSTATUS return typeMichael Adam2011-10-111-9/+15
| | | | for consistency and better error propagation
* s3:dbwrap: convert dbwrap_fetch_int32() to NTSTATUS return codeMichael Adam2011-10-111-3/+11
| | | | | | Return the int32 value retrieved from the db by reference. Before this, return value "-1" was used as a error indication, but it could also be a valid value from the database.
* s3:sharesec: convert sharesec.c to use dbwrap wrapper functionsMichael Adam2011-10-111-18/+24
| | | | Avoid direct use of the db_record and db_context structs
* s3:dbwrap: convert dbwrap_fetch(), dbwrap_fetch_bystring() and ↵Michael Adam2011-10-111-2/+2
| | | | dbwrap_fetch_bystring_upper() to NTSTATUS
* s3:dbwrap: move all .c and .h files of dbwrap to lib/dbwrap/Michael Adam2011-07-291-1/+1
| | | | | Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
* s3:dbwrap: move db_open() to a file dbwrap_open.c of its own.Michael Adam2011-07-291-0/+1
| | | | | | Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and make the fallbacke implementation functoins non-static and create a dbwrap_private.h header file that contains their prototypes.
* s3:lib change default share security access maskChristian Ambach2011-07-261-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | when there is no share SD set, the default share SD that is used e.g. for the output of sharesec -v defaults to a value that is not equivalent to the desired FULL access. This is a more or less a cosmetical follow-up for the patches in Bug #8201 that makes them more consumeable by printing FULL (that is what the user expects) instead of a bitmask in hexadecimal form. previous output: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/0x101f01ff with patch: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/FULL Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Tue Jul 26 15:57:55 CEST 2011 on sn-devel-104
* s3:sharesec: return an error if get_share_security() returns NULLStefan Metzmacher2011-07-061-1/+1
| | | | | | | | | | | | This indicates an error, as it uses get_share_security_default() if no security descriptor is configured. Jeremy, please check. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jul 6 15:40:23 CEST 2011 on sn-devel-104
* s3:sharesec: also initialize pgranted if get_share_security() returns NULLStefan Metzmacher2011-07-061-0/+3
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jul 6 12:54:30 CEST 2011 on sn-devel-104
* s3: Return "granted" from share_access_checkVolker Lendecke2011-07-051-2/+8
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
* s3: only include tdb headers where needed.Günther Deschner2011-05-061-0/+1
| | | | Guenther
* s3-includes: only include system/filesys.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-0/+1
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s3:auth Remove NT_USER_TOKENAndrew Bartlett2010-09-111-1/+1
| | | | | | | | | The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-build: use dbwrap.h only where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3-build: only use ndr_security.h where needed.Günther Deschner2010-05-311-0/+1
| | | | Guenther
* s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett2010-05-211-1/+1
| | | | | | | | | | This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner2010-05-181-9/+9
| | | | Guenther
* s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner2010-05-181-2/+2
| | | | Guenther
* s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner2010-05-181-3/+3
| | | | Guenther
* s3: Remove use of iconv_convenience.Jelmer Vernooij2010-05-181-1/+1
|
* share_info.tdb could use non-canonicalized sharenames.Jeremy Allison2010-03-221-14/+143
| | | | | | | | Fix this by moving canonicalization into lib/sharesec.c. Update the db version to 3. Ensures we always find share names with security descriptors attached. Jeremy.
* s3/smbd: open the share_info.tdb on startup instead of tconxSteven Danneman2009-08-261-1/+1
| | | | | | | | This is a small performance optimization. Instead of opening the tdb on every smb connection in the forked child process, we now open it in the parent and share the fd. This also reduces the total fd usage in the system.
* Add iconv_convenience argument to size functions.Jelmer Vernooij2009-01-011-1/+1
|
* Make sure share_info.tdb is open before attempting to delete an entrySteven Danneman2008-12-281-2/+6
|
* Another unused variable.Jeremy Allison2008-10-311-1/+0
|
* Unify se_access_check with the S4 code. Will makeJeremy Allison2008-10-311-2/+2
| | | | | | calculation of SEC_FLAG_MAXIMUM_ALLOWED much easier for files. Jeremy.
* Remove SEC_ACCESS. It's a uint32_t.Jeremy Allison2008-10-091-4/+4
| | | | Jeremy.
* Thanks metze for pointing out the missing extern :-)Volker Lendecke2008-09-081-1/+1
| | | | (This used to be commit b62540cd48212a80c8cb4a264f740591a0229944)
* Remove some duplicate codeVolker Lendecke2008-09-081-6/+1
| | | | (This used to be commit 564bfe94ac87c918482ade65980270326dc8ed6d)
* fixed lots of places that paniced on a failed transaction_commit,Andrew Tridgell2008-08-131-1/+1
| | | | | thinking it was a failure of a transaction cancel (This used to be commit 22dbe158ed62ae47bbcb41bba3db345294f75437)
* first cut at adding full transactions for ctdb to samba3Andrew Tridgell2008-08-131-1/+1
| | | | (This used to be commit f91a3e0f7b7737c1d0667cd961ea950e2b93e592)
* lib/sharesec.c: fix the upgrade code, db_traverse returns the number of records!Stefan Metzmacher2008-04-151-2/+4
| | | | | metze (This used to be commit ccdebe97f85b76378e42d8cf08324228bd19cf32)
* Convert dbwrap_trans_delete to NTSTATUSVolker Lendecke2008-04-011-2/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit dead193f46c2b19955ab3e5ac5ba343694f4858a)
* Convert dbwrap_trans_store to NTSTATUSVolker Lendecke2008-04-011-4/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit 5f4de856af1abe63b13059bbe1615cb5877770d0)
* sharesec: use db_open_trans()Stefan Metzmacher2008-04-011-2/+2
| | | | | metze (This used to be commit 1c59142ccc46616c10b98c51601361f203d542d6)
* Convert share_info.tdb to dbwrapVolker Lendecke2008-04-011-17/+64
| | | | (This used to be commit bc9b4c43b8824cd53f9ab613bcbb94cd5193f43e)
* Fix a memory leakVolker Lendecke2008-03-281-0/+2
| | | | (This used to be commit ce1bd43cdae63ff05aefaded419388e7b9e3ba9a)
* use tdb_wipe_all() instead of tdb_wipe() - it is faster...Michael Adam2008-03-261-1/+1
| | | | | Michael (This used to be commit 3d2fdcd50fdbfb66a14360516836445d47eceeb0)
* util_tdb: add a wrapper tdb_wipe() for traverse with tdb_traverse_delete_fn().Michael Adam2008-03-251-1/+1
| | | | | | | | Replace all callers of traverse with this tdb_traverse_delete_fn() and don't export tdb_traverse_delete_fn() anymore. Michael (This used to be commit d4be4e30cd8c3bdc303da30e42280f892a45a8c9)
View Lorry Controller Status