summaryrefslogtreecommitdiff
path: root/source3/modules/vfs_acl_tdb.c
Commit message (Collapse)AuthorAgeFilesLines
* vfs_acl_xattr|tdb: enforced settings when ignore system acls=yesRalph Boehme2016-09-071-0/+21
| | | | | | | | | | | | | | | | | When "ignore system acls" is set to "yes, we need to ensure filesystem permission always grant access so that when doing our own access checks we don't run into situations where we grant access but the filesystem doesn't. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144 (cherry picked from commit b72287514cc78c9019db7385af4c9b9d94f60894)
* vfs_acl_tdb|xattr: use a config handleRalph Boehme2016-09-071-0/+7
| | | | | | | | | | | Better for performance and a subsequent commit will add one more option where this will pay off. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)
* s3: smbd: Modify vfs_stat_smb_basename() to take a const struct smb_filename ↵Jeremy Allison2016-03-241-2/+2
| | | | | | | * instead of const char *. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* s3: vfs: vfs_acl_tdb. Remove use of vfs_stat_smb_basename().Jeremy Allison2016-03-241-3/+5
| | | | | | | We only need a basic STAT here. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* s3: smbd: Remove many common uses of lp_posix_pathnames().Jeremy Allison2016-03-241-1/+1
| | | | | | | | Check the smb_filename->flags field, or req->posix_pathnames instead, depending on what is available. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* s3:vfs: Change get_acl_blob() to take a const smb_filename * parameter from ↵Jeremy Allison2016-03-151-3/+5
| | | | | | | const char *. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Uri Simchoni <uri@samba.org>
* VFS: Modify rmdir to take a const struct smb_filename * instead of const char *Jeremy Allison2016-02-251-3/+4
| | | | | | | | | | | | | | Preparing to reduce use of lp_posix_pathnames(). Uses the same techniques as commit 616d068f0cebb8e50a855b6e30f36fccb7f5a3c8 (synthetic_smb_fname()) to cope with modules that modify the incoming pathname. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Thu Feb 25 20:46:49 CET 2016 on sn-devel-144
* vfs_acl_*: Only sha256 neededVolker Lendecke2015-11-091-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:modules/vfs_*: make function prototypes available via static_decl_vfs;Stefan Metzmacher2015-08-201-0/+1
| | | | | | | This allows the static build of the modules. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Convert all uint8/16/32 to _t in all modules.Richard Sharpe2015-05-061-3/+3
| | | | | Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: smbd: VFS: All the places that are currently calling ↵Jeremy Allison2015-05-051-13/+3
| | | | | | | | | | | | vfs_stat_smb_fname() and vfs_lstat_smb_fname() should be calling vfs_stat_smb_basename(). They are all post-stream name processing. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* dbwrap: add a dbwrap_flags argument to db_open()Michael Adam2014-02-071-1/+1
| | | | | | | | | | This is in preparation to support handing flags to backends, in particular activating read only record support for ctdb databases. For a start, this does nothing but adding the parameter, and all databases use DBWRAP_FLAG_NONE. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* vfs: Convert unlink_acl_tdb to cp_smb_filenameVolker Lendecke2013-04-171-4/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3: Add a "lock_order" argument to db_openVolker Lendecke2012-01-181-1/+2
| | | | | | | This will be used to enforce a lock hierarchy between the databases. We have seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb. These should be fixed by refusing a dbwrap_fetch_locked that does not follow a defined lock hierarchy.
* vfs: Make function pointer names consistent. They all end in _fnRichard Sharpe2011-12-121-12/+12
| | | | | Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Mon Dec 12 04:58:40 CET 2011 on sn-devel-104
* Remove the setting of the inherited ACL on new files/directories. This isJeremy Allison2011-11-221-1/+0
| | | | | now done correctly in the main codepath. The vfs_acl_XXXX modules are now thin shims that simply store/retrieve ACLs as they should be.
* Remove opendir() VFS code from ACL modules.Jeremy Allison2011-11-021-1/+0
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Nov 2 02:13:51 CET 2011 on sn-devel-104
* Remove the mkdir and open functions from the ACL modules - main code paths ↵Jeremy Allison2011-10-281-2/+0
| | | | now handle this.
* s3:vfs: convert the acl_tdb module to use dbwrap wrapper functions.Michael Adam2011-10-111-13/+14
| | | | Avoid direct use of the db_record and db_context structs.
* These modules are no longer experimental but production-ready (especiallyJeremy Allison2011-09-271-2/+0
| | | | | | | the acl_xattr code). Remove the "experimental" tag. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Sep 27 21:00:12 CEST 2011 on sn-devel-104
* s3:dbwrap: move all .c and .h files of dbwrap to lib/dbwrap/Michael Adam2011-07-291-1/+1
| | | | | Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
* s3:dbwrap: move db_open() to a file dbwrap_open.c of its own.Michael Adam2011-07-291-0/+1
| | | | | | Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and make the fallbacke implementation functoins non-static and create a dbwrap_private.h header file that contains their prototypes.
* tdb_compat: Higher level API fixes.Rusty Russell2011-06-201-1/+1
| | | | | | | | | | | | My previous patches fixed up all direct TDB callers, but there are a few utility functions and the db_context functions which are still using the old -1 / 0 return codes. It's clearer to fix up all the callers of these too, so everywhere is consistent: non-zero means an error. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* s3: only include tdb headers where needed.Günther Deschner2011-05-061-0/+1
| | | | Guenther
* s3-vfs: rename open function to open_fn.Günther Deschner2011-04-211-1/+1
| | | | | | | | | | | This should finally fix the AIX build and allow to remove AIX specific ifdefs. Guenther Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Apr 21 02:01:20 CEST 2011 on sn-devel-104
* Fix bug #7987 - ACL can get lost when files are being renamed.Jeremy Allison2011-04-021-1/+5
| | | | | | | | | There is no reason for smbd with Windows ACLs to use chmod or fchmod unless it's a file opened with UNIX extensions or with posix pathnames. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Apr 2 02:40:43 CEST 2011 on sn-devel-104
* s3-auth: vfs modules need auth.hGünther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-vfs: include smbd/smbd.h in vfs modules.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-includes: only include system/filesys.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* Ensure we have correct parameters to use Windows ACL modules.Jeremy Allison2010-10-161-2/+5
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 16 03:36:04 UTC 2010 on sn-devel-104
* Add acl_xattr:ignore system acls boolean (normally false) to allowJeremy Allison2010-10-161-0/+1
| | | | | | | | | | | Samba ACL module to ignore mapping to lower POSIX layer. With this fix Samba 3.6.x now passes RAW-ACLs (with certain smb.conf parameters set). Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Oct 16 01:26:31 UTC 2010 on sn-devel-104
* s3-build: use dbwrap.h only where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* Fix bug #7283 - vfs_acl_tdb does not work as expected.Jeremy Allison2010-03-241-34/+14
| | | | | | | both vfs_acl_common.c and vfs_acl_tdb.c were using the connection handle, thus conflicted. Fix this. Jeremy.
* s3-modules: fix get_acl_blob in the acl_tdb VFS module.Günther Deschner2010-02-181-1/+1
| | | | | | Shuttle-reviewed by jra :) Guenther
* Fix bug #6876 for acl_tdb module.Jeremy Allison2010-02-081-2/+1
| | | | | | | As pointed out by bj@sernet.de, the rmdir module initializer was duplicated. Fix this properly. Jeremy.
* Fix bug #6876 - Delete of an object whose parent folder does not have delete ↵Jeremy Allison2010-01-121-1/+2
| | | | | | | | | | rights fails even if the delete right is set on the object. Final fix for the vfs_acl_xattr and vfs_acl_tdb code. Ensure we can delete a file even if the underlying POSIX permissions don't allow it, if the Windows permissions do. Jeremy.
* Hopefullt final fix for 6802 - acl_xattr.c module: A created folder does not ↵Jeremy Allison2009-12-071-50/+1
| | | | | | | | | | properly inherit permissions from parent and 6938 - No hook exists to check creation rights when using acl_xattr module Volker was right (dammit :-). It's much easier to catch this case in the create_file() vfs call instead of trying to do everything inside open() and mkdir(). Hook all these functions to gain the desired effect. Jeremy.
* Ensure get_nt_acl_internal() only looks at the ACL blobs, notJeremy Allison2009-12-021-1/+1
| | | | | | | reads off the underlying filesystem. Ensure that vfs_acl_tdb.c returns NT_STATUS_NOT_FOUND, not NT_STATUS_OBJECT_NAME_NOT_FOUND when it can't find a blob matching the file. Jeremy.
* Fix bug 6938 : No hook exists to check creation rights when using acl_xattr ↵Jeremy Allison2009-11-301-0/+1
| | | | | | | | | module Fix ACL modules to test for permissions on open/mkdir/opendir. Ensure that underlying ACLs are returned for directories/files with no Windows xattr or tdb acls stored. Jeremy.
* Restructure the connect function code to always callJeremy Allison2009-11-301-5/+4
| | | | | | | | down to NEXT-> before initializing. This allows us to do cleanup (by calling DISCONNECT) if initialization fails. Also fix vfs_acl_xattr which was failing to call the NEXT connect function. Jeremy.
* Second part of bugfix for 6865 - acl_xattr module: Has dependency that ↵Jeremy Allison2009-11-111-2/+4
| | | | | | | inherit acls = yes or xattrs are removed. We also need dos filemode = true set as well. Jeremy.
* Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or ↵Jeremy Allison2009-11-061-0/+6
| | | | | | xattrs are removed. Jeremy.
* Remove lots of duplicate code and move it into oneJeremy Allison2009-10-021-32/+18
| | | | | | function vfs_stat_fsp(). Stops code looking at fsp->posix_open except for exceptional circumstances. Jeremy.
* Fix the build breakage by #including modules/vfs_acl_common.cJeremy Allison2009-07-271-3/+5
| | | | | | | into acl_tdb and acl_xattr. Duplicates the code size, but keeps the code in common so I don't have to do bug fixes in two places (which is what I really cared about). Jeremy.
* Factor out common code into vfs_acl_common.c.Jeremy Allison2009-07-241-638/+8
| | | | Jeremy.
* Make acl_tdb match acl_xattr. Large duplication ofJeremy Allison2009-07-241-68/+225
| | | | | code here needs tidying up. Compiles but not yet tested. Jeremy.
* Fix hash function in acl_xattr to be SHA256, makeJeremy Allison2009-07-241-10/+10
| | | | | | | | the hash function selectable. Upgrade version. Compiles but not fully tested yet (coming). Make vfs_acl_tdb.c compile - this needs updating to match acl_xattr (also coming soon). Jeremy.
* Make the smbd VFS typesafeVolker Lendecke2009-07-241-24/+13
|
* s3: Finish plumbing the fsp->fsp_name smb_fname conversion through the modules.Tim Prouty2009-07-201-53/+45
|
* s3: Plumb smb_filename through SMB_VFS_UNLINKTim Prouty2009-07-061-9/+18
|
View Lorry Controller Status