| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When "ignore system acls" is set to "yes, we need to ensure filesystem
permission always grant access so that when doing our own access checks
we don't run into situations where we grant access but the filesystem
doesn't.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144
(cherry picked from commit b72287514cc78c9019db7385af4c9b9d94f60894)
|
|
|
|
|
|
|
|
|
|
|
| |
Better for performance and a subsequent commit will add one more option
where this will pay off.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)
|
|
|
|
|
|
|
| |
* instead of const char *.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
We only need a basic STAT here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
| |
Check the smb_filename->flags field, or req->posix_pathnames
instead, depending on what is available.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
const char *.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Preparing to reduce use of lp_posix_pathnames().
Uses the same techniques as commit 616d068f0cebb8e50a855b6e30f36fccb7f5a3c8
(synthetic_smb_fname()) to cope with modules that
modify the incoming pathname.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Feb 25 20:46:49 CET 2016 on sn-devel-144
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
|
|
|
|
|
| |
This allows the static build of the modules.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
| |
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
vfs_stat_smb_fname() and vfs_lstat_smb_fname() should be calling vfs_stat_smb_basename().
They are all post-stream name processing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
This is in preparation to support handing flags to backends,
in particular activating read only record support for ctdb
databases. For a start, this does nothing but adding the
parameter, and all databases use DBWRAP_FLAG_NONE.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
| |
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
|
|
|
|
|
| |
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Mon Dec 12 04:58:40 CET 2011 on sn-devel-104
|
|
|
|
|
| |
now done correctly in the main codepath. The vfs_acl_XXXX modules are
now thin shims that simply store/retrieve ACLs as they should be.
|
|
|
|
|
| |
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Nov 2 02:13:51 CET 2011 on sn-devel-104
|
|
|
|
| |
now handle this.
|
|
|
|
| |
Avoid direct use of the db_record and db_context structs.
|
|
|
|
|
|
|
| |
the acl_xattr code). Remove the "experimental" tag.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Sep 27 21:00:12 CEST 2011 on sn-devel-104
|
|
|
|
|
| |
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
|
|
|
|
|
|
| |
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
|
|
|
|
|
|
|
|
|
|
|
|
| |
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
|
|
| |
Guenther
|
|
|
|
|
|
|
|
|
|
|
| |
This should finally fix the AIX build and allow to remove AIX specific ifdefs.
Guenther
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Apr 21 02:01:20 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
|
| |
There is no reason for smbd with Windows ACLs to use chmod
or fchmod unless it's a file opened with UNIX extensions or
with posix pathnames.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Apr 2 02:40:43 CEST 2011 on sn-devel-104
|
|
|
|
| |
Guenther
|
|
|
|
| |
Guenther
|
|
|
|
| |
Guenther
|
|
|
|
|
| |
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 16 03:36:04 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
| |
Samba ACL module to ignore mapping to lower POSIX layer. With this
fix Samba 3.6.x now passes RAW-ACLs (with certain smb.conf parameters
set).
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 16 01:26:31 UTC 2010 on sn-devel-104
|
|
|
|
| |
Guenther
|
|
|
|
|
|
|
| |
both vfs_acl_common.c and vfs_acl_tdb.c were using the connection
handle, thus conflicted. Fix this.
Jeremy.
|
|
|
|
|
|
| |
Shuttle-reviewed by jra :)
Guenther
|
|
|
|
|
|
|
| |
As pointed out by bj@sernet.de, the rmdir module initializer was
duplicated. Fix this properly.
Jeremy.
|
|
|
|
|
|
|
|
|
|
| |
rights fails even if the delete right is set on the object.
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.
Jeremy.
|
|
|
|
|
|
|
|
|
|
| |
properly inherit permissions from parent and 6938 - No hook exists to check creation rights when using acl_xattr module
Volker was right (dammit :-). It's much easier to catch
this case in the create_file() vfs call instead of trying
to do everything inside open() and mkdir(). Hook all these
functions to gain the desired effect.
Jeremy.
|
|
|
|
|
|
|
| |
reads off the underlying filesystem. Ensure that vfs_acl_tdb.c
returns NT_STATUS_NOT_FOUND, not NT_STATUS_OBJECT_NAME_NOT_FOUND
when it can't find a blob matching the file.
Jeremy.
|
|
|
|
|
|
|
|
|
| |
module
Fix ACL modules to test for permissions on open/mkdir/opendir.
Ensure that underlying ACLs are returned for directories/files with
no Windows xattr or tdb acls stored.
Jeremy.
|
|
|
|
|
|
|
|
| |
down to NEXT-> before initializing. This allows us to
do cleanup (by calling DISCONNECT) if initialization
fails. Also fix vfs_acl_xattr which was failing to
call the NEXT connect function.
Jeremy.
|
|
|
|
|
|
|
| |
inherit acls = yes or xattrs are removed.
We also need dos filemode = true set as well.
Jeremy.
|
|
|
|
|
|
| |
xattrs are removed.
Jeremy.
|
|
|
|
|
|
| |
function vfs_stat_fsp(). Stops code looking at fsp->posix_open
except for exceptional circumstances.
Jeremy.
|
|
|
|
|
|
|
| |
into acl_tdb and acl_xattr. Duplicates the code size, but keeps
the code in common so I don't have to do bug fixes in two places
(which is what I really cared about).
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
|
| |
code here needs tidying up. Compiles but not yet tested.
Jeremy.
|
|
|
|
|
|
|
|
| |
the hash function selectable. Upgrade version.
Compiles but not fully tested yet (coming). Make
vfs_acl_tdb.c compile - this needs updating to
match acl_xattr (also coming soon).
Jeremy.
|
| |
|
| |
|
| |
|