Ralph Boehme [Tue, 26 Nov 2024 18:44:13 +0000 (19:44 +0100)]
smbd: rename SMB2_FILE_POSIX_INFORMATION to FSCC_FILE_POSIX_INFORMATION
Streamline the info-level defines. Also get rid of
SMB2_FILE_POSIX_INFORMATION_INTERNAL which is not needed for an info-level that
is exclusive to SMB2.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Trying to pull registry-1.docker.io/i386/debian:12...
Error: creating build container: choosing an image from manifest list
docker://registry-1.docker.io/i386/debian:12: no image found in image index for
architecture "amd64", variant "", OS "linux"
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 27 16:32:07 UTC 2024 on atb-devel-224
File "bin/python/samba/tests/krb5/pkinit_tests.py", line 1496, in
create_certificate
x509.NameAttribute(NameOID.COMMON_NAME,
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
f'{cert_name}/emailAddress={cert_name}'),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.13/site-packages/cryptography/x509/name.py",
line 152, in __init__
raise ValueError(msg)
ValueError: Attribute's length must be >= 1 and <= 64, but it was 84
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 17 May 2023 08:54:49 +0000 (10:54 +0200)]
tests: Check symlinks are readable as reparse points
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 22 11:05:33 UTC 2024 on atb-devel-224
Volker Lendecke [Wed, 20 Nov 2024 10:13:12 +0000 (11:13 +0100)]
smbd: Create the proper error blob for STOPPED_ON_SYMLINK
Unused so far, our lowerlevel routines so far never return
NT_STATUS_STOPPED_ON_SYMLINK. Also see the NULL passed as
"symlink_reparse", this will change soon. Separate patch for easier
review.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 4 Feb 2024 10:45:22 +0000 (11:45 +0100)]
smbd: Fix the turning an absolute symlink into a relative one
If dirfsp is the share root, we end up with a "/." at the end of
subdir_path. subdir_of() does not cover that case. fsp_fullbasepath()
takes care of that case and also avoids a talloc.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 19 Nov 2024 14:35:58 +0000 (15:35 +0100)]
smbd: Prepare fdos_mode() for handling symlinks in smb2
We should show all special files as NORMAL|REPARSE_POINT, except
symlinks for SMB1 Posix Extensions. IFREG and IFDIR are handled via
our xattr mechanisms.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
While this does indeed slightly simplify code, it simplifies too much: Soon we
will need filename_convert_dirfsp_nosymlink raw without looking at
UCF_LCOMP_LNK_OK. So in hindsight this went too far.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 2 Feb 2024 20:16:46 +0000 (21:16 +0100)]
smbd: Pass "create_options" to filename_create_ucf_flags()
OPEN_REPARSE_POINT will trigger symlinks not being followed but
returned, even if we have "follow symlinks = yes". Prepare for setting
UCF_LCOMP_LNK_OK for this case in a central place.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Martin Schwenke [Wed, 20 Nov 2024 03:37:09 +0000 (14:37 +1100)]
ctdb-common: Map ENOENT for a missing event script to ENOEXEC
This handles the case where an event script is disabled by unlinking,
while an event is being run, after the script list has been created.
Without this change the script will fail. With this change the script
will be marked as DISABLED. See the comment added by this commit for
more details.
Add a testcase to simulate the race, using an event script to disable
subsequent ones.
Volker Lendecke [Thu, 28 Dec 2023 12:39:40 +0000 (13:39 +0100)]
test: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 19 19:24:16 UTC 2024 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 18 12:43:28 UTC 2024 on atb-devel-224
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Nov 16 13:26:05 UTC 2024 on atb-devel-224
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Wed Nov 13 15:47:40 UTC 2024 on atb-devel-224
Volker Lendecke [Mon, 21 Oct 2024 07:41:06 +0000 (09:41 +0200)]
smbd: Remove non_widelink_open()
Better look at the final code, not at the patch. The idea is to call
filename_convert_dirfsp() from fd_openat() and just have one place to
follow symlinks.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 19:21:11 UTC 2024 on atb-devel-224
Volker Lendecke [Tue, 8 Oct 2024 15:40:41 +0000 (17:40 +0200)]
smbd: simplify open_stream_pathref_fsp()
Looks more complex, but we don't have to go through all of
fd_openat()/non_widelink_open() for opening streams. SMB_VFS_OPENAT
knows how to deal with this.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Looks more complex, but this avoids calling openat_pathref_fsp, which
eventually calls into non_widelink_open(). We need to open the pretty paranoid
SMB_ASSERT in openat_pathref_fsp_lcomp() a little bit.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 11 Oct 2024 12:56:21 +0000 (14:56 +0200)]
smbd: Add open_rootdir_pathref_fsp()
Get a pathref handle on the file system root. This will serve as
"basedir" for filename_convert_dirfsp_rel() to turn an absolute path
into one relative to the handle created here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 10 Oct 2024 15:16:02 +0000 (17:16 +0200)]
smbd: Simplify OpenDir_from_pathref()
Use the /proc/self/fd trick to make get_real_filename_fullscan_at look
a bit nicer and faster in strace. Direct SMB_VFS_OPENAT also is
cheaper in user space, we don't need the full fd_openat and
non_widelink_open magic here.
Also avoid opening ".", which can fail where a full path open would
succeed: If the directory in question does not give "x" perms to the
user, we get a handle on the dir as such but can't cd into it.
I haven't seen real-world cases of this, but one of our tests creates
such a scenario. I have further refactoring in my local tree that make
this patch necessary.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
So far fd_openat needed to be called with cwd_fsp and "." if you
wanted to open the share root, this enables using the absolute share
path. The next patch will remove sending the "." with cwd_fsp as a
simplification. Enable that with this little change.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 19 Oct 2024 15:29:01 +0000 (17:29 +0200)]
smbd: Tighten non_wide_link_open() for absolute root share open
Make it clear that non_widelink_open being called for absolute paths
is not done during regular operations, i.e. when we have passed our
pathnames through filename_convert_dirfsp and we work on a real
dirfsp.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 20 Oct 2024 12:41:55 +0000 (14:41 +0200)]
smbd: Ignore twrp in chdir_below_conn()
We can't deal with snapdir paths in non_widelink_open fully with
snapdirseverywhere active: There is no way for
shadow_copy2_parent_pathname() to work when a snapshot directory is
below the directory that we want to calculate the parent for. What is
the parent directory supposed to point at? I don't know.
For me the only way out is to accept that we should ignore what
happens behind shadow_copy2's path manipulation in core
smbd. This *might* open symlink races, but the whole point of
snapshots is that they are r/o copies of the real active file system
and as such they should be immune to those races.
Found while trying to refactor code around fd_openat()
P.S: This code will go away pretty soon
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 21 Oct 2024 10:12:27 +0000 (12:12 +0200)]
vfs: Don't ever call openat(-1, ...) for relative paths
This is always a bug, we should never do this. In one iteration of my
code I was doing this, which led to an invalid fallback code, which
itself lead to an infinite recursion. Make this more obvious with an
assert.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 15:13:03 UTC 2024 on atb-devel-224
Volker Lendecke [Mon, 11 Nov 2024 16:50:03 +0000 (17:50 +0100)]
vfs: Only call openat for valid params in fake_acls_stat
openat(-1, "relative path", ..) is invalid. I've tried to also tighten
this down to just relative paths (i.e. base_name[0] != '/'), but
non_widelink_open makes modifications further down that make this more
difficult.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 10 Oct 2024 15:14:10 +0000 (17:14 +0200)]
smbd: Fix an error resource leak in OpenDir_from_pathref()
We have to undo the fsp allocation and open we've done. Not noticed,
it's probably highly unlikely OpenDir_fsp() fails.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 13:26:10 UTC 2024 on atb-devel-224
projects / thirdparty / samba.git / log
