samba-tool/backup: set the right permissions on our root dir

Since processes can run under the UID of the logged in user, it's required
to make sure that the users have the permissions here.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Tue Dec 10 11:40:27 UTC 2024 on atb-devel-224

docs-xml: Change 'DEBUGLEVEL' -> 'level' to match the option description

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Fri Dec  6 13:33:38 UTC 2024 on atb-devel-224

docs-xml: Fix manpage section generated by cmdline.common.debug.server

man winbinbdd.8 is wrongly mixing two options:

before fix:
       -d|--debuglevel=DEBUGLEVEL, --debug-stdout
...

after fix:
       -d|--debuglevel=DEBUGLEVEL
...
       --debug-stdout

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

s4:rpc_server/netlogon: fix error codes in dcesrv_netr_NetrLogonSendToSam

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec  5 17:46:49 UTC 2024 on atb-devel-224

s4:rpc_server/netlogon: implement dcesrv_netr_ServerPasswordGet()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:selftest: run samba.tests.krb5.netlogon

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python:tests/krb5: add netlogon.py

This adds tests for the application layer encryption used
based on the secure channel session key.

This will get tests for netr_ServerAuthenticateKerberos()
in order to explore its details.

This runs against Windows 2022 as well as Windows 2025 (preview)
using something like this:

SMB_CONF_PATH=/dev/null \
SERVER=172.31.9.118 DC_SERVER=w2022-118.w2022-l7.base \
DOMAIN="W2022-L7" REALM="W2022-L7.BASE" \
ADMIN_USERNAME="Administrator" ADMIN_PASSWORD="A1b2C3d4" \
STRICT_CHECKING=0 \python/samba/tests/krb5/netlogon.py

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python:tests/krb5: avoid some problems when running against w2025 (preview) with STRICT_CHECKING=0

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python:tests/krb5: remember the objectGUID of created accounts

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pycredentials: add credentials.netlogon_creds_*() functions via py_module_methods

This makes it possible to explore the functions arround
netlogon_creds_CredentialState via python.

This allows us to write tests in order to explore
the details of netr_ServerAuthenticateKerberos().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pycredentials: add creds.[g|s]et_netlogon_creds()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pycredentials: remove unused module methods

It's not useful to use the PyCredentials methods
also as module methods...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pyrpc_util: fix error Exception message in py_check_dcerpc_type()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:rpc_server/netlogon: let dcesrv_netr_LogonSamLogon_base_reply handle encryption errors

This might be the better option when we implement
netr_ServerAuthenticateKerberos().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth: let netlogon_creds_crypt_samlogon_validation handle generic info

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

tests/krb5: make use of conn.auth_info() in _test_samlogon()

In future we'll have KRB5 instead of SCHANNEL...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:pyrpc: add conn.auth_info()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

gensec: add GENSEC_FEATURE_NO_DELEGATION flag to avoid GSS_C_DELEG[_POLICY]_FLAG

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:cli_pipe: pass target_service to cli_rpc_pipe_open_with_creds()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: add kerberos_kinit_passwords_ext() helper

This can check more than one password and is designed to
support getting a TGT for our machine account also falling
back to older passwords...

If we don't have a plaintext password it falls back to an nt_hash.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: split out kerberos_kinit_generic_once()

This can be used to kinit with a keyblock later
and also a loop over multiple password generations will
be possible.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: remove unused time_offset from kerberos_kinit_password()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: let kerberos_kinit_password_ext() always initialize *ntstatus

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: fix compiler warning in trust_pw_change()

../../source3/libads/trusts_util.c: In function ‘trust_pw_change’:
../../source3/libads/trusts_util.c:302:45: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
  302 |                                    (void **)&new_trust_pw_blob.data,

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:rpc_client: remember the local/remote ipv4 or ipv6 addresses

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: remove useless lines in add_trusted_domains_dc()

add_trusted_domain() above already sets this...

Review with: git show -U15

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: make use of samba_sockaddr in set_remote_addresses() to avoid warnings

../../source3/winbindd/winbindd_dual_ndr.c: In function ‘set_remote_addresses’:
../../source3/winbindd/winbindd_dual_ndr.c:467:51: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
  467 |         struct sockaddr *sar = (struct sockaddr *)&st;

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: make use of samba_sockaddr add_one_dc_unique() to avoid warnings

../../source3/winbindd/winbindd_cm.c: In function ‘add_one_dc_unique’:
../../source3/winbindd/winbindd_cm.c:1172:48: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
 1172 |                             (struct sockaddr *)(void *)&(*dcs)[i].ss,

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: let wb_dsgetdcname* normalize to dns names on an ad_dc

wb_dsgetdcname() is typically used by dcerpc_wbint_DsGetDcName_send()
from netr_DsRGetDCName* in the netlogon server, when domain members
try to ask for domain controllers of a trusted domain.

The domain might disabled netbios support, so we better try the
already dns name if available.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:utils: let net_rpc_testjoin() work for ad domains and no ipv4 address

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libsmb: let discover_dc_netbios() return DOMAIN_CONTROLLER_NOT_FOUND

We may get NT_STATUS_NOT_FOUND when the name can't be resolved
and NT_STATUS_INVALID_ADDRESS if the system doesn't have ipv4
addresses...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth: return RESOURCE_REQUIREMENTS_CHANGED is the proposed flags changed

This will be important when we add support for netr_ServerAuthenticateKerberos().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:torture/rpc: make use of creds->client_requested_flags

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:librpc/rpc: make use of creds_state->client_requested_flags

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

schannel.idl: change netlogon_creds_CredentialState layout for 4.22

This breaks compat with 4.21 and moves stuff out of
netlogon_creds_CredentialState_extra_info.

It also prepares support for netr_ServerAuthenticateKerberos()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Revert "libcli/auth: let netlogon_creds_cli_store_internal check netlogon_creds_CredentialState_legacy"

This reverts commit c3fa132fbe179bd4e1451240ce572ec791356a16.

We break the compat of the netlogon_creds_cli.tdb records compared to
4.21 with the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth: don't loose server_dns_domain in netlogon_creds_cli_context_global()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: add NetlogonTicketLogonInformation/NetlogonValidationTicketLogon

I have basic tests, which have shown that the payload is not
encrypted at application level.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpc/ndr: let ndr_print_bitmap_flag work for bitmap64bit values

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python/ndr: allow print_secrets=True for ndr_print*

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pidl/Python: allow ndr_print(print_secrets=True)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpc/ndr: add ndr_print_{struct,union,function}_secret_string()

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpr/ndr: split out ndr_print_generic_string()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: use authservice("netlogon")

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: mark some structs as public so that ndr.ndr_deepcopy() works in python

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

samr/netlogon.idl: add [flag(NDR_SECRET)] in some more places

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:tests: Adapt winbind_call_depth_trace to depth=3

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Dec  5 15:54:57 UTC 2024 on atb-devel-224

s3:tests: Make winbind_call_depth_trace to use global_inject.conf

To get the expected traces we need:

debug syslog format = no
log level = 10

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli: Speed up sddl_decode_ace()

Factor out talloc-less sddl_transition_decode_sid()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Dec  3 09:03:01 UTC 2024 on atb-devel-224

libcli: Remove a special case

dom_sid_parse_endp does accept the lowercase "s" in "s-1-1-0".

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: Simplify sddl_decode_err_msg()

We have security_descriptor_initialise() for this

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: README.Coding for dom_sid routines

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

lib: Simplify security_descriptor_initialise() with a struct init

Rely no the default NULL init.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: Fix a signed/unsigned comparison warning

With this we compare pointers, not numbers

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Dec  2 05:52:56 UTC 2024 on atb-devel-224

libcli: Use dom_sid_dup() instead of talloc_memdup()

We have specialized code for this, why not use it...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Apply a little const

Probably does not matter code-wise, but looks nicer to me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Fix whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Avoid an unnecessary "else"

We return in the error case anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Modernize DEBUGs

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_posix_lock()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_file_position_information()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_file_position_information()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_file_allocation_info()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_file_allocation_info()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_info_standard()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smbd_smb2_query_directory_send()

We don't need to call strcmp() to find an empty string.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Remove a pointless comment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

pdbedit: Avoid a use of convert_time_t_to_uint32_t()

We should avoid converting time_t to 32 bit wherever possible

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libndr: Apply const to the ndr_print_* functions's void *

ndr_print_fn_t has a const void *, so we can extend this to the
callers. Keep ABI at 6.0.0, 4.21 is 5.0.0 and 4.22 is not there yet.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: TALLOC_FREE(sd) where it was allocated

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Avoid a cast

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

printing: Fix Coverity ID 1508942 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

printing: Fix Coverity ID 1509000 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

lib: Simplify smbconf_txt_load_file()

file_modtime() returns errno, so we can skip the racy file_exist()
call.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

lib: Move some R/W "data" segment to R/O "text"

Doesn't really matter for tests, but I just came across it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

net: Fix Coverity ID 1509022 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libndr: Fix Coverity ID 1509020 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

rpcclient: Fix Coverity ID 1509018 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

passdb: Fix Coverity ID 1509016 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libsmb: Fix Coverity ID 1509012 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

pdb_ldap: Fix Coverity ID 1508985 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

s4:smbtorture: Fix samba3.smb.dir on btrfs

"If a file is removed from or added to the directory after the most recent call
to opendir() or rewinddir(), whether a subsequent call to readdir() returns
an entry for that file is unspecified."
https://pubs.opengroup.org/onlinepubs/009604599/functions/readdir.html

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 29 15:10:13 UTC 2024 on atb-devel-224

s4:torture: Fix samba3.smb2.name-mangling on btrfs

If a file is removed from or added to the directory after the most recent call
to opendir() or rewinddir(), whether a subsequent call to readdir() returns
an entry for that file is unspecified."
https://pubs.opengroup.org/onlinepubs/009604599/functions/readdir.html

As it is unspecified, the different filesystems on Linux implement this
differently:

ext4:

./a.out
opendir(foo)
creat(foo/bar)
readdir() loop
  readdir entry: bar
  readdir entry: ..
  readdir entry: .
readdir() detected the newly created file `foo`

btrfs:

./a.out
opendir(foo)
creat(foo/bar)
readdir() loop
  readdir entry: .
  readdir entry: ..
readdir() did not detect the newly created file `foo`

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libcli/auth: let netlogon_creds_copy() make use of ndr_deepcopy_struct()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 28 13:53:25 UTC 2024 on atb-devel-224

librpc/ndr: add ndr_deepcopy_struct() helper

Keep libndr at 6.0.0, this has not been released yet.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: use fsctl_get_reparse_point() in smb3_file_posix_information_init()

This allows returning the POSIX type info from fsctl_get_reparse_point().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 27 19:32:45 UTC 2024 on atb-devel-224

smbd: move calling fsctl_get_reparse_tag() into smb3_file_posix_information_init()

This already fixes SMB2-GETINFO with POSIX infolevel to return the reparse tag
of reparse points.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: simplify smb3_file_posix_information_init()

The dos attributes are already setup by fdos_mode(). Still assert
FILE_ATTRIBUTE_REPARSE_POINT is correctly set just in case.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: fix DOS attributes for reparse points in fdos_mode()

Reparse have only FILE_ATTRIBUTE_REPARSE_POINT set, but never
FILE_ATTRIBUTE_NORMAL or FILE_ATTRIBUTE_DIRECTORY at the same time.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: test POSIX file type on reparse point

Create a symlink reparse point over SMB2. Then query file info over SMB2 and
check the POSIX file type is correctly assigned in the POSIX info levels.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: check reparse tag and POSIX file type from query-file with POSIX infolevel

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: fix test teardown/cleanup of test_create_reparse_directory()

This kept failing in a local make test not being able to cleanup the test
directory in the *subsequent* test test_create_reparse_nonempty_directory().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: prepare reparsepoints.py for using POSIX on the SMB2 connection

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: move wire_mode_to_unix() to libsmb.py

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

pylibsmb: implement getinfo level FSCC_FILE_POSIX_INFORMATION

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: rename SMB2_FS_POSIX_INFORMATION to FSCC_FS_POSIX_INFORMATION

Streamline the info-level defines. Also get rid of
SMB2_FS_POSIX_INFORMATION_INTERNAL which is not needed for an info-level that
is exclusive to SMB2.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: rename SMB2_FILE_POSIX_INFORMATION to FSCC_FILE_POSIX_INFORMATION

Streamline the info-level defines. Also get rid of
SMB2_FILE_POSIX_INFORMATION_INTERNAL which is not needed for an info-level that
is exclusive to SMB2.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: use NT_PASSTHROUGH_OFFSET in a few places

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

gitlab-ci: Fix building debian 32bit images

Trying to pull registry-1.docker.io/i386/debian:12...
Error: creating build container: choosing an image from manifest list
docker://registry-1.docker.io/i386/debian:12: no image found in image index for
architecture "amd64", variant "", OS "linux"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 27 16:32:07 UTC 2024 on atb-devel-224