Samuel Cabrero [Wed, 8 Oct 2025 15:09:22 +0000 (17:09 +0200)]
smbd: Fix crossing direct automounter mount points
The workaround implemented in commit ac7a16f9cc4bd97ef546d1b7b02605991000d0f9
to trigger automounts does not work for direct automounts (either with
systemd-automount or autofs daemon).
In direct automounts the mount point is a real directory instead of a "ghost"
directory so when turning the O_PATH handle into a real one through
/proc/self/fd/<fdnum> openat() does not return ENOENT, it returs a fd referring
to the mount point without triggering the mount.
To trigger the mount first we have to know when we are crossing mount points
by using the RESOLVE_NO_XDEV flag in open_how.resolve, then we can check with
fstatfs() the .f_type and fallback to a path-based open for automounts or
retry without RESOLVE_NO_XDEV otherwise.
smbd: Factor out openat_pathref_fsp_simple_openat()
open_rootdir_pathref_fsp() and openat_pathref_fsp_dot() serve very
similar purposes. Avoid code duplication, this is to be used in
open_rootdir_pathref_fsp() next.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
A new coverity issue (Unchecked return value) is flagged as a regression
due to commit#e9a7dce599e.
This could have been present prior to comit#e9a7dce599e, however got missed.
This change fixes this issue by checking return value.
Signed-off-by: Vinit Agnihotri <vagnihot@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Nov 17 08:31:24 UTC 2025 on atb-devel-224
If we run e.g. fl2008rc2 env before we run this test, we have a trust account
for this domain.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 14 19:23:38 UTC 2025 on atb-devel-224
python:tests: Add debug output to test_query_filter_enum()
This test runs relatively late in 'make test'. It finds some accounts which are
neither a computer nor a user account and complains that the overall account
count doesn't match.
Add some debug so we can find out more about the accounts.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:tests: Use random users for domain_auth_silo.py
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:tests: Use random users for user_auth_silo.py
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:tests: Use random users for user_auth_policy.py
We should not work on alice, bob and joe. We should use random user so we can
clean up afterwards. If we don't do this the dbcheck tests will fails with:
UNEXPECTED(failure): samba4.blackbox.dbcheck(ad_dc).dbcheck(ad_dc:local)
REASON: Exception: Exception: Checking 21449 objects
WARNING: target DN is deleted for msDS-AssignedAuthNPolicy in object CN=alice,CN=Users,DC=addom,DC=samba,DC=example,DC=com - <GUID=66bd1f51-084f-4259-a769-efa59adb6e31>;<RMD_ADDTIM
E=134051822550000000>;<RMD_CHANGETIME=134051822550000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14061>;<RMD_ORIGINATING_USN=14061>;<RMD_VE
RSION=2>;CN=User Policy,CN=AuthN Policies,CN=AuthN Policy Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=User Policy\\0ADEL:66bd1f51-084f-4259-a769-efa59adb6e31,CN=Deleted Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicySilo in object CN=alice,CN=Users,DC=addom,DC=samba,DC=example,DC=com - <GUID=287d6c3d-bea8-4c06-bdf8-7d4b579bc0e9>;<RMD_AD
DTIME=134051822560000000>;<RMD_CHANGETIME=134051822560000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14081>;<RMD_ORIGINATING_USN=14081>;<RM
D_VERSION=2>;CN=Developers,CN=AuthN Silos,CN=AuthN Policy Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=Developers\\0ADEL:287d6c3d-bea8-4c06-bdf8-7d4b579bc0e9,CN=Deleted Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicy in object CN=bob,CN=Users,DC=addom,DC=samba,DC=example,DC=com - <GUID=66bd1f51-084f-4259-a769-efa59adb6e31>;<RMD_ADDTIME= 134051822550000000>;<RMD_CHANGETIME=134051822550000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14065>;<RMD_ORIGINATING_USN=14065>;<RMD_VERS
ION=4>;CN=User Policy,CN=AuthN Policies,CN=AuthN Policy Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=User Policy\\0ADEL:66bd1f51-084f-4259-a769-efa59adb6e31,CN=Deleted Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
WARNING: target DN is deleted for msDS-AssignedAuthNPolicySilo in object CN=bob,CN=Users,DC=addom,DC=samba,DC=example,DC=com - <GUID=1a1e5cdf-b92e-4a80-bc35-cccad8e9f865>;<RMD_ADDT
IME=134051822560000000>;<RMD_CHANGETIME=134051822560000000>;<RMD_FLAGS=1>;<RMD_INVOCID=b5064b02-c91e-40c0-bc1f-a92a0105a810>;<RMD_LOCAL_USN=14085>;<RMD_ORIGINATING_USN=14085>;<RMD_
VERSION=4>;CN=QA,CN=AuthN Silos,CN=AuthN Policy Configuration,CN=Services,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com
Target GUID points at deleted DN 'CN=QA\\0ADEL:1a1e5cdf-b92e-4a80-bc35-cccad8e9f865,CN=Deleted Objects,CN=Configuration,DC=addom,DC=samba,DC=example,DC=com'
Not removing
Checked 21449 objects (4 errors)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
selftest: Create libdir in setup_clusteredmember()
This fixes:
can't open st/clusteredmember/lib/krb5.conf at selftest/target/Samba.pm line 328.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
selftest: Add blackbox claims test to knownfail_mit_kdc
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 14 16:34:48 UTC 2025 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 14 15:05:11 UTC 2025 on atb-devel-224
s3:printing: Load the shares for [printers] in samba-bgqd
One of the main functions of bgqd is:
delete_and_reload_printers_full()
It isn't able to do its work, if we don't load the shares. Normally bgqd was
forked from smbd and this loaded the shares. But with the introduction of
samba-dcerpcd it is a standalone service now. As a standalone service it is
responsible to load the shares if it needs to work on them.
The following message is printed if delete_and_reload_printers_full() tries to
do its job:
Gary Lockyer [Mon, 20 Oct 2025 00:03:31 +0000 (13:03 +1300)]
s4:kdc always include the PAC
Set the heimdal always_include_pac configuration flag, based on the samba
kdc always include pac option
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Nov 13 23:12:55 UTC 2025 on atb-devel-224
- This Fixes coverity issue Y2K38_SAFTY in print_queue_update(),
with use of fetch/store_share_cache_time helper function.
- Additional changes: Use helper functions fetch/store_share_cache_time for tdb
key==MSG_PENDING for print_cache_expired()
Signed-off-by: Vinit Agnihotri <vagnihot@redhat.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Wed Nov 12 16:04:43 UTC 2025 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Nov 11 14:51:45 UTC 2025 on atb-devel-224
Volker Lendecke [Sat, 8 Nov 2025 09:37:55 +0000 (10:37 +0100)]
lib: Introduce cp_smb_basename() helper function
I always had to look up the sequence of NULLs and 0s. Save lines.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 10 14:33:28 UTC 2025 on atb-devel-224
Volker Lendecke [Fri, 17 Oct 2025 12:39:18 +0000 (14:39 +0200)]
s3: talloc_destroy() -> TALLOC_FREE()
Sweeping change, I know. Should not change compiled code in most
cases, the compiler should be smart enough to elide the assignment
right before a return. In the cases where this is not right before the
return, TALLOC_FREE() is safer as it makes use-after-free crash.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
s3-client: Use the passed down memory context for cli_connect_nb()
With the patches coming before this patch, we can use main talloc
context to allocate the connections on and make sure we only free them
after we don't need them anymore.
This fixes a lot of memory leaks found by LeakSanitizer. One example is:
Indirect leak of 4784 byte(s) in 13 object(s) allocated from:
#0 0x7fdb1ef21c2b in malloc (/lib64/libasan.so.8+0x121c2b) (BuildId: cbfe49f3b7600c4f194d4c54774c977296e9d98a)
#1 0x7fdb1ebbb6a0 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7fdb1ebbcf75 in __talloc ../../lib/talloc/talloc.c:825
#3 0x7fdb1ebbcf75 in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7fdb1ebbcf75 in _talloc_zero ../../lib/talloc/talloc.c:2421
#5 0x7fdb1cfd1b25 in idr_pre_get ../../lib/util/idtree.c:98
#6 0x7fdb1cfd1b25 in idr_get_new_above_int ../../lib/util/idtree.c:202
#7 0x7fdb1cfd2c30 in idr_get_new_above ../../lib/util/idtree.c:368
#8 0x7fdb1de3246f in map_smb2_handle_to_fnum ../../source3/libsmb/cli_smb2_fnum.c:95
#9 0x7fdb1de3246f in cli_smb2_create_fnum_done ../../source3/libsmb/cli_smb2_fnum.c:438
#10 0x7fdb1dbaca05 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#11 0x7fdb1dbacc3c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#12 0x7fdb1dbacca4 in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#13 0x7fdb1ed0eb35 in smb2cli_create_done ../../libcli/smb/smb2cli_create.c:483
#14 0x7fdb1dbaca05 in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177
#15 0x7fdb1dbacc3c in tevent_req_finish ../../lib/tevent/tevent_req.c:234
#16 0x7fdb1dbacd74 in tevent_req_trigger ../../lib/tevent/tevent_req.c:291
#17 0x7fdb1dbaad1e in tevent_common_invoke_immediate_handler ../../lib/tevent/tevent_immediate.c:190
#18 0x7fdb1dbaad5b in tevent_common_loop_immediate ../../lib/tevent/tevent_immediate.c:236
#19 0x7fdb1dbbe42f in epoll_event_loop_once ../../lib/tevent/tevent_epoll.c:908
#20 0x7fdb1dbb7787 in std_event_loop_once ../../lib/tevent/tevent_standard.c:110
#21 0x7fdb1dba7466 in _tevent_loop_once ../../lib/tevent/tevent.c:860
#22 0x7fdb1dbad082 in tevent_req_poll ../../lib/tevent/tevent_req.c:342
#23 0x7fdb1eaa93d4 in tevent_req_poll_ntstatus ../../lib/util/tevent_ntstatus.c:109
#24 0x7fdb1de138bb in cli_list ../../source3/libsmb/clilist.c:1188
#25 0x000000239f0f in do_list ../../source3/client/client.c:853
#26 0x00000023a93a in cmd_dir ../../source3/client/client.c:936
#27 0x00000023f090 in process_stdin ../../source3/client/client.c:6215
#28 0x00000023f090 in process ../../source3/client/client.c:6269
#29 0x00000023f090 in main ../../source3/client/client.c:6811
#30 0x7fdb1ac2b2fa in __libc_start_call_main (/lib64/libc.so.6+0x2b2fa) (BuildId: 8523b213e7586a93ab00f6dd476418b1e521e62c)
#31 0x7ffd7d5613af ([stack]+0x3a3af)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Nov 6 09:58:52 UTC 2025 on atb-devel-224
projects / thirdparty / samba.git / log
