vfs_fruit: check fake_fd in fruit_pread_meta_stream()

Don't call into the next VFS backend if we know we still have a fake-fd. Just
return -1 and the caller has the logic to handle this, which results in
returning a AFP_AfpInfo blob initialized with some defaults.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: use "fake_fd" instead of "created"

Both have basically the same semantics.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_streams_xattr: make use of vfs_fake_fd_close()

When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.

That may allows us to change vfs_fake_fd() internally if required.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: make use of vfs_fake_fd_close()

When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.

That may allows us to change vfs_fake_fd() internally if required.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: add vfs_fake_fd_close() helper

When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.

This makes code easier to understand and may allow us to change
vfs_fake_fd() internally if required.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture/fruit: avoid sleep(10000000); if write_stream() fails

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: Remove "developer.c" module

This can't have been built since commit f9acf770e9c12 from 2011 when
smb_register_charset was removed.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

passdb: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Initialize pointers in server_prefork.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Fix error path memleaks in prefork_create_pool()

A few return statements missed the "TALLOC_FREE(pfp);"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

rpc_server: Make default prefork configs const

Move 24 bytes from modifyable data to .text segment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Make pfh_daemon_config take a const default config

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

librpc: Fix an error path memleak

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: give global_contexts.c its own header file

It's a bit shocking how many references we have to global
contexts. Make this a bit more obvious.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libsmb: Use hex_byte() in urldecode_talloc()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb: Use hex_byte() in hex_to_data()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Use hex_byte() in ucs2hex_pull()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Use hex_byte() in rfc1738_unescape()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

ldb: Use hex_byte() in ldb_binary_decode()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tdb: Use hex_byte() in parse_hex()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

tdb: Use hex_byte() in read_data()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Add "hex_byte()" to replace.h

This is required in quite a few places, and replace.h has things like
ZERO_STRUCT already, so this is not completely outplaced.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

dsdb: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

dsdb: Fix comment wording

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

auth: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

auth: Reformat a comment

Will fix a typo next

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_virusfilter: Allocate separate memory for config char*

Instead of using only the pointer to the configuration char* from the
global configuration, vfs_virusfilter now allocates its own memory and
copies the char* from the global configuration.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14606
Signed-off-by: Arne Kreddig <arne@kreddig.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan  7 19:25:38 UTC 2021 on sn-devel-184

s3:lib: Create the cache path of user gencache recursively

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14601

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan  6 23:59:58 UTC 2021 on sn-devel-184

lib:util: Add directory_create_or_exists_recursive()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14601

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:utils - explicitly free cmdline_messaging_context

Some command line utilities do not free their messaging context
which results in extra entries being left in the msg.lock directory.

Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan  5 21:30:08 UTC 2021 on sn-devel-184

Fix small typo in manpage

Signed-off-by: Yvan Masson <yvan@masson-informatique.fr>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan  4 16:23:03 UTC 2021 on sn-devel-184

WHATSNEW: printing changes

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Jan  4 12:51:49 UTC 2021 on sn-devel-184

script/release.sh: Use new GPG key.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

lib: Avoid declaring zero-length VLAs in various messaging functions

In messaging_rec_create(), messaging_recv_cb() and
messaging_dispatch_rec(), variable length arrays of file descriptors are
declared using an incoming num_fds parameter.

However, there are several scenarios where num_fds can be zero, and
declaring a zero-length VLA is undefined behavior. This can lead to
segmentation faults and/or other crashes when compiling with recent
versions of clang at high optimization levels.

To avoid ever using zero as the length for these declarations, use
MAX(1, length) instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14605

Signed-off-by: Dimitry Andric <dimitry@andric.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jan  4 10:50:07 UTC 2021 on sn-devel-184

Happy New Year 2021!

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jan  1 11:56:23 UTC 2021 on sn-devel-184

vfs_gpfs:Logging filename for smbd_gpfs_set_times_path()

Signed-off-by: ArchanaChidirala <archana.chidirala.chidirala@ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Dec 30 10:21:08 UTC 2020 on sn-devel-184

net: remove obsolete net ads dns gethostbyname command

net ads dns gethostbyname is doing the same as nslookup / host / dig and it's
quite limited and only supports A records. We should just drop it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Wed Dec 23 13:52:41 UTC 2020 on sn-devel-184

dnsupdates: clean up all RRSets and not only type A

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14244

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: also test net ads dns (un)register with IPv6

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: also test v6 for async dns test by using dig

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests python krb5: PEP8 cleanups

Fix all the PEP8 warnings in samba/tests/krb5. With the exception of
rfc4120_pyasn1.py, which is generated from rfc4120.asn1.

As these tests are new, it makes sense to ensure that they conform to
PEP8. And set an aspirational goal for the rest of our python code.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Dec 21 21:29:28 UTC 2020 on sn-devel-184

tests python krb5: use key usage constants

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

tests python krb5: Add key usage constants

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

dns_update.c: handle DNS_QTYPE_ALL

we have code to handle this, we should not refuse the request

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14576

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sat Dec 19 18:20:30 UTC 2020 on sn-devel-184

gpo: Apply Group Policy Sudo Rights from VGP

This adds a Group Policy extension which applies
Sudo rights set by Vintela Group Policy in the
SYSVOL.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 19 08:11:50 UTC 2020 on sn-devel-184

gpo: Test Group Policy VGP Sudo Rights

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

gpo: Add gp_xml_ext parser for group policy

This adds an extension parser for parsing xml
files in the sysvol.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: close_file() should never see an internal dirfsp.

Assert this is the case.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 18 16:27:38 UTC 2020 on sn-devel-184

vfs_acl_tdb: avoid deleting the NT ACL from the tdb

...when called as part of setting a new NT ACL. This implements the same logic
added to vfs_acl_xattr in the previous commit, to make sure both modules behave
identically.

This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 17 20:04:22 UTC 2020 on sn-devel-184

vfs_acl_xattr: avoid removing the ACL xattr

...when called as part of setting a new NT ACL.

This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_acl_common: add an fsp extension when setting ACL

This allows the module checking for the fsp extension variable setting_nt_acl
and will be used in the module functions for .sys_acl_set_fd_fn (so
sys_acl_set_fd_xattr() and sys_acl_set_fd_tdb()).

This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_acl_common: add and use a function exit label

No change in behaviour. A subsequent commit will add more function exit cleanup
logic after the done label.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_acl_xattr: reformatting

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs: RIP SMB_VFS_SYS_ACL_SET_FILE()

          .--. .-,       .-..-.__
        .'(`.-` \_.-'-./`  |\_( "\__
     __.>\ ';  _;---,._|   / __/`'--)
    /.--.  : |/' _.--.<|  /  | |
_..-'    `\     /' /`  /_/ _/_/
 >_.-``-. `Y  /' _;---.`|/))))
'` .-''. \|:  .'   __, .-'"`
 .'--._ `-:  \/:  /'  '.\             _|_
     /.'`\ :;   /'      `-           `-|-`
    -`    |     |                      |
          :.; : |                  .-'~^~`-.
          |:    |                .' _     _ `.
          |:.   |                | |_) | |_) |
          :. :  |                | | \ | |   |
          : ;   |                |           |
          : ;   |                |  SMB_VFS  |
          : ;   |                |  SYS_ACL  |
          : ;   |                | SET_FILE  |
        .jgs. : ;                |           |
-."-/\\\/:::.    `\."-._'."-"_\\-|           |///."-
" -."-.\\"-."//.-".`-."_\\-.".-\\`=.........=`//-".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

posix_acls: use pathref fsp in copy_access_posix_acl()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: use pathref fsp in change_dir_owner_to_parent()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: use a real dirfsp/atname in mkdir_internal() with SMB_VFS_MKDIRAT()

Now that all VFS modules support real dirfsps in SMB_VFS_MKDIRAT(), pass the
pathref fsp from the parent directory and the basename of the new directory.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: after creating a directory, open the fsp as pathref fsp

After the directory has been created by SMB_VFS_MKDIRAT(), open the fsp on the
new directory as pathref fsp so we can use handle based VFS functions.

open_directory() will reopen the fsp as a full fsp, but that doesn't really hurt
thanks to the reopen_from_procfd() optimisation.

Note that smb_dname == fsp->fsp_name.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: pass fsp to mkdir_internal()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: open a pathref fsp on the parent directory

Prepares for calling SMB_VFS_MKDIRAT() below with a real dirfsp/atname. As
parent_dir_fname now has a pathref fsp in parent_dir_fname->fsp, make sure to
talloc_free() the parent_dir_fname before leaving the function, so the pathref
fsp is closed right there and not left around until the talloc tos is
destroyed (parent_dir_fname is a child of talloc-tos).

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_time_audit: support real dirfsps in smb_time_audit_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_full_audit: support real dirfsps in smb_full_audit_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_shadow_copy2: support real dirfsps in shadow_copy2_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: check for absolute paths in full_path_from_dirfsp_atname()

If the "atname" is an absolute path we can ignore the dirfsp and just return a
copy of the atname.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_linux_xfs_sgid: support real dirfsps in linux_xfs_sgid_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_glusterfs: support real dirfsps in vfs_gluster_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_audit: support real dirfsps in audit_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_extd_audit: support real dirfsps in audit_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_xattr_tdb: support real dirfsps in xattr_tdb_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_media_harmony: support real dirfsps in mh_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_syncops: support real dirfsps in syncops_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_unityed_media: support real dirfsps in um_mkdirat()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_default: remove assert from vfswrap_mkdirat()

vfswrap_mkdirat() deals with real dirfsps just fine now.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: move mode logic out of vfswrap_mkdirat() to the caller mkdir_internal()

This is the correct place where this code should be. It also means opaque VFS
modules that implement their own mkdirat() like glusterfs now use this logic.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

pysmbd: use SMB_VFS_SYS_ACL_SET_FD() in set_sys_acl_conn()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

posix_acls: use SMB_VFS_SYS_ACL_SET_FD() in set_unix_posix_default_acl()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

posix_acls: use SMB_VFS_SYS_ACL_SET_FD() in set_canon_ace_list()

SMB_VFS_SYS_ACL_SET_FD() can now safely be used to set default ACLs on
directories.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_default: add support for SMB_ACL_TYPE_DEFAULT and pathref fsps in vfswrap_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_aixacl2: handle pathref fsps in aixjfs2_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_aixacl: handle pathref fsps in aixacl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_vxfs: add support for SMB_ACL_TYPE_DEFAULT in vxfs_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_tru64acl: add support for SMB_ACL_TYPE_DEFAULT to tru64acl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_solarisacl: add support for SMB_ACL_TYPE_DEFAULT in solarisacl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_posixacl: support SMB_ACL_TYPE_DEFAULT in posixacl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_gpfs: add support for SMB_ACL_TYPE_DEFAULT in gpfsacl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fake_acls: add support for SMB_ACL_TYPE_DEFAULT in fake_acls_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_aixacl2: use ACL type in aixjfs2_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_aixacl: use passed in ACL type in aixacl_sys_acl_set_fd()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

posixacl_xattr: add support for SMB_ACL_TYPE_DEFAULT in posixacl_xattr_acl_set_fd()

No need to handle pathref fsps here, as that is taken care of by
SMB_VFS_FSETXATTR().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs: add acl type arg to SMB_VFS_SYS_ACL_SET_FD()

No change in behaviour, the new arg is not yet used in any module.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: remove fd_close() from open_directory()

fd_close() was accidentally added twice by
d00d09fdcf73a5839ae4f82cf8e953bb761bfbfb. If it would have been removed by
5770cdd7635a018817418f58bd37268aedebd6a9 that adds the reopen_from_procfd()
optimisation, all would be fine. But fd_close() still being called before
reopen_from_procfd() means we're closing the pathref fd prevening the
optimisation.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Ensure close_directory() and close_normal_file() only deal with is_fsa files.

This must be the case, so assert it.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: mark fsp as valid FSA fsp after Durable Handle reconnect succeeded

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Move closing a print file out of close_normal_file() (it isn't a normal file) and into close_file().

Streamlines closing print files and allows close_normal_file()
to restrict itself to is_fsa fsps.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: On error exit in create_file_unixpath(), we can't call close_file() on uncompleted opens.

We can't call directly into close_file(), as that cannot deal
with regular file and directory opens where fsp->fsp_flags.is_fsa
hasn't been set to true (uncompleted opens).

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: If an smb_filename already has a pathref fsp don't overwrite it.

That leaks fsps.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: dup_file_fsp() for old DOS style opens also needs to copy the new flags.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Fix debugs in file_new() and fsp_new().

Allows grep ' files structure ' in the log
to count up and down the number of files allocated.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd/notify: add option "honor change notify privilege"

This option can be used to make use of the change notify privilege.
By default notify results are not checked against the file system
permissions.

If "honor change notify privilege" is enabled, a user will only
receive notify results, if he has change notify privilege or sufficient
file system permissions. If a user has the change notify privilege, he
will receive all requested notify results, even if the user does not
have the permissions on the file system.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec 17 15:01:53 UTC 2020 on sn-devel-184

selftest: add tests for smb notify, using the a special share

That share will get the "honor change notify privilege = yes" option
once it's implemented. For now it's marked as knownfail.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>