Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 16389bed0773952ca563b7bf1fecc2a737587257)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e56626e864492831a3dbbca2d4fb8f3281547a90)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5274beba4cf722a34403dc07bf287815a6df6281)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d6a418c13f0a41851ecc0579765502e076a5cd3b)
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 24 23:32:58 CEST 2017 on sn-devel-144
Jeremy Allison [Fri, 20 Oct 2017 22:09:38 +0000 (15:09 -0700)]
s3: smbclient: Ensure we call client_clean_name() before all operations on remote pathnames.
This allows names containing .. components to be resolved on the client side
before being sent to the server. Relative names work in SMB1 but not in SMB2.
Fix both client.c and clitar.c
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit f81c34c296f87127c6d1e4dd6ea74aa75660885d)
Jeremy Allison [Sat, 21 Oct 2017 00:08:08 +0000 (00:08 +0000)]
s3: client: Add new utility function client_clean_name().
Correctly canonicalizes a remote pathname removing '..'
elements before sending to a remote server. '..' elements
work in SMB1 pathnames, but not in SMB2.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d4d9d1941bdac9993968c34cf928c645e4152fd3)
Michael Adam [Fri, 20 Oct 2017 12:55:10 +0000 (14:55 +0200)]
vfs_glusterfs: Fix exporting subdirs with shadow_copy2
Since the glusterfs vfs module does not operate on a
locally mounted path, but on a "virtual" path starting
at the volume root, some assumptions of the code about
the vfs connect path fail. One example is the shadow_copy2
module which tries to detect the mount point from the
connectpath. In order to circumvent this problem, this
patch forces the "shadow:mountpoint" option to "/", which
skips the mount-point-detection code.
This patch will only have an effect if both the glusterfs
and the shadow_copy2 module are listed in vfs objects
in the right order, i.e. first shadow_copy2, and then
glusterfs.
Pair-Programmed-With: Anoop C S <anoopcs@redhat.com>
Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Anoop C S <anoopcs@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 1249801ec73c55449068dd72efde81ce6235ec8e)
Anoop C S [Fri, 13 Oct 2017 15:08:31 +0000 (20:38 +0530)]
vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR
Pointer to directory 'dh' inside fruit_rmdir() is obtained using
SMB_VFS_OPENDIR. But this handle is closed directly by invoking
closedir() rather than SMB_VFS_CLOSEDIR. This will result in a
smbd crash if this handle was not obtained from local file system.
Therefore use SMB_VFS_CLOSEDIR corresponding to SMB_VFS_OPENDIR
to correctly close the directory handle.
Signed-off-by: Anoop C S <anoopcs@redhat.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Oct 16 19:56:55 CEST 2017 on sn-devel-144
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 17 18:53:48 CEST 2017 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
(cherry picked from commit 96e471eecce91e6cd9b92d854a3c6ca10e0634f3)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
(cherry picked from commit 70146841272bc87c335bd24b736ba2c62efdfe06)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 13 21:44:02 CEST 2017 on sn-devel-144
Ralph Boehme [Wed, 11 Oct 2017 16:11:12 +0000 (18:11 +0200)]
vfs_fruit: fix ftruncating resource fork
fruit_ftruncate_rsrc_adouble() is called to effectively ftruncate() the
._ AppleDouble file to the requested size.
The VFS function SMB_VFS_NEXT_FTRUNCATE() otoh would attempt to truncate
to fsp *stream* in any way the next VFS module seems fit. As we know
we're stacked with a streams module, the module will attempt to truncate
the stream. So we're not truncating the ._ file.
This went unnoticed as the AppleDouble file header contains the
authorative resource fork size that was updated correctly.
Ralph Boehme [Wed, 11 Oct 2017 09:35:15 +0000 (11:35 +0200)]
vfs_catia: factor out mapping functions
This moves the core mapping functions to a seperate file and makes them
global.
string_replace_init_map() is called to parse a mapping in string and
produce a mapping object that can then be passed to
string_replace_allocate() to do the actual mapping of a string.
The only time a ctdb_queue is created without valid fd is when CTDB
is trying to establish connections with other nodes in the cluster.
All the other uses always create a ctdb_queue with valid fd.
This avoids queueing up packets for dead nodes or nodes that are not
running in the cluster and stops consuming memory.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit ddd97553f0a8bfaada178ec4a7460d76fa21f079)
lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE.
GP links with the GPOPTIONS_BLOCK_INHERITANCE option set
were blocking GPOs from the same link (i.e. an OU with
the flag set would block its own GPOs). This patch makes
sure the GPOs from the link are added to the list.
lib: gpo: Changes order to match GPO application order.
The order of GPOs in a gpo_list generated by ads_get_gpo_list
did not match the order of application. Since GPOs are pushed
to the FRONT of gpo_list, GPOs have to be pushed in the opposite
order of application. (Pushing to front is useful to get
inheritance blocking right).
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 17 11:48:09 CEST 2017 on sn-devel-144
Ralph Boehme [Tue, 29 Aug 2017 13:55:19 +0000 (15:55 +0200)]
s3/smbd: fix access checks in set_ea_dos_attribute()
We wanted to set the DOS attributes and failed with permission denied
from the VFS/kernel/filesystem. Next thing we wanna do here is override
this if either
- "dos filemode = true" is set and the security descriptor gives the
user write access or if
- the stored security descriptor has FILE_WRITE_ATTRIBUTES
The former was working, but the latter was not implemented at all.
Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 6 05:21:25 CEST 2017 on sn-devel-144
Ralph Boehme [Sun, 27 Aug 2017 17:22:38 +0000 (19:22 +0200)]
s3/mdssvc: missing assignment in sl_pack_float
Spotted by -Werror=maybe-uninitialized:
../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’:
../source3/rpc_server/mdssvc/marshalling.c:171:11: error:
‘ieee_fp_union.w’ may be used uninitialized in this function
[-Werror=maybe-uninitialized]
offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w);
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 26 05:05:08 CEST 2017 on sn-devel-144
Ralph Boehme [Thu, 13 Jul 2017 14:01:53 +0000 (16:01 +0200)]
selftest: enable kernel change notifications in the fileserver environment
This environment is currently not used for any test in the smb2
testsuite, so this change doesn't affect any existing test.
A subsequent commit will add a test for change notifications with kernel
change notify enabled. It verifies a bug (this one) that only crops up
in such a setup and causes rename events to get lost.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Oct 14 06:02:50 CEST 2017 on sn-devel-144
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 13 01:22:05 CEST 2017 on sn-devel-144
Ralph Boehme [Fri, 6 Oct 2017 13:25:54 +0000 (15:25 +0200)]
vfs_fake_acls: deny give-ownership
Windows doesn't allow giving ownership away unless the user has
SEC_PRIV_RESTORE privilege.
This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem
layer, not the SMB layer. By implementing this restriction here, we can
now have test for this restriction.
Other filesystems may want to deliberately allow this behaviour --
although I'm not aware of any that does -- therefor I'm putting in this
restriction in the implementation of the chmod VFS function and not into
the caller.
Ralph Boehme [Fri, 6 Oct 2017 13:31:20 +0000 (15:31 +0200)]
selftest: tests for change ownership on a file
This test verifies that SEC_STD_WRITE_OWNER only effectively grants
take-ownership permissions but NOT give-ownership. The latter requires
SeRestorePrivilege privilege.
Ralph Boehme [Sat, 7 Oct 2017 07:11:56 +0000 (09:11 +0200)]
selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh
Grant the test-user SeRestorePrivilege, this is needed for
give-ownership operations. And then granting SeRestorePrivilege requires
`net`, so add that as an additional argument to the script.
The "nt_affects_chgrp" kept failing in a full autobuild on sn-devel
because the actual gid of the created file as returned by smbclient -c
getfacl was reliably the unix gid of my account. It should have been the
mapped domusers group for the primary users "Domain Users"
group. Running the test individually or even the full set of
"samba3.blackbox" tests didn't trigger the error.
Looks like an issue with vfs_fake_acls and vfs_xattr_tdb, but I wasn't
able to track it down. As the test only really want to ensure that
smbcacls -G set the gid to the requested value, just remove the check
for the actual initial gid.
Ralph Boehme [Sun, 8 Oct 2017 09:13:46 +0000 (11:13 +0200)]
selftest: fix acl_xattr test: group, not user
In nt_affects_chgrp() check for domadmins *group*, not user. This didn't
trigger an error as nt_affects_chgrp() isn't actually called, see next
commit.
Ralph Boehme [Sun, 8 Oct 2017 09:12:48 +0000 (11:12 +0200)]
selftest: fix acl_xattr test: changing owner
Don't give ownership to user "force_user" as user "$USERNAME", this
would fail with NT_STATUS_INVALID_OWNER, instead just take ownership as
user "force_user". Adding a corresponding ACE for "force_user" with FULL
rights ensures this works.
Ralph Boehme [Wed, 6 Sep 2017 14:28:10 +0000 (16:28 +0200)]
vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl
Commit 99a74ff5e6a9f87ad7a650cb44e0f925f834b3a1 added special handling
of SMB_ACE4_SYNCHRONIZE, always setting it in the access_mask when
fabricating an ACL. While at the same time removing it from the
access_mask when setting an ACL, but this is done direclty in
vfs_zfsacl, not it the common code.
Forcing SMB_ACE4_SYNCHRONIZE to be always set is only needed on ZFS, the
other VFS modules using the common NFSv4 infrastructure should not be
made victims of the special ZFS behaviour.
Ralph Boehme [Wed, 6 Sep 2017 14:56:47 +0000 (16:56 +0200)]
s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl
This was added in e6a5f11865a55e9644292ae92e4a4b5ec0662ccd to adopt the
NFSv4 framework to follow ZFS permission rules. But this is the wrong
place, other filesystems like GPFS do not allow deletion when the user
has SEC_DIR_ADD_FILE.
This patch therefor moves the change from the NFS4 framework into the
ZFS module.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 9 04:59:51 CEST 2017 on sn-devel-144
This test case was overlooked in the previous bso#12144 update -
set compression requests with format=COMPRESSION_FORMAT_NONE should
succeed if the server / backing storage doesn't offer compression
support.
Confirm that Samba matches Windows Server 2016 ReFS behaviour here.
Reported-by: Nick Barrett <nick@barrett.org.nz> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 6fde123176409e261d955e24b3d28e5124f33bed)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Sep 22 13:36:22 CEST 2017 on sn-devel-144
smbd/ioctl: match WS2016 ReFS set compression behaviour
ReFS doesn't support compression, but responds to set-compression FSCTLs
with NT_STATUS_OK if (and only if) the requested compression format is
COMPRESSION_FORMAT_NONE.
Reported-by: Nick Barrett <nick@barrett.org.nz> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 9 23:14:28 CET 2017 on sn-devel-144
ctdb-client: Initialize ctdb_ltdb_header completely for empty record
ctdb_ltdb_fetch() only fills in relevant portion of ctdb_ltdb_header
if the record does not exist. This can result in uninitialized writes
to ctdb_rec_buffer.
If a call request for a key (migration request) is in flight, then all
the subsequent call requests for the same key are deferred. In that case,
the data corresponding to key read from the local tdb is useless and there
is no need to keep it around. Once the deferred call is reprocessed,
the data corresponding to that key will be fetched again.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 77c17b03cfc4734142fd86ba3cdd9663e75f34e3)
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Sep 12 10:50:57 CEST 2017 on sn-devel-144
vfs_streams_xattr: Fix segfault when running with log level 10
This happens when vfs_streams_xattr is loaded, log level is set to 10
and the default stream of a file or directory is accessed. In that case
streams_xattr_open does not allocate the stream_io fsp extension. The
DBG_DEBUG message in streams_xattr_fstat tries to access the stream_io
before checking for a NULL value, resulting in the crash. Fix this by
moving the debug message after the check for a NULL pointer.
The logic we had in str[n]casecmp_w() used to compare
the upper cased as well as the lower cased versions of the
characters and returned the difference between the lower cased versions.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Sep 15 02:23:29 CEST 2017 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9d99b640b9002ad6c0eb0d29a6d7adcfda870e13)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 2a3d4fe0c9eacf9d0b2261ef116a1f6b741e20ee)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit c18ecdececef8fcfdaa5d3e1a066533c8b41f19d)
Once the recovery starts and databases are frozen, then all the record
access is postponed till the recovery is complete except reading the
database sequence number. Database access for reading sequence number
is done via a control which does not check if the databases are frozen
or not.
If the database is frozen and if the freeze transaction is not started
(this can happen when a node is inactive, or during recovery when the
database is frozen but the transaction has not yet started), then trying
to read sequence number will cause ctdb daemon to deadlock.
Before reading the sequence number, check if the database access is
allowed.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit f57d379446c551bca5906247c622e857c77089b0)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed Sep 13 18:48:58 CEST 2017 on sn-devel-144
projects / thirdparty / samba.git / log
