summaryrefslogtreecommitdiffstats
path: root/source4/ntvfs/posix
Commit message (Collapse)AuthorAgeFilesLines
* s4-waf: cleaned up tevent dependencyAndrew Tridgell2010-04-061-1/+1
|
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-061-0/+2
| | | | them
* build: waf quicktest nearly worksAndrew Tridgell2010-04-061-4/+4
| | | | | Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-061-0/+52
|
* s4-pvfs_sys: build on systems without O_NOFOLLOW or O_DIRECTORYAndrew Tridgell2010-03-051-4/+22
|
* s4-pvfs_sys: talloc_free should be before errno restoreAndrew Tridgell2010-03-051-13/+13
| | | | talloc can potentially change the errno
* s4-pvfs: use pvfs_sys_fchmod()Andrew Tridgell2010-03-053-4/+4
|
* s4-pvfs: set default for perm override based on system featuresAndrew Tridgell2010-03-051-1/+9
| | | | | | If the system has O_NOFOLLOW and O_DIRECTORY then we allow for overrides by default. If not, then we disable by default, as we will be more vulnerable to symlink attacks
* s4-pvfs: use O_FOLLOW one level at a time for security overridesAndrew Tridgell2010-03-051-37/+357
| | | | | To prevent symlink attacks we need to use O_NOFOLLOW one level at a time when processing a root security override
* s4-pvfs: use pvfs_sys_*() functions to wrap posix callsAndrew Tridgell2010-03-055-20/+20
| | | | | | | This allows for root override, which fixes many problems with mismatches between NT ACL permissions and unix permissions. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: new pvfs_sys module Andrew Tridgell2010-03-052-0/+301
| | | | | | | | The pvfs_sys_*() calls provide wrapper functions for posix file functions which use root privileges to override EACCES failures if PVFS_FLAG_PERM_OVERRIDE is set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: added new pvfs flag PVFS_FLAG_PERM_OVERRIDEAndrew Tridgell2010-03-052-0/+4
| | | | | | | | This flag indicates that we should use root privileges to override unix permissions when the NT ACLs indicate that access should be granted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: log more error conditions in NTVFS backendAndrew Tridgell2010-03-053-0/+31
| | | | | | This should make is easier to track down some bug reports Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-pvfs: move the private ntcreatex flags to private_flagsAndrew Tridgell2010-03-052-4/+8
| | | | | | | | Re-using two of the create_options bits was bound to eventually cause problems, and indeed, Windows7 now uses one of those bits when opening text files. Fixes bug 7189
* s4-posix: allow change ownership of files if the user has the right privilegesAndrew Tridgell2010-03-031-2/+21
| | | | | | | | | When a user has SEC_PRIV_TAKE_OWNERSHIP or SEC_PRIV_RESTORE they have permission to change the ownership of a file. This should fix bug 6987 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4: Switch to S3-style id mapping data types.Kai Blin2010-02-112-17/+17
|
* s4:Remove "Py_RETURN_NONE" compatibility codeMatthias Dieter Wallnöfer2010-02-092-8/+0
| | | | This was needed only by Python 2.3 which we no longer support.
* s4:UID wrapper - Fix includesMatthias Dieter Wallnöfer2010-02-051-0/+8
| | | | | | | The includes of the UID wrapper headers werent't really efficient according to metze's post on the technical mailing list (http://lists.samba.org/archive/samba-technical/2010-February/069165.html). To achieve this move the "uid_wrapper.h" includes into "lib/util/unix_privs.c", "lib/util/util.c", "ntvfs/posix/pvfs_acl.c" and "ntvfs/unixuid/vfs_unixuid.c".
* Change uint_t to unsigned int in source4Matt Kraai2010-02-026-23/+23
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* pyxattr: Move to the same directory as the xattr code.Jelmer Vernooij2010-01-253-0/+259
|
* s4: ntvfs, create push_xattr_blob_tdb_raw and pull_xattr_blob_tdb_raw that ↵Matthieu Patou2010-01-211-27/+49
| | | | | | | do not depend on pvfs objects Following a talk with tridge on IRC, this patch allow (pull|push)_xattr_blob to be called without having a pvfs object. It's handy for programs that wants to manipulate xattr directly.
* s4-ntvfs: check if pvfs is NULL in pvfs_logoffbrendan powers2009-12-171-0/+5
| | | | | | | | pvfs can be NULL if the directory a share points to does not exist. In this case, there would be no open files, so it is safe to just return from the function. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-ntvfs: try to fix bug 6989Andrew Tridgell2009-12-161-2/+2
| | | | | | bug 6989 is a rare crash that has occurred in production. My best guess as to the cause is the talloc_free() not being specific enough as to which parent needs to be freed.
* s4/smbstreams: Fix memory use after free.Kamen Mazdrashki2009-12-081-4/+8
| | | | | | | | The bug is that sometimes 'streams' is parent for 'new_name'. With this said, 'new_name' must be dupped before 'streams' pointer is freed. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4:ntvfs/posix/pvfs_streams - Fix "discard const" warningMatthias Dieter Wallnöfer2009-12-031-1/+1
| | | | | | I removed one "const" in front of a string declaration to achieve this. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4:ntvfs/posix/pvfs_resolve - Fix "discard const" warningMatthias Dieter Wallnöfer2009-12-032-4/+4
| | | | | | I removed two "const"s in front of string declarations to achieve this. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-pvfs: fixed access check failure in SFILEINFO testAndrew Tridgell2009-11-271-8/+5
| | | | matching windows behaviour is not always the right thing to do!
* s4-smb2: SMB2 uses NT_STATUS_CANCELLED for cancelled locksAndrew Tridgell2009-11-271-1/+5
|
* s4:ntvfs/posix/pvfs_acl - Remove unused variable "token"Matthias Dieter Wallnöfer2009-11-201-1/+0
|
* s4-pvfs: fill in alignment_requirement (valgrind error)Andrew Tridgell2009-10-191-0/+1
|
* s4-pvfs: another uninitialised variableAndrew Tridgell2009-10-191-1/+1
| | | | thanks to valgrind for this one
* s4-pvfs: fixed uninitialised variableAndrew Tridgell2009-10-191-1/+1
| | | | | This caused havoc on the build farm. Interestingly, it only affected gcc 4.3.3, not gcc 4.4.1
* s4-streams: fixed handling of stream rename and overwriteAndrew Tridgell2009-10-183-9/+21
|
* s4-pvfs: rename with full name gives SHARING_VIOLATIONAndrew Tridgell2009-10-181-1/+3
|
* s4-pvfs: when reporting the file name, don't include the :$DATA suffixAndrew Tridgell2009-10-181-0/+10
|
* s4-pvfs: the STREAM_INFORMATION calls don't need any access flagsAndrew Tridgell2009-10-181-0/+5
|
* s4-pvfs: fixed update of stream sizesAndrew Tridgell2009-10-181-1/+1
| | | | The data_blob_free() was changing the size we set the stream to
* s4-pvfs: more fixes for ACLs on file creationAndrew Tridgell2009-10-181-11/+12
| | | | | The passed in SD is not used to limit the access mask allowed on file create.
* s4-smb2: fixed SMB2 find commandsAndrew Tridgell2009-10-181-2/+2
| | | | | The change to check for invalid \ prefix on SMB2 paths broke the internal SMB2 code.
* s4-pvfs: change the handling of access checking on createAndrew Tridgell2009-10-184-60/+124
| | | | | | | Previously when a file was created, we produces the resulting access mask based on an ACL check against the parent. This change means we now calculate the inherited ACL much earlier, and produce the resulting access mask from that ACL, or the user supplied ACL.
* s4-pvfs: when uwrap is enabled, ignore chown errorsAndrew Tridgell2009-10-171-0/+3
| | | | chown is expected to fail under uwrap
* s4-pvfs: don't auto-apply privilege bits in unix acl handling eitherAndrew Tridgell2009-10-171-7/+11
|
* s4-pvfs: use privileges rather than "uid == 0" in unix access checkAndrew Tridgell2009-10-171-6/+12
| | | | This makes the unix access check much closer to the full ACL check
* s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell2009-10-161-2/+2
| | | | This matches the sec_access_check() code
* s4-pvfs: implement root_fid support in posix backendAndrew Tridgell2009-10-151-0/+15
| | | | Construct the filename from the old handle and the new name.
* s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWEDAndrew Tridgell2009-10-151-1/+1
| | | | | The CREATEX_ACCESS test shows that this is used as a bit test, not a equality test
* no need to shout about getting an oplockAndrew Tridgell2009-08-121-1/+1
|
* fixed a problem with group policy writes causing policy corruptionAndrew Tridgell2009-08-053-4/+48
| | | | | | | | | | | | This bug was caused by two things: 1) in the unix ACL mapping, we were not taking into account group write permssions for the SEC_STD_DELETE flag 2) when a file is created using OVERWRITE mode, a fchmod() would fail if the user is not the file owner. We resolve that by only doing the fchmod() if the mapped file attribute does not match the desired file attribute
* fixed the sense of the pvfs_acl uwrap checkAndrew Tridgell2009-08-051-1/+1
|
* make the UID_WRAPPER skip checks at runtimeAndrew Tridgell2009-08-051-7/+7
| | | | | | | This fixes two issues pointed out by Andrew. It adds a runtime uwrap_enabled() call that wraps the skips needed for uid emulation. It also makes the skip in the directory_create_or_exist() function only change the uid checking code, not the permissions code
generated by cgit (git 2.34.1) at 2025-09-26 20:33:32 +0000