| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
On unclean shutdown we can end up with stale entries in the brlock,
connections and locking db. Previously we would do the cleanup on
every unclean exit, but that can cause smbd to be completely
unavailable for several minutes when a large number of child smbd
processes exit.
This adds a rate limited cleanup of the databases, with the default
that cleanup happens at most every 20s
|
| |
|
|
| |
These have been replaced with the min timeout in blocking.c
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we are waiting on a pending byte range lock, another smbd might
exit uncleanly, and therefore not notify us of the removal of the
lock, and thus not trigger the lock to be retried.
We coped with this up to now by adding a message_send_all() in the
SIGCHLD and cluster reconfigure handlers to send a MSG_SMB_UNLOCK to
all smbd processes. That would generate O(N^2) work when a large
number of clients disconnected at once (such as on a network outage),
which could leave the whole system unusable for a very long time (many
minutes, or even longer).
By adding a minimum re-check time for pending byte range locks we
avoid this problem by ensuring that pending locks are retried at a
more regular interval.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
new create time code.
Remove erroneous optimisation that caused no EA to be set
if calculated btime matched st_ex btime, and calculated DOS
attribute matched existing file attribute.
Jeremy.
|
| |
|
|
|
|
| |
when logged as root.. Doh !
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
conn->server_info->utok.uid == 0
isn't the correct check to see if we're root anymore. As rpc_samr_nt.c does,
the correct check is :
geteuid() == sec_initial_uid()
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The destname malloc size was not taking into account the 1 extra byte
needed if a string without a leading '/' was passed in and that slash
was added.
This would cause the '\0' byte to be written past the end of the
malloced destname string and corrupt whatever heap memory was there.
This problem would be hit if a share name was given in smb.conf without
a leading '/' and if it was the exact size of the allocated STRDUP memory
which in some implementations of malloc is a power of 2.
|
| |
|
|
|
|
|
|
|
| |
respond to a read or write.
Only works on Linux kernels 2.6.26 and above. Grants CAP_KILL capability
to allow Linux threads under different euids to send signals to each other.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 9536d94d5478b63fc05047964b40d8786a7246c4.
Bjorn, your change removed the ndr_decoding of the dos attribute.
Not a good idea :-).
Jeremy.
|
| |
|
|
| |
Jeremy, please check!
|
| | |
|
| |
|
|
|
| |
This makes it a bit more obvious for me that the signing sequence number is
tied to the SMB request.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
| |
a directory.
Argh. Missed the second (and essential) part of the fix for the above :-(.
Jeremy
|
| |
|
|
|
|
|
|
|
|
|
| |
a directory.
There is a codepath missing to propagate back error returns from the rmdir
POSIX call inside close_directory when delete on close is set. This means doing
an rmdir on a Windows command line will always report success, even when the
directory was not deleted. This fix adds that codepath back into Samba.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
rights fails even if the delete right is set on the object.
Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.
Jeremy.
|
| |
|
|
| |
This is no longer used for anything.
|
| |
|
|
|
|
|
|
| |
Windows seems to allow this
http://lists.samba.org/archive/samba-technical/2009-November/068116.html
has a dump of this.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This bug re-occurred for 3.3.x and above.
The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.
Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is to introduce a new format of the password history, maintaining backwards
compatibility: The old format was 16 byte hash + 16 byte md5(salt + nt hash).
The new format is 16 zero bytes and 16 bytes nt hash.
This will allow us to respect the last X entries of the nt password history
when deciding whether to increment the bad password count.
This is part of the fix for bug #4347 .
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code I just removed was checked in with e5466fffc286a99f as a bug fix for
https://bugzilla.samba.org/show_bug.cgi?id=3319. With the changes to
is_visible_file made with 9e8b8f8c16612 these lines have become unnecessary,
even with "hide unreadable = yes" dead msdfs symlinks show. This is because we
can not stat(2) them and default to showing them.
Why this change? I have a user who wants to use "hide unreadable" on msdfs
links. Because you can't edit acls on symlinks themselves, the user created the
targets as bogus, empty files that just exist as acl placeholders. With the
code in place that this patch removes, we never allow this to work.
Jeremy, please check! :-)
Thanks,
Volker
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
When deferring an async pipe writeX and readX transfer
the outstanding request struct onto the conn struct. This
needs freeing after the packet is finally processed.
Jeremy.
|
| |
|
|
|
|
|
|
| |
struct in the fsp->fsp_name pointer incorrectly for a directory.
Fix this. Make map_canon_ace_perms() public.
Jeremy.
|
| |
|
|
| |
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
| |
Don't change the contents of a const string via a pointer
alias (or if you do, change it back.....).
Jeremy.
|
| |
|
|
|
|
|
| |
Rewrite all calls to reply_nterror(NT_STATUS_DOS()) to
reply_force_doserror() and update the comment in smbd/error.c
Jeremy.
|
| |
|
|
|
|
|
| |
correct reply_nterror calls. Next rename reply_doserror ->
reply_force_doserror and plumb in when NT_STATUS_DOS is
used.
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
reply_doserror(), reply_nterror(), and reply_nterror(NT_STATUS_DOS()).
Fix the call in rely_openerror() to actually force a DOS error
for "too many open files".
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
Start migrating uses of reply_doserror() to reply_nterror() with the
correct mapping. Eventually we'll get to the point where we can
change reply_doserror() to force a DOS error code on the wire,
and can change calls to reply_nterror(req, NT_STATUS_DOS()) - which *does*
force DOS errors on the wire - to reply_doserror(). Which might
actually make the server code look like it's making sense.
Jeremy.
|
| |
|
|
|
|
| |
This is what W2KR3 does for NTCreateX and openX calls. May be the correct fix
for bug 6837 - "Too many open files" when trying to access large number of files.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
| |
We were returning the wrong sense of the bool. must_mangle()
has to return !NT_STATUS_IS_OK, not NT_STATUS_IS_OK.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
| |
attributes by protocol level.
This makes us consistant in returning DOS attrs across all replies. Tested on OS/2 by Günter Kukkukk.
Jeremy.
|
| | |
|
