| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
symlink target is outside of the share.
Missed passing ucf_flags instead of hard coded flags in findfirst call.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 06:30:16 CEST 2011 on sn-devel-104
(cherry picked from commit f4593181876f7a9ef55ceee8d1a20369197a63ba)
|
| |
|
|
|
|
|
| |
symlink target is outside of the share.
The statcache has to do lstat instead of stat when returning cached
posix pathnames.
|
| |
|
|
|
|
|
| |
outside of the share.
The key is to only allow the lookup to succeed if it's a UNIX level lookup or readlink,
but disallow all other operations.
|
| |
|
|
|
|
| |
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jul 28 02:09:20 CEST 2011 on sn-devel-104
(cherry picked from commit d82256ca119eb8315cc69ba725ba71c386caa901)
|
| |
|
|
|
|
| |
from a cifsfs create.
Don't manipulate the new_dos_attributes bits until we know it's not a POSIX open.
|
| |
|
|
|
|
| |
permissions on incoming ACL change with no user specified.
Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the principle of least surprises for the user.
|
| |
|
|
|
|
|
| |
permissions on incoming ACL change with no user specified.
create_default_mode() is not needed - it's taken care of by code
inside ensure_canon_entry_valid().
|
| |
|
|
|
|
|
|
| |
(Invalid argument)
Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and
AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately
inside ensure_canon_entry_valid().
|
| |
|
|
|
|
|
| |
(Invalid argument)
Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in
a default(directory) ACL set.
|
| |
|
|
|
|
|
| |
(Invalid argument)
Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect
and causes the POSIX ACL ACL_USER_OBJ duplication.
|
| |
|
|
| |
Handle the SECINFO_LABEL flag in the same way as Win2k3.
|
| |
|
|
|
|
|
|
|
| |
If a client sends a mangled name as part of a DFS path, use the
post-mangled name for the pathname walk, not the mangled name.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 1 00:45:59 CEST 2011 on sn-devel-104
(cherry picked from commit 149875f887287dbbf016d2252962b023b0bae967)
|
| |
|
|
|
| |
OS/2 sends an unexpected write&x/read&x chain
(cherry picked from commit 2aca833308049d005c647aabcd9d894f59698ef4)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Move lp_acl_check_permissions() into can_delete_file_in_directory()
where it makes sense. Remove ACL check when requesting DELETE_ACCESS
when lp_acl_check_permissions is false.
Thanks to John Janosik @ IBM for noticing this.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the fix for bso#7836, the parent smbd is responsible for
maintaining an up-to-date printcap cache. It does this by forking a
child process to asynchronously fetch printcap data from CUPS.
When the child process exits after fetching all printcap data, the
parent smbd is sent SIGCHLD. This triggers smbd_sig_chld_handler() which
looks for the exited process PID on a "children" list.
Child smbd process PIDs are added to the "children" list to ensure
cleanup on unclean shutdown and log level change notification messages.
Printcap update process PIDs are not added to the list as they do not
maintain any state that requires cleanup, nor do they wait on tevent for
messages.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Feb 17 11:11:45 CET 2011 on sn-devel-104
(cherry picked from commit 9c12232f1ae36e00d04114ad73edd8ba3c2c6a5c)
Fix bug #8269 (smbd spams log with "Could not find child X -- ignoring"
messages).
|
| |
|
|
|
| |
Without this we were not sending the workgroup name in the negprot reply if
plain text passwords are used.
|
| |
|
|
|
|
| |
correctly with "inherit permissions = yes" and POSIX ACLs
Ensure when creating a directory, if we make any changes due to inheritance parameters, we update the stat returned.
|
| |
|
|
|
|
|
| |
correctly with "inherit permissions = yes" and POSIX ACLs
We don't need to check mode bits as well as dev/ino to
ensure we're in the same place.
|
| |
|
|
|
|
|
|
|
| |
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new file make sure we
must have a valid stat struct before making the inheritance
calls (as they may look at it), and if we make changes we
must have a valid stat struct after them.
|
| |
|
|
|
|
|
| |
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new file make sure we
also change the returned stat struct to have the correct uid.
|
| |
|
|
|
|
|
| |
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new directory make sure we
also change the returned stat struct to have the correct uid.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
security blob size is greater than 16 kB
We were not correctly checking the output of asn1_start_tag().
asn1_start_tag() returns -1 and sets data->has_error if the
remaining blob size is too short to contain the tag length.
We were checking data->has_error and returning NT_STATUS_OK
(to allow the second asn.1 parse to fail in that case). We
should not be checking data->has_error in this case, but
falling through to the code that already checks the length.
Thanks to Jim for reproducing this for me. We don't get bitten
by this as we announce a max buffer size of 16k, greater than
Windows's 4k, which means that most krb5 spnego packets already
fit.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pcap_cache_loaded() assertions were added to the (re)load_printers()
functions, to ensure the caller had called pcap_cache_reload() prior to
reloading printer shares.
The problem is, pcap_cache_loaded() returns false if the the pcap_cache
contains no printer entries. i.e. pcap_cache_reload() has run but not
detected any printers.
Remove these assertions, correct call ordering is already enforced.
Signed-off-by: Günther Deschner <gd@samba.org>
The last 3 patches address bug #7836 (A newly added printer isn't visbile to
clients).
|
| |
|
|
|
|
| |
This reverts commit b6268f507fa3276c2ef22c58bad400a3fed48cd9.
Signed-off-by: Günther Deschner <gd@samba.org>
|
| |
|
|
|
|
| |
This reverts commit e4579eab7fe3eab7a5209e6de74e6fd2f53099d0.
Signed-off-by: Günther Deschner <gd@samba.org>
|
| |
|
|
|
|
|
|
|
| |
We are conflating the O_CREAT|O_EXCL with the O_TRUNC
processing, they need to be separate. We need to chose
using (O_CREAT|O_EXCL) first, then modify if O_TRUNC is
set. This needs two separate switch statements.
Jeremy
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With a case insensitive file system the stat cache lookup leaked the parent
directorys stat information from unix_convert into the smb_filename. This led
open_file_ntcreate to believe it just created a directory.
In the case where we do the search we already invalidate the stat struct.
Thanks to TAKAHASHI Motonobu for insisting! :-)
Volker
|
| |
|
|
| |
Ensure we also check conn->admin_user when rejecting non-root access.
|
| | |
|
| |
|
|
|
| |
Refuse to set dos attributes into unix mode bits on such a
folder.
|
| |
|
|
|
|
| |
metze
(cherry picked from commit f0ec69b53544b7ff702f94d58b3d64c33eaabc7a)
(cherry picked from commit dca75c8e3ac23256d93269bdc13d1e67571bc9f2)
|
| |
|
|
|
|
|
| |
We need to revalidate the pathname once re-constructed from a root fsp.
Jeremy.
(cherry picked from commit 916e82823b56a70d7761644b38a250ea8c38e204)
|
| |
|
|
|
|
| |
metze
(cherry picked from commit 0bbe7334d69bcaa476f0741e0bd9685b023a4208)
(cherry picked from commit d677921237c66e6cdf83de04e16c576a101d6493)
|
| |
|
|
| |
This reverts commit 5a2b2d4aeb6fe4af13aa0c92d22ba5bc9b7f7e13.
|
| |
|
|
|
|
| |
This reverts commit a8a01e4a3dcafd97372021d0d6f859fd3a69235f.
This commit seems to break 'make test'.
|
| |
|
|
| |
Found by Michael Hanscho <samba@micha.priv.at> with a WinCE client.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a client connects to a samba share and while connected a printer is
added, the client will see the new printer share after a maximum of
'printcap cache time' seconds.
smbd's forked for new client connections inherit printcap information
from the parent (listener) smbd, which does not perform updates on
printcap cache time expiry. Therefore newly connected clients may
initially be presented with stale printer shares.
Add a housekeeping function to the parent smbd to ensure newly connected
clients see up to date printer shares.
The last 2 patches address bug #7836 (A newly added printer isn't visbile to
clients).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit eada8f8a, updates to the cups pcap cache are performed
asynchronously - cups_cache_reload() forks a child process to request
cups printer information and notify the parent smbd on completion.
Currently printer shares are reloaded immediately following the call to
cups_cache_reload(), this occurs prior to smbd receiving new cups pcap
information from the child process. Such behaviour can result in stale
print shares as outlined in bug 7836.
This fix ensures print shares are only reloaded after new pcap data has
been received.
Pair-Programmed-With: Lars Müller <lars@samba.org>
|
| | |
|
| |
|
|
|
|
|
|
| |
allocate is on
Tries posix_fallocate() and then falls back to old code.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
acl_xattr and acl_tdb module.
|
| | |
|
| |
|
|
| |
they can't be mapped.
|
| |
|
|
|
|
|
| |
neglect to apply appropriate create masks.
Jeremy.
(cherry picked from commit 8cad5e23b6e2440a566def6fb138d484e3b47643)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
unix mode_t to be generated.
It turns out a client can send an NTCreateX call for a new file, but specify
FILE_ATTRIBUTE_DIRECTORY in the attribute list. Windows silently strips this,
but we don't - causing the unix_mode() function to go through the "mode bits
for new directory" codepath, instead of the "mode bits for new file" codepath.
Jeremy.
(cherry picked from commit 92adb686372a9b67e47efb5b051bc351212f1780)
|
| |
|
|
| |
Jeremy.
|
