Christof Schmitt [Mon, 6 Jan 2020 21:14:17 +0000 (14:14 -0700)]
vfs_gpfs: Only clear sharemode on close when sharemode has been taken
This avoids a redundant error message in case the call to acquire the
sharemode had failed before.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 6 Jan 2020 21:07:29 +0000 (14:07 -0700)]
vfs_gpfs: Log error if clearing of sharemode fails on close
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 6 Jan 2020 21:00:32 +0000 (14:00 -0700)]
vfs_gpfs: Add comment explaining why sharemode is dropped in close call.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 6 Jan 2020 20:53:13 +0000 (13:53 -0700)]
vfs_gpfs: Remove unncessary check from close function
The fsp has a valid file descriptor when this function is called. No
need for the additional check.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:56:07 +0000 (12:56 -0700)]
vfs_gpfs: Cleanup debug message file system share mode
Use the newer debug macro and the full variable names.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 18:40:50 +0000 (11:40 -0700)]
vfs_gpfs: Cleanup clearing file system share mode
The VFS flock function is called with a zero access_mask to indicate
that the share mode should be cleared. Adjust the check to directly
check the access_mask and provide a better message to indicate this
case.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 30 Dec 2019 22:39:43 +0000 (15:39 -0700)]
vfs_gpfs: Move mapping to sharemode deny to helper function
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 30 Dec 2019 22:33:03 +0000 (15:33 -0700)]
vfs_gpfs: Move mapping from access mask to sharemode allow to helper function
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Mon, 30 Dec 2019 22:20:05 +0000 (15:20 -0700)]
vfs_gpfs: Remove check for open file in share mode function
The calling code already ensures that the file is open with a valid file
descriptor.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:52:48 +0000 (12:52 -0700)]
vfs_time_audit: Rename argument of flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:51:17 +0000 (12:51 -0700)]
vfs_streams_xattr: Rename argument of flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:45:06 +0000 (12:45 -0700)]
vfs_gpfs: Rename argument of flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:41:00 +0000 (12:41 -0700)]
vfs_glusterfs: Rename argument of flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:38:00 +0000 (12:38 -0700)]
vfs_full_audit: Rename argument of flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:09:23 +0000 (12:09 -0700)]
vfs_ceph: Rename argument for flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:08:38 +0000 (12:08 -0700)]
vfs_catia: Rename argument for flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:06:40 +0000 (12:06 -0700)]
vfs_not_implemented: Rename argument for flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 19:05:57 +0000 (12:05 -0700)]
vfs: Rename argument for kernel_flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 3 Jan 2020 18:58:38 +0000 (11:58 -0700)]
system: Rename argument for kernel_flock function
MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 2 Jan 2020 21:58:06 +0000 (22:58 +0100)]
auth: Simplify struct auth4_context
The fake async code has been pushed down into the 3 users, remove the sync
callback. Overall it's more lines of code, but the central interface is
simplified.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 6 23:34:00 UTC 2020 on sn-devel-184
Volker Lendecke [Thu, 2 Jan 2020 16:22:36 +0000 (17:22 +0100)]
ntlm_auth: Replace winbind_pw_check() by _send and _recv
This is just fake async, but it avoids one use of a sync function
pointer in auth4_context
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 2 Jan 2020 16:22:36 +0000 (17:22 +0100)]
ntlm_auth: Replace local_pw_check() by _send and _recv
This is just fake async, but it avoids one use of a sync function
pointer in auth4_context
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 2 Jan 2020 16:22:36 +0000 (17:22 +0100)]
auth3: Replace auth3_check_password() by _send and _recv
This is just fake async, but it avoids one use of a sync function
pointer in auth4_context
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Isaac Boukris [Fri, 3 Jan 2020 14:39:34 +0000 (15:39 +0100)]
winbindd_pam.c: split winbindd_dual_pam_auth_samlogon
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 6 20:33:55 UTC 2020 on sn-devel-184
Volker Lendecke [Fri, 3 Jan 2020 13:24:13 +0000 (14:24 +0100)]
auth: Avoid casts in ntlm_check.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Jan 6 03:12:20 UTC 2020 on sn-devel-184
Volker Lendecke [Fri, 3 Jan 2020 13:04:02 +0000 (14:04 +0100)]
auth: Check for talloc failure in smb_sess_key_ntlmv2()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 13:10:00 +0000 (14:10 +0100)]
auth: Slightly simplify smb_pwd_check_ntlmv1()
Do an early return for the failure case
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 13:04:02 +0000 (14:04 +0100)]
auth: Check for talloc failure in smb_pwd_check_ntlmv1()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 13:10:00 +0000 (14:10 +0100)]
auth: Slightly simplify smb_pwd_check_ntlmv2()
Do an early return for the failure case
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 13:04:02 +0000 (14:04 +0100)]
auth: Check for talloc failure in smb_pwd_check_ntlmv2()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 12:47:14 +0000 (13:47 +0100)]
auth: Remove the "typedef auth_methods"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 11:42:03 +0000 (12:42 +0100)]
winbind: Fix CID
1456624 Uninitialized scalar variable
Coverity does not get that for (rc!=0) gnutls_error_to_ntstatus()
never returns NT_STATUS_OK
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 2 Jan 2020 14:02:44 +0000 (15:02 +0100)]
auth3: Avoid a casts in auth3_check_password()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 11:51:04 +0000 (12:51 +0100)]
auth3: Simplify auth_get_ntlm_challenge()
Use generate_random_buffer() directly on the talloc'ed buffer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 2 Jan 2020 11:41:16 +0000 (12:41 +0100)]
auth3: Check for talloc failure
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 3 Jan 2020 11:28:49 +0000 (12:28 +0100)]
tests: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Björn Jacke [Fri, 3 Jan 2020 14:29:34 +0000 (15:29 +0100)]
python/loadparm: check for AD DC required VFS modules
same as the previous commit, just for python's testparm code
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10560
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Fri Jan 3 22:19:47 UTC 2020 on sn-devel-184
David Disseldorp [Fri, 3 Jan 2020 13:31:28 +0000 (14:31 +0100)]
loadparm: check for AD DC required VFS modules
When Samba is running as a domain controller and the "vfs objects"
parameter is not set, then the dfs_samba4 and acl_xattr modules are
automatically enabled.
However, if the "vfs objects" is defined, then the setting is left
as-is. This means that attempts to us other VFS modules have the side
effect of disabling the dfs_samba4 and acl_xattr modules, causing
unexpected behaviour, which is then blamed on the VFS modules that were
explicitly defined.
This change ensures that when running as a domain controller, Samba logs
an error if the required VFS modules are not enabled by an explicit
"vfs objects" definition.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10560
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Volker Lendecke [Sun, 22 Dec 2019 17:20:12 +0000 (18:20 +0100)]
smbd: Remove an unused parameter from defer_open()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan 3 01:30:24 UTC 2020 on sn-devel-184
Volker Lendecke [Mon, 16 Dec 2019 15:47:38 +0000 (16:47 +0100)]
smbd: Avoid a "? True : False"
VALID_STAT() already is a boolean expression
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Sat, 7 Dec 2019 13:13:04 +0000 (14:13 +0100)]
lsasd: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Sun, 1 Dec 2019 15:21:12 +0000 (16:21 +0100)]
dsdb: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Sun, 1 Dec 2019 15:10:18 +0000 (16:10 +0100)]
audit_log: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Mon, 30 Dec 2019 12:56:14 +0000 (13:56 +0100)]
ntlm_auth: Fix a DEBUG message
This is not routine auth_generic_prepare
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Thu, 2 Jan 2020 10:15:48 +0000 (11:15 +0100)]
lib: Remove an unused variable from security_token_debug()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Martin Schwenke [Thu, 28 Nov 2019 03:00:58 +0000 (14:00 +1100)]
ctdb-tests: Skip some tests that don't work with IPv6
See the comments added to the tests.
It may be possible to rewrite these so they do something sane for
IPv6... some other time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14227
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jan 3 00:00:55 UTC 2020 on sn-devel-184
Martin Schwenke [Fri, 13 Dec 2019 00:09:04 +0000 (11:09 +1100)]
ctdb-scripts: Strip square brackets when gathering connection info
ss added square brackets around IPv6 addresses in versions > 4.12.0
via commit
aba9c23a6e1cb134840c998df14888dca469a485. CentOS 7 added
this feature somewhere mid-release. So, backward compatibility is
obviously needed.
As per the comment protocol/protocol_util.c should probably print and
parse such square brackets. However, for backward compatibility the
brackets would have to be stripped in both places in
update_tickles()... or added to the ss output when missing. Best to
leave this until we have a connection tracking daemon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14227
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Stefan Metzmacher [Wed, 1 Jan 2020 09:05:07 +0000 (10:05 +0100)]
Happy New Year 2020!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 1 12:04:52 UTC 2020 on sn-devel-184
Volker Lendecke [Fri, 20 Dec 2019 15:20:00 +0000 (16:20 +0100)]
lib: Fix contending with a READ lock
When contending a WRITE with an existing READ, the contender puts
himself into the exclusive slot, waiting for the READers to go
away. If the async lock request is canceled before we got the lock, we
need to remove ourselves again. This is done in the destructor of the
g_lock_lock_state. In the successful case, the destructor needs to go
away.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 22 18:57:17 UTC 2019 on sn-devel-184
Volker Lendecke [Sun, 22 Dec 2019 13:05:17 +0000 (14:05 +0100)]
torture3: Add a test that contends with a READ, not a WRITE lock
This walks different code paths in the subsequent locker. And the one
that we did not test so far is in fact buggy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 22 Dec 2019 13:01:07 +0000 (14:01 +0100)]
torture3: Parametrize lock4_child()s locktype
We'll call it twice soon
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 21 Dec 2019 09:47:37 +0000 (10:47 +0100)]
torture3: Introduce "key" helper variable
Call string_term_tdb_data() once instead of three times
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
awalker [Fri, 30 Aug 2019 19:30:57 +0000 (15:30 -0400)]
vfs_zfsacl: fix issue with ACL inheritance in zfsacl
Add parameter zfsacl:map_dacl_protected to address issue preventing Windows Clients
from disabling inheritance on ACLs. FreeBSD does not currently expose the ACL_PROTECTED
NFS4.1 flag, but it does expose ACE4_INHERITED_ACE. When the parameter is enabled,
map the absence of ACE4_INHERITED_ACE to SEC_DESC_DACL_PROTECTED.
See also the discussion at
https://gitlab.com/samba-team/samba/merge_requests/719
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 20 23:24:54 UTC 2019 on sn-devel-184
Ralph Boehme [Sat, 19 Oct 2019 13:37:45 +0000 (15:37 +0200)]
vfs_zfsacl: pass config to zfs_get_nt_acl_common()
Not used for now, that comes next.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 19 Oct 2019 13:36:15 +0000 (15:36 +0200)]
vfs_zfsacl: pass nfs4_params to smb_set_nt_acl_nfs4()
Now that we parse nfs4_params in the VFS connect in this module, we can pass it
to smb_set_nt_acl_nfs4() which avoids having smb_set_nt_acl_nfs4() parse
it *every time* it's called.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
awalker [Fri, 30 Aug 2019 19:17:26 +0000 (15:17 -0400)]
vfs_zfsacl: add manpage entry for zfsacl:denymissingspecial
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
awalker [Fri, 30 Aug 2019 19:15:37 +0000 (15:15 -0400)]
vfs_zfsacl: load parameters on connect
Convert zfsacl:denymissingspecial so that the parameter loads on connect.
Signed-off-by: Andrew Walker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Mulder [Tue, 10 Dec 2019 20:49:28 +0000 (13:49 -0700)]
Convert samba4.base.rw1 test to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Mulder [Tue, 10 Dec 2019 14:47:12 +0000 (07:47 -0700)]
Convert samba4.base.*attr tests to smb2
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 25 Nov 2019 09:17:38 +0000 (10:17 +0100)]
s3: remove unused session_keystr from struct user_struct
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 13:06:20 UTC 2019 on sn-devel-184
Ralph Boehme [Fri, 22 Nov 2019 17:08:56 +0000 (18:08 +0100)]
s3: remove unused macro FSP_BELONGS_CONN()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 16 Dec 2019 14:24:23 +0000 (15:24 +0100)]
s3: simplify create_conn_struct_as_root()
Now that all callers pass in a valid session_info, we can remove handling of
session_info=NULL. Add an assert(session_info != NULL) just in case... :)
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:58:57 +0000 (14:58 +0100)]
pysmbd: add "session_info" arg tp py_smbd_create_file()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:57:53 +0000 (14:57 +0100)]
pysmbd: add "session_info" arg to py_smbd_mkdir()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:56:18 +0000 (14:56 +0100)]
pysmbd: add "session_info" arg to py_smbd_get_sys_acl()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:54:40 +0000 (14:54 +0100)]
pysmbd: add "session_info" arg to py_smbd_set_sys_acl()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:52:49 +0000 (14:52 +0100)]
pysmbd: make "session_info" arg to py_smbd_get_nt_acl() mandatory
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:49:42 +0000 (14:49 +0100)]
pysmbd: make "session_info" arg to py_smbd_set_nt_acl() mandatory
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:14:45 +0000 (14:14 +0100)]
pysmbd: add "session_info" arg to py_smbd_unlink()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:14:07 +0000 (14:14 +0100)]
pysmbd: add "session_info" arg to py_smbd_chown()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:13:30 +0000 (14:13 +0100)]
pysmbd: add "session_info" arg to py_smbd_set_simple_acl()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 14:32:17 +0000 (15:32 +0100)]
python/tests: use a system session_info in posixacl.py
Previously posixacl.py passed None as session_info object from
get_session_info().
That meant that the if/else branch referring to session_info:
if nwrap_winbind_active or session_info:
self.assertEquals(posix_acl.acl[1].a_perm, 7)
else:
self.assertEquals(posix_acl.acl[1].a_perm, 6)
must be tweaked to take into account that session info is now either
* a system session_info in which case we must continue to use the if branch in
the code, or
* a user session_info in which case we must continue to go through the else
branch
Using
is_user_session = not session_info.security_token.is_system()
in place of just "session_info" does the trick.
Cf the classes SessionedPosixAclMappingTests and
UnixSessionedPosixAclMappingTests in posixacl.py, those are the ones that
trigger test execution with a user session.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:58:32 +0000 (14:58 +0100)]
pysmbd: reformat py_smbd_create_file() kwnames
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:57:20 +0000 (14:57 +0100)]
pysmbd: reformat py_smbd_mkdir() kwnames
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:55:54 +0000 (14:55 +0100)]
pysmbd: reformat py_smbd_get_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:54:04 +0000 (14:54 +0100)]
pysmbd: reformat py_smbd_set_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:21:03 +0000 (14:21 +0100)]
pysmbd: reformat py_smbd_get_nt_acl() kwnames
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 13:16:52 +0000 (14:16 +0100)]
pysmbd: reformat py_smbd_have_posix_acls() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 11:59:32 +0000 (12:59 +0100)]
pysmbd: reformat py_smbd_unlink() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 11:58:08 +0000 (12:58 +0100)]
pysmbd: reformat py_smbd_chown() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 17 Dec 2019 11:54:11 +0000 (12:54 +0100)]
pysmbd: reformat py_smbd_set_simple_acl() kwnames and PyArg_ParseTupleAndKeywords() call
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 16 Dec 2019 17:00:26 +0000 (18:00 +0100)]
python: move system_session_unix to new auth_util.py
system_session_unix() will be used by many more callers soon.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 16 Dec 2019 13:42:04 +0000 (14:42 +0100)]
smbd: pass session_info to create_conn_struct_tos()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 16 Dec 2019 13:41:03 +0000 (14:41 +0100)]
s3:rpc_server: pass session_info to get_nt_acl_no_snum()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 16 Dec 2019 13:40:21 +0000 (14:40 +0100)]
s3:rpc_server: pass session_info to elog_check_access()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:19:37 +0000 (16:19 +0100)]
smbd: pass session info to create_conn_struct_tos_cwd()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:53:36 +0000 (16:53 +0100)]
smbd: pass session_info to form_junctions()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:51:16 +0000 (16:51 +0100)]
smbd: pass session info to count_dfs_links()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:31:04 +0000 (16:31 +0100)]
s3: pass session_info to enum_msdfs_links()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:27:51 +0000 (16:27 +0100)]
smbd: pass session_info to junction_to_local_path_tos()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:25:44 +0000 (16:25 +0100)]
s3: pass session_info to remove_msdfs_link()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:23:38 +0000 (16:23 +0100)]
s3: pass session_info to create_msdfs_link()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 13 Dec 2019 15:19:03 +0000 (16:19 +0100)]
s3: pass session info to get_referred_path()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 19 Dec 2019 21:50:09 +0000 (10:50 +1300)]
librpc: Do not access name[-1] trying to push "" into a dnsp_name
This simply matches the behaviour from before
e7b1acaddf2ccc7de0301cc67f72187ab450e7b5
when the logic for a trailing . was added. This matches what is added in
the dnsRecord attribute for a name of "." over the dnsserver RPC
management interface and is based on what Windows does for that name
in (eg) an MX record.
No a security bug because we use talloc and so name will be just the
end of the talloc header.
Credit to OSS-Fuzz
Found using the fuzz_ndr_X fuzzer
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 11:33:52 UTC 2019 on sn-devel-184
Andrew Bartlett [Thu, 19 Dec 2019 22:34:38 +0000 (11:34 +1300)]
selftest: Confirm parse of dnsProperty records
This confirms a name of "." will round-trip correctly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Fri, 20 Dec 2019 03:33:54 +0000 (16:33 +1300)]
WHATSNEW: Celebrate the end of smbdes and the almost-end of in-tree AES
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Wed, 18 Dec 2019 22:20:30 +0000 (11:20 +1300)]
s4-smbd: Also restart prefork children lost to SIGKILL (-9)
Samba 4.10 and later versions have a process restart capability to greatly
reduce the impact of crashes due to a NULL pointer de-reference or abort().
However SIGKILL was deliberatly omitted.
Sadly this is the most likely case, due to the OOM killer, as raised here:
https://lists.samba.org/archive/samba-technical/2019-November/134529.html
Subsequent discussion (offline) has been to agree that we should restart in
this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14221
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 16 Dec 2019 15:45:38 +0000 (16:45 +0100)]
librpc: Add test for ndr_string_length()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 20 09:01:30 UTC 2019 on sn-devel-184
Andreas Schneider [Mon, 16 Dec 2019 14:50:17 +0000 (15:50 +0100)]
librpc: Fix string length checking in ndr_pull_charset_to_null()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14219
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 19 Dec 2019 03:31:46 +0000 (16:31 +1300)]
upgradedns: ensure lmdb lock files linked
Ensure that the '-lock' files for the dns partitions as well as the data
files are linked when running
samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>