David Disseldorp [Wed, 15 May 2013 10:01:29 +0000 (12:01 +0200)]
torture: enum snapshots after FSRVP creation
Issue and smb2 ENUM_SNAPSHOTS ioctl following FSRVP snapshot creation to
cover Explorer previous file version use-cases.
This test will fail against Windows Server 2012, as FSRVP created
snapshots are not exposed via the ENUM_SNAPSHOTS ioctl.
David Disseldorp [Tue, 14 May 2013 22:45:17 +0000 (00:45 +0200)]
selftest: run the FSRVP test suite against s3
David Disseldorp [Tue, 14 May 2013 22:42:35 +0000 (00:42 +0200)]
selftest/s3: add FSRVP configuration
Define a share that uses both vfs_shell_snap and fake_snap.pl to create,
delete and expose fake snapshots in response to FSRVP requests.
David Disseldorp [Tue, 14 May 2013 22:41:32 +0000 (00:41 +0200)]
torture: use logical fsrvp share name
David Disseldorp [Tue, 14 May 2013 22:31:55 +0000 (00:31 +0200)]
fss: permit FSRVP ops where the caller started smbd
FSRVP operations should be permitted If the requestors security token
matches the initial process uid. This adds the ability for the selftest
user to issue FSRVP requests.
David Disseldorp [Fri, 1 Feb 2013 14:41:37 +0000 (15:41 +0100)]
test: add fake_snap.pl for snapshot simulation
The script simulates snapshots by simply copying file data from the base
path to a snapshot path located under .snapshots/@GMT-%Y.%m.%d-%H.%M.%S/
David Disseldorp [Wed, 30 Jan 2013 13:42:46 +0000 (14:42 +0100)]
vfs: add vfs_shell_snap module
The shell_snap VFS module plumbs into the snapshot (aka shadow-copy)
management paths used by Samba's File Server Remote Vss Protocol (FSRVP)
server.
The following shell callouts may be configured in smb.conf:
shell_snap:check path command
- Called when an FSRVP client wishes to check whether a given
share supports snapshot create/delete requests.
- The command is called with a single <share path> argument.
- The command must return 0 if <share path> is capable of being
snapshotted.
shell_snap:create command
- Called when an FSRVP client wishes to create a snapshot.
- The command is called with a single <share path> argument.
- The command must return 0 status if the snapshot was
successfully taken.
- The command must output the path of the newly created snapshot
to stdout.
shell_snap:delete command
- Called when an FSRVP client wishes to delete a snapshot.
- The command is called with <base share path> and
<snapshot share path> arguments.
- The command must return 0 status if the snapshot was
successfully removed.
David Disseldorp [Mon, 28 Jan 2013 18:17:28 +0000 (19:17 +0100)]
SQ fss: _fss_ExposeShadowCopySet error path cleanup
David Disseldorp [Mon, 28 Jan 2013 16:48:01 +0000 (17:48 +0100)]
SQ fss: clean up _AddToShadowCopySet error paths
David Disseldorp [Tue, 14 May 2013 06:53:47 +0000 (08:53 +0200)]
fss: log error on conf deletion failure
Hit after DiskShadow requested the deletion of a non-existent snapshot.
David Disseldorp [Mon, 6 May 2013 14:26:16 +0000 (16:26 +0200)]
fss: perform case insensitive share name lookup
GetShareMapping and DeleteShareMapping requests may be sent with a share
name that is of differing case to the one stored in the shadow copy
share mapping state. Lookup should be case-insensitive.
David Disseldorp [Sun, 5 May 2013 16:50:13 +0000 (18:50 +0200)]
fss: return netbios name instead of IP in responses
IsPathSupported() and GetShareMapping() responses include the server
machine name and snapshot UNC respectively. Until now the server IP
address has been used, lp_netbios_name() should be used instead.
David Disseldorp [Tue, 30 Apr 2013 22:19:37 +0000 (00:19 +0200)]
fss: use UNC parser for Get/DeleteShareMapping RPCs
David Disseldorp [Tue, 30 Apr 2013 21:48:48 +0000 (23:48 +0200)]
rpcclient: abort shadow-copy set on commmit failure
Use similar behavour to the diskshadow.exe FSRVP client, which aborts
the shadow-copy set if it receives a failed commit response.
David Disseldorp [Tue, 29 Jan 2013 14:31:02 +0000 (15:31 +0100)]
SQ fsrvp: use DBGC_RPC_SRV for fss_agent code
David Disseldorp [Mon, 29 Apr 2013 14:33:26 +0000 (16:33 +0200)]
fss: store state after shadow copy set abort
diskshadow.exe immediately aborts any shadow copy set for which a commit
fails. FSRVP server state should be saved to disk after this occurs.
David Disseldorp [Sun, 28 Apr 2013 13:20:28 +0000 (15:20 +0200)]
fss: add generic UNC parser
diskshadow.exe sends UNC paths with a trailing '\'.
David Disseldorp [Fri, 26 Apr 2013 16:45:59 +0000 (18:45 +0200)]
s3/rpc_server: Fix DCERPC request unmarshalling
DCERPC requests may carry an Object GUID, who's presence is signaled by
the PFC_OBJECT_UUID flag in the PfcFlags field. Current unmarshalling
code requires that the PFC_OBJECT_UUID flag is carried in the ndr flags
as LIBNDR_FLAG_OBJECT_PRESENT.
David Disseldorp [Thu, 25 Apr 2013 11:27:47 +0000 (13:27 +0200)]
s3/rpc_server: add support for mgmt_inq_princ_name
Return the servers service principle name.
David Disseldorp [Thu, 25 Apr 2013 09:17:28 +0000 (11:17 +0200)]
rpcclient: add mgmt command support
mgmt_inq_server_princ_name is the only implemented RPC call so far.
David Disseldorp [Mon, 22 Apr 2013 15:20:31 +0000 (17:20 +0200)]
s3/rpc_server: add skeleton mgmt RPC server
David Disseldorp [Thu, 18 Apr 2013 16:26:33 +0000 (18:26 +0200)]
winbind: change nested structure initialization syntax
Static initialization using ".outer_struct.inner_member =" syntax is not
supported by gcc 4.3.4.
David Disseldorp [Thu, 18 Apr 2013 15:12:15 +0000 (17:12 +0200)]
winbindd: allocate winbindd child state on heap
Allows the structure to be passed to the tevent_done callback.
David Disseldorp [Thu, 18 Apr 2013 13:39:58 +0000 (15:39 +0200)]
SPLIT: get async winbind child building
David Disseldorp [Tue, 16 Apr 2013 14:09:45 +0000 (16:09 +0200)]
s3-winbind: handle async child dispatch table entries
David Disseldorp [Tue, 16 Apr 2013 13:17:53 +0000 (15:17 +0200)]
s3-winbind: make child_process_request async
Back-end dispatch is still done synchronously, but this will be changed
to async in future.
David Disseldorp [Tue, 16 Apr 2013 12:19:53 +0000 (14:19 +0200)]
s3-winbind: talloc winbindd request and response structs
David Disseldorp [Tue, 16 Apr 2013 11:11:00 +0000 (13:11 +0200)]
s3-winbind: avoid talloc_tos in fork_domain_child
In preparation for asynchronous dispatch support, the fork_domain_child
code path should not rely on talloc_tos. This commit also changes the
function to only call winbind_event_context() once after initialisation.
David Disseldorp [Mon, 15 Apr 2013 17:12:27 +0000 (19:12 +0200)]
winbind: add conditional child dispatch type
Dispatch functions in the winbindd_child_dispatch_type structure now
carry a type enum, which identifies whether the function is synchronous
or asynchronous. Currently all functions remain synchronous.
David Disseldorp [Thu, 14 Mar 2013 18:49:04 +0000 (19:49 +0100)]
winbind: separate child response sock write
For consistency with request read side.
David Disseldorp [Thu, 14 Mar 2013 16:36:36 +0000 (17:36 +0100)]
winbind: only pass needed args to child_read_request
The socket and request are the only arguments required, the entire
winbind child state structure is not needed.
This allows for the separation of the request and response structures,
which will be done as part of making winbind_child asynchronous.
David Disseldorp [Thu, 24 Jan 2013 14:42:30 +0000 (15:42 +0100)]
SQ snapper: change time type dbus args to signed
Upstream snapper now passes signed values over dbus, the signature must
reflect this on our side.
David Disseldorp [Mon, 5 Nov 2012 12:31:01 +0000 (13:31 +0100)]
snapper: add snap_dir_expand VFS op handler
David Disseldorp [Mon, 5 Nov 2012 12:20:57 +0000 (13:20 +0100)]
vfs: split gmt token processing into a module
David Disseldorp [Wed, 17 Oct 2012 12:08:14 +0000 (14:08 +0200)]
SQ snapper: clean up DEBUG statements
David Disseldorp [Tue, 16 Oct 2012 15:08:10 +0000 (17:08 +0200)]
SQ: use gmt_tok_common wrappers in vfs_snapper
David Disseldorp [Mon, 15 Oct 2012 15:02:41 +0000 (17:02 +0200)]
SQ snapper: clean up snaphot path<->id conversion
Split into helper functions.
David Disseldorp [Mon, 15 Oct 2012 10:51:24 +0000 (12:51 +0200)]
snapper: sort decending for get_shadow_copy_data labels
Required for explorer to correctly present previous versions.
David Disseldorp [Sun, 14 Oct 2012 23:01:09 +0000 (01:01 +0200)]
SQ snapper: working snapshot delete support
David Disseldorp [Sun, 14 Oct 2012 21:25:37 +0000 (23:25 +0200)]
SQ snapper: implement get_shadow_copy_data
David Disseldorp [Sun, 14 Oct 2012 17:54:24 +0000 (19:54 +0200)]
WIP: add vfs_snapper module
Provides an interface for accessing and managing snapshot presented by
Snapper.
David Disseldorp [Tue, 16 Oct 2012 09:24:53 +0000 (11:24 +0200)]
s3-vfs: split @GMT token filter code into a common .c
David Disseldorp [Wed, 10 Oct 2012 12:55:52 +0000 (14:55 +0200)]
fsrvp: add tdb path arg to state read/write functions
This allows the local.fsrvp_state tests to run under selftest, where a
writeable lock dir path is not configured for smbtorture.
David Disseldorp [Sun, 14 Oct 2012 17:57:10 +0000 (19:57 +0200)]
SQ fsrvp: fix commit_sc_with_conn_done error path
David Disseldorp [Sun, 7 Oct 2012 15:10:52 +0000 (17:10 +0200)]
fsrvp: keep fss agent conn struct across async VFS reqs
Prior to this change, the VFS connection struct was created and
destroyed for each VFS async snapshot _send _recv call.
This behavour is not suitable for transparent VFS modules which pass
on the VFS handle to subsequent modules (e.g. vfs_time_audit).
David Disseldorp [Fri, 14 Sep 2012 18:55:40 +0000 (20:55 +0200)]
doc: add vfs_btrfs man page
David Disseldorp [Fri, 28 Sep 2012 09:40:42 +0000 (11:40 +0200)]
fsrvp: use fss server state storage back-end
MS-FSRVP outlines the requirement for persistent server state storage,
retrieved on startup. Store fss server state following snapshot
creation, deletion and exposure.
Storage and retrieval errors are logged but otherwise ignored. In such
a case, manual snapshot cleanup may be required if the server is
restarted with snapshots in existence.
smap sc_share_name was not set until exposure time, meaning there was
nothing available as a unique identifier. The sc_share_name is now set
immediately on sc/smap creation.
David Disseldorp [Tue, 11 Sep 2012 09:59:45 +0000 (11:59 +0200)]
torture: add local fsrvp state tests
Test the storage and retrieval of FSRVP server state.
David Disseldorp [Thu, 13 Sep 2012 12:51:27 +0000 (14:51 +0200)]
fsrvp: add rpc server state storage back-end
MS-FSRVP defines that the state of the rpc server must be persistent.
Use an fss_srv tdb to preserve such state.
David Disseldorp [Tue, 4 Sep 2012 13:14:41 +0000 (15:14 +0200)]
fsrvp: add memory context to fss_global
All shadow-copy sets are allocated using the fss_global context. Child
shadow-copy / share-map structures continue to be allocated using their
respective parents as a memory context.
David Disseldorp [Fri, 31 Aug 2012 09:34:20 +0000 (11:34 +0200)]
fsrvp: split out srv_fss structs into a separate header
In preperation for adding server state storage functionality.
David Disseldorp [Thu, 30 Aug 2012 14:38:17 +0000 (16:38 +0200)]
fsrvp: add permissions checking for operations
Only grant fsrvp operation processing to users with:
- Built-in Administrators group membership, or
- Built-in Backup Operators group membership, or
- Backup Operator privileges
David Disseldorp [Mon, 16 Apr 2012 14:59:45 +0000 (16:59 +0200)]
s3-rpc: set fssd server defaults to external & disabled
Also rename rpc_fss_mode to rpc_fssagentrpc_mode.
David Disseldorp [Tue, 1 May 2012 23:41:44 +0000 (01:41 +0200)]
fsrvp: remove "vfs objects" parameter from snapshot shares
David Disseldorp [Tue, 10 Apr 2012 12:32:41 +0000 (14:32 +0200)]
fsrvp: add fss_agent rpc server
The Samba fss_agent rpc server is an implementation the the File Server
Remote VSS (Volume Shadow Copy) Protocol, or FSRVP for short.
FSRVP is new to Windows Server 2012, and allows authenticated clients to
remotely request the creation, exposure and deletion of share snapshots.
The fss_agent rpc server processes requests on the FssAgentRpc named
pipe, and dispatches relavent snapshot creation and deletion requests
through to the VFS asynchronously.
The registry smb.conf backend is used to expose snapshot shares, with
configuration parameters cloned from the base share.
There are three FSRVP client implementations that I'm aware of:
- Samba rpcclient includes fss_X commands.
- Windows Server 2012 includes diskshadow.exe.
- System Center 2012.
David Disseldorp [Fri, 20 Apr 2012 16:34:17 +0000 (18:34 +0200)]
libsmbconf: add smbconf_create_set_share
This call creates a new share definition, using the parameters provided
with a smbconf_service structure.
Such an interface allows for simple cloning of services with:
smbconf_get_share(conf_ctx, mem_ctx, base_sharename, &base_service_def);
base_service_def->name = clone_sharename;
smbconf_create_set_share(conf_ctx, clone_sharename, base_service_def);
David Disseldorp [Sun, 14 Oct 2012 21:45:21 +0000 (23:45 +0200)]
SQ btrfs: add base_path arg to btrfs_snap_delete_send
David Disseldorp [Tue, 4 Sep 2012 13:29:58 +0000 (15:29 +0200)]
vfs: add snapshot create/delete calls to vfs_btrfs
Issue BTRFS_IOC_SNAP_CREATE_V2 and BTRFS_IOC_SNAP_DESTROY ioctls
accordingly. Base share paths must exist as btrfs subvolumes in order to
be supported for snapshot operations.
David Disseldorp [Sun, 14 Oct 2012 21:40:35 +0000 (23:40 +0200)]
SQ: vfs add base_path argument to snap_delete_send
David Disseldorp [Tue, 10 Apr 2012 01:16:57 +0000 (03:16 +0200)]
vfs: add snapshot create/delete hooks
David Disseldorp [Sun, 29 Apr 2012 21:51:52 +0000 (23:51 +0200)]
pidl: add [async] function property
With the "async" function property defined, the Samba3 rpc-server
dispatches the request to the backend asynchronously.
David Disseldorp [Fri, 27 Apr 2012 15:11:20 +0000 (17:11 +0200)]
pidl:s3-rpc: make pidl rpc server api calls async
David Disseldorp [Thu, 26 Apr 2012 12:53:33 +0000 (14:53 +0200)]
s3-rpc: make rpcint_dispatch async
David Disseldorp [Thu, 26 Apr 2012 11:26:04 +0000 (13:26 +0200)]
s3-rpc: make api_rpcTNP async
David Disseldorp [Thu, 26 Apr 2012 09:56:23 +0000 (11:56 +0200)]
s3-rpc: make api_pipe_request async
David Disseldorp [Thu, 26 Apr 2012 08:52:48 +0000 (10:52 +0200)]
s3-rpc: make process_request_pdu_send async
David Disseldorp [Wed, 25 Apr 2012 13:15:55 +0000 (15:15 +0200)]
s3-rpc: convert process_complete_pdu and callers async
David Disseldorp [Tue, 24 Apr 2012 17:49:59 +0000 (19:49 +0200)]
s3-rpc: split process_complete_pdu from process_incoming_data
In preparation for making process_complete_pdu() asynchronous.
David Disseldorp [Thu, 3 May 2012 11:52:32 +0000 (13:52 +0200)]
XXX add lp_enable_copychunk to toggle copychunk support
Usefull for benchmarking.
- DO NOT PUSH
David Disseldorp [Tue, 4 Sep 2012 13:27:38 +0000 (15:27 +0200)]
s3-vfs: add vfs_btrfs module
Currently it only plumbs itself into the copy_chunk call path,
translating such requests into BTRFS_IOC_CLONE_RANGE calls.
The ioctl definitions are taken from the GPLv2 licensed btrfs_ioctl.h.
Such interface definitions do not equate to copyrightable information;
therefore, they may remain part of the GPLv3 licensed Samba source.
Jeremy Allison [Fri, 18 Jan 2013 21:57:16 +0000 (13:57 -0800)]
Fix warnings with mismatched sizes in arguments to DEBUG statements.
This can cause compile errors on 32-bit systems.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jan 19 12:14:13 CET 2013 on sn-devel-104
(cherry picked from commit
853360b8e558f39218fc150ead367255f3a010b2)
Jeremy Allison [Thu, 17 Jan 2013 00:30:04 +0000 (16:30 -0800)]
Remove locking across the lifetime of the copychunk call.
Previous commit handles this around each read/write call.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan 18 01:47:01 CET 2013 on sn-devel-104
(cherry picked from commit
f0852a3483424d1242390011a65c427d3dbd80f2)
Jeremy Allison [Thu, 17 Jan 2013 00:29:11 +0000 (16:29 -0800)]
Move copychunk locking to be local to the read/write calls.
Eliminates the need to hold locks across the
entire lifetime of the call.
Next commit will remove these.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
f2d028ef552adf13eed10b7db47e35bfa89a9c02)
Jeremy Allison [Wed, 16 Jan 2013 20:58:17 +0000 (12:58 -0800)]
Add additional copychunk checks.
For printer, ipc$ connections, and directory handles.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
d562e9006a341ade6f38ee129598dd2e1dc3a493)
Jeremy Allison [Wed, 16 Jan 2013 20:51:32 +0000 (12:51 -0800)]
Move handle checking code to copychunk_check_handles().
Planning to add extra checks to ensure we don't attempt
copychunk on printer or IPC$ handles.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit
d6e10f00666b9baa17927067e58361ab39901fa1)
David Disseldorp [Tue, 15 Jan 2013 16:23:12 +0000 (17:23 +0100)]
smb2_ioctl: copychunk request max output validation
Check that the copychunk ioctl request maximum output specified by the
client is large enough to hold copychunk response data.
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 17 00:59:44 CET 2013 on sn-devel-104
(cherry picked from commit
8e63a72ec1e9ea9efcbcdf156274afaed9a4b2ea)
David Disseldorp [Tue, 15 Jan 2013 16:23:11 +0000 (17:23 +0100)]
smb2_ioctl: track copychunk response output state
Treat the response data independent to the status.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
bf07c33dac37442b8f5b49e68653f8ef629ff679)
David Disseldorp [Tue, 15 Jan 2013 16:23:10 +0000 (17:23 +0100)]
smb2_ioctl: copychunk CHECK_READ and CHECK_WRITE
[MS-SMB2] 3.3.5.15.6 Handling a Server-Side Data Copy Request, specifies
that the copychunk destination file handle be granted FILE_WRITE_DATA
and FILE_READ_DATA access.
FILE_READ_DATA access must also be granted on the copychunk source file,
which may be done implicitly with execute permission.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
cb323281c1f2b66f2b42527cda722e57ca1f1f23)
David Disseldorp [Tue, 15 Jan 2013 16:23:09 +0000 (17:23 +0100)]
torture: copychunk test suite improvements
Allow for large files in test_setup_copy_chunk():
Write test data in 1M IOs, rather than attempting to do the whole
thing in one go.
Add copychunk bad resume key test:
Send a copy chunk request with an intentionally bogus resume key
(source key handle).
Add copychunk src=dest test:
Test copychunk requests where the source and destination handles refer
to the same file.
Add copychunk src=dest overlap test.
Add desired access args to test_setup_copy_chunk().
Add copychunk_bad_access test:
Open the copychunk source and destination files with differing
desired_access values. Confirm copychunk response matches 2k8 and 2k12
behaviour.
Add copy_chunk_src_exceed test:
Attempts to copy more data than is present in the copychunk source
file.
Add copy_chunk_src_exceed_multi test:
Test whether the first chunk in a multi-chunk copychunk request is
written to disk, where the second chunk is invalid due to src file
overrun.
Add copy_chunk_sparse_dest test:
Issue a request where the target offset exceeds the file size, resulting
in a sparse region.
Add copy_chunk_max_output_sz test.
(cherry picked from commit
456724f05d79733fe805a3209231c565d69d2be3)
David Disseldorp [Tue, 15 Jan 2013 16:23:08 +0000 (17:23 +0100)]
smb2_ioctl: only pass through to VFS on a valid fsp
A null fsp is dereferenced on VFS call.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
c3cc51e8a2f31565c3bac219ea3a78ab4287bcd5)
David Disseldorp [Tue, 15 Jan 2013 16:23:07 +0000 (17:23 +0100)]
torture: replace ioctl failure returns with helper calls
Also change test_ioctl_get_shadow_copy() to use torture_skip(), and
clean up test output.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
bfe765367e1425fc3ae98e6b8183e6ac5476e97b)
David Disseldorp [Tue, 15 Jan 2013 16:23:06 +0000 (17:23 +0100)]
torture: add locking tests for copychunk
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
42a5a6c0f61f0c863bac1bf65e7045f1ce086409)
David Disseldorp [Tue, 15 Jan 2013 16:23:05 +0000 (17:23 +0100)]
smb2_ioctl: perform locking around copychunk requests
For each chunk in a copychunk request, take a read and write lock on
the source and destination files respectively.
Also change the resume key format to use a combination of the persistent
and volatile handles. Thanks to Metze for his help on this.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a7c2f13d7a5646f2a63ce33e8155ce79d10ef696)
David Disseldorp [Tue, 15 Jan 2013 16:23:04 +0000 (17:23 +0100)]
smbd: split out file_fsp_get from file_fsp_smb2
Obtain the files_struct from smb2req, persistent_id and
volatile_id.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7ca8663e313a55fd6157cf20eb02c2ac8be94a00)
David Disseldorp [Tue, 15 Jan 2013 16:23:03 +0000 (17:23 +0100)]
torture: skip FSCTL_SRV_ENUM_SNAPS test when not supported
If FSCTL_SRV_ENUM_SNAPS fails with NT_STATUS_NOT_SUPPORTED then skip the
test, this means we can run the full ioctl test suite as part of
autobuild.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3619b1a7b2b5a2bfe6fdb13ecb4650ae575ab3e8)
David Disseldorp [Tue, 15 Jan 2013 16:23:02 +0000 (17:23 +0100)]
selftest: enable samba3.smb2.ioctl tests against s3fs
These tests are now expected to pass with copy-chunk support now
implemented.
This effectively reverts
632b1042aed94a71d810613fcdbbfecf615a25fa.
(cherry picked from commit
bc59ebf5231b44220598dfdf44c9a2cfcc538711)
David Disseldorp [Tue, 15 Jan 2013 16:23:01 +0000 (17:23 +0100)]
smb2_ioctl: remove ioctl error response assumptions
MS-SMB2 3.3.4.4 documents cases where a ntstatus indicating an error
should not be considered a failure. In such a case the output data
buffer should be sent to the client rather than an error response
packet.
Add a new fsctl copy_chunk test to confirm field limits are sent back
in response to an oversize chunk request.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
65983aac12e5ecb12157b39c7bec464388716f27)
David Disseldorp [Tue, 15 Jan 2013 16:23:00 +0000 (17:23 +0100)]
smb2_ioctl: add support for FSCTL_SRV_COPYCHUNK
SMB2 clients can issue FSCTL_SRV_COPYCHUNK requests in order to copy
data between files on the server side only, rather than reading data
then writing back from the client. FSCTL_SRV_COPYCHUNK is used by
default for Explorer SMB2 file copies on Windows Server 2012.
2.2.32.1 SRV_COPYCHUNK_RESPONSE in [MS-SMB2] describes the requirement
for the server to provide maximum copychunk request size limits in ioctl
responses carrying STATUS_INVALID_PARAMETER.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e38d9f71d90e6b20a027d91d4768d91378728621)
David Disseldorp [Tue, 15 Jan 2013 16:22:59 +0000 (17:22 +0100)]
s3-vfs: add copy_chunk vfs hooks
copy_chunk copies n bytes from a source file at a specific offset to a
destination file at a given offset. This interface will be used in
handling smb2 FSCTL_SRV_COPYCHUNK ioctl requests.
Use a pread/pwrite loop in vfs_default, so that requests referring to
the same src and dest file are possible.
Provide send and receive hooks for copy chunk VFS interface, allowing
asynchronous behaviour.
Check whether the request source offset + length exceeds the current
size. Return STATUS_INVALID_VIEW_SIZE under such a condition, matching
Windows server behaviour.
(cherry picked from commit
ef00eb90e56dfac2d823582cec92abf1fa9905f1)
David Disseldorp [Tue, 15 Jan 2013 16:22:58 +0000 (17:22 +0100)]
smb2_ioctl: add FSCTL_SRV_REQUEST_RESUME_KEY support
Use existing ioctl IDL infrastructure for marshalling. Support for this
ioctl is a prerequisite for FSCTL_SRV_COPYCHUNK handling.
The client-opaque resume key is constructed using the server side
dev/inode file identifier.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2bde9636888067210dc38523b6fafaa0b179ec3b)
David Disseldorp [Tue, 15 Jan 2013 16:22:57 +0000 (17:22 +0100)]
smb2_ioctl: split ioctl handler code on device type
Add per device type ioctl handler source files for FSCTL_DFS,
FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM.
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
14bd6c8b0954ad58ac4e3e157835594c26bfa97a)
David Disseldorp [Tue, 15 Jan 2013 16:22:56 +0000 (17:22 +0100)]
smb2_ioctl: split ioctl handlers into separate funtions
Reviewed by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
958b21c28dacad38cd64e79ca7d77cd8acc20dd0)
Andreas Schneider [Fri, 30 Nov 2012 09:57:39 +0000 (10:57 +0100)]
torture: Fix copy and paste error.
Found by Coverity.
(cherry picked from commit
1b170c29bc9239e2077e70c929e7426f5b19104d)
Richard Sharpe [Thu, 28 Mar 2013 02:36:43 +0000 (19:36 -0700)]
Make sure that we only propogate the INHERITED flag when we are allowed to.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Fix bug #9747 - When creating a directory Samba allows inherited bit to slip
through.
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Apr 2 23:07:34 CEST 2013 on sn-devel-104
Andrew Bartlett [Fri, 22 Mar 2013 02:47:46 +0000 (13:47 +1100)]
build: Do not pass CPP="" to pidl, skip the env variable entirely
This will cause pidl to use $CC -E instead.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
afe9343880ee27cf9fe937c6379c469435ef20d6)
The last 2 patches address bug #9739 - [PATCH] PIDL build fixes for hosts
without CPP (Solaris 11).
Andrew Bartlett [Fri, 22 Mar 2013 02:06:43 +0000 (13:06 +1100)]
build: Remove the forced use of only the first part of the compiler string
This corrects parts of
378295c3fe813c70815a14c7de608e4a859bd6cc and
301d59caf2ee6f49e108b748b0e38221dec9bb96. This is seen if CC="ccache
gcc" and CPP isn't used for some reason.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
7dc6dfd90c5182ed85042b22d4864d3e9b007531)
Andrew Bartlett [Wed, 27 Feb 2013 13:03:19 +0000 (00:03 +1100)]
scripting: No longer install samba_upgradeprovision
This tool is an important part of the toolkit a Samba Team member can
use to assist a user with the upgrade of a very old Samba 4.0 AD DC
installation.
However, like all powerful tools, it has sharp edges, and these need
to have more protection added before we recommend the tool be used.
The WHATSNEW already indicated that this tool should not be used but a
large number of users have run it, and due to lack of testing in the
past, some have run into bugs.
While this tool can be run in debug modes, by default it simply fixes
the database following a series of internal rule. This does a good
job much of the time, but does not request permission in the way that
dbcheck does, and will create extra objects for things like the DNS
partitions.
By removing this from the installed binaries, we provide another
signal that it should not be used right now, until these matters are
fixed and some clear documentation on how to safely use the tool can
be written.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Mar 12 02:51:23 CET 2013 on sn-devel-104
(cherry picked from commit
389197e7c31e8d6616e6503181c088940ddb5986)
Fix bug #9728 - DO NOT install samba_upgradeprovision in 4.0.x.
Andrew Bartlett [Thu, 27 Dec 2012 23:05:40 +0000 (10:05 +1100)]
scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them
This allows the script to be used to create/remove the samba-specific dns-SERVER account
when we do not need to create the in-directory partition.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
(cherry picked from commit
edbc26bca84ee77b5a9571ba8dc9416c0db25906)
Fix bug #9721 - samba_upgradedns patch for robustness (do not guess addresses
when just changing roles).
Andrew Bartlett [Fri, 21 Dec 2012 22:28:05 +0000 (09:28 +1100)]
samba-tool classicupgrade: Do not print the admin password during upgrade
This changes the code to only set and show a new password if no admin
user is found during the upgrade.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 10 16:55:23 CET 2013 on sn-devel-104
(cherry picked from commit
051a1a9c6417c2cbffa7d091ae477a6c7922d363)
Fix bug #samba-tool classicupgrade patch to not print incorrect admin passwords.
Andrew Bartlett [Thu, 23 Aug 2012 05:18:13 +0000 (15:18 +1000)]
s4-dbcheck: Allow forcing an override of an old @MODULES record
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
99d872ee9261a299add4718c38234dfe9f7658fc)
Fix bug #9719 - dbcheck patch from master needed in 4.0.