Jeremy Allison [Tue, 18 Sep 2018 19:02:29 +0000 (12:02 -0700)]
s3: smbd: smb2-posix: Wrap get_reparse_point in a function so it can be worked on separately.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 18 Sep 2018 16:03:22 +0000 (09:03 -0700)]
s3: smbd: smb2-posix: Add SAMBA_XATTR_REPARSE_ATTRIB "user.SmbReparse" name.
Ensure it's prohibited for normal user access.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 14 Sep 2018 22:30:42 +0000 (15:30 -0700)]
s3: smbd: smb2-posix: Allow POSIX open/create of a reparse point handle.
Some restrictions apply :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 14 Sep 2018 20:34:06 +0000 (13:34 -0700)]
s3: smbd: smb2-posix: Add is_reparsepoint bool to files_struct.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 17 Jul 2018 19:51:55 +0000 (12:51 -0700)]
s3: smbd: Check appropriate lp_smb1_unix_extensions() or lp_smb2_unix_extensions().
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 17 Jul 2018 18:50:41 +0000 (11:50 -0700)]
s3: smbd: Enable unix extensions if SMB1 or SMB2 parameter turned on.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 17 Jul 2018 18:19:52 +0000 (11:19 -0700)]
s3: docs: Add "smb2 unix extensions" parameter.
Defaults to "no".
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 16 Jul 2018 23:29:05 +0000 (16:29 -0700)]
s3: smbd: Rename 'unix extensions' -? 'smb1 unix extensions'.
Make 'unix extensions' a synonym.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 16 Jul 2018 22:51:09 +0000 (15:51 -0700)]
s3: smbd: Change uses of lp_unix_extensions() -> unix_extensions_enabled().
Will allow us to split this into smb1_unix_extensions() and
smb2_unix_extensions() later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 16 Jul 2018 19:23:39 +0000 (12:23 -0700)]
s3: param: Wrap 'lp_unix_extensions()' with 'unix_extensions_enabled()'
Not yet used. Moving to splitting out the smb1 and smb2 unix extensions
parameter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 25 May 2018 22:20:51 +0000 (15:20 -0700)]
s3: smbd: Mark unix directory opens as case-sensitive.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 25 May 2018 22:00:51 +0000 (15:00 -0700)]
s3: smbd: Use case_sensitive bool in struct smb_Dir
No change in behavior.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 25 May 2018 21:56:17 +0000 (14:56 -0700)]
s3: smbd: Add a case_sensitive field to struct smb_Dir.
Initialize from conn->case_sensitive. Will be used to decouple
SMB2 UNIX case sensitive from conn struct.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 24 May 2018 23:37:31 +0000 (16:37 -0700)]
s3: smbd: posix filenames are never mangled.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 24 May 2018 23:25:11 +0000 (16:25 -0700)]
s3: smbd: Add wrapper function for mangle_is_mangled().
No current change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 24 May 2018 23:17:48 +0000 (16:17 -0700)]
s3: smbd: Correctly set case settings for SMB2 posix pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 24 May 2018 22:41:13 +0000 (15:41 -0700)]
Use local variables for case_sensitive/case_preserve/short_case_preserve.
Will allow easy change for SMB2 posix pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 22:37:52 +0000 (14:37 -0800)]
WIP: s3: smbd: Allow fchmod from the NFS-style mode ACL in set_nt_acl() for a SMB2 POSIX handle.
To set a mode, send a one-element ACL.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 22:16:29 +0000 (14:16 -0800)]
s3: smbd: smbd_do_query_security_desc() can now be made static to nttrans.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 22:15:05 +0000 (14:15 -0800)]
s3: smbd: Expand smb2_query_security_desc() into a copy of smbd_do_query_security_desc().
Make the called functions smbd_fetch_security_desc()/smbd_marshall_security_desc()
public.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 22:10:30 +0000 (14:10 -0800)]
s3: smbd: Add smb2_query_security_desc() - currently a wrapper for smbd_do_query_security_desc().
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 21:59:00 +0000 (13:59 -0800)]
s3: smbd: Add smbd_marshall_security_desc().
Split smbd_do_query_security_desc() into two calls:
smbd_fetch_security_desc()
smbd_marshall_security_desc()
This will allow SMB2 POSIX handles to insert security descriptor ACE
elements between them.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Mar 2018 21:38:07 +0000 (13:38 -0800)]
s3: smbd: Split out smbd_fetch_security_desc() from smbd_do_query_security_desc().
I'm going to split this up into a fetch()/marshal() pair to allow
smb2 posix handles to insert the extra mode info between the two.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 18 Dec 2017 21:27:06 +0000 (13:27 -0800)]
Plumb SMB2_FIND_POSIX_INFORMATION through the directory reading code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 18 Dec 2017 21:26:41 +0000 (13:26 -0800)]
Add SMB2_FIND_POSIX_INFORMATION definition for SMB2 unix extensions.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 14 Dec 2017 23:18:21 +0000 (15:18 -0800)]
s3: smbd: Add SMB2_FILE_POSIX_INFORMATION getinfo info level (100 on the wire).
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 14 Dec 2017 01:12:50 +0000 (17:12 -0800)]
s3: Update VFS version comment.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 13 Dec 2017 20:04:03 +0000 (12:04 -0800)]
s3: smbd: Plumb in POSIX lock requests through SMB2 lock calls if done on a POSIX handle.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 13 Dec 2017 20:00:33 +0000 (12:00 -0800)]
s3: smbd: Add lock_flav element to struct smbd_lock_element.
In preparation for passing through POSIX lock requests on a
posix-open smb2 handle using the normal lock calls.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 12 Dec 2017 23:26:26 +0000 (15:26 -0800)]
s3: smbd: Remove the overloading of file_attributes with POSIX permissions on a posix open.
Add a new mode_t parameter, but only look at it if file_attributes & FILE_FLAG_POSIX_SEMANTICS
is true.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 12 Dec 2017 20:08:26 +0000 (12:08 -0800)]
Update note on VFS interface number.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 12 Dec 2017 20:04:56 +0000 (12:04 -0800)]
s3: smbd: Convert uses of FILE_FLAG_POSIX_SEMANTICS in VFS_CREATE to passing in smb2 posix create context.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 9 Dec 2017 00:45:47 +0000 (16:45 -0800)]
Move the handling of the internals of the SMB2 posix create context into open.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 9 Dec 2017 00:35:12 +0000 (16:35 -0800)]
Add make_smb2_posix_create_ctx().
We'll probably end up using this in the client code,
but for now I want it so I can remove uses of the horrid
posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777
idiom, or at least hide them inside source3/smbd/open.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 9 Dec 2017 00:30:49 +0000 (16:30 -0800)]
SQUASH: Ensure we can only set permission bits.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Sat, 9 Dec 2017 00:15:25 +0000 (16:15 -0800)]
SQUASH: We should be using unix_perms_to_wire here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 8 Dec 2017 23:18:54 +0000 (15:18 -0800)]
SQUASH: Fix offset when linearizing posix info blob.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 21 Sep 2017 22:03:38 +0000 (15:03 -0700)]
WIP.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 19 Sep 2017 01:00:20 +0000 (18:00 -0700)]
WIP. Implement the server-side of the SMB2 create context code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 18 Sep 2017 19:50:37 +0000 (12:50 -0700)]
WIP. Add client support to ask for UNIX extensions.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 18 Sep 2017 19:35:59 +0000 (12:35 -0700)]
WIP. Allow server to return SMB2 UNIX extensions if client requests it.
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 15 Feb 2019 23:54:30 +0000 (15:54 -0800)]
smb2-unix: Add definitions for negprot and create context.
Signed-off-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 11 Feb 2019 08:03:39 +0000 (09:03 +0100)]
libcli: Pass buf/len to smb2_negotiate_context_add
Every caller did a data_blob_const() right before calling
smb2_negotiate_context_add(). Avoid that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 25 21:07:22 CET 2019 on sn-devel-144
Volker Lendecke [Fri, 15 Feb 2019 20:22:18 +0000 (21:22 +0100)]
libsmb: Resolve special _recv handling in cli_ntcreate
cli_smb2_create_fnum_recv will gain output create blobs soon and thus
differ from the NT1 function.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 11 Feb 2019 08:02:39 +0000 (09:02 +0100)]
smbd: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Fri, 8 Feb 2019 16:26:04 +0000 (17:26 +0100)]
torture: Use GUID_zero()
10 lines less...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Sun, 24 Feb 2019 16:15:23 +0000 (08:15 -0800)]
s3: smbd: filenames - ensure we replace the missing '/' if we error in an intermediate POSIX path.
Previous regression test ensures we still return the correct
error code for POSIX pathname operations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 25 09:33:27 CET 2019 on sn-devel-144
Jeremy Allison [Sun, 24 Feb 2019 16:03:32 +0000 (08:03 -0800)]
s3: torture: Add additional POSIX mkdir tests.
Ensure that if POSIX_foo exists as a file
we return the correct error code NT_STATUS_OBJECT_PATH_NOT_FOUND
if we try and traverse it as a directory.
Also ensure creation/deletion of POSIX_foo/foo fails
for directories and files with NT_STATUS_OBJECT_PATH_NOT_FOUND
if the directory POSIX_foo/ doesn't exist.
knownfail is back :-).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Mon, 21 Jan 2019 01:16:43 +0000 (12:16 +1100)]
ctdb-cluster-mutex: Separate out command and file handling
This code is difficult to read and there really is no common code
between the 2 cases. For example, there is no need to split a
filename into words. Separating each of the 2 cases into its own
function makes the logic much easier to understand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Feb 25 03:40:16 CET 2019 on sn-devel-144
Martin Schwenke [Mon, 21 Jan 2019 01:15:33 +0000 (12:15 +1100)]
ctdb-tests: Add a test for configuring the recovery lock as a command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 21 Jan 2019 01:13:29 +0000 (12:13 +1100)]
ctdb-tests: Add -R option for local daemons to use recovery lock command
Under the covers, a command is always used. However, there is no way
of testing of the code path where a command is explicitly configured.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 21 Jan 2019 01:13:08 +0000 (12:13 +1100)]
ctdb-tests: Force test failure if local daemon setup fails
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 22 Feb 2019 04:09:33 +0000 (15:09 +1100)]
ctdb-recoverd: Time out attempt to take recovery lock after 120s
Currently this will wait forever. It really needs a timeout in case
the cluster filesystem (or other lock mechanism) is completely wedged.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Jan 2019 03:01:57 +0000 (14:01 +1100)]
ctdb-recoverd: Ban node on unknown error when taking recovery lock
We really shouldn't see unknown errors. They probably represent a
misconfigured recovery lock or similar.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Jan 2019 02:24:34 +0000 (13:24 +1100)]
ctdb-recoverd: Make recoverd context available in recovery lock handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 21 Jan 2019 05:36:13 +0000 (16:36 +1100)]
ctdb-recoverd: Clean up logging on failure to take recovery lock
Add an explicit case for a timeout and clean up the other messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 21 Jan 2019 05:28:28 +0000 (16:28 +1100)]
ctdb-recoverd: Free cluster mutex handler on failure to take lock
If nested events occur while the file descriptor handler is still
active then chaos can ensue. For example, if a node is banned and the
lock is explicitly cancelled (e.g. due to election loss) then
double-talloc-free()s abound.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13800
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 10 Jan 2019 03:15:18 +0000 (14:15 +1100)]
ctdb-config: Change example recovery lock setting to one that fails
ctdbd will start without a recovery lock configured. It will log a
message saying that this is not optimal. However, a careless user may
overlook both this message and the importance of setting a recovery
lock. If the existing example configuration is uncommented then the
directory containing it will be created (by 01.reclock.script) and the
failure (i.e. multiple nodes able to take the lock) will be confusing.
Instead, change the example setting to one that will result in banned
nodes, encouraging users to consciously configure (or deconfigure) the
recovery lock. Tweak the corresponding comment.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13790
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Jeremy Allison [Sat, 23 Feb 2019 20:24:31 +0000 (12:24 -0800)]
smbd: unix_convert: Ensure we don't call get_real_filename on POSIX paths.
For posix_pathnames don't blunder into the name_has_wildcard OR
get_real_filename() codepaths as they may be doing case insensitive lookups.
So when creating a new POSIX directory 'Foo' they might
match on name 'foo'.
Remove POSIX-MKDIR from knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Feb 24 14:04:14 CET 2019 on sn-devel-144
Jeremy Allison [Sat, 23 Feb 2019 20:26:01 +0000 (12:26 -0800)]
smbd: SMB1-POSIX: Add missing info-level SMB_POSIX_PATH_OPEN for UCF_UNIX_NAME_LOOKUP flag.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Sun, 24 Feb 2019 01:52:34 +0000 (17:52 -0800)]
s3: smbtorture3: Add POSIX-MKDIR test for posix_mkdir case sensitive bug.
Test does:
mkdir POSIX_foo
mkdir POSIX_Foo
mkdir POSIX_foo/Foo
mkdir POSIX_foo/foo
mkdir POSIX_Foo/Foo
mkdir POSIX_Foo/foo
Which should pass a SMB1 POSIX extensions server
as posix mkdir should always be case sensitive
no matter what the share is set to.
Mark as knownfail for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 21 Feb 2019 15:55:09 +0000 (16:55 +0100)]
winbindd: set idmap cache entries as the last step in async wb_xids2sids
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Feb 23 09:23:22 CET 2019 on sn-devel-144
Ralph Boehme [Fri, 22 Feb 2019 10:00:00 +0000 (11:00 +0100)]
winbindd: track whether a result from xid2sid was coming from the cache
This is needed in preparation of moving the step to update the idmap
cache from the per-idmap-domain callback wb_xids2sids_dom_done() to the
top-level callback wb_xids2sids_done().
Currently the sequence of action is:
* check cache, if not found:
* ask backends
* cache result from backend
* return results
Iow, if we got something from the cache, we don't write the cache.
The next commit defers updating the cache to the top-level callback, so
the sequence becomes
* check cache, if not found:
* ask backends
* cache results
* return results
This has two problems:
* it needlessly writes to the cache what we just got from it
* it possibly overwrites the ID_TYPE_BOTH for a SID-to-xid mapping in
the following case:
- existing ID_TYPE_BOTH mapping in the cache, eg:
IDMAP/SID2XID/S-1-5-21-
2180672342-
2513613279-
2566592647-512 -> Value:
3000000:B
- someone calls wb_xids2sids_send() with xid.id=
3000000,xid.type=ID_TYPE_GID
- cache lookup with idmap_cache_find_gid2sid() succeeds
- when caching results we'd call idmap_cache_set_sid2unixid() with the
callers xid.type=ID_TYPE_GID, so idmap_cache_set_sid2unixid() will
overwrite the SID-to-xid mapping with ID_TYPE_GID
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 21 Feb 2019 15:52:21 +0000 (16:52 +0100)]
winbindd: switch send-next/done order
In preparation of adding more logic to the done step. No change in
behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 21 Feb 2019 17:40:20 +0000 (18:40 +0100)]
winbindd: update xid in wb_xids2sids_state->xids with what we got
In preparation of priming the idmap cache in the top-level
wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 21 Feb 2019 17:39:46 +0000 (18:39 +0100)]
winbindd: convert id to a pointer in wb_xids2sids_dom_done()
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Fri, 22 Feb 2019 15:29:07 +0000 (16:29 +0100)]
winbindd: make xids a const argument to wb_xids2sids_send()
The previous commit made an internal copy of xids, this commit makes it
more obvious that we must not mess with the xids argument but treat it as
an in-parameter and don't write to it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 21 Feb 2019 17:34:51 +0000 (18:34 +0100)]
winbindd: make a copy of xid's in wb_xids2sids_send()
This is in preparation of setting the result of the mapping in the top-
level callback wb_xids2sids_done(), not in the per-idmap-domain callback
wb_xids2sids_dom_done().
When caching the mapping we need the id-type from the backend, so we
need a way to pass up that information from wb_xids2sids_dom_done() up
to wb_xids2sids_done()
The xids array copy gets passed from wb_xids2sids_send() to
wb_xids2sids_dom_send(), so wb_xids2sids_dom_done() can then directly
update the top-level copy.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13802
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Fri, 22 Feb 2019 12:10:30 +0000 (13:10 +0100)]
s3:winbindd: Remove unused arcfour.h from PAM handling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 22 23:16:40 CET 2019 on sn-devel-144
Andreas Schneider [Fri, 22 Feb 2019 12:09:40 +0000 (13:09 +0100)]
s3:rpc_server: Remove unused arcfour.h from netlogon
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 22 Feb 2019 12:07:15 +0000 (13:07 +0100)]
s3:auth: Remove unused arcfour.h from auth_util.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 22 Feb 2019 12:03:04 +0000 (13:03 +0100)]
s3:auth: Remove unused arcfour.h header from server_info.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 6 Nov 2018 16:36:31 +0000 (17:36 +0100)]
s4:dns_crypto: Remove unused include of hmac_md5.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 20 Feb 2019 10:55:01 +0000 (11:55 +0100)]
libsmb: Fix a resource leak in cli_posix_mkdir
smbd does posix_mkdir if the wire flags are exactly
if (wire_open_mode == (SMB_O_CREAT|SMB_O_DIRECTORY))
open_flags_to_wire however adds a SMB_O_RDONLY, so that we enter the
normal open routine which happens to create a directory as well. The
main difference is that posix_mkdir does *NOT* return an open
handle. As we did not enter this code path due to the SMB_O_RDONLY we
leak a SMB1 fd per cli_posix_mkdir call.
Pretty hard to test automatically, this would be an interaction with
smbstatus.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 20 Feb 2019 10:41:42 +0000 (11:41 +0100)]
libsmb: Pull up wire_flags calculation from open_internal
This avoids passing down a boolean
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 15 Feb 2019 19:14:47 +0000 (20:14 +0100)]
libsmb: Convert cli_posix_open to normal tevent_req pattern
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Mark Niggemann [Thu, 8 Jun 2017 16:20:46 +0000 (11:20 -0500)]
set caller allocation units in statvfs f_bavail
Signed-off-by: Mark Niggemann <mark.niggemann@ge.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Fri Feb 22 15:04:55 CET 2019 on sn-devel-144
Jiří Šašek [Thu, 6 Dec 2018 13:10:53 +0000 (14:10 +0100)]
notifyd: Fix SIGBUS on sparc
Problem is the structure "struct notify_instance" can lay in message buffer on
address not dividable by 8 but this structure begins by uint_64 (secs in
time-stamp). Structure should be re-packed to standalone buffer before the use.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13704
Signed-off-by: jiri.sasek@oracle.com
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Fri Feb 22 12:30:11 CET 2019 on sn-devel-144
Christof Schmitt [Tue, 19 Feb 2019 20:59:05 +0000 (13:59 -0700)]
ctdb-tests: Add test for ctdb_io.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13791
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Feb 22 03:51:37 CET 2019 on sn-devel-144
Swen Schillig [Fri, 15 Feb 2019 13:34:05 +0000 (14:34 +0100)]
ctdb: buffer write beyond limits
In order to calculate the number of bytes correctly which
are to be read into the buffer, the buffer.offset must be taken
into account.
This patch fixes a regression introduced by
382705f495dd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13791
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Andrew Bartlett [Thu, 21 Feb 2019 02:53:07 +0000 (15:53 +1300)]
selftest: Confirm new and old SDDL strings differ after a samba-tool dsacl set
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 21 05:37:31 CET 2019 on sn-devel-144
Andrew Bartlett [Thu, 21 Feb 2019 02:49:25 +0000 (15:49 +1300)]
selftest: Add test for samba-tool dsacl get, cross-checked with samba-tool dsacl set
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 21 Feb 2019 02:33:01 +0000 (15:33 +1300)]
samba-tool dsacl: Mark old and new descriptor output correctly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Martin Krämer [Wed, 9 Jan 2019 15:13:58 +0000 (15:13 +0000)]
Add command "samba-tool dsacl get" This code is very equal to "samba-tool dsacl set", except it only prints out the current sddl of an object.
Signed-off-by: Martin Krämer <mk.maddin@gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Martin Krämer [Sat, 26 Jan 2019 09:17:25 +0000 (09:17 +0000)]
Update dsacl.py - add_ace to handle/verify sddl parameter correct
Test for samba-tool dsacl set --sddl parmeter
Update tests.py - add dsacl (dsacl.py / samba-tool dsacl set) test
Signed-off-by: <Martin Krämer mk.maddin@gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Fri, 8 Feb 2019 03:28:18 +0000 (16:28 +1300)]
bootstrap/README.md: add README.md
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Tue, 12 Feb 2019 00:01:17 +0000 (13:01 +1300)]
bootstrap/dists: add rendered files for dists
Add these into repo, then we can link it to samba wiki,
for people to get a latest and precise pkg list
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Sun, 17 Feb 2019 23:47:50 +0000 (12:47 +1300)]
bootstrap/docker.py: add cli to build/tag/push docker images
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Sun, 17 Feb 2019 23:31:28 +0000 (12:31 +1300)]
bootstrap/template.py: add cli to render templates
- bootstrap for each dist
- Dockerfile for each dist
- Vagrantfile all in one
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Thu, 7 Feb 2019 01:07:33 +0000 (14:07 +1300)]
bootstrap/config.py: define package lists and templates
Define default pkg list, and allow to override for each dist.
Also define bootstrap/Dockerfile/Vagrantfile templates.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Fri, 15 Feb 2019 09:55:51 +0000 (22:55 +1300)]
selftest/tests: add smoketests for dbcheck --quick-membership-checks
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Fri, 15 Feb 2019 09:15:23 +0000 (22:15 +1300)]
selftest/tests: add helper method to simplify plantestsuite
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Thu, 3 Jan 2019 02:55:16 +0000 (15:55 +1300)]
dbcheck: skip reverse member link checks when cli option specified
currently dbcheck cmd tooks about 1 day to finish on a 100k user database.
We can skip member reverse link checks to speed it up dramatically.
A new cli option is added to enable the skipping.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Fri, 15 Feb 2019 10:04:23 +0000 (10:04 +0000)]
s4/param: Fix provision_get_schema leaking python object
provision_get_schema returns a ldb_context object which is stored
in a python object. As a result the parent python object is never
decrefed and probably not released ever.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
David Disseldorp [Mon, 18 Feb 2019 23:33:06 +0000 (00:33 +0100)]
vfs_ceph: refactor if-error-return-else logic
vfs_ceph has quite a few occurrences of:
if (result < 0) {
WRAP_RETURN(result); /* calls return */
} else {
...
}
This change drops the superfluous else {} encapsulation and also removes
duplication of ceph statx debug messages.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Feb 20 13:56:09 CET 2019 on sn-devel-144
David Disseldorp [Mon, 18 Feb 2019 16:41:08 +0000 (17:41 +0100)]
vfs_glusterfs: check for VFS_ADD_FSP_EXTENSION() failure
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Gary Lockyer [Wed, 6 Feb 2019 20:57:14 +0000 (09:57 +1300)]
WHATSNEW: winbind authentication logging
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 20 07:43:10 CET 2019 on sn-devel-144
Gary Lockyer [Mon, 28 Jan 2019 02:31:46 +0000 (15:31 +1300)]
winbind: Log PAM and NTLM authentications.
Generate JSON authentication messages for winbind PAM_AUTH and
PAM_AUTH_CRAP requests. The logon_id in these messages can be used to
link them to the SamLogon messages.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Fri, 1 Feb 2019 00:49:49 +0000 (13:49 +1300)]
winbind: Generate and pass logon ID
Generate a random logon_id and pass it in the SamLogon calls.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Fri, 1 Feb 2019 00:46:01 +0000 (13:46 +1300)]
kdc hdb: Generate and pass logon ID
Generate and pass the logon_id in SamLogon calls
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>