Gregor Beck [Mon, 3 Sep 2012 11:55:50 +0000 (13:55 +0200)]
s3:auth: use const in smb_pam_xxx_session()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 18 Oct 2012 14:14:19 +0000 (16:14 +0200)]
s3:auth: remove duplicate propotypes for smb_pam_claim_session and smb_pam_close_session
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 9 Oct 2012 07:38:36 +0000 (09:38 +0200)]
s3:smbd/utmp: remove ip address from utmp record
1. This was broken since Samba 3.2. when ipv6 support was
added, it only worked for ipv6 addresses.
2. userspace tools only display the hostname field.
3. This is not really portable
metze
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 18 Oct 2012 14:06:42 +0000 (16:06 +0200)]
s3:smbd: remove duplicate prototypes for sys_utmp_claim() an sys_utmp_yield()
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 9 Oct 2012 12:35:04 +0000 (08:35 -0400)]
s3:smbd: add exit_server to the smbd_shim hooks
This is in preparation of moving sessionid_tdb and conn_tdb
to smbd exclusively.
metze
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 18 Oct 2012 13:59:55 +0000 (15:59 +0200)]
s3:smbd: move initialization of the smbd_shim from smbd_init_globals() to main()
This is in preparation of adding server exit hooks to the shim.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 18 Oct 2012 13:58:01 +0000 (15:58 +0200)]
s3: fix comment header description for smbd_shim
This was copy'n'pasted from "RPC pipe client"...
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 17 Oct 2012 12:59:30 +0000 (14:59 +0200)]
s3:smbd: update sconn->remote_hostname after the netbios session request
Also update the info in the new smbXsrv structure.
This way we can log the remote name in status outputs.
metze
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 8 Oct 2012 09:18:03 +0000 (11:18 +0200)]
buildtools/wafsamba: only display 'ok' if the result is True
Otherwise we print the raw value.
metze
Signed-off-by: Michael Adam <obnox@samba.org>
Jelmer Vernooij [Fri, 19 Oct 2012 07:53:02 +0000 (09:53 +0200)]
samba-tool user test: Fix expected output.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Fri Oct 19 11:37:44 CEST 2012 on sn-devel-104
Jelmer Vernooij [Fri, 19 Oct 2012 07:21:01 +0000 (09:21 +0200)]
samba.tests.docs: Ignore removed parameters.
Jelmer Vernooij [Fri, 19 Oct 2012 07:20:44 +0000 (09:20 +0200)]
smb.conf(5): Mark four removed parameters as such.
Jelmer Vernooij [Fri, 19 Oct 2012 07:16:55 +0000 (09:16 +0200)]
samba.tests.docs: Assume docs are generated by waf.
Jelmer Vernooij [Sat, 29 Sep 2012 04:40:32 +0000 (21:40 -0700)]
samba.tests.docs: Write error output from xsltproc to standard out.
Jelmer Vernooij [Fri, 28 Sep 2012 16:52:41 +0000 (09:52 -0700)]
samba.tests.docs: Skip tests if xsltproc is not present.
Jelmer Vernooij [Wed, 26 Sep 2012 20:20:42 +0000 (13:20 -0700)]
smb.conf(5): Consistent spelling of parameter names.
This includes spacing and casing.
Jelmer Vernooij [Wed, 26 Sep 2012 20:09:01 +0000 (13:09 -0700)]
samba.tests.docs: Support spaces before synonyms.
Jelmer Vernooij [Wed, 26 Sep 2012 19:40:00 +0000 (12:40 -0700)]
samba.tests.docs: Support synonyms.
Jelmer Vernooij [Wed, 26 Sep 2012 16:41:19 +0000 (18:41 +0200)]
samba.tests.docs: Distinguish between unknown and undocumened parameters.
Jelmer Vernooij [Wed, 26 Sep 2012 00:57:16 +0000 (02:57 +0200)]
tests: Convert find_missing_doc into a unit test.
Jelmer Vernooij [Fri, 19 Oct 2012 06:33:31 +0000 (08:33 +0200)]
smb.conf(5): Fix mixing of tabs and spaces.
Jelmer Vernooij [Sat, 29 Sep 2012 04:25:50 +0000 (21:25 -0700)]
smb.conf(5): Add basic documentation for 'nsupdate command'.
Jelmer Vernooij [Fri, 28 Sep 2012 20:05:07 +0000 (13:05 -0700)]
smb.conf(5): Add basic documentation for 'afs token lifetime'.
Jelmer Vernooij [Fri, 28 Sep 2012 20:01:39 +0000 (13:01 -0700)]
smb.conf(5): Add 'ldap password sync' as synonym for 'ldap passwd sync'.
Jelmer Vernooij [Fri, 28 Sep 2012 18:20:09 +0000 (11:20 -0700)]
smb.conf(5): Add 'socket address' as alias for 'nbt client socket address'.
Jelmer Vernooij [Fri, 28 Sep 2012 18:13:13 +0000 (11:13 -0700)]
smb.conf(5): Add basic documentation for 'tls dh params file'.
Jelmer Vernooij [Fri, 28 Sep 2012 18:08:49 +0000 (11:08 -0700)]
smb.conf(5): Add basic documentation for 'tls enabled'.
Jelmer Vernooij [Fri, 28 Sep 2012 18:05:47 +0000 (11:05 -0700)]
smb.conf(5): Add basic documentation for 'tls crlfile'.
Jelmer Vernooij [Fri, 28 Sep 2012 18:00:09 +0000 (11:00 -0700)]
smb.conf(5): Add basic documentation for 'tls certfile'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:58:45 +0000 (10:58 -0700)]
smb.conf(5): Add basic documentation for 'tls keyfile'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:56:44 +0000 (10:56 -0700)]
smb.conf(5): Add basic documentation for 'tls cafile'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:52:13 +0000 (10:52 -0700)]
smb.conf(5): Add basic documentation for 'log nt token command'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:42:55 +0000 (10:42 -0700)]
smb.conf(5): Add basic documentation for 'ntp signd socket directory'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:37:23 +0000 (10:37 -0700)]
smb.conf(5): Add basic documentation for 'spn update command'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:35:06 +0000 (10:35 -0700)]
smb.conf(5): Add basic documentation for 'allow dns updates'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:31:08 +0000 (10:31 -0700)]
smb.conf(5): Add basic documentation for 'rndc command'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:16:08 +0000 (10:16 -0700)]
smb.conf(5): Add basic documentation for 'dns update command'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:09:41 +0000 (10:09 -0700)]
smb.conf(5): Add basic documentation for 'server services'.
Jelmer Vernooij [Fri, 28 Sep 2012 17:03:46 +0000 (10:03 -0700)]
smb.conf(5): Add basic documentation for 'samba kcc command'.
Jelmer Vernooij [Fri, 28 Sep 2012 01:44:43 +0000 (18:44 -0700)]
samba-tool user: Fix typos, improve messages.
Jelmer Vernooij [Fri, 28 Sep 2012 00:57:54 +0000 (17:57 -0700)]
smb.conf(5): Add basic documentation 'winbind sealed pipes'.
Jelmer Vernooij [Thu, 27 Sep 2012 20:38:31 +0000 (13:38 -0700)]
smb.conf(5): Add basic documentation for 'dns forwarder'.
Jelmer Vernooij [Thu, 27 Sep 2012 20:28:23 +0000 (13:28 -0700)]
smb.conf(5): Add basic documentation for 'ntvfs handler'.
Jelmer Vernooij [Thu, 27 Sep 2012 19:30:07 +0000 (12:30 -0700)]
smb.conf(5): Add : to idmap config description to mark it as parametric.
Jelmer Vernooij [Thu, 27 Sep 2012 19:28:16 +0000 (12:28 -0700)]
smb.conf(5): Add basic documentation for 'winbindd privileged socket directory'.
Jelmer Vernooij [Thu, 27 Sep 2012 19:24:15 +0000 (12:24 -0700)]
smb.conf(5): Add basic documentation for 'winbindd socket directory'.
Jelmer Vernooij [Wed, 26 Sep 2012 23:02:40 +0000 (16:02 -0700)]
smb.conf(5): Extend 'server min protocol' description.
Andrew Bartlett [Thu, 18 Oct 2012 08:58:04 +0000 (19:58 +1100)]
build: Assert that auth_domain, auth_builtin, auth_sam, auth_winbind are builtin
These modules are used by default and for various reasons cannot be compiled into a .so
The code setting up these lists is generic, so it is easier to just assert early,
for this non-default configuration.
Andrew Bartlett
Signed-off-by: Andreas Schneider <asn@samba.org>
Address bug #9295 - Can't find guest.so module if auth_builtin is built as
module.
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Oct 18 13:14:38 CEST 2012 on sn-devel-104
Andreas Schneider [Wed, 17 Oct 2012 14:30:57 +0000 (16:30 +0200)]
BUG #9295: Build standard auth modules as internal modules.
Signed-off-by: Andreas Schneider <asn@samba.org>
Alexander Wuerstlein [Sun, 30 Sep 2012 02:32:01 +0000 (04:32 +0200)]
Warn when setting UID/GID without idmap_ldb:use rfc2307 = Yes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 18 09:51:35 CEST 2012 on sn-devel-104
Alexander Wuerstlein [Sun, 30 Sep 2012 02:32:00 +0000 (04:32 +0200)]
Tests for 'samba-tool user create' with RFC2307 attributes
Check if attributes are correctly set and read from SamDB
Test automatic creation of attributes from getpwent (NSS)
Check if overriding NSS attributes works
getpwent will be skipped if the current UID of the user running the
tests has no passwd entry (getpwuid(geteuid())).
If a user with the name of the current UID already exists in the
directory, the getpwent test will fail. If that should happen, the
test would need to be updated to use a nonexistent UID that is
visible to the Python 'pwd' module.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Alexander Wuerstlein [Sun, 30 Sep 2012 02:31:59 +0000 (04:31 +0200)]
Set RFC2307 attributes in samba-tool create
Optionally set RFC2307 (NIS Schema) attributes in samba-tool create.
Mainly needed for UID mapping to be usable.
Not all attributes are set-able, only harmless and non-overlapping
ones (uid, uidNumber, gidNumber, loginShell, gecos). Description and
homeDirectory should already be set, userPassword seems problematic.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 16 Oct 2012 02:08:22 +0000 (13:08 +1100)]
provision: No longer use the wheel group in new AD Domains
The issue here is that if we set S-1-5-32-544 (administrators) to a
GID only, then users cannot force a mandetory profile to be owned by
administrators (which is a requirement).
There is no particularly useful reason for us to enforce this matching
a system group.
Andrew Bartlett
Michael Adam [Wed, 26 Sep 2012 07:08:17 +0000 (09:08 +0200)]
s3:smbd: fix brace placements in validate_my_share_entries() for readability
according to coding guidelines
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 17 14:37:58 CEST 2012 on sn-devel-104
Michael Adam [Thu, 11 Oct 2012 05:41:19 +0000 (07:41 +0200)]
s3:smbd: also log the "offline" flag when debugging the dos-mode
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Ricky Nance [Tue, 16 Oct 2012 05:52:51 +0000 (00:52 -0500)]
Removed phpldapadmin inclusion for Samba 4.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104
Andrew Bartlett [Tue, 16 Oct 2012 04:08:30 +0000 (15:08 +1100)]
dns_server: Try and use the dns-SERVER account if we were configured with it
Rusty Russell [Sun, 14 Oct 2012 05:35:58 +0000 (16:05 +1030)]
ccan: check for all the used config.h defines
In particular, not checking for byteswap.h meant we defined duplicates:
https://bugzilla.samba.org/show_bug.cgi?id=9286
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Wed Oct 17 01:55:14 CEST 2012 on sn-devel-104
Kai Blin [Sat, 13 Oct 2012 00:09:57 +0000 (02:09 +0200)]
libcli/dns: Time out requests after a while
Time out UDP requests after DNS_REQUEST_TIMEOUT seconds. Currently set
to 2 seconds.
This should fix bug #8878.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 16 12:58:32 CEST 2012 on sn-devel-104
Stefan Metzmacher [Tue, 16 Oct 2012 06:34:35 +0000 (08:34 +0200)]
selftest/knownfail: add samba3.rpc.lsa.privileges.lsa.Privileges
This failed more than 20 times in the last few weeks, e.g.
https://git.samba.org/autobuild.flakey/2012-10-16-0629/samba3.stdout
https://git.samba.org/autobuild.flakey/2012-10-16-0829/samba3.stdout
[530/717 in 14m32s] samba3.rpc.lsa.privileges(s3dc)
Using seed
1350368974
Testing OpenPolicy
Testing OpenPolicy2
Testing CreateAccount
Testing Delete
Testing DeleteObject
Testing EnumAccounts
Testing LookupSids
Testing LookupNames with 7 names
LookupName of sharesec_user was unmapped
LookupName of Everyone failed to return a result
UNEXPECTED(failure): samba3.rpc.lsa.privileges.lsa.Privileges(s3dc)
REASON: _StringException: _StringException: ../source4/torture/rpc/lsa.c:319: r.out.result was STATUS_SOME_UNMAPPED, expected NT_STATUS_OK: LookupNames failed
FAILED (1 failures, 0 errors and 0 unexpected successes in 0 testsuites)
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Oct 16 10:43:02 CEST 2012 on sn-devel-104
Stefan Metzmacher [Tue, 16 Oct 2012 06:30:17 +0000 (08:30 +0200)]
Revert "provision: Always create DNS user."
This reverts commit
c2d14747d608d406de6410556807d467cd0b85ef.
samba_upgradedns handles creates/removed the dns acount.
See
https://lists.samba.org/archive/samba-technical/2012-October/thread.html#87578
metze
Matthieu Patou [Sat, 13 Oct 2012 08:36:06 +0000 (01:36 -0700)]
s4-dns: Fix the comments about ignoring zones in internal server
Acked-By: Kai Blin <kai@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Sat Oct 13 12:37:53 CEST 2012 on sn-devel-104
Christian Ambach [Fri, 28 Sep 2012 05:09:23 +0000 (22:09 -0700)]
s3:smb2_getinfo ensure proper error for not yet present quota support
non-existing quota support needs to be signaled by NT_STATUS_NOT_SUPPORTED,
not NT_STATUS_INVALID_PARAMETER
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Fri Oct 12 13:37:37 CEST 2012 on sn-devel-104
Christian Ambach [Fri, 12 Oct 2012 09:47:04 +0000 (11:47 +0200)]
s3:vfs_gpfs re-indent run-away lines
some lines added by the acl_blob additions were longer than 80 chars
Christian Ambach [Fri, 12 Oct 2012 09:45:59 +0000 (11:45 +0200)]
s3:vfs_gpfs fix the build
make it compile again after the recent (untested) additions of the acl_blob functions
Christian Ambach [Fri, 12 Oct 2012 08:32:20 +0000 (10:32 +0200)]
s3:vfs_gpfs remove a trailing space
Christian Ambach [Fri, 12 Oct 2012 08:31:10 +0000 (10:31 +0200)]
s3:vfs_gpfs skip local flock when gpfs sharemodes are disabled
no sense in calling local flock when clustered sharemodes should be disabled
Jelmer Vernooij [Fri, 5 Oct 2012 09:51:37 +0000 (11:51 +0200)]
selftest: Move more tests to common list script.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Fri Oct 12 02:06:42 CEST 2012 on sn-devel-104
Jelmer Vernooij [Thu, 11 Oct 2012 15:23:13 +0000 (17:23 +0200)]
samba.join: Fix multiple spaces.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Thu Oct 11 20:30:43 CEST 2012 on sn-devel-104
Jelmer Vernooij [Fri, 5 Oct 2012 09:46:25 +0000 (11:46 +0200)]
selftest: Move some tests to common test script.
Jelmer Vernooij [Fri, 5 Oct 2012 09:39:34 +0000 (11:39 +0200)]
selftests.tests: Remove reference to Samba 4.
Jelmer Vernooij [Thu, 11 Oct 2012 15:11:44 +0000 (17:11 +0200)]
samba.provision.sambadns: Use == to compare strings, not 'is'.
Andreas Schneider [Thu, 11 Oct 2012 12:46:56 +0000 (14:46 +0200)]
s3fs-printing: Simplify the comment and location handling.
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 11 18:49:15 CEST 2012 on sn-devel-104
Andreas Schneider [Wed, 10 Oct 2012 09:30:15 +0000 (11:30 +0200)]
packaging: Add support for reloading systemd services.
Jelmer Vernooij [Thu, 11 Oct 2012 12:45:10 +0000 (14:45 +0200)]
provision: Always create DNS user.
The DNS user is currently only used by the bind9 plugin. This makes it
easier to later on switch between the builtin DNS server and bind
backend.
In addition, ideally the internal DNS server would use that (separate)
user too.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Thu Oct 11 17:05:40 CEST 2012 on sn-devel-104
Jelmer Vernooij [Thu, 11 Oct 2012 12:39:50 +0000 (14:39 +0200)]
wafsamba: Ignore some more symbols when checking for dupes.
Andrew Bartlett [Thu, 11 Oct 2012 11:29:43 +0000 (22:29 +1100)]
smbd: Always free the talloc_stackframe() before leaving smbd_do_query_security_desc
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 11 15:20:54 CEST 2012 on sn-devel-104
Karolin Seeger [Wed, 10 Oct 2012 08:43:02 +0000 (10:43 +0200)]
docs: Add very basic samba manpage.
Please feel free to extend.
Karolin
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Oct 11 11:40:37 CEST 2012 on sn-devel-104
Andrew Bartlett [Thu, 11 Oct 2012 04:08:25 +0000 (15:08 +1100)]
rpc_server:srvsvc Remove psd variable that was no longer set by SMB_VFS_FGET_NT_ACL
This fixes up an error introduced by
c8ade07760ae0ccfdf2d875c9f3027926e62321b.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 11 07:53:36 CEST 2012 on sn-devel-104
Andrew Bartlett [Wed, 10 Oct 2012 10:20:24 +0000 (21:20 +1100)]
build: Remove --disable-shared
This does not work, and has no known use cases. Remove it so we do
not waste time trying to support it.
This also removes it for ldb/tdb/ntdb/talloc, but as these are first
shared libraries, and then tools on top of those, rpath or (for
emergency tools) --nonshared-binary= seems more appropriate.
Andrew Bartlett
Andrew Bartlett [Thu, 11 Oct 2012 03:49:13 +0000 (14:49 +1100)]
vfs: Remove irixacl module (all the fucntions in it are unimplemented)
Andrew Bartlett [Thu, 11 Oct 2012 03:42:39 +0000 (14:42 +1100)]
vfs: Fix alternative posix and no-op sys acl implementations to take a mem_ctx
These were missed with the initial conversion to use a talloc context.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 23:47:17 +0000 (10:47 +1100)]
vfs: Improve formatting of vfs_fake_acls
This avoids this bad style being copied into new modules.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 11 05:10:16 CEST 2012 on sn-devel-104
Andrew Bartlett [Wed, 10 Oct 2012 23:46:37 +0000 (10:46 +1100)]
vfs: Improve formatting of vfs_default
This avoids this bad style being copied into new modules.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 20:53:29 +0000 (07:53 +1100)]
examples: Re-indent and reformat skel VFS modules
This avoids some of the poor style here from propogating to new VFS modules.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 06:00:42 +0000 (17:00 +1100)]
vfs: Use a blocking function in vfs_zfsacl for system ACL blobs
This is so we do not query some other module for the ACL blob, as zfs
ACLs are not posix ACLs. We may add a linearisation later.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 05:59:53 +0000 (16:59 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_tru64acl for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:59:43 +0000 (16:59 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_solarisacl for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:59:35 +0000 (16:59 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_posixacl for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:59:25 +0000 (16:59 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_irix for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:59:18 +0000 (16:59 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_hpux for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:58:59 +0000 (16:58 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_gpfs for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:53:43 +0000 (16:53 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_fake_acls for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:53:22 +0000 (16:53 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_default for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:52:17 +0000 (16:52 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_aixacl2 for posix ACLs
Andrew Bartlett [Wed, 10 Oct 2012 05:52:02 +0000 (16:52 +1100)]
vfs: Use posix_sys_acl_blob_get_file in vfs_aixacl
Andrew Bartlett [Wed, 10 Oct 2012 05:45:44 +0000 (16:45 +1100)]
vfs: Use a blocking function in vfs_afsacl for system ACL blobs
This is important, as we need to avoid asking any lower module for a
possible libear ACL blob. We may implement a linearisation in the
future.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 05:49:59 +0000 (16:49 +1100)]
vfs: Implement a sys_acl_blob_get_{fd,file} for POSIX ACL backends
This simply linearlises the SMB_ACL_T (default and access acl for
directories) and the file owner, group and mode into a blob.
It will be useful for an improved vfs_acl_common.c that uses this sets
that, rather than the hash of the NT ACL, in the xattr
This will in turn insulate the stored hash from changes in the ACL
mapping.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 05:44:41 +0000 (16:44 +1100)]
vfs: Remove type parameter from sys_acl_blob_get_{fd,file}
This interface actually needs to match the get_nt_acl interface in
that the system ACL implmenetation may not be posix ACLs, and the blob
is not meant to be enforced to be of a particular system ACL
structure.
Andrew Bartlett
Andrew Bartlett [Wed, 10 Oct 2012 00:50:27 +0000 (11:50 +1100)]
smbd: Add mem_ctx to {f,}get_nt_acl VFS call
This makes it clear which context the returned SD is allocated on, as
a number of callers do not want it on talloc_tos().
As the ACL transformation allocates and then no longer needs a great
deal of memory, a talloc_stackframe() call is used to contain the
memory that is not returned further up the stack.
Andrew Bartlett