Commits on Source (64)
-
Jule Anger authored
and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger <janger@samba.org>
6c06c9ed -
Samuel Cabrero authored
The error code must be returned to caller even if the error string is not set. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit e4afb211)
f731d750 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit bdab834d)
f8021a24 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 740e704b)
a8544124 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 532701e3)
fddbff3d -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 7cabbec2)
ad2196fd -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit a8bd8f22)
4e43af11 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 4a1f2071)
ca6ba984 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit b2399b69)
1f066b59 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit c14a4f51)
69475590 -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit e92e4b95)
ce29bbfb -
Samuel Cabrero authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577 Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Sep 5 22:11:46 UTC 2023 on atb-devel-224 (cherry picked from commit f3c632e7) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Wed Nov 29 15:55:45 UTC 2023 on atb-devel-224
0a8cf4f1 -
Shachar Sharon authored
Align getxattr logic with the rest of xattr hooks: call ceph_fgetxattr with appropriate io-fd when 'is_pathref' is false; otherwise, call ceph_getxattr. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15440 Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Anoop C S <anoopcs@redhat.com> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Thu Nov 30 12:32:29 UTC 2023 on atb-devel-224 (cherry picked from commit 83edfcff) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Mon Dec 11 13:21:02 UTC 2023 on atb-devel-224
849c370d -
Michael Tokarev authored
samba-ad-dc is arch-all package. We need samba >= ${source:Version}~ (note the tilde at the end), not ${binary:Version} (without tilde).
6f410b3e -
Stefan Metzmacher authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 92badd3b)
30fddc01 -
Stefan Metzmacher authored
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit f2d9c012)
d7249b3c -
Stefan Metzmacher authored
We could also remove the src_addr and dest_addr helper variables completely, but that would be too much for this commit. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 5f52d140)
9d8768ff -
Stefan Metzmacher authored
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 8395fd36)
0de804ac -
Stefan Metzmacher authored
With multichannel a ctdb connection from smbd may hold multiple tcp connections, which can be disconnected before the smbd process terminates the whole ctdb connection, so we a way to remove undo 'CTDB_CONTROL_TCP_CLIENT' again. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit c6602b68)
f7694157 -
Stefan Metzmacher authored
With multichannel a tcp connection is registered first with a temporary smbd process, that calls CTDB_CONTROL_TCP_CLIENT first and then passes the tcp connection to the longterm smbd that already handles all connections belonging to the specific client_guid. That smbd process calls CTDB_CONTROL_TCP_CLIENT again, but the 'tickle' information is already there. When the temporary smbd process exists/disconnects from ctdb or calls CTDB_CONTROL_TCP_CLIENT_DISCONNECTED, the 'tickle' information is removed, while the longterm smbd process still serves the tcp connection. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 037e8e44)
813e7186 -
Stefan Metzmacher authored
We dump the structure into the socket, so we need to zero the content including possible padding. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 24013937)
24d960d0 -
Stefan Metzmacher authored
We do the dispatching to multiple handlers in ctdbd_msg_call_back() and we don't need more than one message from ctdb. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 77a55943)
562e360e -
Volker Lendecke authored
This is to remove a callback during rundown of smbds. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 75aa6693)
ecc0acbb -
Stefan Metzmacher authored
This reverts the effect of ctdbd_register_ips(). We'll use this in order to disconnect individual multichannel connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit f3a03f3f)
18d34cea -
Stefan Metzmacher authored
This is similar to ctdbd_unregister_ips(), but with the difference that ctdb keeps the 'tickle' information for the tcp connection alive, because another smbd process took care of that tcp connection in a multichannel scenario. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 2e784789)
6ca3ce4d -
Stefan Metzmacher authored
This makes it easier to test things... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 38b74d4c)
d9ed96c9 -
Stefan Metzmacher authored
This demonstrates the crash that happens if a client connects to a non-public address first followed by a connect to public address with the same client_guid and a connection to the non-public address gets disconnected first, we hit by a use-after-free talloc_get_type_abort() called from release_ip() as "xconn" is already gone, taking smbd_release_ip_state with it. Note that we also need to mark some subtests as flapping as there's a 2nd problem that happens in the interaction between smbd processes and ctdb when passing a multichannel connection to an existing process, it means we sometimes loose the 'tickle' information within ctdb to that tcp connection. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 082c7df4)
f8c02609 -
Volker Lendecke authored
If a client connects to a non-public address first followed by a connect to public address with the same client_guid and a connection to the non-public address gets disconnected first, we hit by a use-after-free talloc_get_type_abort() called from release_ip() as "xconn" is already gone, taking smbd_release_ip_state with it. We need to decide between calling ctdbd_unregister_ips() by default, as it means the tcp connection is really gone and ctdb needs to remove the 'tickle' information. But when a connection was passed to a different smbd process, we need to use ctdbd_passed_ips() as the tcp connection is still alive and the 'tickle' information should not be removed within ctdb. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit ddf47e7f)
27918796 -
Martin Schwenke authored
The one case that is no longer handled specially is when the destination address is IPv4 loopback. This may previously have been used to avoid flooding the logs when testing. However, that seems unnecessary - if testing with 127.0.0.1 then make it a public address. Modernise debug while touching the code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 8fc38725)
ff4ed4d7 -
Martin Schwenke authored
Modernise debug while touching the code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523 Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Dec 15 12:09:21 UTC 2023 on atb-devel-224 (cherry picked from commit 4b7329f1) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Sat Dec 16 15:26:50 UTC 2023 on atb-devel-224
a149a96e -
Stefan Metzmacher authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15534 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Dec 21 11:09:30 UTC 2023 on atb-devel-224 (cherry picked from commit 828f3c99) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Thu Dec 28 17:09:25 UTC 2023 on atb-devel-224
c2c11168 -
Jones Syue authored
To maintain SMB Multichannel, windows client might periodically query with FSCTL_QUERY_NETWORK_INTERFACE_INFO to get SMB server's network information, in my case windows server 2022 would do this every 10 minutes (600 seconds). Consider a scenario: the network information might have changed between these queries, some become link down, new interface is link up, network speed is changed, and etc. So far smbd might not aware of these changes and still report out-of-date network information to windows client, until we manually send a SIGHUP to smbd in order to trigger load_interfaces(): smbd_sig_hup_handler() > reload_services () > load_interfaces() This might be a bit inconvenient because it is hard to decide when should we manually send a SIGHUP to smbd for refreshing network information. This patch adds load_interfaces() at fsctl_network_iface_info(), while smbd received FSCTL_QUERY_NETWORK_INTERFACE_INFO would go through this and refresh local_interfaces, then respond to client with up-to-date network information; also refresh num_ifaces to make sure interfaces count is consistent. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15547 Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> (cherry picked from commit 318fd95d) Autobuild-User(v4-18-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-18-test): Fri Jan 5 13:46:39 UTC 2024 on atb-devel-224
9f8a73d7 -
Volker Lendecke authored
Right now we can't traverse a subdirectory in a snapshot which was deleted in the current set of files. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit a0bfadb3)
7f4d5a37 -
Volker Lendecke authored
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 2 20:37:01 UTC 2024 on atb-devel-224
529fb888 -
Björn Jacke authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15542 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 2073bbf9)
49d9e55e -
Björn Jacke authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15541 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit b41f95f8)
96897774 -
Björn Jacke authored
Thanks to Thierry LARONDE for the fix. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15540 Signed-off-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit b9f32b32) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Mon Jan 8 14:02:46 UTC 2024 on atb-devel-224
a9862b23 -
Ralph Boehme authored
Frankly, I can't remember why I added this as part of bug 13688. The goal of the corresponding test is to verify a write on a read-only file handle fails. As the file is opened O_RDONLY, the write will fail anyway and there's no need to inject the error. To make things worse, having the error injected meant we didn't notice when the underlying logic of forcing the open to be done with O_RDONLY was done as O_RDWR, resulting in the write on the handle to succeed. This happened when we introduced reopen_from_fsp(): the initial pathref open of a path with a twrp value was correctly detected and handled by shadow_copy2_openat(). However, when converting the pathref open to a real one via reopen_from_fsp(), shadow_copy2_openat() only sees the magic /proc/fd path and has no way of inferring that this was originating from a prevous version open with a twrp value. Tl;dr: we can just remove this error injection, it is not needed, the correct fix is to implement this in the SMB layer which is done in the subsequent commits. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 78119edb)
29f629a1 -
Ralph Boehme authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit c62484bc)
469c91c4 -
Ralph Boehme authored
Test more modifying operations are blocked and access masks are correct. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 537eedfe)
7080c5b4 -
Ralph Boehme authored
This is what Windows returns for this case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 276c5bd8)
c8e1d26c -
Ralph Boehme authored
Printer file handles went through SMB_VFS_CREATE_FILE() and are network callable, so it makes sense to set this on them. This ensures that check_access_fsp() doesn't take the codepath calling smbd_check_access_rights_fsp(), but just checks the request rights from fsp->access_mask. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 76c8fe16)
d8729472 -
Ralph Boehme authored
The semantics of the access check in check_access_fsp() itself is to allow access if *at least* one or more rights of the rights in access_mask are allowed. The name check_any_access_fsp() better reflects this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 96b577c3)
b775434b -
Ralph Boehme authored
smbd_check_access_rights_fsp() requires *all* rights in access_mask to be granted by the underlying ACL, but the semantics of this function is supposed to grant access if any one of the rights in access_requested is allowed. Fix this by looping over the requested access mask. If smbd_check_access_rights_fsp() returns sucess, mask will be non-null and when assigned to access_granted, the subsequent check will pass, fail otherwise. I'm not doing an early exit on purpose because a subsequent commit adds additional security checks that are done in the subsequent code path common for fsa and non-fsa fsps. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit bf497819)
8c08511f -
Ralph Boehme authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit a0ae45be)
8ee0768d -
Ralph Boehme authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit ee303521)
15536403 -
Ralph Boehme authored
The additional check if fd underlying fd is valid and not -1 should not be done at this place. I actually would prefer an write to fail with EBADF if this happens, as it's likely easier to debug why this happened. These days we should always have a valid fd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 995a31c8)
77a71bc9 -
Ralph Boehme authored
Replaces the direct access to fsp->access_mask with a call to check_any_access_fsp() which allows doing additional checks if needed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (backported from commit 02ed9934) [slow@samba.org: vfs_acl_common.c: different chown_needed check]
d3f062e2 -
Ralph Boehme authored
Now that check_any_access_fsp() is broadly used consistently to restrict access for all modifying operations, we can add a check for previous versions to check_any_access_fsp() and it gets enforced consistently. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit fd4e4114)
1e108b3a -
Ralph Boehme authored
Doing the previous version access checks and semantics at the SMB layer means we can simplify the shadow_copy2 and remove the kludge. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Mon Jan 8 16:58:26 UTC 2024 on atb-devel-224 (backported from commit f14a7065) [slow@samba.org: vfs_shadow_copy2.c: no TALLOC_FREE() in context] [slow@samba.org: open.c: assign result from calculate_open_access_flags()] Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Tue Jan 16 10:05:29 UTC 2024 on atb-devel-224
ee2df0bb -
Björn Jacke authored
This bug was introduced with 53a1d034 in 2020. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15550 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 2df2e34c)
0d75a9ac -
Bjoern Jacke authored
This was broken by c9c3d431 back in 2009 already. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 56c3dbc2)
161efeac -
Jones Syue authored
Browsing files or download files from samba server, smbd would check user's id to decide whether this user could access these files, by lookup user's information from the password file (e.g. /usr/local/samba/private/smbpasswd). smbd might goes through startsmbfilepwent(), this api calls [f]chmod() to make sure the password file has valid permissions 0600. Consider a scenario: we are doing a read performance benchmark about downloading a bunch of files (e.g. a thousand files) from a samba server, monitoring file system i/o activities counters, and expecting that should be only read operations on file system because this is just downloading, no uploading is involved. But actually found that still write operations on file system, because smbd lookup user and always reset 0600 permissions on password file while access each file, it makes dirty pages (inode modification) in ram, later triggered a kernel journal daemon to sync dirty pages into back storage (e.g. ext3 kjournald, or ext4 jbd2). This looks like not friendly for read performance benchmark if it happened on an entry-level systems with much less memory and limited computation power, because dirty pages syncing in the meantime slows down read performance. This patch adds fstat() before [f]chmod(), it would check whether password file has valid permissions 0600 or not. If 0600 smbd would bypass [f]chmod() to avoid making dirty pages on file systems. If not 0600 smbd would warn and go through [f]chmod() to set valid permissions 0600 to password file as earlier days. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15555 Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jan 18 10:28:19 UTC 2024 on atb-devel-224 (cherry picked from commit c82a267b) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Mon Jan 22 10:09:52 UTC 2024 on atb-devel-224
e6745b15 -
Ralph Boehme authored
This will be used in CI to have a gitlab runner without all modern Linux features we make use of as part of path processing: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle That gives what a classix UNIX like AIX or Solaris offers feature wise. Other OSes support other combinations of those features, but we leave the exersize of possibly adding more runners supporting those combinations to the reader. The following list shows which features are available and used by Samba on a few OSes: | O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen | CI covered --------|----------------|---------------------|---------------------------- | Supported Used | Supported Used | Supported Used | ============================================================================ Linux | + + | + + | + + | + FreeBSD | + + | + [1] - | + [2] - | - AIX | - - | - - | - - | + [1] via open() flag O_RESOLVE_BENEATH [2] via open() flag O_EMPTY_PATH BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 5c2f9644)
4b1f0c6e -
Ralph Boehme authored
This is a more sensible combination of missing Linux specific features: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle Currently only O_PATH is disabled for these jobs, but that doesn't really match and know OS. The following list shows which features are available and used by Samba on a few OSes: | O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen | CI covered --------|----------------|---------------------|---------------------------- | Supported Used | Supported Used | Supported Used | ============================================================================ Linux | + + | + + | + + | + FreeBSD | + + | + [1] - | + [2] - | - AIX | - - | - - | - - | + So by also disabling RESOLVE_NO_SYMLINKS and Safe Reopen, we cover classic UNIX systems like AIX. [1] via open() flag O_RESOLVE_BENEATH [2] via open() flag O_EMPTY_PATH BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 62cbe145)
8bac9003 -
Ralph Boehme authored
Moves processing the symlink error response to the caller filename_convert_dirfsp(). Prepares for using this in non_widelink_open(), where it will replace symlink_target_below_conn() with the same functionality. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (back-ported from commit 0515dded)
f495f6d2 -
Ralph Boehme authored
Existing caller passes NULL, no change in behaviour. Prepares for replacing symlink_target_below_conn() in open.c. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit fc80c72d)
0086f3d4 -
Ralph Boehme authored
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> (cherry picked from commit 1965fc77)
ab7d6966 -
Ralph Boehme authored
On systems without /proc/fd support this avoid the expensive chdir() logic in non_widelink_open(). open_file_ntcreate() already passes dirfsp and atname to reopen_from_fsp(), it was just missed in the conversion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Reviewed-by: Volker Lendecke <vl@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jan 22 12:00:56 UTC 2024 on atb-devel-224 (cherry picked from commit 27130232) Autobuild-User(v4-18-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-18-test): Mon Jan 29 11:53:56 UTC 2024 on atb-devel-224
974a8908 -
Jule Anger authored
Signed-off-by: Jule Anger <janger@samba.org>
13709fd7 -
Jule Anger authored
Signed-off-by: Jule Anger <janger@samba.org>
51a13a23 -
Michael Tokarev authored1b2c9206
-
Michael Tokarev authored
Update to upstream version '4.18.10+dfsg' with Debian dir 5cf524587271b2f5d16ae36cead3e27a4afa7aa7
35dc61c3 -
Michael Tokarev authoredac980507
Showing
- VERSION 1 addition, 1 deletionVERSION
- WHATSNEW.txt 80 additions, 2 deletionsWHATSNEW.txt
- buildtools/wafsamba/wafsamba.py 1 addition, 1 deletionbuildtools/wafsamba/wafsamba.py
- ctdb/common/common.h 1 addition, 0 deletionsctdb/common/common.h
- ctdb/common/ctdb_util.c 7 additions, 0 deletionsctdb/common/ctdb_util.c
- ctdb/include/ctdb_private.h 6 additions, 1 deletionctdb/include/ctdb_private.h
- ctdb/protocol/protocol.h 2 additions, 0 deletionsctdb/protocol/protocol.h
- ctdb/protocol/protocol_control.c 30 additions, 0 deletionsctdb/protocol/protocol_control.c
- ctdb/protocol/protocol_debug.c 2 additions, 0 deletionsctdb/protocol/protocol_debug.c
- ctdb/protocol/protocol_util.c 18 additions, 0 deletionsctdb/protocol/protocol_util.c
- ctdb/protocol/protocol_util.h 3 additions, 0 deletionsctdb/protocol/protocol_util.h
- ctdb/server/ctdb_control.c 8 additions, 0 deletionsctdb/server/ctdb_control.c
- ctdb/server/ctdb_takeover.c 193 additions, 99 deletionsctdb/server/ctdb_takeover.c
- debian/changelog 39 additions, 0 deletionsdebian/changelog
- debian/control 1 addition, 1 deletiondebian/control
- docs-xml/manpages/vfs_linux_xfs_sgid.8.xml 2 additions, 2 deletionsdocs-xml/manpages/vfs_linux_xfs_sgid.8.xml
- lib/util/time.c 1 addition, 1 deletionlib/util/time.c
- nsswitch/winbind_nss_netbsd.c 1 addition, 1 deletionnsswitch/winbind_nss_netbsd.c
- script/autobuild.py 1 addition, 1 deletionscript/autobuild.py
- selftest/skip.opath-required 4 additions, 0 deletionsselftest/skip.opath-required