The branch, v4-1-test has been updated
via def64cc Raise the level of a debug.
via 4674cca WHATSNEW: Start to add changes since 4.1.0rc3.
via 69cf874 docs: document "acl allow execute always"
via 434ca3f s3:smbd: ease file server upgrades from 3.6 and earlier
with "acl allow execute aways"
via 3f749ac loadparm: add new parameter "acl allow execute always"
via c4166d0 dbwrap_ctdb: Treat empty records as non-existing
from 7d791d5 VERSION: Bump version number up to 4.1.0...
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit def64cc71e625a8d7e9152475d4f2127e968c4e2
Author: Korobkin <[email protected]>
Date: Tue Sep 10 16:20:27 2013 -0700
Raise the level of a debug.
Bug #10118 - Samba is chatty about being unable to open a printer
Reviewed-by: Guenther Deschner <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Wed Sep 11 03:10:08 CEST 2013 on sn-devel-104
(cherry picked from commit d809cf653b624a9fde48de3b0c2ab58aca705c50)
Autobuild-User(v4-1-test): Karolin Seeger <[email protected]>
Autobuild-Date(v4-1-test): Thu Sep 12 11:36:59 CEST 2013 on sn-devel-104
commit 4674cca738471f25f2dee7f270d524282e418f8d
Author: Karolin Seeger <[email protected]>
Date: Thu Sep 12 09:43:06 2013 +0200
WHATSNEW: Start to add changes since 4.1.0rc3.
Signed-off-by: Karolin Seeger <[email protected]>
commit 69cf8747cdf0bf43bec7f9a2e2298fdf8f195d90
Author: Michael Adam <[email protected]>
Date: Mon Sep 2 16:54:15 2013 +0200
docs: document "acl allow execute always"
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: David Disseldorp <[email protected]>
Autobuild-User(master): Michael Adam <[email protected]>
Autobuild-Date(master): Wed Sep 11 01:21:00 CEST 2013 on sn-devel-104
(cherry picked from commit a2a3c9f36d7a19d75924cff25fa1b450d85ee6d6)
The last 3 patches adress bug #10134 - Samba 4.0 is stricter in checking
acls
for "open for execution".
commit 434ca3fe2019aecc9522d100fcc1d66632450f0e
Author: Michael Adam <[email protected]>
Date: Mon Sep 2 17:37:50 2013 +0200
s3:smbd: ease file server upgrades from 3.6 and earlier with "acl allow
execute aways"
3.6 and earlier allowed open for execution when execute permissions are
not present on a file. This has been fixed in Samba 4.0.
This patch changes smbd to skip the execute bit from the ACL check
in the open code if "acl allow execute always = yes", hence
re-establishing the old behaviour in this case.
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: David Disseldorp <[email protected]>
(cherry picked from commit 1e29d730663382875d96c275c60e022a1c33a2d1)
commit 3f749acd04f9b6a4b39424c2f69179cbba3dceb5
Author: Michael Adam <[email protected]>
Date: Mon Sep 2 17:36:59 2013 +0200
loadparm: add new parameter "acl allow execute always"
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: David Disseldorp <[email protected]>
(cherry picked from commit de3bc10ef69f23e7dab9fc3f6990bb403824b14e)
commit c4166d04324ecf8d87c5afb5903f5ab41107e5e7
Author: Volker Lendecke <[email protected]>
Date: Wed Aug 28 11:34:08 2013 +0000
dbwrap_ctdb: Treat empty records as non-existing
This is a patch implementing the workaround Christian mentioned in
https://bugzilla.samba.org/show_bug.cgi?id=10008#c5
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10008
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Christian Ambach <[email protected]>
(cherry picked from commit 1cae59ce112ccb51b45357a52b902f80fce1eef1)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 12 +++++++++
.../smbdotconf/protocol/aclallowexecutealways.xml | 26 ++++++++++++++++++++
lib/param/param_functions.c | 1 +
lib/param/param_table.c | 10 +++++++
source3/include/proto.h | 1 +
source3/lib/ctdbd_conn.c | 8 ++++++
source3/lib/dbwrap/dbwrap_ctdb.c | 10 +++++++
source3/param/loadparm.c | 1 +
source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +-
source3/smbd/open.c | 16 +++++++++++-
10 files changed, 85 insertions(+), 2 deletions(-)
create mode 100644 docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index eeb6307..c8418b6 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -138,6 +138,7 @@ smb.conf changes
Parameter Name Description Default
-------------- ----------- -------
+ acl allow execute always New False
password level Removed
set directory Removed
use ntdb New No
@@ -165,6 +166,17 @@ o David Disseldorp <[email protected]>
SMB2 FSCTL_SRV_COPYCHUNK request.
+CHANGES SINCE 4.1.0rc3
+======================
+
+o Michael Adam <[email protected]>
+ * BUG 10134: Add "acl allow execute always" parameter.
+
+
+o Volker Lendecke <[email protected]>
+ * BUG 10008: dbwrap_ctdb: Treat empty records as non-existing.
+
+
CHANGES SINCE 4.1.0rc2
======================
diff --git a/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
new file mode 100644
index 0000000..048c388
--- /dev/null
+++ b/docs-xml/smbdotconf/protocol/aclallowexecutealways.xml
@@ -0,0 +1,26 @@
+<samba:parameter name="acl allow execute always"
+ context="S"
+ type="boolean"
+ advanced="1" wizard="1"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc";>
+<description>
+ <para>
+ This boolean parameter controls the behaviour of
<citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> when receiving a protocol request
of "open for execution"
+ from a Windows client.
+ With Samba 3.6 and older, the execution right in the ACL was not checked,
so a client
+ could execute a file even if it did not have execute rights on the file.
In Samba 4.0,
+ this has been fixed, so that by default, i.e. when this parameter is set
to "False",
+ open for execution is now denied when execution permissions are not
present.
+ </para>
+ <para>
+ If this parameter is set to "True", Samba does not check execute
permissions on
+ "open for execution, thus re-establishing the behaviour of Samba 3.6.
+ This can be useful to smoothen upgrades from older Samba versions to 4.0
and newer.
+ This setting is not not meant to be used as a permanent setting, but as a
temporary relief:
+ It is recommended to fix the permissions in the ACLs and reset this
parameter to the
+ default after a ceratain transition period.
+ </para>
+</description>
+<value type="default">False</value>
+</samba:parameter>
diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c
index fed2e95..61f0044 100644
--- a/lib/param/param_functions.c
+++ b/lib/param/param_functions.c
@@ -132,6 +132,7 @@ FN_LOCAL_BOOL(afs_share, bAfs_Share)
FN_LOCAL_BOOL(acl_check_permissions, bAclCheckPermissions)
FN_LOCAL_BOOL(acl_group_control, bAclGroupControl)
FN_LOCAL_BOOL(acl_map_full_control, bAclMapFullControl)
+FN_LOCAL_BOOL(acl_allow_execute_always, bAclAllowExecuteAlways)
FN_LOCAL_INTEGER(defaultcase, iDefaultCase)
FN_LOCAL_INTEGER(minprintspace, iMinPrintSpace)
FN_LOCAL_INTEGER(printing, iPrinting)
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index 1b1497c..7b32998 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -904,6 +904,16 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
},
{
+ .label = "acl allow execute always",
+ .type = P_BOOL,
+ .p_class = P_LOCAL,
+ .offset = LOCAL_VAR(bAclAllowExecuteAlways),
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
+ },
+
+ {
.label = "create mask",
.type = P_OCTAL,
.p_class = P_LOCAL,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 493d1da..acf013b 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1330,6 +1330,7 @@ bool lp_afs_share(int );
bool lp_acl_check_permissions(int );
bool lp_acl_group_control(int );
bool lp_acl_map_full_control(int );
+bool lp_acl_allow_execute_always(int);
bool lp_durable_handles(int);
int lp_create_mask(int );
int lp_force_create_mode(int );
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 1481a9c..630b22e 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -1475,6 +1475,14 @@ NTSTATUS ctdbd_parse(struct ctdbd_connection *conn,
uint32_t db_id,
goto fail;
}
+ if (reply->datalen == 0) {
+ /*
+ * Treat an empty record as non-existing
+ */
+ status = NT_STATUS_NOT_FOUND;
+ goto fail;
+ }
+
parser(key, make_tdb_data(&reply->data[0], reply->datalen),
private_data);
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c
index f90e7b8..5a473f9 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.c
+++ b/source3/lib/dbwrap/dbwrap_ctdb.c
@@ -103,6 +103,16 @@ static int db_ctdb_ltdb_parser(TDB_DATA key, TDB_DATA data,
if (data.dsize < sizeof(struct ctdb_ltdb_header)) {
return -1;
}
+ if (data.dsize == sizeof(struct ctdb_ltdb_header)) {
+ /*
+ * Making this a separate case that needs fixing
+ * separately. This is an empty record. ctdbd does not
+ * distinguish between empty and deleted records. Samba right
+ * now can live without empty records, so lets treat zero-size
+ * (i.e. deleted) records as non-existing.
+ */
+ return -1;
+ }
state->parser(
key, (struct ctdb_ltdb_header *)data.dptr,
make_tdb_data(data.dptr + sizeof(struct ctdb_ltdb_header),
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 229ebd8..b9945ac 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -264,6 +264,7 @@ static struct loadparm_service sDefault =
.bAclCheckPermissions = true,
.bAclMapFullControl = true,
.bAclGroupControl = false,
+ .bAclAllowExecuteAlways = false,
.bChangeNotify = true,
.bKernelChangeNotify = true,
.iallocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c
b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 03c966b..4814e04 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -1732,7 +1732,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p,
result = open_printer_hnd(p, r->out.handle, r->in.printername, 0);
if (!W_ERROR_IS_OK(result)) {
- DEBUG(0,("_spoolss_OpenPrinterEx: Cannot open a printer handle "
+ DEBUG(3,("_spoolss_OpenPrinterEx: Cannot open a printer handle "
"for printer %s\n", r->in.printername));
ZERO_STRUCTP(r->out.handle);
return result;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 53f8b8e..dcf6bb5 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -76,6 +76,7 @@ NTSTATUS smbd_check_access_rights(struct connection_struct
*conn,
struct security_descriptor *sd = NULL;
uint32_t rejected_share_access;
uint32_t rejected_mask = access_mask;
+ uint32_t do_not_check_mask = 0;
rejected_share_access = access_mask & ~(conn->share_access);
@@ -143,10 +144,23 @@ NTSTATUS smbd_check_access_rights(struct
connection_struct *conn,
* se_file_access_check() also takes care of
* owner WRITE_DAC and READ_CONTROL.
*/
+ do_not_check_mask = FILE_READ_ATTRIBUTES;
+
+ /*
+ * Samba 3.6 and earlier granted execute access even
+ * if the ACL did not contain execute rights.
+ * Samba 4.0 is more correct and checks it.
+ * The compatibilty mode allows to skip this check
+ * to smoothen upgrades.
+ */
+ if (lp_acl_allow_execute_always(SNUM(conn))) {
+ do_not_check_mask |= FILE_EXECUTE;
+ }
+
status = se_file_access_check(sd,
get_current_nttok(conn),
use_privs,
- (access_mask & ~FILE_READ_ATTRIBUTES),
+ (access_mask & ~do_not_check_mask),
&rejected_mask);
DEBUG(10,("smbd_check_access_rights: file %s requesting "
--
Samba Shared Repository
