The branch, v4-4-test has been updated
       via  4f8a057 ctdb-recovery-helper: Add missing initialisation of 
ban_credits
       via  b1264c2 lib: poll_funcs : poll_funcs_context_slot_find can select 
the wrong slot to replace.
       via  c748a17 lib/poll_funcs: free contexts in 
poll_funcs_state_destructor()
       via  b064dfd vfs_acl_xattr|tdb: enforced settings when ignore system 
acls=yes
       via  7f3a857 docs: document vfs_acl_xattr|tdb enforced settings
       via  4b34770 vfs_acl_common: use DBG_LEVEL and remove function prefixes 
in DEBUG statements
       via  ac1d93e s4/torture: tests for vfs_acl_xattr default ACL styles
       via  41fb2ca vfs_acl_common: Windows style default ACL
       via  b94eefa vfs_acl_xattr|tdb: add option to control default ACL style
       via  5bc32fe vfs_acl_common: check for ignore_system_acls before 
fetching filesystem ACL
       via  a0fd7a5 vfs_acl_common: move stat stuff to a helper function
       via  1fd98a8 vfs_acl_tdb|xattr: use a config handle
       via  8084382 vfs_acl_common: move the ACL blob validation to a helper 
function
       via  7a80d45 vfs_acl_common: simplify ACL logic, cleanup and talloc 
hierarchy
       via  c1de539 vfs_acl_common: remove redundant NULL assignment
       via  d72dcd2 vfs_acl_common: rename pdesc_next to psd_fs
       via  31fc554 vfs_acl_common: rename psd to psd_blob in 
get_nt_acl_internal()
       via  06e9649 Revert "vfs_acl_xattr: objects without NT ACL xattr"
       via  180a034 vfs_shadow_copy: handle non-existant files and wildcards
       via  cbdb72f selftest: test listing directories inside snapshots
       via  962ab3d selftest: check file readability in shadow_copy2 test
       via  73cb902 selftest: add content to files created during shadow_copy2 
test
       via  0cf3141 ctdb-ipalloc: Fix cumulative takeover timeout
       via  f557d0c ctdb-ipalloc: Use a cumulative timeout for takeover run 
stages
      from  aa45e1a smbd: Reset O_NONBLOCK on open files

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-4-test


- Log -----------------------------------------------------------------
commit 4f8a057d13933b01afdd065fc3b2a322842f5c62
Author: Amitay Isaacs <ami...@gmail.com>
Date:   Mon Sep 19 14:59:06 2016 +1000

    ctdb-recovery-helper: Add missing initialisation of ban_credits
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12275
    
    Signed-off-by: Amitay Isaacs <ami...@gmail.com>
    Reviewed-by: Martin Schwenke <mar...@meltin.net>
    (cherry picked from commit 6b93b57921fad40cb3601888154c2f73a75fd590)
    
    Autobuild-User(v4-4-test): Karolin Seeger <ksee...@samba.org>
    Autobuild-Date(v4-4-test): Wed Sep 21 14:45:44 CEST 2016 on sn-devel-144

commit b1264c2c6ada37b68a81b5e5a1b0e951aaacc0f3
Author: Jeremy Allison <j...@samba.org>
Date:   Mon Sep 19 11:47:22 2016 -0700

    lib: poll_funcs : poll_funcs_context_slot_find can select the wrong slot to 
replace.
    
    Look for an exact match first, before a free slot.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12272
    
    Back-port from 085542fc93b3c603e8cda6e481e94d5fe2dfc669
    
    Signed-off-by: Jeremy Allison <j...@samba.org>
    Reviewed-by: Ralph Boehme <s...@samba.org>

commit c748a1745fddbf52c2d15761c7861faf373a9b61
Author: Jeremy Allison <j...@samba.org>
Date:   Mon Sep 19 11:42:05 2016 -0700

    lib/poll_funcs: free contexts in poll_funcs_state_destructor()
    
    This ensures the destructors get called in the proper order.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12272
    
    Back-port from c132b78c484c14d255a98567e90b934b73ebf8c2
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>

commit b064dfde2e2ae17a6893abb430b67b2ccaa4687d
Author: Ralph Boehme <s...@samba.org>
Date:   Fri Aug 26 10:04:53 2016 +0200

    vfs_acl_xattr|tdb: enforced settings when ignore system acls=yes
    
    When "ignore system acls" is set to "yes, we need to ensure filesystem
    permission always grant access so that when doing our own access checks
    we don't run into situations where we grant access but the filesystem
    doesn't.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    
    Autobuild-User(master): Ralph Böhme <s...@samba.org>
    Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144
    
    (cherry picked from commit b72287514cc78c9019db7385af4c9b9d94f60894)

commit 7f3a8573f39e7ae2f2ee30bea22c7b602ffe1329
Author: Ralph Boehme <s...@samba.org>
Date:   Fri Aug 26 10:22:37 2016 +0200

    docs: document vfs_acl_xattr|tdb enforced settings
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit cbe8f0d63b90e4380da35e9f9f5a05d8ccc2058b)

commit 4b34770db2d6834fcb7852b86f9f6a581982aba9
Author: Ralph Boehme <s...@samba.org>
Date:   Sat Aug 27 10:11:14 2016 +0200

    vfs_acl_common: use DBG_LEVEL and remove function prefixes in DEBUG 
statements
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 11dddd59aa01195152199443bc26e3141f162c8f)

commit ac1d93e997c08057abb4426c9c31de1ca76657df
Author: Ralph Boehme <s...@samba.org>
Date:   Thu Aug 25 16:30:24 2016 +0200

    s4/torture: tests for vfs_acl_xattr default ACL styles
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 946b93d0e3f6f23fa2325d7aaba4dc6f4cc17cb6)

commit 41fb2cae1c07966ae7746ce49644299ee6e3e41e
Author: Ralph Boehme <s...@samba.org>
Date:   Thu Aug 25 07:45:34 2016 +0200

    vfs_acl_common: Windows style default ACL
    
    Reintroduce Windows style default ACL, but this time as an optional
    feature, not changing default behaviour.
    
    Original bugreport that got reverted because it changed the default
    behaviour: https://bugzilla.samba.org/show_bug.cgi?id=12028
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit 0730cb7e1ce33dbc5fc48a7363204c1220400c68)

commit b94eefa2b3997f17f7b2018299a0069a7848d588
Author: Ralph Boehme <s...@samba.org>
Date:   Wed Aug 24 20:31:00 2016 +0200

    vfs_acl_xattr|tdb: add option to control default ACL style
    
    Existing behaviour is "posix" style. Next commit will (re)add the
    "windows" style. This commit doesn't change behaviour in any way.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 26a9867ae1a9c69659252ce03c280c7c18a6c58f)

commit 5bc32feee193982fb1627400289a03ce081cdafe
Author: Ralph Boehme <s...@samba.org>
Date:   Wed Aug 24 10:43:47 2016 +0200

    vfs_acl_common: check for ignore_system_acls before fetching filesystem ACL
    
    If ignore_system_acls is set and we're synthesizing a default ACL, we
    were fetching the filesystem ACL just to free it again. This change
    avoids this.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit f46179ef7310959af095b0ea6234df7523d15457)

commit a0fd7a5a17cca97312509e0046b6dc6510dc4bbc
Author: Ralph Boehme <s...@samba.org>
Date:   Wed Aug 24 10:30:15 2016 +0200

    vfs_acl_common: move stat stuff to a helper function
    
    Will be reused in the next commit when moving the
    make_default_filesystem_acl() stuff to a different place.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 10959698e20de381beec7ab532c8bdc32fa6401c)

commit 1fd98a8ffcfeb6f737960282606fd172b4e05acd
Author: Ralph Boehme <s...@samba.org>
Date:   Wed Aug 24 10:01:17 2016 +0200

    vfs_acl_tdb|xattr: use a config handle
    
    Better for performance and a subsequent commit will add one more option
    where this will pay off.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)

commit 80843823181873247aa05d5b0fa55ff461e6c0f1
Author: Ralph Boehme <s...@samba.org>
Date:   Tue Aug 23 22:32:57 2016 +0200

    vfs_acl_common: move the ACL blob validation to a helper function
    
    No change in behaviour.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 0de5a128cee90694979d074c2590ddbca0071e82)

commit 7a80d4544280806aa9c8e0455e21e196c7720aab
Author: Ralph Boehme <s...@samba.org>
Date:   Tue Aug 23 17:07:20 2016 +0200

    vfs_acl_common: simplify ACL logic, cleanup and talloc hierarchy
    
    No change in behaviour (hopefully! :-). This paves the way for moving
    the ACL blob validation to a helper function in the next commit.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 335527c647331148927feea2a7ae2f2c88986bc6)

commit c1de539aab52dbcc54eca6c7f524b51d29570a02
Author: Ralph Boehme <s...@samba.org>
Date:   Tue Aug 23 13:14:50 2016 +0200

    vfs_acl_common: remove redundant NULL assignment
    
    The variables are already set to NULL by TALLOC_FREE.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit e6f1254a00a6bf85b8d95bfbafef7d3e39ce1dde)

commit d72dcd297e05f6f1ebf413ea070190f907a15422
Author: Ralph Boehme <s...@samba.org>
Date:   Tue Aug 23 13:11:24 2016 +0200

    vfs_acl_common: rename pdesc_next to psd_fs
    
    In most realistic cases the "next" VFS op will return the permissions
    from the filesystem. This rename makes it explicit where the SD is
    originating from. No change in behaviour.
    
    This just paves the way for a later change that will simplify the whole
    logic and talloc hierarchy.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 9f79084f166208820f586c8e43e1e315d32cd5ce)

commit 31fc5543b891269a5df91c982155b5efdda4b906
Author: Ralph Boehme <s...@samba.org>
Date:   Tue Aug 23 13:08:12 2016 +0200

    vfs_acl_common: rename psd to psd_blob in get_nt_acl_internal()
    
    This makes it explicit where the SD is originating from. No change in
    behaviour.
    
    This just paves the way for a later change that will simplify the whole
    logic and talloc hierarchy, therefor this also strictly renames the
    occurences after the out label.
    
    Logically, behind the out label, we're dealing with a variable that
    points to what we're going to return, so the name psd_blob is
    misleading, but I'm desperately trying to avoid logic changes in this
    commit and therefor I'm just strictly renaming.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (backported from commit 2367eea928593f12f8914f7e7ba613b1b15516de)

commit 06e96493444ea10a543e2e7b80620254fa3b6b2c
Author: Ralph Boehme <s...@samba.org>
Date:   Wed Aug 24 10:04:24 2016 +0200

    Revert "vfs_acl_xattr: objects without NT ACL xattr"
    
    This reverts commit 961c4b591bb102751079d9cc92d7aa1c37f1958c.
    
    Subsequent commits will add the same functionality as an optional
    feature.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
    
    Signed-off-by: Ralph Boehme <s...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit 590b80490c00587b5a4035856891e10defb654f6)

commit 180a0342f3ed2211020e65d11a8bf494b197ac17
Author: Uri Simchoni <u...@samba.org>
Date:   Wed Aug 24 14:42:23 2016 +0300

    vfs_shadow_copy: handle non-existant files and wildcards
    
    During path checking, the vfs connectpath_fn is called to
    determine the share's root, relative to the file being
    queried (for example, in snapshot file this may be other
    than the share's "usual" root directory). connectpath_fn
    must be able to answer this question even if the path does
    not exist and its parent does exist. The convention in this
    case is that this refers to a yet-uncreated file under the parent
    and all queries are relative to the parent.
    
    This also serves as a workaround for the case where connectpath_fn
    has to handle wildcards, as with the case of SMB1 trans2 findfirst.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
    
    Signed-off-by: Uri Simchoni <u...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    
    Autobuild-User(master): Jeremy Allison <j...@samba.org>
    Autobuild-Date(master): Thu Aug 25 05:35:29 CEST 2016 on sn-devel-144
    (cherry picked from commit f41f439335efb352d03a842c370212a0af77262a)

commit cbdb72fbf2e6bf022db8b9006e2d764e6cbb2ff1
Author: Uri Simchoni <u...@samba.org>
Date:   Tue Aug 23 14:29:39 2016 +0300

    selftest: test listing directories inside snapshots
    
    Verify that directories are also listable.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
    
    Signed-off-by: Uri Simchoni <u...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit 22c3982100a1d6bf67979a0659604942ef6f11f0)

commit 962ab3dd8126cfc65e2058909ae00f72505f2ed4
Author: Uri Simchoni <u...@samba.org>
Date:   Tue Aug 23 14:03:30 2016 +0300

    selftest: check file readability in shadow_copy2 test
    
    Add tests which verify that a snapshot file is readable
    if and only if it its metadata can be retrieved. Also
    verify (in most tests) that file is retrieved from the
    correct snapshot.
    
    Together with the existing test for number of previous
    versions we can stat, this test checks that we can read
    those files, and also that we cannot break out of a snapshot
    if wide links are not allowed.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
    
    Signed-off-by: Uri Simchoni <u...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit 495b8177363bf1930f3afb373ad73caac022f353)

commit 73cb902932e885e43a8d0332cad07a0e3147c849
Author: Uri Simchoni <u...@samba.org>
Date:   Tue Aug 23 11:33:52 2016 +0300

    selftest: add content to files created during shadow_copy2 test
    
    This will allow reading them and verifying we got the right version
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12172
    
    Signed-off-by: Uri Simchoni <u...@samba.org>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    (cherry picked from commit 523046080dd65607eacb901d58ee3b6e54de865e)

commit 0cf3141de62b37fecf092aa211d3004c89f7844c
Author: Martin Schwenke <mar...@meltin.net>
Date:   Thu Aug 18 12:57:33 2016 +1000

    ctdb-ipalloc: Fix cumulative takeover timeout
    
    Commit c40fc62642ff5ac49b75e9af49c299e33dbc9073 runs the IP allocation
    algorithm after calculating the timeout offset.  If the algorithm
    takes a long time then there may be no attempt to release or take over
    IPs.
    
    Instead, reset the timeout just before the RELEASE_IP stage if an
    early jump to IPREALLOCATED was not taken.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12161
    
    Signed-off-by: Martin Schwenke <mar...@meltin.net>
    Reviewed-by: Amitay Isaacs <ami...@gmail.com>
    
    Autobuild-User(master): Amitay Isaacs <ami...@samba.org>
    Autobuild-Date(master): Thu Aug 18 12:36:37 CEST 2016 on sn-devel-144
    
    (cherry picked from commit 626dcc9e493e2ac4fd502f75c7cb4d29f686f017)

commit f557d0c80907458f3b38e907fcafaa03b1f52b53
Author: Martin Schwenke <mar...@meltin.net>
Date:   Fri May 27 15:22:27 2016 +1000

    ctdb-ipalloc: Use a cumulative timeout for takeover run stages
    
    RELEASE_IP sometimes times out because killing TCP connections can
    take a long time.
    
    The aim of the takeover timeout is actually to limit the total amount
    of time for an IP takeover run.  So, calculate a combined timeout
    offset once and use it for each of the RELEASE_IP, TAKEOVER_IP,
    IPREALLOCATED stages.  This gives RELEASE_IP more time to kill TCP
    connections but still limits the total time.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12161
    
    Signed-off-by: Martin Schwenke <mar...@meltin.net>
    Reviewed-by: Amitay Isaacs <ami...@gmail.com>
    (cherry picked from commit c40fc62642ff5ac49b75e9af49c299e33dbc9073)

-----------------------------------------------------------------------

Summary of changes:
 ctdb/server/ctdb_recovery_helper.c         |   1 +
 ctdb/server/ctdb_takeover.c                |  22 +-
 docs-xml/manpages/vfs_acl_tdb.8.xml        |  49 ++
 docs-xml/manpages/vfs_acl_xattr.8.xml      |  49 ++
 selftest/target/Samba3.pm                  |   9 +
 source3/lib/poll_funcs/poll_funcs_tevent.c |  17 +-
 source3/modules/vfs_acl_common.c           | 721 +++++++++++++++++++----------
 source3/modules/vfs_acl_tdb.c              |  28 ++
 source3/modules/vfs_acl_xattr.c            |  28 ++
 source3/modules/vfs_shadow_copy2.c         |  31 +-
 source3/script/tests/test_shadow_copy.sh   |  96 +++-
 source3/selftest/tests.py                  |   4 +-
 source4/torture/vfs/acl_xattr.c            | 314 +++++++++++++
 source4/torture/vfs/vfs.c                  |   1 +
 source4/torture/wscript_build              |   2 +-
 15 files changed, 1095 insertions(+), 277 deletions(-)
 create mode 100644 source4/torture/vfs/acl_xattr.c


Changeset truncated at 500 lines:

diff --git a/ctdb/server/ctdb_recovery_helper.c 
b/ctdb/server/ctdb_recovery_helper.c
index 086dd16..5d1fee9 100644
--- a/ctdb/server/ctdb_recovery_helper.c
+++ b/ctdb/server/ctdb_recovery_helper.c
@@ -1398,6 +1398,7 @@ static struct tevent_req *collect_all_db_send(
        state->pnn_list = pnn_list;
        state->count = count;
        state->caps = caps;
+       state->ban_credits = ban_credits;
        state->db_id = db_id;
        state->recdb = recdb;
        state->index = 0;
diff --git a/ctdb/server/ctdb_takeover.c b/ctdb/server/ctdb_takeover.c
index 6fadbfb..2e4a8ab 100644
--- a/ctdb/server/ctdb_takeover.c
+++ b/ctdb/server/ctdb_takeover.c
@@ -1754,6 +1754,10 @@ int ctdb_takeover_run(struct ctdb_context *ctdb, struct 
ctdb_node_map_old *nodem
        bool *retry_data;
        bool can_host_ips;
 
+       /* Default timeout for early jump to IPREALLOCATED.  See below
+        * for explanation of 3 times... */
+       timeout = timeval_current_ofs(3 * ctdb->tunable.takeover_timeout, 0);
+
        /*
         * ip failover is completely disabled, just send out the 
         * ipreallocated event.
@@ -1831,6 +1835,20 @@ int ctdb_takeover_run(struct ctdb_context *ctdb, struct 
ctdb_node_map_old *nodem
 
        ZERO_STRUCT(ip); /* Avoid valgrind warnings for union */
 
+       /* Each of the following stages (RELEASE_IP, TAKEOVER_IP,
+        * IPREALLOCATED) notionally has a timeout of TakeoverTimeout
+        * seconds.  However, RELEASE_IP can take longer due to TCP
+        * connection killing, so sometimes needs more time.
+        * Therefore, use a cumulative timeout of TakeoverTimeout * 3
+        * seconds across all 3 stages.  No explicit expiry checks are
+        * needed before each stage because tevent is smart enough to
+        * fire the timeouts even if they are in the past.  Initialise
+        * this here so it explicitly covers the stages we're
+        * interested in but, in particular, not the time taken by the
+        * ipalloc().
+        */
+       timeout = timeval_current_ofs(3 * ctdb->tunable.takeover_timeout, 0);
+
        /* Send a RELEASE_IP to all nodes that should not be hosting
         * each IP.  For each IP, all but one of these will be
         * redundant.  However, the redundant ones are used to tell
@@ -1853,7 +1871,6 @@ int ctdb_takeover_run(struct ctdb_context *ctdb, struct 
ctdb_node_map_old *nodem
                        ip.pnn  = tmp_ip->pnn;
                        ip.addr = tmp_ip->addr;
 
-                       timeout = TAKEOVER_TIMEOUT();
                        data.dsize = sizeof(ip);
                        data.dptr  = (uint8_t *)&ip;
                        state = ctdb_control_send(ctdb, nodemap->nodes[i].pnn,
@@ -1896,7 +1913,6 @@ int ctdb_takeover_run(struct ctdb_context *ctdb, struct 
ctdb_node_map_old *nodem
                ip.pnn  = tmp_ip->pnn;
                ip.addr = tmp_ip->addr;
 
-               timeout = TAKEOVER_TIMEOUT();
                data.dsize = sizeof(ip);
                data.dptr  = (uint8_t *)&ip;
                state = ctdb_control_send(ctdb, tmp_ip->pnn,
@@ -1934,7 +1950,7 @@ ipreallocated:
 
        nodes = list_of_connected_nodes(ctdb, nodemap, tmp_ctx, true);
        ret = ctdb_client_async_control(ctdb, CTDB_CONTROL_IPREALLOCATED,
-                                       nodes, 0, TAKEOVER_TIMEOUT(),
+                                       nodes, 0, timeout,
                                        false, tdb_null,
                                        NULL, iprealloc_fail_callback,
                                        &iprealloc_data);
diff --git a/docs-xml/manpages/vfs_acl_tdb.8.xml 
b/docs-xml/manpages/vfs_acl_tdb.8.xml
index 460c844..407af74 100644
--- a/docs-xml/manpages/vfs_acl_tdb.8.xml
+++ b/docs-xml/manpages/vfs_acl_tdb.8.xml
@@ -40,6 +40,15 @@
        <filename>$LOCKDIR/file_ntacls.tdb</filename>.
        </para>
 
+       <para>
+       This module forces the following parameters:
+       <itemizedlist>
+       <listitem><para>inherit acls = true</para></listitem>
+       <listitem><para>dos filemode = true</para></listitem>
+       <listitem><para>force unknown acl user = true</para></listitem>
+       </itemizedlist>
+       </para>
+
        <para>This module is stackable.</para>
 </refsect1>
 
@@ -61,6 +70,46 @@
                access the data via Samba you might set this to yes to achieve
                better NT ACL compatibility.
                </para>
+
+               <para>
+               If <emphasis>acl_tdb:ignore system acls</emphasis>
+               is set to <emphasis>yes</emphasis>, the following
+               additional settings will be enforced:
+               <itemizedlist>
+               <listitem><para>create mask = 0666</para></listitem>
+               <listitem><para>directory mask = 0777</para></listitem>
+               <listitem><para>map archive = no</para></listitem>
+               <listitem><para>map hidden = no</para></listitem>
+               <listitem><para>map readonly = no</para></listitem>
+               <listitem><para>map system = no</para></listitem>
+               <listitem><para>store dos attributes = yes</para></listitem>
+               </itemizedlist>
+               </para>
+               </listitem>
+               </varlistentry>
+
+               <varlistentry>
+               <term>acl_tdb:default acl style = [posix|windows]</term>
+               <listitem>
+               <para>
+               This parameter determines the type of ACL that is synthesized in
+               case a file or directory lacks an
+               <emphasis>security.NTACL</emphasis> xattr.
+               </para>
+               <para>
+               When set to <emphasis>posix</emphasis>, an ACL will be
+               synthesized based on the POSIX mode permissions for user, group
+               and others, with an additional ACE for <emphasis>NT
+               Authority\SYSTEM</emphasis> will full rights.
+               </para>
+               <para>
+               When set to <emphasis>windows</emphasis>, an ACL is synthesized
+               the same way Windows does it, only including permissions for the
+               owner and <emphasis>NT Authority\SYSTEM</emphasis>.
+               </para>
+               <para>
+               The default for this option is <emphasis>posix</emphasis>.
+               </para>
                </listitem>
                </varlistentry>
        </variablelist>
diff --git a/docs-xml/manpages/vfs_acl_xattr.8.xml 
b/docs-xml/manpages/vfs_acl_xattr.8.xml
index b6f8c03..e021c84 100644
--- a/docs-xml/manpages/vfs_acl_xattr.8.xml
+++ b/docs-xml/manpages/vfs_acl_xattr.8.xml
@@ -44,6 +44,15 @@
        </command>).
        </para>
 
+       <para>
+       This module forces the following parameters:
+       <itemizedlist>
+       <listitem><para>inherit acls = true</para></listitem>
+       <listitem><para>dos filemode = true</para></listitem>
+       <listitem><para>force unknown acl user = true</para></listitem>
+       </itemizedlist>
+       </para>
+
        <para>This module is stackable.</para>
 </refsect1>
 
@@ -65,6 +74,46 @@
                access the data via Samba you might set this to yes to achieve
                better NT ACL compatibility.
                </para>
+
+               <para>
+               If <emphasis>acl_xattr:ignore system acls</emphasis>
+               is set to <emphasis>yes</emphasis>, the following
+               additional settings will be enforced:
+               <itemizedlist>
+               <listitem><para>create mask = 0666</para></listitem>
+               <listitem><para>directory mask = 0777</para></listitem>
+               <listitem><para>map archive = no</para></listitem>
+               <listitem><para>map hidden = no</para></listitem>
+               <listitem><para>map readonly = no</para></listitem>
+               <listitem><para>map system = no</para></listitem>
+               <listitem><para>store dos attributes = yes</para></listitem>
+               </itemizedlist>
+               </para>
+               </listitem>
+               </varlistentry>
+
+               <varlistentry>
+               <term>acl_xattr:default acl style = [posix|windows]</term>
+               <listitem>
+               <para>
+               This parameter determines the type of ACL that is synthesized in
+               case a file or directory lacks an
+               <emphasis>security.NTACL</emphasis> xattr.
+               </para>
+               <para>
+               When set to <emphasis>posix</emphasis>, an ACL will be
+               synthesized based on the POSIX mode permissions for user, group
+               and others, with an additional ACE for <emphasis>NT
+               Authority\SYSTEM</emphasis> will full rights.
+               </para>
+               <para>
+               When set to <emphasis>windows</emphasis>, an ACL is synthesized
+               the same way Windows does it, only including permissions for the
+               owner and <emphasis>NT Authority\SYSTEM</emphasis>.
+               </para>
+               <para>
+               The default for this option is <emphasis>posix</emphasis>.
+               </para>
                </listitem>
                </varlistentry>
        </variablelist>
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 82bd5b8..aef3fd7 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1699,6 +1699,15 @@ sub provision($$$$$$$$)
        vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
        inherit owner = yes
        include = $dfqconffile
+
+[acl_xattr_ign_sysacl_posix]
+       copy = tmp
+       acl_xattr:ignore system acls = yes
+       acl_xattr:default acl style = posix
+[acl_xattr_ign_sysacl_windows]
+       copy = tmp
+       acl_xattr:ignore system acls = yes
+       acl_xattr:default acl style = windows
        ";
        close(CONF);
 
diff --git a/source3/lib/poll_funcs/poll_funcs_tevent.c 
b/source3/lib/poll_funcs/poll_funcs_tevent.c
index 8fdf080..65adb2d 100644
--- a/source3/lib/poll_funcs/poll_funcs_tevent.c
+++ b/source3/lib/poll_funcs/poll_funcs_tevent.c
@@ -302,6 +302,9 @@ static int poll_funcs_state_destructor(struct 
poll_funcs_state *state)
        for (i=0; i<state->num_watches; i++) {
                TALLOC_FREE(state->watches[i]);
        }
+       for (i=0; i<state->num_contexts; i++) {
+               TALLOC_FREE(state->contexts[i]);
+       }
        return 0;
 }
 
@@ -315,15 +318,27 @@ static bool poll_funcs_context_slot_find(struct 
poll_funcs_state *state,
        struct poll_funcs_tevent_context **contexts;
        unsigned i;
 
+       /* Look for an existing match first. */
        for (i=0; i<state->num_contexts; i++) {
                struct poll_funcs_tevent_context *ctx = state->contexts[i];
 
-               if ((ctx == NULL) || (ctx->ev == ev)) {
+               if (ctx != NULL && ctx->ev == ev) {
                        *slot = i;
                        return true;
                }
        }
 
+       /* Now look for a free slot. */
+       for (i=0; i<state->num_contexts; i++) {
+               struct poll_funcs_tevent_context *ctx = state->contexts[i];
+
+               if (ctx == NULL) {
+                       *slot = i;
+                       return true;
+               }
+       }
+
+
        contexts = talloc_realloc(state, state->contexts,
                                  struct poll_funcs_tevent_context *,
                                  state->num_contexts + 1);
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index f5af666..9675fca 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -46,6 +46,47 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
                                SECINFO_DACL | \
                                SECINFO_SACL)
 
+enum default_acl_style {DEFAULT_ACL_POSIX, DEFAULT_ACL_WINDOWS};
+
+static const struct enum_list default_acl_style[] = {
+       {DEFAULT_ACL_POSIX,     "posix"},
+       {DEFAULT_ACL_WINDOWS,   "windows"}
+};
+
+struct acl_common_config {
+       bool ignore_system_acls;
+       enum default_acl_style default_acl_style;
+};
+
+static bool init_acl_common_config(vfs_handle_struct *handle)
+{
+       struct acl_common_config *config = NULL;
+
+       config = talloc_zero(handle->conn, struct acl_common_config);
+       if (config == NULL) {
+               DBG_ERR("talloc_zero() failed\n");
+               errno = ENOMEM;
+               return false;
+       }
+
+       config->ignore_system_acls = lp_parm_bool(SNUM(handle->conn),
+                                                 ACL_MODULE_NAME,
+                                                 "ignore system acls",
+                                                 false);
+       config->default_acl_style = lp_parm_enum(SNUM(handle->conn),
+                                                ACL_MODULE_NAME,
+                                                "default acl style",
+                                                default_acl_style,
+                                                DEFAULT_ACL_POSIX);
+
+       SMB_VFS_HANDLE_SET_DATA(handle, config, NULL,
+                               struct acl_common_config,
+                               return false);
+
+       return true;
+}
+
+
 /*******************************************************************
  Hash a security descriptor.
 *******************************************************************/
@@ -103,8 +144,8 @@ static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob,
                        (ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL);
 
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               DEBUG(5, ("parse_acl_blob: ndr_pull_xattr_NTACL failed: %s\n",
-                       ndr_errstr(ndr_err)));
+               DBG_INFO("ndr_pull_xattr_NTACL failed: %s\n",
+                        ndr_errstr(ndr_err));
                TALLOC_FREE(frame);
                return ndr_map_error2ntstatus(ndr_err);
        }
@@ -200,8 +241,8 @@ static NTSTATUS create_acl_blob(const struct 
security_descriptor *psd,
                        (ndr_push_flags_fn_t)ndr_push_xattr_NTACL);
 
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               DEBUG(5, ("create_acl_blob: ndr_push_xattr_NTACL failed: %s\n",
-                       ndr_errstr(ndr_err)));
+               DBG_INFO("ndr_push_xattr_NTACL failed: %s\n",
+                        ndr_errstr(ndr_err));
                return ndr_map_error2ntstatus(ndr_err);
        }
 
@@ -246,8 +287,8 @@ static NTSTATUS create_sys_acl_blob(const struct 
security_descriptor *psd,
                        (ndr_push_flags_fn_t)ndr_push_xattr_NTACL);
 
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               DEBUG(5, ("create_acl_blob: ndr_push_xattr_NTACL failed: %s\n",
-                       ndr_errstr(ndr_err)));
+               DBG_INFO("ndr_push_xattr_NTACL failed: %s\n",
+                        ndr_errstr(ndr_err));
                return ndr_map_error2ntstatus(ndr_err);
        }
 
@@ -304,10 +345,7 @@ static NTSTATUS 
add_directory_inheritable_components(vfs_handle_struct *handle,
 
        mode = dir_mode | file_mode;
 
-       DEBUG(10, ("add_directory_inheritable_components: directory %s, "
-               "mode = 0%o\n",
-               name,
-               (unsigned int)mode ));
+       DBG_DEBUG("directory %s, mode = 0%o\n", name, (unsigned int)mode);
 
        if (num_aces) {
                memcpy(new_ace_list, psd->dacl->aces,
@@ -359,10 +397,10 @@ static NTSTATUS 
add_directory_inheritable_components(vfs_handle_struct *handle,
        return NT_STATUS_OK;
 }
 
-static NTSTATUS make_default_filesystem_acl(TALLOC_CTX *ctx,
-                                           const char *name,
-                                           SMB_STRUCT_STAT *psbuf,
-                                           struct security_descriptor **ppdesc)
+static NTSTATUS make_default_acl_posix(TALLOC_CTX *ctx,
+                                      const char *name,
+                                      SMB_STRUCT_STAT *psbuf,
+                                      struct security_descriptor **ppdesc)
 {
        struct dom_sid owner_sid, group_sid;
        size_t size = 0;
@@ -372,17 +410,18 @@ static NTSTATUS make_default_filesystem_acl(TALLOC_CTX 
*ctx,
        struct security_acl *new_dacl = NULL;
        int idx = 0;
 
-       DEBUG(10,("make_default_filesystem_acl: file %s mode = 0%o\n",
-               name, (int)mode ));
+       DBG_DEBUG("file %s mode = 0%o\n",name, (int)mode);
 
        uid_to_sid(&owner_sid, psbuf->st_ex_uid);
        gid_to_sid(&group_sid, psbuf->st_ex_gid);
 
        /*
-        * We provide 2 ACEs:
-        * - Owner
-        * - NT System
-        */
+        We provide up to 4 ACEs
+               - Owner
+               - Group
+               - Everyone
+               - NT System
+       */
 
        if (mode & S_IRUSR) {
                if (mode & S_IWUSR) {
@@ -402,6 +441,39 @@ static NTSTATUS make_default_filesystem_acl(TALLOC_CTX 
*ctx,
                        0);
        idx++;
 
+       access_mask = 0;
+       if (mode & S_IRGRP) {
+               access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
+       }
+       if (mode & S_IWGRP) {
+               /* note that delete is not granted - this matches posix 
behaviour */
+               access_mask |= SEC_RIGHTS_FILE_WRITE;
+       }
+       if (access_mask) {
+               init_sec_ace(&aces[idx],
+                       &group_sid,
+                       SEC_ACE_TYPE_ACCESS_ALLOWED,
+                       access_mask,
+                       0);
+               idx++;
+       }
+
+       access_mask = 0;
+       if (mode & S_IROTH) {
+               access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
+       }
+       if (mode & S_IWOTH) {
+               access_mask |= SEC_RIGHTS_FILE_WRITE;
+       }
+       if (access_mask) {
+               init_sec_ace(&aces[idx],
+                       &global_sid_World,
+                       SEC_ACE_TYPE_ACCESS_ALLOWED,
+                       access_mask,
+                       0);
+               idx++;
+       }
+
        init_sec_ace(&aces[idx],
                        &global_sid_System,
                        SEC_ACE_TYPE_ACCESS_ALLOWED,
@@ -432,20 +504,131 @@ static NTSTATUS make_default_filesystem_acl(TALLOC_CTX 
*ctx,
        return NT_STATUS_OK;
 }
 
-/*******************************************************************
- Pull a DATA_BLOB from an xattr given a pathname.
- If the hash doesn't match, or doesn't exist - return the underlying
- filesystem sd.
-*******************************************************************/
+static NTSTATUS make_default_acl_windows(TALLOC_CTX *ctx,
+                                        const char *name,
+                                        SMB_STRUCT_STAT *psbuf,
+                                        struct security_descriptor **ppdesc)
+{
+       struct dom_sid owner_sid, group_sid;
+       size_t size = 0;
+       struct security_ace aces[4];
+       uint32_t access_mask = 0;
+       mode_t mode = psbuf->st_ex_mode;
+       struct security_acl *new_dacl = NULL;
+       int idx = 0;
 
-static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
-                                   files_struct *fsp,
-                                   const char *name,
-                                   uint32_t security_info,
-                                   TALLOC_CTX *mem_ctx,
-                                   struct security_descriptor **ppdesc)
+       DBG_DEBUG("file [%s] mode [0%o]\n", name, (int)mode);
+
+       uid_to_sid(&owner_sid, psbuf->st_ex_uid);
+       gid_to_sid(&group_sid, psbuf->st_ex_gid);
+
+       /*
+        * We provide 2 ACEs:
+        * - Owner
+        * - NT System
+        */
+
+       if (mode & S_IRUSR) {
+               if (mode & S_IWUSR) {
+                       access_mask |= SEC_RIGHTS_FILE_ALL;
+               } else {
+                       access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
+               }
+       }
+       if (mode & S_IWUSR) {
+               access_mask |= SEC_RIGHTS_FILE_WRITE | SEC_STD_DELETE;
+       }
+
+       init_sec_ace(&aces[idx],
+                    &owner_sid,
+                    SEC_ACE_TYPE_ACCESS_ALLOWED,


-- 
Samba Shared Repository

Reply via email to