The branch, master has been updated
via b749c923373 s3: smbd: SMB1 UNIX extensions - remove dead code.
via b784aee40ff s3: smbd: SMB1 UNIX extensions - POSIX mknod should
just create the object, not change attributes after.
via d8567d46bd7 s3: smbd: SMB1 UNIX extensions - only allow size change
on regular file.
via 4b25299c0d0 3: smbd: SMB1 UNIX extensions - For POSIX mknod we can
only create blk/chr/fifo/sock objects.
via 4ca0fcb2d4e s3: smbd: SMB1 UNIX extensions - Ensure POSIX mknod is
root-only.
from 35bb734d638 bootstrap: Fix centos7 image creation
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b749c923373c7ccdc68ba2aed42c614e6a11d353
Author: Jeremy Allison <j...@samba.org>
Date: Tue Oct 15 13:28:11 2019 -0700
s3: smbd: SMB1 UNIX extensions - remove dead code.
We no longer set delete_on_fail on return from mknod.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Wed Nov 6 19:31:00 UTC 2019 on sn-devel-184
commit b784aee40ffceae8332ff3aaa74c20539857ded6
Author: Jeremy Allison <j...@samba.org>
Date: Tue Oct 15 13:39:00 2019 -0700
s3: smbd: SMB1 UNIX extensions - POSIX mknod should just create the object,
not change attributes after.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit d8567d46bd7e371de83e4d1ee1592639eb6f0c06
Author: Jeremy Allison <j...@samba.org>
Date: Tue Oct 15 15:04:39 2019 -0700
s3: smbd: SMB1 UNIX extensions - only allow size change on regular file.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 4b25299c0d00b23c22be1e2a4eed3be5572e623a
Author: Jeremy Allison <j...@samba.org>
Date: Tue Oct 15 13:35:44 2019 -0700
3: smbd: SMB1 UNIX extensions - For POSIX mknod we can only create
blk/chr/fifo/sock objects.
Fail requests to create other object types.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 4ca0fcb2d4eec29fc75a285947a77974a0555bea
Author: Jeremy Allison <j...@samba.org>
Date: Tue Oct 15 13:25:14 2019 -0700
s3: smbd: SMB1 UNIX extensions - Ensure POSIX mknod is root-only.
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/trans2.c | 78 +++++++++++++++------------------------------------
1 file changed, 23 insertions(+), 55 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index bc4b3934c83..d5000e83cb1 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -8016,6 +8016,11 @@ static NTSTATUS smb_unix_mknod(connection_struct *conn,
#endif
switch (file_type) {
+ /* We can't create other objects here. */
+ case UNIX_TYPE_FILE:
+ case UNIX_TYPE_DIR:
+ case UNIX_TYPE_SYMLINK:
+ return NT_STATUS_ACCESS_DENIED;
#if defined(S_IFIFO)
case UNIX_TYPE_FIFO:
unixmode |= S_IFIFO;
@@ -8028,11 +8033,18 @@ static NTSTATUS smb_unix_mknod(connection_struct *conn,
#endif
#if defined(S_IFCHR)
case UNIX_TYPE_CHARDEV:
+ /* This is only allowed for root. */
+ if (get_current_uid(conn) != sec_initial_uid()) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
unixmode |= S_IFCHR;
break;
#endif
#if defined(S_IFBLK)
case UNIX_TYPE_BLKDEV:
+ if (get_current_uid(conn) != sec_initial_uid()) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
unixmode |= S_IFBLK;
break;
#endif
@@ -8091,12 +8103,10 @@ static NTSTATUS
smb_set_file_unix_basic(connection_struct *conn,
uid_t set_owner = (uid_t)SMB_UID_NO_CHANGE;
gid_t set_grp = (uid_t)SMB_GID_NO_CHANGE;
NTSTATUS status = NT_STATUS_OK;
- bool delete_on_fail = False;
enum perm_type ptype;
files_struct *all_fsps = NULL;
bool modify_mtime = true;
struct file_id id;
- struct smb_filename *smb_fname_tmp = NULL;
SMB_STRUCT_STAT sbuf;
ZERO_STRUCT(ft);
@@ -8148,42 +8158,10 @@ static NTSTATUS
smb_set_file_unix_basic(connection_struct *conn,
* a new info level should be used for mknod. JRA.
*/
- status = smb_unix_mknod(conn,
+ return smb_unix_mknod(conn,
pdata,
total_data,
smb_fname);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- smb_fname_tmp = cp_smb_filename(talloc_tos(), smb_fname);
- if (smb_fname_tmp == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- if (SMB_VFS_STAT(conn, smb_fname_tmp) != 0) {
- status = map_nt_error_from_unix(errno);
- TALLOC_FREE(smb_fname_tmp);
- SMB_VFS_UNLINKAT(conn,
- conn->cwd_fsp,
- smb_fname,
- 0);
- return status;
- }
-
- sbuf = smb_fname_tmp->st;
- smb_fname = smb_fname_tmp;
-
- /* Ensure we don't try and change anything else. */
- raw_unixmode = SMB_MODE_NO_CHANGE;
- size = get_file_size_stat(&sbuf);
- ft.atime = sbuf.st_ex_atime;
- ft.mtime = sbuf.st_ex_mtime;
- /*
- * We continue here as we might want to change the
- * owner uid/gid.
- */
- delete_on_fail = True;
}
#if 1
@@ -8243,12 +8221,6 @@ static NTSTATUS
smb_set_file_unix_basic(connection_struct *conn,
if (ret != 0) {
status = map_nt_error_from_unix(errno);
- if (delete_on_fail) {
- SMB_VFS_UNLINKAT(conn,
- conn->cwd_fsp,
- smb_fname,
- 0);
- }
return status;
}
}
@@ -8277,26 +8249,22 @@ static NTSTATUS
smb_set_file_unix_basic(connection_struct *conn,
}
if (ret != 0) {
status = map_nt_error_from_unix(errno);
- if (delete_on_fail) {
- SMB_VFS_UNLINKAT(conn,
- conn->cwd_fsp,
- smb_fname,
- 0);
- }
return status;
}
}
/* Deal with any size changes. */
- status = smb_set_file_size(conn, req,
- fsp,
- smb_fname,
- &sbuf,
- size,
- false);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ if (S_ISREG(sbuf.st_ex_mode)) {
+ status = smb_set_file_size(conn, req,
+ fsp,
+ smb_fname,
+ &sbuf,
+ size,
+ false);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
}
/* Deal with any time changes. */
--
Samba Shared Repository
