The branch, v4-14-test has been updated via 9baa3dddd0d smbd: don't overwrite _mode if neither a msdfs symlink nor get_dosmode is requested via c19d3eacc2f CI: verify a symlink has FILE_ATTRIBUTE_NORMAL set via cc3c704a84f vfs_aixacl: fix regression from f4c2f867f035fcbe3d547d5635d058b0aec7636a via 72dcae2f569 vfs: restore platform specific POSIX sys_acl_set_file() functions via 51577d22ef6 smbd: In conn_force_tdis_done() when forcing a connection closed force a full reload of services. from 42dbd31f739 dbcheck: Check Deleted Objects and reduce noise in reports about expired tombstones
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-14-test - Log ----------------------------------------------------------------- commit 9baa3dddd0d3aa6c7de04ee4a00f7164ac93b6c8 Author: Ralph Boehme <s...@samba.org> Date: Mon Feb 1 12:37:10 2021 +0100 smbd: don't overwrite _mode if neither a msdfs symlink nor get_dosmode is requested BUG: https://bugzilla.samba.org/show_bug.cgi?id=14629 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit d78964c40b5ca5ee0658c46d492b3dcd6f6b4b94) Autobuild-User(v4-14-test): Karolin Seeger <ksee...@samba.org> Autobuild-Date(v4-14-test): Fri Feb 26 10:00:59 UTC 2021 on sn-devel-184 commit c19d3eacc2f3626622905e9725ddb96e27ca1fe2 Author: Ralph Boehme <s...@samba.org> Date: Mon Feb 1 14:44:03 2021 +0100 CI: verify a symlink has FILE_ATTRIBUTE_NORMAL set Not that it really makes sense to set FILE_ATTRIBUTE_NORMAL for symlinks in POSIX client context, but that's what we had before 4.14. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14629 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 5572ae296e720a00ab438d7b50cfc458af631f69) commit cc3c704a84fcf511debfcbbb1a40794111a836e1 Author: Ralph Boehme <s...@samba.org> Date: Tue Jan 26 10:55:42 2021 +0100 vfs_aixacl: fix regression from f4c2f867f035fcbe3d547d5635d058b0aec7636a BUG: https://bugzilla.samba.org/show_bug.cgi?id=14620 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Björn Jacke <bja...@samba.org> Autobuild-User(master): Ralph Böhme <s...@samba.org> Autobuild-Date(master): Tue Jan 26 20:05:39 UTC 2021 on sn-devel-184 (cherry picked from commit 7114150f43751ab869323b91da83705b1e1ab465) commit 72dcae2f56975804b3231315149c0a60a95c201d Author: Ralph Boehme <s...@samba.org> Date: Tue Jan 26 15:50:00 2021 +0100 vfs: restore platform specific POSIX sys_acl_set_file() functions 92b149954237a445594c993b79a860c63113d54b removed SMB_VFS_SYS_ACL_SET_FILE() and all the VFS module implementations. But sys_acl_set_file() in vfs_default calls into sys_acl_set_file() in sysacls.c which calls back into platform specific modules. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14619 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Björn Jacke <bja...@samba.org> Autobuild-User(master): Ralph Böhme <s...@samba.org> Autobuild-Date(master): Thu Jan 28 15:21:02 UTC 2021 on sn-devel-184 (cherry picked from commit c8c2aef0ac613849d641e39193448f3e512caccf) commit 51577d22ef6dcb6099b87295262d84c3a7e989d2 Author: Jeremy Allison <j...@samba.org> Date: Tue Jan 26 21:29:58 2021 -0800 smbd: In conn_force_tdis_done() when forcing a connection closed force a full reload of services. Prevents reload_services() caching the fact it might be called multiple times in a row. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14604 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> (cherry picked from commit e4c8cd0781aef2a29bb4db1314c9fcd4f6edcecd) ----------------------------------------------------------------------- Summary of changes: source3/modules/vfs_aixacl.c | 27 +++++++++-- source3/modules/vfs_solarisacl.c | 97 ++++++++++++++++++++++++++++++++++++++++ source3/modules/vfs_tru64acl.c | 46 +++++++++++++++++++ source3/smbd/conn_idle.c | 10 ++++- source3/smbd/trans2.c | 16 ++++--- source3/torture/test_posix.c | 14 ++++++ 6 files changed, 199 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_aixacl.c b/source3/modules/vfs_aixacl.c index f7493794a45..e4c5f1ef7e2 100644 --- a/source3/modules/vfs_aixacl.c +++ b/source3/modules/vfs_aixacl.c @@ -133,6 +133,27 @@ SMB_ACL_T aixacl_sys_acl_get_fd(vfs_handle_struct *handle, return NULL;*/ } +int aixacl_sys_acl_set_file(vfs_handle_struct *handle, + const struct smb_filename *smb_fname, + SMB_ACL_TYPE_T type, + SMB_ACL_T theacl) +{ + struct acl *file_acl = NULL; + unsigned int rc; + + file_acl = aixacl_smb_to_aixacl(type, theacl); + if (!file_acl) + return -1; + + rc = chacl((char *)smb_fname->base_name,file_acl,file_acl->acl_len); + DEBUG(10,("errno is %d\n",errno)); + DEBUG(10,("return code is %d\n",rc)); + SAFE_FREE(file_acl); + DEBUG(10,("Exiting the aixacl_sys_acl_set_file\n")); + + return rc; +} + int aixacl_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, SMB_ACL_TYPE_T type, @@ -149,9 +170,9 @@ int aixacl_sys_acl_set_fd(vfs_handle_struct *handle, /* * This is no longer a handle based call. */ - return = chacl(fsp->fsp_name->base_name, - file_acl, - file_acl->acl_len); + return chacl(fsp->fsp_name->base_name, + file_acl, + file_acl->acl_len); } rc = fchacl(fsp_get_io_fd(fsp),file_acl,file_acl->acl_len); diff --git a/source3/modules/vfs_solarisacl.c b/source3/modules/vfs_solarisacl.c index b43a57c9c9f..1b3b4ba0706 100644 --- a/source3/modules/vfs_solarisacl.c +++ b/source3/modules/vfs_solarisacl.c @@ -135,6 +135,103 @@ SMB_ACL_T solarisacl_sys_acl_get_fd(vfs_handle_struct *handle, return result; } +int solarisacl_sys_acl_set_file(vfs_handle_struct *handle, + const struct smb_filename *smb_fname_in, + SMB_ACL_TYPE_T type, + SMB_ACL_T theacl) +{ + int ret = -1; + SOLARIS_ACL_T solaris_acl = NULL; + int count; + struct smb_filename *smb_fname = NULL; + + smb_fname = cp_smb_filename_nostream(talloc_tos(), smb_fname_in); + if (smb_fname == NULL) { + errno = ENOMEM; + goto done; + } + + DEBUG(10, ("solarisacl_sys_acl_set_file called for file '%s'\n", + smb_fname->base_name)); + + if ((type != SMB_ACL_TYPE_ACCESS) && (type != SMB_ACL_TYPE_DEFAULT)) { + errno = EINVAL; + DEBUG(10, ("invalid smb acl type given (%d).\n", type)); + goto done; + } + DEBUGADD(10, ("setting %s acl\n", + ((type == SMB_ACL_TYPE_ACCESS) ? "access" : "default"))); + + if(!smb_acl_to_solaris_acl(theacl, &solaris_acl, &count, type)) { + DEBUG(10, ("conversion smb_acl -> solaris_acl failed (%s).\n", + strerror(errno))); + goto done; + } + + /* + * if the file is a directory, there is extra work to do: + * since the solaris acl call stores both the access acl and + * the default acl as provided, we have to get the acl part + * that has not been specified in "type" from the file first + * and concatenate it with the acl provided. + * + * We can directly use SMB_VFS_STAT here, as if this was a + * POSIX call on a symlink, we've already refused it. + * For a Windows acl mapped call on a symlink, we want to follow + * it. + */ + ret = SMB_VFS_STAT(handle->conn, smb_fname); + if (ret != 0) { + DEBUG(10, ("Error in stat call: %s\n", strerror(errno))); + goto done; + } + if (S_ISDIR(smb_fname->st.st_ex_mode)) { + SOLARIS_ACL_T other_acl = NULL; + int other_count; + SMB_ACL_TYPE_T other_type; + + other_type = (type == SMB_ACL_TYPE_ACCESS) + ? SMB_ACL_TYPE_DEFAULT + : SMB_ACL_TYPE_ACCESS; + DEBUGADD(10, ("getting acl from filesystem\n")); + if (!solaris_acl_get_file(smb_fname->base_name, + &other_acl, &other_count)) { + DEBUG(10, ("error getting acl from directory\n")); + goto done; + } + DEBUG(10, ("adding %s part of fs acl to given acl\n", + ((other_type == SMB_ACL_TYPE_ACCESS) + ? "access" + : "default"))); + if (!solaris_add_to_acl(&solaris_acl, &count, other_acl, + other_count, other_type)) + { + DEBUG(10, ("error adding other acl.\n")); + SAFE_FREE(other_acl); + goto done; + } + SAFE_FREE(other_acl); + } + else if (type != SMB_ACL_TYPE_ACCESS) { + errno = EINVAL; + goto done; + } + + if (!solaris_acl_sort(solaris_acl, count)) { + DEBUG(10, ("resulting acl is not valid!\n")); + goto done; + } + + ret = acl(smb_fname->base_name, SETACL, count, solaris_acl); + + done: + DEBUG(10, ("solarisacl_sys_acl_set_file %s.\n", + ((ret != 0) ? "failed" : "succeeded"))); + SAFE_FREE(solaris_acl); + TALLOC_FREE(smb_fname); + return ret; +} + /* * set the access ACL on the file referred to by a fd */ diff --git a/source3/modules/vfs_tru64acl.c b/source3/modules/vfs_tru64acl.c index 12b50ea042c..24e9a69bf89 100644 --- a/source3/modules/vfs_tru64acl.c +++ b/source3/modules/vfs_tru64acl.c @@ -87,6 +87,52 @@ SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle, return result; } +int tru64acl_sys_acl_set_file(vfs_handle_struct *handle, + const struct smb_filename *smb_fname, + SMB_ACL_TYPE_T type, + SMB_ACL_T theacl) +{ + int res; + acl_type_t the_acl_type; + acl_t tru64_acl; + + DEBUG(10, ("tru64acl_sys_acl_set_file called with name %s, type %d\n", + smb_fname->base_name, type)); + + switch(type) { + case SMB_ACL_TYPE_ACCESS: + DEBUGADD(10, ("got acl type ACL_TYPE_ACCESS\n")); + the_acl_type = ACL_TYPE_ACCESS; + break; + case SMB_ACL_TYPE_DEFAULT: + DEBUGADD(10, ("got acl type ACL_TYPE_DEFAULT\n")); + the_acl_type = ACL_TYPE_DEFAULT; + break; + default: + DEBUGADD(10, ("invalid acl type\n")); + errno = EINVAL; + goto fail; + } + + tru64_acl = smb_acl_to_tru64_acl(theacl); + if (tru64_acl == NULL) { + DEBUG(10, ("smb_acl_to_tru64_acl failed!\n")); + goto fail; + } + DEBUG(10, ("got tru64 acl...\n")); + res = acl_set_file((char *)smb_fname->base_name, + the_acl_type, tru64_acl); + acl_free(tru64_acl); + if (res != 0) { + DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno))); + goto fail; + } + return res; +fail: + DEBUG(1, ("tru64acl_sys_acl_set_file failed!\n")); + return -1; +} + int tru64acl_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, SMB_ACL_TYPE_T type, diff --git a/source3/smbd/conn_idle.c b/source3/smbd/conn_idle.c index ca697383877..56a6ef896fb 100644 --- a/source3/smbd/conn_idle.c +++ b/source3/smbd/conn_idle.c @@ -273,5 +273,13 @@ static void conn_force_tdis_done(struct tevent_req *req) * uid in the meantime. Ensure we're still root. */ change_to_root_user(); - reload_services(sconn, conn_snum_used, true); + /* + * Use 'false' in the last parameter (test) to force + * a full reload of services. Prevents + * reload_services caching the fact it's + * been called multiple times in a row. + * See BUG: https://bugzilla.samba.org/show_bug.cgi?id=14604 + * for details. + */ + reload_services(sconn, conn_snum_used, false); } diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index f3a0d7da75f..7196b0fcc72 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -1755,7 +1755,6 @@ static bool smbd_dirptr_lanman2_mode_fn(TALLOC_CTX *ctx, struct smbd_dirptr_lanman2_state *state = (struct smbd_dirptr_lanman2_state *)private_data; bool ms_dfs_link = false; - uint32_t mode = 0; if (smb_fname->flags & SMB_FILENAME_POSIX_PATH) { if (SMB_VFS_LSTAT(state->conn, smb_fname) != 0) { @@ -1765,6 +1764,7 @@ static bool smbd_dirptr_lanman2_mode_fn(TALLOC_CTX *ctx, strerror(errno))); return false; } + return true; } else if (!VALID_STAT(smb_fname->st) && SMB_VFS_STAT(state->conn, smb_fname) != 0) { /* Needed to show the msdfs symlinks as @@ -1779,16 +1779,18 @@ static bool smbd_dirptr_lanman2_mode_fn(TALLOC_CTX *ctx, strerror(errno))); return false; } + + *_mode = dos_mode_msdfs(state->conn, smb_fname); + return true; } - if (ms_dfs_link) { - mode = dos_mode_msdfs(state->conn, smb_fname); - } else if (get_dosmode) { - mode = fdos_mode(smb_fname->fsp); - smb_fname->st = smb_fname->fsp->fsp_name->st; + if (!get_dosmode) { + return true; } - *_mode = mode; + *_mode = fdos_mode(smb_fname->fsp); + smb_fname->st = smb_fname->fsp->fsp_name->st; + return true; } diff --git a/source3/torture/test_posix.c b/source3/torture/test_posix.c index 415460cf86c..3ccb51d222b 100644 --- a/source3/torture/test_posix.c +++ b/source3/torture/test_posix.c @@ -31,6 +31,7 @@ struct posix_test_entry { const char *name; const char *target; const char *expected; + uint32_t attr; uint64_t returned_size; bool ok; }; @@ -44,6 +45,9 @@ static NTSTATUS posix_ls_fn(struct file_info *finfo, for (; state->name != NULL; state++) { if (strequal(finfo->name, state->expected)) { + if (state->attr != finfo->attr) { + break; + } state->ok = true; state->returned_size = finfo->size; break; @@ -57,6 +61,7 @@ static void posix_test_entries_reset(struct posix_test_entry *state) { for (; state->name != NULL; state++) { state->ok = false; + state->returned_size = 0; } } @@ -111,14 +116,17 @@ bool run_posix_ls_wildcard_test(int dummy) .name = symlnk_dangling, .target = symlnk_dst_dangling, .expected = symlnk_dangling, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_in_share, .target = symlnk_dst_in_share, .expected = symlnk_in_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_outside_share, .target = symlnk_dst_outside_share, .expected = symlnk_outside_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = NULL, } @@ -275,14 +283,17 @@ bool run_posix_ls_single_test(int dummy) .name = symlnk_dangling, .target = symlnk_dst_dangling, .expected = symlnk_dangling, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_in_share, .target = symlnk_dst_in_share, .expected = symlnk_in_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_outside_share, .target = symlnk_dst_outside_share, .expected = symlnk_outside_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = NULL, } @@ -457,14 +468,17 @@ bool run_posix_readlink_test(int dummy) .name = symlnk_dangling, .target = symlnk_dst_dangling, .expected = symlnk_dangling, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_in_share, .target = symlnk_dst_in_share, .expected = symlnk_in_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = symlnk_outside_share, .target = symlnk_dst_outside_share, .expected = symlnk_outside_share, + .attr = FILE_ATTRIBUTE_NORMAL, }, { .name = NULL, } -- Samba Shared Repository