The branch, master has been updated
via 6d928eb1e8e smbd: only open full fd for directories if needed
via e71e373a07e smbd: drop requirement for full open for
READ_CONTROL_ACCESS, WRITE_DAC_ACCESS and WRITE_OWNER_ACCESS
from 7818513053a samba-bgqd: Fix samba-bgqd with
"clustering=yes"/"include=registry"
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6d928eb1e8ea44f0d0aea4ec9b1b7c385a281193
Author: Ralph Boehme <s...@samba.org>
Date: Tue Jun 29 12:47:34 2021 +0200
smbd: only open full fd for directories if needed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700
RN: File owner not available when file unreadable
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Mon Aug 2 18:05:04 UTC 2021 on sn-devel-184
commit e71e373a07e467ff2d2328f39bd2bc285e2ba840
Author: Ralph Boehme <s...@samba.org>
Date: Sat May 8 21:45:25 2021 +0200
smbd: drop requirement for full open for READ_CONTROL_ACCESS,
WRITE_DAC_ACCESS and WRITE_OWNER_ACCESS
This was needed before we had pathref fsps, with pathref fsps we can do
operation requiring WRITE_OWNER_ACCESS, WRITE_DAC_ACCESS and
READ_CONTROL_ACCESS
on the pathref fsp.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/open.c | 31 +++++++++++++++++++++----------
1 file changed, 21 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index c29662b4fd2..968dd8ecb00 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1279,10 +1279,7 @@ static NTSTATUS open_file(files_struct *fsp,
FILE_WRITE_DATA |
FILE_APPEND_DATA |
FILE_EXECUTE |
- WRITE_DAC_ACCESS |
- WRITE_OWNER_ACCESS |
- SEC_FLAG_SYSTEM_SECURITY |
- READ_CONTROL_ACCESS;
+ SEC_FLAG_SYSTEM_SECURITY;
bool creating = !file_existed && (flags & O_CREAT);
bool truncating = (flags & O_TRUNC);
bool open_fd = false;
@@ -4407,6 +4404,7 @@ static NTSTATUS open_directory(connection_struct *conn,
struct timespec mtimespec;
int info = 0;
bool ok;
+ uint32_t need_fd_access;
if (is_ntfs_stream_smb_fname(smb_dname)) {
DEBUG(2, ("open_directory: %s is a stream name!\n",
@@ -4599,12 +4597,25 @@ static NTSTATUS open_directory(connection_struct *conn,
*/
mtimespec = make_omit_timespec();
- status = reopen_from_fsp(fsp, O_RDONLY|O_DIRECTORY, 0, NULL);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_INFO("Could not open fd for%s (%s)\n",
- smb_fname_str_dbg(smb_dname),
- nt_errstr(status));
- return status;
+ /*
+ * Obviously for FILE_LIST_DIRECTORY we need to reopen to get an fd
+ * usable for reading a directory. SMB2_FLUSH may be called on
+ * directories opened with FILE_ADD_FILE and FILE_ADD_SUBDIRECTORY so
+ * for those we need to reopen as well.
+ */
+ need_fd_access =
+ FILE_LIST_DIRECTORY |
+ FILE_ADD_FILE |
+ FILE_ADD_SUBDIRECTORY;
+
+ if (access_mask & need_fd_access) {
+ status = reopen_from_fsp(fsp, O_RDONLY | O_DIRECTORY, 0, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_INFO("Could not open fd for [%s]: %s\n",
+ smb_fname_str_dbg(smb_dname),
+ nt_errstr(status));
+ return status;
+ }
}
status = vfs_stat_fsp(fsp);
--
Samba Shared Repository
