The branch, v4-15-test has been updated
via 57ffd32d455 s3: smbspool. Remove last use of 'extern char
**environ;'.
via d3b3aa9e19f Fix detection of rpc/xdr.h on macOS
via 0d59b1fb326 vfs_preopen.c: Fix -Wformat error on macOS
via 3ded98767d3 source3/smbd/statcache.c: Fix -Wformat build error on
macOS
via 4c89d9169a4 sec_ctx.c: Fix -Wunused-function warning on macOS
via 0daa3af7042 source3/printing/queue_process.c: fix build on macOS
via 80e9d89a97b audit_logging.c: fix compilation on macOS
via 448f2acdcea charset_macosxfs.c: fix compilation on macOS
via d3df31162f0 ctdb-tests: add a comment to the generated
public_addresses file used by eventscript UNIT tests
via 63a3b7838e1 ctdb-tests: Fix typo in ctdb stub comment matching
via 36621069e26 ctdb-scripts: filter out comments in public_addresses
file
via dffca59ded1 s3: VFS: zfsacl: Ensure we use a pathref fd, not an io
fd, for getting/setting ZFS ACLs.
via f2455a9023c s3: smbd: Ensure when we change security context we
delete any $cwd cache.
via a55d4fe2208 s3: selftest: Add regression test to show the $cwd
cache is misbehaving when we connect as a different user on a share.
from 86738410826 .gitlab-ci: Allow a 1 hour to build Samba
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-15-test
- Log -----------------------------------------------------------------
commit 57ffd32d455a4cf573eb886a6bde5ac57741c046
Author: Jeremy Allison <j...@samba.org>
Date: Wed Oct 13 09:46:07 2021 -0700
s3: smbspool. Remove last use of 'extern char **environ;'.
This should come from lib/replace/replace.h to cope with
system (MacOSX etc.) differences.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Autobuild-User(master): Andrew Bartlett <abart...@samba.org>
Autobuild-Date(master): Thu Oct 14 19:51:59 UTC 2021 on sn-devel-184
(cherry picked from commit 1d3e118f6f2274a67cdb8141dc8dade0c571c8f5)
Autobuild-User(v4-15-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-15-test): Mon Oct 18 09:07:06 UTC 2021 on sn-devel-184
commit d3b3aa9e19f3b9b3231d75ae56debce36e84d593
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 14:42:57 2021 +0100
Fix detection of rpc/xdr.h on macOS
We need to include rpc/types.h first to include this header.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Wed Oct 13 02:33:05 UTC 2021 on sn-devel-184
(cherry picked from commit fc2347be4ed9a9083a56468ca5e43070059038c5)
commit 0d59b1fb326196c1dd58aeaf69c9f2f89311f761
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 14:42:25 2021 +0100
vfs_preopen.c: Fix -Wformat error on macOS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit 99ee7f3d89cce9b07b8ed3f55f7e8e67baed6ee1)
commit 3ded98767d34938c12f2b5d723a41d09391f48ae
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 13:29:54 2021 +0100
source3/smbd/statcache.c: Fix -Wformat build error on macOS
The format string uses PRIx64, so we should be using uint64_t and not
uintmax_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit 1d893f723207040c285ed061db3a690099f8c929)
commit 4c89d9169a4173997820e6ad1603bdb30ebfd808
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 13:27:41 2021 +0100
sec_ctx.c: Fix -Wunused-function warning on macOS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit 6dadf251fc02c2b3237c48d316f5cb8791ab4f76)
commit 0daa3af704218656414d1d941425881345bb1b70
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 13:25:04 2021 +0100
source3/printing/queue_process.c: fix build on macOS
On macOS environ is defined to (*_NSGetEnviron()) in lib/replace/replace.h
and otherwise the `extern char **environ` can be found there.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit e4eb1f151011d2bd6a2d39b156663ddd9126d345)
commit 80e9d89a97baa42f261e75c4f33db84aa79d17bb
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 12:57:03 2021 +0100
audit_logging.c: fix compilation on macOS
On macOS tv_usec is an int so failus the build with -Werror,-Wformat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit d3675e66fe8eec15076c6b88e47b627ee80c6f9e)
commit 448f2acdcea4b6c7f3e5b14a9852dfcbe455305f
Author: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Date: Wed Sep 8 12:52:57 2021 +0100
charset_macosxfs.c: fix compilation on macOS
The DEBUG macro was missing and the CFStringGetBytes() was triggering a
-Werror,-Wpointer-sign build failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <alexander.richard...@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit 2564e96e8319b4cb4c987dd2a03cf8a293db985a)
commit d3df31162f0a36b7c813b5ffce158586536c1aa4
Author: Ralph Boehme <s...@samba.org>
Date: Fri Oct 8 05:58:37 2021 +0200
ctdb-tests: add a comment to the generated public_addresses file used by
eventscript UNIT tests
test stub code has been updated to handle this, so now let's put it
to work.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
RN: Correctly ignore comments in CTDB public addresses file
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
(cherry picked from commit 4e3676cb3c4d24cd4c287703d2cd812a2a8c36ff)
commit 63a3b7838e19dd414580df91f11b40a5cd065cbc
Author: Martin Schwenke <mar...@meltin.net>
Date: Tue Oct 12 12:19:27 2021 +1100
ctdb-tests: Fix typo in ctdb stub comment matching
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
Signed-off-by: Martin Schwenke <mar...@meltin.net>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5426c104f5090751c1ea02f0c0667d8d071a4a83)
commit 36621069e261ed521b4b61495c14b949f543e2cc
Author: Ralph Boehme <s...@samba.org>
Date: Wed Sep 8 16:53:12 2021 +0200
ctdb-scripts: filter out comments in public_addresses file
Note that order of sed expressions matters: the expression to delete
comment lines must come first as the second expression would transform
# comment
to
comment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Martin Schwenke <mar...@meltin.net>
(cherry picked from commit 530e8d4b9e47601b88e20bcaefa2d502efcebe60)
commit dffca59ded19f39af7302ce6a42cbdfb06751486
Author: Jeremy Allison <j...@samba.org>
Date: Mon Oct 11 12:26:57 2021 -0700
s3: VFS: zfsacl: Ensure we use a pathref fd, not an io fd, for
getting/setting ZFS ACLs.
Don't use path-based calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14685
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Böhme <s...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Tue Oct 12 18:14:27 UTC 2021 on sn-devel-184
(cherry picked from commit 0a376b23dbaaec551d0ed48b7098129c09eec1bc)
commit f2455a9023ca39e32b38a3f905aaf477bc90463f
Author: Jeremy Allison <j...@samba.org>
Date: Thu Oct 7 14:11:25 2021 -0700
s3: smbd: Ensure when we change security context we delete any $cwd cache.
This will ensure we *always* call into the VFS_SMB_CHDIR backends
on security context switch. The $cwd was an optimization that
was only looking at the raw filesystem path. We could delete it
completely but that is a patch for another day.
Remove knownfail on regression test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
RN: vfs_shadow_copy2: core dump in make_relative_path
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Fri Oct 8 21:28:04 UTC 2021 on sn-devel-184
(cherry picked from commit 4fe965836243928ac33eb95a67d3e889fdc15861)
commit a55d4fe22086ff4a8b66f00e4496d91556210384
Author: Jeremy Allison <j...@samba.org>
Date: Thu Oct 7 14:08:48 2021 -0700
s3: selftest: Add regression test to show the $cwd cache is misbehaving
when we connect as a different user on a share.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
Signed-off-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 954e637ddc6f0f5291d0a15cdbcbc6a4f7a6cb13)
-----------------------------------------------------------------------
Summary of changes:
ctdb/config/events/legacy/10.interface.script | 3 +-
ctdb/config/functions | 3 +
ctdb/tests/UNIT/eventscripts/scripts/local.sh | 1 +
ctdb/tests/UNIT/eventscripts/stubs/ctdb | 2 +-
lib/audit_logging/audit_logging.c | 2 +-
lib/util/charset/charset_macosxfs.c | 3 +-
source3/client/smbspool_krb5_wrapper.c | 5 +-
source3/modules/vfs_preopen.c | 2 +-
source3/modules/vfs_zfsacl.c | 17 ++---
source3/printing/queue_process.c | 2 -
source3/script/tests/test_chdir_cache.sh | 102 ++++++++++++++++++++++++++
source3/selftest/tests.py | 9 +++
source3/smbd/sec_ctx.c | 28 ++++---
source3/smbd/statcache.c | 2 +-
source3/wscript | 2 +-
15 files changed, 150 insertions(+), 33 deletions(-)
create mode 100755 source3/script/tests/test_chdir_cache.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/config/events/legacy/10.interface.script
b/ctdb/config/events/legacy/10.interface.script
index 72e0c101d47..d87f6c52c58 100755
--- a/ctdb/config/events/legacy/10.interface.script
+++ b/ctdb/config/events/legacy/10.interface.script
@@ -25,7 +25,8 @@ fi
get_all_interfaces ()
{
# Get all the interfaces listed in the public_addresses file
- all_interfaces=$(sed -e 's/^[^\t ]*[\t ]*//' \
+ all_interfaces=$(sed -e '/^#.*/d' \
+ -e 's/^[^\t ]*[\t ]*//' \
-e 's/,/ /g' \
-e 's/[\t ]*$//' "$ctdb_public_addresses")
diff --git a/ctdb/config/functions b/ctdb/config/functions
index 2395d8d4dc8..a4e73ad0594 100755
--- a/ctdb/config/functions
+++ b/ctdb/config/functions
@@ -611,6 +611,9 @@ drop_all_public_ips ()
# _x is intentionally ignored
# shellcheck disable=SC2034
while read _ip _x ; do
+ case "$_ip" in
+ \#*) continue ;;
+ esac
drop_ip "$_ip"
done <"${CTDB_BASE}/public_addresses"
}
diff --git a/ctdb/tests/UNIT/eventscripts/scripts/local.sh
b/ctdb/tests/UNIT/eventscripts/scripts/local.sh
index 0f78fcb3845..7460bf9748e 100644
--- a/ctdb/tests/UNIT/eventscripts/scripts/local.sh
+++ b/ctdb/tests/UNIT/eventscripts/scripts/local.sh
@@ -282,6 +282,7 @@ setup_public_addresses ()
echo "Setting up public addresses in ${_f}"
cat >"$_f" <<EOF
+# This is a comment
10.0.0.1/24 dev123
10.0.0.2/24 dev123
10.0.0.3/24 dev123
diff --git a/ctdb/tests/UNIT/eventscripts/stubs/ctdb
b/ctdb/tests/UNIT/eventscripts/stubs/ctdb
index 12627de16a5..fc7bd4fdd84 100755
--- a/ctdb/tests/UNIT/eventscripts/stubs/ctdb
+++ b/ctdb/tests/UNIT/eventscripts/stubs/ctdb
@@ -425,7 +425,7 @@ ctdb_ifaces()
# Assume -Y.
echo "|Name|LinkStatus|References|"
while read _ip _iface ; do
- case "_$ip" in
+ case "$_ip" in
\#*) : ;;
*)
_status=1
diff --git a/lib/audit_logging/audit_logging.c
b/lib/audit_logging/audit_logging.c
index 9fe2d3ba45d..87378e1bb95 100644
--- a/lib/audit_logging/audit_logging.c
+++ b/lib/audit_logging/audit_logging.c
@@ -70,7 +70,7 @@ char* audit_get_timestamp(TALLOC_CTX *frame)
strftime(buffer, sizeof(buffer)-1, "%a, %d %b %Y %H:%M:%S", tm_info);
strftime(tz, sizeof(tz)-1, "%Z", tm_info);
- ts = talloc_asprintf(frame, "%s.%06ld %s", buffer, tv.tv_usec, tz);
+ ts = talloc_asprintf(frame, "%s.%06ld %s", buffer, (long)tv.tv_usec,
tz);
if (ts == NULL) {
DBG_ERR("Out of memory formatting time stamp\n");
}
diff --git a/lib/util/charset/charset_macosxfs.c
b/lib/util/charset/charset_macosxfs.c
index 55a6df85fb7..75dbb4bad87 100644
--- a/lib/util/charset/charset_macosxfs.c
+++ b/lib/util/charset/charset_macosxfs.c
@@ -32,6 +32,7 @@
#include "replace.h"
#include "charset.h"
#include "charset_proto.h"
+#include "lib/util/debug.h"
#undef realloc
#ifdef DARWINOS
@@ -378,7 +379,7 @@ size_t macosxfs_encoding_push(
charsconverted = CFStringGetBytes(
cfstring, CFRangeMake(0,cfsize),
script_code, 0, false,
- *outbuf, *outbytesleft, &outsize);
+ *(UInt8 **)outbuf, *outbytesleft, &outsize);
if (0 == charsconverted) {
debug_out("String conversion: "
diff --git a/source3/client/smbspool_krb5_wrapper.c
b/source3/client/smbspool_krb5_wrapper.c
index 6a3e444f480..9abd1c6b868 100644
--- a/source3/client/smbspool_krb5_wrapper.c
+++ b/source3/client/smbspool_krb5_wrapper.c
@@ -319,10 +319,7 @@ create_env:
#ifdef HAVE_CLEARENV
clearenv();
#else
- {
- extern char **environ;
- environ = calloc(3, sizeof(*environ));
- }
+ environ = calloc(3, sizeof(*environ));
#endif
CUPS_SMB_DEBUG("Setting KRB5CCNAME to '%s'", gen_cc);
diff --git a/source3/modules/vfs_preopen.c b/source3/modules/vfs_preopen.c
index ab0080c69f3..8d85dda92ec 100644
--- a/source3/modules/vfs_preopen.c
+++ b/source3/modules/vfs_preopen.c
@@ -642,7 +642,7 @@ static int preopen_openat(struct vfs_handle_struct *handle,
new_end = new_start + new_digits;
DBG_PREFIX(state->founddigits_dbglvl, (
- "Pattern(idx=%zd) found num_digits[%d] start_offset[%zd]
parsed_num[%lu] fullpath[%s]\n",
+ "Pattern(idx=%zd) found num_digits[%d] start_offset[%zd]
parsed_num[%"PRIu64"] fullpath[%s]\n",
match_idx, new_digits, new_start, num, new_template));
if (state->last_match_idx != match_idx) {
diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index b04c6e560ad..69a1db59249 100644
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -235,13 +235,12 @@ static bool zfs_process_smbacl(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ASSERT(i == naces);
/* store acl */
- fd = fsp_get_io_fd(fsp);
- if (fd != -1) {
- rv = facl(fd, ACE_SETACL, naces, acebuf);
- }
- else {
- rv = acl(fsp->fsp_name->base_name, ACE_SETACL, naces, acebuf);
+ fd = fsp_get_pathref_fd(fsp);
+ if (fd == -1) {
+ errno = EBADF;
+ return false;
}
+ rv = facl(fd, ACE_SETACL, naces, acebuf);
if (rv != 0) {
if(errno == ENOSYS) {
DEBUG(9, ("acl(ACE_SETACL, %s): Operation is not "
@@ -322,11 +321,11 @@ static int fget_zfsacl(TALLOC_CTX *mem_ctx,
ace_t *acebuf = NULL;
int fd;
- fd = fsp_get_io_fd(fsp);
+ fd = fsp_get_pathref_fd(fsp);
if (fd == -1) {
- return get_zfsacl(mem_ctx, fsp->fsp_name, outbuf);
+ errno = EBADF;
+ return -1;
}
-
naces = facl(fd, ACE_GETACLCNT, 0, NULL);
if (naces == -1) {
int dbg_level = 10;
diff --git a/source3/printing/queue_process.c b/source3/printing/queue_process.c
index 9e1d21469ff..64414bb7d65 100644
--- a/source3/printing/queue_process.c
+++ b/source3/printing/queue_process.c
@@ -343,8 +343,6 @@ fail:
return NULL;
}
-extern char **environ;
-
/****************************************************************************
main thread of the background lpq updater
****************************************************************************/
diff --git a/source3/script/tests/test_chdir_cache.sh
b/source3/script/tests/test_chdir_cache.sh
new file mode 100755
index 00000000000..6287d17354a
--- /dev/null
+++ b/source3/script/tests/test_chdir_cache.sh
@@ -0,0 +1,102 @@
+#!/bin/bash
+#
+# Ensure we get a chdir_current_service error if CHDIR fails with EACCESS
+# for an SMB2 request.
+#
+# BUG:https://bugzilla.samba.org/show_bug.cgi?id=14682
+#
+# Copyright (C) 2021 Jeremy Allison
+
+if [ $# -lt 5 ]; then
+ echo Usage: test_chdir_user.sh \
+ --configfile=SERVERCONFFILE SMBCLIENT SMBCONTROL SERVER SHARE
+exit 1
+fi
+
+CONF=$1; shift 1
+SMBCLIENT=$1; shift 1
+SMBCONTROL=$1; shift 1
+SERVER=$1; shift 1
+SHARE=$1; shift 1
+
+# Do not let deprecated option warnings muck this up
+SAMBA_DEPRECATED_SUPPRESS=1
+export SAMBA_DEPRECATED_SUPPRESS
+
+conf_dir=$(dirname ${SERVERCONFFILE})
+
+log_file=${conf_dir}/../smbd_test.log
+
+error_inject_conf=${conf_dir}/error_inject.conf
+> ${error_inject_conf}
+
+incdir=$(dirname $0)/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+cd $SELFTEST_TMPDIR || exit 1
+
+rm -f smbclient-stdin smbclient-stdout smbclient-stderr
+mkfifo smbclient-stdin smbclient-stdout smbclient-stderr
+
+CLI_FORCE_INTERACTIVE=1; export CLI_FORCE_INTERACTIVE
+
+${SMBCLIENT} //${SERVER}/${SHARE} ${CONF} -U${USER}%${PASSWORD} \
+ < smbclient-stdin > smbclient-stdout 2>smbclient-stderr &
+CLIENT_PID=$!
+
+# Count the number of chdir_current_service: vfs_ChDir.*failed: Permission
denied
+# errors that are already in the log (should be zero).
+num_errs=`grep "chdir_current_service: vfs_ChDir.*failed: Permission denied"
${log_file} | wc -l`
+
+sleep 1
+
+exec 100>smbclient-stdin 101<smbclient-stdout 102<smbclient-stderr
+
+# consume the smbclient startup messages
+head -n 1 <&101
+
+# Do an 'ls' as ${USER} to make sure we've done a CHDIR into
+# the share directory.
+echo "ls" >&100
+
+# consume the smbclient output
+head -n 4 <&101
+
+# Now change user to user2, and connect to the share.
+# This should leave us in the same share directory.
+echo "logon user2 ${PASSWORD}" >&100
+echo "tcon ${SHARE}" >&100
+
+# consume the smbclient output
+head -n 4 <&101
+
+# Ensure any chdir will give EACCESS.
+echo "error_inject:chdir = EACCES" > ${error_inject_conf}
+${SMBCONTROL} ${CONF} 0 reload-config
+
+sleep 1
+
+# Do an 'ls' as user2. Changing users should have
+# deleted the CHDIR cache, so we should now see
+# a chdir_current_service: vfs_ChDir.*failed: Permission denied
+# error message in the log.
+echo 'ls' >&100
+
+kill ${CLIENT_PID}
+rm -f smbclient-stdin smbclient-stdout smbclient-stderr
+
+# Remove the chdir inject.
+> ${error_inject_conf}
+${SMBCONTROL} ${CONF} 0 reload-config
+
+# Now look for chdir_current_service: vfs_ChDir.*failed: Permission denied
+# in the smb log. There should be one more than before.
+
+num_errs1=`grep "chdir_current_service: vfs_ChDir.*failed: Permission denied"
${log_file} | wc -l`
+
+testit "Verify we got at least one chdir error" \
+ test $num_errs1 -gt $num_errs || failed=$(expr $failed + 1)
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index dd573547a7b..d8f0db69b8c 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -1078,6 +1078,15 @@ plantestsuite("samba3.blackbox.open-eintr",
"simpleserver:local",
'$SERVER_IP',
"error_inject"])
+plantestsuite("samba3.blackbox.chdir-cache", "simpleserver:local",
+ [os.path.join(samba3srcdir,
+ "script/tests/test_chdir_cache.sh"),
+ configuration,
+ os.path.join(bindir(), "smbclient"),
+ os.path.join(bindir(), "smbcontrol"),
+ '$SERVER_IP',
+ "error_inject"])
+
plantestsuite("samba3.blackbox.netfileenum", "simpleserver:local",
[os.path.join(samba3srcdir,
"script/tests/test_netfileenum.sh"),
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index d6fd11cd4a3..56fdf1fe476 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -92,15 +92,6 @@ static bool become_gid(gid_t gid)
return True;
}
-/****************************************************************************
- Become the specified uid and gid.
-****************************************************************************/
-
-static bool become_id(uid_t uid, gid_t gid)
-{
- return become_gid(gid) && become_uid(uid);
-}
-
/****************************************************************************
Drop back to root privileges in order to change to another user.
****************************************************************************/
@@ -237,12 +228,19 @@ bool push_sec_ctx(void)
return True;
}
+#ifndef HAVE_DARWIN_INITGROUPS
/****************************************************************************
- Change UNIX security context. Calls panic if not successful so no return
value.
+ Become the specified uid and gid.
****************************************************************************/
-#ifndef HAVE_DARWIN_INITGROUPS
+static bool become_id(uid_t uid, gid_t gid)
+{
+ return become_gid(gid) && become_uid(uid);
+}
+/****************************************************************************
+ Change UNIX security context. Calls panic if not successful so no return
value.
+****************************************************************************/
/* Normal credential switch path. */
static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t
*groups)
@@ -360,6 +358,14 @@ static void set_sec_ctx_internal(uid_t uid, gid_t gid,
current_user.ut.ngroups = ngroups;
current_user.ut.groups = groups;
current_user.nt_user_token = ctx_p->token;
+
+ /*
+ * Delete any ChDir cache. We can't assume
+ * the new uid has access to current working
+ * directory.
+ * BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
+ */
+ SAFE_FREE(LastDir);
}
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const
struct security_token *token)
diff --git a/source3/smbd/statcache.c b/source3/smbd/statcache.c
index 63f41db1b1b..ddbd663ad5b 100644
--- a/source3/smbd/statcache.c
+++ b/source3/smbd/statcache.c
@@ -425,7 +425,7 @@ void stat_cache_delete(const char *name)
lname = talloc_asprintf(talloc_tos(),
STAT_CACHE_TWRP_TOKEN,
- (uintmax_t)0,
+ (uint64_t)0,
upper);
TALLOC_FREE(upper);
if (lname == NULL) {
diff --git a/source3/wscript b/source3/wscript
index 87dbc00f191..2cc34a8b2f5 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -1867,7 +1867,7 @@ main() {
conf.env.with_spotlight = True
if not conf.CONFIG_SET('HAVE_RPC_XDR_H'):
- conf.CHECK_HEADERS('rpc/xdr.h', lib='tirpc')
+ conf.CHECK_HEADERS('rpc/types.h rpc/xdr.h', together=True, lib='tirpc')
if conf.CHECK_FUNCS_IN('nscd_flush_cache', 'nscd', headers='libnscd.h'):
conf.DEFINE('HAVE_NSCD_FLUSH_CACHE', '1')
--
Samba Shared Repository
