Patch for unix extensions

[John Newbigin]

This is a small patch which added a new config option to turn the ensure_link_is_safe check off. This check prevents a client using the unix extensions from creating a symlink which points to a directory outside of the share. Many GUI programs make links from ~ to /tmp which will fail. Gnome requires this to work.

This does not strictly have to be a config option but if people want the ensure_link_is_safe semantics then there needs to be some way to turn it on and off.

With this patch, Samba 3 should fully support home directories mounted via smb.

John.

--
Information Technology Innovation Group
Swinburne University. Melbourne, Australia
http://uranus.it.swin.edu.au/~jn

Index: param/loadparm.c
===================================================================
RCS file: /cvsroot/samba/source/param/loadparm.c,v
retrieving revision 1.397.2.18
diff -u -r1.397.2.18 loadparm.c
--- param/loadparm.c    22 Nov 2002 02:53:42 -0000      1.397.2.18
+++ param/loadparm.c    30 Nov 2002 07:54:23 -0000
@@ -384,8 +384,9 @@
        BOOL bNTAclSupport;
        BOOL bUseSendfile;
        BOOL bProfileAcls;
+       BOOL bUnsafeSymlinks;
 
-       char dummy[3];          /* for alignment */
+       char dummy[2];          /* for alignment */
 }
 service;
 
@@ -502,6 +503,7 @@
        True,                   /* bNTAclSupport */
        False,                  /* bUseSendfile */
        False,                  /* bProfileAcls */
+       False,                  /* bUnsafeSymlinks */
 
        ""                      /* dummy */
 };
@@ -827,6 +829,7 @@
        {"nt pipe support", P_BOOL, P_GLOBAL, &Globals.bNTPipeSupport, NULL, NULL, 
FLAG_ADVANCED | FLAG_DEVELOPER},
        {"nt status support", P_BOOL, P_GLOBAL, &Globals.bNTStatusSupport, NULL, NULL, 
FLAG_ADVANCED | FLAG_DEVELOPER},
        {"profile acls", P_BOOL,  P_LOCAL, &sDefault.bProfileAcls, NULL, NULL, 
FLAG_GLOBAL | FLAG_SHARE  | FLAG_ADVANCED | FLAG_WIZARD},
+       {"unsafe symlinks", P_BOOL,  P_LOCAL, &sDefault.bUnsafeSymlinks, NULL, NULL, 
+FLAG_GLOBAL | FLAG_SHARE  | FLAG_ADVANCED | FLAG_WIZARD},
        
        {"announce version", P_STRING, P_GLOBAL, &Globals.szAnnounceVersion, NULL, 
NULL, FLAG_DEVELOPER},
        {"announce as", P_ENUM, P_GLOBAL, &Globals.announce_as, NULL, 
enum_announce_as, FLAG_DEVELOPER},
@@ -1771,6 +1774,7 @@
 FN_LOCAL_BOOL(lp_nt_acl_support, bNTAclSupport)
 FN_LOCAL_BOOL(lp_use_sendfile, bUseSendfile)
 FN_LOCAL_BOOL(lp_profile_acls, bProfileAcls)
+FN_LOCAL_BOOL(lp_unsafe_symlinks, bUnsafeSymlinks)
 FN_LOCAL_INTEGER(lp_create_mask, iCreate_mask)
 FN_LOCAL_INTEGER(lp_force_create_mode, iCreate_force_mode)
 FN_LOCAL_INTEGER(lp_security_mask, iSecurity_mask)
Index: smbd/trans2.c
===================================================================
RCS file: /cvsroot/samba/source/smbd/trans2.c,v
retrieving revision 1.217.2.5
diff -u -r1.217.2.5 trans2.c
--- smbd/trans2.c       12 Nov 2002 23:20:49 -0000      1.217.2.5
+++ smbd/trans2.c       30 Nov 2002 07:55:19 -0000
@@ -2680,8 +2680,11 @@
 
                        srvstr_pull(inbuf, link_dest, pdata, sizeof(link_dest), -1, 
STR_TERMINATE);
 
-                       if (ensure_link_is_safe(conn, link_dest, link_dest) != 0)
-                               return(UNIXERROR(ERRDOS,ERRnoaccess));
+                       if (!lp_unsafe_symlinks(SNUM(conn)))
+                       {
+                               if (ensure_link_is_safe(conn, link_dest, link_dest) != 
+0)
+                                       return(UNIXERROR(ERRDOS,ERRnoaccess));
+                       }
 
                        DEBUG(10,("call_trans2setfilepathinfo: SMB_SET_FILE_UNIX_LINK 
doing symlink %s -> %s\n",
                                fname, link_dest ));