[SCM] Samba Shared Repository - branch master updated - 1c2e6978b89551828b66c348be361ce9a2b8ddb4

Andrew Tridgell tridge at samba.org
Tue Sep 23 18:19:06 GMT 2008 

The branch, master has been updated
       via  1c2e6978b89551828b66c348be361ce9a2b8ddb4 (commit)
       via  66092ced5e1dc4d35923a3c90bcb3214a885b17d (commit)
       via  9cf29abee296ea2fcdf712687a6ce2cf9fd9d74c (commit)
       via  219aa1b4fd2a8b93d5b2e67f26abc7f59fb2e0f2 (commit)
       via  e3a562b1cd63cbd92c231a3e18b9164f42111e95 (commit)
       via  2b6e139206e5f436dd51437599d0228d8db77a78 (commit)
       via  f4e212323fb7ba2bd226194287602210aa9590ec (commit)
      from  353aaf26c5f71d9a94e799a1c1e37449211e7a87 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1c2e6978b89551828b66c348be361ce9a2b8ddb4
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 11:17:43 2008 -0700

    fixed problem with ACLs with an empty DACL list

commit 66092ced5e1dc4d35923a3c90bcb3214a885b17d
Merge: 9cf29abee296ea2fcdf712687a6ce2cf9fd9d74c 353aaf26c5f71d9a94e799a1c1e37449211e7a87
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 11:15:46 2008 -0700

    Merge branch 'master' of ssh://git.samba.org/data/git/samba

commit 9cf29abee296ea2fcdf712687a6ce2cf9fd9d74c
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 16:45:55 2008 +1000

    test setinfo FULL_EA_INFORMATION in gentest

commit 219aa1b4fd2a8b93d5b2e67f26abc7f59fb2e0f2
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 16:45:10 2008 +1000

    added FULL_EA_INFORMATION setea call

commit e3a562b1cd63cbd92c231a3e18b9164f42111e95
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 15:20:24 2008 +1000

    fixed a memory error in change notify handling in gentest

commit 2b6e139206e5f436dd51437599d0228d8db77a78
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 15:16:46 2008 +1000

    fixed readonly handling in deltree

commit f4e212323fb7ba2bd226194287602210aa9590ec
Author: Andrew Tridgell <tridge at samba.org>
Date:   Tue Sep 23 12:09:56 2008 +1000

    added some debug code

-----------------------------------------------------------------------

Summary of changes:
 source4/libcli/clideltree.c            |   17 ++++++++++++++++-
 source4/libcli/raw/interfaces.h        |    9 +++++++++
 source4/libcli/raw/rawsetfileinfo.c    |   12 +++++++++++-
 source4/libcli/security/access_check.c |   15 ++++++++++++++-
 source4/libcli/smb2/util.c             |    6 ++++++
 source4/ntvfs/ntvfs_generic.c          |    2 ++
 source4/ntvfs/posix/pvfs_open.c        |    2 ++
 source4/ntvfs/posix/pvfs_xattr.c       |    2 +-
 source4/torture/gentest.c              |   12 +++++++++---
 9 files changed, 70 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/libcli/clideltree.c b/source4/libcli/clideltree.c
index 2c306e5..d59a03f 100644
--- a/source4/libcli/clideltree.c
+++ b/source4/libcli/clideltree.c
@@ -84,6 +84,7 @@ int smbcli_deltree(struct smbcli_tree *tree, const char *dname)
 {
 	char *mask;
 	struct delete_state dstate;
+	NTSTATUS status;
 
 	dstate.tree = tree;
 	dstate.total_deleted = 0;
@@ -98,6 +99,13 @@ int smbcli_deltree(struct smbcli_tree *tree, const char *dname)
 	    NT_STATUS_EQUAL(smbcli_nt_error(tree), NT_STATUS_NO_SUCH_FILE)) {
 		return 0;
 	}
+	if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
+		/* it could be read-only */
+		status = smbcli_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
+		if (NT_STATUS_IS_OK(smbcli_unlink(tree, dname))) {
+			return 1;
+		}
+	}
 
 	asprintf(&mask, "%s\\*", dname);
 	smbcli_unlink(dstate.tree, mask);
@@ -105,7 +113,14 @@ int smbcli_deltree(struct smbcli_tree *tree, const char *dname)
 		 FILE_ATTRIBUTE_DIRECTORY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, 
 		 delete_fn, &dstate);
 	free(mask);
-	if (NT_STATUS_IS_ERR(smbcli_rmdir(dstate.tree, dname))) {
+
+	status = smbcli_rmdir(dstate.tree, dname);
+	if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
+		/* it could be read-only */
+		status = smbcli_setatr(dstate.tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
+		status = smbcli_rmdir(dstate.tree, dname);
+	}
+	if (NT_STATUS_IS_ERR(status)) {
 		DEBUG(2,("Failed to delete %s - %s\n", 
 			 dname, smbcli_errstr(dstate.tree)));
 		return -1;
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 537041c..20ed441 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1112,6 +1112,15 @@ union smb_setfileinfo {
 			struct security_descriptor *sd;
 		} in;
 	} set_secdesc;
+
+	/* RAW_SFILEINFO_FULL_EA_INFORMATION */
+	struct {
+		enum smb_setfileinfo_level level;
+		struct {
+			union smb_handle_or_path file;
+			struct smb_ea_list eas;
+		} in;
+	} full_ea_information;
 };
 
 
diff --git a/source4/libcli/raw/rawsetfileinfo.c b/source4/libcli/raw/rawsetfileinfo.c
index 5a47067..f7dfb93 100644
--- a/source4/libcli/raw/rawsetfileinfo.c
+++ b/source4/libcli/raw/rawsetfileinfo.c
@@ -37,7 +37,7 @@ bool smb_raw_setfileinfo_passthru(TALLOC_CTX *mem_ctx,
 
 #define NEED_BLOB(n) do { \
 	  *blob = data_blob_talloc(mem_ctx, NULL, n); \
-	  if (blob->data == NULL) return false; \
+	  if (blob->data == NULL && n != 0) return false; \
         } while (0)
 
 	switch (level) {
@@ -109,6 +109,16 @@ bool smb_raw_setfileinfo_passthru(TALLOC_CTX *mem_ctx,
 		return true;
 	}
 
+	case RAW_SFILEINFO_FULL_EA_INFORMATION:
+		printf("num_eas=%d\n", parms->full_ea_information.in.eas.num_eas);
+		NEED_BLOB(ea_list_size_chained(
+				  parms->full_ea_information.in.eas.num_eas,
+				  parms->full_ea_information.in.eas.eas, 4));
+		ea_put_list_chained(blob->data, 
+				    parms->full_ea_information.in.eas.num_eas,
+				    parms->full_ea_information.in.eas.eas, 4);
+		return true;
+
 		/* Unhandled levels */
 	case RAW_SFILEINFO_PIPE_INFORMATION:
 	case RAW_SFILEINFO_VALID_DATA_INFORMATION:
diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c
index e2ede05..d5a0a13 100644
--- a/source4/libcli/security/access_check.c
+++ b/source4/libcli/security/access_check.c
@@ -38,6 +38,10 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
 		granted |= SEC_STD_DELETE;
 	}
 
+	if (sd->dacl == NULL) {
+		return granted & ~denied;
+	}
+	
 	for (i = 0;i<sd->dacl->num_aces; i++) {
 		struct security_ace *ace = &sd->dacl->aces[i];
 
@@ -101,10 +105,14 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd,
 		return NT_STATUS_OK;
 	}
 
-	/* empty dacl denies access */
+#if 0
+	/* tridge: previously we had empty dacl denying access, but
+	   that can lead to undeletable directories, where
+	   nobody can change the ACL on a directory */
 	if (sd->dacl == NULL || sd->dacl->num_aces == 0) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
+#endif
 
 	/* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */
 	if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) &&
@@ -116,6 +124,10 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd,
 		bits_remaining &= ~SEC_STD_DELETE;
 	}
 
+	if (sd->dacl == NULL) {
+		goto done;
+	}
+
 	/* check each ace in turn. */
 	for (i=0; bits_remaining && i < sd->dacl->num_aces; i++) {
 		struct security_ace *ace = &sd->dacl->aces[i];
@@ -143,6 +155,7 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd,
 		}
 	}
 
+done:
 	if (bits_remaining != 0) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
diff --git a/source4/libcli/smb2/util.c b/source4/libcli/smb2/util.c
index 311cea9..b149b3d 100644
--- a/source4/libcli/smb2/util.c
+++ b/source4/libcli/smb2/util.c
@@ -197,6 +197,12 @@ int smb2_deltree(struct smb2_tree *tree, const char *dname)
 	smb2_util_close(tree, create_parm.out.file.handle);
 
 	status = smb2_util_rmdir(tree, dname);
+	if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
+		/* it could be read-only */
+		status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
+		status = smb2_util_rmdir(tree, dname);
+	}
+
 	if (NT_STATUS_IS_ERR(status)) {
 		DEBUG(2,("Failed to delete %s - %s\n", 
 			 dname, nt_errstr(status)));
diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c
index c34bb71..554d5c5 100644
--- a/source4/ntvfs/ntvfs_generic.c
+++ b/source4/ntvfs/ntvfs_generic.c
@@ -533,6 +533,8 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
 
 		/* we need to check these bits before we check the private mask */
 		if (io2->generic.in.create_options & SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK) {
+			DEBUG(2,(__location__ " create_options 0x%x not supported\n",
+				 io2->generic.in.create_options));
 			status = NT_STATUS_NOT_SUPPORTED;
 			break;
 		}
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index c127885..8dbc674 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -1216,6 +1216,8 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
 	create_options &= ~create_options_must_ignore_mask;
 
 	if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
+		DEBUG(2,(__location__ " create_options 0x%x not supported\n", 
+			 create_options));
 		return NT_STATUS_NOT_SUPPORTED;
 	}
 
diff --git a/source4/ntvfs/posix/pvfs_xattr.c b/source4/ntvfs/posix/pvfs_xattr.c
index 3cbbcbe..7a2945c 100644
--- a/source4/ntvfs/posix/pvfs_xattr.c
+++ b/source4/ntvfs/posix/pvfs_xattr.c
@@ -50,7 +50,7 @@ static NTSTATUS pull_xattr_blob(struct pvfs_state *pvfs,
 	if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)||
 	    NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)||
 	    NT_STATUS_EQUAL(status, NT_STATUS_INVALID_SYSTEM_SERVICE)) {
-		DEBUG(5,("pvfs_xattr: xattr not supported in filesystem: %s\n", nt_errstr(status)));
+		DEBUG(2,("pvfs_xattr: xattr not supported in filesystem: %s\n", nt_errstr(status)));
 		pvfs->flags &= ~PVFS_FLAG_XATTR_ENABLE;
 		status = NT_STATUS_NOT_FOUND;
 	}
diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c
index af5a95e..176fc03 100644
--- a/source4/torture/gentest.c
+++ b/source4/torture/gentest.c
@@ -2166,6 +2166,9 @@ static void gen_setfileinfo(int instance, union smb_setfileinfo *info)
 	case RAW_SFILEINFO_MODE_INFORMATION:
 		info->mode_information.in.mode = gen_bits_mask(0xFFFFFFFF);
 		break;
+	case RAW_SFILEINFO_FULL_EA_INFORMATION:
+		info->full_ea_information.in.eas = gen_ea_list();
+		break;
 	case RAW_SFILEINFO_GENERIC:
 	case RAW_SFILEINFO_SEC_DESC:
 	case RAW_SFILEINFO_UNIX_BASIC:
@@ -2222,7 +2225,8 @@ static void gen_setfileinfo(int instance, union smb_setfileinfo *info)
 	do {
 		i = gen_int_range(0, num_levels-1);
 	} while (ignore_pattern(levels[i].name));
-	
+
+	ZERO_STRUCTP(info);
 	info->generic.level = levels[i].level;
 
 	switch (info->generic.level) {
@@ -2279,6 +2283,9 @@ static void gen_setfileinfo(int instance, union smb_setfileinfo *info)
 	case RAW_SFILEINFO_MODE_INFORMATION:
 		info->mode_information.in.mode = gen_bits_mask(0xFFFFFFFF);
 		break;
+	case RAW_SFILEINFO_FULL_EA_INFORMATION:
+		info->full_ea_information.in.eas = gen_ea_list();
+		break;
 
 	case RAW_SFILEINFO_GENERIC:
 	case RAW_SFILEINFO_SEC_DESC:
@@ -2907,12 +2914,11 @@ static int run_test(struct event_context *ev, struct loadparm_context *lp_ctx)
 		current_op.opnum = op;
 		current_op.name = gen_ops[which_op].name;
 		current_op.status = NT_STATUS_OK;
+		talloc_free(current_op.mem_ctx);
 		current_op.mem_ctx = talloc_named(NULL, 0, "%s", current_op.name);
 
 		ret = gen_ops[which_op].handler(instance);
 
-		talloc_free(current_op.mem_ctx);
-
 		gen_ops[which_op].count++;
 		if (NT_STATUS_IS_OK(current_op.status)) {
 			gen_ops[which_op].success_count++;			


-- 
Samba Shared Repository

More information about the samba-cvs mailing list