[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Mon Oct 11 18:58:06 MDT 2010


The branch, master has been updated
       via  6f60940 Make the vfs_acl_xattr and other modules work with NULL SD's. Fix the "protected" inheritance problem (bleeding up from the POSIX layer).
       via  6f4e782 Canonicalize incoming and outgoing ACLs.
       via  71d9f51 Make the posix ACL module cope with a NULL incoming DACL and a missing owner/group.
      from  44a4b67 dsdb: Build some more modules as shared objects.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 6f6094076ff73dffb2570f86cb72e0ac9d0e86f2
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Oct 11 17:15:39 2010 -0700

    Make the vfs_acl_xattr and other modules work with NULL SD's. Fix
    the "protected" inheritance problem (bleeding up from the POSIX
    layer).
    
    Jeremy
    
    Autobuild-User: Jeremy Allison <jra at samba.org>
    Autobuild-Date: Tue Oct 12 00:57:41 UTC 2010 on sn-devel-104

commit 6f4e782c5343fc46f9029a549c419e5f3c1e6190
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Oct 11 17:10:28 2010 -0700

    Canonicalize incoming and outgoing ACLs.
    
    Jeremy.

commit 71d9f51b4eaedbecaf4b9e7a7fffae33dba6ba2e
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Oct 11 17:07:54 2010 -0700

    Make the posix ACL module cope with a NULL incoming DACL and a
    missing owner/group.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/modules/vfs_acl_common.c |   70 ++++++++++++++++----------------------
 source3/smbd/nttrans.c           |   59 +++++++++++++++++++++++++++++--
 source3/smbd/posix_acls.c        |   31 +++++++++++++++++
 3 files changed, 115 insertions(+), 45 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index dbf3a09..58da904 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -329,6 +329,9 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
 
 	if (memcmp(&hash[0], &hash_tmp[0], XATTR_SD_HASH_SIZE) == 0) {
 		/* Hash matches, return blob sd. */
+		DEBUG(10, ("get_nt_acl_internal: blob hash "
+			"matches for file %s\n",
+			name ));
 		goto out;
 	}
 
@@ -369,6 +372,11 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
 							psbuf,
 							psd);
 		}
+		/* The underlying POSIX module always sets
+		   the ~SEC_DESC_DACL_PROTECTED bit, as ACLs
+		   can't be inherited in this way under POSIX.
+		   Remove it for Windows-style ACLs. */
+		psd->type &= ~SEC_DESC_DACL_PROTECTED;
 	}
 
 	if (!(security_info & SECINFO_OWNER)) {
@@ -662,61 +670,41 @@ static NTSTATUS get_nt_acl_common(vfs_handle_struct *handle,
 *********************************************************************/
 
 static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
-        uint32_t security_info_sent, const struct security_descriptor *psd)
+        uint32_t security_info_sent, const struct security_descriptor *orig_psd)
 {
 	NTSTATUS status;
 	DATA_BLOB blob;
 	struct security_descriptor *pdesc_next = NULL;
+	struct security_descriptor *psd = NULL;
 	uint8_t hash[XATTR_SD_HASH_SIZE];
 
 	if (DEBUGLEVEL >= 10) {
 		DEBUG(10,("fset_nt_acl_xattr: incoming sd for file %s\n",
 			  fsp_str_dbg(fsp)));
 		NDR_PRINT_DEBUG(security_descriptor,
-			CONST_DISCARD(struct security_descriptor *,psd));
+			CONST_DISCARD(struct security_descriptor *,orig_psd));
 	}
 
-        /* Ensure we have OWNER/GROUP/DACL set. */
-
-	if ((security_info_sent & (SECINFO_OWNER|
-				SECINFO_GROUP|
-				SECINFO_DACL)) !=
-				(SECINFO_OWNER|
-				 SECINFO_GROUP|
-				 SECINFO_DACL)) {
-		/* No we don't - read from the existing SD. */
-		struct security_descriptor *nc_psd = NULL;
-
-		status = get_nt_acl_internal(handle, fsp,
-				NULL,
-				(SECINFO_OWNER|
-				 SECINFO_GROUP|
-				 SECINFO_DACL),
-				&nc_psd);
-
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
-
-		/* This is safe as nc_psd is discarded at fn exit. */
-		if (security_info_sent & SECINFO_OWNER) {
-			nc_psd->owner_sid = psd->owner_sid;
-		}
-		security_info_sent |= SECINFO_OWNER;
+	status = get_nt_acl_internal(handle, fsp,
+			NULL,
+			SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL,
+			&psd);
 
-		if (security_info_sent & SECINFO_GROUP) {
-			nc_psd->group_sid = psd->group_sid;
-		}
-		security_info_sent |= SECINFO_GROUP;
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
 
-		if (security_info_sent & SECINFO_DACL) {
-			nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
-			if (nc_psd->dacl == NULL) {
-				return NT_STATUS_NO_MEMORY;
-			}
-		}
-		security_info_sent |= SECINFO_DACL;
-		psd = nc_psd;
+	if ((security_info_sent & SECINFO_OWNER) && (orig_psd->owner_sid != NULL)) {
+		psd->owner_sid = orig_psd->owner_sid;
+	}
+	if ((security_info_sent & SECINFO_GROUP) && (orig_psd->group_sid != NULL)) {
+		psd->group_sid = orig_psd->group_sid;
+	}
+	if (security_info_sent & SECINFO_DACL) {
+		psd->dacl = orig_psd->dacl;
+	}
+	if (security_info_sent & SECINFO_SACL) {
+		psd->sacl = orig_psd->sacl;
 	}
 
 	status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 40a47fd..017703e 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -836,11 +836,15 @@ NTSTATUS set_sd(files_struct *fsp, uint8_t *data, uint32_t sd_len,
 	struct security_descriptor *psd = NULL;
 	NTSTATUS status;
 
+	if (sd_len == 0) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
 	if (!CAN_WRITE(fsp->conn)) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) {
+	if (!lp_nt_acl_support(SNUM(fsp->conn))) {
 		return NT_STATUS_OK;
 	}
 
@@ -857,9 +861,43 @@ NTSTATUS set_sd(files_struct *fsp, uint8_t *data, uint32_t sd_len,
 		security_info_sent &= ~SECINFO_GROUP;
 	}
 
-	/* Convert all the generic bits. */
-	security_acl_map_generic(psd->dacl, &file_generic_mapping);
-	security_acl_map_generic(psd->sacl, &file_generic_mapping);
+	/* Ensure we have at least one thing set. */
+	if ((security_info_sent & (SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL)) == 0) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	/* Ensure we have the rights to do this. */
+	if (security_info_sent & SECINFO_OWNER) {
+		if (!(fsp->access_mask & SEC_STD_WRITE_OWNER)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+	}
+
+	if (security_info_sent & SECINFO_GROUP) {
+		if (!(fsp->access_mask & SEC_STD_WRITE_OWNER)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+	}
+
+	if (security_info_sent & SECINFO_DACL) {
+		if (!(fsp->access_mask & SEC_STD_WRITE_DAC)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+		/* Convert all the generic bits. */
+		if (psd->dacl) {
+			security_acl_map_generic(psd->dacl, &file_generic_mapping);
+		}
+	}
+
+	if (security_info_sent & SECINFO_SACL) {
+		if (!(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+		/* Convert all the generic bits. */
+		if (psd->sacl) {
+			security_acl_map_generic(psd->sacl, &file_generic_mapping);
+		}
+	}
 
 	if (DEBUGLEVEL >= 10) {
 		DEBUG(10,("set_sd for file %s\n", fsp_str_dbg(fsp)));
@@ -1808,6 +1846,19 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
 		return status;
 	}
 
+	if (!(security_info_wanted & SECINFO_OWNER)) {
+		psd->owner_sid = NULL;
+	}
+	if (!(security_info_wanted & SECINFO_GROUP)) {
+		psd->group_sid = NULL;
+	}
+	if (!(security_info_wanted & SECINFO_DACL)) {
+		psd->dacl = NULL;
+	}
+	if (!(security_info_wanted & SECINFO_SACL)) {
+		psd->sacl = NULL;
+	}
+
 	/* If the SACL/DACL is NULL, but was requested, we mark that it is
 	 * present in the reply to match Windows behavior */
 	if (psd->sacl == NULL &&
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 4ceb0f0..9713ec0 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3862,6 +3862,29 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct s
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	if((security_info_sent & SECINFO_DACL) &&
+			(psd->type & SEC_DESC_DACL_PRESENT) &&
+			(psd->dacl == NULL)) {
+		struct security_ace ace;
+
+		/* We can't have NULL DACL in POSIX.
+		   Use Everyone -> full access. */
+
+		init_sec_ace(&ace,
+				&global_sid_World,
+				SEC_ACE_TYPE_ACCESS_ALLOWED,
+				GENERIC_ALL_ACCESS,
+				0);
+		psd->dacl = make_sec_acl(talloc_tos(),
+					NT4_ACL_REVISION,
+					1,
+					&ace);
+		if (psd->dacl == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
+		security_acl_map_generic(psd->dacl, &file_generic_mapping);
+	}
+
 	/*
 	 * Get the current state of the file.
 	 */
@@ -3878,6 +3901,14 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct s
 	 * Unpack the user/group/world id's.
 	 */
 
+	/* POSIX can't cope with missing owner/group. */
+	if ((security_info_sent & SECINFO_OWNER) && (psd->owner_sid == NULL)) {
+		security_info_sent &= ~SECINFO_OWNER;
+	}
+	if ((security_info_sent & SECINFO_GROUP) && (psd->group_sid == NULL)) {
+		security_info_sent &= ~SECINFO_GROUP;
+	}
+
 	status = unpack_nt_owners( conn, &user, &grp, security_info_sent, psd);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list