[SCM] Samba Shared Repository - branch master updated
Christian Ambach
ambi at samba.org
Thu Nov 24 11:02:02 MST 2011
The branch, master has been updated
via 53ad886 security: add local authority well-known SIDs
via 717a27b s3:smb2 report access_based_dir_enum in tcon reply
via faf8b9b s3:smb2 do not set allow_namespace_caching flag for a share
via 9422943 s3:vfs:gpfs remove non-working code
via 6753656 s3:vfs:gpfs fix some compiler warnings
via db1abd4 s3:vfs:gpfs convert syncio parameter
from 9f1eb8a s4 dns: Test QCLASS_NONE query
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 53ad886f75f189a7c865acf455398c3f3ce38111
Author: Christian Ambach <ambi at samba.org>
Date: Thu Sep 1 16:09:01 2011 +0200
security: add local authority well-known SIDs
add the S-1-2 well-known SID family
Autobuild-User: Christian Ambach <ambi at samba.org>
Autobuild-Date: Thu Nov 24 19:01:08 CET 2011 on sn-devel-104
commit 717a27ba2227764ba14c205eca276ed67e752a59
Author: Christian Ambach <ambi at samba.org>
Date: Thu Nov 24 14:42:21 2011 +0100
s3:smb2 report access_based_dir_enum in tcon reply
let the client know when hide unreadable or hide unwriteable files
is set for a share
commit faf8b9bba053e844d530021566c75d83c031a94d
Author: Christian Ambach <ambi at samba.org>
Date: Thu Nov 24 13:49:17 2011 +0100
s3:smb2 do not set allow_namespace_caching flag for a share
this matches Win7/2002R2 behavior and clients also must ignore
this flag when set (MS-SMB 2.2.10), so we should not set it at all
commit 94229435e80ecc5c0158c59e0ab3976b98668238
Author: Christian Ambach <ambi at samba.org>
Date: Thu Nov 24 16:57:58 2011 +0100
s3:vfs:gpfs remove non-working code
when development of vfs_gpfs was started a long time ago it was
considered a good idea to have it compileable even if GPFS is not
around and then the module would complain in the logs that libgpfs
is not there
Nowadays this does not work any more as the code contains GPFS
specific types that need the GPFS header files.
Instead of making it compile again by adding GPFS typedefs, this
removes the whole approach. Other VFS modules also do not even
compile when necessary headers are not around, so do the same for
the GPFS module code.
commit 6753656c7464424519f9daa9f89576585511f574
Author: Christian Ambach <ambi at samba.org>
Date: Thu Nov 24 15:58:36 2011 +0100
s3:vfs:gpfs fix some compiler warnings
commit db1abd4d2d6f83a4c9729019ed91c7a92c66529c
Author: Christian Ambach <ambi at samba.org>
Date: Thu Nov 24 13:39:01 2011 +0100
s3:vfs:gpfs convert syncio parameter
convert syncio parameter to be stored in the VFS handle data
this removes the need to go through lp_parm_bool() on each open
-----------------------------------------------------------------------
Summary of changes:
libcli/security/dom_sid.h | 1 +
libcli/security/util_sid.c | 2 +
source3/lib/util_wellknown.c | 6 ++++
source3/modules/gpfs.c | 65 ------------------------------------------
source3/modules/vfs_gpfs.c | 19 +++++++++---
source3/smbd/smb2_tcon.c | 7 ++++-
6 files changed, 29 insertions(+), 71 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 5886ce3..df57bd1 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -28,6 +28,7 @@
/* Some well-known SIDs */
extern const struct dom_sid global_sid_World_Domain;
extern const struct dom_sid global_sid_World;
+extern const struct dom_sid global_sid_Local_Authority;
extern const struct dom_sid global_sid_Creator_Owner_Domain;
extern const struct dom_sid global_sid_NT_Authority;
extern const struct dom_sid global_sid_Enterprise_DCs;
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index 84ac0f1..f87d3eb 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -38,6 +38,8 @@ const struct dom_sid global_sid_World_Domain = /* Everyone domain
{ 1, 0, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
const struct dom_sid global_sid_World = /* Everyone */
{ 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const struct dom_sid global_sid_Local_Authority = /* Local Authority */
+{ 1, 0, {0,0,0,0,0,2}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
const struct dom_sid global_sid_Creator_Owner_Domain = /* Creator Owner domain */
{ 1, 0, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
const struct dom_sid global_sid_NT_Authority = /* NT Authority */
diff --git a/source3/lib/util_wellknown.c b/source3/lib/util_wellknown.c
index 19ac7ce..f3c0f17 100644
--- a/source3/lib/util_wellknown.c
+++ b/source3/lib/util_wellknown.c
@@ -39,6 +39,11 @@ static const struct rid_name_map everyone_users[] = {
{ 0, "Everyone" },
{ 0, NULL}};
+static const struct rid_name_map local_authority_users[] = {
+ { 0, "Local" },
+ { 1, "Console Logon" },
+ { 0, NULL}};
+
static const struct rid_name_map creator_owner_users[] = {
{ 0, "Creator Owner" },
{ 1, "Creator Group" },
@@ -70,6 +75,7 @@ static const struct rid_name_map nt_authority_users[] = {
static struct sid_name_map_info special_domains[] = {
{ &global_sid_World_Domain, "", everyone_users },
+ { &global_sid_Local_Authority, "", local_authority_users },
{ &global_sid_Creator_Owner_Domain, "", creator_owner_users },
{ &global_sid_NT_Authority, "NT Authority", nt_authority_users },
{ NULL, NULL, NULL }};
diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c
index 5b0d7d0..d73b94b 100644
--- a/source3/modules/gpfs.c
+++ b/source3/modules/gpfs.c
@@ -21,8 +21,6 @@
#include "system/filesys.h"
#include "smbd/smbd.h"
-#ifdef HAVE_GPFS
-
#include "libcli/security/security.h"
#include "gpfs_gpl.h"
#include "vfs_gpfs.h"
@@ -273,66 +271,3 @@ void init_gpfs(void)
return;
}
-
-#else
-
-int set_gpfs_lease(int snum, int leasetype)
-{
- DEBUG(0, ("'VFS module smbgpfs loaded, without gpfs support compiled\n"));
-
- /* We need to indicate that no GPFS is around by returning ENOSYS, so
- * that the normal linux kernel oplock code is called. */
- errno = ENOSYS;
- return -1;
-}
-
-bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask,
- uint32 share_access)
-{
- DEBUG(0, ("VFS module - smbgpfs.so loaded, without gpfs support compiled\n"));
- /* Don't disturb but complain */
- return True;
-}
-
-int smbd_gpfs_getacl(char *pathname, int flags, void *acl)
-{
- errno = ENOSYS;
- return -1;
-}
-
-int smbd_gpfs_putacl(char *pathname, int flags, void *acl)
-{
- errno = ENOSYS;
- return -1;
-}
-
-int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep,
- int *buflen)
-{
- errno = ENOSYS;
- return -1;
-}
-
-int set_gpfs_winattrs(char *pathname,int flags,struct gpfs_winattr *attrs)
-{
- errno = ENOSYS;
- return -1;
-}
-
-int get_gpfs_winattrs(char *pathname,struct gpfs_winattr *attrs)
-{
- errno = ENOSYS;
- return -1;
-}
-
-void smbd_gpfs_lib_init()
-{
- return;
-}
-
-void init_gpfs(void)
-{
- return;
-}
-
-#endif /* HAVE_GPFS */
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 0a684e0..d879124 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -38,6 +38,7 @@ struct gpfs_config_data {
bool sharemodes;
bool leases;
bool hsm;
+ bool syncio;
};
@@ -184,7 +185,7 @@ static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
{
- int i;
+ gpfs_aclCount_t i;
if (gacl==NULL)
{
DEBUG(0, ("gpfs acl is NULL\n"));
@@ -254,7 +255,7 @@ static struct gpfs_acl *gpfs_getacl_alloc(const char *fname, gpfs_aclType_t type
*/
static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl)
{
- int i;
+ gpfs_aclCount_t i;
struct gpfs_acl *gacl = NULL;
DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
@@ -508,7 +509,7 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp
static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl)
{
SMB_ACL_T result;
- int i;
+ gpfs_aclCount_t i;
result = sys_acl_init(pacl->acl_nace);
if (result == NULL) {
@@ -1275,6 +1276,9 @@ int vfs_gpfs_connect(struct vfs_handle_struct *handle, const char *service,
config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
"hsm", false);
+ config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
+ "syncio", false);
+
SMB_VFS_HANDLE_SET_DATA(handle, config,
NULL, struct gpfs_config_data,
return -1);
@@ -1304,8 +1308,13 @@ static int vfs_gpfs_open(struct vfs_handle_struct *handle,
struct smb_filename *smb_fname, files_struct *fsp,
int flags, mode_t mode)
{
- if (lp_parm_bool(fsp->conn->params->service, "gpfs", "syncio",
- false)) {
+ struct gpfs_config_data *config;
+
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct gpfs_config_data,
+ return -1);
+
+ if (config->syncio) {
flags |= O_SYNC;
}
return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index bf98d25..4c0544f 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -248,7 +248,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
*out_share_type = SMB2_SHARE_TYPE_DISK;
}
- *out_share_flags = SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING;
+ *out_share_flags = 0;
if (lp_msdfs_root(SNUM(tcon->compat_conn)) && lp_host_msdfs()) {
*out_share_flags |= (SMB2_SHAREFLAG_DFS|SMB2_SHAREFLAG_DFS_ROOT);
@@ -273,6 +273,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
break;
}
+ if (lp_hideunreadable(SNUM(tcon->compat_conn)) ||
+ lp_hideunwriteable_files(SNUM(tcon->compat_conn))) {
+ *out_share_flags |= SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM;
+ }
+
*out_maximal_access = tcon->compat_conn->share_access;
*out_tree_id = tcon->tid;
--
Samba Shared Repository
More information about the samba-cvs
mailing list