[SCM] Samba Shared Repository - branch master updated

Christian Ambach ambi at samba.org
Thu Nov 24 11:02:02 MST 2011


The branch, master has been updated
       via  53ad886 security: add local authority well-known SIDs
       via  717a27b s3:smb2 report access_based_dir_enum in tcon reply
       via  faf8b9b s3:smb2 do not set allow_namespace_caching flag for a share
       via  9422943 s3:vfs:gpfs remove non-working code
       via  6753656 s3:vfs:gpfs fix some compiler warnings
       via  db1abd4 s3:vfs:gpfs convert syncio parameter
      from  9f1eb8a s4 dns: Test QCLASS_NONE query

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 53ad886f75f189a7c865acf455398c3f3ce38111
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Sep 1 16:09:01 2011 +0200

    security: add local authority well-known SIDs
    
    add the S-1-2 well-known SID family
    
    Autobuild-User: Christian Ambach <ambi at samba.org>
    Autobuild-Date: Thu Nov 24 19:01:08 CET 2011 on sn-devel-104

commit 717a27ba2227764ba14c205eca276ed67e752a59
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Nov 24 14:42:21 2011 +0100

    s3:smb2 report access_based_dir_enum in tcon reply
    
    let the client know when hide unreadable or hide unwriteable files
    is set for a share

commit faf8b9bba053e844d530021566c75d83c031a94d
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Nov 24 13:49:17 2011 +0100

    s3:smb2 do not set allow_namespace_caching flag for a share
    
    this matches Win7/2002R2 behavior and clients also must ignore
    this flag when set (MS-SMB 2.2.10), so we should not set it at all

commit 94229435e80ecc5c0158c59e0ab3976b98668238
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Nov 24 16:57:58 2011 +0100

    s3:vfs:gpfs remove non-working code
    
    when development of vfs_gpfs was started a long time ago it was
    considered a good idea to have it compileable even if GPFS is not
    around and then the module would complain in the logs that libgpfs
    is not there
    
    Nowadays this does not work any more as the code contains GPFS
    specific types that need the GPFS header files.
    
    Instead of making it compile again by adding GPFS typedefs, this
    removes the whole approach. Other VFS modules also do not even
    compile when necessary headers are not around, so do the same for
    the GPFS module code.

commit 6753656c7464424519f9daa9f89576585511f574
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Nov 24 15:58:36 2011 +0100

    s3:vfs:gpfs fix some compiler warnings

commit db1abd4d2d6f83a4c9729019ed91c7a92c66529c
Author: Christian Ambach <ambi at samba.org>
Date:   Thu Nov 24 13:39:01 2011 +0100

    s3:vfs:gpfs convert syncio parameter
    
    convert syncio parameter to be stored in the VFS handle data
    this removes the need to go through lp_parm_bool() on each open

-----------------------------------------------------------------------

Summary of changes:
 libcli/security/dom_sid.h    |    1 +
 libcli/security/util_sid.c   |    2 +
 source3/lib/util_wellknown.c |    6 ++++
 source3/modules/gpfs.c       |   65 ------------------------------------------
 source3/modules/vfs_gpfs.c   |   19 +++++++++---
 source3/smbd/smb2_tcon.c     |    7 ++++-
 6 files changed, 29 insertions(+), 71 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 5886ce3..df57bd1 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -28,6 +28,7 @@
 /* Some well-known SIDs */
 extern const struct dom_sid global_sid_World_Domain;
 extern const struct dom_sid global_sid_World;
+extern const struct dom_sid global_sid_Local_Authority;
 extern const struct dom_sid global_sid_Creator_Owner_Domain;
 extern const struct dom_sid global_sid_NT_Authority;
 extern const struct dom_sid global_sid_Enterprise_DCs;
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index 84ac0f1..f87d3eb 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -38,6 +38,8 @@ const struct dom_sid global_sid_World_Domain =               /* Everyone domain
 { 1, 0, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
 const struct dom_sid global_sid_World =                      /* Everyone */
 { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const struct dom_sid global_sid_Local_Authority =            /* Local Authority */
+{ 1, 0, {0,0,0,0,0,2}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
 const struct dom_sid global_sid_Creator_Owner_Domain =       /* Creator Owner domain */
 { 1, 0, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
 const struct dom_sid global_sid_NT_Authority =    		/* NT Authority */
diff --git a/source3/lib/util_wellknown.c b/source3/lib/util_wellknown.c
index 19ac7ce..f3c0f17 100644
--- a/source3/lib/util_wellknown.c
+++ b/source3/lib/util_wellknown.c
@@ -39,6 +39,11 @@ static const struct rid_name_map everyone_users[] = {
 	{ 0, "Everyone" },
 	{ 0, NULL}};
 
+static const struct rid_name_map local_authority_users[] = {
+	{ 0, "Local" },
+	{ 1, "Console Logon" },
+	{ 0, NULL}};
+
 static const struct rid_name_map creator_owner_users[] = {
 	{ 0, "Creator Owner" },
 	{ 1, "Creator Group" },
@@ -70,6 +75,7 @@ static const struct rid_name_map nt_authority_users[] = {
 
 static struct sid_name_map_info special_domains[] = {
 	{ &global_sid_World_Domain, "", everyone_users },
+	{ &global_sid_Local_Authority, "", local_authority_users },
 	{ &global_sid_Creator_Owner_Domain, "", creator_owner_users },
 	{ &global_sid_NT_Authority, "NT Authority", nt_authority_users },
 	{ NULL, NULL, NULL }};
diff --git a/source3/modules/gpfs.c b/source3/modules/gpfs.c
index 5b0d7d0..d73b94b 100644
--- a/source3/modules/gpfs.c
+++ b/source3/modules/gpfs.c
@@ -21,8 +21,6 @@
 #include "system/filesys.h"
 #include "smbd/smbd.h"
 
-#ifdef HAVE_GPFS
-
 #include "libcli/security/security.h"
 #include "gpfs_gpl.h"
 #include "vfs_gpfs.h"
@@ -273,66 +271,3 @@ void init_gpfs(void)
 
 	return;
 }
-
-#else
-
-int set_gpfs_lease(int snum, int leasetype)
-{
-	DEBUG(0, ("'VFS module smbgpfs loaded, without gpfs support compiled\n"));
-
-	/* We need to indicate that no GPFS is around by returning ENOSYS, so
-	 * that the normal linux kernel oplock code is called. */
-	errno = ENOSYS;
-	return -1;
-}
-
-bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask,
-			uint32 share_access)
-{
-	DEBUG(0, ("VFS module - smbgpfs.so loaded, without gpfs support compiled\n"));
-	/* Don't disturb but complain */
-	return True;
-}
-
-int smbd_gpfs_getacl(char *pathname, int flags, void *acl)
-{
-	errno = ENOSYS;
-	return -1;
-}
-
-int smbd_gpfs_putacl(char *pathname, int flags, void *acl)
-{
-	errno = ENOSYS;
-	return -1;
-}
-
-int smbd_gpfs_get_realfilename_path(char *pathname, char *fileamep,
-				    int *buflen)
-{
-	errno = ENOSYS;
-	return -1;
-}
-
-int set_gpfs_winattrs(char *pathname,int flags,struct gpfs_winattr *attrs)
-{
-        errno = ENOSYS;
-        return -1;
-}
-
-int get_gpfs_winattrs(char *pathname,struct gpfs_winattr *attrs)
-{
-        errno = ENOSYS;
-        return -1;
-}
-
-void smbd_gpfs_lib_init()
-{
-	return;
-}
-
-void init_gpfs(void)
-{
-	return;
-}
-
-#endif /* HAVE_GPFS */
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 0a684e0..d879124 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -38,6 +38,7 @@ struct gpfs_config_data {
 	bool sharemodes;
 	bool leases;
 	bool hsm;
+	bool syncio;
 };
 
 
@@ -184,7 +185,7 @@ static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
 
 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
 {
-	int	i;
+	gpfs_aclCount_t i;
 	if (gacl==NULL)
 	{
 		DEBUG(0, ("gpfs acl is NULL\n"));
@@ -254,7 +255,7 @@ static struct gpfs_acl *gpfs_getacl_alloc(const char *fname, gpfs_aclType_t type
  */
 static int gpfs_get_nfs4_acl(const char *fname, SMB4ACL_T **ppacl)
 {
-	int i;
+	gpfs_aclCount_t i;
 	struct gpfs_acl *gacl = NULL;
 	DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
 
@@ -508,7 +509,7 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp
 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl)
 {
 	SMB_ACL_T result;
-	int i;
+	gpfs_aclCount_t i;
 
 	result = sys_acl_init(pacl->acl_nace);
 	if (result == NULL) {
@@ -1275,6 +1276,9 @@ int vfs_gpfs_connect(struct vfs_handle_struct *handle, const char *service,
 	config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
 				   "hsm", false);
 
+	config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
+				      "syncio", false);
+
 	SMB_VFS_HANDLE_SET_DATA(handle, config,
 				NULL, struct gpfs_config_data,
 				return -1);
@@ -1304,8 +1308,13 @@ static int vfs_gpfs_open(struct vfs_handle_struct *handle,
 			 struct smb_filename *smb_fname, files_struct *fsp,
 			 int flags, mode_t mode)
 {
-	if (lp_parm_bool(fsp->conn->params->service, "gpfs", "syncio",
-			 false)) {
+	struct gpfs_config_data *config;
+
+	SMB_VFS_HANDLE_GET_DATA(handle, config,
+				struct gpfs_config_data,
+				return -1);
+
+	if (config->syncio) {
 		flags |= O_SYNC;
 	}
 	return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index bf98d25..4c0544f 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -248,7 +248,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
 		*out_share_type = SMB2_SHARE_TYPE_DISK;
 	}
 
-	*out_share_flags = SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING;
+	*out_share_flags = 0;
 
 	if (lp_msdfs_root(SNUM(tcon->compat_conn)) && lp_host_msdfs()) {
 		*out_share_flags |= (SMB2_SHAREFLAG_DFS|SMB2_SHAREFLAG_DFS_ROOT);
@@ -273,6 +273,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
 		break;
 	}
 
+	if (lp_hideunreadable(SNUM(tcon->compat_conn)) ||
+	    lp_hideunwriteable_files(SNUM(tcon->compat_conn))) {
+		*out_share_flags |= SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM;
+	}
+
 	*out_maximal_access = tcon->compat_conn->share_access;
 
 	*out_tree_id = tcon->tid;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list