[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Mon Aug 20 07:37:04 MDT 2012
The branch, master has been updated
via 84d6e09 s4-torture: Use torture_fail() in the unix.unix_info2 test
via 74a4c40 selftest: Use new fake_acls module
via c75b615 s4-torture: Show that we cannot list extended attributes on streams
via f9837d1 s4-torture: Show that we cannot have extended attributes on streams
via bf1e27b s4-torture: Improve raw.streams test to cover EAs and to use torture_assert()
via 3787dcf doc-BUILD_SYSTEMS.txt: The grand rename is complete
via 0e44163 WHATSNEW: Remove over-caution on s3fs and explain browsing better
via 921b927 build: Do not put a .distversion file into the GIT tree
via 7a59c3d s3-build: Enable vfs_fake_acls when in developer mode or on the build farm
via ae4195d s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module
via cbe758c s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file()
via 6c0bef1 s3-vfs: Use the system. namespace for fake ACLs
via 0f2d288 s3-smbd: ensure we give appropriate errors for EA requests on streams
via 6ce084f s3-smbd: Do not look for EA information on a stream
via f9f8a8c s3-smbd: Push smb_fname into estimate_ea_size
via 3ef0e22 s4-ntvfs: Add TODO on ea_size
via 0769d67 s4-ntvfs: Ensure we do not attempt to write EAs on streams
via 9699c33 s3-vfs: Allow vfs_xattr_tdb to work without a connected share
from 4f4bb1f s4:torture:basic: add more delete test - variants of deltest16 and deltest17
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 84d6e09b954548d90d996f3ef6ce89edcbef3c24
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 21:29:26 2012 +1000
s4-torture: Use torture_fail() in the unix.unix_info2 test
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Aug 20 15:36:48 CEST 2012 on sn-devel-104
commit 74a4c40d4f4bd092d4a71d273f45aab39a8b1cb0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 15 20:35:05 2012 +1000
selftest: Use new fake_acls module
This isolates us from the OS ACL library, and allows chown to 'work'
when we are non-root. In turn, this ensures that we can test the SMB
-> POSIX layer even when the OS would refuse the set due to non-root
or simply not having acls enabled on this particular file system.
This should make a number of build farm tests much more reliable, and
allows a number more tests to pass.
Andrew Bartlett
commit c75b6154e475a89c1a43b62c8d8324834397da69
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 22:46:21 2012 +1000
s4-torture: Show that we cannot list extended attributes on streams
commit f9837d15f30c88cc4dca19e3a54433302c11b9ae
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 21:55:13 2012 +1000
s4-torture: Show that we cannot have extended attributes on streams
commit bf1e27bd8fa509d4039ec617a486589607d0d204
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 21:01:33 2012 +1000
s4-torture: Improve raw.streams test to cover EAs and to use torture_assert()
The extension of this test is to create an extended attribute, so we
can confirm that the easize field on a stream actually refers to the
parent file.
This has been run against Windows 7.
Andrew Bartlett
commit 3787dcf42c9ab9ec5a3648b14f86e8bb2032958e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 08:17:45 2012 +1000
doc-BUILD_SYSTEMS.txt: The grand rename is complete
commit 0e441636afd5923a92f7eb29d66dfa52e2f0a5c3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Aug 18 23:58:26 2012 +1000
WHATSNEW: Remove over-caution on s3fs and explain browsing better
commit 921b927d3011b753a51d450a451d5f49abac9e56
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat Aug 18 21:25:30 2012 +1000
build: Do not put a .distversion file into the GIT tree
This places the file only in the tarball, and shows how to
auto-generate other files for placement in the tarball.
Andrew Bartlett
commit 7a59c3d9b8e4a5bab21d9b82cec6a77d1f808f90
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 00:27:01 2012 +1000
s3-build: Enable vfs_fake_acls when in developer mode or on the build farm
commit ae4195dd407d96a4b8768d1c43c58ce2f19d4ef5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 21:28:57 2012 +1000
s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module
commit cbe758cfbb8febd02c0a80bf8f813fd464c71ce5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 00:01:57 2012 +1000
s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file()
commit 6c0bef17569d650c32ab82396f43d435ab9ef831
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 10:10:27 2012 +1000
s3-vfs: Use the system. namespace for fake ACLs
By using the system. namespace, we make sure this is only run on top of a TDB
based ACL store (ie in make test).
Andrew Bartlett
commit 0f2d288f760d509b1e363bea38221ec897c3fe8f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 22:46:58 2012 +1000
s3-smbd: ensure we give appropriate errors for EA requests on streams
commit 6ce084f092fc1b991e5c7bc3f56fd98a4293caae
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 21:58:56 2012 +1000
s3-smbd: Do not look for EA information on a stream
The estimated EA size needs to be of the main file. However, the fsp
may point to the stream, so we need to ignore it if this is the case.
This may mean we estimate wrong if there has been a rename.
Andrew Bartlett
commit f9f8a8c3d8bf1b027f149d2753824d9b2867f2ca
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Aug 19 15:24:04 2012 +1000
s3-smbd: Push smb_fname into estimate_ea_size
This ensures that we return the ea size of the stream, not the overall file.
This is important as if there is an EA on the main file, the raw.streams
test was failing.
Andrew Bartlett
commit 3ef0e2246b4016b5f8a38f7476bc226c1875bfab
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 09:49:30 2012 +1000
s4-ntvfs: Add TODO on ea_size
This is almost certainly un-important.
Andrew Bartlett
commit 0769d67682de756557c02256b8c854dc5fca9c23
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 09:47:43 2012 +1000
s4-ntvfs: Ensure we do not attempt to write EAs on streams
commit 9699c335fd65aa916466e20716b5b0b8fcc9c2ef
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 20 19:20:19 2012 +1000
s3-vfs: Allow vfs_xattr_tdb to work without a connected share
This is needed to that get_nt_acl_no_snum() can work.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
BUILD_SYSTEMS.txt | 9 +-
WHATSNEW.txt | 36 ++++-----
buildtools/wafsamba/samba_version.py | 1 +
selftest/knownfail | 6 --
selftest/target/Samba3.pm | 2 +-
selftest/target/Samba4.pm | 2 +-
source3/Makefile.in | 5 +
source3/configure.in | 4 +
source3/modules/vfs_fake_acls.c | 103 +++++++++++++++++++++++-
source3/modules/vfs_xattr_tdb.c | 118 +++++++++++++++++++++++-----
source3/smbd/trans2.c | 142 +++++++++++++++++++++++-----------
source4/ntvfs/posix/pvfs_fileinfo.c | 2 +-
source4/ntvfs/posix/pvfs_xattr.c | 6 ++
source4/torture/raw/streams.c | 89 +++++++++++++---------
source4/torture/unix/unix_info2.c | 5 +-
wscript | 13 ++-
16 files changed, 398 insertions(+), 145 deletions(-)
Changeset truncated at 500 lines:
diff --git a/BUILD_SYSTEMS.txt b/BUILD_SYSTEMS.txt
index 2aff56d..f8590f6 100644
--- a/BUILD_SYSTEMS.txt
+++ b/BUILD_SYSTEMS.txt
@@ -27,11 +27,10 @@ Kerberos library, provided the version is recent enough (otherwise we
will use our internal version of Heimdal). Please note that builds
with MIT krb5 support will not have AD DC features.
-By the time of the first release candidate, we will finish renaming
-the binaries that we ship so that where we provide a tool under a name
-that was used in Samba 3.x, it continues to behave in the same way it
-always has. This will ensure that our change in build system does not
-impact on our user's ability to use Samba as they always have.
+Where we provide a tool under a name that was used in Samba 3.x, it
+continues to behave in the same way it always has. This will ensure
+that our change in build system does not impact on our user's ability
+to use Samba as they always have.
For developers, this build system backs a comprehensive 'make test',
which provides code coverage of around 48% of our code by line:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a4b5d8c..2aebbc2 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -19,18 +19,10 @@ to upgrade existing Samba 3.x releases to) and the AD domain
controller work previously known as 'samba4'.
Samba 4.0 is subjected to an awesome battery of tests on an automated
-basis, we have found Samba 4.0 to be very stable in it's behavior.
+basis, we have found Samba 4.0 to be very stable in it's behaviour.
However, we still recommend against upgrading production servers from
Samba 3.x release to Samba 4.0 beta at this stage.
-In particular note that the new default configuration 's3fs' may have
-different stability characteristics compared with our previous default
-file server. We are making this release so that we can find and fix
-any of these issues that arise in the real world. New AD DC
-installations can provision or join with --use-ntvfs to obtain the
-previous default file server. See below how to continue using ntvfs
-in an existing installation.
-
If you are upgrading, or looking to develop, test or deploy Samba 4.0
beta releases, you should backup all configuration and data.
@@ -63,8 +55,7 @@ issue.
Samba 4.0 beta ships with two distinct file servers. We now use the
file server from the Samba 3.x series 'smbd' for all file serving by
-default. For pure file server work, the binaries users would expect
-from that series (nmbd, winbindd, smbpasswd) continue to be available.
+default.
Samba 4.0 also ships with the 'NTVFS' file server. This file server
is what was used in all previous alpha releases of Samba 4.0, and is
@@ -74,9 +65,11 @@ installations that have deployed it as part of an AD DC, but also as a
running example of the NT-FSA architecture we expect to move smbd to in
the longer term.
-As mentioned above, this change to the default file server may cause
-instability, as we learn about the real-world interactions between
-these two key components.
+For pure file server work, the binaries users would expect from that
+series (nmbd, winbindd, smbpasswd) continue to be available. When
+running an AD DC, you only need to run 'samba' (not
+nmbd/smbd/winbind), as the required services are co-ordinated by this
+master binary.
As DNS is an integral part of Active Directory, we also provide a DNS
solution, using the BIND DLZ mechanism in versions 9.8 and 9.9.
@@ -87,7 +80,9 @@ minimal internal DNS server from within the Samba process, for easier
complete (pending addition of secure DNS update support).
To provide accurate timestamps to Windows clients, we integrate with
-the NTP project to provide secured NTP replies.
+the NTP project to provide secured NTP replies. To use you need to
+start ntpd and configure it with the 'restrict ... ms-sntp' and
+ntpsigndsocket options.
Finally, a new scripting interface has been added to Samba 4, allowing
Python programs to interface to Samba's internals, and many tools and
@@ -106,7 +101,7 @@ $ git log samba-4.0.0beta5..samba-4.0.0beta6
Some major user-visible changes include:
- Provision is now faster, as we now correctly use the database
- indicies during the provision
+ indices during the provision
- Support for handling of Extended Signatures (Session Key Protection)
@@ -138,7 +133,9 @@ KNOWN ISSUES
- Modifying of group policies by members of the Domain Administrators
group is not possible with the s3fs file server, only with the ntvfs
file server. This is due to the underlying POSIX ACL not being set
- at provision time.
+ at provision time. Recursivly giving 'domain administrators' write
+ access to the contents of the sysvol share using a windows client
+ will fix this in the interim.
- For similar reasons, sites with ACLs stored by the ntvfs file server
may wish to continue to use that file server implementation, as a
@@ -165,8 +162,9 @@ KNOWN ISSUES
use the 'samba' binary (provided for the AD server) on a member
server.
-- There is no NetBIOS browsing support (network neighbourhood) in the
- 'samba' binary (use nmbd and smbd instead)
+- There is no NetBIOS browsing support (network neighbourhood)
+ available for the AD domain controller. (Support in nmbd and smbd
+ for classic domains and member/standalone servers is unchanged).
- Clock Synchronisation is critical. Many 'wrong password' errors are
actually due to Kerberos objecting to a clock skew between client
diff --git a/buildtools/wafsamba/samba_version.py b/buildtools/wafsamba/samba_version.py
index e82fd47..b5cfc26 100644
--- a/buildtools/wafsamba/samba_version.py
+++ b/buildtools/wafsamba/samba_version.py
@@ -269,6 +269,7 @@ also accepted as dictionary entries here
string+="#define SAMBA_VERSION_VENDOR_SUFFIX " + self.VENDOR_SUFFIX + "\n"
if self.VENDOR_PATCH is not None:
string+="#define SAMBA_VERSION_VENDOR_PATCH " + self.VENDOR_PATCH + "\n"
+ string+='#define SAMBA_VERSION_VENDOR_PATCH_STRING "' + self.VENDOR_PATCH + '"\n'
if self.RELEASE_NICKNAME is not None:
string+="#define SAMBA_VERSION_RELEASE_NICKNAME " + self.RELEASE_NICKNAME + "\n"
diff --git a/selftest/knownfail b/selftest/knownfail
index 1c72718..2d33360 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -43,7 +43,6 @@
^samba3.blackbox.rpcclient over ncacn_np with \[spnego,connect,smb2\]
^samba3.blackbox.rpcclient over ncacn_np with \[spnego,connect,smb2,bigendian\]
^samba3.raw.samba3hide.samba3hide\((s3dc|plugin_s4_dc)\) # This test fails against an smbd environment with NT ACLs enabled
-^samba3.raw.samba3checkfsp.samba3checkfsp\(s3dc\) # This test fails against an smbd environment with NT ACLs enabled
^samba3.raw.samba3closeerr.samba3closeerr\(s3dc\) # This test fails against an smbd environment with NT ACLs enabled
^samba3.raw.acls.generic\(s3dc\) # This fails against smbd
^samba3.base.delete.deltest16a
@@ -53,7 +52,6 @@
# these show that we still have some differences between our system
# with our internal iconv because it passes except when we bypass our
# internal iconv modules
-^samba.vfstest.acl.vfstest\(s3dc:local\) #until we get the fake_acls module into selftest
^samba4.local.convert_string_handle.system.iconv.gd_ascii
^samba4.local.convert_string_handle.system.iconv.gd_iso8859_cp850
^samba4..*base.delete.*.deltest17\(
@@ -222,11 +220,7 @@
# but in the interests of ensuring we do not regress, we run the tests
# and list the current failures here.
#
-^samba3.raw.acls.create_file\(plugin_s4_dc\)
-^samba3.raw.acls.create_dir\(plugin_s4_dc\)
^samba3.raw.acls.generic\(plugin_s4_dc\)
-^samba3.smb2.create.aclfile\(plugin_s4_dc\)
-^samba3.smb2.create.acldir\(plugin_s4_dc\)
^samba3.rpc.eventlog.eventlog.GetLogIntormation\(plugin_s4_dc\)
^samba3.rpc.eventlog.eventlog.FlushEventLog\(plugin_s4_dc\)
^samba3.rpc.eventlog.eventlog.ReportEventLog\(plugin_s4_dc\)
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 72b9c19..31bd15b 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -905,7 +905,7 @@ sub provision($$$$$$)
store dos attributes = yes
create mask = 755
dos filemode = yes
- vfs objects = $vfs_modulesdir_abs/acl_xattr.so $vfs_modulesdir_abs/xattr_tdb.so $vfs_modulesdir_abs/streams_depot.so
+ vfs objects = $vfs_modulesdir_abs/acl_xattr.so $vfs_modulesdir_abs/fake_acls.so $vfs_modulesdir_abs/xattr_tdb.so $vfs_modulesdir_abs/streams_depot.so
printing = vlp
print command = $bindir_abs/vlp tdbfile=$lockdir/vlp.tdb print %p %s
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 17afab2..17f3a32 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1365,7 +1365,7 @@ sub provision_plugin_s4_dc($$)
create mask = 755
dos filemode = yes
- vfs objects = acl_xattr xattr_tdb streams_depot
+ vfs objects = acl_xattr fake_acls xattr_tdb streams_depot
dcerpc endpoint servers = -winreg -srvsvc
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 57c6c1d..c71d588 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -857,6 +857,7 @@ VFS_AUDIT_OBJ = modules/vfs_audit.o
VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o
VFS_FULL_AUDIT_OBJ = modules/vfs_full_audit.o
VFS_FAKE_PERMS_OBJ = modules/vfs_fake_perms.o
+VFS_FAKE_ACLS_OBJ = modules/vfs_fake_acls.o autoconf/librpc/gen_ndr/ndr_smb_acl.o
VFS_RECYCLE_OBJ = modules/vfs_recycle.o
VFS_NETATALK_OBJ = modules/vfs_netatalk.o
VFS_DEFAULT_QUOTA_OBJ = modules/vfs_default_quota.o
@@ -2752,6 +2753,10 @@ bin/fake_perms. at SHLIBEXT@: $(BINARY_PREREQS) $(VFS_FAKE_PERMS_OBJ)
@echo "Building plugin $@"
@$(SHLD_MODULE) $(VFS_FAKE_PERMS_OBJ)
+bin/fake_acls. at SHLIBEXT@: $(BINARY_PREREQS) $(VFS_FAKE_ACLS_OBJ)
+ @echo "Building plugin $@"
+ @$(SHLD_MODULE) $(VFS_FAKE_ACLS_OBJ)
+
bin/default_quota. at SHLIBEXT@: $(BINARY_PREREQS) $(VFS_DEFAULT_QUOTA_OBJ)
@echo "Building plugin $@"
@$(SHLD_MODULE) $(VFS_DEFAULT_QUOTA_OBJ)
diff --git a/source3/configure.in b/source3/configure.in
index 28894f1..f0dde64 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -476,6 +476,9 @@ if test "x$developer" = xyes; then
default_shared_modules="$default_shared_modules perfcount_test"
fi
+if test x"$RUN_FROM_BUILD_FARM" = x"yes" -o "x$developer" = xyes; then
+ default_shared_modules="$default_shared_modules vfs_fake_acls"
+fi
#
# Config CPPFLAG settings for strange OS's that must be set
@@ -6533,6 +6536,7 @@ SMB_MODULE(vfs_extd_audit, \$(VFS_EXTD_AUDIT_OBJ), "bin/extd_audit.$SHLIBEXT", V
SMB_MODULE(vfs_full_audit, \$(VFS_FULL_AUDIT_OBJ), "bin/full_audit.$SHLIBEXT", VFS)
SMB_MODULE(vfs_netatalk, \$(VFS_NETATALK_OBJ), "bin/netatalk.$SHLIBEXT", VFS)
SMB_MODULE(vfs_fake_perms, \$(VFS_FAKE_PERMS_OBJ), "bin/fake_perms.$SHLIBEXT", VFS)
+SMB_MODULE(vfs_fake_acls, \$(VFS_FAKE_ACLS_OBJ), "bin/fake_acls.$SHLIBEXT", VFS)
SMB_MODULE(vfs_default_quota, \$(VFS_DEFAULT_QUOTA_OBJ), "bin/default_quota.$SHLIBEXT", VFS)
SMB_MODULE(vfs_readonly, \$(VFS_READONLY_OBJ), "bin/readonly.$SHLIBEXT", VFS)
SMB_MODULE(vfs_cap, \$(VFS_CAP_OBJ), "bin/cap.$SHLIBEXT", VFS)
diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c
index 175d6d2..abe6570 100644
--- a/source3/modules/vfs_fake_acls.c
+++ b/source3/modules/vfs_fake_acls.c
@@ -30,10 +30,10 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
-#define FAKE_UID "FAKE.uid"
-#define FAKE_GID "FAKE.gid"
-#define FAKE_ACL_ACCESS_XATTR "FAKE.access_acl"
-#define FAKE_ACL_DEFAULT_XATTR "FAKE.default_acl"
+#define FAKE_UID "system.fake_uid"
+#define FAKE_GID "system.fake_gid"
+#define FAKE_ACL_ACCESS_XATTR "system.fake_access_acl"
+#define FAKE_ACL_DEFAULT_XATTR "system.fake_default_acl"
static int fake_acls_uid(vfs_handle_struct *handle,
const char *path,
@@ -139,6 +139,38 @@ static int fake_acls_stat(vfs_handle_struct *handle,
return ret;
}
+static int fake_acls_lstat(vfs_handle_struct *handle,
+ struct smb_filename *smb_fname)
+{
+ int ret = -1;
+
+ ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
+ if (ret == 0) {
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *path;
+ NTSTATUS status;
+ status = get_full_smb_filename(frame, smb_fname, &path);
+ if (!NT_STATUS_IS_OK(status)) {
+ errno = map_errno_from_nt_status(status);
+ TALLOC_FREE(frame);
+ return -1;
+ }
+
+ /* This isn't quite right (calling getxattr not
+ * lgetxattr), but for the test purposes of this
+ * module (fake NT ACLs from windows clients), it is
+ * close enough. We removed the l*xattr functions
+ * because linux doesn't support using them, but we
+ * could fake them in xattr_tdb if we really wanted
+ * to. We ignore errors because the link might not point anywhere */
+ fake_acls_uid(handle, path, &smb_fname->st.st_ex_uid);
+ fake_acls_gid(handle, path, &smb_fname->st.st_ex_gid);
+ TALLOC_FREE(frame);
+ }
+
+ return ret;
+}
+
static int fake_acls_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STRUCT_STAT *sbuf)
{
int ret = -1;
@@ -306,8 +338,38 @@ static int fake_acls_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp
static int fake_acls_sys_acl_delete_def_file(vfs_handle_struct *handle, const char *path)
{
+ int ret;
const char *name = FAKE_ACL_DEFAULT_XATTR;
- return SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct smb_filename *smb_fname = NULL;
+ NTSTATUS status = create_synthetic_smb_fname_split(frame, path, NULL,
+ &smb_fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ errno = map_errno_from_nt_status(status);
+ TALLOC_FREE(frame);
+ return -1;
+ }
+
+ ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
+ if (ret == -1) {
+ TALLOC_FREE(frame);
+ return -1;
+ }
+
+ if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
+ errno = EINVAL;
+ TALLOC_FREE(frame);
+ return -1;
+ }
+
+ ret = SMB_VFS_NEXT_REMOVEXATTR(handle, path, name);
+ if (ret == -1 && errno == ENOATTR) {
+ ret = 0;
+ errno = 0;
+ }
+
+ TALLOC_FREE(frame);
+ return ret;
}
static int fake_acls_chown(vfs_handle_struct *handle, const char *path, uid_t uid, gid_t gid)
@@ -331,6 +393,35 @@ static int fake_acls_chown(vfs_handle_struct *handle, const char *path, uid_t u
return 0;
}
+static int fake_acls_lchown(vfs_handle_struct *handle, const char *path, uid_t uid, gid_t gid)
+{
+ int ret;
+ uint8_t id_buf[4];
+ if (uid != -1) {
+ /* This isn't quite right (calling setxattr not
+ * lsetxattr), but for the test purposes of this
+ * module (fake NT ACLs from windows clients), it is
+ * close enough. We removed the l*xattr functions
+ * because linux doesn't support using them, but we
+ * could fake them in xattr_tdb if we really wanted
+ * to.
+ */
+ SIVAL(id_buf, 0, uid);
+ ret = SMB_VFS_NEXT_SETXATTR(handle, path, FAKE_UID, id_buf, sizeof(id_buf), 0);
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ if (gid != -1) {
+ SIVAL(id_buf, 0, gid);
+ ret = SMB_VFS_NEXT_SETXATTR(handle, path, FAKE_GID, id_buf, sizeof(id_buf), 0);
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ return 0;
+}
+
static int fake_acls_fchown(vfs_handle_struct *handle, files_struct *fsp, uid_t uid, gid_t gid)
{
int ret;
@@ -355,6 +446,7 @@ static int fake_acls_fchown(vfs_handle_struct *handle, files_struct *fsp, uid_t
static struct vfs_fn_pointers vfs_fake_acls_fns = {
.stat_fn = fake_acls_stat,
+ .lstat_fn = fake_acls_lstat,
.fstat_fn = fake_acls_fstat,
.sys_acl_get_file_fn = fake_acls_sys_acl_get_file,
.sys_acl_get_fd_fn = fake_acls_sys_acl_get_fd,
@@ -362,6 +454,7 @@ static struct vfs_fn_pointers vfs_fake_acls_fns = {
.sys_acl_set_fd_fn = fake_acls_sys_acl_set_fd,
.sys_acl_delete_def_file_fn = fake_acls_sys_acl_delete_def_file,
.chown_fn = fake_acls_chown,
+ .lchown_fn = fake_acls_lchown,
.fchown_fn = fake_acls_fchown,
};
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 67f6bcb..36e113e 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -2,6 +2,7 @@
* Store posix-level xattrs in a tdb
*
* Copyright (C) Volker Lendecke, 2007
+ * Copyright (C) Andrew Bartlett, 2012
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -27,6 +28,8 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
+static bool xattr_tdb_init(int snum, TALLOC_CTX *mem_ctx, struct db_context **p_db);
+
static int xattr_tdb_get_file_id(struct vfs_handle_struct *handle,
const char *path, struct file_id *id)
{
@@ -65,7 +68,10 @@ static ssize_t xattr_tdb_getxattr(struct vfs_handle_struct *handle,
TALLOC_CTX *frame = talloc_stackframe();
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
- TALLOC_FREE(frame); return -1);
+ if (!xattr_tdb_init(-1, frame, &db))
+ {
+ TALLOC_FREE(frame); return -1;
+ });
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
@@ -100,7 +106,11 @@ static ssize_t xattr_tdb_fgetxattr(struct vfs_handle_struct *handle,
DATA_BLOB blob;
TALLOC_CTX *frame = talloc_stackframe();
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, TALLOC_FREE(frame); return -1);
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
+ if (!xattr_tdb_init(-1, frame, &db))
+ {
+ TALLOC_FREE(frame); return -1;
+ });
if (SMB_VFS_NEXT_FSTAT(handle, fsp, &sbuf) == -1) {
TALLOC_FREE(frame);
@@ -132,15 +142,25 @@ static int xattr_tdb_setxattr(struct vfs_handle_struct *handle,
struct file_id id;
struct db_context *db;
int ret;
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
+ if (!xattr_tdb_init(-1, frame, &db))
+ {
+ TALLOC_FREE(frame); return -1;
+ });
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
+ TALLOC_FREE(frame);
return -1;
}
- return xattr_tdb_setattr(db, &id, name, value, size, flags);
+ ret = xattr_tdb_setattr(db, &id, name, value, size, flags);
+ TALLOC_FREE(frame);
+ return ret;
}
static int xattr_tdb_fsetxattr(struct vfs_handle_struct *handle,
@@ -151,16 +171,26 @@ static int xattr_tdb_fsetxattr(struct vfs_handle_struct *handle,
SMB_STRUCT_STAT sbuf;
struct file_id id;
struct db_context *db;
+ int ret;
+ TALLOC_CTX *frame = talloc_stackframe();
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
+ if (!xattr_tdb_init(-1, frame, &db))
+ {
+ TALLOC_FREE(frame); return -1;
+ });
if (SMB_VFS_NEXT_FSTAT(handle, fsp, &sbuf) == -1) {
+ TALLOC_FREE(frame);
return -1;
}
id = SMB_VFS_NEXT_FILE_ID_CREATE(handle, &sbuf);
- return xattr_tdb_setattr(db, &id, name, value, size, flags);
+ ret = xattr_tdb_setattr(db, &id, name, value, size, flags);
+ TALLOC_FREE(frame);
+ return ret;
+
}
static ssize_t xattr_tdb_listxattr(struct vfs_handle_struct *handle,
@@ -169,15 +199,26 @@ static ssize_t xattr_tdb_listxattr(struct vfs_handle_struct *handle,
struct file_id id;
struct db_context *db;
int ret;
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
+ if (!xattr_tdb_init(-1, frame, &db))
+ {
+ TALLOC_FREE(frame); return -1;
+ });
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
+ TALLOC_FREE(frame);
return -1;
}
- return xattr_tdb_listattr(db, &id, list, size);
--
Samba Shared Repository
More information about the samba-cvs
mailing list