[SCM] Samba Shared Repository - branch v4-0-test updated

Karolin Seeger kseeger at samba.org
Wed Nov 21 02:20:05 MST 2012 

The branch, v4-0-test has been updated
       via  cdbf43c WHATSNEW: Update changes since rc5.
       via  cf24aab s3:smbd/aio do not mark file modified during reads
       via  4975257 More for #9374 - Allow smb2.acls torture test to pass against smbd with a POSIX ACLs backend.
       via  1187895 Add comments explaining exactly *why* we don't check FILE_READ_ATTRIBUTES when evaluating file/directory ACE's.
      from  0e9778e WHATSNEW: Start release notes for RC6.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -----------------------------------------------------------------
commit cdbf43cd37158c43fbd9748f61ef319d5e0eb7ed
Author: Karolin Seeger <kseeger at samba.org>
Date:   Wed Nov 21 08:42:07 2012 +0100

    WHATSNEW: Update changes since rc5.
    
    Karolin
    
    Autobuild-User(v4-0-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-0-test): Wed Nov 21 10:19:57 CET 2012 on sn-devel-104

commit cf24aab64ab23f3d9f502f30079d739360abf086
Author: Christian Ambach <ambi at samba.org>
Date:   Tue Nov 20 14:24:13 2012 +0100

    s3:smbd/aio do not mark file modified during reads
    
    this causes each file that is potentially just opened for reading to be
    marked as modified and lots of file change notifications will be send
    
    Signed-off-by: Christian Ambach <ambi at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    
    Autobuild-User(master): Christian Ambach <ambi at samba.org>
    Autobuild-Date(master): Tue Nov 20 21:02:34 CET 2012 on sn-devel-104
    (cherry picked from commit d6983f470410b0befc02e43580d9b9d74d8f5d23)
    
    Fix bug #9411 - aio read marks the file as modified.

commit 4975257c7b1532c510538f2c6fd07682be28ab53
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Nov 14 14:40:51 2012 -0800

    More for #9374 - Allow smb2.acls torture test to pass against smbd with a POSIX ACLs backend.
    
    Change can_delete_directory() to can_delete_directory_fsp(), as
    we only ever call this from an open directory file handle.
    
    This allows us to use OpenDir_fsp() instead of OpenDir().
    OpenDir() re-checks the ACL on the directory, which may
    refuse DIR_LIST permissions. OpenDir_fsp() does not. As
    this is a file-server internal check to see if the directory
    actually contains any files before setting delete on close,
    we can ignore the ACL here (Windows does).
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    
    Autobuild-User(master): Michael Adam <obnox at samba.org>
    Autobuild-Date(master): Tue Nov 20 01:46:28 CET 2012 on sn-devel-104
    (cherry picked from commit c5ad5029fd87b36426927d57425d5debbb26394c)

commit 1187895c71160955b336dba439ab7dd2ef0647ee
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Nov 14 14:40:50 2012 -0800

    Add comments explaining exactly *why* we don't check FILE_READ_ATTRIBUTES when evaluating file/directory ACE's.
    
    If we can access the path to this file, by
    default we have FILE_READ_ATTRIBUTES from the
    containing directory. See the section.
    "Algorithm to Check Access to an Existing File"
    in MS-FSA.pdf.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    (cherry picked from commit 4985332b951d8cd46c9c0cd877875ab7839b4edb)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt               |    3 +++
 source3/include/proto.h    |    3 +--
 source3/smbd/aio.c         |    2 --
 source3/smbd/dir.c         |   14 +++++++++-----
 source3/smbd/file_access.c |    3 +--
 source3/smbd/open.c        |   24 +++++++++++++++++++++---
 6 files changed, 35 insertions(+), 14 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index e3dcd21..46f08c0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -169,10 +169,13 @@ CHANGES SINCE 4.0.0rc5
 
 o   Jeremy Allison <jra at samba.org>
     * BUG 9236: ACL masks incorrectly applied when setting ACLs.
+    * BUG 9374: Allow smb2.acls torture test to pass against smbd with a POSIX
+      ACLs backend.
 
 
 o   Christian Ambach <ambi at samba.org>
     * BUG 9178: Add DMAPI configure option and checks.
+    * BUG 9411: aio read marks the file as modified.
 
 
 o   Sumit Bose <sbose at redhat.com>
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 7c5a5a7..449bbc1 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1628,8 +1628,7 @@ void cancel_pending_lock_requests_by_fid(files_struct *fsp,
 			enum file_close_type close_type);
 void send_stat_cache_delete_message(struct messaging_context *msg_ctx,
 				    const char *name);
-NTSTATUS can_delete_directory(struct connection_struct *conn,
-				const char *dirname);
+NTSTATUS can_delete_directory_fsp(files_struct *fsp);
 bool change_to_root_user(void);
 void contend_level2_oplocks_begin(files_struct *fsp,
 				  enum level2_contention_type type);
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c
index 3b12879..3f553eb 100644
--- a/source3/smbd/aio.c
+++ b/source3/smbd/aio.c
@@ -791,8 +791,6 @@ static void aio_pread_smb2_done(struct tevent_req *req)
 	/* Unlock now we're done. */
 	SMB_VFS_STRICT_UNLOCK(fsp->conn, fsp, &aio_ex->lock);
 
-	mark_file_modified(fsp);
-
 	/* Common error or success code processing for async or sync
 	   read returns. */
 
diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index cb27110..1a9aa43 100644
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -1740,16 +1740,20 @@ bool SearchDir(struct smb_Dir *dirp, const char *name, long *poffset)
  Is this directory empty ?
 *****************************************************************/
 
-NTSTATUS can_delete_directory(struct connection_struct *conn,
-			      const char *dirname)
+NTSTATUS can_delete_directory_fsp(files_struct *fsp)
 {
 	NTSTATUS status = NT_STATUS_OK;
 	long dirpos = 0;
 	const char *dname = NULL;
+	const char *dirname = fsp->fsp_name->base_name;
 	char *talloced = NULL;
 	SMB_STRUCT_STAT st;
-	struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
-					dirname, NULL, 0);
+	struct connection_struct *conn = fsp->conn;
+	struct smb_Dir *dir_hnd = OpenDir_fsp(talloc_tos(),
+					conn,
+					fsp,
+					NULL,
+					0);
 
 	if (!dir_hnd) {
 		return map_nt_error_from_unix(errno);
@@ -1769,7 +1773,7 @@ NTSTATUS can_delete_directory(struct connection_struct *conn,
 			continue;
 		}
 
-		DEBUG(10,("can_delete_directory: got name %s - can't delete\n",
+		DEBUG(10,("got name %s - can't delete\n",
 			 dname ));
 		status = NT_STATUS_DIRECTORY_NOT_EMPTY;
 		break;
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 6ced6a6..9bf7e9b 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -226,8 +226,7 @@ NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode)
 			return NT_STATUS_ACCESS_DENIED;
 		}
 
-		return can_delete_directory(fsp->conn,
-					    fsp->fsp_name->base_name);
+		return can_delete_directory_fsp(fsp);
 	}
 
 	return NT_STATUS_OK;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index a9a9198..7e0dee2 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -130,7 +130,13 @@ NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
 	}
 
  	/*
-	 * Never test FILE_READ_ATTRIBUTES. se_file_access_check() also takes care of
+	 * If we can access the path to this file, by
+	 * default we have FILE_READ_ATTRIBUTES from the
+	 * containing directory. See the section:
+	 * "Algorithm to Check Access to an Existing File"
+	 * in MS-FSA.pdf.
+	 *
+	 * se_file_access_check() also takes care of
 	 * owner WRITE_DAC and READ_CONTROL.
 	 */
 	status = se_file_access_check(sd,
@@ -247,7 +253,13 @@ static NTSTATUS check_parent_access(struct connection_struct *conn,
 	}
 
  	/*
-	 * Never test FILE_READ_ATTRIBUTES. se_file_access_check() also takes care of
+	 * If we can access the path to this file, by
+	 * default we have FILE_READ_ATTRIBUTES from the
+	 * containing directory. See the section:
+	 * "Algorithm to Check Access to an Existing File"
+	 * in MS-FSA.pdf.
+	 *
+	 * se_file_access_check() also takes care of
 	 * owner WRITE_DAC and READ_CONTROL.
 	 */
 	status = se_file_access_check(parent_sd,
@@ -1693,7 +1705,13 @@ static NTSTATUS smbd_calculate_maximum_allowed_access(
 	}
 
 	/*
-	 * Never test FILE_READ_ATTRIBUTES. se_file_access_check()
+	 * If we can access the path to this file, by
+	 * default we have FILE_READ_ATTRIBUTES from the
+	 * containing directory. See the section:
+	 * "Algorithm to Check Access to an Existing File"
+	 * in MS-FSA.pdf.
+	 *
+	 * se_file_access_check()
 	 * also takes care of owner WRITE_DAC and READ_CONTROL.
 	 */
 	status = se_file_access_check(sd,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list