[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Fri Oct 26 02:08:03 MDT 2012
The branch, master has been updated
via cb50e85 vfstest: set umask(0) in vfstest
via e146fe5 pysmbd: Set umask to 0 during smbd operations
via 728e56b pysmbd: Remember to close files after setting the NT ACL
via e107c6a pysmbd: Add hook for unlink() so python scripts can remove xattr.tdb entries
from 52ace67 s3:smbd:durable: factor stat checks out into vfs_default_durable_reconnect_check_stat()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit cb50e85a5a054eeb59bf4c27c886679285732548
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Oct 26 14:23:39 2012 +1100
vfstest: set umask(0) in vfstest
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Oct 26 10:07:03 CEST 2012 on sn-devel-104
commit e146fe5ef96c1522175a8e81db15d1e8879e5652
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Oct 26 14:22:07 2012 +1100
pysmbd: Set umask to 0 during smbd operations
commit 728e56b4636b668aaac60ec557d6fe16b530a6f9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Oct 26 10:07:02 2012 +1100
pysmbd: Remember to close files after setting the NT ACL
commit e107c6ace73ac40894fdd66860cfeae9115d5cd9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Oct 26 17:25:53 2012 +1100
pysmbd: Add hook for unlink() so python scripts can remove xattr.tdb entries
If we do not provide a way to remove files from xattr.tdb, we can re-use the inode.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/pysmbd.c | 110 ++++++++++++++++++++-
source3/torture/vfstest.c | 5 +
source4/scripting/python/samba/tests/posixacl.py | 40 ++++----
3 files changed, 129 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 5e2daa1..5e8691a 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -43,6 +43,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
connection_struct *conn;
NTSTATUS status = NT_STATUS_OK;
int ret;
+ mode_t saved_umask;
conn = talloc_zero(NULL, connection_struct);
if (conn == NULL) {
@@ -56,6 +57,10 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
conn->params->service = -1;
set_conn_connectpath(conn, "/");
@@ -69,6 +74,8 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
"returned zero.\n"));
}
+ umask(saved_umask);
+
conn_free(conn);
return status;
@@ -83,9 +90,16 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
files_struct *fsp;
struct smb_filename *smb_fname = NULL;
int flags;
+ mode_t saved_umask;
+
+ if (!posix_locking_init(false)) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
conn = talloc_zero(frame, connection_struct);
if (conn == NULL) {
+ TALLOC_FREE(frame);
DEBUG(0, ("talloc failed\n"));
return NT_STATUS_NO_MEMORY;
}
@@ -96,12 +110,6 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
- conn->params->service = -1;
-
- set_conn_connectpath(conn, "/");
-
- smbd_vfs_init(conn);
-
fsp = talloc_zero(frame, struct files_struct);
if (fsp == NULL) {
TALLOC_FREE(frame);
@@ -114,10 +122,21 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
}
fsp->conn = conn;
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
+ conn->params->service = -1;
+
+ set_conn_connectpath(conn, "/");
+
+ smbd_vfs_init(conn);
+
status = create_synthetic_smb_fname_split(fsp, fname, NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
+ umask(saved_umask);
return status;
}
@@ -137,6 +156,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
if (fsp->fh->fd == -1) {
printf("open: error=%d (%s)\n", errno, strerror(errno));
TALLOC_FREE(frame);
+ umask(saved_umask);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -145,9 +165,12 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
DEBUG(0,("set_nt_acl_no_snum: fset_nt_acl returned %s.\n", nt_errstr(status)));
}
+ SMB_VFS_CLOSE(fsp);
+
conn_free(conn);
TALLOC_FREE(frame);
+ umask(saved_umask);
return status;
}
@@ -292,6 +315,7 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
char *fname;
int uid, gid;
TALLOC_CTX *frame;
+ mode_t saved_umask;
if (!PyArg_ParseTuple(args, "sii", &fname, &uid, &gid))
return NULL;
@@ -309,6 +333,10 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
return NULL;
}
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
conn->params->service = -1;
set_conn_connectpath(conn, "/");
@@ -321,6 +349,73 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
DEBUG(0,("chown returned failure: %s\n", strerror(errno)));
}
+ umask(saved_umask);
+
+ conn_free(conn);
+
+ TALLOC_FREE(frame);
+
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+
+ Py_RETURN_NONE;
+}
+
+/*
+ chown a file
+ */
+static PyObject *py_smbd_unlink(PyObject *self, PyObject *args)
+{
+ connection_struct *conn;
+ NTSTATUS status = NT_STATUS_OK;
+ int ret;
+ struct smb_filename *smb_fname = NULL;
+ char *fname;
+ int uid, gid;
+ TALLOC_CTX *frame;
+ mode_t saved_umask;
+
+ if (!PyArg_ParseTuple(args, "s", &fname))
+ return NULL;
+
+ frame = talloc_stackframe();
+
+ conn = talloc_zero(frame, connection_struct);
+ if (conn == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ if (!(conn->params = talloc(conn, struct share_params))) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
+ conn->params->service = -1;
+
+ set_conn_connectpath(conn, "/");
+
+ smbd_vfs_init(conn);
+
+ status = create_synthetic_smb_fname_split(frame, fname, NULL,
+ &smb_fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+ umask(saved_umask);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+ }
+
+ ret = SMB_VFS_UNLINK(conn, smb_fname);
+ if (ret != 0) {
+ status = map_nt_error_from_unix_common(errno);
+ DEBUG(0,("unlink returned failure: %s\n", strerror(errno)));
+ }
+
+ umask(saved_umask);
+
conn_free(conn);
TALLOC_FREE(frame);
@@ -495,6 +590,9 @@ static PyMethodDef py_smbd_methods[] = {
{ "chown",
(PyCFunction)py_smbd_chown, METH_VARARGS,
NULL },
+ { "unlink",
+ (PyCFunction)py_smbd_unlink, METH_VARARGS,
+ NULL },
{ NULL }
};
diff --git a/source3/torture/vfstest.c b/source3/torture/vfstest.c
index 72156a5..dd3787b 100644
--- a/source3/torture/vfstest.c
+++ b/source3/torture/vfstest.c
@@ -34,6 +34,7 @@
#include "messages.h"
#include "libcli/security/security.h"
#include "lib/smbd_shim.h"
+#include "system/filesys.h"
/* List to hold groups of commands */
static struct cmd_list {
@@ -483,6 +484,10 @@ int main(int argc, char *argv[])
poptFreeContext(pc);
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ umask(0);
+
lp_load_initial_only(get_dyn_CONFIGFILE());
/* TODO: check output */
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py
index 482b48b..2450470 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -45,7 +45,7 @@ class PosixAclMappingTests(TestCase):
tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
open(tempf, 'w').write("empty")
setntacl(lp, tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_getntacl(self):
random.seed()
@@ -59,7 +59,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_setposixacl_getntacl(self):
random.seed()
@@ -80,7 +80,7 @@ class PosixAclMappingTests(TestCase):
self.assertTrue(False)
except TypeError:
pass
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_invalidate_getntacl(self):
random.seed()
@@ -101,7 +101,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_invalidate_getntacl_smbd(self):
random.seed()
@@ -122,7 +122,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_invalidate_getntacl_smbd(self):
random.seed()
@@ -145,7 +145,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_getntacl_smbd(self):
random.seed()
@@ -159,7 +159,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_getntacl_smbd(self):
random.seed()
@@ -173,7 +173,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_setposixacl_getntacl_smbd(self):
random.seed()
@@ -190,7 +190,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_setposixacl_group_getntacl_smbd(self):
random.seed()
@@ -213,7 +213,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_smbd_getntacl_smbd_gpo(self):
random.seed()
@@ -227,7 +227,7 @@ class PosixAclMappingTests(TestCase):
facl = getntacl(lp,tempf, direct_db_access=False)
domsid = security.dom_sid("S-1-5-21-2212615479-2695158682-2101375467")
self.assertEquals(facl.as_sddl(domsid),acl)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_getposixacl(self):
random.seed()
@@ -242,7 +242,7 @@ class PosixAclMappingTests(TestCase):
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_getposixacl(self):
random.seed()
@@ -266,7 +266,7 @@ class PosixAclMappingTests(TestCase):
self.assertEquals(posix_acl.acl[3].a_type, smb_acl.SMB_ACL_MASK)
self.assertEquals(posix_acl.acl[3].a_perm, 6)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_getntacl(self):
random.seed()
@@ -282,7 +282,7 @@ class PosixAclMappingTests(TestCase):
except TypeError:
# We don't expect the xattr to be filled in in this case
pass
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_getntacl_smbd(self):
random.seed()
@@ -299,7 +299,7 @@ class PosixAclMappingTests(TestCase):
acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_group_getntacl_smbd(self):
random.seed()
@@ -320,7 +320,7 @@ class PosixAclMappingTests(TestCase):
acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;BA)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_getposixacl(self):
random.seed()
@@ -343,7 +343,7 @@ class PosixAclMappingTests(TestCase):
self.assertEquals(posix_acl.acl[3].a_type, smb_acl.SMB_ACL_MASK)
self.assertEquals(posix_acl.acl[3].a_perm, 6)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setposixacl_group_getposixacl(self):
random.seed()
@@ -376,7 +376,7 @@ class PosixAclMappingTests(TestCase):
self.assertEquals(posix_acl.acl[4].a_type, smb_acl.SMB_ACL_MASK)
self.assertEquals(posix_acl.acl[4].a_perm, 6)
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_sysvol_check_getposixacl(self):
random.seed()
@@ -502,7 +502,7 @@ class PosixAclMappingTests(TestCase):
#
- os.unlink(tempf)
+ smbd.unlink(tempf)
def test_setntacl_policies_check_getposixacl(self):
random.seed()
@@ -640,7 +640,7 @@ class PosixAclMappingTests(TestCase):
#
- os.unlink(tempf)
+ smbd.unlink(tempf)
def setUp(self):
super(PosixAclMappingTests, self).setUp()
--
Samba Shared Repository
More information about the samba-cvs
mailing list