[SCM] Samba Shared Repository - branch master updated

Fri Aug 21 05:18:02 UTC 2015

The branch, master has been updated
       via  59e955b vfs_scannedonly: Remove vfs_scannedonly from samba source tree.
      from  ba4c9bd script/autobuild.py: make sure --nonshared-binary=smbtorture,smbd/smbd keeps working

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 59e955bfd136cbe798d155a4930f6ce4bfe00020
Author: Robin Hack <hack.robin at gmail.com>
Date:   Fri Aug 21 13:54:03 2015 +1200

    vfs_scannedonly: Remove vfs_scannedonly from samba source tree.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=11459
    Signed-off-by: Robin Hack <hack.robin at gmail.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Fri Aug 21 07:17:35 CEST 2015 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/manpages/vfs_scannedonly.8.xml |  243 -------
 docs-xml/wscript_build                  |    1 -
 packaging/RHEL-CTDB/samba.spec.tmpl     |    1 -
 source3/modules/vfs_scannedonly.c       | 1044 -------------------------------
 source3/modules/wscript_build           |    8 -
 source3/wscript                         |    2 +-
 6 files changed, 1 insertion(+), 1298 deletions(-)
 delete mode 100644 docs-xml/manpages/vfs_scannedonly.8.xml
 delete mode 100644 source3/modules/vfs_scannedonly.c


Changeset truncated at 500 lines:

diff --git a/docs-xml/manpages/vfs_scannedonly.8.xml b/docs-xml/manpages/vfs_scannedonly.8.xml
deleted file mode 100644
index 5f569b7..0000000
--- a/docs-xml/manpages/vfs_scannedonly.8.xml
+++ /dev/null
@@ -1,243 +0,0 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
-<refentry id="vfs_scannedonly.8">
-
-<refmeta>
-	<refentrytitle>vfs_scannedonly</refentrytitle>
-	<manvolnum>8</manvolnum>
-	<refmiscinfo class="source">Samba</refmiscinfo>
-	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
-	<refmiscinfo class="version">4.3</refmiscinfo>
-</refmeta>
-
-
-<refnamediv>
-	<refname>vfs_scannedonly</refname>
-	<refpurpose>Ensures that only files that have been scanned for viruses are
-	visible and accessible to the end user.</refpurpose>
-</refnamediv>
-
-<refsynopsisdiv>
-	<cmdsynopsis>
-		<command>vfs objects = scannedonly</command>
-	</cmdsynopsis>
-</refsynopsisdiv>
-
-<refsect1>
-	<title>DESCRIPTION</title>
-
-	<para>This VFS module is part of the
-	<citerefentry><refentrytitle>samba</refentrytitle>
-	<manvolnum>8</manvolnum></citerefentry> suite.</para>
-
-	<para>The <command>vfs_scannedonly</command> VFS module ensures that
-	only files that have been scanned for viruses are visible and accessible
-	to the end user. If non-scanned files are found an anti-virus scanning
-	daemon is notified. The anti-virus scanning daemon is not part of the
-	Samba suite.
-	</para>
-
-	<para>Scannedonly comes in two parts: a samba vfs module and (one or
-	more) daemons. The daemon scans files. If a certain file is clean,
-	a second file is created with prefix <filename>.scanned:</filename>.
-	The Samba module simply looks if such a <filename>.scanned:</filename>
-	file exists, and is newer than the pertinent file. If this is the case,
-	the file is shown to the user. If this is not the case, the file is not
-	returned in a directory listing (configurable), and cannot be opened
-	(configurable). The Samba vfs module will notify the daemon to scan
-	this file.
-	</para>
-
-	<para>So what happens for the user in the default configuration. The
-	first time a directory is listed, it shows files as 'file is being
-	scanned for viruses, but after the first time all files are shown.
-	There is a utility scannedonly_prescan that can help you to prescan
-	all directories. When new files are written the daemon is notified
-	immediately after the file is complete.
-	</para>
-
-	<para>If a virus is found by the daemon, a file with a warning message
-	is created in the directory of the user, a warning is sent to the logs,
-	and the file is renamed to have prefix <filename>.virus:</filename>.
-	Files with the <filename>.virus:</filename> prefix are never shown to
-	the user and all access is denied.
-	</para>
-
-	<para>This module is stackable.</para>
-
-</refsect1>
-
-<refsect1>
-	<title>CONFIGURATION</title>
-
-	<para><command>vfs_scannedonly</command> relies on a anti-virus scanning
-	daemon that listens on the scannedonly socket (unix domain socket or UDP
-	socket).
-	</para>
-</refsect1>
-
-<refsect1>
-        <title>OPTIONS</title>
-
-        <variablelist>
-		<varlistentry>
-		<term>scannedonly:domain_socket = True </term>
-		<listitem>
-		<para>Whether to use a unix domain socket or not (false reverts
-		to use udp)
-		</para>
-		</listitem>
-	</varlistentry>
-
-	<varlistentry>
-		<term>scannedonly:socketname = /var/lib/scannedonly/scan</term>
-		<listitem>
-		<para>The location of the unix domain socket to connect to</para>
-		</listitem>
-	</varlistentry>
-
-	<varlistentry>
-		<term>scannedonly:portnum = 2020</term>
-		<listitem>
-		<para>The udp port number to connect to
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:scanhost = localhost</term>
-		<listitem>
-		<para>
-		When using UDP the host that runs the scanning daemon (this host
-		needs access to the files!)
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:show_special_files = True</term>
-		<listitem>
-		<para>
-		Whether sockets, devices and fifo's (all not scanned for
-		viruses) should be visible to the user
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:rm_hidden_files_on_rmdir = True</term>
-		<listitem>
-		<para>
-		Whether files that are not visible (<filename>.scanned:</filename>
-		files, <filename>.failed:</filename> files and <filename>.virus:
-		</filename> files) should be deleted if the user tries to remove
-		the directory. If false, the user will get the "directory is not
-		empty" error.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:hide_nonscanned_files = True</term>
-		<listitem>
-		<para>
-		If false, all non-scanned files are visible in directory listings.
-		If such files are found in a directory listing the scanning daemon
-		is notified that scanning is required. Access to non-scanned files
-		is still denied (see scannedonly:allow_nonscanned_files).
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:scanning_message = is being scanned for
-	viruses</term>
-		<listitem>
-		<para>
-		If non-scanned files are hidden
-		(if scannedonly:hide_nonscanned_files = True), a fake 0 byte file
-		is shown. The filename is the original filename with the message
-		as suffix.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:recheck_time_open = 50</term>
-		<listitem>
-		<para>
-		If a non-scanned file is opened, the vfs module will wait
-		recheck_tries_open times for recheck_time_open milliseconds for
-		the scanning daemon to create a <filename>.scanned:</filename>
-		file. For small files that are scanned by the daemon within the
-		time (tries * time) the behavior will be just like on-access
-		scanning.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:recheck_tries_open = 100</term>
-		<listitem>
-		<para>
-		See recheck_time_open.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:recheck_time_readdir = 50</term>
-		<listitem>
-		<para>
-		If a non-scanned file is in a directory listing the vfs module
-		notifies the daemon (once for all files that need scanning in
-		that directory), and waits recheck_tries_readdir times for
-		recheck_time_readdir milliseconds. Only used when
-		hide_nonscanned_files is false.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:recheck_tries_readdir = 20</term>
-		<listitem>
-		<para>
-		See recheck_time_readdir.
-		</para>
-		</listitem>
-	</varlistentry>
-	<varlistentry><term>scannedonly:allow_nonscanned_files = False</term>
-		<listitem>
-		<para>
-		Allow access to non-scanned files. The daemon is notified,
-		however, and special files such as <filename>.scanned:</filename>
-		files. <filename>.virus:</filename> files and
-		<filename>.failed:</filename> files are not listed.
-		</para>
-		</listitem>
-	</varlistentry>
-
-	</variablelist>
-</refsect1>
-
-<refsect1>
-	<title>EXAMPLES</title>
-
-	<para>Enable anti-virus scanning:</para>
-<programlisting>
-        <smbconfsection name="[homes]"/>
-	<smbconfoption name="vfs objects">scannedonly</smbconfoption>
-	<smbconfoption name="scannedonly:hide_nonscanned_files">False</smbconfoption>
-</programlisting>
-
-</refsect1>
-
-<refsect1>
-	<title>CAVEATS</title>
-
-	<para>This is not true on-access scanning. However, it is very fast
-	for files that have been scanned already.
-	</para>
-</refsect1>
-
-<refsect1>
-	<title>VERSION</title>
-
-	<para>This man page is correct for version 4.0.0 of the Samba suite.
-	</para>
-</refsect1>
-
-<refsect1>
-	<title>AUTHOR</title>
-
-	<para>The original Samba software and related utilities
-	were created by Andrew Tridgell. Scannedonly was
-	developed for Samba by Olivier Sessink. Samba is now developed
-	by the Samba Team as an Open Source project similar
-	to the way the Linux kernel is developed.</para>
-
-</refsect1>
-
-</refentry>
diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build
index 5c42a31..5157460 100644
--- a/docs-xml/wscript_build
+++ b/docs-xml/wscript_build
@@ -73,7 +73,6 @@ manpages='''
          manpages/vfs_readahead.8
          manpages/vfs_readonly.8
          manpages/vfs_recycle.8
-         manpages/vfs_scannedonly.8
          manpages/vfs_shadow_copy.8
          manpages/vfs_shadow_copy2.8
 	 manpages/vfs_shell_snap.8
diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl b/packaging/RHEL-CTDB/samba.spec.tmpl
index ad18826..7522806 100644
--- a/packaging/RHEL-CTDB/samba.spec.tmpl
+++ b/packaging/RHEL-CTDB/samba.spec.tmpl
@@ -419,7 +419,6 @@ exit 0
 %{_libarchdir}/samba/vfs/readahead.so
 %{_libarchdir}/samba/vfs/readonly.so
 %{_libarchdir}/samba/vfs/recycle.so
-%{_libarchdir}/samba/vfs/scannedonly.so
 %{_libarchdir}/samba/vfs/shadow_copy.so
 %{_libarchdir}/samba/vfs/shadow_copy2.so
 %{_libarchdir}/samba/vfs/smb_traffic_analyzer.so
diff --git a/source3/modules/vfs_scannedonly.c b/source3/modules/vfs_scannedonly.c
deleted file mode 100644
index 128374a..0000000
--- a/source3/modules/vfs_scannedonly.c
+++ /dev/null
@@ -1,1044 +0,0 @@
-/*
- * scannedonly VFS module for Samba 3.5 and beyond
- *
- * Copyright 2007,2008,2009,2010,2011 (C) Olivier Sessink
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- * ABOUT SCANNEDONLY
- *
- * scannedonly implements a 'filter' like vfs module that talks over a
- * unix domain socket or over UDP to a anti-virus engine.
- *
- * files that are clean have a corresponding .scanned:{filename} file
- * in the same directory. So why the .scanned: files? They take up
- * only an inode, because they are 0 bytes. To test if the file is
- * scanned only a stat() call on the filesystem is needed which is
- * very quick compared to a database lookup. All modern filesystems
- * use database technology such as balanced trees for lookups anyway.
- * The number of inodes in modern filesystems is also not limiting
- * anymore. The .scanned: files are also easy scriptable. You can
- * remove them with a simple find command or create them with a
- * simple touch command. Extended filesystem attributes have similar
- * properties, but are not supported on all filesystems, so that
- * would limit the usage of the module (and attributes are not as
- * easily scriptable)
- *
- * files that are not clean are sent to the AV-engine. Only the
- * filename is sent over the socket. The protocol is very simple:
- * a newline separated list of filenames inside each datagram.
- *
- * a file AV-scan may be requested multiple times, the AV-engine
- * should also check if the file has been scanned already. Requests
- * can also be dropped by the AV-engine (and we thus don't need the
- * reliability of TCP).
- *
- */
-
-#include "includes.h"
-#include "smbd/smbd.h"
-#include "system/filesys.h"
-
-#include "config.h"
-
-#define SENDBUFFERSIZE 1450
-
-#ifndef       SUN_LEN
-#define       SUN_LEN(sunp)   ((size_t)((struct sockaddr_un *)0)->sun_path \
-				+ strlen((sunp)->sun_path))
-#endif
-
-
-struct Tscannedonly {
-	int socket;
-	int domain_socket;
-	int portnum;
-	int scanning_message_len;
-	int recheck_time_open;
-	int recheck_tries_open;
-	int recheck_size_open;
-	int recheck_time_readdir;
-	int recheck_tries_readdir;
-	bool show_special_files;
-	bool rm_hidden_files_on_rmdir;
-	bool hide_nonscanned_files;
-	bool allow_nonscanned_files;
-	const char *socketname;
-	const char *scanhost;
-	const char *scanning_message;
-	const char *p_scanned; /* prefix for scanned files */
-	const char *p_virus; /* prefix for virus containing files */
-	const char *p_failed; /* prefix for failed to scan files */
-	char gsendbuffer[SENDBUFFERSIZE + 1];
-};
-
-#define STRUCTSCANO(var) ((struct Tscannedonly *)var)
-
-struct scannedonly_DIR {
-	char *base;
-	int recheck_tries_done; /* if 0 the directory listing has not yet
-	been checked for files that need to be scanned. */
-	DIR *DIR;
-};
-#define SCANNEDONLY_DEBUG 9
-/*********************/
-/* utility functions */
-/*********************/
-
-static char *real_path_from_notify_path(TALLOC_CTX *ctx,
-					struct Tscannedonly *so,
-					const char *path)
-{
-	char *name;
-	int len, pathlen;
-
-	name = strrchr(path, '/');
-	if (!name) {
-		return NULL;
-	}
-	pathlen = name - path;
-	name++;
-	len = strlen(name);
-	if (len <= so->scanning_message_len) {
-		return NULL;
-	}
-
-	if (strcmp(name + (len - so->scanning_message_len),
-		   so->scanning_message) != 0) {
-		return NULL;
-	}
-
-	return talloc_strndup(ctx,path,
-			      pathlen + len - so->scanning_message_len);
-}
-
-static char *cachefile_name(TALLOC_CTX *ctx,
-			    const char *shortname,
-			    const char *base,
-			    const char *p_scanned)
-{
-	return talloc_asprintf(ctx, "%s%s%s", base, p_scanned, shortname);
-}
-
-static char *name_w_ending_slash(TALLOC_CTX *ctx, const char *name)
-{
-	int len = strlen(name);
-	if (name[len - 1] == '/') {
-		return talloc_strdup(ctx,name);
-	} else {
-		return talloc_asprintf(ctx, "%s/", name);
-	}
-}
-
-static char *cachefile_name_f_fullpath(TALLOC_CTX *ctx,
-				       const char *fullpath,
-				       const char *p_scanned)
-{
-	const char *base;
-	char *tmp, *cachefile;
-	const char *shortname;
-	tmp = strrchr(fullpath, '/');
-	if (tmp) {
-		base = talloc_strndup(ctx, fullpath, (tmp - fullpath) + 1);
-		shortname = tmp + 1;
-	} else {
-		base = "";
-		shortname = (const char *)fullpath;
-	}
-	cachefile = cachefile_name(ctx, shortname, base, p_scanned);
-	DEBUG(SCANNEDONLY_DEBUG,
-	      ("cachefile_name_f_fullpath cachefile=%s\n", cachefile));
-	return cachefile;
-}
-
-static char *construct_full_path(TALLOC_CTX *ctx, vfs_handle_struct * handle,
-				 const char *somepath, bool ending_slash)
-{
-	const char *tmp;
-
-	if (!somepath) {
-		return NULL;
-	}
-	if (somepath[0] == '/') {
-		if (ending_slash) {
-			return name_w_ending_slash(ctx,somepath);
-		}
-		return talloc_strdup(ctx,somepath);
-	}
-	tmp = somepath;
-	if (tmp[0]=='.'&&tmp[1]=='/') {
-		tmp+=2;
-	}
-	/* vfs_GetWd() seems to return a path with a slash */
-	if (ending_slash) {
-		return talloc_asprintf(ctx, "%s/%s/",
-				       vfs_GetWd(ctx, handle->conn),tmp);
-	}
-	return talloc_asprintf(ctx, "%s/%s",
-			       vfs_GetWd(ctx, handle->conn),tmp);
-}
-
-static int connect_to_scanner(vfs_handle_struct * handle)
-{
-	struct Tscannedonly *so = (struct Tscannedonly *)handle->data;
-
-	if (so->domain_socket) {
-		struct sockaddr_un saun;
-		DEBUG(SCANNEDONLY_DEBUG, ("socket=%s\n", so->socketname));
-		if ((so->socket = socket(AF_UNIX, SOCK_DGRAM, 0)) < 0) {
-			DEBUG(2, ("failed to create socket %s\n",
-				  so->socketname));
-			return -1;
-		}
-		saun.sun_family = AF_UNIX;
-		strncpy(saun.sun_path, so->socketname,
-			sizeof(saun.sun_path) - 1);
-		if (connect(so->socket, (struct sockaddr *)(void *)&saun,
-			    SUN_LEN(&saun)) < 0) {
-			DEBUG(2, ("failed to connect to socket %s\n",
-				  so->socketname));
-			return -1;
-		}
-		DEBUG(SCANNEDONLY_DEBUG,("bound %s to socket %d\n",
-					 saun.sun_path, so->socket));
-
-	} else {
-		so->socket = open_udp_socket(so->scanhost, so->portnum);
-		if (so->socket < 0) {
-			DEBUG(2,("failed to open UDP socket to %s:%d\n",
-				 so->scanhost,so->portnum));


-- 
Samba Shared Repository

