[SCM] Samba Shared Repository - branch v4-2-test updated
Karolin Seeger
kseeger at samba.org
Tue Feb 16 10:33:05 UTC 2016
The branch, v4-2-test has been updated
via cb0d8e1 ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."
via d0ba284 lib/tsocket: workaround sockets not supporting FIONREAD
via 7f8cbd8 param: Fix str_list_v3 to accept ; again
via 6ff4dd7 loadparm: Fix memory leak issue.
via bf29f7d s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support.
via bd140e6 s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file.
from 3435f30 docs-xml: fix typo in smbspool_krb5_wrapper manpage.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit cb0d8e16c48e036a32944bd4b64069b91b607a47
Author: Martin Schwenke <martin at meltin.net>
Date: Mon Feb 8 15:55:17 2016 +1100
ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."
This is unnecessary in Samba >= 4.0 because winbindd monitors IP
address itself and no longer needs to be told when they are dropped.
The smbcontrol commands can hang if a node has recovery mode active
because smbcontrol is unable to connect to the registry. Therefore,
the smbcontrol commands should be removed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11719
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Feb 10 14:08:17 CET 2016 on sn-devel-144
(cherry picked from commit 519564bb35a0f840bc4d7c8c5a92441c97b49791)
Autobuild-User(v4-2-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-2-test): Tue Feb 16 11:32:47 CET 2016 on sn-devel-104
commit d0ba284ccbfd054108e9ea8d64a65f467619c6d7
Author: Ralph Boehme <slow at samba.org>
Date: Thu Feb 4 15:35:06 2016 +0100
lib/tsocket: workaround sockets not supporting FIONREAD
Netlink sockets don't support querying pending bytes with ioctl(fd,
FIONREAD, ...) and would return EOPNOTSUPP, so use recvmsg() with
MSG_PEEK|MSG_TRUNC as a fallback.
The MSG_TRUNC flag to recvmsg() is Linux only, but netlink is as well,
so we're safe for now.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11714
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Feb 10 10:30:24 CET 2016 on sn-devel-144
(cherry picked from commit 574313a1e11d521ba3f7232ff0b4186b49658199)
commit 7f8cbd8fe42b0785355cfaef4069ad469b02dd77
Author: Volker Lendecke <vl at samba.org>
Date: Thu Feb 11 13:11:46 2016 +0100
param: Fix str_list_v3 to accept ; again
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Feb 11 19:19:55 CET 2016 on sn-devel-144
https://bugzilla.samba.org/show_bug.cgi?id=11732
commit 6ff4dd74452da86ff230dd9b41bcb6b6e55318b2
Author: Hemanth Thummala <hemanth.thummala at nutanix.com>
Date: Tue Feb 2 10:33:20 2016 -0800
loadparm: Fix memory leak issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11708
Signed-off-by: Hemanth Thummala <hemanth.thummala at nutanix.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Feb 4 12:39:14 CET 2016 on sn-devel-144
(cherry picked from commit 8247d93701ed838190fe74044a63a56d63d37bf5)
commit bf29f7d67a47e64d9c9212135e59081c748a8f4e
Author: Jeremy Allison <jra at samba.org>
Date: Tue Feb 9 12:47:43 2016 -0800
s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support.
Since 4.0.x we add 2 additional ACE entries, one SMB_ACL_USER
and SMB_ACL_GROUP to match the existing SMB_ACL_USER_OBJ and
SMB_ACL_GROUP_OBJ entries. The two additional entries break
the simple "must have 3 entries" check done inside convert_canon_ace_to_posix_perms().
Replace this with a more complete test.
Problem and initial fix provided by <tcleamy at ucdavis.edu>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10489
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Thu Feb 11 11:14:53 CET 2016 on sn-devel-144
(cherry picked from commit 5172bf0c5b0672c1479c2ad776460956aa469bca)
commit bd140e69e4990858842df76b0ca42dc87a602666
Author: Jose A. Rivera <jarrpa at samba.org>
Date: Wed Feb 3 20:58:19 2016 -0600
s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11727
Signed-off-by: Jose A. Rivera <jarrpa at samba.org>
Pair-programmed-with: Ira Cooper <ira at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Feb 5 04:37:43 CET 2016 on sn-devel-144
(cherry picked from commit aec07b8b60ff9589a3c84eef6adeca464e6c01f6)
-----------------------------------------------------------------------
Summary of changes:
ctdb/config/events.d/11.natgw | 4 ---
ctdb/config/events.d/49.winbind | 7 -----
lib/tsocket/tsocket_bsd.c | 62 ++++++++++++++++++++++++++++++++++++++++-
lib/util/util_strlist.c | 18 +++++++++++-
source3/param/loadparm.c | 2 +-
source3/smbd/open.c | 4 +--
source3/smbd/posix_acls.c | 39 +++++++++++++++++++++++++-
7 files changed, 119 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/config/events.d/11.natgw b/ctdb/config/events.d/11.natgw
index aef302c..5e10d1d 100755
--- a/ctdb/config/events.d/11.natgw
+++ b/ctdb/config/events.d/11.natgw
@@ -98,10 +98,6 @@ natgw_set_slave ()
_net="${_net_gw%@*}"
ip route add "$_net" via "$_natgwip" metric 10
done
-
- # Make sure winbindd does not stay bound to this address if we are
- # no longer NATGW master
- smbcontrol winbindd ip-dropped $CTDB_NATGW_PUBLIC_IP >/dev/null 2>&1
}
natgw_ensure_master ()
diff --git a/ctdb/config/events.d/49.winbind b/ctdb/config/events.d/49.winbind
index dee3c90..a1ea787 100755
--- a/ctdb/config/events.d/49.winbind
+++ b/ctdb/config/events.d/49.winbind
@@ -55,13 +55,6 @@ case "$1" in
ctdb_check_command wbinfo -p
;;
- takeip|releaseip)
- iface=$2
- ip=$3
- maskbits=$4
-
- smbcontrol winbindd ip-dropped $ip >/dev/null 2>/dev/null
- ;;
*)
ctdb_standard_event_handler "$@"
;;
diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index 067d658..e2dfe9d 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -153,6 +153,43 @@ static int tsocket_bsd_common_prepare_fd(int fd, bool high_fd)
return -1;
}
+#ifdef HAVE_LINUX_RTNETLINK_H
+/**
+ * Get the amount of pending bytes from a netlink socket
+ *
+ * For some reason netlink sockets don't support querying the amount of pending
+ * data via ioctl with FIONREAD, which is what we use in tsocket_bsd_pending()
+ * below.
+ *
+ * We know we are on Linux as we're using netlink, which means we have a working
+ * MSG_TRUNC flag to recvmsg() as well, so we use that together with MSG_PEEK.
+ **/
+static ssize_t tsocket_bsd_netlink_pending(int fd)
+{
+ struct iovec iov;
+ struct msghdr msg;
+ char buf[1];
+
+ iov = (struct iovec) {
+ .iov_base = buf,
+ .iov_len = sizeof(buf)
+ };
+
+ msg = (struct msghdr) {
+ .msg_iov = &iov,
+ .msg_iovlen = 1
+ };
+
+ return recvmsg(fd, &msg, MSG_PEEK | MSG_TRUNC);
+}
+#else
+static ssize_t tsocket_bsd_netlink_pending(int fd)
+{
+ errno = ENOSYS;
+ return -1;
+}
+#endif
+
static ssize_t tsocket_bsd_pending(int fd)
{
int ret, error;
@@ -661,6 +698,7 @@ struct tdgram_bsd {
void *event_ptr;
struct tevent_fd *fde;
bool optimize_recvfrom;
+ bool netlink;
void *readable_private;
void (*readable_handler)(void *private_data);
@@ -913,7 +951,12 @@ static void tdgram_bsd_recvfrom_handler(void *private_data)
int err;
bool retry;
- ret = tsocket_bsd_pending(bsds->fd);
+ if (bsds->netlink) {
+ ret = tsocket_bsd_netlink_pending(bsds->fd);
+ } else {
+ ret = tsocket_bsd_pending(bsds->fd);
+ }
+
if (state->first_try && ret == 0) {
state->first_try = false;
/* retry later */
@@ -1416,6 +1459,11 @@ int _tdgram_bsd_existing_socket(TALLOC_CTX *mem_ctx,
{
struct tdgram_context *dgram;
struct tdgram_bsd *bsds;
+#ifdef HAVE_LINUX_RTNETLINK_H
+ int result;
+ struct sockaddr sa;
+ socklen_t sa_len = sizeof(struct sockaddr);
+#endif
dgram = tdgram_context_create(mem_ctx,
&tdgram_bsd_ops,
@@ -1430,6 +1478,18 @@ int _tdgram_bsd_existing_socket(TALLOC_CTX *mem_ctx,
talloc_set_destructor(bsds, tdgram_bsd_destructor);
*_dgram = dgram;
+
+#ifdef HAVE_LINUX_RTNETLINK_H
+ /*
+ * Try to determine the protocol family and remember if it's
+ * AF_NETLINK. We don't care if this fails.
+ */
+ result = getsockname(fd, &sa, &sa_len);
+ if (result == 0 && sa.sa_family == AF_NETLINK) {
+ bsds->netlink = true;
+ }
+#endif
+
return 0;
}
diff --git a/lib/util/util_strlist.c b/lib/util/util_strlist.c
index ea6c8a3..46d37f2 100644
--- a/lib/util/util_strlist.c
+++ b/lib/util/util_strlist.c
@@ -552,7 +552,23 @@ char **str_list_make_v3(TALLOC_CTX *mem_ctx, const char *string,
TALLOC_FREE(list);
return NULL;
}
- if (!sep) sep = LIST_SEP;
+
+ /*
+ * DON'T REPLACE THIS BY "LIST_SEP". The common version of
+ * LIST_SEP does not contain the ;, which used to be accepted
+ * by Samba 4.0 before param merges. It would be the far
+ * better solution to split the _v3 version again to source3/
+ * where it belongs, see the _v3 in its name.
+ *
+ * Unfortunately it is referenced in /lib/param/loadparm.c,
+ * which depends on the version that the AD-DC mandates,
+ * namely without the ; as part of the list separator. I am
+ * missing the waf fu to properly work around the wrong
+ * include paths here for this defect.
+ */
+ if (sep == NULL) {
+ sep = " \t,;\n\r";
+ }
num = 0;
str = s;
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 94de252..5596234 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1289,7 +1289,7 @@ static int add_a_service(const struct loadparm_service *pservice, const char *na
return (-1);
}
ServicePtrs = tsp;
- ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
+ ServicePtrs[iNumServices] = talloc_zero(ServicePtrs, struct loadparm_service);
if (!ServicePtrs[iNumServices]) {
DEBUG(0,("add_a_service: out of memory!\n"));
return (-1);
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 5dbb0a5..eb4323a 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3166,8 +3166,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
}
if (info != FILE_WAS_OPENED) {
- /* Files should be initially set as archive */
- if (lp_map_archive(SNUM(conn)) ||
+ /* Overwritten files should be initially set as archive */
+ if ((info == FILE_WAS_OVERWRITTEN && lp_map_archive(SNUM(conn))) ||
lp_store_dos_attributes(SNUM(conn))) {
if (!posix_open) {
if (file_set_dosmode(conn, smb_fname,
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 8b4c7b1..6d08e53 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3085,7 +3085,7 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
canon_ace *group_ace = NULL;
canon_ace *other_ace = NULL;
- if (ace_count != 3) {
+ if (ace_count > 5) {
DEBUG(3,("convert_canon_ace_to_posix_perms: Too many ACE "
"entries for file %s to convert to posix perms.\n",
fsp_str_dbg(fsp)));
@@ -3107,6 +3107,43 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
return False;
}
+ /*
+ * Ensure all ACE entries are owner, group or other.
+ * We can't set if there are any other SIDs.
+ */
+ for (ace_p = file_ace_list; ace_p; ace_p = ace_p->next) {
+ if (ace_p == owner_ace || ace_p == group_ace ||
+ ace_p == other_ace) {
+ continue;
+ }
+ if (ace_p->owner_type == UID_ACE) {
+ if (ace_p->unix_ug.id != owner_ace->unix_ug.id) {
+ DEBUG(3,("Invalid uid %u in ACE for file %s.\n",
+ (unsigned int)ace_p->unix_ug.id,
+ fsp_str_dbg(fsp)));
+ return false;
+ }
+ } else if (ace_p->owner_type == GID_ACE) {
+ if (ace_p->unix_ug.id != group_ace->unix_ug.id) {
+ DEBUG(3,("Invalid gid %u in ACE for file %s.\n",
+ (unsigned int)ace_p->unix_ug.id,
+ fsp_str_dbg(fsp)));
+ return false;
+ }
+ } else {
+ /*
+ * There should be no duplicate WORLD_ACE entries.
+ */
+
+ DEBUG(3,("Invalid type %u, uid %u in "
+ "ACE for file %s.\n",
+ (unsigned int)ace_p->owner_type,
+ (unsigned int)ace_p->unix_ug.id,
+ fsp_str_dbg(fsp)));
+ return false;
+ }
+ }
+
*posix_perms = (mode_t)0;
*posix_perms |= owner_ace->perms;
--
Samba Shared Repository
More information about the samba-cvs
mailing list