[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Jul 6 21:20:04 UTC 2018
The branch, master has been updated
via 0cd4482 docs/vfs_ceph: add CTDB_SAMBA_SKIP_SHARE_CHECK=yes caveat
via 926ae50 vfs_ceph: don't lie about flock support
via 887f914 s3/loadparm: fix a few talloc stackframe leaks
via c58194e s3/service: convert lp_force_user() to const
via c53646b s3/service: convert lp_force_group() to const
via ce6c77d s3/uid: use lp_const_servicename() where possible
via 20a837e s3/service: use lp_const_servicename() where possible
from 77be963 nsswitch: Use a swtich in the wbinfo test to lookup users
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0cd44821f3889067620d685344c3eaf913a31329
Author: David Disseldorp <ddiss at samba.org>
Date: Fri Jul 6 13:31:43 2018 +0200
docs/vfs_ceph: add CTDB_SAMBA_SKIP_SHARE_CHECK=yes caveat
Mostly copied from the vfs_gluster manpage: the CephFS share path is not
locally mounted, which breaks the ctdb_check_directories_probe() check.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 6 23:19:02 CEST 2018 on sn-devel-144
commit 926ae50627d536735cee9b3931ee35bc19060261
Author: David Disseldorp <ddiss at samba.org>
Date: Thu Jul 5 17:18:15 2018 +0200
vfs_ceph: don't lie about flock support
Instead, match vfs_gluster behaviour and require that users explicitly
disable "kernel share modes".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13506
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 887f9147b4ccb6498b0e93efd7ea3696d3d36df2
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jun 25 02:28:41 2018 +0200
s3/loadparm: fix a few talloc stackframe leaks
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c58194e3d296f4e14e7689bdf192c561635ae161
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jun 25 02:22:31 2018 +0200
s3/service: convert lp_force_user() to const
Avoid set_conn_force_user_group() talloc stackframe leaks in doing so.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c53646bccd87ef3b3133d3f7526ef85591909528
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jun 25 02:08:25 2018 +0200
s3/service: convert lp_force_group() to const
set_conn_force_user_group() and change_to_user_internal() leak onto
the callers' talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit ce6c77d63a7e361f8c3233d7d5b439ad6796a09b
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jun 25 02:19:34 2018 +0200
s3/uid: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 20a837e87714f329d121f5de96b260ade651419c
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jun 25 01:59:33 2018 +0200
s3/service: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/vfs_ceph.8.xml | 19 ++++++
docs-xml/smbdotconf/security/forcegroup.xml | 1 +
docs-xml/smbdotconf/security/forceuser.xml | 1 +
source3/modules/vfs_ceph.c | 11 ++--
source3/param/loadparm.c | 13 +++--
source3/smbd/service.c | 89 ++++++++++++++---------------
source3/smbd/uid.c | 25 ++++----
7 files changed, 89 insertions(+), 70 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/vfs_ceph.8.xml b/docs-xml/manpages/vfs_ceph.8.xml
index 453030e..453052e 100644
--- a/docs-xml/manpages/vfs_ceph.8.xml
+++ b/docs-xml/manpages/vfs_ceph.8.xml
@@ -62,7 +62,26 @@
<programlisting>
<smbconfsection name="[share]"/>
<smbconfoption name="vfs objects">ceph</smbconfoption>
+ <smbconfoption name="path">/non-mounted/cephfs/path</smbconfoption>
+ <smbconfoption name="kernel share modes">no</smbconfoption>
</programlisting>
+
+ <para>
+ Since <command>vfs_ceph</command> does not require a filesystem
+ mount, the share <command>path</command> is treated differently:
+ it is interpreted as an absolute path within the Ceph filesystem
+ on the attached Ceph cluster.
+ In a ctdb cluster environment where ctdb manages Samba,
+ <command>CTDB_SAMBA_SKIP_SHARE_CHECK=yes</command> must be
+ configured to disable local share path checks, otherwise ctdb
+ will not reach a healthy state.
+ </para>
+
+ <para>
+ Note that currently <command>kernel share modes</command> have
+ to be disabled in a share running with the CephFS vfs module for
+ file serving to work properly.
+ </para>
</refsect1>
<refsect1>
diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml
index d101f1c..b6e729b 100644
--- a/docs-xml/smbdotconf/security/forcegroup.xml
+++ b/docs-xml/smbdotconf/security/forcegroup.xml
@@ -1,6 +1,7 @@
<samba:parameter name="force group"
context="S"
type="string"
+ constant="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>group</synonym>
<description>
diff --git a/docs-xml/smbdotconf/security/forceuser.xml b/docs-xml/smbdotconf/security/forceuser.xml
index ff5c7a2..3316afe 100644
--- a/docs-xml/smbdotconf/security/forceuser.xml
+++ b/docs-xml/smbdotconf/security/forceuser.xml
@@ -1,5 +1,6 @@
<samba:parameter name="force user"
type="string"
+ constant="1"
context="S"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c
index b6ca27d..47371bc 100644
--- a/source3/modules/vfs_ceph.c
+++ b/source3/modules/vfs_ceph.c
@@ -1164,12 +1164,11 @@ static bool cephwrap_lock(struct vfs_handle_struct *handle, files_struct *fsp, i
static int cephwrap_kernel_flock(struct vfs_handle_struct *handle, files_struct *fsp,
uint32_t share_mode, uint32_t access_mask)
{
- DBG_DEBUG("[CEPH] kernel_flock\n");
- /*
- * We must return zero here and pretend all is good.
- * One day we might have this in CEPH.
- */
- return 0;
+ DBG_ERR("[CEPH] flock unsupported! Consider setting "
+ "\"kernel share modes = no\"\n");
+
+ errno = ENOSYS;
+ return -1;
}
static bool cephwrap_getlock(struct vfs_handle_struct *handle, files_struct *fsp, off_t *poffset, off_t *pcount, int *ptype, pid_t *ppid)
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 8f2f26a..5f646d6 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1530,6 +1530,7 @@ bool lp_add_home(const char *pszHomename, int iDefaultService,
const char *user, const char *pszHomedir)
{
int i;
+ char *global_path;
if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
pszHomedir[0] == '\0') {
@@ -1541,12 +1542,13 @@ bool lp_add_home(const char *pszHomename, int iDefaultService,
if (i < 0)
return false;
+ global_path = lp_path(talloc_tos(), GLOBAL_SECTION_SNUM);
if (!(*(ServicePtrs[iDefaultService]->path))
- || strequal(ServicePtrs[iDefaultService]->path,
- lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
+ || strequal(ServicePtrs[iDefaultService]->path, global_path)) {
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
pszHomedir);
}
+ TALLOC_FREE(global_path);
if (!(*(ServicePtrs[i]->comment))) {
char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
@@ -4156,6 +4158,7 @@ void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
fprintf(f,"\n");
lp_dump_one(f, show_defaults, iService);
}
+ TALLOC_FREE(lp_ctx);
}
/***************************************************************************
@@ -4209,7 +4212,7 @@ int lp_servicenumber(const char *pszServiceName)
if (!usershare_exists(iService, &last_mod)) {
/* Remove the share security tdb entry for it. */
- delete_share_security(lp_servicename(talloc_tos(), iService));
+ delete_share_security(lp_const_servicename(iService));
/* Remove it from the array. */
free_service_byindex(iService);
/* Doesn't exist anymore. */
@@ -4526,10 +4529,10 @@ void widelinks_warning(int snum)
}
if (lp_unix_extensions() && lp_wide_links(snum)) {
- DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
+ DBG_ERR("Share '%s' has wide links and unix extensions enabled. "
"These parameters are incompatible. "
"Wide links will be disabled for this share.\n",
- lp_servicename(talloc_tos(), snum) ));
+ lp_const_servicename(snum));
}
}
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index a928de6..2fa7c60 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -65,8 +65,8 @@ bool set_conn_connectpath(connection_struct *conn, const char *connectpath)
return false;
}
- DEBUG(10,("set_conn_connectpath: service %s, connectpath = %s\n",
- lp_servicename(talloc_tos(), SNUM(conn)), destname ));
+ DBG_DEBUG("service %s, connectpath = %s\n",
+ lp_const_servicename(SNUM(conn)), destname);
talloc_free(conn->connectpath);
conn->connectpath = destname;
@@ -243,24 +243,19 @@ static NTSTATUS find_forced_group(bool force_user,
TALLOC_CTX *frame = talloc_stackframe();
struct dom_sid group_sid;
enum lsa_SidType type;
+ const char *force_group;
char *groupname;
bool user_must_be_member = False;
gid_t gid;
- groupname = lp_force_group(talloc_tos(), snum);
- if (groupname == NULL) {
- DEBUG(1, ("talloc_strdup failed\n"));
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- if (groupname[0] == '+') {
- user_must_be_member = True;
- groupname += 1;
+ force_group = lp_force_group(snum);
+ if (force_group[0] == '+') {
+ user_must_be_member = true;
+ force_group += 1;
}
- groupname = talloc_string_sub(talloc_tos(), groupname,
- "%S", lp_servicename(talloc_tos(), snum));
+ groupname = talloc_string_sub(talloc_tos(), force_group,
+ "%S", lp_const_servicename(snum));
if (groupname == NULL) {
DEBUG(1, ("talloc_string_sub failed\n"));
result = NT_STATUS_NO_MEMORY;
@@ -341,20 +336,20 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc
if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
if (!lp_guest_ok(snum)) {
- DEBUG(2, ("guest user (from session setup) "
+ DBG_WARNING("guest user (from session setup) "
"not permitted to access this share "
- "(%s)\n", lp_servicename(talloc_tos(), snum)));
+ "(%s)\n", lp_const_servicename(snum));
return NT_STATUS_ACCESS_DENIED;
}
} else {
if (!user_ok_token(session_info->unix_info->unix_name,
session_info->info->domain_name,
session_info->security_token, snum)) {
- DEBUG(2, ("user '%s' (from session setup) not "
+ DBG_WARNING("user '%s' (from session setup) not "
"permitted to access this share "
"(%s)\n",
session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
return NT_STATUS_ACCESS_DENIED;
}
}
@@ -377,7 +372,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
{
NTSTATUS status;
- if (*lp_force_user(talloc_tos(), snum)) {
+ if (*lp_force_user(snum)) {
/*
* Replace conn->session_info with a completely faked up one
@@ -389,7 +384,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
struct auth_session_info *forced_serverinfo;
bool guest;
- fuser = talloc_string_sub(conn, lp_force_user(talloc_tos(), snum), "%S",
+ fuser = talloc_string_sub(conn, lp_force_user(snum), "%S",
lp_const_servicename(snum));
if (fuser == NULL) {
return NT_STATUS_NO_MEMORY;
@@ -427,7 +422,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
* any groupid stored for the connecting user.
*/
- if (*lp_force_group(talloc_tos(), snum)) {
+ if (*lp_force_group(snum)) {
status = find_forced_group(
conn->force_user, snum, conn->session_info->unix_info->unix_name,
@@ -558,7 +553,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
if (conn->encrypt_level == SMB_SIGNING_REQUIRED) {
DBG_ERR("Service [%s] requires encryption, but "
"it is disabled globally!\n",
- lp_servicename(talloc_tos(), snum));
+ lp_const_servicename(snum));
status = NT_STATUS_ACCESS_DENIED;
goto err_root_exit;
}
@@ -582,7 +577,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
{
char *s = talloc_sub_advanced(talloc_tos(),
- lp_servicename(talloc_tos(), SNUM(conn)),
+ lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
@@ -599,8 +594,8 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
status = NT_STATUS_NO_MEMORY;
goto err_root_exit;
}
- DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
- lp_servicename(talloc_tos(), snum)));
+ DBG_NOTICE("Connect path is '%s' for service [%s]\n", s,
+ lp_const_servicename(snum));
TALLOC_FREE(s);
}
@@ -627,8 +622,8 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
/* Initialise VFS function pointers */
if (!smbd_vfs_init(conn)) {
- DEBUG(0, ("vfs_init failed for service %s\n",
- lp_servicename(talloc_tos(), snum)));
+ DBG_ERR("vfs_init failed for service %s\n",
+ lp_const_servicename(snum));
status = NT_STATUS_BAD_NETWORK_NAME;
goto err_root_exit;
}
@@ -643,12 +638,12 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
*/
if ((lp_max_connections(snum) > 0)
- && (count_current_connections(lp_servicename(talloc_tos(), SNUM(conn)), True) >=
+ && (count_current_connections(lp_const_servicename(SNUM(conn)), true) >=
lp_max_connections(snum))) {
- DEBUG(1, ("Max connections (%d) exceeded for %s\n",
+ DBG_WARNING("Max connections (%d) exceeded for %s\n",
lp_max_connections(snum),
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
status = NT_STATUS_INSUFFICIENT_RESOURCES;
goto err_root_exit;
}
@@ -656,10 +651,10 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
/* Invoke VFS make connection hook - this must be the first
filesystem operation that we do. */
- if (SMB_VFS_CONNECT(conn, lp_servicename(talloc_tos(), snum),
+ if (SMB_VFS_CONNECT(conn, lp_const_servicename(snum),
conn->session_info->unix_info->unix_name) < 0) {
DBG_WARNING("SMB_VFS_CONNECT for service '%s' at '%s' failed: %s\n",
- lp_servicename(talloc_tos(), snum), conn->connectpath,
+ lp_const_servicename(snum), conn->connectpath,
strerror(errno));
status = NT_STATUS_UNSUCCESSFUL;
goto err_root_exit;
@@ -698,7 +693,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
/* execute any "root preexec = " line */
if (*lp_root_preexec(talloc_tos(), snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
- lp_servicename(talloc_tos(), SNUM(conn)),
+ lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
@@ -736,7 +731,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
/* execute any "preexec = " line */
if (*lp_preexec(talloc_tos(), snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
- lp_servicename(talloc_tos(), SNUM(conn)),
+ lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
@@ -776,10 +771,10 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
*/
if (!lp_widelinks(snum)) {
if (!canonicalize_connect_path(conn)) {
- DEBUG(0, ("canonicalize_connect_path failed "
+ DBG_ERR("canonicalize_connect_path failed "
"for service %s, path %s\n",
- lp_servicename(talloc_tos(), snum),
- conn->connectpath));
+ lp_const_servicename(snum),
+ conn->connectpath);
status = NT_STATUS_BAD_NETWORK_NAME;
goto err_root_exit;
}
@@ -815,15 +810,15 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
if ((ret = SMB_VFS_STAT(conn, smb_fname_cpath)) != 0 ||
!S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
if (ret == 0 && !S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
- DEBUG(0,("'%s' is not a directory, when connecting to "
+ DBG_ERR("'%s' is not a directory, when connecting to "
"[%s]\n", conn->connectpath,
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
} else {
- DEBUG(0,("'%s' does not exist or permission denied "
+ DBG_ERR("'%s' does not exist or permission denied "
"when connecting to [%s] Error was %s\n",
conn->connectpath,
- lp_servicename(talloc_tos(), snum),
- strerror(errno) ));
+ lp_const_servicename(snum),
+ strerror(errno));
}
status = NT_STATUS_BAD_NETWORK_NAME;
goto err_root_exit;
@@ -852,7 +847,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
talloc_tos()) );
dbgtext( "%s", srv_is_signing_active(xconn) ? "signed " : "");
dbgtext( "connect to service %s ",
- lp_servicename(talloc_tos(), snum) );
+ lp_const_servicename(snum) );
dbgtext( "initially as user %s ",
conn->session_info->unix_info->unix_name );
dbgtext( "(uid=%d, gid=%d) ", (int)effuid, (int)effgid );
@@ -1046,7 +1041,7 @@ connection_struct *make_connection(struct smb_request *req,
dev, status);
} else if ((vuser->homes_snum != -1)
&& strequal(service_in,
- lp_servicename(talloc_tos(), vuser->homes_snum))) {
+ lp_const_servicename(vuser->homes_snum))) {
DEBUG(5, ("making a connection to 'homes' service [%s] "
"created at session setup time\n", service_in));
return make_connection_smb1(req, now,
@@ -1126,7 +1121,7 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
get_remote_machine_name(),
tsocket_address_string(conn->sconn->remote_address,
talloc_tos()),
- lp_servicename(talloc_tos(), SNUM(conn))));
+ lp_const_servicename(SNUM(conn))));
/* make sure we leave the directory available for unmount */
vfs_ChDir(conn, &root_fname);
@@ -1138,7 +1133,7 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
if (*lp_postexec(talloc_tos(), SNUM(conn)) &&
change_to_user(conn, vuid)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
- lp_servicename(talloc_tos(), SNUM(conn)),
+ lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
@@ -1154,7 +1149,7 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
/* execute any "root postexec = " line */
if (*lp_root_postexec(talloc_tos(), SNUM(conn))) {
char *cmd = talloc_sub_advanced(talloc_tos(),
- lp_servicename(talloc_tos(), SNUM(conn)),
+ lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
conn->connectpath,
conn->session_info->unix_token->gid,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 623d3de..b6a754b 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -92,7 +92,7 @@ static uint32_t create_share_access_mask(int snum,
uint32_t share_access = 0;
share_access_check(token,
- lp_servicename(talloc_tos(), snum),
+ lp_const_servicename(snum),
MAXIMUM_ALLOWED_ACCESS,
&share_access);
@@ -150,10 +150,10 @@ NTSTATUS check_user_share_access(connection_struct *conn,
if ((share_access & (FILE_READ_DATA|FILE_WRITE_DATA)) == 0) {
/* No access, read or write. */
- DEBUG(3,("user %s connection to %s denied due to share "
+ DBG_NOTICE("user %s connection to %s denied due to share "
"security descriptor.\n",
session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
return NT_STATUS_ACCESS_DENIED;
}
@@ -161,9 +161,9 @@ NTSTATUS check_user_share_access(connection_struct *conn,
!(share_access & FILE_WRITE_DATA)) {
/* smb.conf allows r/w, but the security descriptor denies
* write. Fall back to looking at readonly. */
- readonly_share = True;
- DEBUG(5,("falling back to read-only access-evaluation due to "
- "security descriptor\n"));
+ readonly_share = true;
+ DBG_INFO("falling back to read-only access-evaluation due to "
+ "security descriptor\n");
}
*p_share_access = share_access;
@@ -318,11 +318,11 @@ static bool change_to_user_internal(connection_struct *conn,
ok = check_user_ok(conn, vuid, session_info, snum);
if (!ok) {
- DEBUG(2,("SMB user %s (unix user %s) "
+ DBG_WARNING("SMB user %s (unix user %s) "
"not permitted access to share %s.\n",
session_info->unix_info->sanitized_username,
session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
return false;
}
@@ -335,7 +335,8 @@ static bool change_to_user_internal(connection_struct *conn,
* See if we should force group for this service. If so this overrides
* any group set in the force user code.
*/
- if((group_c = *lp_force_group(talloc_tos(), snum))) {
+ group_c = *lp_force_group(snum);
+ if (group_c != '\0') {
SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
@@ -419,9 +420,9 @@ bool change_to_user(connection_struct *conn, uint64_t vuid)
vuser = get_valid_user_struct(conn->sconn, vuid);
if (vuser == NULL) {
/* Invalid vuid sent */
- DEBUG(2,("Invalid vuid %llu used on share %s.\n",
- (unsigned long long)vuid, lp_servicename(talloc_tos(),
- snum)));
+ DBG_WARNING("Invalid vuid %llu used on share %s.\n",
+ (unsigned long long)vuid,
+ lp_const_servicename(snum));
return false;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list