[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Thu May 7 21:06:08 UTC 2020
The branch, master has been updated
via c6e71fbd68c s3: VFS: Complete the replacement of SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT().
via 7acbef462bd s3: VFS: full_audit. Remove get_nt_acl_fn().
via 8c6628f9530 s3: VFS: time_audit. Remove get_nt_acl_fn().
via 67b778ccfc2 s3: VFS: unityed_media. Remove get_nt_acl_fn().
via b744ebbc435 s3: VFS: zfsacl. Remove get_nt_acl_fn().
via cb7c617dd69 s3: VFS: snapper. Remove get_nt_acl_fn().
via 04805929ef9 s3: VFS: shadow_copy2. Remove get_nt_acl_fn().
via e158d42c2c6 s3: VFS: nfs4acl_xattr. Remove get_nt_acl_fn().
via 9507c623f9f s3: VFS: media_harmony. Remove get_nt_acl_fn().
via 4f44294c043 s3: VFS: gpfs. Remove get_nt_acl_fn().
via f2f6846951d s3: VFS: glusterfs. Remove NULL definition of get_nt_acl_fn().
via 5e361140c3d s3: VFS: ceph_snapshots. Remove get_nt_acl_fn().
via c68f457e817 s3: VFS: catia. Remove get_nt_acl_fn().
via 6a2aa09b854 s3: VFS: aixacl2. Remove get_nt_acl_fn().
via 12777bc7a24 s3: VFS: afsacl. Remove get_nt_acl_fn().
via 617759ce068 s3: VFS: acl_xattr. Remove get_nt_acl_fn().
via 4a7235d3a5b s3: VFS: acl_tdb. Remove get_nt_acl_fn().
via 4ac103bf5e2 s3: VFS: streams_xattr. Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in streams_xattr_fget_nt_acl() fallback.
via 367088233b6 s3: VFS: acl_common: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_common_at().
via a920df8faf8 s3: VFS: acl_common. s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in validate_nt_acl_blob().
via 6b65156f0ea s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in inherit_new_acl().
via 98dfc4edacf s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_calculate_maximum_allowed_access().
via dbfccb9f49f s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_check_access_rights().
via c12e03b8084 s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_check_access_rights().
via 9746cdfc074 s3: pysmbd. Change SMB_VFS_GET_NT_ACL() to SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_conn().
via 834d674c4a1 s3: torture: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in cmd_get_nt_acl().
via 5c6fd446195 s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in directory_has_default_acl().
via 88fbfe6a7cf s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_no_snum().
via 300780bb807 s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in user_can_read_file().
via 5bdd4d4f755 s3: VFS: zfsacl. Add zfsacl_get_nt_acl_at().
via 91f06daf33f s3: VFS: unityed_media. Add um_get_nt_acl_at().
via 0ae43c3655b s3: VFS: snapper. Add snapper_gmt_get_nt_acl_at().
via b8ab671a7ed s3: VFS: shadow_copy2. Add shadow_copy2_get_nt_acl_at().
via 0d013ed04b7 s3: VFS: vfs4acl_xattr: Add nfs4acl_xattr_get_nt_acl_at().
via 4a508eb7dfc s3: VFS: media_harmony: Add mh_get_nt_acl_at().
via 731f8ac8a0a s3: VFS: gpfs. Add gpfsacl_get_nt_acl_at().
via 95160bbfe92 s3: VFS: Add null notice of get_nt_acl_at_fn().
via 0ebce107dc0 s3: VFS: ceph_snapshots. Add ceph_snap_gmt_get_nt_acl_at().
via 22c3541e009 s3: VFS: catia. Add catia_get_nt_acl_at().
via cbfbc40434f s3: VFS: aixacl2: Add aixjfs2_get_nt_acl_at().
via 373843f5fbd s3: VFS: afsacl. Add afsacl_get_nt_acl_at().
via d6700ee3f81 s3: VFS: acl_tdb. Add acl_tdb_get_nt_acl().
via 2840bf3700f s3: VFS: acl_xattr: Add acl_xattr_get_nt_acl_at().
via 1df02b7d7a0 s3: VFS: full_audit. Add smb_full_audit_get_nt_acl_at().
via 6db910cf602 s3: VFS: time_audit. Add smb_time_audit_get_nt_acl_at().
via 773b6e17405 s3: VFS: Add SMB_VFS_GET_NT_ACL_AT().
via 2437dcc5ac8 s3: VFS: acl_common: Add a dirfsp parameter to validate_nt_acl_blob().
via d825d31f7a7 s3: VFS: vfs_common and callers. Change get_nt_acl_common() -> get_nt_acl_common_at().
via b45716487b9 s3: VFS: vfs_acl_common: Remove unused stat_fsp_or_smb_fname().
via 42651479e53 s3: VFS: ACLs. Remove smb_fname argument to get_nt_acl_common().
via b7847aa25a4 s3: VFS: acl_xattr: Change acl_xattr_fget_nt_acl() to use fget_nt_acl_common().
via 441980d42d2 s3: VFS: acl_tdb: Change acl_tdb_fget_nt_acl() to use fget_nt_acl_common().
via d902ea52154 s3: VFS: ACLs. Switch fset_nt_acl_common() over to using fget_acl_blob_fn().
via 936b9aee5e6 s3: VFS: acl_xattr.c: Add fget_acl_blob().
via 4ac3fde1a97 s3: VFS: acl_tdb.c: Add fget_acl_blob().
via ac333c569d6 s3: VFS: Split out fget_nt_acl_common() from get_nt_acl_common().
from 14df5d20a8e s3: RPC: Don't crash on trying to talloc_free(-1) if smb_iconv_open_ex() fails.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c6e71fbd68c86f698e39047cf8d094a608fbb94f
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:27:46 2020 -0700
s3: VFS: Complete the replacement of SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu May 7 21:04:59 UTC 2020 on sn-devel-184
commit 7acbef462bd831b377df422d343bcf7938f02855
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:20:10 2020 -0700
s3: VFS: full_audit. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 8c6628f953022f028d24d6a1e7696a44a3b08b33
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:19:05 2020 -0700
s3: VFS: time_audit. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 67b778ccfc2c6e58c9aa9a6cf6787e1463a39cee
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:18:11 2020 -0700
s3: VFS: unityed_media. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit b744ebbc435a1e0146ad65bbd877995625748c34
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:17:15 2020 -0700
s3: VFS: zfsacl. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit cb7c617dd69db620020412beefef790029ed1af4
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:16:21 2020 -0700
s3: VFS: snapper. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 04805929ef9b8191ded69f9d748aa5b21a561e14
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:15:10 2020 -0700
s3: VFS: shadow_copy2. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit e158d42c2c6cfdf0517c5ea0bf4524750aded404
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:13:52 2020 -0700
s3: VFS: nfs4acl_xattr. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 9507c623f9fcfd948ee33b3d561fe799cb95a4ab
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:12:42 2020 -0700
s3: VFS: media_harmony. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4f44294c043fac6258ef9e8106178deee6354337
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:11:44 2020 -0700
s3: VFS: gpfs. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit f2f6846951d9e16566a4f1de14cfe3aaf435633e
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:10:37 2020 -0700
s3: VFS: glusterfs. Remove NULL definition of get_nt_acl_fn().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 5e361140c3d4c7fdd7cf53303dc50c21f66e7627
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:09:33 2020 -0700
s3: VFS: ceph_snapshots. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit c68f457e817156c0b7348286dd4e4d39d99d395c
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:08:27 2020 -0700
s3: VFS: catia. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 6a2aa09b8544ee3902d523c30f4df79beb8ad3a2
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:07:23 2020 -0700
s3: VFS: aixacl2. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 12777bc7a24b30517f7700b8e61875bf1cd33bad
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:06:22 2020 -0700
s3: VFS: afsacl. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 617759ce0681e537466a4ee3c8ae49d0d5827b42
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:05:21 2020 -0700
s3: VFS: acl_xattr. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4a7235d3a5be92b5d1b9f221e23bbffb25dfa9ef
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 10:04:13 2020 -0700
s3: VFS: acl_tdb. Remove get_nt_acl_fn().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4ac103bf5e2da0b400c8d9178c1e70b77c321b9d
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 14:18:00 2020 -0700
s3: VFS: streams_xattr. Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in streams_xattr_fget_nt_acl() fallback.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 367088233b62070aafd9866a21aac95125573571
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 12:48:29 2020 -0700
s3: VFS: acl_common: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_common_at().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit a920df8faf828a09d53b27a2e5c843e203a799a1
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 12:46:38 2020 -0700
s3: VFS: acl_common. s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in validate_nt_acl_blob().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 6b65156f0eac99022054824ea6a72c50f60a0863
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 21:29:31 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in inherit_new_acl().
Hard code at conn->cwd_fsp for now.
Last user of SMB_VFS_GET_NT_ACL(). This VFS function can
now be removed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 98dfc4edacf57d3877b050421d27637f45026fda
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 21:28:47 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_calculate_maximum_allowed_access().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit dbfccb9f49fc96d13297fd69369bc233f591fd13
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 21:27:34 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_check_access_rights().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit c12e03b808474e6021d072660502eb351e203f0c
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 21:26:29 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in smbd_check_access_rights().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 9746cdfc0745a97d9aa65945342ed88b64268346
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 15:28:01 2020 -0700
s3: pysmbd. Change SMB_VFS_GET_NT_ACL() to SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_conn().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 834d674c4a1fc9afd58e60d637bd845625149a68
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 15:26:05 2020 -0700
s3: torture: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in cmd_get_nt_acl().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 5c6fd446195cd20a218cc574a7b9b75d7104507e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 15:24:07 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in directory_has_default_acl().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 88fbfe6a7cfc59ddc2e0776b7acac15e476a1b40
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 15:22:30 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in get_nt_acl_no_snum().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 300780bb8070b1cd22407d774bb3351592c2a776
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 15:01:35 2020 -0700
s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in user_can_read_file().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 5bdd4d4f755401399deeb6153409688fe281dbbf
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:15:44 2020 -0700
s3: VFS: zfsacl. Add zfsacl_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 91f06daf33f743a48e57fa1b0c31f09660f06e28
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:12:58 2020 -0700
s3: VFS: unityed_media. Add um_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 0ae43c3655b4cb7eb1ee86be7c071d9da1f38e7e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:09:24 2020 -0700
s3: VFS: snapper. Add snapper_gmt_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit b8ab671a7ed7d1ef07e57e9fa0b508311209b7c4
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:05:03 2020 -0700
s3: VFS: shadow_copy2. Add shadow_copy2_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 0d013ed04b7de8b7e4983f6238431b49d1dcc02a
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:04:28 2020 -0700
s3: VFS: vfs4acl_xattr: Add nfs4acl_xattr_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4a508eb7dfcb913fbab4eb2580d8289dac1e493d
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:59:06 2020 -0700
s3: VFS: media_harmony: Add mh_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 731f8ac8a0aa67ef38d8f2639b0ae5a5b93e93d1
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:54:03 2020 -0700
s3: VFS: gpfs. Add gpfsacl_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 95160bbfe92d281d948f7951626153cfdc267265
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:50:30 2020 -0700
s3: VFS: Add null notice of get_nt_acl_at_fn().
Not strictly needed but glusterfs seems to use
this as a reminder that these functions are not
implemented but pass down to the default.
I'll remove all these when I remove get_nt_acl_fn()
completely.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 0ebce107dc0a177549757d0b16f3720bcd34805c
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:49:36 2020 -0700
s3: VFS: ceph_snapshots. Add ceph_snap_gmt_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 22c3541e009a744ac4c1bb5f01b34b797b3ddd31
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:46:44 2020 -0700
s3: VFS: catia. Add catia_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit cbfbc40434f6d6e0f2d34b1d3783b9c95b6c098e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:41:57 2020 -0700
s3: VFS: aixacl2: Add aixjfs2_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 373843f5fbde3a40db6fe50728ccd6c132d6d81f
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:39:03 2020 -0700
s3: VFS: afsacl. Add afsacl_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit d6700ee3f81c51358205997e22134e40190b3c44
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:33:44 2020 -0700
s3: VFS: acl_tdb. Add acl_tdb_get_nt_acl().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 2840bf3700f6bbfa8c1cc851fd5bdf661d131f11
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:32:07 2020 -0700
s3: VFS: acl_xattr: Add acl_xattr_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 1df02b7d7a034673f427e349b2631169d1a09f1e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:20:54 2020 -0700
s3: VFS: full_audit. Add smb_full_audit_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 6db910cf602361d836efe73e8907465bdd6fd13b
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 14:17:53 2020 -0700
s3: VFS: time_audit. Add smb_time_audit_get_nt_acl_at().
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 773b6e17405178bf47b97300a8edfd4c79133d9e
Author: Jeremy Allison <jra at samba.org>
Date: Thu Apr 9 17:35:49 2020 -0700
s3: VFS: Add SMB_VFS_GET_NT_ACL_AT().
Currently identical to SMB_VFS_GET_NT_ACL().
Next, add to all VFS modules that implement
get_nt_acl and eventually remove get_nt_acl.
NB. Modules that use smb_vfs_assert_all_fns()
have SMB_VFS_GET_NT_ACL_AT() will not build
until they have this function added.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 2437dcc5ac820ea554273cc2365e363d46f57abd
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 14 12:43:51 2020 -0700
s3: VFS: acl_common: Add a dirfsp parameter to validate_nt_acl_blob().
This sucks, as it's the only function that I've been
unable to easily split into a _fsp and a _pathname version,
it just does too much. Bite the bullet and add a dirfsp
parameter as well as the fsp and smb_fname parameters.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit d825d31f7a77287a503dc05d36daf02566e7e06f
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 13:29:48 2020 -0700
s3: VFS: vfs_common and callers. Change get_nt_acl_common() -> get_nt_acl_common_at().
Add in the dirfsp parameter. Fix all callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit b45716487b9b46afbf660a2b3f4659f3cc53dda7
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:54:57 2020 -0700
s3: VFS: vfs_acl_common: Remove unused stat_fsp_or_smb_fname().
Done separately to minimize the diff in the previous patch.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 42651479e537ba7c2f8dadd6346ad4aeb7d4faf4
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:53:58 2020 -0700
s3: VFS: ACLs. Remove smb_fname argument to get_nt_acl_common().
As a bonus stat_fsp_or_smb_fname() is no longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit b7847aa25a4e6c817d8ea7e2f620d5732545b7fb
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:42:49 2020 -0700
s3: VFS: acl_xattr: Change acl_xattr_fget_nt_acl() to use fget_nt_acl_common().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 441980d42d26d049d52ff931e4f8b91083531dbc
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:41:31 2020 -0700
s3: VFS: acl_tdb: Change acl_tdb_fget_nt_acl() to use fget_nt_acl_common().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit d902ea52154be2e01448ef3e4d52ca8ffdd5e8b7
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:29:22 2020 -0700
s3: VFS: ACLs. Switch fset_nt_acl_common() over to using fget_acl_blob_fn().
Removes passing in smb_fname to fsp functions.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 936b9aee5e699fba92cd70885e1a16971252d1d9
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:24:14 2020 -0700
s3: VFS: acl_xattr.c: Add fget_acl_blob().
Separate from get_acl_blob() which took both an fsp and a pathname.
Commented out so we still compile.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4ac3fde1a976651eb322570c1f2a09fe619fbda8
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:19:03 2020 -0700
s3: VFS: acl_tdb.c: Add fget_acl_blob().
Separate from get_acl_blob() which took both an fsp and a pathname.
Commented out so we still compile.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit ac333c569d67d049c07ec373be7997e989485b9e
Author: Jeremy Allison <jra at samba.org>
Date: Mon Apr 13 12:09:47 2020 -0700
s3: VFS: Split out fget_nt_acl_common() from get_nt_acl_common().
No change in logic and not yet used, just means it'll be
cleaner when we start adding the xxxAT() versions of SMB_VFS_GET_NT_ACL().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
examples/VFS/skel_opaque.c | 5 +-
examples/VFS/skel_transparent.c | 8 +-
source3/include/smbprofile.h | 1 +
source3/include/vfs.h | 34 +--
source3/include/vfs_macros.h | 8 +-
source3/modules/vfs_acl_common.c | 284 +++++++++++++++++---------
source3/modules/vfs_acl_common.h | 22 +-
source3/modules/vfs_acl_tdb.c | 93 +++++++--
source3/modules/vfs_acl_xattr.c | 90 ++++++--
source3/modules/vfs_afsacl.c | 7 +-
source3/modules/vfs_aixacl2.c | 8 +-
source3/modules/vfs_catia.c | 24 ++-
source3/modules/vfs_ceph_snapshots.c | 31 ++-
source3/modules/vfs_default.c | 20 +-
source3/modules/vfs_full_audit.c | 32 +--
source3/modules/vfs_glusterfs.c | 2 +-
source3/modules/vfs_gpfs.c | 23 ++-
source3/modules/vfs_media_harmony.c | 41 ++--
source3/modules/vfs_nfs4acl_xattr.c | 15 +-
source3/modules/vfs_not_implemented.c | 5 +-
source3/modules/vfs_shadow_copy2.c | 21 +-
source3/modules/vfs_snapper.c | 45 ++--
source3/modules/vfs_streams_xattr.c | 8 +-
source3/modules/vfs_time_audit.c | 21 +-
source3/modules/vfs_unityed_media.c | 43 ++--
source3/modules/vfs_zfsacl.c | 22 +-
source3/rpc_server/eventlog/srv_eventlog_nt.c | 5 +-
source3/smbd/dir.c | 3 +-
source3/smbd/file_access.c | 9 +-
source3/smbd/open.c | 41 ++--
source3/smbd/pysmbd.c | 6 +-
source3/smbd/vfs.c | 16 +-
source3/torture/cmd_vfs.c | 9 +-
33 files changed, 682 insertions(+), 320 deletions(-)
Changeset truncated at 500 lines:
diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c
index cc3aa7eae6b..6eb68df3e1e 100644
--- a/examples/VFS/skel_opaque.c
+++ b/examples/VFS/skel_opaque.c
@@ -791,7 +791,8 @@ static NTSTATUS skel_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
return NT_STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS skel_get_nt_acl(vfs_handle_struct *handle,
+static NTSTATUS skel_get_nt_acl_at(vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
@@ -1132,7 +1133,7 @@ static struct vfs_fn_pointers skel_opaque_fns = {
/* NT ACL operations. */
.fget_nt_acl_fn = skel_fget_nt_acl,
- .get_nt_acl_fn = skel_get_nt_acl,
+ .get_nt_acl_at_fn = skel_get_nt_acl_at,
.fset_nt_acl_fn = skel_fset_nt_acl,
/* POSIX ACL operations. */
diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c
index 235d4533df3..2eb7a7dbcd9 100644
--- a/examples/VFS/skel_transparent.c
+++ b/examples/VFS/skel_transparent.c
@@ -1055,13 +1055,15 @@ static NTSTATUS skel_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
ppdesc);
}
-static NTSTATUS skel_get_nt_acl(vfs_handle_struct *handle,
+static NTSTATUS skel_get_nt_acl_at(vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
- return SMB_VFS_NEXT_GET_NT_ACL(handle,
+ return SMB_VFS_NEXT_GET_NT_ACL_AT(handle,
+ dirfsp,
smb_fname,
security_info,
mem_ctx,
@@ -1439,7 +1441,7 @@ static struct vfs_fn_pointers skel_transparent_fns = {
/* NT ACL operations. */
.fget_nt_acl_fn = skel_fget_nt_acl,
- .get_nt_acl_fn = skel_get_nt_acl,
+ .get_nt_acl_at_fn = skel_get_nt_acl_at,
.fset_nt_acl_fn = skel_fset_nt_acl,
/* POSIX ACL operations. */
diff --git a/source3/include/smbprofile.h b/source3/include/smbprofile.h
index b771c26c81b..91f30661240 100644
--- a/source3/include/smbprofile.h
+++ b/source3/include/smbprofile.h
@@ -98,6 +98,7 @@ struct tevent_context;
\
SMBPROFILE_STATS_SECTION_START(acl, "ACL Calls") \
SMBPROFILE_STATS_BASIC(get_nt_acl) \
+ SMBPROFILE_STATS_BASIC(get_nt_acl_at) \
SMBPROFILE_STATS_BASIC(fget_nt_acl) \
SMBPROFILE_STATS_BASIC(fset_nt_acl) \
SMBPROFILE_STATS_SECTION_END \
diff --git a/source3/include/vfs.h b/source3/include/vfs.h
index 3e133a58f43..5861b9065f0 100644
--- a/source3/include/vfs.h
+++ b/source3/include/vfs.h
@@ -318,6 +318,7 @@
* to be a struct smb_filename
* Version 43 - convert link_contents arg of SMB_VFS_SYMLINKAT()
* to struct smb_filename
+ * Version 43 - Move SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT().
*/
#define SMB_VFS_INTERFACE_VERSION 43
@@ -1003,11 +1004,12 @@ struct vfs_fn_pointers {
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
- NTSTATUS (*get_nt_acl_fn)(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- uint32_t security_info,
- TALLOC_CTX *mem_ctx,
- struct security_descriptor **ppdesc);
+ NTSTATUS (*get_nt_acl_at_fn)(struct vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ uint32_t security_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **ppdesc);
NTSTATUS (*fset_nt_acl_fn)(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,
@@ -1528,11 +1530,12 @@ NTSTATUS smb_vfs_call_fget_nt_acl(struct vfs_handle_struct *handle,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
-NTSTATUS smb_vfs_call_get_nt_acl(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- uint32_t security_info,
- TALLOC_CTX *mem_ctx,
- struct security_descriptor **ppdesc);
+NTSTATUS smb_vfs_call_get_nt_acl_at(struct vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ uint32_t security_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **ppdesc);
NTSTATUS smb_vfs_call_fset_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,
@@ -1955,11 +1958,12 @@ NTSTATUS vfs_not_implemented_fget_nt_acl(vfs_handle_struct *handle, files_struct
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
-NTSTATUS vfs_not_implemented_get_nt_acl(vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- uint32_t security_info,
- TALLOC_CTX *mem_ctx,
- struct security_descriptor **ppdesc);
+NTSTATUS vfs_not_implemented_get_nt_acl_at(vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ uint32_t security_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **ppdesc);
NTSTATUS vfs_not_implemented_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd);
diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h
index c8c41cd62f5..20fe6f9a0cf 100644
--- a/source3/include/vfs_macros.h
+++ b/source3/include/vfs_macros.h
@@ -477,10 +477,10 @@
#define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, mem_ctx, ppdesc) \
smb_vfs_call_fget_nt_acl((handle)->next, (fsp), (security_info), (mem_ctx), (ppdesc))
-#define SMB_VFS_GET_NT_ACL(conn, smb_fname, security_info, mem_ctx, ppdesc) \
- smb_vfs_call_get_nt_acl((conn)->vfs_handles, (smb_fname), (security_info), (mem_ctx), (ppdesc))
-#define SMB_VFS_NEXT_GET_NT_ACL(handle, smb_fname, security_info, mem_ctx, ppdesc) \
- smb_vfs_call_get_nt_acl((handle)->next, (smb_fname), (security_info), (mem_ctx), (ppdesc))
+#define SMB_VFS_GET_NT_ACL_AT(conn, dirfsp, smb_fname, security_info, mem_ctx, ppdesc) \
+ smb_vfs_call_get_nt_acl_at((conn)->vfs_handles, (dirfsp), (smb_fname), (security_info), (mem_ctx), (ppdesc))
+#define SMB_VFS_NEXT_GET_NT_ACL_AT(handle, dirfsp, smb_fname, security_info, mem_ctx, ppdesc) \
+ smb_vfs_call_get_nt_acl_at((handle)->next, (dirfsp), (smb_fname), (security_info), (mem_ctx), (ppdesc))
#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \
smb_vfs_call_audit_file((conn)->vfs_handles, (name), (sacl), (access_requested), (access_denied))
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 43167be77a3..09332a31579 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -409,12 +409,13 @@ static NTSTATUS add_directory_inheritable_components(vfs_handle_struct *handle,
* need it as well.
**/
static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
- vfs_handle_struct *handle,
- files_struct *fsp,
- const struct smb_filename *smb_fname,
- const DATA_BLOB *blob,
- struct security_descriptor **ppsd,
- bool *psd_is_from_fs)
+ vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ const DATA_BLOB *blob,
+ struct security_descriptor **ppsd,
+ bool *psd_is_from_fs)
{
NTSTATUS status;
uint16_t hash_type = XATTR_SD_HASH_TYPE_NONE;
@@ -537,11 +538,12 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
mem_ctx,
&psd_fs);
} else {
- status = SMB_VFS_NEXT_GET_NT_ACL(handle,
- smb_fname,
- HASH_SECURITY_INFO,
- mem_ctx,
- &psd_fs);
+ status = SMB_VFS_NEXT_GET_NT_ACL_AT(handle,
+ dirfsp,
+ smb_fname,
+ HASH_SECURITY_INFO,
+ mem_ctx,
+ &psd_fs);
}
if (!NT_STATUS_IS_OK(status)) {
@@ -593,46 +595,153 @@ fail:
return status;
}
-static NTSTATUS stat_fsp_or_smb_fname(vfs_handle_struct *handle,
- files_struct *fsp,
- const struct smb_filename *smb_fname,
- SMB_STRUCT_STAT *sbuf,
- SMB_STRUCT_STAT **psbuf)
+/*******************************************************************
+ Pull a DATA_BLOB from an xattr given an fsp.
+ If the hash doesn't match, or doesn't exist - return the underlying
+ filesystem sd.
+*******************************************************************/
+
+NTSTATUS fget_nt_acl_common(
+ NTSTATUS (*fget_acl_blob_fn)(TALLOC_CTX *ctx,
+ vfs_handle_struct *handle,
+ files_struct *fsp,
+ DATA_BLOB *pblob),
+ vfs_handle_struct *handle,
+ files_struct *fsp,
+ uint32_t security_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **ppdesc)
{
+ DATA_BLOB blob = data_blob_null;
NTSTATUS status;
- int ret;
+ struct security_descriptor *psd = NULL;
+ const struct smb_filename *smb_fname = fsp->fsp_name;
+ bool psd_is_from_fs = false;
+ struct acl_common_config *config = NULL;
- if (fsp) {
+ SMB_VFS_HANDLE_GET_DATA(handle, config,
+ struct acl_common_config,
+ return NT_STATUS_UNSUCCESSFUL);
+
+ DBG_DEBUG("name=%s\n", smb_fname->base_name);
+
+ status = fget_acl_blob_fn(mem_ctx, handle, fsp, &blob);
+ if (NT_STATUS_IS_OK(status)) {
+ status = validate_nt_acl_blob(mem_ctx,
+ handle,
+ fsp,
+ NULL,
+ smb_fname,
+ &blob,
+ &psd,
+ &psd_is_from_fs);
+ TALLOC_FREE(blob.data);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_DEBUG("ACL validation for [%s] failed\n",
+ smb_fname->base_name);
+ goto fail;
+ }
+ }
+
+ if (psd == NULL) {
+ /* Get the full underlying sd, as we failed to get the
+ * blob for the hash, or the revision/hash type wasn't
+ * known */
+
+ if (config->ignore_system_acls) {
+ status = vfs_stat_fsp(fsp);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+
+ status = make_default_filesystem_acl(
+ mem_ctx,
+ config->default_acl_style,
+ smb_fname->base_name,
+ &fsp->fsp_name->st,
+ &psd);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+ } else {
+ status = SMB_VFS_NEXT_FGET_NT_ACL(handle,
+ fsp,
+ security_info,
+ mem_ctx,
+ &psd);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_DEBUG("get_next_acl for file %s "
+ "returned %s\n",
+ smb_fname->base_name,
+ nt_errstr(status));
+ goto fail;
+ }
+
+ psd_is_from_fs = true;
+ }
+ }
+
+ if (psd_is_from_fs) {
status = vfs_stat_fsp(fsp);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto fail;
}
- *psbuf = &fsp->fsp_name->st;
- } else {
+
/*
- * https://bugzilla.samba.org/show_bug.cgi?id=11249
- *
- * We are currently guaranteed that 'name' here is a
- * smb_fname->base_name, which *cannot* contain a stream name
- * (':'). vfs_stat_smb_fname() splits a name into a base name +
- * stream name, which when we get here we know we've already
- * done. So we have to call the stat or lstat VFS calls
- * directly here. Else, a base_name that contains a ':' (from a
- * demangled name) will get split again.
- *
- * FIXME.
- * This uglyness will go away once smb_fname is fully plumbed
- * through the VFS.
+ * We're returning the underlying ACL from the
+ * filesystem. If it's a directory, and has no
+ * inheritable ACE entries we have to fake them.
*/
- ret = vfs_stat_smb_basename(handle->conn,
- smb_fname,
- sbuf);
- if (ret == -1) {
- return map_nt_error_from_unix(errno);
+
+ if (fsp->fsp_flags.is_directory &&
+ !sd_has_inheritable_components(psd, true)) {
+ status = add_directory_inheritable_components(
+ handle,
+ smb_fname->base_name,
+ &fsp->fsp_name->st,
+ psd);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
}
+
+ /*
+ * The underlying POSIX module always sets the
+ * ~SEC_DESC_DACL_PROTECTED bit, as ACLs can't be inherited in
+ * this way under POSIX. Remove it for Windows-style ACLs.
+ */
+ psd->type &= ~SEC_DESC_DACL_PROTECTED;
+ }
+
+ if (!(security_info & SECINFO_OWNER)) {
+ psd->owner_sid = NULL;
+ }
+ if (!(security_info & SECINFO_GROUP)) {
+ psd->group_sid = NULL;
+ }
+ if (!(security_info & SECINFO_DACL)) {
+ psd->type &= ~SEC_DESC_DACL_PRESENT;
+ psd->dacl = NULL;
+ }
+ if (!(security_info & SECINFO_SACL)) {
+ psd->type &= ~SEC_DESC_SACL_PRESENT;
+ psd->sacl = NULL;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ DBG_DEBUG("returning acl for %s is:\n",
+ smb_fname->base_name);
+ NDR_PRINT_DEBUG(security_descriptor, psd);
}
+ *ppdesc = psd;
+
return NT_STATUS_OK;
+
+fail:
+ TALLOC_FREE(psd);
+ return status;
}
/*******************************************************************
@@ -641,14 +750,14 @@ static NTSTATUS stat_fsp_or_smb_fname(vfs_handle_struct *handle,
filesystem sd.
*******************************************************************/
-NTSTATUS get_nt_acl_common(
- NTSTATUS (*get_acl_blob_fn)(TALLOC_CTX *ctx,
+NTSTATUS get_nt_acl_common_at(
+ NTSTATUS (*get_acl_blob_at_fn)(TALLOC_CTX *ctx,
vfs_handle_struct *handle,
- files_struct *fsp,
+ struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
DATA_BLOB *pblob),
vfs_handle_struct *handle,
- files_struct *fsp,
+ struct files_struct *dirfsp,
const struct smb_filename *smb_fname_in,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
@@ -657,7 +766,6 @@ NTSTATUS get_nt_acl_common(
DATA_BLOB blob = data_blob_null;
NTSTATUS status;
struct security_descriptor *psd = NULL;
- const struct smb_filename *smb_fname = NULL;
bool psd_is_from_fs = false;
struct acl_common_config *config = NULL;
@@ -665,27 +773,26 @@ NTSTATUS get_nt_acl_common(
struct acl_common_config,
return NT_STATUS_UNSUCCESSFUL);
- if (fsp && smb_fname_in == NULL) {
- smb_fname = fsp->fsp_name;
- } else {
- smb_fname = smb_fname_in;
- }
-
- DBG_DEBUG("name=%s\n", smb_fname->base_name);
+ DBG_DEBUG("name=%s\n", smb_fname_in->base_name);
- status = get_acl_blob_fn(mem_ctx, handle, fsp, smb_fname, &blob);
+ status = get_acl_blob_at_fn(mem_ctx,
+ handle,
+ dirfsp,
+ smb_fname_in,
+ &blob);
if (NT_STATUS_IS_OK(status)) {
status = validate_nt_acl_blob(mem_ctx,
- handle,
- fsp,
- smb_fname,
- &blob,
- &psd,
- &psd_is_from_fs);
+ handle,
+ NULL,
+ dirfsp,
+ smb_fname_in,
+ &blob,
+ &psd,
+ &psd_is_from_fs);
TALLOC_FREE(blob.data);
if (!NT_STATUS_IS_OK(status)) {
DBG_DEBUG("ACL validation for [%s] failed\n",
- smb_fname->base_name);
+ smb_fname_in->base_name);
goto fail;
}
}
@@ -697,42 +804,37 @@ NTSTATUS get_nt_acl_common(
if (config->ignore_system_acls) {
SMB_STRUCT_STAT sbuf;
- SMB_STRUCT_STAT *psbuf = &sbuf;
+ int ret;
- status = stat_fsp_or_smb_fname(handle, fsp, smb_fname,
- &sbuf, &psbuf);
- if (!NT_STATUS_IS_OK(status)) {
+ ret = vfs_stat_smb_basename(handle->conn,
+ smb_fname_in,
+ &sbuf);
+ if (ret == -1) {
+ status = map_nt_error_from_unix(errno);
goto fail;
}
status = make_default_filesystem_acl(
mem_ctx,
config->default_acl_style,
- smb_fname->base_name,
- psbuf,
+ smb_fname_in->base_name,
+ &sbuf,
&psd);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
} else {
- if (fsp) {
- status = SMB_VFS_NEXT_FGET_NT_ACL(handle,
- fsp,
- security_info,
- mem_ctx,
- &psd);
- } else {
- status = SMB_VFS_NEXT_GET_NT_ACL(handle,
- smb_fname,
- security_info,
- mem_ctx,
- &psd);
- }
+ status = SMB_VFS_NEXT_GET_NT_ACL_AT(handle,
+ dirfsp,
+ smb_fname_in,
+ security_info,
+ mem_ctx,
+ &psd);
if (!NT_STATUS_IS_OK(status)) {
DBG_DEBUG("get_next_acl for file %s "
"returned %s\n",
- smb_fname->base_name,
+ smb_fname_in->base_name,
nt_errstr(status));
--
Samba Shared Repository
More information about the samba-cvs
mailing list