[SCM] Samba Shared Repository - branch master updated

Ralph Böhme slow at samba.org
Mon Jun 10 13:18:01 UTC 2024 

The branch, master has been updated
       via  225e6aeafc7 s4/torture: Remove already existing test_dir
       via  3b230769b02 s4/torture: Create test_dir with SEC_RIGHTS_DIR_ALL
      from  469b22b849a python/samba/tests/krb5: Allow PkInitTests.test_pkinit_ntlm_from_pac_must_change_now to pass on Samba/Heimdal

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 225e6aeafc78d0508881915b8406273c15966e63
Author: Anoop C S <anoopcs at samba.org>
Date:   Wed May 29 18:52:10 2024 +0530

    s4/torture: Remove already existing test_dir
    
    In configurations where vfs_acl_xattr is used with 'ignore system acls'
    option we encounter NT_STATUS_ACCESS_DENIED while trying to open an
    already existing test_dir in smb2.delete-on-close-perms.READONLY. Due
    to missing SEC_STD_DELETE permission from the list of allowed ACEs it
    couldn't be removed via previous call to smb2_deltree(). Thus as seen
    with other tests we now call set_dir_delete_perms() so that subsequent
    attempt to remove it can succeed.
    
    Signed-off-by: Anoop C S <anoopcs at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Ralph Böhme <slow at samba.org>
    Autobuild-Date(master): Mon Jun 10 13:17:58 UTC 2024 on atb-devel-224

commit 3b230769b02e7c9ecbe7eac05e0344b233b3ae39
Author: Anoop C S <anoopcs at samba.org>
Date:   Wed May 29 18:41:32 2024 +0530

    s4/torture: Create test_dir with SEC_RIGHTS_DIR_ALL
    
    In shares where acl_xattr vfs module is loaded with 'ignore system acls'
    set, smb2.delete-on-close-perms.FIND_and_set_DOC fails to open test_dir
    due to NT_STATUS_ACCESS_DENIED as it lacks few permissions for owner
    when created using create_dir(). Test case aims to set delete-on-close
    for which delete permission is necessary in first place. Therefore we
    now perform the creation and subsequent opening of directory using
    torture_smb2_testdir() so that the open handle comes with SEC_STD_DELETE
    permission.
    
    Signed-off-by: Anoop C S <anoopcs at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source4/torture/smb2/delete-on-close.c | 32 +++++++++-----------------------
 1 file changed, 9 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/torture/smb2/delete-on-close.c b/source4/torture/smb2/delete-on-close.c
index 05242876dcb..33561516fa0 100644
--- a/source4/torture/smb2/delete-on-close.c
+++ b/source4/torture/smb2/delete-on-close.c
@@ -518,45 +518,28 @@ static bool test_doc_create_if_exist(struct torture_context *tctx, struct smb2_t
 
 static bool test_doc_find_and_set_doc(struct torture_context *tctx, struct smb2_tree *tree)
 {
-	struct smb2_create io;
+	struct smb2_handle dir_handle;
 	struct smb2_find find;
 	NTSTATUS status;
 	union smb_search_data *d;
 	union smb_setfileinfo sfinfo;
 	unsigned int count;
-	uint32_t perms = 0;
-
-	perms = SEC_STD_SYNCHRONIZE | SEC_STD_READ_CONTROL | SEC_STD_DELETE |
-		SEC_DIR_WRITE_ATTRIBUTE | SEC_DIR_READ_ATTRIBUTE |
-		SEC_DIR_WRITE_EA | SEC_FILE_APPEND_DATA |
-		SEC_FILE_WRITE_DATA | SEC_DIR_LIST;
 
 	/* File should not exist for this first test, so make sure */
 	set_dir_delete_perms(tctx, tree);
 
 	smb2_deltree(tree, DNAME);
 
-	create_dir(tctx, tree);
-
 	torture_comment(tctx, "FIND and delete directory\n");
 	torture_comment(tctx, "We expect NT_STATUS_OK\n");
 
-	/* open the directory first */
-	ZERO_STRUCT(io);
-	io.in.desired_access	 = perms;
-	io.in.file_attributes	 = FILE_ATTRIBUTE_DIRECTORY;
-	io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
-	io.in.share_access	 = NTCREATEX_SHARE_ACCESS_READ |
-				   NTCREATEX_SHARE_ACCESS_DELETE;
-	io.in.create_options     = NTCREATEX_OPTIONS_DIRECTORY;
-	io.in.fname              = DNAME;
-
-	status = smb2_create(tree, tctx, &io);
+	/* create and open the directory first*/
+	status = torture_smb2_testdir(tree, DNAME, &dir_handle);
 	CHECK_STATUS(status, NT_STATUS_OK);
 
 	/* list directory */
 	ZERO_STRUCT(find);
-	find.in.file.handle        = io.out.file.handle;
+	find.in.file.handle        = dir_handle;
 	find.in.pattern            = "*";
 	find.in.continue_flags     = SMB2_CONTINUE_FLAG_SINGLE;
 	find.in.max_response_size  = 0x100;
@@ -570,12 +553,12 @@ static bool test_doc_find_and_set_doc(struct torture_context *tctx, struct smb2_
 	ZERO_STRUCT(sfinfo);
 	sfinfo.generic.level = RAW_SFILEINFO_DISPOSITION_INFORMATION;
 	sfinfo.disposition_info.in.delete_on_close = 1;
-	sfinfo.generic.in.file.handle = io.out.file.handle;
+	sfinfo.generic.in.file.handle = dir_handle;
 	status = smb2_setinfo_file(tree, &sfinfo);
 	CHECK_STATUS(status, NT_STATUS_OK);
 
 	/* close directory */
-	status = smb2_util_close(tree, io.out.file.handle);
+	status = smb2_util_close(tree, dir_handle);
 	CHECK_STATUS(status, NT_STATUS_OK);
 	return true;
 }
@@ -597,6 +580,9 @@ static bool test_doc_read_only(struct torture_context *tctx,
 	expected_status = delete_readonly ?
 		NT_STATUS_OK : NT_STATUS_CANNOT_DELETE;
 
+	/* File should not exist for this first test, so make sure */
+	set_dir_delete_perms(tctx, tree);
+
 	smb2_deltree(tree, DNAME);
 
 	status = torture_smb2_testdir(tree, DNAME, &dir_handle);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list