[SCM] Samba Shared Repository - branch v4-20-test updated
Jule Anger
janger at samba.org
Fri Sep 6 15:27:02 UTC 2024
The branch, v4-20-test has been updated
via 9559c00d063 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
via a60419838ba smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
from 60052ea77a3 vfs_ceph_new: handle case of readlinkat with empty name string
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test
- Log -----------------------------------------------------------------
commit 9559c00d063bf63461a17b3c48804a08cfea5f95
Author: Ralph Boehme <slow at samba.org>
Date: Fri Jul 5 16:22:18 2024 +0200
smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.
Just passing the base fsp to the VFS fixes this.
vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.
If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Sep 2 08:55:28 UTC 2024 on atb-devel-224
(cherry picked from commit ecb8a99a2c7ba36f9adc50ef13cd8465a0c49b19)
Autobuild-User(v4-20-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-20-test): Fri Sep 6 15:26:57 UTC 2024 on atb-devel-224
commit a60419838bacd6e9bb5f2184b2aa6b26ab342c0b
Author: Ralph Boehme <slow at samba.org>
Date: Sat Jul 6 17:10:21 2024 +0200
smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 09835608307ff2580f1aada84d44feddae17c80f)
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 5 +++
source3/selftest/tests.py | 2 ++
source3/smbd/posix_acls.c | 4 ++-
source4/torture/smb2/smb2.c | 2 ++
source4/torture/smb2/streams.c | 73 ++++++++++++++++++++++++++++++++++++++++++
5 files changed, 85 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index cf40633d127..b9abb28061d 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2054,6 +2054,11 @@ sub setup_fileserver
comment = Home directories
browseable = No
read only = No
+
+[inherit_perms]
+ path = $share_dir
+ vfs objects = streams_depot
+ inherit permissions = yes
";
if (defined($more_conf)) {
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 0648797df16..29e7421c0af 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -1334,6 +1334,8 @@ for t in tests:
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/streams_xattr -U$USERNAME%$PASSWORD', 'streams_xattr')
+ elif t == "smb2.stream-inherit-perms":
+ plansmbtorture4testsuite(t, "fileserver", '//$SERVER/inherit_perms -U$USERNAME%$PASSWORD')
elif t == "smb2.aio_delay":
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio_delay_inject -U$USERNAME%$PASSWORD')
elif t == "smb2.delete-on-close-perms":
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d275bdb908b..20856dce76d 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4000,7 +4000,9 @@ static int copy_access_posix_acl(struct files_struct *from,
goto done;
}
- ret = SMB_VFS_SYS_ACL_SET_FD(to, SMB_ACL_TYPE_ACCESS, posix_acl);
+ ret = SMB_VFS_SYS_ACL_SET_FD(metadata_fsp(to),
+ SMB_ACL_TYPE_ACCESS,
+ posix_acl);
done:
diff --git a/source4/torture/smb2/smb2.c b/source4/torture/smb2/smb2.c
index 5b6477e47bc..28a62f49c47 100644
--- a/source4/torture/smb2/smb2.c
+++ b/source4/torture/smb2/smb2.c
@@ -178,6 +178,8 @@ NTSTATUS torture_smb2_init(TALLOC_CTX *ctx)
torture_suite_add_suite(suite, torture_smb2_oplocks_init(suite));
torture_suite_add_suite(suite, torture_smb2_kernel_oplocks_init(suite));
torture_suite_add_suite(suite, torture_smb2_streams_init(suite));
+ torture_suite_add_1smb2_test(suite, "stream-inherit-perms",
+ test_stream_inherit_perms);
torture_suite_add_suite(suite, torture_smb2_ioctl_init(suite));
torture_suite_add_simple_test(suite, "set-sparse-ioctl",
test_ioctl_set_sparse);
diff --git a/source4/torture/smb2/streams.c b/source4/torture/smb2/streams.c
index f18048f7762..abc1fe21960 100644
--- a/source4/torture/smb2/streams.c
+++ b/source4/torture/smb2/streams.c
@@ -30,6 +30,7 @@
#include "system/filesys.h"
#include "system/locale.h"
#include "lib/util/tsort.h"
+#include "libcli/security/security_descriptor.h"
#define DNAME "teststreams"
@@ -2395,6 +2396,78 @@ done:
return ret;
}
+/*
+ * Simple test creating a stream on a share with "inherit permissions"
+ * enabled. This tests specifically bug 15695.
+ */
+bool test_stream_inherit_perms(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ NTSTATUS status;
+ struct smb2_handle h = {};
+ union smb_fileinfo q = {};
+ union smb_setfileinfo setinfo = {};
+ struct security_descriptor *sd = NULL;
+ struct security_ace ace = {};
+ const char *fname = DNAME "\\test_stream_inherit_perms:stream";
+ bool ret = true;
+
+ smb2_deltree(tree, DNAME);
+
+ status = torture_smb2_testdir(tree, DNAME, &h);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "torture_smb2_testdir failed\n");
+
+ torture_comment(tctx, "getting original sd\n");
+
+ q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ q.query_secdesc.in.file.handle = h;
+ q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
+
+ status = smb2_getinfo_file(tree, tctx, &q);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_getinfo_file failed\n");
+
+ sd = q.query_secdesc.out.sd;
+
+ /*
+ * Add one explicit non-inheriting ACE which will be stored
+ * as a non-inheriting POSIX ACE. These are the ACEs that
+ * "inherit permissions" will want to inherit.
+ */
+ ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace.access_mask = SEC_STD_ALL;
+ ace.trustee = *(sd->owner_sid);
+
+ status = security_descriptor_dacl_add(sd, &ace);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "security_descriptor_dacl_add failed\n");
+
+ setinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
+ setinfo.set_secdesc.in.file.handle = h;
+ setinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL;
+ setinfo.set_secdesc.in.sd = sd;
+
+ status = smb2_setinfo_file(tree, &setinfo);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_setinfo_file failed");
+
+ smb2_util_close(tree, h);
+ ZERO_STRUCT(h);
+
+ /* This triggers the crash */
+ status = torture_smb2_testfile(tree, fname, &h);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "torture_smb2_testfile failed");
+
+done:
+ if (!smb2_util_handle_empty(h)) {
+ smb2_util_close(tree, h);
+ }
+ smb2_deltree(tree, DNAME);
+ return ret;
+}
+
/*
basic testing of streams calls SMB2
*/
--
Samba Shared Repository
More information about the samba-cvs
mailing list