PATCH: veto exempt

Wed Sep 22 08:28:21 GMT 1999

Hi,

This patch adds a "veto exempt" parameter which lets users/groups be exempt 
from the "veto files" list. [homes] has "veto files = 
/*.mp3/*.exe/*.com/*.bat/", but some people need to have these sorts of files.


Also, I've written a dynamic dns type program for Samba, example:

User "mrbloggs" connects to "mrbloggs" from "pc12.internal" (ip: 
192.168.0.33). smbdyndns is called (using root preexec) with these 
parameters, it then writes out a dns entry into a file (in 
/var/named/smbdyndns for example) which are loaded with $INCLUDEs in the 
domain files. It then runs "/etc/init.d/bind reload" to reload bind's 
configuration data, and you end up with:

Name:    mrbloggs.pc12.internal
Address:  192.168.0.33
Aliases:  pc12.home

Reason behind this: certain students looking up sites that aren't really 
acceptable in a school. This lets me enable FQDN logging in Squid and see 
just who it is that's looking up junk (and wasting bandwidth). If you 
didn't understand any of this, don't worry, I'm not sure I do :-)

Richard Skelton
-------------- next part --------------
diff -r -u samba-2.0.5a/source/include/proto.h samba-2.0.5a-mod/source/include/proto.h

--- samba-2.0.5a/source/include/proto.h	Thu Jul 22 11:30:26 1999
+++ samba-2.0.5a-mod/source/include/proto.h	Wed Sep 22 16:08:26 1999
@@ -1122,6 +1122,7 @@
 char *lp_veto_files(int );
 char *lp_hide_files(int );
 char *lp_veto_oplocks(int );
+char *lp_veto_exempt(int );
 char *lp_driverlocation(int );
 BOOL lp_revalidate(int );
 BOOL lp_casesensitive(int );
diff -r -u samba-2.0.5a/source/include/smb.h samba-2.0.5a-mod/source/include/smb.h
--- samba-2.0.5a/source/include/smb.h	Wed Jul 21 10:55:07 1999
+++ samba-2.0.5a-mod/source/include/smb.h	Wed Sep 22 15:40:28 1999
@@ -573,6 +573,7 @@
 	BOOL ipc;
 	BOOL read_only;
 	BOOL admin_user;
+	BOOL veto_exempt;
 	char *dirpath;
 	char *connectpath;
 	char *origpath;
diff -r -u samba-2.0.5a/source/param/loadparm.c samba-2.0.5a-mod/source/param/loadparm.c
--- samba-2.0.5a/source/param/loadparm.c	Wed Jul 21 10:55:12 1999
+++ samba-2.0.5a-mod/source/param/loadparm.c	Wed Sep 22 16:05:42 1999
@@ -284,6 +284,7 @@
   char *szVetoFiles;
   char *szHideFiles;
   char *szVetoOplockFiles;
+  char *szVetoExempt;
   char *comment;
   char *force_user;
   char *force_group;
@@ -384,6 +385,7 @@
   NULL,    /* szVetoFiles */
   NULL,    /* szHideFiles */
   NULL,    /* szVetoOplockFiles */
+  NULL,    /* szVetoExempt */
   NULL,    /* comment */
   NULL,    /* force user */
   NULL,    /* force group */
@@ -707,6 +709,7 @@
   {"veto files",       P_STRING,  P_LOCAL,  &sDefault.szVetoFiles,      NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
   {"hide files",       P_STRING,  P_LOCAL,  &sDefault.szHideFiles,      NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
   {"veto oplock files",P_STRING,  P_LOCAL,  &sDefault.szVetoOplockFiles,NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
+  {"veto exempt",      P_STRING,  P_LOCAL,  &sDefault.szVetoExempt,     NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
   {"map system",       P_BOOL,    P_LOCAL,  &sDefault.bMap_system,      NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
   {"map hidden",       P_BOOL,    P_LOCAL,  &sDefault.bMap_hidden,      NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
   {"map archive",      P_BOOL,    P_LOCAL,  &sDefault.bMap_archive,     NULL,   NULL,  FLAG_SHARE|FLAG_GLOBAL},
@@ -1313,6 +1316,7 @@
 FN_LOCAL_STRING(lp_veto_files,szVetoFiles)
 FN_LOCAL_STRING(lp_hide_files,szHideFiles)
 FN_LOCAL_STRING(lp_veto_oplocks,szVetoOplockFiles)
+FN_LOCAL_STRING(lp_veto_exempt,szVetoExempt)
 FN_LOCAL_STRING(lp_driverlocation,szPrinterDriverLocation)
 
 FN_LOCAL_BOOL(lp_revalidate,bRevalidate)
diff -r -u samba-2.0.5a/source/smbd/dir.c samba-2.0.5a-mod/source/smbd/dir.c
--- samba-2.0.5a/source/smbd/dir.c	Wed Jul 21 10:55:20 1999
+++ samba-2.0.5a-mod/source/smbd/dir.c	Wed Sep 22 15:45:54 1999
@@ -685,7 +685,7 @@
     int l = strlen(n)+1;
 
     /* If it's a vetoed file, pretend it doesn't even exist */
-    if (use_veto && conn && IS_VETO_PATH(conn, n)) continue;
+    if (use_veto && conn && IS_VETO_PATH(conn, n) && !conn->veto_exempt) continue;
 
     if (used + l > dirp->mallocsize) {
       int s = MAX(used+l,used+2000);
diff -r -u samba-2.0.5a/source/smbd/service.c samba-2.0.5a-mod/source/smbd/service.c
--- samba-2.0.5a/source/smbd/service.c	Wed Jul 21 10:55:21 1999
+++ samba-2.0.5a-mod/source/smbd/service.c	Wed Sep 22 17:20:16 1999
@@ -321,7 +321,15 @@
 	} else {
 		conn->admin_user = False;
 	}
-    
+	
+ 	/* veto exempt check */
+ 	if (user_in_list(user,lp_veto_exempt(snum))) {
+		conn->veto_exempt = True;
+		DEBUG(0,("%s logged in as veto exempt user\n",user));
+	} else {
+		conn->veto_exempt = False;
+	}
+	
 	conn->force_user = force;
 	conn->vuid = vuid;
 	conn->uid = pass->pw_uid;
-------------- next part --------------
----------------------------------------------------------------------------
Please note, I am NOT an employee of Chariot Internet.
