[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-337-g73e9693

Jeremy Allison jra at samba.org
Tue Jul 14 11:55:38 MDT 2009

On Wed, Jul 15, 2009 at 01:35:44AM +0800, boyang wrote:
> Jeremy Allison wrote:
> > On Tue, Jul 14, 2009 at 12:09:34PM -0500, Bo Yang wrote:
> >
> >   
> >> commit 9ef6af73b319048fc6f3891573f0e10066dffee6
> >> Author: Bo Yang <boyang at samba.org>
> >> Date:   Wed Jul 15 15:34:10 2009 +0800
> >>
> >>     s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
> >>     
> >
> > Hi Bo,
> >
> > 	This looks like a fairly invasive
> > change we need to look at closely. Can you
> > post an explaination of what the code is
> > doing here please ?
> >   
> When a tconx connect to a usershare, child smbd watch on directory
> lp_usershare_path() for any changes that might affect the share's
> permission. If a usershare is not connected, there is no need to watch
> it.  when the share's permission is changed, including deleted(by
> command net usershare xxxx), a event is generated by inotify and a flag
> in conn structure is set. Then we force recheck the permission to figure
> out if connected user can read/write it.
> It is used to dynamically check the permission change for a connection,
> but without endless polling. The share permission is check only when
> lp_usershare_path() is changed.
> Is there any better way to do it?

I don't think we should be doing this at all, at least not
in the way it's coded here.

Once a connection is made, it's made with the permissions
that were existing at the time of connection. Any changes
made affect *new* connections, but not existing ones. This
is the only sane way to do things. Otherwise you end up with
an endless series of "polling" checks to ensure things are
still "safe" This way lies madness. I know you're using inotify,
but even so - this makes core code that should be simple,
much more complex than it should be. Some of the code (the
change_to_user()) code has *recently* had some crappy bugs.
This stuff is *complex*.

I would like to revert
until we've had some discussions on what we want to do here.

If that ok with you ?


More information about the samba-technical mailing list