[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-337-g73e9693
boyang at samba.org
Tue Jul 14 11:59:32 MDT 2009
Jeremy Allison wrote:
> On Wed, Jul 15, 2009 at 01:35:44AM +0800, boyang wrote:
>> Jeremy Allison wrote:
>>> On Tue, Jul 14, 2009 at 12:09:34PM -0500, Bo Yang wrote:
>>>> commit 9ef6af73b319048fc6f3891573f0e10066dffee6
>>>> Author: Bo Yang <boyang at samba.org>
>>>> Date: Wed Jul 15 15:34:10 2009 +0800
>>>> s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
>>> Hi Bo,
>>> This looks like a fairly invasive
>>> change we need to look at closely. Can you
>>> post an explaination of what the code is
>>> doing here please ?
>> When a tconx connect to a usershare, child smbd watch on directory
>> lp_usershare_path() for any changes that might affect the share's
>> permission. If a usershare is not connected, there is no need to watch
>> it. when the share's permission is changed, including deleted(by
>> command net usershare xxxx), a event is generated by inotify and a flag
>> in conn structure is set. Then we force recheck the permission to figure
>> out if connected user can read/write it.
>> It is used to dynamically check the permission change for a connection,
>> but without endless polling. The share permission is check only when
>> lp_usershare_path() is changed.
>> Is there any better way to do it?
> I don't think we should be doing this at all, at least not
> in the way it's coded here.
> Once a connection is made, it's made with the permissions
> that were existing at the time of connection. Any changes
> made affect *new* connections, but not existing ones. This
> is the only sane way to do things. Otherwise you end up with
> an endless series of "polling" checks to ensure things are
> still "safe" This way lies madness. I know you're using inotify,
> but even so - this makes core code that should be simple,
> much more complex than it should be. Some of the code (the
> change_to_user()) code has *recently* had some crappy bugs.
> This stuff is *complex*.
it does is. :-)
> I would like to revert
> until we've had some discussions on what we want to do here.
> If that ok with you ?
Bo Yang, Software Engineer, Suse Labs
Samba Team boyang at samba.org http://www.samba.org/
SUSE Linux boyang at suse.de http://www.novell.com/
More information about the samba-technical