[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-337-g73e9693

Jeremy Allison jra at samba.org
Tue Jul 14 18:35:30 MDT 2009 

On Wed, Jul 15, 2009 at 01:35:44AM +0800, boyang wrote:
> Jeremy Allison wrote:
> > On Tue, Jul 14, 2009 at 12:09:34PM -0500, Bo Yang wrote:
> >
> >   
> >> commit 9ef6af73b319048fc6f3891573f0e10066dffee6
> >> Author: Bo Yang <boyang at samba.org>
> >> Date:   Wed Jul 15 15:34:10 2009 +0800
> >>
> >>     s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
> >>     
> >
> > Hi Bo,
> >
> > 	This looks like a fairly invasive
> > change we need to look at closely. Can you
> > post an explaination of what the code is
> > doing here please ?
> >   
> When a tconx connect to a usershare, child smbd watch on directory
> lp_usershare_path() for any changes that might affect the share's
> permission. If a usershare is not connected, there is no need to watch
> it.  when the share's permission is changed, including deleted(by
> command net usershare xxxx), a event is generated by inotify and a flag
> in conn structure is set. Then we force recheck the permission to figure
> out if connected user can read/write it.
> 
> It is used to dynamically check the permission change for a connection,
> but without endless polling. The share permission is check only when
> lp_usershare_path() is changed.
> 
> Is there any better way to do it?

Ok, I think I have thought of a cleaner way to do this.

We add a new message that smbd processes, REEVALUATE_SHARE,
which gives the share name.

On receipt of this message an smbd re-reads the share
definition to get the new acl, then walks it's connection
lists, and the file pointer lists and makes changes where
needed (disconnection, modification of the conn->read_only
field, modification of the fsp->can_write field).

This will work for registry shares, where modification
can only be done via tools connected to smbd (which can
become_root() to send the message).

For usershares, we modify the "net usershare" command to
force an update in the timestamp of the containing directory
(cerate and delete a dummy file for example, or maybe just
changing the st_mode on the existing usershare file would
do). Then smbd's notice this change by having the usershare
directory added to the list of files whose timestamps we
watch in lp_file_list_changed().

Boyang, will this work for you ? Can you see any issues
with this idea ?

Jeremy.

More information about the samba-technical mailing list