Some patches to reload tokens when signals sent to Samba and etc

Richard Sharpe realrichardsharpe at gmail.com
Thu May 15 03:42:58 MDT 2014


Hi Folks,

These are some patches that were supplied to Tandberg to provide the
following functionality:

1. If share-level permissions are changed, put them into effect for
currently connected clients.

2. On receipt of a signal (SIGUSR2 etc), reload the user's token in
case there has been a change of group memberships etc.

These both take the view that already opened files will not be
changed. They will retain the access the was granted when the file was
opened. However, new opens will see whatever restrictions now apply.

The mechanism used to reload the token is not very robust I suspect.

Indeed, if Reauthentication is available in the version of SMB being
used, it would probably be better to use that.

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tbg-full-reload-tokens-3.patch
Type: application/octet-stream
Size: 13669 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140515/e9e36151/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: share-sec-change-2.patch
Type: application/octet-stream
Size: 11796 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140515/e9e36151/attachment-0001.obj>


More information about the samba-technical mailing list