Questions about smbd option "strict rename"
Stefan Metzmacher
metze at samba.org
Mon Nov 23 11:59:35 UTC 2015
Am 22.11.2015 um 13:49 schrieb Ralph Boehme:
> Hi Jeremy,
>
> On Fri, Nov 20, 2015 at 01:45:08PM -0800, Jeremy Allison wrote:
>> On Fri, Nov 20, 2015 at 10:01:46AM +0100, Ralph Boehme wrote:
>>> ...
>>> According to the commit message and the manpage description, "strict
>>> rename = no" means we won't check for open files when we do a
>>> directory rename.
>>>
>>> If this is correct, we have two bugs:
>>
>> Just to clarify, you mean: "we have two bugs in our rename path",
>> yes ?
>
> yes. I wasn't suggesting we're down to 0 bugs besided those. :)
>
>>> - "strict rename = no": doesn't work, opens are always checked,
>>> regardless of the setting of "strict rename". can_rename(), the
>>> function where we do this check when renaming a directory, is
>>> missing a check for lp_strict_rename() or similar.
>>
>> Yep. That's how it was supposed to work. The code in
>> can_rename() should probably be the same as the code in
>> source/smbd/dir.c which is:
>>
>> if (!lp_posix_pathnames() &&
>> lp_strict_rename(SNUM(conn)) &&
>> have_file_open_below(fsp->conn, fsp->fsp_name))
>> {
>> return NT_STATUS_ACCESS_DENIED;
>> }
>
> Ok, thanks for clarifying. Does everybody agree? Metze?
I don't agree, sorry.
We should provide the semantics the client asked for
and try to behave like a windows server.
I think we should fix the manpage and use file_find_subpath()
if lp_strict_rename() is false.
Can we use fsp->posix_open instead of lp_posix_pathnames() ?
We fruit module could set fsp->posix_open in that case.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20151123/9fb1f599/signature.sig>
More information about the samba-technical
mailing list