Questions about smbd option "strict rename"

Stefan Metzmacher metze at
Mon Nov 23 11:59:35 UTC 2015

Am 22.11.2015 um 13:49 schrieb Ralph Boehme:
> Hi Jeremy,
> On Fri, Nov 20, 2015 at 01:45:08PM -0800, Jeremy Allison wrote:
>> On Fri, Nov 20, 2015 at 10:01:46AM +0100, Ralph Boehme wrote:
>>> ...
>>> According to the commit message and the manpage description, "strict
>>> rename = no" means we won't check for open files when we do a
>>> directory rename.
>>> If this is correct, we have two bugs:
>> Just to clarify, you mean: "we have two bugs in our rename path",
>> yes ?
> yes. I wasn't suggesting we're down to 0 bugs besided those. :)
>>> - "strict rename = no": doesn't work, opens are always checked,
>>>   regardless of the setting of "strict rename".  can_rename(), the
>>>   function where we do this check when renaming a directory, is
>>>   missing a check for lp_strict_rename() or similar.
>> Yep. That's how it was supposed to work. The code in
>> can_rename() should probably be the same as the code in
>> source/smbd/dir.c which is:
>>         if (!lp_posix_pathnames() &&
>>             lp_strict_rename(SNUM(conn)) &&
>>             have_file_open_below(fsp->conn, fsp->fsp_name))
>>         {
>>                 return NT_STATUS_ACCESS_DENIED;
>>         }
> Ok, thanks for clarifying. Does everybody agree? Metze?

I don't agree, sorry.

We should provide the semantics the client asked for
and try to behave like a windows server.

I think we should fix the manpage and use file_find_subpath()
if lp_strict_rename() is false.

Can we use fsp->posix_open instead of lp_posix_pathnames() ?

We fruit module could set fsp->posix_open in that case.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list