Questions about smbd option "strict rename"
Jeremy Allison
jra at samba.org
Mon Nov 23 22:12:24 UTC 2015
On Mon, Nov 23, 2015 at 01:33:44PM -0800, Jeremy Allison wrote:
> On Mon, Nov 23, 2015 at 10:22:35PM +0100, Ralph Boehme wrote:
> > On Mon, Nov 23, 2015 at 12:59:35PM +0100, Stefan Metzmacher wrote:
> > > Am 22.11.2015 um 13:49 schrieb Ralph Boehme:
> > > > On Fri, Nov 20, 2015 at 01:45:08PM -0800, Jeremy Allison wrote:
> > > >> On Fri, Nov 20, 2015 at 10:01:46AM +0100, Ralph Boehme wrote:
> > > >>> - "strict rename = no": doesn't work, opens are always checked,
> > > >>> regardless of the setting of "strict rename". can_rename(), the
> > > >>> function where we do this check when renaming a directory, is
> > > >>> missing a check for lp_strict_rename() or similar.
> > > >>
> > > >> Yep. That's how it was supposed to work. The code in
> > > >> can_rename() should probably be the same as the code in
> > > >> source/smbd/dir.c which is:
> > > >>
> > > >> if (!lp_posix_pathnames() &&
> > > >> lp_strict_rename(SNUM(conn)) &&
> > > >> have_file_open_below(fsp->conn, fsp->fsp_name))
> > > >> {
> > > >> return NT_STATUS_ACCESS_DENIED;
> > > >> }
> > > >
> > > > Ok, thanks for clarifying. Does everybody agree? Metze?
> > >
> > > I don't agree, sorry.
> > >
> > > We should provide the semantics the client asked for
> > > and try to behave like a windows server.
> > >
> > > I think we should fix the manpage and use file_find_subpath()
> > > if lp_strict_rename() is false.
> >
> > I'm leaning towards that interpretation of "strict rename" too.
>
> I have a patch in preparation that implements this. It's
> found an existing bug in files_below_forall() I'll probably
> log as a separate bug....
OK, here is the separate patch for the new bug:
https://bugzilla.samba.org/show_bug.cgi?id=11615
have_file_open_below() fails to enumerate files open under a directory correctly.
Please review and push !
Jeremy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-smbd-have_file_open_below-fails-to-enumerate-open.patch
Type: text/x-diff
Size: 2042 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20151123/d109ea83/0001-s3-smbd-have_file_open_below-fails-to-enumerate-open.diff>
More information about the samba-technical
mailing list