samba.git/source3/modules, branch talloc-2.4.2 Unnamed repository; edit this file 'description' to name the repository. vfs_ceph: Use ceph_fdopendir() when available for SMB_VFS_FDOPENDIR 2024-01-27T00:01:12+00:00 Anoop C S anoopcs@samba.org 2024-01-16T06:17:27+00:00 6e6d8384f369e2b850921c7b4d54742f501c115c Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Sat Jan 27 00:01:12 UTC 2024 on atb-devel-224 
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Sat Jan 27 00:01:12 UTC 2024 on atb-devel-224
vfs_ceph: Implement SMB_VFS_FSTATAT 2024-01-26T16:56:59+00:00 Anoop C S anoopcs@samba.org 2024-01-09T05:41:40+00:00 fe8d866d2c619a16cd114e06802efddea4d08e13 Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Jan 26 16:56:59 UTC 2024 on atb-devel-224 
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jan 26 16:56:59 UTC 2024 on atb-devel-224
vfs_ceph: Indicate a successful connection in logs 2024-01-26T15:53:33+00:00 Anoop C S anoopcs@samba.org 2024-01-05T07:15:14+00:00 858b1d064db82606c44d5ef5a6098b1b924d5c49 Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> 
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
vfs_ceph: Fix a usage in comments 2024-01-26T15:53:33+00:00 Anoop C S anoopcs@samba.org 2023-12-18T15:57:44+00:00 e657fca589ce273d92268889fd9fe8fd98b3a201 Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> 
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Revert "vfs_acl_xattr.c: prefer capabilities over become_root" 2024-01-26T10:26:30+00:00 Anoop C S anoopcs@samba.org 2024-01-24T09:36:53+00:00 697d41420b4f4830396acfbc96bd1f1c1f0531f4 This reverts commit 0e3836e3961f2b7c39173ce1023d3c92addef630. With capabilities preferred over become_root() we failed to achieve the basic goal of storing NT ACLs in xattrs using vfs_acl_xattr. This is due to the fact that apart from CAP_DAC_OVERRIDE it is manadatory to have CAP_SYS_ADMIN for write access to xattrs from security namespace[1]. Despite the option to configure the xattr name within the module we should not anticipate and miss to consider xattrs from security namespace which is far more protected even with our default name "security.NTACL". Theorotically we could make it work by adding another capability on top of existing ones. But given the functions designed around this area we may not be able to come up with a cleaner change which can handle the fallback mechanism to become_root(). Any failure to set the very first capability would put us in become_root() path where further capabilities are mostly not required. Thus reverting to old behaviour to always become_root() until we have a cleaner approach to handle the fallback while modifying multiple capabilities at once. [1] https://www.man7.org/linux/man-pages/man7/xattr.7.html Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
This reverts commit 0e3836e3961f2b7c39173ce1023d3c92addef630.

With capabilities preferred over become_root() we failed to achieve
the basic goal of storing NT ACLs in xattrs using vfs_acl_xattr. This
is due to the fact that apart from CAP_DAC_OVERRIDE it is manadatory
to have CAP_SYS_ADMIN for write access to xattrs from security
namespace[1]. Despite the option to configure the xattr name within
the module we should not anticipate and miss to consider xattrs from
security namespace which is far more protected even with our default
name "security.NTACL".

Theorotically we could make it work by adding another capability on
top of existing ones. But given the functions designed around this
area we may not be able to come up with a cleaner change which can
handle the fallback mechanism to become_root(). Any failure to set
the very first capability would put us in become_root() path where
further capabilities are mostly not required. Thus reverting to old
behaviour to always become_root() until we have a cleaner approach
to handle the fallback while modifying multiple capabilities at once.

[1] https://www.man7.org/linux/man-pages/man7/xattr.7.html

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time 2024-01-22T10:53:29+00:00 Ralph Boehme slow@samba.org 2023-12-19T10:11:55+00:00 5c2f96442a25a1725809a28b3719afbc0bd01830 This will be used in CI to have a gitlab runner without all modern Linux features we make use of as part of path processing: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle That gives what a classix UNIX like AIX or Solaris offers feature wise. Other OSes support other combinations of those features, but we leave the exersize of possibly adding more runners supporting those combinations to the reader. The following list shows which features are available and used by Samba on a few OSes: | O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen | CI covered --------|----------------|---------------------|---------------------------- | Supported Used | Supported Used | Supported Used | ============================================================================ Linux | + + | + + | + + | + FreeBSD | + + | + [1] - | + [2] - | - AIX | - - | - - | - - | + [1] via open() flag O_RESOLVE_BENEATH [2] via open() flag O_EMPTY_PATH BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
This will be used in CI to have a gitlab runner without all modern Linux
features we make use of as part of path processing:

- O_PATH
- openat2() with RESOLVE_NO_SYMLINKS
- somehow safely reopen an O_PATH file handle

That gives what a classix UNIX like AIX or Solaris offers feature wise.

Other OSes support other combinations of those features, but we leave the
exersize of possibly adding more runners supporting those combinations to the
reader.

The following list shows which features are available and used by Samba on a few
OSes:

        | O_PATH         | RESOLVE_NO_SYMLINKS | Safe reopen    | CI covered
--------|----------------|---------------------|----------------------------
        | Supported Used | Supported Used      | Supported Used |
============================================================================
Linux   | +         +    | +         +         | +         +    | +
FreeBSD | +         +    | + [1]     -         | + [2]     -    | -
AIX     | -         -    | -         -         | -         -    | +

[1] via open() flag O_RESOLVE_BENEATH
[2] via open() flag O_EMPTY_PATH

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
vfs: Remove shadow_copy2_get_real_filename_at() 2024-01-16T19:44:53+00:00 Volker Lendecke vl@samba.org 2024-01-11T16:49:29+00:00 0caaa2d1723084ba5a707432830c5916e85e21bc The synthetic_pathref() call in shadow_copy2_get_real_filename_at() fails if shadow:snapdir is set outside of the share root, it creates an absolute path and non_widelink_open() blocks that. We don't need shadow_copy2_get_real_filename_at() anymore because the dirfsp already points at the correct directory in the snapshot directory. So get_real_filename_full_scan_at() just works fine. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15556 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 16 19:44:53 UTC 2024 on atb-devel-224 
The synthetic_pathref() call in shadow_copy2_get_real_filename_at()
fails if shadow:snapdir is set outside of the share root, it creates
an absolute path and non_widelink_open() blocks that.

We don't need shadow_copy2_get_real_filename_at() anymore because the
dirfsp already points at the correct directory in the snapshot
directory. So get_real_filename_full_scan_at() just works fine.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15556

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 16 19:44:53 UTC 2024 on atb-devel-224
vfs_worm: add FILE_WRITE_EA to write access mask 2024-01-16T14:37:31+00:00 Björn Jacke bjacke@samba.org 2024-01-07T13:42:20+00:00 abe1e959bf5a05a91a66b2bfaac97d000e4768ff Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
vfs_worm: add my copyright 2024-01-16T14:37:31+00:00 Björn Jacke bjacke@samba.org 2024-01-08T13:25:45+00:00 24227f7ecc16d3fc17430ac9039d7ad1ae1ee553 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
vfs_worm: add some more vfs functions that worm needs to take care of 2024-01-16T14:37:31+00:00 Björn Jacke bjacke@samba.org 2024-01-04T11:48:59+00:00 30fea0e959229ee583bc76490aff5e54bc7f5be8 BUG: https://bugzilla.samba.org/show_bug.cgi?id=10430 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10430

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>