The Samba-Bugzilla – Attachment 8825 Details for
Bug 9467
nfsv4 ACLs: CREATOR OWNER should be mapped to the special @owner ACL entry, and named users should not
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches adding a new nfs4:mode specialcreator
Patches adding a new nfs4:mode specialcreator.patch (text/plain), 21.36 KB, created by
Alexander Werth
on 2013-04-28 20:22:39 UTC
(
hide
)
Description:
Patches adding a new nfs4:mode specialcreator
Filename:
MIME Type:
Creator:
Alexander Werth
Created:
2013-04-28 20:22:39 UTC
Size:
21.36 KB
patch
obsolete
>From a3248ba81e93790774d60111f5d6bdeadbf7505f Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Thu, 26 Jul 2012 16:51:20 +0200 >Subject: [PATCH 1/7] s3: Add new nfs4:mode specialcreator on reading > parameters. > >--- > source3/modules/nfs4_acls.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > >diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c >index f169b35..7ab886b 100644 >--- a/source3/modules/nfs4_acls.c >+++ b/source3/modules/nfs4_acls.c >@@ -54,7 +54,7 @@ typedef struct _SMB_ACL4_INT_T > SMB_ACE4_INT_T *last; > } SMB_ACL4_INT_T; > >-enum smbacl4_mode_enum {e_simple=0, e_special=1}; >+enum smbacl4_mode_enum {e_simple=0, e_special=1, e_specialcreator=2}; > enum smbacl4_acedup_enum {e_dontcare=0, e_reject=1, e_ignore=2, e_merge=3}; > > typedef struct _smbacl4_vfs_params { >@@ -75,6 +75,7 @@ static int smbacl4_get_vfs_params( > static const struct enum_list enum_smbacl4_modes[] = { > { e_simple, "simple" }, > { e_special, "special" }, >+ { e_specialcreator, "specialcreator" }, > { -1 , NULL } > }; > static const struct enum_list enum_smbacl4_acedups[] = { >-- >1.7.9.5 > >From 288155c6d99e94a69b30a215b1f84ab451cbdb9b Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Sun, 28 Apr 2013 16:16:29 +0200 >Subject: [PATCH 2/7] s3: Add smb_insert_ace4 function. > >--- > source3/modules/nfs4_acls.c | 46 ++++++++++++++++++++++++++++++++++--------- > 1 file changed, 37 insertions(+), 9 deletions(-) > >diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c >index 7ab886b..e57ea25 100644 >--- a/source3/modules/nfs4_acls.c >+++ b/source3/modules/nfs4_acls.c >@@ -43,6 +43,7 @@ typedef struct _SMB_ACE4_INT_T > uint32 magic; > SMB_ACE4PROP_T prop; > void *next; >+ void *prev; > } SMB_ACE4_INT_T; > > #define SMB_ACL4_INT_MAGIC 0x29A3E792 >@@ -207,7 +208,8 @@ SMB4ACL_T *smb_create_smb4acl(TALLOC_CTX *mem_ctx) > return (SMB4ACL_T *)theacl; > } > >-SMB4ACE_T *smb_add_ace4(SMB4ACL_T *theacl, SMB_ACE4PROP_T *prop) >+SMB4ACE_T *smb_insert_ace4(SMB4ACL_T *theacl, SMB_ACE4PROP_T *prop, >+ SMB_ACE4_INT_T *acepos) > { > SMB_ACL4_INT_T *aclint = get_validated_aclint(theacl); > SMB_ACE4_INT_T *ace; >@@ -221,22 +223,48 @@ SMB4ACE_T *smb_add_ace4(SMB4ACL_T *theacl, SMB_ACE4PROP_T *prop) > return NULL; > } > ace->magic = SMB_ACE4_INT_MAGIC; >- /* ace->next = NULL not needed */ >+ /* ace->next/prev = NULL not needed */ > memcpy(&ace->prop, prop, sizeof(SMB_ACE4PROP_T)); > >- if (aclint->first==NULL) >- { >- aclint->first = ace; >- aclint->last = ace; >- } else { >- aclint->last->next = (void *)ace; >- aclint->last = ace; >+ if (acepos==NULL) { >+ if (aclint->first==NULL) { >+ aclint->first = ace; >+ aclint->last = ace; >+ } >+ else { >+ ace->prev = (void *)aclint->last; >+ aclint->last->next = (void *)ace; >+ aclint->last = ace; >+ } >+ } >+ else { >+ if (aclint->first==NULL) { >+ aclint->first = ace; >+ aclint->last = ace; >+ } >+ else { >+ ace->prev = (void *)acepos->prev; >+ ace->next = (void *)acepos; >+ acepos->prev = (void *)ace; >+ if (ace->prev!=NULL) { >+ SMB_ACE4_INT_T *aceprev = ace->prev; >+ aceprev->next = (void *)ace; >+ } >+ if (aclint->first==acepos) { >+ aclint->first = ace; >+ } >+ } > } > aclint->naces++; > > return (SMB4ACE_T *)ace; > } > >+SMB4ACE_T *smb_add_ace4(SMB4ACL_T *theacl, SMB_ACE4PROP_T *prop) >+{ >+ return smb_insert_ace4(theacl, prop, NULL); >+} >+ > SMB_ACE4PROP_T *smb_get_ace4(SMB4ACE_T *ace) > { > SMB_ACE4_INT_T *aceint = get_validated_aceint(ace); >-- >1.7.9.5 > >From aed752314e7426aa7dde12fafdec58ad3aa3027b Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Thu, 26 Jul 2012 14:45:53 +0200 >Subject: [PATCH 3/7] s3: Add smbacl4_expand_special function for mode > specialcreate > >This function replaces inherited user acl entries with >a non inheriting special entry and an inherit only user entry. >It also replaces non inheriting user entries with special entries. >As a result the posix mode bits are set for user acl entries. >The same applies to groups and their posix mode bits. >--- > source3/modules/nfs4_acls.c | 79 ++++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 78 insertions(+), 1 deletion(-) > >diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c >index e57ea25..4eb3d88 100644 >--- a/source3/modules/nfs4_acls.c >+++ b/source3/modules/nfs4_acls.c >@@ -439,7 +439,8 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, > } > > /* Mapping of special entries to creator owner. */ >- if (params->mode == e_simple && >+ if ((params->mode == e_simple || >+ params->mode == e_specialcreator) && > ace->flags & SMB_ACE4_ID_SPECIAL && > (ace->who.special_id == SMB_ACE4_WHO_OWNER || > ace->who.special_id == SMB_ACE4_WHO_GROUP)) { >@@ -804,6 +805,78 @@ static int smbacl4_MergeIgnoreReject( > return result; > } > >+static int smbacl4_expand_special( >+ SMB4ACL_T *theacl, >+ uid_t ownerUID, >+ gid_t ownerGID >+) >+{ >+ SMB_ACL4_INT_T *aclint = get_validated_aclint(theacl); >+ SMB_ACE4_INT_T *aceint; >+ >+ for(aceint = aclint->first; aceint!=NULL; aceint=(SMB_ACE4_INT_T *)aceint->next) { >+ SMB_ACE4PROP_T *ace = &aceint->prop; >+ >+ DEBUG(10,("ace type: %d, iflags: %x, flags: %x, " >+ "mask: %x, who: %d\n", >+ ace->aceType, ace->flags, ace->aceFlags, >+ ace->aceMask, ace->who.id)); >+ >+ if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ !(ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) && >+ ace->who.uid == ownerUID && >+ !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE) && >+ !(ace->aceFlags & SMB_ACE4_FILE_INHERIT_ACE) && >+ !(ace->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)) { >+ ace->flags |= SMB_ACE4_ID_SPECIAL; >+ ace->who.special_id = SMB_ACE4_WHO_OWNER; >+ DEBUG(10,("replaced with special owner ace\n")); >+ } >+ else if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ !(ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) && >+ ace->who.uid == ownerUID && >+ !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE)) { >+ SMB_ACE4PROP_T ace_special; >+ ace_special = *ace; >+ ace_special.aceFlags &= ~SMB_ACE4_FILE_INHERIT_ACE; >+ ace_special.aceFlags &= ~SMB_ACE4_DIRECTORY_INHERIT_ACE; >+ ace_special.flags |= SMB_ACE4_ID_SPECIAL; >+ ace_special.who.special_id = SMB_ACE4_WHO_OWNER; >+ smb_insert_ace4(theacl, &ace_special, aceint); >+ ace->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE; >+ DEBUG(10,("ace special flags:0x%x aceFlags:0x%x\n", >+ ace_special.flags, ace_special.aceFlags)); >+ } >+ >+ if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP && >+ ace->who.uid == ownerGID && >+ !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE) && >+ !(ace->aceFlags & SMB_ACE4_FILE_INHERIT_ACE) && >+ !(ace->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)) { >+ ace->flags |= SMB_ACE4_ID_SPECIAL; >+ ace->who.special_id = SMB_ACE4_WHO_GROUP; >+ DEBUG(10,("replaced with special group ace\n")); >+ } >+ else if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP && >+ ace->who.uid == ownerGID && >+ !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE)) { >+ SMB_ACE4PROP_T ace_special; >+ ace_special = *ace; >+ ace_special.aceFlags &= ~SMB_ACE4_FILE_INHERIT_ACE; >+ ace_special.aceFlags &= ~SMB_ACE4_DIRECTORY_INHERIT_ACE; >+ ace_special.flags |= SMB_ACE4_ID_SPECIAL; >+ ace_special.who.special_id = SMB_ACE4_WHO_GROUP; >+ smb_insert_ace4(theacl, &ace_special, aceint); >+ ace->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE; >+ DEBUG(10,("ace special flags:0x%x aceFlags:0x%x\n", >+ ace_special.flags, ace_special.aceFlags)); >+ } >+ } >+ return True; /* OK */ >+} >+ > static SMB4ACL_T *smbacl4_win2nfs4( > TALLOC_CTX *mem_ctx, > const files_struct *fsp, >@@ -846,6 +919,10 @@ static SMB4ACL_T *smbacl4_win2nfs4( > smb_add_ace4(theacl, &ace_v4); > } > >+ if (pparams->mode==e_specialcreator) { >+ smbacl4_expand_special(theacl, ownerUID, ownerGID); >+ } >+ > return theacl; > } > >-- >1.7.9.5 > >From 74e3dba1bdb081911b59a93235dc9c69b08287af Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Thu, 26 Jul 2012 15:11:48 +0200 >Subject: [PATCH 4/7] s3: Add function smbacl4_substitute_special. > >--- > source3/modules/nfs4_acls.c | 42 +++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 41 insertions(+), 1 deletion(-) > >diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c >index 4eb3d88..4822588 100644 >--- a/source3/modules/nfs4_acls.c >+++ b/source3/modules/nfs4_acls.c >@@ -622,7 +622,7 @@ static void smbacl4_dump_nfs4acl(int level, SMB4ACL_T *theacl) > } > } > >-/* >+/* > * Find 2 NFS4 who-special ACE property (non-copy!!!) > * match nonzero if "special" and who is equal > * return ace if found matching; otherwise NULL >@@ -805,6 +805,42 @@ static int smbacl4_MergeIgnoreReject( > return result; > } > >+static int smbacl4_substitute_special( >+ SMB4ACL_T *theacl, >+ uid_t ownerUID, >+ gid_t ownerGID >+) >+{ >+ SMB_ACL4_INT_T *aclint = get_validated_aclint(theacl); >+ SMB_ACE4_INT_T *aceint; >+ >+ for(aceint = aclint->first; aceint!=NULL; aceint=(SMB_ACE4_INT_T *)aceint->next) { >+ SMB_ACE4PROP_T *ace = &aceint->prop; >+ >+ DEBUG(10,("ace type: %d, iflags: %x, flags: %x, " >+ "mask: %x, who: %d\n", >+ ace->aceType, ace->flags, ace->aceFlags, >+ ace->aceMask, ace->who.id)); >+ >+ if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ !(ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) && >+ ace->who.uid == ownerUID) { >+ ace->flags |= SMB_ACE4_ID_SPECIAL; >+ ace->who.special_id = SMB_ACE4_WHO_OWNER; >+ DEBUG(10,("replaced with special owner ace\n")); >+ } >+ >+ if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && >+ ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP && >+ ace->who.uid == ownerGID) { >+ ace->flags |= SMB_ACE4_ID_SPECIAL; >+ ace->who.special_id = SMB_ACE4_WHO_GROUP; >+ DEBUG(10,("replaced with special group ace\n")); >+ } >+ } >+ return True; /* OK */ >+} >+ > static int smbacl4_expand_special( > SMB4ACL_T *theacl, > uid_t ownerUID, >@@ -919,6 +955,10 @@ static SMB4ACL_T *smbacl4_win2nfs4( > smb_add_ace4(theacl, &ace_v4); > } > >+ if (pparams->mode==e_special) { >+ smbacl4_substitute_special(theacl, ownerUID, ownerGID); >+ } >+ > if (pparams->mode==e_specialcreator) { > smbacl4_expand_special(theacl, ownerUID, ownerGID); > } >-- >1.7.9.5 > >From ebbf25caad3e80c7dcfa7d817f79787b7fbe7716 Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Wed, 18 Jul 2012 17:18:02 +0200 >Subject: [PATCH 5/7] s3: Rewrite ACL with special entries for the owner and > group. > >This will only be done in mode specialcreator. >--- > source3/modules/nfs4_acls.c | 101 +++++++++++++++++++++++++++++++++++++++++++ > source3/modules/nfs4_acls.h | 17 ++++++++ > 2 files changed, 118 insertions(+) > >diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c >index 4822588..3915df8 100644 >--- a/source3/modules/nfs4_acls.c >+++ b/source3/modules/nfs4_acls.c >@@ -1082,3 +1082,104 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, > DEBUG(10, ("smb_set_nt_acl_nfs4 succeeded\n")); > return NT_STATUS_OK; > } >+ >+NTSTATUS smb_create_file_nfs4(struct vfs_handle_struct *handle, >+ struct smb_request *req, >+ uint16_t root_dir_fid, >+ struct smb_filename *smb_fname, >+ uint32_t access_mask, >+ uint32_t share_access, >+ uint32_t create_disposition, >+ uint32_t create_options, >+ uint32_t file_attributes, >+ uint32_t oplock_request, >+ uint64_t allocation_size, >+ uint32_t private_flags, >+ struct security_descriptor *sd, >+ struct ea_list *ea_list, >+ files_struct **result, >+ int *pinfo) >+{ >+ NTSTATUS status, status1; >+ files_struct *fsp = NULL; >+ uint32 security_info; >+ int info; >+ struct security_descriptor *psd = NULL; >+ smbacl4_vfs_params params; >+ >+ status = SMB_VFS_NEXT_CREATE_FILE(handle, >+ req, >+ root_dir_fid, >+ smb_fname, >+ access_mask, >+ share_access, >+ create_disposition, >+ create_options, >+ file_attributes, >+ oplock_request, >+ allocation_size, >+ private_flags, >+ sd, >+ ea_list, >+ result, >+ &info); >+ >+ if (!NT_STATUS_IS_OK(status)) { >+ goto out; >+ } >+ >+ if (info != FILE_WAS_CREATED) { >+ /* File/directory was opened, not created. */ >+ goto out; >+ } >+ >+ fsp = *result; >+ >+ if (fsp == NULL) { >+ /* Only handle success. */ >+ goto out; >+ } >+ >+ if (sd) { >+ /* Security descriptor already set. */ >+ goto out; >+ } >+ >+ if (fsp->base_fsp) { >+ /* Stream open. */ >+ goto out; >+ } >+ >+ /* Special behaviours */ >+ if (smbacl4_get_vfs_params(SMBACL4_PARAM_TYPE_NAME, fsp->conn, ¶ms)) >+ return NT_STATUS_NO_MEMORY; >+ if (params.mode != e_specialcreator) { >+ /* We don't need to adjust the ACLs */ >+ goto out; >+ } >+ >+ security_info = (SECINFO_OWNER | SECINFO_GROUP | >+ SECINFO_DACL | SECINFO_SACL); >+ >+ /* Rewrite ACL with special entries for the owner and group */ >+ status1 = SMB_VFS_FGET_NT_ACL(fsp, security_info, talloc_tos(), &psd); >+ >+ if (!NT_STATUS_IS_OK(status1)) { >+ goto out; >+ } >+ >+ status1 = SMB_VFS_FSET_NT_ACL(fsp, security_info, psd); >+ >+out: >+ >+ TALLOC_FREE(psd); >+ >+ if (fsp) { >+ VFS_REMOVE_FSP_EXTENSION(handle, fsp); >+ } >+ >+ if (NT_STATUS_IS_OK(status) && pinfo) { >+ *pinfo = info; >+ } >+ return status; >+} >diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h >index 1bde81b..9a7824d 100644 >--- a/source3/modules/nfs4_acls.h >+++ b/source3/modules/nfs4_acls.h >@@ -150,4 +150,21 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, > const struct security_descriptor *psd, > set_nfs4acl_native_fn_t set_nfs4_native); > >+NTSTATUS smb_create_file_nfs4(struct vfs_handle_struct *handle, >+ struct smb_request *req, >+ uint16_t root_dir_fid, >+ struct smb_filename *smb_fname, >+ uint32_t access_mask, >+ uint32_t share_access, >+ uint32_t create_disposition, >+ uint32_t create_options, >+ uint32_t file_attributes, >+ uint32_t oplock_request, >+ uint64_t allocation_size, >+ uint32_t private_flags, >+ struct security_descriptor *sd, >+ struct ea_list *ea_list, >+ files_struct **result, >+ int *pinfo); >+ > #endif /* __NFS4_ACLS_H__ */ >-- >1.7.9.5 > >From 509ce81cc438f574dda57f395d9dbeaecde12e4d Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Wed, 18 Jul 2012 15:41:25 +0200 >Subject: [PATCH 6/7] s3: Add smb_create_file_nfs4 to vfs_fn_pointers. > >Added to vfs_gpfs, vfs_aixacl2, vfs_zfsacl, vfs_nfs4acl_xattr. >--- > source3/modules/vfs_aixacl2.c | 3 ++- > source3/modules/vfs_gpfs.c | 1 + > source3/modules/vfs_nfs4acl_xattr.c | 1 + > source3/modules/vfs_zfsacl.c | 1 + > 4 files changed, 5 insertions(+), 1 deletion(-) > >diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c >index 735eadd..e962d94 100644 >--- a/source3/modules/vfs_aixacl2.c >+++ b/source3/modules/vfs_aixacl2.c >@@ -542,7 +542,8 @@ static struct vfs_fn_pointers vfs_aixacl2_fns = { > .sys_acl_blob_get_fd_fn = aixjfs2_sys_acl_blob_get_fd, > .sys_acl_set_file_fn = aixjfs2_sys_acl_set_file, > .sys_acl_set_fd_fn = aixjfs2_sys_acl_set_fd, >- .sys_acl_delete_def_file_fn = aixjfs2_sys_acl_delete_def_file >+ .sys_acl_delete_def_file_fn = aixjfs2_sys_acl_delete_def_file, >+ .create_file_fn = smb_create_file_nfs4, > }; > > NTSTATUS vfs_aixacl2_init(void); >diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c >index 6056b7e..ed24129 100644 >--- a/source3/modules/vfs_gpfs.c >+++ b/source3/modules/vfs_gpfs.c >@@ -2156,6 +2156,7 @@ static struct vfs_fn_pointers vfs_gpfs_fns = { > .sendfile_fn = vfs_gpfs_sendfile, > .fallocate_fn = vfs_gpfs_fallocate, > .open_fn = vfs_gpfs_open, >+ .create_file_fn = smb_create_file_nfs4, > .pread_fn = vfs_gpfs_pread, > .pread_send_fn = vfs_gpfs_pread_send, > .pread_recv_fn = vfs_gpfs_pread_recv, >diff --git a/source3/modules/vfs_nfs4acl_xattr.c b/source3/modules/vfs_nfs4acl_xattr.c >index 7285228..f4271d7 100644 >--- a/source3/modules/vfs_nfs4acl_xattr.c >+++ b/source3/modules/vfs_nfs4acl_xattr.c >@@ -636,6 +636,7 @@ static struct vfs_fn_pointers nfs4acl_xattr_fns = { > .fget_nt_acl_fn = nfs4acl_xattr_fget_nt_acl, > .get_nt_acl_fn = nfs4acl_xattr_get_nt_acl, > .fset_nt_acl_fn = nfs4acl_xattr_fset_nt_acl, >+ .create_file_fn = smb_create_file_nfs4, > }; > > NTSTATUS vfs_nfs4acl_xattr_init(void); >diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c >index a016234..e327bb1 100644 >--- a/source3/modules/vfs_zfsacl.c >+++ b/source3/modules/vfs_zfsacl.c >@@ -329,6 +329,7 @@ static struct vfs_fn_pointers zfsacl_fns = { > .fget_nt_acl_fn = zfsacl_fget_nt_acl, > .get_nt_acl_fn = zfsacl_get_nt_acl, > .fset_nt_acl_fn = zfsacl_fset_nt_acl, >+ .create_file_fn = smb_create_file_nfs4, > }; > > NTSTATUS vfs_zfsacl_init(void); >-- >1.7.9.5 > >From 1de0a73f44cafba8bbf11e38df7e9c50590581cf Mon Sep 17 00:00:00 2001 >From: Alexander Werth <alexander.werth@de.ibm.com> >Date: Sun, 28 Apr 2013 19:06:59 +0200 >Subject: [PATCH 7/7] s4-smbtorture: Run tests for all nfs4:modes. > >--- > selftest/knownfail | 30 +++++++++++++++++++++++------- > selftest/target/Samba3.pm | 15 ++++++++++++++- > source3/selftest/tests.py | 4 +++- > 3 files changed, 40 insertions(+), 9 deletions(-) > >diff --git a/selftest/knownfail b/selftest/knownfail >index 1499920..198f971 100644 >--- a/selftest/knownfail >+++ b/selftest/knownfail >@@ -45,13 +45,29 @@ > ^samba3.blackbox.smbclient_machine_auth.plain \(s3dc:local\)# the S3dc does not currently set up a self-join > ^samba3.raw.samba3hide.samba3hide\((s3dc|plugin_s4_dc)\) # This test fails against an smbd environment with NT ACLs enabled > ^samba3.raw.samba3closeerr.samba3closeerr\(s3dc\) # This test fails against an smbd environment with NT ACLs enabled >-^samba3.raw.acls nfs4acl_xattr.INHERITFLAGS\(s3dc\) # This (and the follow nfs4acl_xattr tests fail because our NFSv4 backend isn't a complete mapping yet. >-^samba3.raw.acls nfs4acl_xattr.sd\(s3dc\) >-^samba3.raw.acls nfs4acl_xattr.create_file\(s3dc\) >-^samba3.raw.acls nfs4acl_xattr.create_dir\(s3dc\) >-^samba3.raw.acls nfs4acl_xattr.nulldacl\(s3dc\) >-^samba3.raw.acls nfs4acl_xattr.generic\(s3dc\) >-^samba3.raw.acls nfs4acl_xattr.inheritance\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.INHERITFLAGS\(s3dc\) # This (and the follow nfs4acl_xattr tests fail because our NFSv4 backend isn't a complete mapping yet. >+^samba3.raw.acls nfs4acl_xattr-simple.sd\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.create_file\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.create_dir\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.nulldacl\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.generic\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-simple.inheritance\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.INHERITFLAGS\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.sd\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.create_file\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.create_dir\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.nulldacl\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.generic\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.inheritance\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.inherit_creator_owner\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-special.inherit_creator_group\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.INHERITFLAGS\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.sd\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.create_file\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.create_dir\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.nulldacl\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.generic\(s3dc\) >+^samba3.raw.acls nfs4acl_xattr-specialcreator.inheritance\(s3dc\) > ^samba3.base.delete.deltest16a > ^samba3.base.delete.deltest17a > ^samba3.unix.whoami anonymous connection.whoami\(plugin_s4_dc\) # We need to resolve if we should be including SID_NT_WORLD and SID_NT_NETWORK in this token >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index 407642c..dfc7b7d 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -1082,9 +1082,22 @@ sub provision($$$$$$) > [lp] > copy = print1 > >-[nfs4acl_share] >+[nfs4acl_simple] > path = $shrdir > comment = smb username is [%U] >+ nfs4:mode = simple >+ vfs objects = $vfs_modulesdir_abs/nfs4acl_xattr.so $vfs_modulesdir_abs/xattr_tdb.so >+ >+[nfs4acl_special] >+ path = $shrdir >+ comment = smb username is [%U] >+ nfs4:mode = special >+ vfs objects = $vfs_modulesdir_abs/nfs4acl_xattr.so $vfs_modulesdir_abs/xattr_tdb.so >+ >+[nfs4acl_specialcreator] >+ path = $shrdir >+ comment = smb username is [%U] >+ nfs4:mode = specialcreator > vfs objects = $vfs_modulesdir_abs/nfs4acl_xattr.so $vfs_modulesdir_abs/xattr_tdb.so > > [xcopy_share] >diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py >index 11504c0..64da0d4 100755 >--- a/source3/selftest/tests.py >+++ b/source3/selftest/tests.py >@@ -345,7 +345,9 @@ for t in tests: > plantestsuite(t, "s3member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', '"Domain Users"', '2000001', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) > elif t == "raw.acls": > plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') >- plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_share -U$USERNAME%$PASSWORD', description='nfs4acl_xattr') >+ plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple') >+ plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_special -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-special') >+ plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_specialcreator -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-specialcreator') > plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmpcase -U$USERNAME%$PASSWORD') > else: > plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') >-- >1.7.9.5 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 9467
:
8284
|
8367
|
8368
|
8369
|
8370
|
8793
|
8824
| 8825 |
9048