The Samba-Bugzilla – Attachment 9171 Details for
Bug 10121
masks incorrectly applied to UNIX extension permission changes.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 4.0.next and 4.1.0
mask-fix.patchset (text/plain), 5.21 KB, created by
Jeremy Allison
on 2013-08-28 23:32:49 UTC
(
hide
)
Description:
git-am fix for 4.0.next and 4.1.0
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2013-08-28 23:32:49 UTC
Size:
5.21 KB
patch
obsolete
>From 88b37ed00084eeb601de2a68b6c84d6d53badd25 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 21 Aug 2013 12:03:25 -0700 >Subject: [PATCH 1/3] Fix the erroneous masking of chmod requests via the UNIX > extensions. > >Changed from switch statement to if, as "create mask", "force create mode" >are only applied to new files, not existing ones. "directory mask", >"force directory mode" are only applied to new directories, not existing >ones. > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Simo Sorce <idra@samba.org> >(cherry picked from commit bd0156988b34feaf91c3046f7ec78f0833222395) >--- > source3/smbd/trans2.c | 18 ++++++++++-------- > 1 file changed, 10 insertions(+), 8 deletions(-) > >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index 5031442..fc31ad4 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -1451,20 +1451,22 @@ static NTSTATUS unix_perms_from_wire( connection_struct *conn, > ret |= ((perms & UNIX_SET_UID ) ? S_ISUID : 0); > #endif > >- switch (ptype) { >- case PERM_NEW_FILE: >- case PERM_EXISTING_FILE: >- /* Apply mode mask */ >+ if (ptype == PERM_NEW_FILE) { >+ /* >+ * "create mask"/"force create mode" are >+ * only applied to new files, not existing ones. >+ */ > ret &= lp_create_mask(SNUM(conn)); > /* Add in force bits */ > ret |= lp_force_create_mode(SNUM(conn)); >- break; >- case PERM_NEW_DIR: >- case PERM_EXISTING_DIR: >+ } else if (ptype == PERM_NEW_DIR) { >+ /* >+ * "directory mask"/"force directory mode" are >+ * only applied to new directories, not existing ones. >+ */ > ret &= lp_dir_mask(SNUM(conn)); > /* Add in force bits */ > ret |= lp_force_dir_mode(SNUM(conn)); >- break; > } > > *ret_perms = ret; >-- >1.8.3.1 > > >From c8956df363c3c59cfc8b5c42f7d8d3c749f86cf2 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 21 Aug 2013 12:10:05 -0700 >Subject: [PATCH 2/3] Allow UNIX extensions client to act on open fsp instead > of pathname if available. > >Eliminates possible race condition on pathname op. > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Simo Sorce <idra@samba.org> >(cherry picked from commit f1ff97fc022adaacaa23b7da250be6f7d51c6ac7) >--- > source3/smbd/trans2.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index fc31ad4..0703d21 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -7154,11 +7154,18 @@ static NTSTATUS smb_set_file_unix_basic(connection_struct *conn, > */ > > if (raw_unixmode != SMB_MODE_NO_CHANGE) { >+ int ret; >+ > DEBUG(10,("smb_set_file_unix_basic: SMB_SET_FILE_UNIX_BASIC " > "setting mode 0%o for file %s\n", > (unsigned int)unixmode, > smb_fname_str_dbg(smb_fname))); >- if (SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode) != 0) { >+ if (fsp && fsp->fh->fd != -1) { >+ ret = SMB_VFS_FCHMOD(fsp, unixmode); >+ } else { >+ ret = SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode); >+ } >+ if (ret != 0) { > return map_nt_error_from_unix(errno); > } > } >-- >1.8.3.1 > > >From f775578a112df05b3ad64558528867a11d73bb2c Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 21 Aug 2013 12:20:48 -0700 >Subject: [PATCH 3/3] Fix the UNIX extensions CHOWN calls to use FCHOWN if > available, else LCHOWN. > >UNIX extensions calls must never deref links. > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: Simo Sorce <idra@samba.org> > >Autobuild-User(master): Jeremy Allison <jra@samba.org> >Autobuild-Date(master): Mon Aug 26 20:19:46 CEST 2013 on sn-devel-104 > >(cherry picked from commit d1593a20f3a5ebf287477dfa8f5ab31dca3dd0c3) >--- > source3/smbd/trans2.c | 26 ++++++++++++++++++++------ > 1 file changed, 20 insertions(+), 6 deletions(-) > >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index 0703d21..74310c2 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -7183,12 +7183,15 @@ static NTSTATUS smb_set_file_unix_basic(connection_struct *conn, > (unsigned int)set_owner, > smb_fname_str_dbg(smb_fname))); > >- if (S_ISLNK(sbuf.st_ex_mode)) { >+ if (fsp && fsp->fh->fd != -1) { >+ ret = SMB_VFS_FCHOWN(fsp, set_owner, (gid_t)-1); >+ } else { >+ /* >+ * UNIX extensions calls must always operate >+ * on symlinks. >+ */ > ret = SMB_VFS_LCHOWN(conn, smb_fname->base_name, > set_owner, (gid_t)-1); >- } else { >- ret = SMB_VFS_CHOWN(conn, smb_fname->base_name, >- set_owner, (gid_t)-1); > } > > if (ret != 0) { >@@ -7206,12 +7209,23 @@ static NTSTATUS smb_set_file_unix_basic(connection_struct *conn, > > if ((set_grp != (uid_t)SMB_GID_NO_CHANGE) && > (sbuf.st_ex_gid != set_grp)) { >+ int ret; >+ > DEBUG(10,("smb_set_file_unix_basic: SMB_SET_FILE_UNIX_BASIC " > "changing group %u for file %s\n", > (unsigned int)set_owner, > smb_fname_str_dbg(smb_fname))); >- if (SMB_VFS_CHOWN(conn, smb_fname->base_name, (uid_t)-1, >- set_grp) != 0) { >+ if (fsp && fsp->fh->fd != -1) { >+ ret = SMB_VFS_FCHOWN(fsp, set_owner, (gid_t)-1); >+ } else { >+ /* >+ * UNIX extensions calls must always operate >+ * on symlinks. >+ */ >+ ret = SMB_VFS_LCHOWN(conn, smb_fname->base_name, (uid_t)-1, >+ set_grp); >+ } >+ if (ret != 0) { > status = map_nt_error_from_unix(errno); > if (delete_on_fail) { > SMB_VFS_UNLINK(conn, smb_fname); >-- >1.8.3.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
obnox
:
review+
Actions:
View
Attachments on
bug 10121
: 9171