Trying to read a file whose name contains, for example, a colon (:) with mangled names enabled returns NT_STATUS_OBJECT_NAME_NOT_FOUND when acl_xattr is in the vfs objects list. This is reproducible using both Windows 7/8 and smbclient. To reproduce: On a machine running Samba, in a share folder, $ touch "Colon: A filename with a colon.txt" $ smbclient //localhost/share Enter jmaggard's password: Domain=[WORKGROUP] OS=[Windows 6.1] Server=[Samba 4.2.1] smb: \> dir . D 0 Fri May 1 11:52:57 2015 .. D 0 Tue Apr 7 18:08:21 2015 C94IDU~S.TXT N 0 Fri May 1 11:12:52 2015 288184384 blocks of size 1024. 151662596 blocks available smb: \> get C94IDU~S.TXT NT_STATUS_OBJECT_NAME_NOT_FOUND opening remote file \C94IDU~S.TXT smb: \> The same test works fine without acl_xattr.
Oh, I see the problem. Thanks - need to unmangle the name before calling into the xattr VFS object...
OK, got a fix for this in testing... Will upload shortly.
Created attachment 11010 [details] git-am patchset for master. Justin please check this. Works for me. NB. This is a temp patch. The real patch will have a regression test case (I'm writing that now) plus the removal of the functions in source3/smbd/vfs.c will not be in the 4.2 and 4.1 patchset, only master (in case people have out-of-tree VFS modules that depend on these functions). Let me know if it fixes it for you. Cheers, Jeremy.
It works! Thank you Jeremy.
Ah, I've figured out the problem with the make test regression. Updated patch will follow - there are a few other places where we're splitting the unmangled name post passing into the EA and ACL calls (which are only called POST-streams path checks).
Created attachment 11011 [details] Full git-am patchset for master. Contains fixes for problems with EA and ACL pathnames when streams_depot is being used. Also contains regression test. Justin and you confirm this works for you, then I'll get into master and create the back-ports for 4.2.next and 4.1.next (which will be the same patch but minus the function removal, in case of out-of-tree VFS modules).
s/Justin and you confirm this works for you/Justin *can* you confirm this works for you/ :-).
I have tested the latest patchset against Windows 7/8 and smbclient, and all are working now. :-)
Created attachment 11018 [details] Reviewed fix that is going into master.
Created attachment 11019 [details] Updated version with the vfs_fake_acl fix.
Comment on attachment 11019 [details] Updated version with the vfs_fake_acl fix. Andreas, Here is the updated version of the patchset that now passes the raw.streams tests. Sorry for the error, it turned out to be a code path in the vfs_fake_acl module that was passing stream pathnames to XATTR calls (what I've been removing in the other code :-) and once the XATTR code was changed to stop it from filtering out the stream name it caused OBJECT_NOT_FOUND errors. vfs_fake_acl is not used in production, only in the test rig so that's why I missed it :-(. I've added the 'BUG: ' in the bugzilla URLs, and the only other change from the previous patchset was the addition of the patch: ----------------------------------------------------- s3: smbd: VFS: fake_acl module called get_full_smb_filename() with a stream path, then used the result to call XATTR functions directly. Ensure when pulling XATTR values, we don't allow a stream filename. ----------------------------------------------------- which fixed the streams tests.
Created attachment 11021 [details] git-am fix for 4.2.next. Backport from master of the fix that went in - minus the hunk that removes the vfs_stat_smb_fname() and vfs_lstat_smb_fname() calls to ensure ABI stability.
Created attachment 11022 [details] git-am fix for 4.1.next. Backport from master of the fix minus the hunk that removes the vfs_stat_smb_fname() and vfs_lstat_smb_fname() calls to ensure ABI stability and minus the regression test (4.1 test suite is less complete).
Re-assigning to Karolin for inclusion in 4.2.next, 4.1.next.
Pushed to autobuild-v4-[1|2]-test.
(In reply to Karolin Seeger from comment #15) Pushed to both branches. Closing out bug report. Thanks!