With shadow:snapdirseverywhere=true and a snapshot directory that * is a subdirectory of a share * and that contains a snapshot directory we fail the symlink check in the new function non_widelink_open() because parent_dirname() cuts off the subdirectory name leaving only the @GMT stanza which is then interpreted by the called functions as being relative to the parent directory which it isn't. The simplest fix as far as I can see is to leverage the fact that (given the system defines O_DIRECTORY) we know when we're called for a directory, so we can just directly chdir() into the path passed by the caller. The subsequent security check done in check_reduced_name() should continue to work with this change.
Btw, have patch and test, need bugnumber...
Created attachment 13350 [details] Patch for 4.5 cherry-picked from master
Created attachment 13351 [details] Patch for 4.6 cherry-picked from master
Created attachment 13352 [details] Patch for 4.7 cherry-picked from master
Re-assigning to Karolin for inclusion in 4.7.0, 4.6.next, 4.5.next.
Pushed to autobuild-v4-{5,6,7}-test
(In reply to Stefan Metzmacher from comment #6) Pushed to v4-{5,6,7}. Should we also push that to v4-4, so that the next security release also picks it up? As this fixes a regression introduced by a security release.
Created attachment 13381 [details] Patch for 4.4 cherry-picked from master, ommitting test
(In reply to Stefan Metzmacher from comment #7) Yes, I think fixing in 4.4.x is appropriate here.
(In reply to Jeremy Allison from comment #9) Pushed to autobuild-v4-4-test.
(In reply to Karolin Seeger from comment #10) Pushed to all branches. Closing out bug report. Thanks!