Bug 15571 - openat_pathref_fsp_nosymlink() relies on platform specific O_SEARCH behaviour
Summary: openat_pathref_fsp_nosymlink() relies on platform specific O_SEARCH behaviour
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.19.4
Hardware: All Solaris
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
Depends on:
Reported: 2024-02-07 06:52 UTC by Jonathan Matthew
Modified: 2024-02-09 00:05 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Jonathan Matthew 2024-02-07 06:52:31 UTC
When iterating through a directory, smbd_dirptr_get_entry() calls openat_pathref_fsp_nosymlink() on all directory entries, including files and subdirectories.  It's expected to create some sort of file descriptor for the directory entry, regardless of file permissions, so it uses O_PATH if available, which does this properly, and it tries O_SEARCH if that isn't available.

On some platforms (FreeBSD and AIX at least), O_SEARCH is ignored if the path specified to openat() doesn't identify a directory, so it presumably works there.  On others (Solaris/Illumos at least), openat() will return ENOTDIR unless the path identifies a directory.  This means smbd_dirptr_get_entry() will only return entries for directories, so clients cannot see any files.

Additionally, on Illumos at least, the ENOTDIR return in the openat() syscall happens after a call to VOP_ACCESS(), which in the case of O_SEARCH will check if the process has execute permission on the target file, so openat(fd, path, O_SEARCH) will actually return EACCES if the process doesn't have execute permission, and ENOTDIR if it does.

If there's any information I can provide to clarify what's going on here, I can certainly try to.
Comment 1 Volker Lendecke 2024-02-07 07:06:05 UTC
Can you try version 4.20rc1? That code has changed there.
Comment 2 Jonathan Matthew 2024-02-09 00:05:37 UTC
This does appear to work properly in 4.20.0rc1, thanks.