The branch, v3-5-test has been updated
via f5e238c Part 5 of bugfix for #8211 - "inherit owner = yes" doesn't
interact correctly with "inherit permissions = yes" and POSIX ACLs
via 0c1b1b7 Part 4 of bugfix for #8211 - "inherit owner = yes" doesn't
interact correctly with "inherit permissions = yes" and POSIX ACLs
via d18d6df Part 3 of bugfix for #8211 - "inherit owner = yes" doesn't
interact correctly with "inherit permissions = yes" and POSIX ACLs
via 59e7781 Part 2 of bugfix for #8211 - "inherit owner = yes" doesn't
interact correctly with "inherit permissions = yes" and POSIX ACLs
via f3900b0 Part 1 of bugfix for #8211 - "inherit owner = yes" doesn't
interact correctly with "inherit permissions = yes" and POSIX ACLs
from d9ea6a1 s3:lib/access: normalize IPv4 mapped IPv6 addresses in both
directions (bug #7383)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit f5e238cbd97d63e107b64268691dff67cce8fe94
Author: Jeremy Allison <j...@samba.org>
Date: Wed Jun 8 14:37:25 2011 -0700
Part 5 of bugfix for #8211 - "inherit owner = yes" doesn't interact
correctly with "inherit permissions = yes" and POSIX ACLs
Ensure when creating a directory, if we make any changes due to inheritance
parameters, we update the stat returned.
commit 0c1b1b73870bd477c83c130cab297b7f2615fe55
Author: Jeremy Allison <j...@samba.org>
Date: Wed Jun 8 14:21:52 2011 -0700
Part 4 of bugfix for #8211 - "inherit owner = yes" doesn't interact
correctly with "inherit permissions = yes" and POSIX ACLs
We don't need to check mode bits as well as dev/ino to
ensure we're in the same place.
commit d18d6df840d3a47fa1d7b877e07f804f025811ee
Author: Jeremy Allison <j...@samba.org>
Date: Wed Jun 8 10:25:33 2011 -0700
Part 3 of bugfix for #8211 - "inherit owner = yes" doesn't interact
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new file make sure we
must have a valid stat struct before making the inheritance
calls (as they may look at it), and if we make changes we
must have a valid stat struct after them.
commit 59e77811b7774ad76e082ee9fd840a277df75c4c
Author: Jeremy Allison <j...@samba.org>
Date: Wed Jun 8 10:17:42 2011 -0700
Part 2 of bugfix for #8211 - "inherit owner = yes" doesn't interact
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new file make sure we
also change the returned stat struct to have the correct uid.
commit f3900b0a96f98cc65d957cda5f92963f636d6ec1
Author: Jeremy Allison <j...@samba.org>
Date: Wed Jun 8 10:24:02 2011 -0700
Part 1 of bugfix for #8211 - "inherit owner = yes" doesn't interact
correctly with "inherit permissions = yes" and POSIX ACLs
When changing ownership on a new directory make sure we
also change the returned stat struct to have the correct uid.
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/open.c | 71 ++++++++++++++++++++++++++++++++++----------------
1 files changed, 48 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0d585cf..aac6e9c 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -232,12 +232,15 @@ void change_file_owner_to_parent(connection_struct *conn,
"was %s\n", fsp_str_dbg(fsp),
(unsigned int)smb_fname_parent->st.st_ex_uid,
strerror(errno) ));
- }
-
- DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
+ } else {
+ DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
"parent directory uid %u.\n", fsp_str_dbg(fsp),
(unsigned int)smb_fname_parent->st.st_ex_uid));
+ /* Ensure the uid entry is updated. */
+ fsp->fsp_name->st.st_ex_uid = smb_fname_parent->st.st_ex_uid;
+ }
+
TALLOC_FREE(smb_fname_parent);
}
@@ -311,10 +314,9 @@ NTSTATUS change_dir_owner_to_parent(connection_struct
*conn,
/* Ensure we're pointing at the same place. */
if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
- smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
- smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
+ smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino) {
DEBUG(0,("change_dir_owner_to_parent: "
- "device/inode/mode on directory %s changed. "
+ "device/inode on directory %s changed. "
"Refusing to chown !\n", fname ));
status = NT_STATUS_ACCESS_DENIED;
goto chdir;
@@ -338,6 +340,9 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
"directory %s to parent directory uid %u.\n",
fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
+ /* Ensure the uid entry is updated. */
+ psbuf->st_ex_uid = smb_fname_parent->st.st_ex_uid;
+
chdir:
vfs_ChDir(conn,saved_dir);
out:
@@ -364,6 +369,7 @@ static NTSTATUS open_file(files_struct *fsp,
int accmode = (flags & O_ACCMODE);
int local_flags = flags;
bool file_existed = VALID_STAT(fsp->fsp_name->st);
+ bool file_created = false;
fsp->fh->fd = -1;
errno = EPERM;
@@ -463,23 +469,7 @@ static NTSTATUS open_file(files_struct *fsp,
}
if ((local_flags & O_CREAT) && !file_existed) {
-
- /* Inherit the ACL if required */
- if (lp_inherit_perms(SNUM(conn))) {
- inherit_access_posix_acl(conn, parent_dir,
- smb_fname->base_name,
- unx_mode);
- }
-
- /* Change the owner if required. */
- if (lp_inherit_owner(SNUM(conn))) {
- change_file_owner_to_parent(conn, parent_dir,
- fsp);
- }
-
- notify_fname(conn, NOTIFY_ACTION_ADDED,
- FILE_NOTIFY_CHANGE_FILE_NAME,
- smb_fname->base_name);
+ file_created = true;
}
} else {
@@ -589,6 +579,29 @@ static NTSTATUS open_file(files_struct *fsp,
fd_close(fsp);
return status;
}
+
+ if (file_created) {
+ /* Do all inheritance work after we've
+ done a successful stat call and filled
+ in the stat struct in fsp->fsp_name. */
+
+ /* Inherit the ACL if required */
+ if (lp_inherit_perms(SNUM(conn))) {
+ inherit_access_posix_acl(conn, parent_dir,
+ smb_fname->base_name,
+ unx_mode);
+ }
+
+ /* Change the owner if required. */
+ if (lp_inherit_owner(SNUM(conn))) {
+ change_file_owner_to_parent(conn, parent_dir,
+ fsp);
+ }
+
+ notify_fname(conn, NOTIFY_ACTION_ADDED,
+ FILE_NOTIFY_CHANGE_FILE_NAME,
+ smb_fname->base_name);
+ }
}
/*
@@ -2306,6 +2319,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn,
char *parent_dir;
NTSTATUS status;
bool posix_open = false;
+ bool need_re_stat = false;
if(!CAN_WRITE(conn)) {
DEBUG(5,("mkdir_internal: failing create on read-only share "
@@ -2360,6 +2374,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn,
if (lp_inherit_perms(SNUM(conn))) {
inherit_access_posix_acl(conn, parent_dir,
smb_dname->base_name, mode);
+ need_re_stat = true;
}
if (!posix_open) {
@@ -2374,6 +2389,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn,
SMB_VFS_CHMOD(conn, smb_dname->base_name,
(smb_dname->st.st_ex_mode |
(mode & ~smb_dname->st.st_ex_mode)));
+ need_re_stat = true;
}
}
@@ -2382,6 +2398,15 @@ static NTSTATUS mkdir_internal(connection_struct *conn,
change_dir_owner_to_parent(conn, parent_dir,
smb_dname->base_name,
&smb_dname->st);
+ need_re_stat = true;
+ }
+
+ if (need_re_stat) {
+ if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
+ DEBUG(2, ("Could not stat directory '%s' just created:
%s\n",
+ smb_fname_str_dbg(smb_dname), strerror(errno)));
+ return map_nt_error_from_unix(errno);
+ }
}
notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
--
Samba Shared Repository
