The branch, master has been updated via 77eb8e0 vfs_offline: add documentation via b3f3ffe vfs_offline: add a blackbox test via b37ecbd vfs_offline: add vfs_offline module via 89940f3 s3: rpcclient: Prevent null ptr access by returning error if no creds available via e8fab02 s3: winbind: Prevent null ptr access by returning error if no creds available from aa3cc0b s3: smbd: If EA's are turned off on a share don't allow an SMB2 create containing them.
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 77eb8e0a4b83d46d854337dbf4f6ace76d557e85 Author: Uri Simchoni <u...@samba.org> Date: Wed Nov 4 21:18:20 2015 +0200 vfs_offline: add documentation Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Nov 5 01:22:48 CET 2015 on sn-devel-104 commit b3f3ffe35d50886cce730b6f78ed22e1e62959a1 Author: Uri Simchoni <u...@samba.org> Date: Wed Nov 4 12:06:03 2015 +0200 vfs_offline: add a blackbox test Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b37ecbd06d7a625d6889a9e8eaa66c807bb2a839 Author: Uri Simchoni <u...@samba.org> Date: Wed Nov 4 08:44:29 2015 +0200 vfs_offline: add vfs_offline module This module marks all file in the share as offline. It can be useful for shares mounted on top of a remote file system (either through a samba VFS module or via FUSE). Offline files change the behavior of Windows explorer, and prevent it from peeking inside folders just for the sake of drawing a nice icon of them. This greatly reduces the number of requests Windows Explorer makes, and improves user experience when dealing with remote file systems. The offline bit also has an effect on the behavior of Windows redirector. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 89940f39c6d2db03b3a468942d686e762f126f9f Author: Noel Power <noel.po...@suse.com> Date: Mon Nov 2 09:59:12 2015 +0000 s3: rpcclient: Prevent null ptr access by returning error if no creds available Prevent rpccli_netlogon_password_logon being called with 'NULL' credentials. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11569 Signed-off-by: Noel Power <noel.po...@suse.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit e8fab02773892812f563eea7098847618df76e1b Author: Noel Power <noel.po...@suse.com> Date: Thu Oct 22 12:37:17 2015 +0100 s3: winbind: Prevent null ptr access by returning error if no creds available Prevent rpccli_netlogon_network_logon/rpccli_netlogon_password_logon being called with 'NULL' credentials BUG: https://bugzilla.samba.org/show_bug.cgi?id=11569 Signed-off-by: Noel Power <noel.po...@suse.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: .../{vfs_dirsort.8.xml => vfs_offline.8.xml} | 31 +++++++------- docs-xml/wscript_build | 1 + selftest/target/Samba3.pm | 6 +++ source3/modules/vfs_offline.c | 47 ++++++++++++++++++++++ source3/modules/wscript_build | 7 ++++ source3/rpcclient/cmd_netlogon.c | 5 +++ source3/script/tests/test_offline.sh | 33 +++++++++++++++ source3/selftest/tests.py | 1 + source3/winbindd/winbindd_pam.c | 7 +++- source3/wscript | 2 +- 10 files changed, 123 insertions(+), 17 deletions(-) copy docs-xml/manpages/{vfs_dirsort.8.xml => vfs_offline.8.xml} (53%) create mode 100644 source3/modules/vfs_offline.c create mode 100755 source3/script/tests/test_offline.sh Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_dirsort.8.xml b/docs-xml/manpages/vfs_offline.8.xml similarity index 53% copy from docs-xml/manpages/vfs_dirsort.8.xml copy to docs-xml/manpages/vfs_offline.8.xml index 7f26cf4..5a702b6 100644 --- a/docs-xml/manpages/vfs_dirsort.8.xml +++ b/docs-xml/manpages/vfs_offline.8.xml @@ -1,24 +1,24 @@ <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> -<refentry id="vfs_dirsort.8"> +<refentry id="vfs_offline.8"> <refmeta> - <refentrytitle>vfs_dirsort</refentrytitle> + <refentrytitle>vfs_offline</refentrytitle> <manvolnum>8</manvolnum> <refmiscinfo class="source">Samba</refmiscinfo> <refmiscinfo class="manual">System Administration tools</refmiscinfo> - <refmiscinfo class="version">4.3</refmiscinfo> + <refmiscinfo class="version">4.4</refmiscinfo> </refmeta> <refnamediv> - <refname>vfs_dirsort</refname> - <refpurpose>Sort directory contents</refpurpose> + <refname>vfs_offline</refname> + <refpurpose>Mark all files as offline</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> - <command>vfs objects = dirsort</command> + <command>vfs objects = offline</command> </cmdsynopsis> </refsynopsisdiv> @@ -29,22 +29,25 @@ <citerefentry><refentrytitle>samba</refentrytitle> <manvolnum>7</manvolnum></citerefentry> suite.</para> - <para>The <command>vfs_dirsort</command> module sorts directory - entries alphabetically before sending them to the client.</para> + <para>The <command>vfs_offline</command> module marks all files + in the share as having the offline DOS attribute.</para> - <para>Please be aware that adding this module might have negative - performance implications for large directories.</para> + <para>Files with the offline DOS attribute are handled differently + by the Windows SMB client, as well as by Windows Explorer. In + particular, Windows Explorer does not read those files for the sole + purpose of drawing a thumbnail, as it normally does. This can + improve user experience with some remote file systems.</para> </refsect1> <refsect1> <title>EXAMPLES</title> - <para>Sort directories for all shares:</para> + <para>Mark all files in a share as offline:</para> <programlisting> - <smbconfsection name="[global]"/> - <smbconfoption name="vfs objects">dirsort</smbconfoption> + <smbconfsection name="[remote]"/> + <smbconfoption name="vfs objects">offline</smbconfoption> </programlisting> </refsect1> @@ -52,7 +55,7 @@ <refsect1> <title>VERSION</title> - <para>This man page is correct for version 3.3 of the Samba suite. + <para>This man page is correct for version 4.4 of the Samba suite. </para> </refsect1> diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index 568eba1..b327a3e 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -68,6 +68,7 @@ manpages=''' manpages/vfs_linux_xfs_sgid.8 manpages/vfs_media_harmony.8 manpages/vfs_netatalk.8 + manpages/vfs_offline.8 manpages/vfs_prealloc.8 manpages/vfs_preopen.8 manpages/vfs_readahead.8 diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index f66aea7..281ac3c 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -594,6 +594,9 @@ sub setup_fileserver($$) my $valid_users_sharedir="$share_dir/valid_users"; push(@dirs,$valid_users_sharedir); + my $offline_sharedir="$share_dir/offline"; + push(@dirs,$offline_sharedir); + my $fileserver_options = " [lowercase] path = $lower_case_share_dir @@ -616,6 +619,9 @@ sub setup_fileserver($$) [valid-users-access] path = $valid_users_sharedir valid users = +userdup +[offline] + path = $offline_sharedir + vfs objects = offline "; my $vars = $self->provision($path, diff --git a/source3/modules/vfs_offline.c b/source3/modules/vfs_offline.c new file mode 100644 index 0000000..5921f43 --- /dev/null +++ b/source3/modules/vfs_offline.c @@ -0,0 +1,47 @@ +/* + Unix SMB/CIFS implementation. + Samba VFS module for marking all files as offline. + + (c) Uri Simchoni, 2015 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +static uint32_t offline_fs_capabilities(struct vfs_handle_struct *handle, + enum timestamp_set_resolution *p_ts_res) +{ + return SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res) | + FILE_SUPPORTS_REMOTE_STORAGE; +} + +static bool offline_is_offline(struct vfs_handle_struct *handle, + const struct smb_filename *fname, + SMB_STRUCT_STAT *stbuf) +{ + return true; +} + +static struct vfs_fn_pointers offline_fns = { + .fs_capabilities_fn = offline_fs_capabilities, + .is_offline_fn = offline_is_offline, +}; + +NTSTATUS vfs_offline_init(void); +NTSTATUS vfs_offline_init(void) +{ + return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "offline", + &offline_fns); +} diff --git a/source3/modules/wscript_build b/source3/modules/wscript_build index fef412a..be1de50 100644 --- a/source3/modules/wscript_build +++ b/source3/modules/wscript_build @@ -499,3 +499,10 @@ bld.SAMBA3_MODULE('vfs_vxfs', init_function='', internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_vxfs'), enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_vxfs')) + +bld.SAMBA3_MODULE('vfs_offline', + subsystem='vfs', + source='vfs_offline.c', + init_function='', + internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_offline'), + enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_offline')) diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 0a8ab20..744361c 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -800,6 +800,11 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli, if (argc == 6) sscanf(argv[5], "%x", &logon_param); + if (rpcclient_netlogon_creds == NULL) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + /* Perform the sam logon */ result = rpccli_netlogon_password_logon(rpcclient_netlogon_creds, diff --git a/source3/script/tests/test_offline.sh b/source3/script/tests/test_offline.sh new file mode 100755 index 0000000..fbc071a --- /dev/null +++ b/source3/script/tests/test_offline.sh @@ -0,0 +1,33 @@ +#!/bin/sh +# +# Blackbox test for shadow_copy2 VFS. +# +if [ $# -lt 7 ]; then +cat <<EOF +Usage: test_offline SERVER SERVER_IP DOMAIN USERNAME PASSWORD WORKDIR SMBCLIENT +EOF +exit 1; +fi + +SERVER=${1} +SERVER_IP=${2} +DOMAIN=${3} +USERNAME=${4} +PASSWORD=${5} +WORKDIR=${6} +SMBCLIENT=${7} +shift 7 +SMBCLIENT="$VALGRIND ${SMBCLIENT}" +ADDARGS="$*" + +incdir=`dirname $0`/../../../testprogs/blackbox +. $incdir/subunit.sh + +touch $WORKDIR/foo + +failed=0 + +attribs=`$SMBCLIENT -U$USERNAME%$PASSWORD "//$SERVER/offline" -I $SERVER_IP -c "allinfo foo" | sed -n 's/^attributes:.*(\([^)]*\)).*/\1/p'` +testit "file has offline attribute" test "x$attribs" = "x1000" || failed=`expr $failed + 1` + +exit $failed diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 048675a..9c68943 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -178,6 +178,7 @@ for env in ["fileserver"]: plantestsuite("samba3.blackbox.preserve_case (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_preserve_case.sh"), '$SERVER', '$DOMAIN', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3]) plantestsuite("samba3.blackbox.dfree_command (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_dfree_command.sh"), '$SERVER', '$DOMAIN', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3]) plantestsuite("samba3.blackbox.valid_users (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_valid_users.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3]) + plantestsuite("samba3.blackbox.offline (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_offline.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$USERNAME', '$PASSWORD', '$LOCAL_PATH/offline', smbclient3]) # # tar command tests diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 0ea146b..78b2625 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1379,8 +1379,11 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, return result; } netr_attempts = 0; - - if (interactive && username != NULL && password != NULL) { + if (domain->conn.netlogon_creds == NULL) { + DBG_NOTICE("No security credentials available for " + "domain [%s]\n", domainname); + result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } else if (interactive && username != NULL && password != NULL) { result = rpccli_netlogon_password_logon(domain->conn.netlogon_creds, netlogon_pipe->binding_handle, mem_ctx, diff --git a/source3/wscript b/source3/wscript index 3118f59..092d8fa 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1604,7 +1604,7 @@ main() { vfs_smb_traffic_analyzer vfs_preopen vfs_catia vfs_media_harmony vfs_unityed_media vfs_fruit vfs_shell_snap vfs_commit vfs_worm vfs_crossrename vfs_linux_xfs_sgid - vfs_time_audit + vfs_time_audit vfs_offline ''')) default_shared_modules.extend(TO_LIST('auth_script idmap_tdb2 idmap_script')) # these have broken dependencies -- Samba Shared Repository