The branch, v4-21-test has been updated
via 1f24b3ff23f sharesec: Check if share exists in configuration
via 22b7b4bd728 sharesec: Add function to check existence of share from
config
via 2588668e44b param: Add API to load registry without share info
via a564f5dbad8 sharesec: Fix warning frame not freed in order
via 087972fded9 s3-sharesec: Add Test to verify command option
"--view-all"
from 816f312a7fa s4:rpc_server/lsa: let LookupSids* behave like Windows
2022/2025
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-21-test
- Log -----------------------------------------------------------------
commit 1f24b3ff23f4997a1d9b6933a82019319d86c448
Author: Vinit Agnihotri <[email protected]>
Date: Tue Dec 3 11:21:09 2024 +0530
sharesec: Check if share exists in configuration
Load config from registry without share info and check if sharename
exists from configuration. This results into lesser delay for the same.
In case of view we load config with all shares to ensure we get all
shares for diplay purpose.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780
Signed-off-by: Vinit Agnihotri <[email protected]>
Reviewed-by: John Mulligan <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
Autobuild-User(master): Günther Deschner <[email protected]>
Autobuild-Date(master): Fri Jan 10 10:45:30 UTC 2025 on atb-devel-224
(cherry picked from commit 1410803713440caf29a40aec30516489d1944665)
Autobuild-User(v4-21-test): Jule Anger <[email protected]>
Autobuild-Date(v4-21-test): Wed Feb 5 10:43:01 UTC 2025 on atb-devel-224
commit 22b7b4bd728071916e24854e34d1b3a90f37ab95
Author: Vinit Agnihotri <[email protected]>
Date: Tue Dec 3 11:19:09 2024 +0530
sharesec: Add function to check existence of share from config
Add function to detect if a share name exists in the registry or config
file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780
Signed-off-by: Vinit Agnihotri <[email protected]>
Reviewed-by: John Mulligan <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
(cherry picked from commit 78eb293e1cdd3635de0bcf46ffb9d842f27bcc9f)
commit 2588668e44b2dcb6d59e0fd52cc968ea08d4d8a7
Author: Vinit Agnihotri <[email protected]>
Date: Tue Dec 3 11:12:34 2024 +0530
param: Add API to load registry without share info
As number of shares increases loading entire registry configuration along
with
share information becomes very costly operation.
Since we may not require share information all time, we can optimise
this by using API just loading configuration without any share info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780
Signed-off-by: Vinit Agnihotri <[email protected]>
Reviewed-by: John Mulligan <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
(cherry picked from commit 2927dba0434b960e4c381329bdc9fe474fb930ce)
commit a564f5dbad8930e55fcd5e68ade92f63147a07a3
Author: Vinit Agnihotri <[email protected]>
Date: Thu Dec 12 19:05:24 2024 +0530
sharesec: Fix warning frame not freed in order
This change should fix following warning:
Freed frame ../../source3/utils/sharesec.c:515, expected
../../source3/utils/sharesec.c:637
Frame was not getting freed in case of servicename is NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780
Signed-off-by: Vinit Agnihotri <[email protected]>
Reviewed-by: John Mulligan <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
(cherry picked from commit 04531e1b1d25d114c470922547bee769b07e5e60)
commit 087972fded9d051e49f760e6e358ea4a2316c34e
Author: Guenther Deschner <[email protected]>
Date: Wed Dec 11 15:33:47 2024 +0530
s3-sharesec: Add Test to verify command option "--view-all"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780
Signed-off-by: Guenther Deschner <[email protected]>
Signed-off-by: Vinit Agnihotri <[email protected]>
Reviewed-by: John Mulligan <[email protected]>
(cherry picked from commit 0a12254ea8b3414deebc3e6329025052c650356e)
-----------------------------------------------------------------------
Summary of changes:
source3/param/loadparm.c | 11 +++++
source3/param/loadparm.h | 1 +
source3/script/tests/test_sharesec.sh | 8 ++++
source3/utils/sharesec.c | 88 ++++++++++++++++++++++++++++++++---
4 files changed, 102 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index f9bc1c42796..9d8890698f4 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4291,6 +4291,17 @@ bool lp_load_with_registry_shares(const char *pszFname)
true); /* load_all_shares*/
}
+bool lp_load_with_registry_without_shares(const char *pszFname)
+{
+ return lp_load_ex(pszFname,
+ false, /* global_only */
+ true, /* save_defaults */
+ false, /* add_ipc */
+ true, /* reinit_globals */
+ true, /* allow_include_registry */
+ false); /* load_all_shares*/
+}
+
/***************************************************************************
Return the max number of services.
***************************************************************************/
diff --git a/source3/param/loadparm.h b/source3/param/loadparm.h
index e8f06ddbc2c..2900e3b16bb 100644
--- a/source3/param/loadparm.h
+++ b/source3/param/loadparm.h
@@ -163,6 +163,7 @@ bool lp_load_global_no_reinit(const char *file_name);
bool lp_load_no_reinit(const char *file_name);
bool lp_load_client_no_reinit(const char *file_name);
bool lp_load_with_registry_shares(const char *pszFname);
+bool lp_load_with_registry_without_shares(const char *pszFname);
int lp_numservices(void);
void lp_dump(FILE *f, bool show_defaults, int maxtoprint);
void lp_dump_one(FILE * f, bool show_defaults, int snum);
diff --git a/source3/script/tests/test_sharesec.sh
b/source3/script/tests/test_sharesec.sh
index a083a56545a..b44ffcb4d58 100755
--- a/source3/script/tests/test_sharesec.sh
+++ b/source3/script/tests/test_sharesec.sh
@@ -137,4 +137,12 @@ testit "Check for default ACL" \
test "$ACL" = "ACL:S-1-1-0:ALLOWED/0x0/FULL" ||
failed=$(expr $failed + 1)
+testit "Create 2nd share" $NET_CMD conf addshare tmp_share2 /tmp ||
+ failed=$(expr $failed + 1)
+COUNT=$($CMD --view-all | grep ACL: | sed -e 's/^ACL://' | wc -l)
+testit "Verify standard ACL counts" test $COUNT -gt 2 ||
+ failed=$(expr $failed + 1)
+testit "Delete share" $NET_CMD conf delshare tmp_share2 ||
+ failed=$(expr $failed + 1)
+
testok $0 $failed
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index 417572954c8..47182894a66 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -31,6 +31,8 @@ struct cli_state;
#include "cmdline_contexts.h"
#include "lib/util/string_wrappers.h"
#include "lib/param/param.h"
+#include "lib/smbconf/smbconf.h"
+#include "lib/smbconf/smbconf_init.h"
static TALLOC_CTX *ctx;
@@ -316,6 +318,80 @@ static int view_sharesec_sddl(const char *sharename)
return 0;
}
+static bool registry_share(const char *sharename)
+{
+ sbcErr err;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+ struct smbconf_ctx *conf_ctx;
+ bool ret_status = true;
+
+ err = smbconf_init(mem_ctx, &conf_ctx, "registry:");
+ if (!SBC_ERROR_IS_OK(err)) {
+ DEBUG(0, ("Unable to init smbconf registry. Err:%s\n",
+ sbcErrorString(err)));
+ ret_status = false;
+ goto out;
+ }
+
+ if(!smbconf_share_exists(conf_ctx, sharename)) {
+ ret_status = false;
+ goto done;
+ }
+done:
+ smbconf_shutdown(conf_ctx);
+out:
+ talloc_free(mem_ctx);
+ return ret_status;
+}
+
+static bool txt_share(const char *sharename)
+{
+ sbcErr err;
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+ struct smbconf_ctx *conf_ctx;
+ bool ret_status = true;
+ char *fconf_path;
+
+ fconf_path = talloc_asprintf(mem_ctx, "file:%s", get_dyn_CONFIGFILE());
+ if (fconf_path == NULL) {
+ DEBUG(0, ("Not enough memory for conf file path"));
+ ret_status = false;
+ goto out;
+ }
+
+ err = smbconf_init(mem_ctx, &conf_ctx, fconf_path);
+ if (!SBC_ERROR_IS_OK(err)) {
+ DEBUG(0, ("Unable to init smbconf file. Err:%s\n",
+ sbcErrorString(err)));
+ ret_status = false;
+ goto out;
+ }
+
+ if(!smbconf_share_exists(conf_ctx, sharename)) {
+ ret_status = false;
+ goto done;
+ }
+done:
+ smbconf_shutdown(conf_ctx);
+out:
+ talloc_free(mem_ctx);
+ return ret_status;
+}
+
+static bool share_exists(const char *sharename)
+{
+ bool ret_status = false;
+
+ if ((lp_config_backend() == CONFIG_BACKEND_REGISTRY) ||
+ (lp_registry_shares() == true))
+ ret_status = registry_share(sharename);
+
+ if (!ret_status) {
+ ret_status = txt_share(sharename);
+ }
+ return ret_status;
+}
+
/********************************************************************
main program
********************************************************************/
@@ -333,7 +409,6 @@ int main(int argc, const char *argv[])
static char *the_acl = NULL;
fstring sharename;
bool force_acl = False;
- int snum;
poptContext pc;
bool initialize_sid = False;
bool ok;
@@ -528,7 +603,10 @@ int main(int argc, const char *argv[])
setlinebuf(stdout);
- lp_load_with_registry_shares(get_dyn_CONFIGFILE());
+ if (mode == SMB_ACL_VIEW_ALL)
+ lp_load_with_registry_shares(get_dyn_CONFIGFILE());
+ else
+ lp_load_with_registry_without_shares(get_dyn_CONFIGFILE());
/* check for initializing secrets.tdb first */
@@ -555,7 +633,6 @@ int main(int argc, const char *argv[])
if (mode == SMB_ACL_VIEW_ALL) {
int i;
-
for (i=0; i<lp_numservices(); i++) {
TALLOC_CTX *frame = talloc_stackframe();
const struct loadparm_substitution *lp_sub =
@@ -563,6 +640,7 @@ int main(int argc, const char *argv[])
const char *service = lp_servicename(frame, lp_sub, i);
if (service == NULL) {
+ TALLOC_FREE(frame);
continue;
}
@@ -584,9 +662,7 @@ int main(int argc, const char *argv[])
fstrcpy(sharename, poptGetArg(pc));
- snum = lp_servicenumber( sharename );
-
- if ( snum == -1 && !force_acl ) {
+ if (!share_exists(sharename)) {
fprintf( stderr, "Invalid sharename: %s\n", sharename);
retval = -1;
goto done;
--
Samba Shared Repository
