[Pkg-samba-maint] r1441 - in trunk/samba/debian: . patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Sun Jun 3 17:02:56 UTC 2007 

Author: bubulle
Date: 2007-06-03 17:02:55 +0000 (Sun, 03 Jun 2007)
New Revision: 1441

Added:
   trunk/samba/debian/patches/missing_userspace_bugzilla999.patch
Removed:
   trunk/samba/debian/patches/smbmount-unix-caps.patch
Modified:
   trunk/samba/debian/changelog
   trunk/samba/debian/patches/series
Log:
Drop smbmount-unix-caps.patch and add the missing userspace patches
to properly honor uid and gid options with 2.6 kernels
Reported as tested by Dann Frazier.
Closes: #408033


Modified: trunk/samba/debian/changelog
===================================================================
--- trunk/samba/debian/changelog	2007-06-02 10:20:26 UTC (rev 1440)
+++ trunk/samba/debian/changelog	2007-06-03 17:02:55 UTC (rev 1441)
@@ -6,6 +6,12 @@
   [ Christian Perrier ]
   * Clean out some remaining cruft that is not deleted
     by "make clean". Taken from Ubuntu patches.
+  * Add missing userspace patches to properly pass uid and gid with 2.6
+    kernels. See #408033 and upstream's #999 for rationale
+  * Drop smbmount-unix-caps.patch as workaraound for #310982 as the issue
+    is fixed in 2.4 and 2.6 kernels (2.6 kernels need
+    missing_userspace_bugzilla999.patch, though)
+    Closes: #408033
 
  -- Christian Perrier <bubulle at debian.org>  Thu, 31 May 2007 21:09:30 +0200
 

Added: trunk/samba/debian/patches/missing_userspace_bugzilla999.patch
===================================================================
--- trunk/samba/debian/patches/missing_userspace_bugzilla999.patch	                        (rev 0)
+++ trunk/samba/debian/patches/missing_userspace_bugzilla999.patch	2007-06-03 17:02:55 UTC (rev 1441)
@@ -0,0 +1,134 @@
+Goal: Userspaces fixes to properly use uid and gid options with kernel 2.6
+
+Fixes: Bugzilla #999
+
+Status wrt upstream: Not applied. Mentioned by Dann Frazier in 
+                     http://lists.samba.org/archive/samba-technical/2007-January/051069.html
+                     Jerry Carter agreed to apply but not applied yet
+
+Author: Haroldo Gamal (see https://bugzilla.samba.org/attachment.cgi?id=634&action=view)
+
+
+Index: samba-3.0.25a/source/client/smbmnt.c
+===================================================================
+--- samba-3.0.25a.orig/source/client/smbmnt.c	2007-06-03 14:45:55.284942463 +0200
++++ samba-3.0.25a/source/client/smbmnt.c	2007-06-03 18:48:17.111694949 +0200
+@@ -49,6 +49,10 @@
+ static unsigned mount_dmask;
+ static int user_mount;
+ static char *options;
++static int opt_uid = 0;
++static int opt_gid = 0; 
++static int opt_fmode = 0;
++static int opt_dmode = 0; 
+ 
+ static void
+ help(void)
+@@ -82,11 +86,13 @@
+                 case 'u':
+ 			if (!user_mount) {
+ 				mount_uid = strtol(optarg, NULL, 0);
++				opt_uid++;
+ 			}
+                         break;
+                 case 'g':
+ 			if (!user_mount) {
+ 				mount_gid = strtol(optarg, NULL, 0);
++				opt_gid++;
+ 			}
+                         break;
+ 		case 'n':
+@@ -97,9 +103,11 @@
+                         break;
+                 case 'f':
+                         mount_fmask = strtol(optarg, NULL, 8);
++                       opt_fmode++;
+                         break;
+                 case 'd':
+                         mount_dmask = strtol(optarg, NULL, 8);
++                       opt_dmode++;
+                         break;
+ 		case 'o':
+ 			options = optarg;
+@@ -182,9 +190,17 @@
+ 		data2 = (char *) data;
+ 	}
+ 
+-	slprintf(opts, sizeof(opts)-1,
+-		 "version=7,uid=%d,gid=%d,file_mode=0%o,dir_mode=0%o,%s",
+-		 mount_uid, mount_gid, data->file_mode, data->dir_mode,options);
++	slprintf(opts, sizeof(opts)-1, "version=7,");
++	if (opt_uid) 
++		slprintf(opts+strlen(opts), sizeof(opts)-strlen(opts)-1, "uid=%d,", mount_uid);
++	if (opt_gid) 
++		slprintf(opts+strlen(opts), sizeof(opts)-strlen(opts)-1, "gid=%d,", mount_gid);
++	if (opt_fmode) 
++		slprintf(opts+strlen(opts), sizeof(opts)-strlen(opts)-1, "file_mode=%d,", data->file_mode);
++	if (opt_dmode) 
++		slprintf(opts+strlen(opts), sizeof(opts)-strlen(opts)-1, "dir_mode=%d,", data->dir_mode);
++	slprintf(opts+strlen(opts), sizeof(opts)-strlen(opts)-1, "%s",options);
++
+ 	if (mount(share_name, ".", "smbfs", flags, data1) == 0)
+ 		return 0;
+ 	return mount(share_name, ".", "smbfs", flags, data2);
+Index: samba-3.0.25a/source/client/smbmount.c
+===================================================================
+--- samba-3.0.25a.orig/source/client/smbmount.c	2007-06-03 14:45:55.284942463 +0200
++++ samba-3.0.25a/source/client/smbmount.c	2007-06-03 18:45:36.618010848 +0200
+@@ -43,6 +43,10 @@
+ static int smb_port = 0;
+ static BOOL got_user;
+ static BOOL got_pass;
++static BOOL use_uid = 0;
++static BOOL use_gid = 0;
++static BOOL use_fmask = 0;
++static BOOL use_dmask = 0;
+ static uid_t mount_uid;
+ static gid_t mount_gid;
+ static int mount_ro;
+@@ -484,22 +488,22 @@
+ 	if (mount_ro) {
+ 		args[i++] = "-r";
+ 	}
+-	if (mount_uid) {
++	if (use_uid) {
+ 		slprintf(tmp, sizeof(tmp)-1, "%d", mount_uid);
+ 		args[i++] = "-u";
+ 		args[i++] = smb_xstrdup(tmp);
+ 	}
+-	if (mount_gid) {
++	if (use_gid) {
+ 		slprintf(tmp, sizeof(tmp)-1, "%d", mount_gid);
+ 		args[i++] = "-g";
+ 		args[i++] = smb_xstrdup(tmp);
+ 	}
+-	if (mount_fmask) {
++	if (use_fmask) {
+ 		slprintf(tmp, sizeof(tmp)-1, "0%o", mount_fmask);
+ 		args[i++] = "-f";
+ 		args[i++] = smb_xstrdup(tmp);
+ 	}
+-	if (mount_dmask) {
++	if (use_dmask) {
+ 		slprintf(tmp, sizeof(tmp)-1, "0%o", mount_dmask);
+ 		args[i++] = "-d";
+ 		args[i++] = smb_xstrdup(tmp);
+@@ -801,14 +805,18 @@
+ 				pstrcpy(my_netbios_name,opteq+1);
+ 			} else if(!strcmp(opts, "uid")) {
+ 				mount_uid = nametouid(opteq+1);
++				use_uid++;
+ 			} else if(!strcmp(opts, "gid")) {
+ 				mount_gid = nametogid(opteq+1);
++				use_gid++;
+ 			} else if(!strcmp(opts, "port")) {
+ 				smb_port = val;
+ 			} else if(!strcmp(opts, "fmask")) {
+ 				mount_fmask = strtol(opteq+1, NULL, 8);
++				use_fmask++;
+ 			} else if(!strcmp(opts, "dmask")) {
+ 				mount_dmask = strtol(opteq+1, NULL, 8);
++				use_dmask++;
+ 			} else if(!strcmp(opts, "debug")) {
+ 				DEBUGLEVEL = val;
+ 			} else if(!strcmp(opts, "ip")) {

Modified: trunk/samba/debian/patches/series
===================================================================
--- trunk/samba/debian/patches/series	2007-06-02 10:20:26 UTC (rev 1440)
+++ trunk/samba/debian/patches/series	2007-06-03 17:02:55 UTC (rev 1441)
@@ -7,16 +7,14 @@
 non-linux-ports.patch
 pam-examples.patch
 README_nosmbldap-tools.patch
-hide_password_length.patch
 samba.patch
-no_smbmount_symlink.patch
 smbclient-pager.patch
 smbmount-mtab-flags.patch
 smbmount-nomtab.patch
-smbmount-unix-caps.patch
 smbstatus-locking.patch
 undefined-symbols.patch
 VERSION.patch
 adapt_machine_creation_script.patch
 autoconf.patch
 python-examples.patch
+missing_userspace_bugzilla999.patch

Deleted: trunk/samba/debian/patches/smbmount-unix-caps.patch
===================================================================
--- trunk/samba/debian/patches/smbmount-unix-caps.patch	2007-06-02 10:20:26 UTC (rev 1440)
+++ trunk/samba/debian/patches/smbmount-unix-caps.patch	2007-06-03 17:02:55 UTC (rev 1441)
@@ -1,46 +0,0 @@
-Goal: respect requests for uid-flattening mount options by disabling Unix permissions handling in the kernel driver
-
-Fixes: #310982
-
-Status wrt upstream: Forwarded on 2007/05/30
-
-Author: Unknown
-
-Note: Part of no-longer maintained smbfs stuff
-
-This patch is the stopgap that was implemented immediately prior to the
-sarge release in response to the security issue with the kernel ignoring
-uid,gid mount options when the server supported unix capabilities.  The
-corresponding changelog entry was:
-
- samba (3.0.14a-4) unstable; urgency=high
-
-   [...]
-   * Patch smbmount to strip CAP_UNIX out of the capabilities passed to
-     the kernel when uid, gid, dmask, or fmask options have been
-     specified; this keeps the mount permissions from changing out from
-     under the user when upgrading to a server (or to a kernel) that
-     supports unix extensions.  Closes: #310982.
-   [...]
-
-This issue has since been resolved in the kernel.  The patch should not be
-included upstream in Samba, and should be dropped from the Debian packages
-as well just as soon as someone has time for testing it (or, y'know, as soon
-as we stop shipping mount.smbfs altogether).
-
-
-Index: samba-3.0.25a/source/client/smbmount.c
-===================================================================
---- samba-3.0.25a.orig/source/client/smbmount.c	2007-05-26 07:46:33.884647544 +0200
-+++ samba-3.0.25a/source/client/smbmount.c	2007-05-26 07:46:34.272650637 +0200
-@@ -213,6 +213,10 @@
-   		c->capabilities &= ~CAP_STATUS32;
- 		c->force_dos_errors = True;
- 	}
-+	/* For now, respect requests for uid-flattening mount options
-+	   by disabling Unix permissions handling in the kernel driver */
-+	if (mount_uid || mount_gid || mount_fmask || mount_dmask)
-+		c->capabilities &= ~CAP_UNIX;
- 
- 	if (!NT_STATUS_IS_OK(cli_session_setup(c, username, 
- 					       password, strlen(password),

More information about the Pkg-samba-maint mailing list