Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41client: Patch for Unix_User+<uid>/Unix_Group+<gid> support in |map_sid2nfs4ace_who()|+misc, 2024-07-03
Posted by Anonymous on Wed 3rd Jul 2024 18:05
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
From e9a4027f2b9dcb21f5743c1cef30e5acede16db6 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Wed, 3 Jul 2024 17:46:09 +0200 Subject: [PATCH 1/2] cygwin: Implement Unix_User+<uid> and Unix_Group+<gid> support in |map_nfs4ace_who()| /usr/bin/patch failed patching a file, complaining that it cannot change the group of it's temporary file. This happened because Cygwin is generating Unix_Group+<gid> SIDs based on the Nfs3Attr EA |gid|, instead of taking the native SID returned by Windows. And some tools like patch(1) end-up just copying that SID, which our |map_nfs4ace_who()| did not support. Implementing Unix_User+<uid> and Unix_Group+<gid> support in |map_nfs4ace_who()| fixes this. See https://github.com/kofemann/ms-nfs41-client/issues/16 Fixes: Issue #16 Reported-by: Mark Liam Brown <brownmarkliam@gmail.com> Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/acl.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++ daemon/sid.h | 4 ++++ 2 files changed, 71 insertions(+) diff --git a/daemon/acl.c b/daemon/acl.c index 3ab4bf8..02f08b2 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -980,11 +980,78 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o * SIDs */ case ERROR_NONE_MAPPED: + /* + * This can happen for two reasons: + * 1. Someone copied a file from a NFS(v3) filesystem, + * and Cygwin generated an Unix_User+<uid> or + * Unix_Group+<gid> SID for the source file, which + * tools like Cygwin cp(1) just copy. + * 2. We have an uid/gid for which we do not have + * a user-/group-name mapped. + */ +#ifdef NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID + /* fixme: This should be a function argument */ + extern nfs41_daemon_globals nfs41_dg; + + uid_t unixuser_uid = ~0U; + gid_t unixgroup_gid = ~0U; + + if (unixuser_sid2uid(sid, &unixuser_uid)) { + if (!nfs41_idmap_uid_to_name(nfs41_dg.idmapper, + unixuser_uid, who_out, UNLEN)) { + who_size = (DWORD)strlen(who_out); + sid_type = SidTypeUser; + status = ERROR_SUCCESS; + + DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + "Unix_User+%d SID " + "mapped to user '%s'\n", + unixuser_uid, who_out)); + goto add_domain; + } + + eprintf("map_nfs4ace_who: " + "unixuser_sid2uid(sid='%s',unixuser_uid=%d) " + "returned no mapping.\n", + sidstr, (int)unixuser_uid); + goto err_none_mapped; + } + + if (unixgroup_sid2gid(sid, &unixgroup_gid)) { + if (!nfs41_idmap_gid_to_group(nfs41_dg.idmapper, + unixgroup_gid, who_out, GNLEN)) { + who_size = (DWORD)strlen(who_out); + sid_type = SidTypeGroup; + status = ERROR_SUCCESS; + + DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + "Unix_Group+%d SID " + "mapped to group '%s'\n", + unixgroup_gid, who_out)); + goto add_domain; + } + + eprintf("map_nfs4ace_who: " + "unixgroup_sid2gid(sid='%s',unixgroup_gid=%d) " + "returned no mapping.\n", + sidstr, (int)unixgroup_gid); + goto err_none_mapped; + } + + eprintf("map_nfs4ace_who: LookupAccountSidA() " + "returned ERROR_NONE_MAPPED+no " + "Unix_@(User|Group)+ mapping for sidstr='%s'\n", + sidstr); +err_none_mapped: + status = ERROR_NONE_MAPPED; +#else DPRINTF(ACLLVL2, ("map_nfs4ace_who: LookupAccountSidA() " "returned ERROR_NONE_MAPPED for sidstr='%s'\n", sidstr)); status = lasterr; goto out; +#endif /* NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID */ + /* Catch other cases */ case ERROR_NO_SUCH_USER: case ERROR_NO_SUCH_GROUP: diff --git a/daemon/sid.h b/daemon/sid.h index d310d88..57edfc7 100644 --- a/daemon/sid.h +++ b/daemon/sid.h @@ -52,6 +52,10 @@ extern sidcache group_sidcache; /* prototypes */ int create_unknownsid(WELL_KNOWN_SID_TYPE type, PSID *sid, DWORD *sid_len); +#ifdef NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID +bool unixuser_sid2uid(PSID psid, uid_t *puid); +bool unixgroup_sid2gid(PSID psid, gid_t *pgid); +#endif /* NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID */ void sidcache_init(void); void sidcache_add(sidcache *cache, const char* win32name, PSID value); PSID *sidcache_getcached_byname(sidcache *cache, const char *win32name); -- 2.45.1 From 159dc31356c794debb6a229617e7e82d9bd48aad Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Wed, 3 Jul 2024 18:11:48 +0200 Subject: [PATCH 2/2] daemon: Rename |map_nfs4ace_who()| to |map_sid2nfs4ace_who()|+debug cleanup Rename |map_nfs4ace_who()| to |map_sid2nfs4ace_who()|+debug cleanup. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/acl.c | 53 ++++++++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 24 deletions(-) diff --git a/daemon/acl.c b/daemon/acl.c index 02f08b2..6facd54 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -891,7 +891,9 @@ void map_nfs4acemask2winaccessmask(uint32_t nfs4_mask, #endif } -static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_out, char *domain, SID_NAME_USE *sid_type_out) +static +int map_sid2nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, + char *who_out, char *domain, SID_NAME_USE *sid_type_out) { int status, lasterr; SID_NAME_USE sid_type = 0; @@ -901,7 +903,9 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o DWORD who_size = sizeof(who_buf), domain_size = sizeof(domain_buf); LPSTR sidstr = NULL; - DPRINTF(ACLLVL2, ("--> map_nfs4ace_who(sid=0x%p,owner_sid=0x%p, group_sid=0x%p)\n")); + DPRINTF(ACLLVL2, ("--> map_sid2nfs4ace_who(" + "sid=0x%p,owner_sid=0x%p, group_sid=0x%p)\n", + sid, owner_sid, group_sid)); if (DPRINTF_LEVEL_ENABLED(ACLLVL2)) { print_sid("sid", sid); @@ -916,7 +920,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o status = 0; if (owner_sid) { if (EqualSid(sid, owner_sid)) { - DPRINTF(ACLLVL2, ("map_nfs4ace_who: this is owner's sid\n")); + DPRINTF(ACLLVL2, ("this is owner's sid\n")); memcpy(who_out, ACE4_OWNER, strlen(ACE4_OWNER)+1); sid_type = SidTypeUser; status = ERROR_SUCCESS; @@ -925,7 +929,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o } if (group_sid) { if (EqualSid(sid, group_sid)) { - DPRINTF(ACLLVL2, ("map_nfs4ace_who: this is group's sid\n")); + DPRINTF(ACLLVL2, ("this is group's sid\n")); memcpy(who_out, ACE4_GROUP, strlen(ACE4_GROUP)+1); sid_type = SidTypeGroup; status = ERROR_SUCCESS; @@ -946,8 +950,8 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o if (!ConvertSidToStringSidA(sid, &sidstr)) { status = GetLastError(); - eprintf("map_nfs4ace_who: ConvertSidToStringSidA() failed, " - "error=%d\n", status); + eprintf("map_sid2nfs4ace_who: ConvertSidToStringSidA() " + "failed, error=%d\n", status); goto out; } @@ -956,7 +960,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o lasterr = GetLastError(); if (status) { - DPRINTF(ACLLVL2, ("map_nfs4ace_who: " + DPRINTF(ACLLVL2, ("map_sid2nfs4ace_who: " "LookupAccountSid(sidtostr(sid)='%s', who_buf='%s', " "who_size=%d, domain='%s', domain_size=%d) " "returned success, status=%d, GetLastError=%d\n", @@ -964,7 +968,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o domain_buf, domain_size, status, lasterr)); } else { - DPRINTF(ACLLVL2, ("map_nfs4ace_who: " + DPRINTF(ACLLVL2, ("map_sid2nfs4ace_who: " "LookupAccountSid(sidtostr(sid)='%s', who_size=%d, " "domain_size=%d) returned failure, status=%d, " "GetLastError=%d\n", @@ -1003,14 +1007,14 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o sid_type = SidTypeUser; status = ERROR_SUCCESS; - DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + DPRINTF(ACLLVL1, ("map_sid2nfs4ace_who: " "Unix_User+%d SID " "mapped to user '%s'\n", unixuser_uid, who_out)); goto add_domain; } - eprintf("map_nfs4ace_who: " + eprintf("map_sid2nfs4ace_who: " "unixuser_sid2uid(sid='%s',unixuser_uid=%d) " "returned no mapping.\n", sidstr, (int)unixuser_uid); @@ -1024,28 +1028,28 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o sid_type = SidTypeGroup; status = ERROR_SUCCESS; - DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + DPRINTF(ACLLVL1, ("map_sid2nfs4ace_who: " "Unix_Group+%d SID " "mapped to group '%s'\n", unixgroup_gid, who_out)); goto add_domain; } - eprintf("map_nfs4ace_who: " + eprintf("map_sid2nfs4ace_who: " "unixgroup_sid2gid(sid='%s',unixgroup_gid=%d) " "returned no mapping.\n", sidstr, (int)unixgroup_gid); goto err_none_mapped; } - eprintf("map_nfs4ace_who: LookupAccountSidA() " + eprintf("map_sid2nfs4ace_who: LookupAccountSidA() " "returned ERROR_NONE_MAPPED+no " "Unix_@(User|Group)+ mapping for sidstr='%s'\n", sidstr); err_none_mapped: status = ERROR_NONE_MAPPED; #else - DPRINTF(ACLLVL2, ("map_nfs4ace_who: LookupAccountSidA() " + DPRINTF(ACLLVL2, ("map_sid2nfs4ace_who: LookupAccountSidA() " "returned ERROR_NONE_MAPPED for sidstr='%s'\n", sidstr)); status = lasterr; @@ -1055,14 +1059,14 @@ err_none_mapped: /* Catch other cases */ case ERROR_NO_SUCH_USER: case ERROR_NO_SUCH_GROUP: - eprintf("map_nfs4ace_who: LookupAccountSidA() " + eprintf("map_sid2nfs4ace_who: LookupAccountSidA() " "returned ERROR_NO_SUCH_@(USER|GROUP) for " "sidstr='%s'\n", sidstr); status = lasterr; goto out; default: - eprintf("map_nfs4ace_who: Internal error, " + eprintf("map_sid2nfs4ace_who: Internal error, " "LookupAccountSidA() returned unexpected ERROR_%d " "for sidstr='%s'\n", status, sidstr); @@ -1079,13 +1083,15 @@ add_domain: out: if (status) { DPRINTF(ACLLVL2, - ("<-- map_nfs4ace_who() returns %d\n", status)); + ("<-- map_sid2nfs4ace_who() returns %d\n", status)); } else { DPRINTF(ACLLVL2, - ("<-- map_nfs4ace_who(who_out='%s', sid_type=%d) " + ("<-- map_sid2nfs4ace_who(who_out='%s', sid_type='%s'/%d) " "returns %d\n", - who_out, sid_type, status)); + who_out, + map_SID_NAME_USE2str(sid_type), sid_type, + status)); if (sid_type_out) { *sid_type_out = sid_type; } @@ -1209,9 +1215,8 @@ static int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, } #endif /* NFS41_DRIVER_ACLS_SETACL_SKIP_WINNULLSID_ACES */ - status = map_nfs4ace_who(ace_sid, sid, gsid, - curr_nfsace->who, - domain, &who_sid_type); + status = map_sid2nfs4ace_who(ace_sid, sid, gsid, + curr_nfsace->who, domain, &who_sid_type); if (status) goto out_free; @@ -1333,7 +1338,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) goto out; } - status = map_nfs4ace_who(sid, NULL, NULL, ownerbuf, + status = map_sid2nfs4ace_who(sid, NULL, NULL, ownerbuf, nfs41dg->localdomain_name, NULL); if (status) goto out; @@ -1355,7 +1360,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) goto out; } - status = map_nfs4ace_who(sid, NULL, NULL, groupbuf, + status = map_sid2nfs4ace_who(sid, NULL, NULL, groupbuf, nfs41dg->localdomain_name, NULL); if (status) goto out; -- 2.45.1

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at