From 866568a82563f581cca313516ee4aea1e7fcfe81 Mon Sep 17 00:00:00 2001 From: Guenther Deschner Date: Wed, 11 Dec 2024 15:33:47 +0530 Subject: [PATCH 1/5] s3-sharesec: Add Test to verify command option "--view-all" BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780 Signed-off-by: Guenther Deschner Signed-off-by: Vinit Agnihotri Reviewed-by: John Mulligan (cherry picked from commit 0a12254ea8b3414deebc3e6329025052c650356e) --- source3/script/tests/test_sharesec.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source3/script/tests/test_sharesec.sh b/source3/script/tests/test_sharesec.sh index a083a56545a..b44ffcb4d58 100755 --- a/source3/script/tests/test_sharesec.sh +++ b/source3/script/tests/test_sharesec.sh @@ -137,4 +137,12 @@ testit "Check for default ACL" \ test "$ACL" = "ACL:S-1-1-0:ALLOWED/0x0/FULL" || failed=$(expr $failed + 1) +testit "Create 2nd share" $NET_CMD conf addshare tmp_share2 /tmp || + failed=$(expr $failed + 1) +COUNT=$($CMD --view-all | grep ACL: | sed -e 's/^ACL://' | wc -l) +testit "Verify standard ACL counts" test $COUNT -gt 2 || + failed=$(expr $failed + 1) +testit "Delete share" $NET_CMD conf delshare tmp_share2 || + failed=$(expr $failed + 1) + testok $0 $failed -- 2.47.1 From 72bb0159d2548a00f9a8b71c95c40504ace80582 Mon Sep 17 00:00:00 2001 From: Vinit Agnihotri Date: Thu, 12 Dec 2024 19:05:24 +0530 Subject: [PATCH 2/5] sharesec: Fix warning frame not freed in order This change should fix following warning: Freed frame ../../source3/utils/sharesec.c:515, expected ../../source3/utils/sharesec.c:637 Frame was not getting freed in case of servicename is NULL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780 Signed-off-by: Vinit Agnihotri Reviewed-by: John Mulligan Reviewed-by: Guenther Deschner (cherry picked from commit 04531e1b1d25d114c470922547bee769b07e5e60) --- source3/utils/sharesec.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 417572954c8..3c93893e178 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -563,6 +563,7 @@ int main(int argc, const char *argv[]) const char *service = lp_servicename(frame, lp_sub, i); if (service == NULL) { + TALLOC_FREE(frame); continue; } -- 2.47.1 From 13ae9e75950facfe8a2b5eff11447fa9bfee4fa2 Mon Sep 17 00:00:00 2001 From: Vinit Agnihotri Date: Tue, 3 Dec 2024 11:12:34 +0530 Subject: [PATCH 3/5] param: Add API to load registry without share info As number of shares increases loading entire registry configuration along with share information becomes very costly operation. Since we may not require share information all time, we can optimise this by using API just loading configuration without any share info. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780 Signed-off-by: Vinit Agnihotri Reviewed-by: John Mulligan Reviewed-by: Guenther Deschner (cherry picked from commit 2927dba0434b960e4c381329bdc9fe474fb930ce) --- source3/param/loadparm.c | 11 +++++++++++ source3/param/loadparm.h | 1 + 2 files changed, 12 insertions(+) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index f9bc1c42796..9d8890698f4 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4291,6 +4291,17 @@ bool lp_load_with_registry_shares(const char *pszFname) true); /* load_all_shares*/ } +bool lp_load_with_registry_without_shares(const char *pszFname) +{ + return lp_load_ex(pszFname, + false, /* global_only */ + true, /* save_defaults */ + false, /* add_ipc */ + true, /* reinit_globals */ + true, /* allow_include_registry */ + false); /* load_all_shares*/ +} + /*************************************************************************** Return the max number of services. ***************************************************************************/ diff --git a/source3/param/loadparm.h b/source3/param/loadparm.h index e8f06ddbc2c..2900e3b16bb 100644 --- a/source3/param/loadparm.h +++ b/source3/param/loadparm.h @@ -163,6 +163,7 @@ bool lp_load_global_no_reinit(const char *file_name); bool lp_load_no_reinit(const char *file_name); bool lp_load_client_no_reinit(const char *file_name); bool lp_load_with_registry_shares(const char *pszFname); +bool lp_load_with_registry_without_shares(const char *pszFname); int lp_numservices(void); void lp_dump(FILE *f, bool show_defaults, int maxtoprint); void lp_dump_one(FILE * f, bool show_defaults, int snum); -- 2.47.1 From 466f2db60c67c29dbb7959235bcfc7a247977502 Mon Sep 17 00:00:00 2001 From: Vinit Agnihotri Date: Tue, 3 Dec 2024 11:19:09 +0530 Subject: [PATCH 4/5] sharesec: Add function to check existence of share from config Add function to detect if a share name exists in the registry or config file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780 Signed-off-by: Vinit Agnihotri Reviewed-by: John Mulligan Reviewed-by: Guenther Deschner (cherry picked from commit 78eb293e1cdd3635de0bcf46ffb9d842f27bcc9f) --- source3/utils/sharesec.c | 76 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 3c93893e178..6094746e3cc 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -31,6 +31,8 @@ struct cli_state; #include "cmdline_contexts.h" #include "lib/util/string_wrappers.h" #include "lib/param/param.h" +#include "lib/smbconf/smbconf.h" +#include "lib/smbconf/smbconf_init.h" static TALLOC_CTX *ctx; @@ -316,6 +318,80 @@ static int view_sharesec_sddl(const char *sharename) return 0; } +static bool registry_share(const char *sharename) +{ + sbcErr err; + TALLOC_CTX *mem_ctx = talloc_stackframe(); + struct smbconf_ctx *conf_ctx; + bool ret_status = true; + + err = smbconf_init(mem_ctx, &conf_ctx, "registry:"); + if (!SBC_ERROR_IS_OK(err)) { + DEBUG(0, ("Unable to init smbconf registry. Err:%s\n", + sbcErrorString(err))); + ret_status = false; + goto out; + } + + if(!smbconf_share_exists(conf_ctx, sharename)) { + ret_status = false; + goto done; + } +done: + smbconf_shutdown(conf_ctx); +out: + talloc_free(mem_ctx); + return ret_status; +} + +static bool txt_share(const char *sharename) +{ + sbcErr err; + TALLOC_CTX *mem_ctx = talloc_stackframe(); + struct smbconf_ctx *conf_ctx; + bool ret_status = true; + char *fconf_path; + + fconf_path = talloc_asprintf(mem_ctx, "file:%s", get_dyn_CONFIGFILE()); + if (fconf_path == NULL) { + DEBUG(0, ("Not enough memory for conf file path")); + ret_status = false; + goto out; + } + + err = smbconf_init(mem_ctx, &conf_ctx, fconf_path); + if (!SBC_ERROR_IS_OK(err)) { + DEBUG(0, ("Unable to init smbconf file. Err:%s\n", + sbcErrorString(err))); + ret_status = false; + goto out; + } + + if(!smbconf_share_exists(conf_ctx, sharename)) { + ret_status = false; + goto done; + } +done: + smbconf_shutdown(conf_ctx); +out: + talloc_free(mem_ctx); + return ret_status; +} + +static bool share_exists(const char *sharename) +{ + bool ret_status = false; + + if ((lp_config_backend() == CONFIG_BACKEND_REGISTRY) || + (lp_registry_shares() == true)) + ret_status = registry_share(sharename); + + if (!ret_status) { + ret_status = txt_share(sharename); + } + return ret_status; +} + /******************************************************************** main program ********************************************************************/ -- 2.47.1 From 5f0b267122a54c9aa5df226dd866fb6708d2e75a Mon Sep 17 00:00:00 2001 From: Vinit Agnihotri Date: Tue, 3 Dec 2024 11:21:09 +0530 Subject: [PATCH 5/5] sharesec: Check if share exists in configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Load config from registry without share info and check if sharename exists from configuration. This results into lesser delay for the same. In case of view we load config with all shares to ensure we get all shares for diplay purpose. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15780 Signed-off-by: Vinit Agnihotri Reviewed-by: John Mulligan Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jan 10 10:45:30 UTC 2025 on atb-devel-224 (cherry picked from commit 1410803713440caf29a40aec30516489d1944665) --- source3/utils/sharesec.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 6094746e3cc..47182894a66 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -409,7 +409,6 @@ int main(int argc, const char *argv[]) static char *the_acl = NULL; fstring sharename; bool force_acl = False; - int snum; poptContext pc; bool initialize_sid = False; bool ok; @@ -604,7 +603,10 @@ int main(int argc, const char *argv[]) setlinebuf(stdout); - lp_load_with_registry_shares(get_dyn_CONFIGFILE()); + if (mode == SMB_ACL_VIEW_ALL) + lp_load_with_registry_shares(get_dyn_CONFIGFILE()); + else + lp_load_with_registry_without_shares(get_dyn_CONFIGFILE()); /* check for initializing secrets.tdb first */ @@ -631,7 +633,6 @@ int main(int argc, const char *argv[]) if (mode == SMB_ACL_VIEW_ALL) { int i; - for (i=0; i