[SRM] 2nd update for samba packages in lenny

To: debian-release@lists.debian.org
Subject: [SRM] 2nd update for samba packages in lenny
From: Christian Perrier <bubulle@debian.org>
Date: Sun, 22 Mar 2009 18:15:18 +0100
Message-id: <20090322171516.GR5004@mykerinos.kheops.frmug.org>

Dear Stable Release Managers,

After a first upload which you approved and entered s-p-u, we (Samba
package maintainers) would like to upload a second update for packages
in lenny.

This update's changelog is:

samba (2:3.2.5-4lenny2) stable-proposed-updates; urgency=low

  * Do not abort rename process on valid rename script. Closes: #519974
  * Allow Office 2007 to save files on Samba-mapped drives. Closes: #520284

 -- Christian Perrier <bubulle@debian.org>  Sun, 22 Mar 2009 17:53:21 +0100


Both updates are patches added by upstream to their post-3.2.5
versions (upstream bugs #5957 and #6160). I attached them to this
mail.

Would you agree for this upload to s-p-u?

(I know that the first point release is in the pipes so we might miss
it....then we'll wait for the second point release)

Goal: do not abort rename process on valid rename script

Fixes: #519974

Status wrt upstream: Fixed in 3.2.6

Author: Guenther Deschner <gd@samba.org>

Index: lenny/source/passdb/pdb_ldap.c
===================================================================
--- lenny.orig/source/passdb/pdb_ldap.c
+++ lenny/source/passdb/pdb_ldap.c
@@ -2010,7 +2010,7 @@
 					newname_lower,
 					true,
 					true);
-	if (rename_script) {
+	if (!rename_script) {
 		return NT_STATUS_NO_MEMORY;
 	}
 	rename_script = realloc_string_sub2(rename_script,

Goal: allow Office 2007 to save files on Samba-mapped drives

Fixes: #520284

Status wrt upstream: Fixed in 3.3.1

Author: Jeremy Allison <jra@samba.org>

Index: lenny/source/smbd/open.c
===================================================================
--- lenny.orig/source/smbd/open.c
+++ lenny/source/smbd/open.c
@@ -2126,6 +2126,14 @@
 		return NT_STATUS_NOT_A_DIRECTORY;
 	}
 
+	/* We need to support SeSecurityPrivilege for this. */
+	if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+		DEBUG(10, ("open_directory: open on %s "
+			"failed - SEC_RIGHT_SYSTEM_SECURITY denied.\n",
+			fname));
+		return NT_STATUS_PRIVILEGE_NOT_HELD;
+	}
+
 	switch( create_disposition ) {
 		case FILE_OPEN:
 
@@ -2677,6 +2685,20 @@
 		status = NT_STATUS_PRIVILEGE_NOT_HELD;
 		goto fail;
 	}
+#else
+	/* We need to support SeSecurityPrivilege for this. */
+	if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+		status = NT_STATUS_PRIVILEGE_NOT_HELD;
+		goto fail;
+	}
+	/* Don't allow a SACL set from an NTtrans create until we
+	 * support SeSecurityPrivilege. */
+	if (!VALID_STAT(sbuf) &&
+			lp_nt_acl_support(SNUM(conn)) &&
+			sd && (sd->sacl != NULL)) {
+		status = NT_STATUS_PRIVILEGE_NOT_HELD;
+		goto fail;
+	}
 #endif
 
 	if ((conn->fs_capabilities & FILE_NAMED_STREAMS)

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: [SRM] 2nd update for samba packages in lenny
  - From: Luk Claes <luk@debian.org>

Prev by Date: Re: Bug#503992: Request of authorisation for an upload of Snort in stable to fix 503992
Next by Date: Re: Bug#520713: init script start hangs (request for stable update)
Previous by thread: Re: Please unblock shorewall-{common,perl,shell}
Next by thread: Re: [SRM] 2nd update for samba packages in lenny
Index(es):
- Date
- Thread