kiwi/klara-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added original samba

Browse Source
This commit is contained in:
Xavier Beaudouin
2024-01-23 17:30:28 +01:00
parent 52daff87aa
commit 97f38e1e10
119 changed files with 41264 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
net/samba416/files/man/vfs_freebsd.8 Normal file
View File

@ -0,0 +1,204 @@
'\" t
.\" Title: vfs_freebsd
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Date: 06/24/2019
.\" Manual: System Administration tools
.\" Source: Samba 4.10.5
.\" Language: English
.\"
.TH "VFS_FREEBSD" "8" "06/24/2019" "Samba 4\&.10\&.5" "System Administration tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
vfs_freebsd \- FreeBSD\-specific VFS functions
.SH "SYNOPSIS"
.HP \w'\ 'u
vfs objects = freebsd
.SH "DESCRIPTION"
.PP
This VFS module is part of the
\fBsamba\fR(7)
suite\&.
.PP
The
vfs_freebsd
module implements some of the FreeBSD\-specific VFS functions\&.
.PP
This module is stackable\&.
.SH "OPTIONS"
.PP
freebsd:extattr mode=[legacy|compat|secure]
.RS 4
This parameter defines how the emulation of the Linux attr(5) extended attributes is performed through the FreeBSD native extattr(9) system calls\&.
.sp
Currently the
\fIsecurity\fR,
\fIsystem\fR,
\fItrusted\fR
and
\fIuser\fR
extended attribute(xattr) classes are defined in Linux\&. Contrary FreeBSD has only
\fIUSER\fR
and
\fISYSTEM\fR
extended attribute(extattr) namespaces, so mapping of one set into another isn\*(Aqt straightforward and can be done in different ways\&.
.sp
Historically the Samba(7) built\-in xattr mapping implementation simply converted
\fIsystem\fR
and
\fIuser\fR
xattr into corresponding
\fISYSTEM\fR
and
\fIUSER\fR
extattr namespaces, dropping the class prefix name with the separating dot and using attribute name only within the mapped namespace\&. It also rejected any other xattr classes, like
\fIsecurity\fR
and
\fItrusted\fR
as invalid\&. Such behavior in particular broke AD provisioning on UFS2 file systems as essential
\fIsecurity\&.NTACL\fR
xattr was rejected as invalid\&.
.sp
This module tries to address this problem and provide secure, where it\*(Aqs possible, way to map Linux xattr into FreeBSD\*(Aqs extattr\&.
.sp
When
\fImode\fR
is set to the
\fIlegacy (default)\fR
then modified version of built\-in mapping is used, where
\fIsystem\fR
xattr is mapped into SYSTEM namespace, while
\fIsecure\fR,
\fItrusted\fR
and
\fIuser\fR
xattr are all mapped into the USER namespace, dropping class prefixes and mix them all together\&. This is the way how Samba FreeBSD ports were patched up to the 4\&.9 version and that created multiple potential security issues\&. This mode is aimed for the compatibility with the legacy installations only and should be avoided in new setups\&.
.sp
The
\fIcompat\fR
mode is mostly designed for the jailed environments, where it\*(Aqs not possible to write extattrs into the secure SYSTEM namespace, so all four classes are mapped into the USER namespace\&. To preserve information about origin of the extended attribute it is stored together with the class preffix in the
\fIclass\&.attribute\fR
format\&.
.sp
The
\fIsecure\fR
mode is meant for storing extended attributes in a secure manner, so that
\fIsecurity\fR,
\fIsystem\fR
and
\fItrusted\fR
are stored in the SYSTEM namespace, which can be modified only by root\&.
.RE
.SH ""
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
.B Table\ \&1.\ \&Attributes mapping
.TS
allbox tab(:);
lB lB lB lB lB.
T{
T}:T{
built\-in
T}:T{
legacy
T}:T{
compat/jail
T}:T{
secure
T}
.T&
lB l l l l
lB l l l l
lB l l l l
lB l l l l.
T{
user
T}:T{
USER; attribute
T}:T{
USER; attribute
T}:T{
USER; user\&.attribute
T}:T{
USER; user\&.attribute
T}
T{
system
T}:T{
SYSTEM; attribute
T}:T{
SYSTEM; attribute
T}:T{
USER; system\&.attribute
T}:T{
SYSTEM; system\&.attribute
T}
T{
trusted
T}:T{
FAIL
T}:T{
USER; attribute
T}:T{
USER; trusted\&.attribute
T}:T{
SYSTEM; trusted\&.attribute
T}
T{
security
T}:T{
FAIL
T}:T{
USER; attribute
T}:T{
USER; security\&.attribute
T}:T{
SYSTEM; security\&.attribute
T}
.TE
.sp 1
.SH "EXAMPLES"
.PP
Use secure method of setting extended attributes on the share:
.sp
.if n \{\
.RS 4
.\}
.nf
\fI[sysvol]\fR
\m[blue]\fBvfs objects = freebsd\fR\m[]
\m[blue]\fBfreebsd:extattr mode = secure\fR\m[]
.fi
.if n \{\
.RE
.\}
.SH "VERSION"
.PP
This man page is part of version 4\&.10\&.5 of the Samba suite\&.
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.
.PP
This module was written by Timur I\&. Bakeyev