================
* FIX: afpd: Hangs in Netatalk which causes it to stop responding to
connections, bug #572.
+* NEW: afpd: new option "force xattr with sticky bit = yes|no"
+ (default: no), FR #94
Changes in 3.1.3
================
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>force xattr with sticky bit =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G/V)</type></term>
+
+ <listitem>
+ <para>Writing metadata xattr on directories with the
+ sticky bit set may fail even though we may have write
+ access to a directory, because if the sticky bit is set
+ only the owner is allowed to write xattrs.</para>
+
+ <para>By enabling this option Netatalk will write the
+ metadata xattr as root.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>guest account = <replaceable>name</replaceable>
<type>(G)</type></term>
#define ADVOL_UNIXPRIV (1 << 2) /* adouble unix priv */
#define ADVOL_INVDOTS (1 << 3) /* dot files (.DS_Store) are invisible) */
#define ADVOL_FOLLO_SYML (1 << 4)
+#define ADVOL_FORCE_STICKY_XATTR (1 << 5)
/* lock flags */
#define ADLOCK_CLR (0)
#define AFPVOL_RO (1 << 8) /* read-only volume */
#define AFPVOL_CHMOD_PRESERVE_ACL (1 << 9) /* try to preserve ACLs */
#define AFPVOL_CHMOD_IGNORE (1 << 10) /* try to preserve ACLs */
+#define AFPVOL_FORCE_STICKY_XATTR (1 << 11) /* write metadata xattr as root on sticky dirs */
#define AFPVOL_NOSTAT (1 << 16) /* advertise the volume even if we can't stat() it
* maybe because it will be mounted later in preexec */
#define AFPVOL_UNIX_PRIV (1 << 17) /* support unix privileges */
if (ad->ad_adflags & ADFLAGS_DIR) {
EC_NEG1_LOG( cwd = open(".", O_RDONLY) );
EC_NEG1_LOG( fchdir(ad_data_fileno(ad)) );
- EC_ZERO_LOGSTR( sys_lsetxattr(".", AD_EA_META, ad->ad_data, AD_DATASZ_EA, 0),
- "sys_lsetxattr(\"%s\"): %s", fullpathname(".") ,strerror(errno));
+
+ ret = sys_lsetxattr(".", AD_EA_META, ad->ad_data, AD_DATASZ_EA, 0);
+
+ if (ret != 0) {
+ if (errno != EPERM)
+ EC_FAIL;
+
+ if (!(ad->ad_options & ADVOL_FORCE_STICKY_XATTR))
+ EC_FAIL;
+
+ /*
+ * This may be a directory with a sticky bit
+ * set, which means even though we may have
+ * write access to the directory, only the
+ * owner is allowed to write xattrs
+ */
+
+ become_root();
+ ret = sys_lsetxattr(".", AD_EA_META, ad->ad_data, AD_DATASZ_EA, 0);
+ unbecome_root();
+
+ if (ret != 0) {
+ LOG(log_error, logtype_ad, "ad_flush_hf: %s", strerror(errno));
+ EC_FAIL;
+ }
+ }
+
EC_NEG1_LOG( fchdir(cwd) );
EC_NEG1_LOG( close(cwd) );
cwd = -1;
volume->v_preexec_close = 1;
if (getoption_bool(obj->iniconfig, section, "root preexec close", preset, 0))
volume->v_root_preexec_close = 1;
+ if (vdgoption_bool(obj->iniconfig, section, "force xattr with sticky bit", preset, 0))
+ volume->v_flags |= AFPVOL_FORCE_STICKY_XATTR;
if ((val = getoption(obj->iniconfig, section, "ignored attributes", preset, obj->options.ignored_attr))) {
if (strstr(val, "all")) {
volume->v_ad_options |= ADVOL_FOLLO_SYML;
if ((volume->v_flags & AFPVOL_RO))
volume->v_ad_options |= ADVOL_RO;
+ if ((volume->v_flags & AFPVOL_FORCE_STICKY_XATTR))
+ volume->v_ad_options |= ADVOL_FORCE_STICKY_XATTR;
/* Mac to Unix conversion flags*/
if ((volume->v_flags & AFPVOL_EILSEQ))
Sets the path to the file which defines file extension type/creator mappings\&. (default is @pkgconfdir@/extmap\&.conf)\&.
.RE
.PP
+force xattr with sticky bit = \fIBOOLEAN\fR (default: \fIno\fR) \fB(G/V)\fR
+.RS 4
+Writing metadata xattr on directories with the sticky bit set may fail even though we may have write access to a directory, because if the sticky bit is set only the owner is allowed to write xattrs\&.
+.sp
+By enabling this option Netatalk will write the metadata xattr as root\&.
+.RE
+.PP
guest account = \fIname\fR \fB(G)\fR
.RS 4
Specifies the user that guests should use (default is "nobody")\&. The name should be quoted\&.