Commit Graph

4980 Commits

Author SHA1 Message Date
Jean-Pierre André
a42b52ea61 Added a manual entry for ntfswipe 2014-06-25 12:45:15 +02:00
Jean-Pierre André
935ce8d08b Fixed inappropriate description of ntfs_build_basic_posix() (cosmetic)
Fixed a missing description and wrongly copied+pasted comment
2014-06-23 11:46:58 +02:00
Jean-Pierre André
ab8f021861 Fixed checking permissions when Posix ACLs are compiled in but not enabled
When the Posix ACLs are not enabled in the mount options, the permission
checks should not take into account the extra owners and groups of the
file.
2014-06-23 11:26:00 +02:00
Jean-Pierre André
bfc5f3dd3d Fixed processing umask when Posix ACLs are compiled in but not enabled
When Posix ACLs are used, the umask is ignored and the initial permissions
of created files are taken for the parent directory. However the umask
should still be used when the Posix ACLs are not enabled in the mount
options.
2014-06-23 11:20:21 +02:00
Jean-Pierre André
22ecedb996 Fixed a wrong function header in usermap
A wrong header was defined for ntfs_initialize_file_security()
2014-06-23 11:16:02 +02:00
Jean-Pierre André
973949964c Fixed ownership of files created by root with no user mapping
Ownership of files should always represent the creator of files.
This fixes a situation, currently disabled, where there is no user
mapping and the owner of the parent directory is used as the owner
of the created file.
2014-06-23 11:11:07 +02:00
Jean-Pierre André
ae4a797473 Disabled the default user mapping when Windows inheritance is used
Windows-type inheritance is meaningful only when used with user
identifications known to Windows, so avoid using default ones.
2014-06-23 10:59:38 +02:00
Jean-Pierre André
19d71c6c9e Fixed apparent const violation in secaudit.c for Windows (cosmetic)
The prototype for SetFileSecurityW() does not exhibit a const attribute
for the second attribute, thus triggering a compiler warning.
This warning can be silenced by copying the argument.
2014-06-23 10:53:23 +02:00
Jean-Pierre André
952917bccf Fixed const violation in win32_io.c (cosmetic)
Fixed the read-modify-write procedure to be compatible with the
write-only one to avoid violating the "const" attibute of the latter.
2014-06-23 10:46:31 +02:00
Jean-Pierre André
276c6ec661 Showed Windows ownership in secaudit with verbose option
The Windows ownership can now be displayed without using the "very
verbose" option, and when used on Windows the login name is displayed.
2014-06-23 10:41:39 +02:00
Jean-Pierre André
21f6d9d0a3 Included ntfsfallocate in the quarantined ntfsprogs
ntfsfallocate is the equivalent of fallocate(1) :
Usage : ntfsfallocate [-n] [-p] [-o offset] -l length filename
For now, it is only released as a quarantined ntfsprogs because it can
produce configurations which cause subsequent updates of the file by
Windows to hang.
2014-06-23 10:33:22 +02:00
Jean-Pierre André
6abf81721c Defined the configure option --enable-quarantined for non functional utilities
Distributions have complained about releasing a non-functional ntfsck.
Actually, ntfsck and a few other developer-oriented utilities were not
meant to be released by distributions and are only compiled in if the
configure option --enable-extra is set, and, for some reason, this
option is set by most distributions.

In order to get distributions to not complain, though making the source
code available for candidate developers to improve it, the non functional
or developer-oriented utilities (ntfsck, ntfsdump_logfile, ntfsmftalloc
and ntfsmove) are now only compiled in if the configure option
--enable-quarantined is set.
2014-06-23 10:15:24 +02:00
Jean-Pierre André
37862daf83 Fixed getting inherited security ids from cache
When using Windows inheritance, the cacheing of ACLs for files created
within a directory only depended on the directory. Actually it also
depends on the user who creates the file. With the patch, only the ACLs
created by the owner of the directory are cached.
2014-05-22 09:52:42 +02:00
Jean-Pierre André
0ccd90f2fb Fixed ignoring the umask mount option when permissions are used
When permissions are used, umask(2) is supposed to be active and the
umask mount option is supposed to be ignored, but it was still wrongly
applied. This caused permission restrictions when an external disk was
automatically mounted with standard options.
2014-05-22 09:45:46 +02:00
Jean-Pierre André
e8c43f434b Fixed checking static groups against process owner
When grouping of users are determined from /etc/group (a compile-time
option not currently used), the groups examined for checking access rights
to a file were wrongly derived from the uid of the file instead of the
uid of the current process.
2014-05-22 09:38:47 +02:00
Jean-Pierre André
8390ac4dee Recognized interactive users as any user
Since Vista, the standard directory /Users/Public which should be accessed
by any user is actually restricted to a few group of users, among them
the interactive ones. To make this directory accessible without using
the Posix ACLs, all Linux users are considered as interactive.
However, when Posix ACLs are used, users supposed to be interactive have
to be put into a secondary group mapped to the equivalent Windows group.
2014-05-22 09:30:07 +02:00
Jean-Pierre André
7154606369 Decoded more "well-known" and generic SIDs in secaudit
More SIDs found in common situations are displayed with their meaning.
2014-05-22 09:25:11 +02:00
Jean-Pierre André
38dcb707ef Improved the ownership definition when inheriting and user mapping fails
When using the Windows permission inheritance mode and the current user
has not been mapped, try to derive a reasonable user from the parent
directory.
2014-05-22 09:19:52 +02:00
Jean-Pierre André
c2af343c03 Improved the conditions for double inheritance of an ACE
The Windows-type inheritance of an ACE may imply creating two ACE's : one
for access and one for further inheritance. The conditions for doing so,
and the flags set on created ACE were sometimes wrong.
Note : the rules have been derived from testing multiple situations, but
there still are some gray cases.
2014-05-22 09:07:43 +02:00
Jean-Pierre André
c9b0c415fd Decoded the GENERIC_ALL flag in secaudit
The GENERIC_ALL flags was not decoded and could lead to displaying no
access to some directories.
2014-05-22 09:01:37 +02:00
Jean-Pierre André
5554f2e677 Displayed the parent directory of selected files in usermap
Displaying the parent directory facilitates the identification of files
selected by usermap as a base for defining the mapping of Windows users
to Linux ones.
2014-05-22 08:58:03 +02:00
Jean-Pierre André
3e212bb901 Ignored chmod/chown/setfacl when Windows inheritance is applied
chmod/chown/setfacl can only define permissions according to Linux rules
with references to owner and group. Windows rules are more general and
propagated through inheritance, and chmod/chown/setfacl may create unwanted
deviations from these rules. Ignoring them prevents text editors from
creating such deviations when updating a file and creating a backup one.
2014-05-22 08:46:08 +02:00
Jean-Pierre André
eefa41c385 Allowed group mapping of a few well-known SIDs
Since Vista, Windows defines a /Users/Public directory supposed to be
public, but actually only allowed to a few user categories (interactive,
batch, etc.) This patch makes possible to create equivalent Unix groups
and group users the same way as in Windows. Posix ACLs have to be enabled
for access to /Users/Public to be allowed to several groups.
2014-05-22 08:36:41 +02:00
Jean-Pierre André
c0287870e1 Returned success from ntfsprogs utilities with options --version and --help
The ntfsprogs used to return failure when option --version or --help
was used, and this has triggered complains from distribution packagers
who use these options in packaging scripts.
With this patch, success is returned (same behavior as gcc).
2014-04-23 10:13:27 +02:00
Jean-Pierre André
70e5b1b250 Fixed inserting a new ACL after they have been wiped out by chkdsk
chkdsk deletes the ACLs when they are bad or when they are not used any
more. This fixes inserting a new ACL after the previously last ACL (or
even all of them) was deleted.
2014-04-23 09:53:13 +02:00
Jean-Pierre André
89de050c94 Fixed $Bitmap size in the root index in ntfsresize
When the partition is resized, the global bitmap size is adjusted accordingly,
however so far the new size was not set into the parent index (only minor
consequences).
2014-04-23 09:47:21 +02:00
Jean-Pierre André
556bb9fada Fixed inclusion of <sys/param.h> for Solaris/OpenIndiana
The truncation of oversized file names on Solaris/OpenIndiana requires
the definition of the maximum size from <sys/param.h> instead of
<param.h>
2014-04-23 09:43:43 +02:00
Erik Larsson
9e7184e2a6 Fix readdir I/O error on file names larger than 255 bytes in Solaris.
If a readdir operation returned a file name larger than 255 bytes,
Solaris/Illumos would return I/O error from the readdir operation.
Fixed by truncating the file name returned in the readdir operation.
2014-04-18 11:54:54 +02:00
Chih-Wei Huang
a0914beb98 Fix a possible memory leak
In ntfs_fuse_parse_path(), it's possible that strdup() succeeds but
ntfs_mbstoucs() returns a negative value. In such a case the callers
just treat it as an error and ignores the allocated path buffer
that results in a memory leak.
2014-04-16 11:30:50 +02:00
Chih-Wei Huang
419d3399dc Initialize 'path' correctly
It fixes the warnings
src/ntfs-3g.c: In function 'ntfs_fuse_readlink':
src/ntfs-3g.c:987:6: warning: 'path' may be used uninitialized in this function [-Wmaybe-uninitialized]
src/ntfs-3g.c: In function 'ntfs_fuse_create':
src/ntfs-3g.c:1765:6: warning: 'path' may be used uninitialized in this function [-Wmaybe-uninitialized]
2014-04-16 11:30:48 +02:00
Jean-Pierre André
25d0f163ee Mapped the runlist when filling an initial hole
A bug was introduced by commit d2c7d40a2b :
when the beginning of a file was a hole and the runlist span over several
MFT extents, the runlist was not mapped on filling the initial hole.
This lead to a crash when using torrent to download big files.
2014-04-12 09:32:59 +02:00
Jean-Pierre André
8f20ca0d94 Added a license section to the README file
Explained the licensing differences between fuse-lite and ntfs-3g proper.
2014-04-12 09:27:27 +02:00
Jean-Pierre André
ae459dd7b3 Implemented an extended attribute to get/set EAs
The new extended attribute "system.ntfs_ea" can now be used to get or
set the set of EAs of a file or directory.
2014-04-12 09:22:17 +02:00
Jean-Pierre André
f3c4c6c604 Fixed ioctl() error return for ntfsclone on Windows
The ioctl() function is not implemented in the Windows variant. By forcing
a negative apparent return, an alternative is triggered to get the
partition size which is normally obtained from an ioctl().
2014-04-12 09:14:08 +02:00
Jean-Pierre André
fd93d8e840 Switched to the relocated bitmap for delayed relocations in ntfsresize
In some rare situations relocated runlists are longer than the original
ones and do not fit into the same extent. When this happens the runlist
updating is delayed and done globally. Be sure to use the updated global
bitmap for making the needed allocations.
2014-03-11 11:15:59 +01:00
Jean-Pierre André
fb88692394 Implemented updating an encrypted file in ntfsdecrypt
Existing encrypted files can be updated provided the encryption method
and key can be extracted from the LOGGED_UTILITY_STREAM attribute.
2014-03-11 11:10:33 +01:00
Jean-Pierre André
700015c289 Accepted encryption keys whose EFS purpose is not the first one
X509 certificates have a purpose field restricting what the certificate
can be used for, and EFS encryption is such a purpose. Allow EFS encryption
to be at any position in the list.
2014-03-11 11:06:21 +01:00
Jean-Pierre André
cfab9d64c6 Fixed checking whether utimensat() applies to current atime
The check was applied to mtime instead of atime
2014-03-11 11:03:06 +01:00
Jean-Pierre André
543b17b7ef Rejected reserved files names when option windows_names is set
Windows applies legacy restrictions to file names, so when the option
windows_names is applied, reject the same reserved names, which are
CON, PRN, AUX, NUL, COM1..COM9, and LPT1..LPT9
2014-03-11 10:56:31 +01:00
Jean-Pierre André
e5ea399ee6 Added a summary of inodes found by ntfscluster
Output the number of inodes found.
2014-03-11 10:51:47 +01:00
Jean-Pierre André
9636ac058f Improved the warning for analyzing an extent in ntfscluster
When analyzing an extent in ntfscluster, mention its base record
2014-03-11 10:47:48 +01:00
Jean-Pierre André
977abdefa2 Fixed endianness bugs in ntfscluster
ntfscluster was not suitable for big-endian CPUs
2014-03-11 10:43:31 +01:00
Jean-Pierre André
15f300412a Fixed displaying the correct sector number in error message
When opening a volume, the availability of the last sector is checked,
but the error message mentioned a wrong sector.
2014-03-11 10:37:27 +01:00
Jean-Pierre André
b80d33785a Fixed marking device as closed (Windows variant)
When closing a device, the flag keeping track of open state was not reset,
and this prevented opening again (native Windows variant only).
2014-03-11 10:32:39 +01:00
Jean-Pierre André
b70df75369 Updated ctime after setting an ACL
When setting a Posix ACL, the ctime was not updated to match ext2/ext3
behavior. This ext2/ext3 behavior has been changed, so do the same.
2014-03-11 10:28:02 +01:00
Jean-Pierre André
e6c46d4fa0 Used MFT record 15 for the first extent to MFT:DATA
When the runlist of the data attribute of MFT has to be split across
several extents, the location of each extent has to be known from the
runlist present in previous extents. So, force the first extent into
record 15 to avoid a bad layout.
2014-03-11 10:16:26 +01:00
Jean-Pierre André
ea8e192613 Traced dirtying runlists and updated them accordingly
Use a new flag to trace changes to a runlist and avoid recomputing the
runlist when no actual change occurred.
2014-03-11 10:11:00 +01:00
Jean-Pierre André
d2c7d40a2b Avoided full runlist updating in more situations
When a hole in a sparse file was filled, the runlist was fully recomputed.
When a sparse file spans over several MFT extents, this patch leads to
only recompute the runlist from the modified extent to the end.
2014-03-11 10:04:54 +01:00
Jean-Pierre André
ddd3a8a329 Reset the output file to favour appending to image in ntfsclone
When ntfsclone'ing to a file, the target file was truncated to the volume
size. This is not useful on file systems which support sparse files. In
the case of ntfs-3g this leads to prevent optimizations specific to
appending data. So when a sparse output file is detected, it is emptied
to benefit from subsequent appending of data.
2014-03-11 09:54:53 +01:00
Jean-Pierre André
7e38a29656 Avoided double opening of parent directory name in ntfscp
Double openings of a file or directory lead to double memory copies and
may lead to inconsistencies. On such situation could occur in ntfscp.
2014-03-11 09:50:02 +01:00