static int sys_acl_set_fd_tdb(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_T theacl)
{
SMB_STRUCT_STAT sbuf;
struct db_context *db;
int ret;
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
if (fsp->is_directory || fsp->fh->fd == -1) {
if (fsp->posix_open) {
ret = SMB_VFS_LSTAT(fsp->conn,fsp->fsp_name, &sbuf);
} else {
ret = SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf);
}
} else {
ret = SMB_VFS_FSTAT(fsp, &sbuf);
}
if (ret == -1) {
return -1;
}
ret = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle,
fsp,
theacl);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &sbuf);
return 0;
}
static int sys_acl_set_file_tdb(vfs_handle_struct *handle,
const char *path,
SMB_ACL_TYPE_T type,
SMB_ACL_T theacl)
{
SMB_STRUCT_STAT sbuf;
struct db_context *db;
int ret = -1;
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
if (lp_posix_pathnames()) {
ret = SMB_VFS_LSTAT(handle->conn, path, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn, path, &sbuf);
}
if (ret == -1) {
return -1;
}
ret = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle,
path,
type,
theacl);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &sbuf);
return 0;
}
/**
* Return file size
* @param conn connection
* @param fname file name
* @return size in bytes
**/
static SMB_OFF_T recycle_get_file_size(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
struct smb_filename *smb_fname_tmp = NULL;
NTSTATUS status;
SMB_OFF_T size;
status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
if (!NT_STATUS_IS_OK(status)) {
size = (SMB_OFF_T)0;
goto out;
}
if (SMB_VFS_STAT(handle->conn, smb_fname_tmp) != 0) {
DEBUG(0,("recycle: stat for %s returned %s\n",
smb_fname_str_dbg(smb_fname_tmp), strerror(errno)));
size = (SMB_OFF_T)0;
goto out;
}
size = smb_fname_tmp->st.st_ex_size;
out:
TALLOC_FREE(smb_fname_tmp);
return size;
}
static int unlink_acl_tdb(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
struct smb_filename *smb_fname_tmp = NULL;
struct db_context *db = acl_db;
NTSTATUS status;
int ret = -1;
status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
goto out;
}
if (lp_posix_pathnames()) {
ret = SMB_VFS_LSTAT(handle->conn, smb_fname_tmp);
} else {
ret = SMB_VFS_STAT(handle->conn, smb_fname_tmp);
}
if (ret == -1) {
goto out;
}
ret = unlink_acl_common(handle, smb_fname_tmp);
if (ret == -1) {
goto out;
}
acl_tdb_delete(handle, db, &smb_fname_tmp->st);
out:
return ret;
}
static int streams_xattr_fstat(vfs_handle_struct *handle, files_struct *fsp,
SMB_STRUCT_STAT *sbuf)
{
struct smb_filename *smb_fname_base = NULL;
int ret = -1;
struct stream_io *io = (struct stream_io *)
VFS_FETCH_FSP_EXTENSION(handle, fsp);
if (io == NULL || fsp->base_fsp == NULL) {
return SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
}
DBG_DEBUG("streams_xattr_fstat called for %s\n", fsp_str_dbg(io->fsp));
if (!streams_xattr_recheck(io)) {
return -1;
}
/* Create an smb_filename with stream_name == NULL. */
smb_fname_base = synthetic_smb_fname(talloc_tos(),
io->base,
NULL,
NULL,
fsp->fsp_name->flags);
if (smb_fname_base == NULL) {
errno = ENOMEM;
return -1;
}
if (smb_fname_base->flags & SMB_FILENAME_POSIX_PATH) {
ret = SMB_VFS_LSTAT(handle->conn, smb_fname_base);
} else {
ret = SMB_VFS_STAT(handle->conn, smb_fname_base);
}
*sbuf = smb_fname_base->st;
if (ret == -1) {
TALLOC_FREE(smb_fname_base);
return -1;
}
sbuf->st_ex_size = get_xattr_size(handle->conn,
smb_fname_base, io->xattr_name);
if (sbuf->st_ex_size == -1) {
TALLOC_FREE(smb_fname_base);
SET_STAT_INVALID(*sbuf);
return -1;
}
DEBUG(10, ("sbuf->st_ex_size = %d\n", (int)sbuf->st_ex_size));
sbuf->st_ex_ino = stream_inode(sbuf, io->xattr_name);
sbuf->st_ex_mode &= ~S_IFMT;
sbuf->st_ex_mode &= ~S_IFDIR;
sbuf->st_ex_mode |= S_IFREG;
sbuf->st_ex_blocks = sbuf->st_ex_size / STAT_ST_BLOCKSIZE + 1;
TALLOC_FREE(smb_fname_base);
return 0;
}
static int unlink_acl_tdb(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
struct smb_filename *smb_fname_tmp = NULL;
struct db_context *db = acl_db;
int ret = -1;
smb_fname_tmp = cp_smb_filename(talloc_tos(), smb_fname);
if (smb_fname_tmp == NULL) {
errno = ENOMEM;
goto out;
}
if (smb_fname_tmp->flags & SMB_FILENAME_POSIX_PATH) {
ret = SMB_VFS_LSTAT(handle->conn, smb_fname_tmp);
} else {
ret = SMB_VFS_STAT(handle->conn, smb_fname_tmp);
}
if (ret == -1) {
goto out;
}
ret = unlink_acl_common(handle, smb_fname_tmp);
if (ret == -1) {
goto out;
}
acl_tdb_delete(handle, db, &smb_fname_tmp->st);
out:
return ret;
}
static int rmdir_acl_tdb(vfs_handle_struct *handle, const char *path)
{
SMB_STRUCT_STAT sbuf;
struct db_context *db;
int ret = -1;
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
if (lp_posix_pathnames()) {
ret = SMB_VFS_LSTAT(handle->conn, path, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn, path, &sbuf);
}
if (ret == -1) {
return -1;
}
ret = SMB_VFS_NEXT_RMDIR(handle, path);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &sbuf);
return 0;
}
static NTSTATUS cmd_stat(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv)
{
int ret;
const char *user;
const char *group;
struct passwd *pwd = NULL;
struct group *grp = NULL;
SMB_STRUCT_STAT st;
if (argc != 2) {
printf("Usage: stat <fname>\n");
return NT_STATUS_OK;
}
ret = SMB_VFS_STAT(vfs->conn, argv[1], &st);
if (ret == -1) {
printf("stat: error=%d (%s)\n", errno, strerror(errno));
return NT_STATUS_UNSUCCESSFUL;
}
pwd = sys_getpwuid(st.st_uid);
if (pwd != NULL) user = pwd->pw_name;
else user = null_string;
grp = sys_getgrgid(st.st_gid);
if (grp != NULL) group = grp->gr_name;
else group = null_string;
printf("stat: ok\n");
printf(" File: %s", argv[1]);
if (S_ISREG(st.st_mode)) printf(" Regular File\n");
else if (S_ISDIR(st.st_mode)) printf(" Directory\n");
else if (S_ISCHR(st.st_mode)) printf(" Character Device\n");
else if (S_ISBLK(st.st_mode)) printf(" Block Device\n");
else if (S_ISFIFO(st.st_mode)) printf(" Fifo\n");
else if (S_ISLNK(st.st_mode)) printf(" Symbolic Link\n");
else if (S_ISSOCK(st.st_mode)) printf(" Socket\n");
printf(" Size: %10u", (unsigned int)st.st_size);
#ifdef HAVE_STAT_ST_BLOCKS
printf(" Blocks: %9u", (unsigned int)st.st_blocks);
#endif
#ifdef HAVE_STAT_ST_BLKSIZE
printf(" IO Block: %u\n", (unsigned int)st.st_blksize);
#endif
printf(" Device: 0x%10x", (unsigned int)st.st_dev);
printf(" Inode: %10u", (unsigned int)st.st_ino);
printf(" Links: %10u\n", (unsigned int)st.st_nlink);
printf(" Access: %05o", (st.st_mode) & 007777);
printf(" Uid: %5lu/%.16s Gid: %5lu/%.16s\n", (unsigned long)st.st_uid, user,
(unsigned long)st.st_gid, group);
printf(" Access: %s", ctime(&(st.st_atime)));
printf(" Modify: %s", ctime(&(st.st_mtime)));
printf(" Change: %s", ctime(&(st.st_ctime)));
SAFE_FREE(pwd);
SAFE_FREE(grp);
return NT_STATUS_OK;
}
static int streams_xattr_fstat(vfs_handle_struct *handle, files_struct *fsp,
SMB_STRUCT_STAT *sbuf)
{
struct smb_filename *smb_fname_base = NULL;
NTSTATUS status;
int ret = -1;
struct stream_io *io = (struct stream_io *)
VFS_FETCH_FSP_EXTENSION(handle, fsp);
DEBUG(10, ("streams_xattr_fstat called for %d\n", fsp->fh->fd));
if (io == NULL || fsp->base_fsp == NULL) {
return SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
}
if (!streams_xattr_recheck(io)) {
return -1;
}
/* Create an smb_filename with stream_name == NULL. */
status = create_synthetic_smb_fname(talloc_tos(),
io->base,
NULL, NULL,
&smb_fname_base);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
return -1;
}
if (lp_posix_pathnames()) {
ret = SMB_VFS_LSTAT(handle->conn, smb_fname_base);
} else {
ret = SMB_VFS_STAT(handle->conn, smb_fname_base);
}
*sbuf = smb_fname_base->st;
TALLOC_FREE(smb_fname_base);
if (ret == -1) {
return -1;
}
sbuf->st_ex_size = get_xattr_size(handle->conn, fsp->base_fsp,
io->base, io->xattr_name);
if (sbuf->st_ex_size == -1) {
return -1;
}
DEBUG(10, ("sbuf->st_ex_size = %d\n", (int)sbuf->st_ex_size));
sbuf->st_ex_ino = stream_inode(sbuf, io->xattr_name);
sbuf->st_ex_mode &= ~S_IFMT;
sbuf->st_ex_mode |= S_IFREG;
sbuf->st_ex_blocks = sbuf->st_ex_size / STAT_ST_BLOCKSIZE + 1;
return 0;
}
NTSTATUS vfs_file_exist(connection_struct *conn, struct smb_filename *smb_fname)
{
/* Only return OK if stat was successful and S_ISREG */
if ((SMB_VFS_STAT(conn, smb_fname) != -1) &&
S_ISREG(smb_fname->st.st_ex_mode)) {
return NT_STATUS_OK;
}
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
static NTSTATUS get_acl_blob(TALLOC_CTX *ctx,
vfs_handle_struct *handle,
files_struct *fsp,
const char *name,
DATA_BLOB *pblob)
{
uint8 id_buf[16];
TDB_DATA data;
struct file_id id;
struct db_context *db;
int ret = -1;
SMB_STRUCT_STAT sbuf;
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
return NT_STATUS_INTERNAL_DB_CORRUPTION);
if (fsp && fsp->fh->fd != -1) {
ret = SMB_VFS_FSTAT(fsp, &sbuf);
} else {
if (fsp && fsp->posix_open) {
ret = SMB_VFS_LSTAT(handle->conn, name, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn, name, &sbuf);
}
}
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
id = vfs_file_id_from_sbuf(handle->conn, &sbuf);
/* For backwards compatibility only store the dev/inode. */
push_file_id_16((char *)id_buf, &id);
if (db->fetch(db,
ctx,
make_tdb_data(id_buf, sizeof(id_buf)),
&data) == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
pblob->data = data.dptr;
pblob->length = data.dsize;
DEBUG(10,("get_acl_blob: returned %u bytes from file %s\n",
(unsigned int)data.dsize, name ));
if (pblob->length == 0 || pblob->data == NULL) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
return NT_STATUS_OK;
}
BOOL vfs_object_exist(connection_struct *conn,const char *fname,SMB_STRUCT_STAT *sbuf)
{
SMB_STRUCT_STAT st;
if (!sbuf)
sbuf = &st;
ZERO_STRUCTP(sbuf);
if (SMB_VFS_STAT(conn,fname,sbuf) == -1)
return(False);
return True;
}
BOOL vfs_file_exist(connection_struct *conn, const char *fname,SMB_STRUCT_STAT *sbuf)
{
SMB_STRUCT_STAT st;
if (!sbuf)
sbuf = &st;
ZERO_STRUCTP(sbuf);
if (SMB_VFS_STAT(conn,fname,sbuf) == -1)
return False;
return(S_ISREG(sbuf->st_mode));
}
/* test if system path exists */
static bool snap_path_exists(TALLOC_CTX *ctx, struct messaging_context *msg_ctx,
struct fss_sc *sc)
{
SMB_STRUCT_STAT st;
struct connection_struct *conn = NULL;
struct smb_filename *smb_fname = NULL;
char *service = NULL;
char *share;
int snum;
int ret;
NTSTATUS status;
bool result = false;
ZERO_STRUCT(st);
if ((sc->smaps_count == 0) || (sc->sc_path == NULL)) {
goto out;
}
share = sc->smaps->share_name;
snum = find_service(ctx, share, &service);
if ((snum == -1) || (service == NULL)) {
goto out;
}
status = fss_vfs_conn_create(ctx, server_event_context(),
msg_ctx, NULL, snum, &conn);
if(!NT_STATUS_IS_OK(status)) {
goto out;
}
smb_fname = synthetic_smb_fname(service, sc->sc_path, NULL, NULL);
if (smb_fname == NULL) {
goto out;
}
ret = SMB_VFS_STAT(conn, smb_fname);
if ((ret == -1) && (errno == ENOENT)) {
goto out;
}
result = true;
out:
if (conn) {
fss_vfs_conn_destroy(conn);
}
TALLOC_FREE(service);
return result;
}
static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
struct connection_struct *conn,
const char *name,
uint32 security_info,
struct security_descriptor **ppdesc)
{
SMB_STRUCT_STAT sbuf;
/* Get the stat struct for the owner info. */
if(SMB_VFS_STAT(conn, name, &sbuf) != 0) {
return 0;
}
return afs_to_nt_acl_common(afs_acl, &sbuf, security_info, ppdesc);
}
static NTSTATUS update_write_time_on_close(struct files_struct *fsp)
{
SMB_STRUCT_STAT sbuf;
struct timespec ts[2];
NTSTATUS status;
int ret = -1;
ZERO_STRUCT(sbuf);
ZERO_STRUCT(ts);
if (!fsp->update_write_time_on_close) {
return NT_STATUS_OK;
}
if (null_timespec(fsp->close_write_time)) {
fsp->close_write_time = timespec_current();
}
/* Ensure we have a valid stat struct for the source. */
if (fsp->fh->fd != -1) {
ret = SMB_VFS_FSTAT(fsp, &sbuf);
} else {
if (fsp->posix_open) {
ret = SMB_VFS_LSTAT(fsp->conn,fsp->fsp_name,&sbuf);
} else {
ret = SMB_VFS_STAT(fsp->conn,fsp->fsp_name,&sbuf);
}
}
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
if (!VALID_STAT(sbuf)) {
/* if it doesn't seem to be a real file */
return NT_STATUS_OK;
}
ts[1] = fsp->close_write_time;
status = smb_set_file_time(fsp->conn, fsp, fsp->fsp_name,
&sbuf, ts, true);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OK;
}
static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
files_struct *fsp,
DATA_BLOB *pblob)
{
uint8 id_buf[16];
struct file_id id;
SMB_STRUCT_STAT sbuf;
TDB_DATA data;
struct db_context *db;
struct db_record *rec;
int ret = -1;
DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n",
(unsigned int)pblob->length, fsp->fsp_name));
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
return NT_STATUS_INTERNAL_DB_CORRUPTION);
if (fsp->fh->fd != -1) {
ret = SMB_VFS_FSTAT(fsp, &sbuf);
} else {
if (fsp->posix_open) {
ret = SMB_VFS_LSTAT(handle->conn, fsp->fsp_name, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn, fsp->fsp_name, &sbuf);
}
}
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
id = vfs_file_id_from_sbuf(handle->conn, &sbuf);
/* For backwards compatibility only store the dev/inode. */
push_file_id_16((char *)id_buf, &id);
rec = db->fetch_locked(db, talloc_tos(),
make_tdb_data(id_buf,
sizeof(id_buf)));
if (rec == NULL) {
DEBUG(0, ("store_acl_blob_fsp_tdb: fetch_lock failed\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
data.dptr = pblob->data;
data.dsize = pblob->length;
return rec->store(rec, data, 0);
}
bool can_access_file_data(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf, uint32 access_mask)
{
if (!(access_mask & (FILE_READ_DATA|FILE_WRITE_DATA))) {
return False;
}
access_mask &= (FILE_READ_DATA|FILE_WRITE_DATA);
/* some fast paths first */
DEBUG(10,("can_access_file_data: requesting 0x%x on file %s\n",
(unsigned int)access_mask, fname ));
if (conn->server_info->utok.uid == 0 || conn->admin_user) {
/* I'm sorry sir, I didn't know you were root... */
return True;
}
if (!VALID_STAT(*psbuf)) {
/* Get the file permission mask and owners. */
if(SMB_VFS_STAT(conn, fname, psbuf) != 0) {
return False;
}
}
/* Check primary owner access. */
if (conn->server_info->utok.uid == psbuf->st_uid) {
switch (access_mask) {
case FILE_READ_DATA:
return (psbuf->st_mode & S_IRUSR) ? True : False;
case FILE_WRITE_DATA:
return (psbuf->st_mode & S_IWUSR) ? True : False;
default: /* FILE_READ_DATA|FILE_WRITE_DATA */
if ((psbuf->st_mode & (S_IWUSR|S_IRUSR)) == (S_IWUSR|S_IRUSR)) {
return True;
} else {
return False;
}
}
}
/* now for ACL checks */
return can_access_file_acl(conn, fname, access_mask);
}
BOOL vfs_directory_exist(connection_struct *conn, const char *dname, SMB_STRUCT_STAT *st)
{
SMB_STRUCT_STAT st2;
BOOL ret;
if (!st)
st = &st2;
if (SMB_VFS_STAT(conn,dname,st) != 0)
return(False);
ret = S_ISDIR(st->st_mode);
if(!ret)
errno = ENOTDIR;
return ret;
}
static NTSTATUS store_acl_blob_pathname(vfs_handle_struct *handle,
const char *fname,
DATA_BLOB *pblob)
{
uint8 id_buf[16];
struct file_id id;
TDB_DATA data;
SMB_STRUCT_STAT sbuf;
struct db_context *db;
struct db_record *rec;
int ret = -1;
DEBUG(10,("store_acl_blob_pathname: storing blob "
"length %u on file %s\n",
(unsigned int)pblob->length, fname));
SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
return NT_STATUS_INTERNAL_DB_CORRUPTION);
if (lp_posix_pathnames()) {
ret = SMB_VFS_LSTAT(handle->conn, fname, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn, fname, &sbuf);
}
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
id = vfs_file_id_from_sbuf(handle->conn, &sbuf);
push_file_id_16((char *)id_buf, &id);
rec = db->fetch_locked(db, talloc_tos(),
make_tdb_data(id_buf,
sizeof(id_buf)));
if (rec == NULL) {
DEBUG(0, ("store_acl_blob_pathname_tdb: fetch_lock failed\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
data.dptr = pblob->data;
data.dsize = pblob->length;
return rec->store(rec, data, 0);
}
static void setup_close_full_information(connection_struct *conn,
struct smb_filename *smb_fname,
bool posix_open,
struct timespec *out_creation_ts,
struct timespec *out_last_access_ts,
struct timespec *out_last_write_ts,
struct timespec *out_change_ts,
uint16_t *out_flags,
uint64_t *out_allocation_size,
uint64_t *out_end_of_file,
uint32_t *out_file_attributes)
{
int ret;
if (posix_open) {
ret = SMB_VFS_LSTAT(conn, smb_fname);
} else {
ret = SMB_VFS_STAT(conn, smb_fname);
}
if (ret != 0) {
return;
}
*out_flags = SMB2_CLOSE_FLAGS_FULL_INFORMATION;
*out_file_attributes = dos_mode(conn, smb_fname);
*out_last_write_ts = smb_fname->st.st_ex_mtime;
*out_last_access_ts = smb_fname->st.st_ex_atime;
*out_creation_ts = get_create_timespec(conn, NULL, smb_fname);
*out_change_ts = get_change_timespec(conn, NULL, smb_fname);
if (lp_dos_filetime_resolution(SNUM(conn))) {
dos_filetime_timespec(out_creation_ts);
dos_filetime_timespec(out_last_write_ts);
dos_filetime_timespec(out_last_access_ts);
dos_filetime_timespec(out_change_ts);
}
if (!(*out_file_attributes & FILE_ATTRIBUTE_DIRECTORY)) {
*out_end_of_file = get_file_size_stat(&smb_fname->st);
}
*out_allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn, NULL, &smb_fname->st);
}
static bool recycle_file_exist(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
struct smb_filename *smb_fname_tmp = NULL;
NTSTATUS status;
bool ret = false;
status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
if (SMB_VFS_STAT(handle->conn, smb_fname_tmp) == 0) {
if (S_ISREG(smb_fname_tmp->st.st_ex_mode)) {
ret = true;
}
}
TALLOC_FREE(smb_fname_tmp);
return ret;
}
static bool get_sorted_dir_mtime(vfs_handle_struct *handle,
struct dirsort_privates *data,
struct timespec *ret_mtime)
{
int ret;
struct timespec mtime;
if (data->fsp) {
ret = fsp_stat(data->fsp);
mtime = data->fsp->fsp_name->st.st_ex_mtime;
} else {
ret = SMB_VFS_STAT(handle->conn, data->smb_fname);
mtime = data->smb_fname->st.st_ex_mtime;
}
if (ret == -1) {
return false;
}
*ret_mtime = mtime;
return true;
}
static SMB_OFF_T vfs_my_module_get_file_size(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
struct smb_filename *smb_fname_tmp = NULL;
NTSTATUS status;
SMB_OFF_T size;
status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
if (!NT_STATUS_IS_OK(status)) {
size = (SMB_OFF_T)0;
goto out;
}
if (SMB_VFS_STAT(handle->conn, smb_fname_tmp) != 0) {
size = (SMB_OFF_T)0;
goto out;
}
size = smb_fname_tmp->st.st_ex_size;
out:
TALLOC_FREE(smb_fname_tmp);
return size;
}
/**
* Touch access or modify date
**/
static void recycle_do_touch(vfs_handle_struct *handle,
const struct smb_filename *smb_fname,
bool touch_mtime)
{
struct smb_filename *smb_fname_tmp = NULL;
struct smb_file_time ft;
NTSTATUS status;
int ret, err;
ZERO_STRUCT(ft);
status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
if (!NT_STATUS_IS_OK(status)) {
return;
}
if (SMB_VFS_STAT(handle->conn, smb_fname_tmp) != 0) {
DEBUG(0,("recycle: stat for %s returned %s\n",
smb_fname_str_dbg(smb_fname_tmp), strerror(errno)));
goto out;
}
/* atime */
ft.atime = timespec_current();
/* mtime */
ft.mtime = touch_mtime ? ft.atime : smb_fname_tmp->st.st_ex_mtime;
become_root();
ret = SMB_VFS_NEXT_NTIMES(handle, smb_fname_tmp, &ft);
err = errno;
unbecome_root();
if (ret == -1 ) {
DEBUG(0, ("recycle: touching %s failed, reason = %s\n",
smb_fname_str_dbg(smb_fname_tmp), strerror(err)));
}
out:
TALLOC_FREE(smb_fname_tmp);
}
mode_t unix_mode(connection_struct *conn, int dosmode,
const struct smb_filename *smb_fname,
const char *inherit_from_dir)
{
mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
mode_t dir_mode = 0; /* Mode of the inherit_from directory if
* inheriting. */
if (!lp_store_dos_attributes(SNUM(conn)) && IS_DOS_READONLY(dosmode)) {
result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
}
if ((inherit_from_dir != NULL) && lp_inherit_permissions(SNUM(conn))) {
struct smb_filename *smb_fname_parent;
DEBUG(2, ("unix_mode(%s) inheriting from %s\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir));
smb_fname_parent = synthetic_smb_fname(
talloc_tos(), inherit_from_dir, NULL, NULL);
if (smb_fname_parent == NULL) {
DEBUG(1,("unix_mode(%s) failed, [dir %s]: No memory\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir));
return(0);
}
if (SMB_VFS_STAT(conn, smb_fname_parent) != 0) {
DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir, strerror(errno)));
TALLOC_FREE(smb_fname_parent);
return(0); /* *** shouldn't happen! *** */
}
/* Save for later - but explicitly remove setuid bit for safety. */
dir_mode = smb_fname_parent->st.st_ex_mode & ~S_ISUID;
DEBUG(2,("unix_mode(%s) inherit mode %o\n",
smb_fname_str_dbg(smb_fname), (int)dir_mode));
/* Clear "result" */
result = 0;
TALLOC_FREE(smb_fname_parent);
}
if (IS_DOS_DIR(dosmode)) {
/* We never make directories read only for the owner as under DOS a user
can always create a file in a read-only directory. */
result |= (S_IFDIR | S_IWUSR);
if (dir_mode) {
/* Inherit mode of parent directory. */
result |= dir_mode;
} else {
/* Provisionally add all 'x' bits */
result |= (S_IXUSR | S_IXGRP | S_IXOTH);
/* Apply directory mask */
result &= lp_directory_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_directory_mode(SNUM(conn));
}
} else {
if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
result |= S_IXUSR;
if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
result |= S_IXGRP;
if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
result |= S_IXOTH;
if (dir_mode) {
/* Inherit 666 component of parent directory mode */
result |= dir_mode & (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
} else {
/* Apply mode mask */
result &= lp_create_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_create_mode(SNUM(conn));
}
}
DEBUG(3,("unix_mode(%s) returning 0%o\n", smb_fname_str_dbg(smb_fname),
(int)result));
return(result);
}
static int sys_acl_set_file_tdb(vfs_handle_struct *handle,
const char *path,
SMB_ACL_TYPE_T type,
SMB_ACL_T theacl)
{
struct db_context *db = acl_db;
int ret = -1;
struct smb_filename smb_fname = {
.base_name = discard_const_p(char, path)
};
ret = SMB_VFS_STAT(handle->conn, &smb_fname);
if (ret == -1) {
return -1;
}
ret = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle,
path,
type,
theacl);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &smb_fname.st);
return 0;
}
/*********************************************************************
Remove a Windows ACL - we're setting the underlying POSIX ACL.
*********************************************************************/
static int sys_acl_set_fd_tdb(vfs_handle_struct *handle,
files_struct *fsp,
SMB_ACL_T theacl)
{
struct db_context *db = acl_db;
NTSTATUS status;
int ret;
status = vfs_stat_fsp(fsp);
if (!NT_STATUS_IS_OK(status)) {
return -1;
}
ret = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle,
fsp,
theacl);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &fsp->fsp_name->st);
return 0;
}
static struct vfs_fn_pointers vfs_acl_tdb_fns = {
.connect_fn = connect_acl_tdb,
.disconnect_fn = disconnect_acl_tdb,
.rmdir_fn = rmdir_acl_tdb,
.unlink_fn = unlink_acl_tdb,
.chmod_fn = chmod_acl_module_common,
.fchmod_fn = fchmod_acl_module_common,
.fget_nt_acl_fn = fget_nt_acl_common,
.get_nt_acl_fn = get_nt_acl_common,
.fset_nt_acl_fn = fset_nt_acl_common,
.chmod_acl_fn = chmod_acl_acl_module_common,
.fchmod_acl_fn = fchmod_acl_acl_module_common,
.sys_acl_set_file_fn = sys_acl_set_file_tdb,
.sys_acl_set_fd_fn = sys_acl_set_fd_tdb
};
static_decl_vfs;
NTSTATUS vfs_acl_tdb_init(void)
{
return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "acl_tdb",
&vfs_acl_tdb_fns);
}
int file_set_dosmode(connection_struct *conn, const char *fname,
uint32 dosmode, SMB_STRUCT_STAT *st,
const char *parent_dir)
{
SMB_STRUCT_STAT st1;
int mask=0;
mode_t tmp;
mode_t unixmode;
int ret = -1;
/* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
dosmode &= SAMBA_ATTRIBUTES_MASK;
DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n", dosmode, fname));
if (st == NULL) {
SET_STAT_INVALID(st1);
st = &st1;
}
if (!VALID_STAT(*st)) {
if (SMB_VFS_STAT(conn,fname,st))
return(-1);
}
unixmode = st->st_mode;
get_acl_group_bits(conn, fname, &st->st_mode);
if (S_ISDIR(st->st_mode))
dosmode |= aDIR;
else
dosmode &= ~aDIR;
if (dos_mode(conn,fname,st) == dosmode) {
st->st_mode = unixmode;
return(0);
}
/* Store the DOS attributes in an EA by preference. */
if (set_ea_dos_attribute(conn, fname, st, dosmode)) {
st->st_mode = unixmode;
return 0;
}
unixmode = unix_mode(conn,dosmode,fname, parent_dir);
/* preserve the s bits */
mask |= (S_ISUID | S_ISGID);
/* preserve the t bit */
#ifdef S_ISVTX
mask |= S_ISVTX;
#endif
/* possibly preserve the x bits */
if (!MAP_ARCHIVE(conn))
mask |= S_IXUSR;
if (!MAP_SYSTEM(conn))
mask |= S_IXGRP;
if (!MAP_HIDDEN(conn))
mask |= S_IXOTH;
unixmode |= (st->st_mode & mask);
/* if we previously had any r bits set then leave them alone */
if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
unixmode |= tmp;
}
/* if we previously had any w bits set then leave them alone
whilst adding in the new w bits, if the new mode is not rdonly */
if (!IS_DOS_READONLY(dosmode)) {
unixmode |= (st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
}
if ((ret = SMB_VFS_CHMOD(conn,fname,unixmode)) == 0) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
st->st_mode = unixmode;
return 0;
}
if((errno != EPERM) && (errno != EACCES))
return -1;
if(!lp_dos_filemode(SNUM(conn)))
return -1;
/* We want DOS semantics, ie allow non owner with write permission to change the
bits on a file. Just like file_ntimes below.
*/
/* Check if we have write access. */
if (CAN_WRITE(conn)) {
/*
* We need to open the file with write access whilst
* still in our current user context. This ensures we
* are not violating security in doing the fchmod.
* This file open does *not* break any oplocks we are
* holding. We need to review this.... may need to
* break batch oplocks open by others. JRA.
*/
files_struct *fsp;
if (!NT_STATUS_IS_OK(open_file_fchmod(conn,fname,st,&fsp)))
return -1;
become_root();
ret = SMB_VFS_FCHMOD(fsp, fsp->fh->fd, unixmode);
unbecome_root();
close_file_fchmod(fsp);
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
if (ret == 0) {
st->st_mode = unixmode;
}
}
return( ret );
}
connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
int snum, user_struct *vuser,
DATA_BLOB password,
const char *pdev,
NTSTATUS *pstatus)
{
connection_struct *conn;
struct smb_filename *smb_fname_cpath = NULL;
fstring dev;
int ret;
char addr[INET6_ADDRSTRLEN];
bool on_err_call_dis_hook = false;
NTSTATUS status;
fstrcpy(dev, pdev);
if (NT_STATUS_IS_ERR(*pstatus = share_sanity_checks(snum, dev))) {
return NULL;
}
conn = conn_new(sconn);
if (!conn) {
DEBUG(0,("Couldn't find free connection.\n"));
*pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
return NULL;
}
conn->params->service = snum;
status = create_connection_server_info(sconn,
conn, snum, vuser ? vuser->server_info : NULL, password,
&conn->server_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("create_connection_server_info failed: %s\n",
nt_errstr(status)));
*pstatus = status;
conn_free(conn);
return NULL;
}
if ((lp_guest_only(snum)) || (lp_security() == SEC_SHARE)) {
conn->force_user = true;
}
add_session_user(sconn, conn->server_info->unix_name);
safe_strcpy(conn->client_address,
client_addr(get_client_fd(),addr,sizeof(addr)),
sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
conn->used = True;
conn->printer = (strncmp(dev,"LPT",3) == 0);
conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
( lp_enable_asu_support() && strequal(dev,"ADMIN$")) );
/* Case options for the share. */
if (lp_casesensitive(snum) == Auto) {
/* We will be setting this per packet. Set to be case
* insensitive for now. */
conn->case_sensitive = False;
} else {
conn->case_sensitive = (bool)lp_casesensitive(snum);
}
conn->case_preserve = lp_preservecase(snum);
conn->short_case_preserve = lp_shortpreservecase(snum);
conn->encrypt_level = lp_smb_encrypt(snum);
conn->veto_list = NULL;
conn->hide_list = NULL;
conn->veto_oplock_list = NULL;
conn->aio_write_behind_list = NULL;
conn->read_only = lp_readonly(SNUM(conn));
conn->admin_user = False;
if (*lp_force_user(snum)) {
/*
* Replace conn->server_info with a completely faked up one
* from the username we are forced into :-)
*/
char *fuser;
struct auth_serversupplied_info *forced_serverinfo;
fuser = talloc_string_sub(conn, lp_force_user(snum), "%S",
lp_servicename(snum));
if (fuser == NULL) {
conn_free(conn);
*pstatus = NT_STATUS_NO_MEMORY;
return NULL;
}
status = make_serverinfo_from_username(
conn, fuser, conn->server_info->guest,
&forced_serverinfo);
if (!NT_STATUS_IS_OK(status)) {
conn_free(conn);
*pstatus = status;
return NULL;
}
TALLOC_FREE(conn->server_info);
conn->server_info = forced_serverinfo;
conn->force_user = True;
DEBUG(3,("Forced user %s\n", fuser));
}
/*
* If force group is true, then override
* any groupid stored for the connecting user.
*/
if (*lp_force_group(snum)) {
status = find_forced_group(
conn->force_user, snum, conn->server_info->unix_name,
&conn->server_info->ptok->user_sids[1],
&conn->server_info->utok.gid);
if (!NT_STATUS_IS_OK(status)) {
conn_free(conn);
*pstatus = status;
return NULL;
}
/*
* We need to cache this gid, to use within
* change_to_user() separately from the conn->server_info
* struct. We only use conn->server_info directly if
* "force_user" was set.
*/
conn->force_group_gid = conn->server_info->utok.gid;
}
conn->vuid = (vuser != NULL) ? vuser->vuid : UID_FIELD_INVALID;
{
char *s = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
conn->server_info->unix_name,
conn->connectpath,
conn->server_info->utok.gid,
conn->server_info->sanitized_username,
pdb_get_domain(conn->server_info->sam_account),
lp_pathname(snum));
if (!s) {
conn_free(conn);
*pstatus = NT_STATUS_NO_MEMORY;
return NULL;
}
if (!set_conn_connectpath(conn,s)) {
TALLOC_FREE(s);
conn_free(conn);
*pstatus = NT_STATUS_NO_MEMORY;
return NULL;
}
DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
lp_servicename(snum)));
TALLOC_FREE(s);
}
/*
* New code to check if there's a share security descripter
* added from NT server manager. This is done after the
* smb.conf checks are done as we need a uid and token. JRA.
*
*/
{
bool can_write = False;
can_write = share_access_check(conn->server_info->ptok,
lp_servicename(snum),
FILE_WRITE_DATA);
if (!can_write) {
if (!share_access_check(conn->server_info->ptok,
lp_servicename(snum),
FILE_READ_DATA)) {
/* No access, read or write. */
DEBUG(0,("make_connection: connection to %s "
"denied due to security "
"descriptor.\n",
lp_servicename(snum)));
conn_free(conn);
*pstatus = NT_STATUS_ACCESS_DENIED;
return NULL;
} else {
conn->read_only = True;
}
}
}
/* Initialise VFS function pointers */
if (!smbd_vfs_init(conn)) {
DEBUG(0, ("vfs_init failed for service %s\n",
lp_servicename(snum)));
conn_free(conn);
*pstatus = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
/*
* If widelinks are disallowed we need to canonicalise the connect
* path here to ensure we don't have any symlinks in the
* connectpath. We will be checking all paths on this connection are
* below this directory. We must do this after the VFS init as we
* depend on the realpath() pointer in the vfs table. JRA.
*/
if (!lp_widelinks(snum)) {
if (!canonicalize_connect_path(conn)) {
DEBUG(0, ("canonicalize_connect_path failed "
"for service %s, path %s\n",
lp_servicename(snum),
conn->connectpath));
conn_free(conn);
*pstatus = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
}
if ((!conn->printer) && (!conn->ipc)) {
conn->notify_ctx = notify_init(conn, server_id_self(),
smbd_messaging_context(),
smbd_event_context(),
conn);
}
/* ROOT Activities: */
/*
* Enforce the max connections parameter.
*/
if ((lp_max_connections(snum) > 0)
&& (count_current_connections(lp_servicename(SNUM(conn)), True) >=
lp_max_connections(snum))) {
DEBUG(1, ("Max connections (%d) exceeded for %s\n",
lp_max_connections(snum), lp_servicename(snum)));
conn_free(conn);
*pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
return NULL;
}
/*
* Get us an entry in the connections db
*/
if (!claim_connection(conn, lp_servicename(snum), 0)) {
DEBUG(1, ("Could not store connections entry\n"));
conn_free(conn);
*pstatus = NT_STATUS_INTERNAL_DB_ERROR;
return NULL;
}
/* Preexecs are done here as they might make the dir we are to ChDir
* to below */
/* execute any "root preexec = " line */
if (*lp_rootpreexec(snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
conn->server_info->unix_name,
conn->connectpath,
conn->server_info->utok.gid,
conn->server_info->sanitized_username,
pdb_get_domain(conn->server_info->sam_account),
lp_rootpreexec(snum));
DEBUG(5,("cmd=%s\n",cmd));
ret = smbrun(cmd,NULL);
TALLOC_FREE(cmd);
if (ret != 0 && lp_rootpreexec_close(snum)) {
DEBUG(1,("root preexec gave %d - failing "
"connection\n", ret));
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*pstatus = NT_STATUS_ACCESS_DENIED;
return NULL;
}
}
/* USER Activites: */
if (!change_to_user(conn, conn->vuid)) {
/* No point continuing if they fail the basic checks */
DEBUG(0,("Can't become connected user!\n"));
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*pstatus = NT_STATUS_LOGON_FAILURE;
return NULL;
}
/* Remember that a different vuid can connect later without these
* checks... */
/* Preexecs are done here as they might make the dir we are to ChDir
* to below */
/* execute any "preexec = " line */
if (*lp_preexec(snum)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_servicename(SNUM(conn)),
conn->server_info->unix_name,
conn->connectpath,
conn->server_info->utok.gid,
conn->server_info->sanitized_username,
pdb_get_domain(conn->server_info->sam_account),
lp_preexec(snum));
ret = smbrun(cmd,NULL);
TALLOC_FREE(cmd);
if (ret != 0 && lp_preexec_close(snum)) {
DEBUG(1,("preexec gave %d - failing connection\n",
ret));
*pstatus = NT_STATUS_ACCESS_DENIED;
goto err_root_exit;
}
}
#ifdef WITH_FAKE_KASERVER
if (lp_afs_share(snum)) {
afs_login(conn);
}
#endif
/* Add veto/hide lists */
if (!IS_IPC(conn) && !IS_PRINT(conn)) {
set_namearray( &conn->veto_list, lp_veto_files(snum));
set_namearray( &conn->hide_list, lp_hide_files(snum));
set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(snum));
set_namearray( &conn->aio_write_behind_list,
lp_aio_write_behind(snum));
}
/* Invoke VFS make connection hook - do this before the VFS_STAT call
to allow any filesystems needing user credentials to initialize
themselves. */
if (SMB_VFS_CONNECT(conn, lp_servicename(snum),
conn->server_info->unix_name) < 0) {
DEBUG(0,("make_connection: VFS make connection failed!\n"));
*pstatus = NT_STATUS_UNSUCCESSFUL;
goto err_root_exit;
}
/* Any error exit after here needs to call the disconnect hook. */
on_err_call_dis_hook = true;
status = create_synthetic_smb_fname(talloc_tos(), conn->connectpath,
NULL, NULL, &smb_fname_cpath);
if (!NT_STATUS_IS_OK(status)) {
*pstatus = status;
goto err_root_exit;
}
/* win2000 does not check the permissions on the directory
during the tree connect, instead relying on permission
check during individual operations. To match this behaviour
I have disabled this chdir check (tridge) */
/* the alternative is just to check the directory exists */
if ((ret = SMB_VFS_STAT(conn, smb_fname_cpath)) != 0 ||
!S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
if (ret == 0 && !S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
DEBUG(0,("'%s' is not a directory, when connecting to "
"[%s]\n", conn->connectpath,
lp_servicename(snum)));
} else {
DEBUG(0,("'%s' does not exist or permission denied "
"when connecting to [%s] Error was %s\n",
conn->connectpath, lp_servicename(snum),
strerror(errno) ));
}
*pstatus = NT_STATUS_BAD_NETWORK_NAME;
goto err_root_exit;
}
string_set(&conn->origpath,conn->connectpath);
#if SOFTLINK_OPTIMISATION
/* resolve any soft links early if possible */
if (vfs_ChDir(conn,conn->connectpath) == 0) {
TALLOC_CTX *ctx = talloc_tos();
char *s = vfs_GetWd(ctx,s);
if (!s) {
*status = map_nt_error_from_unix(errno);
goto err_root_exit;
}
if (!set_conn_connectpath(conn,s)) {
*status = NT_STATUS_NO_MEMORY;
goto err_root_exit;
}
vfs_ChDir(conn,conn->connectpath);
}
#endif
if (lp_unix_extensions() && lp_widelinks(snum)) {
DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
"These parameters are incompatible. "
"Disabling wide links for this share.\n",
lp_servicename(snum) ));
lp_do_parameter(snum, "wide links", "False");
}
/* Figure out the characteristics of the underlying filesystem. This
* assumes that all the filesystem mounted withing a share path have
* the same characteristics, which is likely but not guaranteed.
*/
conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn, &conn->ts_res);
/*
* Print out the 'connected as' stuff here as we need
* to know the effective uid and gid we will be using
* (at least initially).
*/
if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
dbgtext( "%s (%s) ", get_remote_machine_name(),
conn->client_address );
dbgtext( "%s", srv_is_signing_active(smbd_server_conn) ? "signed " : "");
dbgtext( "connect to service %s ", lp_servicename(snum) );
dbgtext( "initially as user %s ",
conn->server_info->unix_name );
dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
}
/* we've finished with the user stuff - go back to root */
change_to_root_user();
return(conn);
err_root_exit:
TALLOC_FREE(smb_fname_cpath);
change_to_root_user();
if (on_err_call_dis_hook) {
/* Call VFS disconnect hook */
SMB_VFS_DISCONNECT(conn);
}
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
return NULL;
}
static struct tevent_req *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
struct files_struct *fsp,
uint8_t in_info_type,
uint8_t in_file_info_class,
uint32_t in_output_buffer_length,
DATA_BLOB in_input_buffer,
uint32_t in_additional_information,
uint32_t in_flags)
{
struct tevent_req *req;
struct smbd_smb2_getinfo_state *state;
struct smb_request *smbreq;
connection_struct *conn = smb2req->tcon->compat;
NTSTATUS status;
req = tevent_req_create(mem_ctx, &state,
struct smbd_smb2_getinfo_state);
if (req == NULL) {
return NULL;
}
state->smb2req = smb2req;
state->status = NT_STATUS_OK;
state->out_output_buffer = data_blob_null;
DEBUG(10,("smbd_smb2_getinfo_send: %s - %s\n",
fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
smbreq = smbd_smb2_fake_smb_request(smb2req);
if (tevent_req_nomem(smbreq, req)) {
return tevent_req_post(req, ev);
}
if (IS_IPC(conn)) {
smb2_ipc_getinfo(req, state, ev,
in_info_type, in_file_info_class);
return tevent_req_post(req, ev);
}
switch (in_info_type) {
case SMB2_GETINFO_FILE:
{
uint16_t file_info_level;
char *data = NULL;
unsigned int data_size = 0;
bool delete_pending = false;
struct timespec write_time_ts;
struct file_id fileid;
struct ea_list *ea_list = NULL;
int lock_data_count = 0;
char *lock_data = NULL;
size_t fixed_portion;
ZERO_STRUCT(write_time_ts);
switch (in_file_info_class) {
case 0x0F:/* RAW_FILEINFO_SMB2_ALL_EAS */
file_info_level = 0xFF00 | in_file_info_class;
break;
case 0x12:/* RAW_FILEINFO_SMB2_ALL_INFORMATION */
file_info_level = 0xFF00 | in_file_info_class;
break;
default:
/* the levels directly map to the passthru levels */
file_info_level = in_file_info_class + 1000;
break;
}
if (fsp->fake_file_handle) {
/*
* This is actually for the QUOTA_FAKE_FILE --metze
*/
/* We know this name is ok, it's already passed the checks. */
} else if (fsp->fh->fd == -1) {
/*
* This is actually a QFILEINFO on a directory
* handle (returned from an NT SMB). NT5.0 seems
* to do this call. JRA.
*/
if (INFO_LEVEL_IS_UNIX(file_info_level)) {
/* Always do lstat for UNIX calls. */
if (SMB_VFS_LSTAT(conn, fsp->fsp_name)) {
DEBUG(3,("smbd_smb2_getinfo_send: "
"SMB_VFS_LSTAT of %s failed "
"(%s)\n", fsp_str_dbg(fsp),
strerror(errno)));
status = map_nt_error_from_unix(errno);
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
} else if (SMB_VFS_STAT(conn, fsp->fsp_name)) {
DEBUG(3,("smbd_smb2_getinfo_send: "
"SMB_VFS_STAT of %s failed (%s)\n",
fsp_str_dbg(fsp),
strerror(errno)));
status = map_nt_error_from_unix(errno);
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
fileid = vfs_file_id_from_sbuf(conn,
&fsp->fsp_name->st);
get_file_infos(fileid, fsp->name_hash,
&delete_pending, &write_time_ts);
} else {
/*
* Original code - this is an open file.
*/
if (SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st) != 0) {
DEBUG(3, ("smbd_smb2_getinfo_send: "
"fstat of %s failed (%s)\n",
fsp_fnum_dbg(fsp), strerror(errno)));
status = map_nt_error_from_unix(errno);
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
fileid = vfs_file_id_from_sbuf(conn,
&fsp->fsp_name->st);
get_file_infos(fileid, fsp->name_hash,
&delete_pending, &write_time_ts);
}
status = smbd_do_qfilepathinfo(conn, state,
file_info_level,
fsp,
fsp->fsp_name,
delete_pending,
write_time_ts,
ea_list,
lock_data_count,
lock_data,
STR_UNICODE,
in_output_buffer_length,
&fixed_portion,
&data,
&data_size);
if (!NT_STATUS_IS_OK(status)) {
SAFE_FREE(data);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL)) {
status = NT_STATUS_INVALID_INFO_CLASS;
}
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
if (in_output_buffer_length < fixed_portion) {
SAFE_FREE(data);
tevent_req_nterror(
req, NT_STATUS_INFO_LENGTH_MISMATCH);
return tevent_req_post(req, ev);
}
if (data_size > 0) {
state->out_output_buffer = data_blob_talloc(state,
data,
data_size);
SAFE_FREE(data);
if (tevent_req_nomem(state->out_output_buffer.data, req)) {
return tevent_req_post(req, ev);
}
if (data_size > in_output_buffer_length) {
state->out_output_buffer.length =
in_output_buffer_length;
status = STATUS_BUFFER_OVERFLOW;
}
}
SAFE_FREE(data);
break;
}
case SMB2_GETINFO_FS:
{
uint16_t file_info_level;
char *data = NULL;
int data_size = 0;
size_t fixed_portion;
/* the levels directly map to the passthru levels */
file_info_level = in_file_info_class + 1000;
status = smbd_do_qfsinfo(conn, state,
file_info_level,
STR_UNICODE,
in_output_buffer_length,
&fixed_portion,
fsp->fsp_name,
&data,
&data_size);
/* some responses set STATUS_BUFFER_OVERFLOW and return
partial, but valid data */
if (!(NT_STATUS_IS_OK(status) ||
NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW))) {
SAFE_FREE(data);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL)) {
status = NT_STATUS_INVALID_INFO_CLASS;
}
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
if (in_output_buffer_length < fixed_portion) {
SAFE_FREE(data);
tevent_req_nterror(
req, NT_STATUS_INFO_LENGTH_MISMATCH);
return tevent_req_post(req, ev);
}
if (data_size > 0) {
state->out_output_buffer = data_blob_talloc(state,
data,
data_size);
SAFE_FREE(data);
if (tevent_req_nomem(state->out_output_buffer.data, req)) {
return tevent_req_post(req, ev);
}
if (data_size > in_output_buffer_length) {
state->out_output_buffer.length =
in_output_buffer_length;
status = STATUS_BUFFER_OVERFLOW;
}
}
SAFE_FREE(data);
break;
}
case SMB2_GETINFO_SECURITY:
{
uint8_t *p_marshalled_sd = NULL;
size_t sd_size = 0;
status = smbd_do_query_security_desc(conn,
state,
fsp,
/* Security info wanted. */
in_additional_information &
SMB_SUPPORTED_SECINFO_FLAGS,
in_output_buffer_length,
&p_marshalled_sd,
&sd_size);
if (NT_STATUS_EQUAL(status, NT_STATUS_BUFFER_TOO_SMALL)) {
/* Return needed size. */
state->out_output_buffer = data_blob_talloc(state,
NULL,
4);
if (tevent_req_nomem(state->out_output_buffer.data, req)) {
return tevent_req_post(req, ev);
}
SIVAL(state->out_output_buffer.data,0,(uint32_t)sd_size);
state->status = NT_STATUS_BUFFER_TOO_SMALL;
break;
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("smbd_smb2_getinfo_send: "
"smbd_do_query_security_desc of %s failed "
"(%s)\n", fsp_str_dbg(fsp),
nt_errstr(status)));
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
if (sd_size > 0) {
state->out_output_buffer = data_blob_talloc(state,
p_marshalled_sd,
sd_size);
if (tevent_req_nomem(state->out_output_buffer.data, req)) {
return tevent_req_post(req, ev);
}
}
break;
}
case SMB2_GETINFO_QUOTA:
tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
return tevent_req_post(req, ev);
default:
DEBUG(10,("smbd_smb2_getinfo_send: "
"unknown in_info_type of %u "
" for file %s\n",
(unsigned int)in_info_type,
fsp_str_dbg(fsp) ));
tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
return tevent_req_post(req, ev);
}
state->status = status;
tevent_req_done(req);
return tevent_req_post(req, ev);
}
