static int atalk_chmod(struct vfs_handle_struct *handle, struct connection_struct *conn, const char *path, mode_t mode) { int ret = 0; char *adbl_path = 0; char *orig_path = 0; SMB_STRUCT_STAT adbl_info; SMB_STRUCT_STAT orig_info; TALLOC_CTX *ctx; ret = SMB_VFS_NEXT_CHMOD(handle, conn, path, mode); if (!conn || !path) return ret; if (!(ctx = talloc_init("chmod_file"))) return ret; if (atalk_build_paths(ctx, conn->origpath, path, &adbl_path, &orig_path, &adbl_info, &orig_info) != 0) return ret; if (!S_ISDIR(orig_info.st_mode) && !S_ISREG(orig_info.st_mode)) { DEBUG(3, ("ATALK: %s has passed..\n", orig_path)); goto exit_chmod; } chmod(adbl_path, ADOUBLEMODE); exit_chmod: talloc_destroy(ctx); return ret; }
static int chmod_acl_module_common(struct vfs_handle_struct *handle, const char *path, mode_t mode) { if (lp_posix_pathnames()) { /* Only allow this on POSIX pathnames. */ return SMB_VFS_NEXT_CHMOD(handle, path, mode); } return 0; }
static int audit_chmod(vfs_handle_struct *handle, const char *path, mode_t mode) { int result; result = SMB_VFS_NEXT_CHMOD(handle, path, mode); syslog(audit_syslog_priority(handle), "chmod %s mode 0x%x %s%s\n", path, mode, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); return result; }
static int audit_chmod(vfs_handle_struct *handle, const struct smb_filename *smb_fname, mode_t mode) { int result; result = SMB_VFS_NEXT_CHMOD(handle, smb_fname, mode); syslog(audit_syslog_priority(handle), "chmod %s mode 0x%x %s%s\n", smb_fname->base_name, mode, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); return result; }
static int audit_chmod(vfs_handle_struct *handle, const char *path, mode_t mode) { int result; result = SMB_VFS_NEXT_CHMOD(handle, path, mode); if (lp_syslog() > 0) { syslog(audit_syslog_priority(handle), "chmod %s mode 0x%x %s%s\n", path, mode, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : ""); } DEBUG(1, ("vfs_extd_audit: chmod %s mode 0x%x %s %s\n", path, (unsigned int)mode, (result < 0) ? "failed: " : "", (result < 0) ? strerror(errno) : "")); return result; }
static int atalk_chmod(struct vfs_handle_struct *handle, const struct smb_filename *smb_fname, mode_t mode) { int ret = 0; int ret1 = 0; char *adbl_path = 0; char *orig_path = 0; SMB_STRUCT_STAT adbl_info; SMB_STRUCT_STAT orig_info; TALLOC_CTX *ctx; ret = SMB_VFS_NEXT_CHMOD(handle, smb_fname, mode); if (!(ctx = talloc_init("chmod_file"))) return ret; ret1 = atalk_build_paths(ctx, handle->conn->cwd, smb_fname->base_name, &adbl_path, &orig_path, &adbl_info, &orig_info); if (ret1 != 0) { goto exit_chmod; } if (!S_ISDIR(orig_info.st_ex_mode) && !S_ISREG(orig_info.st_ex_mode)) { DEBUG(3, ("ATALK: %s has passed..\n", orig_path)); goto exit_chmod; } chmod(adbl_path, ADOUBLEMODE); exit_chmod: talloc_destroy(ctx); return ret; }
static int skel_chmod(vfs_handle_struct *handle, const char *path, mode_t mode) { return SMB_VFS_NEXT_CHMOD(handle, path, mode); }
static int cap_chmod(vfs_handle_struct *handle, connection_struct *conn, const char *path, mode_t mode) { pstring cappath; capencode(cappath, path); return SMB_VFS_NEXT_CHMOD(handle, conn, cappath, mode); }
static NTSTATUS nfs4acl_xattr_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd) { struct nfs4acl_config *config = NULL; const struct security_token *token = NULL; mode_t existing_mode; mode_t expected_mode; mode_t restored_mode; bool chown_needed = false; NTSTATUS status; int ret; SMB_VFS_HANDLE_GET_DATA(handle, config, struct nfs4acl_config, return NT_STATUS_INTERNAL_ERROR); if (!VALID_STAT(fsp->fsp_name->st)) { DBG_ERR("Invalid stat info on [%s]\n", fsp_str_dbg(fsp)); return NT_STATUS_INTERNAL_ERROR; } existing_mode = fsp->fsp_name->st.st_ex_mode; if (S_ISDIR(existing_mode)) { expected_mode = 0777; } else { expected_mode = 0666; } if ((existing_mode & expected_mode) != expected_mode) { int saved_errno = 0; restored_mode = existing_mode | expected_mode; become_root(); if (fsp->fh->fd != -1) { ret = SMB_VFS_NEXT_FCHMOD(handle, fsp, restored_mode); } else { ret = SMB_VFS_NEXT_CHMOD(handle, fsp->fsp_name, restored_mode); } if (ret != 0) { saved_errno = errno; } unbecome_root(); if (saved_errno != 0) { errno = saved_errno; } if (ret != 0) { DBG_ERR("Resetting POSIX mode on [%s] from [0%o]: %s\n", fsp_str_dbg(fsp), existing_mode, strerror(errno)); return map_nt_error_from_unix(errno); } } status = smb_set_nt_acl_nfs4(handle, fsp, &config->nfs4_params, security_info_sent, psd, nfs4acl_smb4acl_set_fn); if (NT_STATUS_IS_OK(status)) { return NT_STATUS_OK; } /* * We got access denied. If we're already root, or we didn't * need to do a chown, or the fsp isn't open with WRITE_OWNER * access, just return. */ if ((security_info_sent & SECINFO_OWNER) && (psd->owner_sid != NULL)) { chown_needed = true; } if ((security_info_sent & SECINFO_GROUP) && (psd->group_sid != NULL)) { chown_needed = true; } if (get_current_uid(handle->conn) == 0 || chown_needed == false || !(fsp->access_mask & SEC_STD_WRITE_OWNER)) { return NT_STATUS_ACCESS_DENIED; } /* * Only allow take-ownership, not give-ownership. That's the way Windows * implements SEC_STD_WRITE_OWNER. MS-FSA 2.1.5.16 just states: If * InputBuffer.OwnerSid is not a valid owner SID for a file in the * objectstore, as determined in an implementation specific manner, the * object store MUST return STATUS_INVALID_OWNER. */ token = get_current_nttok(fsp->conn); if (!security_token_is_sid(token, psd->owner_sid)) { return NT_STATUS_INVALID_OWNER; } DBG_DEBUG("overriding chown on file %s for sid %s\n", fsp_str_dbg(fsp), sid_string_tos(psd->owner_sid)); become_root(); status = smb_set_nt_acl_nfs4(handle, fsp, &config->nfs4_params, security_info_sent, psd, nfs4acl_smb4acl_set_fn); unbecome_root(); return status; }