void close_cnum(connection_struct *conn, uint16 vuid) { if (IS_IPC(conn)) { pipe_close_conn(conn); } else { file_close_conn(conn); dptr_closecnum(conn); } change_to_root_user(); DEBUG(IS_IPC(conn)?3:1, ("%s (%s) closed connection to service %s\n", get_remote_machine_name(), conn->client_address, lp_servicename(SNUM(conn)))); /* Call VFS disconnect hook */ SMB_VFS_DISCONNECT(conn); yield_connection(conn, lp_servicename(SNUM(conn))); /* make sure we leave the directory available for unmount */ vfs_ChDir(conn, "/"); /* execute any "postexec = " line */ if (*lp_postexec(SNUM(conn)) && change_to_user(conn, vuid)) { pstring cmd; pstrcpy(cmd,lp_postexec(SNUM(conn))); standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, cmd, sizeof(cmd)); smbrun(cmd,NULL); change_to_root_user(); } change_to_root_user(); /* execute any "root postexec = " line */ if (*lp_rootpostexec(SNUM(conn))) { pstring cmd; pstrcpy(cmd,lp_rootpostexec(SNUM(conn))); standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, cmd, sizeof(cmd)); smbrun(cmd,NULL); } conn_free(conn); }
/* * Any Postgres server process begins execution here. */ int main(int argc, char *argv[]) { progname = get_progname(argv[0]); /* * Platform-specific startup hacks */ startup_hacks(progname); /* * Remember the physical location of the initially given argv[] array for * possible use by ps display. On some platforms, the argv[] storage must * be overwritten in order to set the process title for ps. In such cases * save_ps_display_args makes and returns a new copy of the argv[] array. * * save_ps_display_args may also move the environment strings to make * extra room. Therefore this should be done as early as possible during * startup, to avoid entanglements with code that might save a getenv() * result pointer. */ argv = save_ps_display_args(argc, argv); /* * If supported on the current platform, set up a handler to be called if * the backend/postmaster crashes with a fatal signal or exception. */ #if defined(WIN32) && defined(HAVE_MINIDUMP_TYPE) pgwin32_install_crashdump_handler(); #endif /* * Set up locale information from environment. Note that LC_CTYPE and * LC_COLLATE will be overridden later from pg_control if we are in an * already-initialized database. We set them here so that they will be * available to fill pg_control during initdb. LC_MESSAGES will get set * later during GUC option processing, but we set it here to allow startup * error messages to be localized. */ set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("postgres")); #ifdef WIN32 /* * Windows uses codepages rather than the environment, so we work around * that by querying the environment explicitly first for LC_COLLATE and * LC_CTYPE. We have to do this because initdb passes those values in the * environment. If there is nothing there we fall back on the codepage. */ { char *env_locale; if ((env_locale = getenv("LC_COLLATE")) != NULL) pg_perm_setlocale(LC_COLLATE, env_locale); else pg_perm_setlocale(LC_COLLATE, ""); if ((env_locale = getenv("LC_CTYPE")) != NULL) pg_perm_setlocale(LC_CTYPE, env_locale); else pg_perm_setlocale(LC_CTYPE, ""); } #else pg_perm_setlocale(LC_COLLATE, ""); pg_perm_setlocale(LC_CTYPE, ""); #endif #ifdef LC_MESSAGES pg_perm_setlocale(LC_MESSAGES, ""); #endif /* * We keep these set to "C" always, except transiently in pg_locale.c; see * that file for explanations. */ pg_perm_setlocale(LC_MONETARY, "C"); pg_perm_setlocale(LC_NUMERIC, "C"); pg_perm_setlocale(LC_TIME, "C"); /* * Now that we have absorbed as much as we wish to from the locale * environment, remove any LC_ALL setting, so that the environment * variables installed by pg_perm_setlocale have force. */ unsetenv("LC_ALL"); /* * Catch standard options before doing much else */ if (argc > 1) { if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0) { help(progname); exit(0); } if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0) { puts("postgres (PostgreSQL) " PG_VERSION); exit(0); } } /* * Make sure we are not running as root. */ check_root(progname); /* * Dispatch to one of various subprograms depending on first argument. */ #ifdef EXEC_BACKEND if (argc > 1 && strncmp(argv[1], "--fork", 6) == 0) exit(SubPostmasterMain(argc, argv)); #endif #ifdef WIN32 /* * Start our win32 signal implementation * * SubPostmasterMain() will do this for itself, but the remaining modes * need it here */ pgwin32_signal_initialize(); #endif if (argc > 1 && strcmp(argv[1], "--boot") == 0) AuxiliaryProcessMain(argc, argv); /* does not return */ if (argc > 1 && strcmp(argv[1], "--describe-config") == 0) exit(GucInfoMain()); if (argc > 1 && strcmp(argv[1], "--single") == 0) exit(PostgresMain(argc, argv, get_current_username(progname))); exit(PostmasterMain(argc, argv)); }
/**************************************************************************** Run a given print command a null terminated list of value/substitute pairs is provided for local substitution strings ****************************************************************************/ static int print_run_command(int snum, const char* printername, bool do_sub, const char *command, int *outfd, ...) { char *syscmd; char *arg; int ret; TALLOC_CTX *ctx = talloc_tos(); va_list ap; va_start(ap, outfd); /* check for a valid system printername and valid command to run */ if ( !printername || !*printername ) { va_end(ap); return -1; } if (!command || !*command) { va_end(ap); return -1; } syscmd = talloc_strdup(ctx, command); if (!syscmd) { va_end(ap); return -1; } while ((arg = va_arg(ap, char *))) { char *value = va_arg(ap,char *); syscmd = talloc_string_sub(ctx, syscmd, arg, value); if (!syscmd) { va_end(ap); return -1; } } va_end(ap); syscmd = talloc_string_sub(ctx, syscmd, "%p", printername); if (!syscmd) { return -1; } if (do_sub && snum != -1) { syscmd = talloc_sub_advanced(ctx, lp_servicename(talloc_tos(), snum), current_user_info.unix_name, "", current_user.ut.gid, get_current_username(), current_user_info.domain, syscmd); if (!syscmd) { return -1; } } ret = smbrun_no_sanitize(syscmd,outfd); DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret)); return ret; }
static connection_struct *make_connection_snum(int snum, user_struct *vuser, DATA_BLOB password, const char *pdev, NTSTATUS *status) { struct passwd *pass = NULL; BOOL guest = False; connection_struct *conn; SMB_STRUCT_STAT st; fstring user; fstring dev; int ret; struct timespec atime_ts, mtime_ts, ctime_ts; *user = 0; fstrcpy(dev, pdev); SET_STAT_INVALID(st); if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) { return NULL; } conn = conn_new(); if (!conn) { DEBUG(0,("Couldn't find free connection.\n")); *status = NT_STATUS_INSUFFICIENT_RESOURCES; return NULL; } conn->params->service = snum; conn->nt_user_token = NULL; if (lp_guest_only(snum)) { const char *guestname = lp_guestaccount(); NTSTATUS status2; char *found_username = NULL; guest = True; pass = getpwnam_alloc(NULL, guestname); if (!pass) { DEBUG(0,("make_connection_snum: Invalid guest " "account %s??\n",guestname)); conn_free(conn); *status = NT_STATUS_NO_SUCH_USER; return NULL; } status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True, &conn->uid, &conn->gid, &found_username, &conn->nt_user_token); if (!NT_STATUS_IS_OK(status2)) { TALLOC_FREE(pass); conn_free(conn); *status = status2; return NULL; } fstrcpy(user, found_username); string_set(&conn->user,user); conn->force_user = True; TALLOC_FREE(found_username); TALLOC_FREE(pass); DEBUG(3,("Guest only user %s\n",user)); } else if (vuser) { if (vuser->guest) { if (!lp_guest_ok(snum)) { DEBUG(2, ("guest user (from session setup) " "not permitted to access this share " "(%s)\n", lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } } else { if (!user_ok_token(vuser->user.unix_name, vuser->nt_user_token, snum)) { DEBUG(2, ("user '%s' (from session setup) not " "permitted to access this share " "(%s)\n", vuser->user.unix_name, lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } } conn->vuid = vuser->vuid; conn->uid = vuser->uid; conn->gid = vuser->gid; string_set(&conn->user,vuser->user.unix_name); fstrcpy(user,vuser->user.unix_name); guest = vuser->guest; } else if (lp_security() == SEC_SHARE) { NTSTATUS status2; char *found_username = NULL; /* add it as a possible user name if we are in share mode security */ add_session_user(lp_servicename(snum)); /* shall we let them in? */ if (!authorise_login(snum,user,password,&guest)) { DEBUG( 2, ( "Invalid username/password for [%s]\n", lp_servicename(snum)) ); conn_free(conn); *status = NT_STATUS_WRONG_PASSWORD; return NULL; } pass = Get_Pwnam(user); status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True, &conn->uid, &conn->gid, &found_username, &conn->nt_user_token); if (!NT_STATUS_IS_OK(status2)) { conn_free(conn); *status = status2; return NULL; } fstrcpy(user, found_username); string_set(&conn->user,user); TALLOC_FREE(found_username); conn->force_user = True; } else { DEBUG(0, ("invalid VUID (vuser) but not in security=share\n")); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } add_session_user(user); safe_strcpy(conn->client_address, client_addr(), sizeof(conn->client_address)-1); conn->num_files_open = 0; conn->lastused = conn->lastused_count = time(NULL); conn->used = True; conn->printer = (strncmp(dev,"LPT",3) == 0); conn->ipc = ( (strncmp(dev,"IPC",3) == 0) || ( lp_enable_asu_support() && strequal(dev,"ADMIN$")) ); conn->dirptr = NULL; /* Case options for the share. */ if (lp_casesensitive(snum) == Auto) { /* We will be setting this per packet. Set to be case * insensitive for now. */ conn->case_sensitive = False; } else { conn->case_sensitive = (BOOL)lp_casesensitive(snum); } conn->case_preserve = lp_preservecase(snum); conn->short_case_preserve = lp_shortpreservecase(snum); conn->veto_list = NULL; conn->hide_list = NULL; conn->veto_oplock_list = NULL; conn->aio_write_behind_list = NULL; string_set(&conn->dirpath,""); string_set(&conn->user,user); conn->read_only = lp_readonly(SNUM(conn)); conn->admin_user = False; /* * If force user is true, then store the given userid and the gid of * the user we're forcing. * For auxiliary groups see below. */ if (*lp_force_user(snum)) { NTSTATUS status2; status2 = find_forced_user(conn, (vuser != NULL) && vuser->guest, user); if (!NT_STATUS_IS_OK(status2)) { conn_free(conn); *status = status2; return NULL; } string_set(&conn->user,user); conn->force_user = True; DEBUG(3,("Forced user %s\n",user)); } /* * If force group is true, then override * any groupid stored for the connecting user. */ if (*lp_force_group(snum)) { NTSTATUS status2; DOM_SID group_sid; status2 = find_forced_group(conn->force_user, snum, user, &group_sid, &conn->gid); if (!NT_STATUS_IS_OK(status2)) { conn_free(conn); *status = status2; return NULL; } if ((conn->nt_user_token == NULL) && (vuser != NULL)) { /* Not force user and not security=share, but force * group. vuser has a token to copy */ conn->nt_user_token = dup_nt_token( NULL, vuser->nt_user_token); if (conn->nt_user_token == NULL) { DEBUG(0, ("dup_nt_token failed\n")); conn_free(conn); *status = NT_STATUS_NO_MEMORY; return NULL; } } /* If conn->nt_user_token is still NULL, we have * security=share. This means ignore the SID, as we had no * vuser to copy from */ if (conn->nt_user_token != NULL) { /* Overwrite the primary group sid */ sid_copy(&conn->nt_user_token->user_sids[1], &group_sid); } conn->force_group = True; } if (conn->nt_user_token != NULL) { size_t i; /* We have a share-specific token from force [user|group]. * This means we have to create the list of unix groups from * the list of sids. */ conn->ngroups = 0; conn->groups = NULL; for (i=0; i<conn->nt_user_token->num_sids; i++) { gid_t gid; DOM_SID *sid = &conn->nt_user_token->user_sids[i]; if (!sid_to_gid(sid, &gid)) { DEBUG(10, ("Could not convert SID %s to gid, " "ignoring it\n", sid_string_static(sid))); continue; } if (!add_gid_to_array_unique(conn->mem_ctx, gid, &conn->groups, &conn->ngroups)) { DEBUG(0, ("add_gid_to_array_unique failed\n")); conn_free(conn); *status = NT_STATUS_NO_MEMORY; return NULL; } } } { pstring s; pstrcpy(s,lp_pathname(snum)); standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, s, sizeof(s)); if (s[0] == '\0') { DEBUG(6, ("service [%s] did not resolve to a path\n", lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_BAD_NETWORK_NAME; return NULL; } set_conn_connectpath(conn,s); DEBUG(3,("Connect path is '%s' for service [%s]\n",s, lp_servicename(snum))); } /* * New code to check if there's a share security descripter * added from NT server manager. This is done after the * smb.conf checks are done as we need a uid and token. JRA. * */ { BOOL can_write = False; NT_USER_TOKEN *token = conn->nt_user_token ? conn->nt_user_token : (vuser ? vuser->nt_user_token : NULL); /* * I don't believe this can happen. But the * logic above is convoluted enough to confuse * automated checkers, so be sure. JRA. */ if (token == NULL) { DEBUG(0,("make_connection: connection to %s " "denied due to missing " "NT token.\n", lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } can_write = share_access_check(token, lp_servicename(snum), FILE_WRITE_DATA); if (!can_write) { if (!share_access_check(token, lp_servicename(snum), FILE_READ_DATA)) { /* No access, read or write. */ DEBUG(0,("make_connection: connection to %s " "denied due to security " "descriptor.\n", lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } else { conn->read_only = True; } } } /* Initialise VFS function pointers */ if (!smbd_vfs_init(conn)) { DEBUG(0, ("vfs_init failed for service %s\n", lp_servicename(snum))); conn_free(conn); *status = NT_STATUS_BAD_NETWORK_NAME; return NULL; } /* * If widelinks are disallowed we need to canonicalise the connect * path here to ensure we don't have any symlinks in the * connectpath. We will be checking all paths on this connection are * below this directory. We must do this after the VFS init as we * depend on the realpath() pointer in the vfs table. JRA. */ if (!lp_widelinks(snum)) { pstring s; pstrcpy(s,conn->connectpath); canonicalize_path(conn, s); set_conn_connectpath(conn,s); } if ((!conn->printer) && (!conn->ipc)) { conn->notify_ctx = notify_init(conn->mem_ctx, server_id_self(), smbd_messaging_context(), smbd_event_context(), conn); } /* ROOT Activities: */ /* check number of connections */ if (!claim_connection(conn, lp_servicename(snum), lp_max_connections(snum), False,0)) { DEBUG(1,("too many connections - rejected\n")); conn_free(conn); *status = NT_STATUS_INSUFFICIENT_RESOURCES; return NULL; } /* Preexecs are done here as they might make the dir we are to ChDir * to below */ /* execute any "root preexec = " line */ if (*lp_rootpreexec(snum)) { pstring cmd; pstrcpy(cmd,lp_rootpreexec(snum)); standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, cmd, sizeof(cmd)); DEBUG(5,("cmd=%s\n",cmd)); ret = smbrun(cmd,NULL); if (ret != 0 && lp_rootpreexec_close(snum)) { DEBUG(1,("root preexec gave %d - failing " "connection\n", ret)); yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } } /* USER Activites: */ if (!change_to_user(conn, conn->vuid)) { /* No point continuing if they fail the basic checks */ DEBUG(0,("Can't become connected user!\n")); yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_LOGON_FAILURE; return NULL; } /* Remember that a different vuid can connect later without these * checks... */ /* Preexecs are done here as they might make the dir we are to ChDir * to below */ /* execute any "preexec = " line */ if (*lp_preexec(snum)) { pstring cmd; pstrcpy(cmd,lp_preexec(snum)); standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, cmd, sizeof(cmd)); ret = smbrun(cmd,NULL); if (ret != 0 && lp_preexec_close(snum)) { DEBUG(1,("preexec gave %d - failing connection\n", ret)); change_to_root_user(); yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_ACCESS_DENIED; return NULL; } } #ifdef WITH_FAKE_KASERVER if (lp_afs_share(snum)) { afs_login(conn); } #endif /* Add veto/hide lists */ if (!IS_IPC(conn) && !IS_PRINT(conn)) { set_namearray( &conn->veto_list, lp_veto_files(snum)); set_namearray( &conn->hide_list, lp_hide_files(snum)); set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(snum)); } /* Invoke VFS make connection hook - do this before the VFS_STAT call to allow any filesystems needing user credentials to initialize themselves. */ if (SMB_VFS_CONNECT(conn, lp_servicename(snum), user) < 0) { DEBUG(0,("make_connection: VFS make connection failed!\n")); change_to_root_user(); yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_UNSUCCESSFUL; return NULL; } /* win2000 does not check the permissions on the directory during the tree connect, instead relying on permission check during individual operations. To match this behaviour I have disabled this chdir check (tridge) */ /* the alternative is just to check the directory exists */ if ((ret = SMB_VFS_STAT(conn, conn->connectpath, &st)) != 0 || !S_ISDIR(st.st_mode)) { if (ret == 0 && !S_ISDIR(st.st_mode)) { DEBUG(0,("'%s' is not a directory, when connecting to " "[%s]\n", conn->connectpath, lp_servicename(snum))); } else { DEBUG(0,("'%s' does not exist or permission denied " "when connecting to [%s] Error was %s\n", conn->connectpath, lp_servicename(snum), strerror(errno) )); } change_to_root_user(); /* Call VFS disconnect hook */ SMB_VFS_DISCONNECT(conn); yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_BAD_NETWORK_NAME; return NULL; } string_set(&conn->origpath,conn->connectpath); mtime_ts = get_mtimespec(&st); ctime_ts = get_ctimespec(&st); atime_ts = get_atimespec(&st); conn->ts_res = TIMESTAMP_SET_SECONDS; if (mtime_ts.tv_nsec || atime_ts.tv_nsec || ctime_ts.tv_nsec) { /* If any of the normal UNIX directory timestamps * have a non-zero tv_nsec component assume * we might be able to set sub-second timestamps. * See what filetime set primitives we have. */ #if defined(HAVE_UTIMES) /* utimes allows msec timestamps to be set. */ conn->ts_res = TIMESTAMP_SET_MSEC; #elif defined(HAVE_UTIME) /* utime only allows sec timestamps to be set. */ conn->ts_res = TIMESTAMP_SET_SECONDS; #endif /* TODO. Add a configure test for the Linux * nsec timestamp set system call, and use it * if available.... */ DEBUG(10,("make_connection_snum: timestamp " "resolution of %s " "available on share %s, directory %s\n", conn->ts_res == TIMESTAMP_SET_MSEC ? "msec" : "sec", lp_servicename(conn->cnum), conn->connectpath )); } #if SOFTLINK_OPTIMISATION /* resolve any soft links early if possible */ if (vfs_ChDir(conn,conn->connectpath) == 0) { pstring s; pstrcpy(s,conn->connectpath); vfs_GetWd(conn,s); set_conn_connectpath(conn,s); vfs_ChDir(conn,conn->connectpath); } #endif if (lp_unix_extensions() && lp_widelinks(snum)) { DEBUG(0,("Share '%s' has wide links and unix extensions enabled. " "These parameters are incompatible. " "Disabling wide links for this share.\n", lp_servicename(snum) )); lp_do_parameter(snum, "wide links", "False"); } /* * Print out the 'connected as' stuff here as we need * to know the effective uid and gid we will be using * (at least initially). */ if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) { dbgtext( "%s (%s) ", get_remote_machine_name(), conn->client_address ); dbgtext( "%s", srv_is_signing_active() ? "signed " : ""); dbgtext( "connect to service %s ", lp_servicename(snum) ); dbgtext( "initially as user %s ", user ); dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() ); dbgtext( "(pid %d)\n", (int)sys_getpid() ); } /* we've finished with the user stuff - go back to root */ change_to_root_user(); return(conn); }
static NTSTATUS parse_dfs_path(connection_struct *conn, const char *pathname, bool allow_wcards, bool allow_broken_path, struct dfs_path *pdp, /* MUST BE TALLOCED */ bool *ppath_contains_wcard) { char *pathname_local; char *p,*temp; char *servicename; char *eos_ptr; NTSTATUS status = NT_STATUS_OK; char sepchar; ZERO_STRUCTP(pdp); /* * This is the only talloc we should need to do * on the struct dfs_path. All the pointers inside * it should point to offsets within this string. */ pathname_local = talloc_strdup(pdp, pathname); if (!pathname_local) { return NT_STATUS_NO_MEMORY; } /* Get a pointer to the terminating '\0' */ eos_ptr = &pathname_local[strlen(pathname_local)]; p = temp = pathname_local; pdp->posix_path = (lp_posix_pathnames() && *pathname == '/'); sepchar = pdp->posix_path ? '/' : '\\'; if (allow_broken_path && (*pathname != sepchar)) { DEBUG(10,("parse_dfs_path: path %s doesn't start with %c\n", pathname, sepchar )); /* * Possibly client sent a local path by mistake. * Try and convert to a local path. */ pdp->hostname = eos_ptr; /* "" */ pdp->servicename = eos_ptr; /* "" */ /* We've got no info about separators. */ pdp->posix_path = lp_posix_pathnames(); p = temp; DEBUG(10,("parse_dfs_path: trying to convert %s to a " "local path\n", temp)); goto local_path; } /* * Safe to use on talloc'ed string as it only shrinks. * It also doesn't affect the eos_ptr. */ trim_char(temp,sepchar,sepchar); DEBUG(10,("parse_dfs_path: temp = |%s| after trimming %c's\n", temp, sepchar)); /* Now tokenize. */ /* Parse out hostname. */ p = strchr_m(temp,sepchar); if(p == NULL) { DEBUG(10,("parse_dfs_path: can't parse hostname from path %s\n", temp)); /* * Possibly client sent a local path by mistake. * Try and convert to a local path. */ pdp->hostname = eos_ptr; /* "" */ pdp->servicename = eos_ptr; /* "" */ p = temp; DEBUG(10,("parse_dfs_path: trying to convert %s " "to a local path\n", temp)); goto local_path; } *p = '\0'; pdp->hostname = temp; DEBUG(10,("parse_dfs_path: hostname: %s\n",pdp->hostname)); /* Parse out servicename. */ servicename = p+1; p = strchr_m(servicename,sepchar); if (p) { *p = '\0'; } /* Is this really our servicename ? */ if (conn && !( strequal(servicename, lp_servicename(talloc_tos(), SNUM(conn))) || (strequal(servicename, HOMES_NAME) && strequal(lp_servicename(talloc_tos(), SNUM(conn)), get_current_username()) )) ) { DEBUG(10,("parse_dfs_path: %s is not our servicename\n", servicename)); /* * Possibly client sent a local path by mistake. * Try and convert to a local path. */ pdp->hostname = eos_ptr; /* "" */ pdp->servicename = eos_ptr; /* "" */ /* Repair the path - replace the sepchar's we nulled out */ servicename--; *servicename = sepchar; if (p) { *p = sepchar; } p = temp; DEBUG(10,("parse_dfs_path: trying to convert %s " "to a local path\n", temp)); goto local_path; } pdp->servicename = servicename; DEBUG(10,("parse_dfs_path: servicename: %s\n",pdp->servicename)); if(p == NULL) { /* Client sent self referral \server\share. */ pdp->reqpath = eos_ptr; /* "" */ return NT_STATUS_OK; } p++; local_path: *ppath_contains_wcard = False; pdp->reqpath = p; /* Rest is reqpath. */ if (pdp->posix_path) { status = check_path_syntax_posix(pdp->reqpath); } else { if (allow_wcards) { status = check_path_syntax_wcard(pdp->reqpath, ppath_contains_wcard); } else { status = check_path_syntax(pdp->reqpath); } } if (!NT_STATUS_IS_OK(status)) { DEBUG(10,("parse_dfs_path: '%s' failed with %s\n", p, nt_errstr(status) )); return status; } DEBUG(10,("parse_dfs_path: rest of the path: %s\n",pdp->reqpath)); return NT_STATUS_OK; }
static NTSTATUS create_conn_struct_as_root(TALLOC_CTX *ctx, struct tevent_context *ev, struct messaging_context *msg, connection_struct **pconn, int snum, const char *path, const struct auth_session_info *session_info) { connection_struct *conn; char *connpath; const char *vfs_user; struct smbd_server_connection *sconn; const char *servicename = lp_const_servicename(snum); sconn = talloc_zero(ctx, struct smbd_server_connection); if (sconn == NULL) { return NT_STATUS_NO_MEMORY; } sconn->ev_ctx = ev; sconn->msg_ctx = msg; sconn->sock = -1; sconn->smb1.echo_handler.trusted_fd = -1; sconn->smb1.echo_handler.socket_lock_fd = -1; conn = conn_new(sconn); if (conn == NULL) { TALLOC_FREE(sconn); return NT_STATUS_NO_MEMORY; } /* Now we have conn, we need to make sconn a child of conn, * for a proper talloc tree */ talloc_steal(conn, sconn); if (snum == -1 && servicename == NULL) { servicename = "Unknown Service (snum == -1)"; } connpath = talloc_strdup(conn, path); if (!connpath) { TALLOC_FREE(conn); return NT_STATUS_NO_MEMORY; } connpath = talloc_string_sub(conn, connpath, "%S", servicename); if (!connpath) { TALLOC_FREE(conn); return NT_STATUS_NO_MEMORY; } /* needed for smbd_vfs_init() */ conn->params->service = snum; conn->cnum = TID_FIELD_INVALID; if (session_info != NULL) { conn->session_info = copy_session_info(conn, session_info); if (conn->session_info == NULL) { DEBUG(0, ("copy_serverinfo failed\n")); TALLOC_FREE(conn); return NT_STATUS_NO_MEMORY; } vfs_user = conn->session_info->unix_info->unix_name; } else { /* use current authenticated user in absence of session_info */ vfs_user = get_current_username(); } set_conn_connectpath(conn, connpath); /* * New code to check if there's a share security descripter * added from NT server manager. This is done after the * smb.conf checks are done as we need a uid and token. JRA. * */ if (conn->session_info) { share_access_check(conn->session_info->security_token, servicename, MAXIMUM_ALLOWED_ACCESS, &conn->share_access); if ((conn->share_access & FILE_WRITE_DATA) == 0) { if ((conn->share_access & FILE_READ_DATA) == 0) { /* No access, read or write. */ DEBUG(0,("create_conn_struct: connection to %s " "denied due to security " "descriptor.\n", servicename)); conn_free(conn); return NT_STATUS_ACCESS_DENIED; } else { conn->read_only = true; } } } else { conn->share_access = 0; conn->read_only = true; } if (!smbd_vfs_init(conn)) { NTSTATUS status = map_nt_error_from_unix(errno); DEBUG(0,("create_conn_struct: smbd_vfs_init failed.\n")); conn_free(conn); return status; } /* this must be the first filesystem operation that we do */ if (SMB_VFS_CONNECT(conn, servicename, vfs_user) < 0) { DEBUG(0,("VFS connect failed!\n")); conn_free(conn); return NT_STATUS_UNSUCCESSFUL; } conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn, &conn->ts_res); *pconn = conn; return NT_STATUS_OK; }
/** * Check if file should be recycled **/ static int recycle_unlink(vfs_handle_struct *handle, const char *file_name) { connection_struct *conn = handle->conn; char *path_name = NULL; char *temp_name = NULL; char *final_name = NULL; const char *base; char *repository = NULL; int i = 1; SMB_OFF_T maxsize, minsize; SMB_OFF_T file_size; /* space_avail; */ BOOL exist; int rc = -1; repository = talloc_sub_advanced(NULL, lp_servicename(SNUM(conn)), conn->user, conn->connectpath, conn->gid, get_current_username(), current_user_info.domain, recycle_repository(handle)); ALLOC_CHECK(repository, done); /* shouldn't we allow absolute path names here? --metze */ /* Yes :-). JRA. */ trim_char(repository, '\0', '/'); if(!repository || *(repository) == '\0') { DEBUG(3, ("recycle: repository path not set, purging %s...\n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } /* we don't recycle the recycle bin... */ if (strncmp(file_name, repository, strlen(repository)) == 0) { DEBUG(3, ("recycle: File is within recycling bin, unlinking ...\n")); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } file_size = recycle_get_file_size(handle, file_name); /* it is wrong to purge filenames only because they are empty imho * --- simo * if(fsize == 0) { DEBUG(3, ("recycle: File %s is empty, purging...\n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle,file_name); goto done; } */ /* FIXME: this is wrong, we should check the whole size of the recycle bin is * not greater then maxsize, not the size of the single file, also it is better * to remove older files */ maxsize = recycle_maxsize(handle); if(maxsize > 0 && file_size > maxsize) { DEBUG(3, ("recycle: File %s exceeds maximum recycle size, purging... \n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } minsize = recycle_minsize(handle); if(minsize > 0 && file_size < minsize) { DEBUG(3, ("recycle: File %s lowers minimum recycle size, purging... \n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } /* FIXME: this is wrong: moving files with rename does not change the disk space * allocation * space_avail = SMB_VFS_NEXT_DISK_FREE(handle, ".", True, &bsize, &dfree, &dsize) * 1024L; DEBUG(5, ("space_avail = %Lu, file_size = %Lu\n", space_avail, file_size)); if(space_avail < file_size) { DEBUG(3, ("recycle: Not enough diskspace, purging file %s\n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } */ /* extract filename and path */ base = strrchr(file_name, '/'); if (base == NULL) { base = file_name; path_name = SMB_STRDUP("/"); ALLOC_CHECK(path_name, done); } else { path_name = SMB_STRDUP(file_name); ALLOC_CHECK(path_name, done); path_name[base - file_name] = '\0'; base++; } DEBUG(10, ("recycle: fname = %s\n", file_name)); /* original filename with path */ DEBUG(10, ("recycle: fpath = %s\n", path_name)); /* original path */ DEBUG(10, ("recycle: base = %s\n", base)); /* filename without path */ if (matchparam(recycle_exclude(handle), base)) { DEBUG(3, ("recycle: file %s is excluded \n", base)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } if (matchdirparam(recycle_exclude_dir(handle), path_name)) { DEBUG(3, ("recycle: directory %s is excluded \n", path_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } if (recycle_keep_dir_tree(handle) == True) { asprintf(&temp_name, "%s/%s", repository, path_name); } else { temp_name = SMB_STRDUP(repository); } ALLOC_CHECK(temp_name, done); exist = recycle_directory_exist(handle, temp_name); if (exist) { DEBUG(10, ("recycle: Directory already exists\n")); } else { DEBUG(10, ("recycle: Creating directory %s\n", temp_name)); if (recycle_create_dir(handle, temp_name) == False) { DEBUG(3, ("recycle: Could not create directory, purging %s...\n", file_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } } asprintf(&final_name, "%s/%s", temp_name, base); ALLOC_CHECK(final_name, done); DEBUG(10, ("recycle: recycled file name: %s\n", final_name)); /* new filename with path */ /* check if we should delete file from recycle bin */ if (recycle_file_exist(handle, final_name)) { if (recycle_versions(handle) == False || matchparam(recycle_noversions(handle), base) == True) { DEBUG(3, ("recycle: Removing old file %s from recycle bin\n", final_name)); if (SMB_VFS_NEXT_UNLINK(handle, final_name) != 0) { DEBUG(1, ("recycle: Error deleting old file: %s\n", strerror(errno))); } } } /* rename file we move to recycle bin */ i = 1; while (recycle_file_exist(handle, final_name)) { SAFE_FREE(final_name); asprintf(&final_name, "%s/Copy #%d of %s", temp_name, i++, base); } DEBUG(10, ("recycle: Moving %s to %s\n", file_name, final_name)); rc = SMB_VFS_NEXT_RENAME(handle, file_name, final_name); if (rc != 0) { DEBUG(3, ("recycle: Move error %d (%s), purging file %s (%s)\n", errno, strerror(errno), file_name, final_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; } /* touch access date of moved file */ if (recycle_touch(handle) == True || recycle_touch_mtime(handle)) recycle_do_touch(handle, final_name, recycle_touch_mtime(handle)); done: SAFE_FREE(path_name); SAFE_FREE(temp_name); SAFE_FREE(final_name); TALLOC_FREE(repository); return rc; }