/*****************************************************
setup basic info in a stat structure
*******************************************************/
void smbw_setup_stat(struct stat *st, char *fname, size_t size, int mode)
{
st->st_mode = 0;
if (IS_DOS_DIR(mode)) {
st->st_mode = SMBW_DIR_MODE;
} else {
st->st_mode = SMBW_FILE_MODE;
}
if (IS_DOS_ARCHIVE(mode)) st->st_mode |= S_IXUSR;
if (IS_DOS_SYSTEM(mode)) st->st_mode |= S_IXGRP;
if (IS_DOS_HIDDEN(mode)) st->st_mode |= S_IXOTH;
if (!IS_DOS_READONLY(mode)) st->st_mode |= S_IWUSR;
st->st_size = size;
st->st_blksize = 512;
st->st_blocks = (size+511)/512;
st->st_uid = getuid();
st->st_gid = getgid();
if (IS_DOS_DIR(mode)) {
st->st_nlink = 2;
} else {
st->st_nlink = 1;
}
if (st->st_ino == 0) {
st->st_ino = smbw_inode(fname);
}
}
static int
setup_stat(SMBCCTX *context,
struct stat *st,
char *fname,
SMB_OFF_T size,
int mode)
{
TALLOC_CTX *frame = talloc_stackframe();
st->st_mode = 0;
if (IS_DOS_DIR(mode)) {
st->st_mode = SMBC_DIR_MODE;
} else {
st->st_mode = SMBC_FILE_MODE;
}
if (IS_DOS_ARCHIVE(mode)) st->st_mode |= S_IXUSR;
if (IS_DOS_SYSTEM(mode)) st->st_mode |= S_IXGRP;
if (IS_DOS_HIDDEN(mode)) st->st_mode |= S_IXOTH;
if (!IS_DOS_READONLY(mode)) st->st_mode |= S_IWUSR;
st->st_size = size;
#ifdef HAVE_STAT_ST_BLKSIZE
st->st_blksize = 512;
#endif
#ifdef HAVE_STAT_ST_BLOCKS
st->st_blocks = (size+511)/512;
#endif
#ifdef HAVE_STRUCT_STAT_ST_RDEV
st->st_rdev = 0;
#endif
st->st_uid = getuid();
st->st_gid = getgid();
if (IS_DOS_DIR(mode)) {
st->st_nlink = 2;
} else {
st->st_nlink = 1;
}
if (st->st_ino == 0) {
st->st_ino = generate_inode(context, fname);
}
TALLOC_FREE(frame);
return True; /* FIXME: Is this needed ? */
}
/*******************************************************************
chmod a file - but preserve some bits
********************************************************************/
int file_chmod(connection_struct *conn,char *fname,int dosmode,SMB_STRUCT_STAT *st)
{
SMB_STRUCT_STAT st1;
int mask=0;
mode_t tmp;
mode_t unixmode;
if (!st) {
st = &st1;
if (dos_stat(fname,st)) return(-1);
}
if (S_ISDIR(st->st_mode)) dosmode |= aDIR;
if (dos_mode(conn,fname,st) == dosmode) return(0);
unixmode = unix_mode(conn,dosmode,fname);
/* preserve the s bits */
mask |= (S_ISUID | S_ISGID);
/* preserve the t bit */
#ifdef S_ISVTX
mask |= S_ISVTX;
#endif
/* possibly preserve the x bits */
if (!MAP_ARCHIVE(conn)) mask |= S_IXUSR;
if (!MAP_SYSTEM(conn)) mask |= S_IXGRP;
if (!MAP_HIDDEN(conn)) mask |= S_IXOTH;
unixmode |= (st->st_mode & mask);
/* if we previously had any r bits set then leave them alone */
if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
unixmode |= tmp;
}
/* if we previously had any w bits set then leave them alone
whilst adding in the new w bits, if the new mode is not rdonly */
if (!IS_DOS_READONLY(dosmode)) {
unixmode |= (st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
}
return(dos_chmod(fname,unixmode));
}
int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname,
uint32 dosmode, const char *parent_dir, bool newfile)
{
int mask=0;
mode_t tmp;
mode_t unixmode;
int ret = -1, lret = -1;
uint32_t old_mode;
struct timespec new_create_timespec;
files_struct *fsp = NULL;
bool need_close = false;
NTSTATUS status;
if (!CAN_WRITE(conn)) {
errno = EROFS;
return -1;
}
/* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
dosmode &= (SAMBA_ATTRIBUTES_MASK | FILE_ATTRIBUTE_OFFLINE);
DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n",
dosmode, smb_fname_str_dbg(smb_fname)));
unixmode = smb_fname->st.st_ex_mode;
get_acl_group_bits(conn, smb_fname->base_name,
&smb_fname->st.st_ex_mode);
if (S_ISDIR(smb_fname->st.st_ex_mode))
dosmode |= FILE_ATTRIBUTE_DIRECTORY;
else
dosmode &= ~FILE_ATTRIBUTE_DIRECTORY;
new_create_timespec = smb_fname->st.st_ex_btime;
old_mode = dos_mode(conn, smb_fname);
if ((dosmode & FILE_ATTRIBUTE_OFFLINE) &&
!(old_mode & FILE_ATTRIBUTE_OFFLINE)) {
lret = SMB_VFS_SET_OFFLINE(conn, smb_fname);
if (lret == -1) {
if (errno == ENOTSUP) {
DEBUG(10, ("Setting FILE_ATTRIBUTE_OFFLINE for "
"%s/%s is not supported.\n",
parent_dir,
smb_fname_str_dbg(smb_fname)));
} else {
DEBUG(0, ("An error occurred while setting "
"FILE_ATTRIBUTE_OFFLINE for "
"%s/%s: %s", parent_dir,
smb_fname_str_dbg(smb_fname),
strerror(errno)));
}
}
}
dosmode &= ~FILE_ATTRIBUTE_OFFLINE;
old_mode &= ~FILE_ATTRIBUTE_OFFLINE;
smb_fname->st.st_ex_btime = new_create_timespec;
/* Store the DOS attributes in an EA by preference. */
if (lp_store_dos_attributes(SNUM(conn))) {
/*
* Don't fall back to using UNIX modes. Finally
* follow the smb.conf manpage.
*/
if (!set_ea_dos_attribute(conn, smb_fname, dosmode)) {
return -1;
}
if (!newfile) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES,
smb_fname->base_name);
}
smb_fname->st.st_ex_mode = unixmode;
return 0;
}
unixmode = unix_mode(conn, dosmode, smb_fname, parent_dir);
/* preserve the file type bits */
mask |= S_IFMT;
/* preserve the s bits */
mask |= (S_ISUID | S_ISGID);
/* preserve the t bit */
#ifdef S_ISVTX
mask |= S_ISVTX;
#endif
/* possibly preserve the x bits */
if (!MAP_ARCHIVE(conn))
mask |= S_IXUSR;
if (!MAP_SYSTEM(conn))
mask |= S_IXGRP;
if (!MAP_HIDDEN(conn))
mask |= S_IXOTH;
unixmode |= (smb_fname->st.st_ex_mode & mask);
/* if we previously had any r bits set then leave them alone */
if ((tmp = smb_fname->st.st_ex_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
unixmode |= tmp;
}
/* if we previously had any w bits set then leave them alone
whilst adding in the new w bits, if the new mode is not rdonly */
if (!IS_DOS_READONLY(dosmode)) {
unixmode |= (smb_fname->st.st_ex_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
}
/*
* From the chmod 2 man page:
*
* "If the calling process is not privileged, and the group of the file
* does not match the effective group ID of the process or one of its
* supplementary group IDs, the S_ISGID bit will be turned off, but
* this will not cause an error to be returned."
*
* Simply refuse to do the chmod in this case.
*/
if (S_ISDIR(smb_fname->st.st_ex_mode) && (unixmode & S_ISGID) &&
geteuid() != sec_initial_uid() &&
!current_user_in_group(conn, smb_fname->st.st_ex_gid)) {
DEBUG(3,("file_set_dosmode: setgid bit cannot be "
"set for directory %s\n",
smb_fname_str_dbg(smb_fname)));
errno = EPERM;
return -1;
}
ret = SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode);
if (ret == 0) {
if(!newfile || (lret != -1)) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES,
smb_fname->base_name);
}
smb_fname->st.st_ex_mode = unixmode;
return 0;
}
if((errno != EPERM) && (errno != EACCES))
return -1;
if(!lp_dos_filemode(SNUM(conn)))
return -1;
/* We want DOS semantics, ie allow non owner with write permission to change the
bits on a file. Just like file_ntimes below.
*/
if (!can_write_to_file(conn, smb_fname)) {
errno = EACCES;
return -1;
}
/*
* We need to get an open file handle to do the
* metadata operation under root.
*/
status = get_file_handle_for_metadata(conn,
smb_fname,
&fsp,
&need_close);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
return -1;
}
become_root();
ret = SMB_VFS_FCHMOD(fsp, unixmode);
unbecome_root();
if (need_close) {
close_file(NULL, fsp, NORMAL_CLOSE);
}
if (!newfile) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES,
smb_fname->base_name);
}
if (ret == 0) {
smb_fname->st.st_ex_mode = unixmode;
}
return( ret );
}
mode_t unix_mode(connection_struct *conn, int dosmode,
const struct smb_filename *smb_fname,
const char *inherit_from_dir)
{
mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
mode_t dir_mode = 0; /* Mode of the inherit_from directory if
* inheriting. */
if (!lp_store_dos_attributes(SNUM(conn)) && IS_DOS_READONLY(dosmode)) {
result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
}
if ((inherit_from_dir != NULL) && lp_inherit_permissions(SNUM(conn))) {
struct smb_filename *smb_fname_parent;
DEBUG(2, ("unix_mode(%s) inheriting from %s\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir));
smb_fname_parent = synthetic_smb_fname(
talloc_tos(), inherit_from_dir, NULL, NULL);
if (smb_fname_parent == NULL) {
DEBUG(1,("unix_mode(%s) failed, [dir %s]: No memory\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir));
return(0);
}
if (SMB_VFS_STAT(conn, smb_fname_parent) != 0) {
DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",
smb_fname_str_dbg(smb_fname),
inherit_from_dir, strerror(errno)));
TALLOC_FREE(smb_fname_parent);
return(0); /* *** shouldn't happen! *** */
}
/* Save for later - but explicitly remove setuid bit for safety. */
dir_mode = smb_fname_parent->st.st_ex_mode & ~S_ISUID;
DEBUG(2,("unix_mode(%s) inherit mode %o\n",
smb_fname_str_dbg(smb_fname), (int)dir_mode));
/* Clear "result" */
result = 0;
TALLOC_FREE(smb_fname_parent);
}
if (IS_DOS_DIR(dosmode)) {
/* We never make directories read only for the owner as under DOS a user
can always create a file in a read-only directory. */
result |= (S_IFDIR | S_IWUSR);
if (dir_mode) {
/* Inherit mode of parent directory. */
result |= dir_mode;
} else {
/* Provisionally add all 'x' bits */
result |= (S_IXUSR | S_IXGRP | S_IXOTH);
/* Apply directory mask */
result &= lp_directory_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_directory_mode(SNUM(conn));
}
} else {
if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
result |= S_IXUSR;
if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
result |= S_IXGRP;
if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
result |= S_IXOTH;
if (dir_mode) {
/* Inherit 666 component of parent directory mode */
result |= dir_mode & (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
} else {
/* Apply mode mask */
result &= lp_create_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_create_mode(SNUM(conn));
}
}
DEBUG(3,("unix_mode(%s) returning 0%o\n", smb_fname_str_dbg(smb_fname),
(int)result));
return(result);
}
int file_set_dosmode(connection_struct *conn, const char *fname,
uint32 dosmode, SMB_STRUCT_STAT *st,
const char *parent_dir)
{
SMB_STRUCT_STAT st1;
int mask=0;
mode_t tmp;
mode_t unixmode;
int ret = -1;
/* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
dosmode &= SAMBA_ATTRIBUTES_MASK;
DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n", dosmode, fname));
if (st == NULL) {
SET_STAT_INVALID(st1);
st = &st1;
}
if (!VALID_STAT(*st)) {
if (SMB_VFS_STAT(conn,fname,st))
return(-1);
}
unixmode = st->st_mode;
get_acl_group_bits(conn, fname, &st->st_mode);
if (S_ISDIR(st->st_mode))
dosmode |= aDIR;
else
dosmode &= ~aDIR;
if (dos_mode(conn,fname,st) == dosmode) {
st->st_mode = unixmode;
return(0);
}
/* Store the DOS attributes in an EA by preference. */
if (set_ea_dos_attribute(conn, fname, st, dosmode)) {
st->st_mode = unixmode;
return 0;
}
unixmode = unix_mode(conn,dosmode,fname, parent_dir);
/* preserve the s bits */
mask |= (S_ISUID | S_ISGID);
/* preserve the t bit */
#ifdef S_ISVTX
mask |= S_ISVTX;
#endif
/* possibly preserve the x bits */
if (!MAP_ARCHIVE(conn))
mask |= S_IXUSR;
if (!MAP_SYSTEM(conn))
mask |= S_IXGRP;
if (!MAP_HIDDEN(conn))
mask |= S_IXOTH;
unixmode |= (st->st_mode & mask);
/* if we previously had any r bits set then leave them alone */
if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
unixmode |= tmp;
}
/* if we previously had any w bits set then leave them alone
whilst adding in the new w bits, if the new mode is not rdonly */
if (!IS_DOS_READONLY(dosmode)) {
unixmode |= (st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
}
if ((ret = SMB_VFS_CHMOD(conn,fname,unixmode)) == 0) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
st->st_mode = unixmode;
return 0;
}
if((errno != EPERM) && (errno != EACCES))
return -1;
if(!lp_dos_filemode(SNUM(conn)))
return -1;
/* We want DOS semantics, ie allow non owner with write permission to change the
bits on a file. Just like file_ntimes below.
*/
/* Check if we have write access. */
if (CAN_WRITE(conn)) {
/*
* We need to open the file with write access whilst
* still in our current user context. This ensures we
* are not violating security in doing the fchmod.
* This file open does *not* break any oplocks we are
* holding. We need to review this.... may need to
* break batch oplocks open by others. JRA.
*/
files_struct *fsp;
if (!NT_STATUS_IS_OK(open_file_fchmod(conn,fname,st,&fsp)))
return -1;
become_root();
ret = SMB_VFS_FCHMOD(fsp, fsp->fh->fd, unixmode);
unbecome_root();
close_file_fchmod(fsp);
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
if (ret == 0) {
st->st_mode = unixmode;
}
}
return( ret );
}
/****************************************************************************
change a dos mode to a unix mode
base permission for files:
if inheriting
apply read/write bits from parent directory.
else
everybody gets read bit set
dos readonly is represented in unix by removing everyone's write bit
dos archive is represented in unix by the user's execute bit
dos system is represented in unix by the group's execute bit
dos hidden is represented in unix by the other's execute bit
if !inheriting {
Then apply create mask,
then add force bits.
}
base permission for directories:
dos directory is represented in unix by unix's dir bit and the exec bit
if !inheriting {
Then apply create mask,
then add force bits.
}
****************************************************************************/
mode_t unix_mode(connection_struct *conn,int dosmode,const char *fname)
{
mode_t result = (S_IRUSR | S_IRGRP | S_IROTH);
mode_t dir_mode = 0; /* Mode of the parent directory if inheriting. */
if ( !IS_DOS_READONLY(dosmode) )
result |= (S_IWUSR | S_IWGRP | S_IWOTH);
if (fname && lp_inherit_perms(SNUM(conn))) {
char *dname;
SMB_STRUCT_STAT sbuf;
dname = parent_dirname(fname);
DEBUG(2,("unix_mode(%s) inheriting from %s\n",fname,dname));
if (dos_stat(dname,&sbuf) != 0) {
DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",fname,dname,strerror(errno)));
return(0); /* *** shouldn't happen! *** */
}
/* Save for later - but explicitly remove setuid bit for safety. */
dir_mode = sbuf.st_mode & ~S_ISUID;
DEBUG(2,("unix_mode(%s) inherit mode %o\n",fname,(int)dir_mode));
/* Clear "result" */
result = 0;
}
if (IS_DOS_DIR(dosmode)) {
/* We never make directories read only for the owner as under DOS a user
can always create a file in a read-only directory. */
result |= (S_IFDIR | S_IWUSR);
if (dir_mode) {
/* Inherit mode of parent directory. */
result |= dir_mode;
} else {
/* Provisionally add all 'x' bits */
result |= (S_IXUSR | S_IXGRP | S_IXOTH);
/* Apply directory mask */
result &= lp_dir_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_dir_mode(SNUM(conn));
}
} else {
if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
result |= S_IXUSR;
if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
result |= S_IXGRP;
if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
result |= S_IXOTH;
if (dir_mode) {
/* Inherit 666 component of parent directory mode */
result |= dir_mode
& (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
} else {
/* Apply mode mask */
result &= lp_create_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_create_mode(SNUM(conn));
}
}
return(result);
}
