int vfswrap_mkdir(vfs_handle_struct *handle, connection_struct *conn, const char *path, mode_t mode)
{
int result;
BOOL has_dacl = False;
START_PROFILE(syscall_mkdir);
if (lp_inherit_acls(SNUM(conn)) && (has_dacl = directory_has_default_acl(conn, parent_dirname(path))))
mode = 0777;
result = mkdir(path, mode);
if (result == 0 && !has_dacl) {
/*
* We need to do this as the default behavior of POSIX ACLs
* is to set the mask to be the requested group permission
* bits, not the group permission bits to be the requested
* group permission bits. This is not what we want, as it will
* mess up any inherited ACL bits that were set. JRA.
*/
int saved_errno = errno; /* We may get ENOSYS */
if ((SMB_VFS_CHMOD_ACL(conn, path, mode) == -1) && (errno == ENOSYS))
errno = saved_errno;
}
END_PROFILE(syscall_mkdir);
return result;
}
static NTSTATUS check_parent_acl_common(vfs_handle_struct *handle,
const char *path,
uint32_t access_mask,
struct security_descriptor **pp_parent_desc)
{
char *parent_name = NULL;
struct security_descriptor *parent_desc = NULL;
uint32_t access_granted = 0;
NTSTATUS status;
if (!parent_dirname(talloc_tos(), path, &parent_name, NULL)) {
return NT_STATUS_NO_MEMORY;
}
status = get_nt_acl_internal(handle,
NULL,
parent_name,
(OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION),
&parent_desc);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("check_parent_acl_common: get_nt_acl_internal "
"on directory %s for "
"path %s returned %s\n",
parent_name,
path,
nt_errstr(status) ));
return status;
}
status = smb1_file_se_access_check(handle->conn,
parent_desc,
handle->conn->server_info->ptok,
access_mask,
&access_granted);
if(!NT_STATUS_IS_OK(status)) {
DEBUG(10,("check_parent_acl_common: access check "
"on directory %s for "
"path %s for mask 0x%x returned %s\n",
parent_name,
path,
access_mask,
nt_errstr(status) ));
return status;
}
if (pp_parent_desc) {
*pp_parent_desc = parent_desc;
}
return NT_STATUS_OK;
}
static int cephwrap_mkdir(struct vfs_handle_struct *handle,
const struct smb_filename *smb_fname,
mode_t mode)
{
int result;
char *parent = NULL;
const char *path = smb_fname->base_name;
DBG_DEBUG("[CEPH] mkdir(%p, %s)\n", handle, path);
if (lp_inherit_acls(SNUM(handle->conn))
&& parent_dirname(talloc_tos(), path, &parent, NULL)
&& directory_has_default_acl(handle->conn, parent)) {
mode = 0777;
}
TALLOC_FREE(parent);
result = ceph_mkdir(handle->data, path, mode);
return WRAP_RETURN(result);
}
static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
const char *fname,
files_struct *fsp,
bool container)
{
TALLOC_CTX *ctx = talloc_tos();
NTSTATUS status;
struct security_descriptor *parent_desc = NULL;
struct security_descriptor *psd = NULL;
DATA_BLOB blob;
size_t size;
char *parent_name;
if (!parent_dirname(ctx, fname, &parent_name, NULL)) {
return NT_STATUS_NO_MEMORY;
}
DEBUG(10,("inherit_new_acl: check directory %s\n",
parent_name));
status = get_nt_acl_xattr_internal(handle,
NULL,
parent_name,
(OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION),
&parent_desc);
if (NT_STATUS_IS_OK(status)) {
/* Create an inherited descriptor from the parent. */
if (DEBUGLEVEL >= 10) {
DEBUG(10,("inherit_new_acl: parent acl is:\n"));
NDR_PRINT_DEBUG(security_descriptor, parent_desc);
}
status = se_create_child_secdesc(ctx,
&psd,
&size,
parent_desc,
&handle->conn->server_info->ptok->user_sids[PRIMARY_USER_SID_INDEX],
&handle->conn->server_info->ptok->user_sids[PRIMARY_GROUP_SID_INDEX],
container);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (DEBUGLEVEL >= 10) {
DEBUG(10,("inherit_new_acl: child acl is:\n"));
NDR_PRINT_DEBUG(security_descriptor, psd);
}
} else {
DEBUG(10,("inherit_new_acl: directory %s failed "
"to get acl %s\n",
parent_name,
nt_errstr(status) ));
}
if (!psd || psd->dacl == NULL) {
SMB_STRUCT_STAT sbuf;
int ret;
TALLOC_FREE(psd);
if (fsp && !fsp->is_directory && fsp->fh->fd != -1) {
ret = SMB_VFS_FSTAT(fsp, &sbuf);
} else {
if (fsp && fsp->posix_open) {
ret = SMB_VFS_LSTAT(handle->conn,fname, &sbuf);
} else {
ret = SMB_VFS_STAT(handle->conn,fname, &sbuf);
}
}
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
psd = default_file_sd(ctx, &sbuf);
if (!psd) {
return NT_STATUS_NO_MEMORY;
}
if (DEBUGLEVEL >= 10) {
DEBUG(10,("inherit_new_acl: default acl is:\n"));
NDR_PRINT_DEBUG(security_descriptor, psd);
}
}
status = create_acl_blob(psd, &blob);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (fsp) {
return store_acl_blob_fsp(handle, fsp, &blob);
} else {
return store_acl_blob_pathname(handle, fname, &blob);
}
}
bool can_delete_file_in_directory(connection_struct *conn,
const struct smb_filename *smb_fname)
{
TALLOC_CTX *ctx = talloc_tos();
char *dname = NULL;
struct smb_filename *smb_fname_parent = NULL;
NTSTATUS status;
bool ret;
if (!CAN_WRITE(conn)) {
return False;
}
if (!lp_acl_check_permissions(SNUM(conn))) {
/* This option means don't check. */
return true;
}
/* Get the parent directory permission mask and owners. */
if (!parent_dirname(ctx, smb_fname->base_name, &dname, NULL)) {
return False;
}
status = create_synthetic_smb_fname(ctx, dname, NULL, NULL,
&smb_fname_parent);
if (!NT_STATUS_IS_OK(status)) {
ret = false;
goto out;
}
if(SMB_VFS_STAT(conn, smb_fname_parent) != 0) {
ret = false;
goto out;
}
/* fast paths first */
if (!S_ISDIR(smb_fname_parent->st.st_ex_mode)) {
ret = false;
goto out;
}
if (get_current_uid(conn) == (uid_t)0) {
/* I'm sorry sir, I didn't know you were root... */
ret = true;
goto out;
}
#ifdef S_ISVTX
/* sticky bit means delete only by owner of file or by root or
* by owner of directory. */
if (smb_fname_parent->st.st_ex_mode & S_ISVTX) {
if (!VALID_STAT(smb_fname->st)) {
/* If the file doesn't already exist then
* yes we'll be able to delete it. */
ret = true;
goto out;
}
/*
* Patch from SATOH Fumiyasu <*****@*****.**>
* for bug #3348. Don't assume owning sticky bit
* directory means write access allowed.
* Fail to delete if we're not the owner of the file,
* or the owner of the directory as we have no possible
* chance of deleting. Otherwise, go on and check the ACL.
*/
if ((get_current_uid(conn) !=
smb_fname_parent->st.st_ex_uid) &&
(get_current_uid(conn) != smb_fname->st.st_ex_uid)) {
DEBUG(10,("can_delete_file_in_directory: not "
"owner of file %s or directory %s",
smb_fname_str_dbg(smb_fname),
smb_fname_str_dbg(smb_fname_parent)));
ret = false;
goto out;
}
}
#endif
/* now for ACL checks */
/*
* There's two ways to get the permission to delete a file: First by
* having the DELETE bit on the file itself and second if that does
* not help, by the DELETE_CHILD bit on the containing directory.
*
* Here we only check the directory permissions, we will
* check the file DELETE permission separately.
*/
ret = NT_STATUS_IS_OK(smbd_check_access_rights(conn,
smb_fname_parent,
FILE_DELETE_CHILD));
out:
TALLOC_FREE(dname);
TALLOC_FREE(smb_fname_parent);
return ret;
}
bool can_delete_file_in_directory(connection_struct *conn, const char *fname)
{
SMB_STRUCT_STAT sbuf;
TALLOC_CTX *ctx = talloc_tos();
char *dname = NULL;
if (!CAN_WRITE(conn)) {
return False;
}
/* Get the parent directory permission mask and owners. */
if (!parent_dirname(ctx, fname, &dname, NULL)) {
return False;
}
if(SMB_VFS_STAT(conn, dname, &sbuf) != 0) {
return False;
}
/* fast paths first */
if (!S_ISDIR(sbuf.st_mode)) {
return False;
}
if (conn->server_info->utok.uid == 0 || conn->admin_user) {
/* I'm sorry sir, I didn't know you were root... */
return True;
}
#ifdef S_ISVTX
/* sticky bit means delete only by owner or root. */
if (sbuf.st_mode & S_ISVTX) {
SMB_STRUCT_STAT sbuf_file;
if(SMB_VFS_STAT(conn, fname, &sbuf_file) != 0) {
if (errno == ENOENT) {
/* If the file doesn't already exist then
* yes we'll be able to delete it. */
return True;
}
return False;
}
/*
* Patch from SATOH Fumiyasu <*****@*****.**>
* for bug #3348. Don't assume owning sticky bit
* directory means write access allowed.
*/
if (conn->server_info->utok.uid != sbuf_file.st_uid) {
return False;
}
}
#endif
/* now for ACL checks */
/*
* There's two ways to get the permission to delete a file: First by
* having the DELETE bit on the file itself and second if that does
* not help, by the DELETE_CHILD bit on the containing directory.
*
* Here we only check the directory permissions, we will
* check the file DELETE permission separately.
*/
return can_access_file_acl(conn, dname, FILE_DELETE_CHILD);
}
/****************************************************************************
change a dos mode to a unix mode
base permission for files:
if inheriting
apply read/write bits from parent directory.
else
everybody gets read bit set
dos readonly is represented in unix by removing everyone's write bit
dos archive is represented in unix by the user's execute bit
dos system is represented in unix by the group's execute bit
dos hidden is represented in unix by the other's execute bit
if !inheriting {
Then apply create mask,
then add force bits.
}
base permission for directories:
dos directory is represented in unix by unix's dir bit and the exec bit
if !inheriting {
Then apply create mask,
then add force bits.
}
****************************************************************************/
mode_t unix_mode(connection_struct *conn,int dosmode,const char *fname)
{
mode_t result = (S_IRUSR | S_IRGRP | S_IROTH);
mode_t dir_mode = 0; /* Mode of the parent directory if inheriting. */
if ( !IS_DOS_READONLY(dosmode) )
result |= (S_IWUSR | S_IWGRP | S_IWOTH);
if (fname && lp_inherit_perms(SNUM(conn))) {
char *dname;
SMB_STRUCT_STAT sbuf;
dname = parent_dirname(fname);
DEBUG(2,("unix_mode(%s) inheriting from %s\n",fname,dname));
if (dos_stat(dname,&sbuf) != 0) {
DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",fname,dname,strerror(errno)));
return(0); /* *** shouldn't happen! *** */
}
/* Save for later - but explicitly remove setuid bit for safety. */
dir_mode = sbuf.st_mode & ~S_ISUID;
DEBUG(2,("unix_mode(%s) inherit mode %o\n",fname,(int)dir_mode));
/* Clear "result" */
result = 0;
}
if (IS_DOS_DIR(dosmode)) {
/* We never make directories read only for the owner as under DOS a user
can always create a file in a read-only directory. */
result |= (S_IFDIR | S_IWUSR);
if (dir_mode) {
/* Inherit mode of parent directory. */
result |= dir_mode;
} else {
/* Provisionally add all 'x' bits */
result |= (S_IXUSR | S_IXGRP | S_IXOTH);
/* Apply directory mask */
result &= lp_dir_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_dir_mode(SNUM(conn));
}
} else {
if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
result |= S_IXUSR;
if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
result |= S_IXGRP;
if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
result |= S_IXOTH;
if (dir_mode) {
/* Inherit 666 component of parent directory mode */
result |= dir_mode
& (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
} else {
/* Apply mode mask */
result &= lp_create_mask(SNUM(conn));
/* Add in force bits */
result |= lp_force_create_mode(SNUM(conn));
}
}
return(result);
}
NTSTATUS unix_convert(TALLOC_CTX *ctx,
connection_struct *conn,
const char *orig_path,
struct smb_filename **smb_fname_out,
uint32_t ucf_flags)
{
struct smb_filename *smb_fname = NULL;
char *start, *end;
char *dirpath = NULL;
char *stream = NULL;
bool component_was_mangled = False;
bool name_has_wildcard = False;
bool posix_pathnames = false;
bool allow_wcard_last_component =
(ucf_flags & UCF_ALWAYS_ALLOW_WCARD_LCOMP);
bool save_last_component = ucf_flags & UCF_SAVE_LCOMP;
NTSTATUS status;
int ret = -1;
*smb_fname_out = NULL;
smb_fname = talloc_zero(ctx, struct smb_filename);
if (smb_fname == NULL) {
return NT_STATUS_NO_MEMORY;
}
if (conn->printer) {
/* we don't ever use the filenames on a printer share as a
filename - so don't convert them */
if (!(smb_fname->base_name = talloc_strdup(smb_fname,
orig_path))) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
goto done;
}
DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path));
/*
* Conversion to basic unix format is already done in
* check_path_syntax().
*/
/*
* Names must be relative to the root of the service - any leading /.
* and trailing /'s should have been trimmed by check_path_syntax().
*/
#ifdef DEVELOPER
SMB_ASSERT(*orig_path != '/');
#endif
/*
* If we trimmed down to a single '\0' character
* then we should use the "." directory to avoid
* searching the cache, but not if we are in a
* printing share.
* As we know this is valid we can return true here.
*/
if (!*orig_path) {
if (!(smb_fname->base_name = talloc_strdup(smb_fname, "."))) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
if (SMB_VFS_STAT(conn, smb_fname) != 0) {
status = map_nt_error_from_unix(errno);
goto err;
}
DEBUG(5, ("conversion finished \"\" -> %s\n",
smb_fname->base_name));
goto done;
}
if (orig_path[0] == '.' && (orig_path[1] == '/' ||
orig_path[1] == '\0')) {
/* Start of pathname can't be "." only. */
if (orig_path[1] == '\0' || orig_path[2] == '\0') {
status = NT_STATUS_OBJECT_NAME_INVALID;
} else {
status =determine_path_error(&orig_path[2],
allow_wcard_last_component);
}
goto err;
}
/* Start with the full orig_path as given by the caller. */
if (!(smb_fname->base_name = talloc_strdup(smb_fname, orig_path))) {
DEBUG(0, ("talloc_strdup failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
/*
* Large directory fix normalization. If we're case sensitive, and
* the case preserving parameters are set to "no", normalize the case of
* the incoming filename from the client WHETHER IT EXISTS OR NOT !
* This is in conflict with the current (3.0.20) man page, but is
* what people expect from the "large directory howto". I'll update
* the man page. Thanks to [email protected] for finding this. JRA.
*/
if (conn->case_sensitive && !conn->case_preserve &&
!conn->short_case_preserve) {
strnorm(smb_fname->base_name, lp_defaultcase(SNUM(conn)));
}
/*
* Ensure saved_last_component is valid even if file exists.
*/
if(save_last_component) {
end = strrchr_m(smb_fname->base_name, '/');
if (end) {
smb_fname->original_lcomp = talloc_strdup(smb_fname,
end + 1);
} else {
smb_fname->original_lcomp =
talloc_strdup(smb_fname, smb_fname->base_name);
}
if (smb_fname->original_lcomp == NULL) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
}
posix_pathnames = (lp_posix_pathnames() ||
(ucf_flags & UCF_POSIX_PATHNAMES));
/*
* Strip off the stream, and add it back when we're done with the
* base_name.
*/
if (!posix_pathnames) {
stream = strchr_m(smb_fname->base_name, ':');
if (stream != NULL) {
char *tmp = talloc_strdup(smb_fname, stream);
if (tmp == NULL) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
/*
* Since this is actually pointing into
* smb_fname->base_name this truncates base_name.
*/
*stream = '\0';
stream = tmp;
}
}
start = smb_fname->base_name;
/*
* If we're providing case insensitive semantics or
* the underlying filesystem is case insensitive,
* then a case-normalized hit in the stat-cache is
* authoratitive. JRA.
*
* Note: We're only checking base_name. The stream_name will be
* added and verified in build_stream_path().
*/
if((!conn->case_sensitive || !(conn->fs_capabilities &
FILE_CASE_SENSITIVE_SEARCH)) &&
stat_cache_lookup(conn, posix_pathnames, &smb_fname->base_name, &dirpath, &start,
&smb_fname->st)) {
goto done;
}
/*
* Make sure "dirpath" is an allocated string, we use this for
* building the directories with talloc_asprintf and free it.
*/
if ((dirpath == NULL) && (!(dirpath = talloc_strdup(ctx,"")))) {
DEBUG(0, ("talloc_strdup failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
/*
* If we have a wildcard we must walk the path to
* find where the error is, even if case sensitive
* is true.
*/
name_has_wildcard = ms_has_wild(smb_fname->base_name);
if (name_has_wildcard && !allow_wcard_last_component) {
/* Wildcard not valid anywhere. */
status = NT_STATUS_OBJECT_NAME_INVALID;
goto fail;
}
DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
smb_fname->base_name, dirpath, start));
if (!name_has_wildcard) {
/*
* stat the name - if it exists then we can add the stream back (if
* there was one) and be done!
*/
if (posix_pathnames) {
ret = SMB_VFS_LSTAT(conn, smb_fname);
} else {
ret = SMB_VFS_STAT(conn, smb_fname);
}
if (ret == 0) {
status = check_for_dot_component(smb_fname);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
/* Add the path (not including the stream) to the cache. */
stat_cache_add(orig_path, smb_fname->base_name,
conn->case_sensitive);
DEBUG(5,("conversion of base_name finished %s -> %s\n",
orig_path, smb_fname->base_name));
goto done;
}
/* Stat failed - ensure we don't use it. */
SET_STAT_INVALID(smb_fname->st);
if (errno == ENOENT) {
/* Optimization when creating a new file - only
the last component doesn't exist. */
status = check_parent_exists(ctx,
conn,
posix_pathnames,
smb_fname,
&dirpath,
&start);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
}
/*
* A special case - if we don't have any wildcards or mangling chars and are case
* sensitive or the underlying filesystem is case insensitive then searching
* won't help.
*/
if ((conn->case_sensitive || !(conn->fs_capabilities &
FILE_CASE_SENSITIVE_SEARCH)) &&
!mangle_is_mangled(smb_fname->base_name, conn->params)) {
status = check_for_dot_component(smb_fname);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
/*
* The stat failed. Could be ok as it could be
* a new file.
*/
if (errno == ENOTDIR || errno == ELOOP) {
status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
goto fail;
} else if (errno == ENOENT) {
/*
* Was it a missing last component ?
* or a missing intermediate component ?
*/
struct smb_filename parent_fname;
const char *last_component = NULL;
ZERO_STRUCT(parent_fname);
if (!parent_dirname(ctx, smb_fname->base_name,
&parent_fname.base_name,
&last_component)) {
status = NT_STATUS_NO_MEMORY;
goto fail;
}
if (posix_pathnames) {
ret = SMB_VFS_LSTAT(conn, &parent_fname);
} else {
ret = SMB_VFS_STAT(conn, &parent_fname);
}
if (ret == -1) {
if (errno == ENOTDIR ||
errno == ENOENT ||
errno == ELOOP) {
status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
goto fail;
}
}
/*
* Missing last component is ok - new file.
* Also deal with permission denied elsewhere.
* Just drop out to done.
*/
goto done;
}
}
} else {
/*
* We have a wildcard in the pathname.
*
* Optimization for common case where the wildcard
* is in the last component and the client already
* sent the correct case.
*/
status = check_parent_exists(ctx,
conn,
posix_pathnames,
smb_fname,
&dirpath,
&start);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
}
/*
* is_mangled() was changed to look at an entire pathname, not
* just a component. JRA.
*/
if (mangle_is_mangled(start, conn->params)) {
component_was_mangled = True;
}
/*
* Now we need to recursively match the name against the real
* directory structure.
*/
/*
* Match each part of the path name separately, trying the names
* as is first, then trying to scan the directory for matching names.
*/
for (; start ; start = (end?end+1:(char *)NULL)) {
/*
* Pinpoint the end of this section of the filename.
*/
/* mb safe. '/' can't be in any encoded char. */
end = strchr(start, '/');
/*
* Chop the name at this point.
*/
if (end) {
*end = 0;
}
if (save_last_component) {
TALLOC_FREE(smb_fname->original_lcomp);
smb_fname->original_lcomp = talloc_strdup(smb_fname,
end ? end + 1 : start);
if (!smb_fname->original_lcomp) {
DEBUG(0, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
}
/* The name cannot have a component of "." */
if (ISDOT(start)) {
if (!end) {
/* Error code at the end of a pathname. */
status = NT_STATUS_OBJECT_NAME_INVALID;
} else {
status = determine_path_error(end+1,
allow_wcard_last_component);
}
goto fail;
}
/* The name cannot have a wildcard if it's not
the last component. */
name_has_wildcard = ms_has_wild(start);
/* Wildcards never valid within a pathname. */
if (name_has_wildcard && end) {
status = NT_STATUS_OBJECT_NAME_INVALID;
goto fail;
}
/* Skip the stat call if it's a wildcard end. */
if (name_has_wildcard) {
DEBUG(5,("Wildcard %s\n",start));
goto done;
}
/*
* Check if the name exists up to this point.
*/
if (posix_pathnames) {
ret = SMB_VFS_LSTAT(conn, smb_fname);
} else {
ret = SMB_VFS_STAT(conn, smb_fname);
}
if (ret == 0) {
/*
* It exists. it must either be a directory or this must
* be the last part of the path for it to be OK.
*/
if (end && !S_ISDIR(smb_fname->st.st_ex_mode)) {
/*
* An intermediate part of the name isn't
* a directory.
*/
DEBUG(5,("Not a dir %s\n",start));
*end = '/';
/*
* We need to return the fact that the
* intermediate name resolution failed. This
* is used to return an error of ERRbadpath
* rather than ERRbadfile. Some Windows
* applications depend on the difference between
* these two errors.
*/
status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
goto fail;
}
} else {
char *found_name = NULL;
/* Stat failed - ensure we don't use it. */
SET_STAT_INVALID(smb_fname->st);
/*
* Reset errno so we can detect
* directory open errors.
*/
errno = 0;
/*
* Try to find this part of the path in the directory.
*/
if (name_has_wildcard ||
(get_real_filename(conn, dirpath, start,
talloc_tos(),
&found_name) == -1)) {
char *unmangled;
if (end) {
/*
* An intermediate part of the name
* can't be found.
*/
DEBUG(5,("Intermediate not found %s\n",
start));
*end = '/';
/*
* We need to return the fact that the
* intermediate name resolution failed.
* This is used to return an error of
* ERRbadpath rather than ERRbadfile.
* Some Windows applications depend on
* the difference between these two
* errors.
*/
/*
* ENOENT, ENOTDIR and ELOOP all map
* to NT_STATUS_OBJECT_PATH_NOT_FOUND
* in the filename walk.
*/
if (errno == ENOENT ||
errno == ENOTDIR ||
errno == ELOOP) {
status =
NT_STATUS_OBJECT_PATH_NOT_FOUND;
}
else {
status =
map_nt_error_from_unix(errno);
}
goto fail;
}
/*
* ENOENT/EACCESS are the only valid errors
* here. EACCESS needs handling here for
* "dropboxes", i.e. directories where users
* can only put stuff with permission -wx.
*/
if ((errno != 0) && (errno != ENOENT)
&& (errno != EACCES)) {
/*
* ENOTDIR and ELOOP both map to
* NT_STATUS_OBJECT_PATH_NOT_FOUND
* in the filename walk.
*/
if (errno == ENOTDIR ||
errno == ELOOP) {
status =
NT_STATUS_OBJECT_PATH_NOT_FOUND;
} else {
status =
map_nt_error_from_unix(errno);
}
goto fail;
}
/*
* Just the last part of the name doesn't exist.
* We need to strupper() or strlower() it as
* this conversion may be used for file creation
* purposes. Fix inspired by
* Thomas Neumann <*****@*****.**>.
*/
if (!conn->case_preserve ||
(mangle_is_8_3(start, False,
conn->params) &&
!conn->short_case_preserve)) {
strnorm(start,
lp_defaultcase(SNUM(conn)));
}
/*
* check on the mangled stack to see if we can
* recover the base of the filename.
*/
if (mangle_is_mangled(start, conn->params)
&& mangle_lookup_name_from_8_3(ctx,
start,
&unmangled,
conn->params)) {
char *tmp;
size_t start_ofs =
start - smb_fname->base_name;
if (*dirpath != '\0') {
tmp = talloc_asprintf(
smb_fname, "%s/%s",
dirpath, unmangled);
TALLOC_FREE(unmangled);
}
else {
tmp = unmangled;
}
if (tmp == NULL) {
DEBUG(0, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
TALLOC_FREE(smb_fname->base_name);
smb_fname->base_name = tmp;
start =
smb_fname->base_name + start_ofs;
end = start + strlen(start);
}
DEBUG(5,("New file %s\n",start));
goto done;
}
/*
* Restore the rest of the string. If the string was
* mangled the size may have changed.
*/
if (end) {
char *tmp;
size_t start_ofs =
start - smb_fname->base_name;
if (*dirpath != '\0') {
tmp = talloc_asprintf(smb_fname,
"%s/%s/%s", dirpath,
found_name, end+1);
}
else {
tmp = talloc_asprintf(smb_fname,
"%s/%s", found_name,
end+1);
}
if (tmp == NULL) {
DEBUG(0, ("talloc_asprintf failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
TALLOC_FREE(smb_fname->base_name);
smb_fname->base_name = tmp;
start = smb_fname->base_name + start_ofs;
end = start + strlen(found_name);
*end = '\0';
} else {
char *tmp;
size_t start_ofs =
start - smb_fname->base_name;
if (*dirpath != '\0') {
tmp = talloc_asprintf(smb_fname,
"%s/%s", dirpath,
found_name);
} else {
tmp = talloc_strdup(smb_fname,
found_name);
}
if (tmp == NULL) {
DEBUG(0, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
TALLOC_FREE(smb_fname->base_name);
smb_fname->base_name = tmp;
start = smb_fname->base_name + start_ofs;
/*
* We just scanned for, and found the end of
* the path. We must return a valid stat struct
* if it exists. JRA.
*/
if (posix_pathnames) {
ret = SMB_VFS_LSTAT(conn, smb_fname);
} else {
ret = SMB_VFS_STAT(conn, smb_fname);
}
if (ret != 0) {
SET_STAT_INVALID(smb_fname->st);
}
}
TALLOC_FREE(found_name);
} /* end else */
#ifdef DEVELOPER
/*
* This sucks!
* We should never provide different behaviors
* depending on DEVELOPER!!!
*/
if (VALID_STAT(smb_fname->st)) {
bool delete_pending;
uint32_t name_hash;
status = file_name_hash(conn,
smb_fname_str_dbg(smb_fname),
&name_hash);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
get_file_infos(vfs_file_id_from_sbuf(conn,
&smb_fname->st),
name_hash,
&delete_pending, NULL);
if (delete_pending) {
status = NT_STATUS_DELETE_PENDING;
goto fail;
}
}
#endif
/*
* Add to the dirpath that we have resolved so far.
*/
if (*dirpath != '\0') {
char *tmp = talloc_asprintf(ctx,
"%s/%s", dirpath, start);
if (!tmp) {
DEBUG(0, ("talloc_asprintf failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
TALLOC_FREE(dirpath);
dirpath = tmp;
}
else {
TALLOC_FREE(dirpath);
if (!(dirpath = talloc_strdup(ctx,start))) {
DEBUG(0, ("talloc_strdup failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
}
/*
* Cache the dirpath thus far. Don't cache a name with mangled
* or wildcard components as this can change the size.
*/
if(!component_was_mangled && !name_has_wildcard) {
stat_cache_add(orig_path, dirpath,
conn->case_sensitive);
}
/*
* Restore the / that we wiped out earlier.
*/
if (end) {
*end = '/';
}
}
/*
* Cache the full path. Don't cache a name with mangled or wildcard
* components as this can change the size.
*/
if(!component_was_mangled && !name_has_wildcard) {
stat_cache_add(orig_path, smb_fname->base_name,
conn->case_sensitive);
}
/*
* The name has been resolved.
*/
DEBUG(5,("conversion finished %s -> %s\n", orig_path,
smb_fname->base_name));
done:
/* Add back the stream if one was stripped off originally. */
if (stream != NULL) {
smb_fname->stream_name = stream;
/* Check path now that the base_name has been converted. */
status = build_stream_path(ctx, conn, orig_path, smb_fname);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
}
TALLOC_FREE(dirpath);
*smb_fname_out = smb_fname;
return NT_STATUS_OK;
fail:
DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath, start));
if (*dirpath != '\0') {
smb_fname->base_name = talloc_asprintf(smb_fname, "%s/%s",
dirpath, start);
} else {
smb_fname->base_name = talloc_strdup(smb_fname, start);
}
if (!smb_fname->base_name) {
DEBUG(0, ("talloc_asprintf failed\n"));
status = NT_STATUS_NO_MEMORY;
goto err;
}
*smb_fname_out = smb_fname;
TALLOC_FREE(dirpath);
return status;
err:
TALLOC_FREE(smb_fname);
return status;
}
static NTSTATUS check_parent_exists(TALLOC_CTX *ctx,
connection_struct *conn,
bool posix_pathnames,
const struct smb_filename *smb_fname,
char **pp_dirpath,
char **pp_start)
{
struct smb_filename parent_fname;
const char *last_component = NULL;
NTSTATUS status;
int ret;
ZERO_STRUCT(parent_fname);
if (!parent_dirname(ctx, smb_fname->base_name,
&parent_fname.base_name,
&last_component)) {
return NT_STATUS_NO_MEMORY;
}
/*
* If there was no parent component in
* smb_fname->base_name of the parent name
* contained a wildcard then don't do this
* optimization.
*/
if ((smb_fname->base_name == last_component) ||
ms_has_wild(parent_fname.base_name)) {
return NT_STATUS_OK;
}
if (posix_pathnames) {
ret = SMB_VFS_LSTAT(conn, &parent_fname);
} else {
ret = SMB_VFS_STAT(conn, &parent_fname);
}
/* If the parent stat failed, just continue
with the normal tree walk. */
if (ret == -1) {
return NT_STATUS_OK;
}
status = check_for_dot_component(&parent_fname);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* Parent exists - set "start" to be the
* last compnent to shorten the tree walk. */
/*
* Safe to use discard_const_p
* here as last_component points
* into our smb_fname->base_name.
*/
*pp_start = discard_const_p(char, last_component);
/* Update dirpath. */
TALLOC_FREE(*pp_dirpath);
*pp_dirpath = talloc_strdup(ctx, parent_fname.base_name);
if (!*pp_dirpath) {
return NT_STATUS_NO_MEMORY;
}
DEBUG(5,("check_parent_exists: name "
"= %s, dirpath = %s, "
"start = %s\n",
smb_fname->base_name,
*pp_dirpath,
*pp_start));
return NT_STATUS_OK;
}
/*
* Because there is no good way to guarantee that a new xattr will be
* created on file creation there might be no acl xattr on a file when
* trying to read the acl. In this case the acl xattr will get
* constructed at that time from the parent acl.
* If the parent ACL doesn't have an xattr either the call will
* recurse to the next parent directory until the share root is
* reached. If the share root doesn't contain an ACL xattr either a
* default ACL will be used.
* Also a default ACL will be set if a non inheriting ACL is encountered.
*
* Basic algorithm:
* read acl xattr blob
* if acl xattr blob doesn't exist
* stat current directory to know if it's a file or directory
* read acl xattr blob from parent dir
* acl xattr blob to smb nfs4 acl
* calculate inherited smb nfs4 acl
* without inheritance use default smb nfs4 acl
* smb nfs4 acl to acl xattr blob
* set acl xattr blob
* return smb nfs4 acl
* else
* acl xattr blob to smb nfs4 acl
*
* Todo: Really use mem_ctx after fixing interface of nfs4_acls
*/
static struct SMB4ACL_T *nfs4acls_inheritacl(vfs_handle_struct *handle,
const char *path,
TALLOC_CTX *mem_ctx)
{
char *parent_dir = NULL;
struct SMB4ACL_T *pparentacl = NULL;
struct SMB4ACL_T *pchildacl = NULL;
struct SMB4ACE_T *pace;
SMB_ACE4PROP_T ace;
bool isdir;
struct smb_filename *smb_fname = NULL;
NTSTATUS status;
int ret;
TALLOC_CTX *frame = talloc_stackframe();
DEBUG(10, ("nfs4acls_inheritacl invoked for %s\n", path));
smb_fname = synthetic_smb_fname(frame, path, NULL, NULL);
if (smb_fname == NULL) {
TALLOC_FREE(frame);
errno = ENOMEM;
return NULL;
}
ret = SMB_VFS_STAT(handle->conn, smb_fname);
if (ret == -1) {
DEBUG(0,("nfs4acls_inheritacl: failed to stat "
"directory %s. Error was %s\n",
smb_fname_str_dbg(smb_fname),
strerror(errno)));
TALLOC_FREE(frame);
return NULL;
}
isdir = S_ISDIR(smb_fname->st.st_ex_mode);
if (!parent_dirname(talloc_tos(),
path,
&parent_dir,
NULL)) {
TALLOC_FREE(frame);
errno = ENOMEM;
return NULL;
}
status = nfs4_get_nfs4_acl(handle, frame, parent_dir, &pparentacl);
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)
&& strncmp(parent_dir, ".", 2) != 0) {
pparentacl = nfs4acls_inheritacl(handle, parent_dir,
frame);
}
else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
pparentacl = nfs4acls_defaultacl(frame);
}
else if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
return NULL;
}
pchildacl = smb_create_smb4acl(mem_ctx);
if (pchildacl == NULL) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(frame);
errno = ENOMEM;
return NULL;
}
for (pace = smb_first_ace4(pparentacl); pace != NULL;
pace = smb_next_ace4(pace)) {
struct SMB4ACE_T *pchildace;
ace = *smb_get_ace4(pace);
if ((isdir && !(ace.aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)) ||
(!isdir && !(ace.aceFlags & SMB_ACE4_FILE_INHERIT_ACE))) {
DEBUG(10, ("non inheriting ace type: %d, iflags: %x, "
"flags: %x, mask: %x, who: %d\n",
ace.aceType, ace.flags, ace.aceFlags,
ace.aceMask, ace.who.id));
continue;
}
DEBUG(10, ("inheriting ace type: %d, iflags: %x, "
"flags: %x, mask: %x, who: %d\n",
ace.aceType, ace.flags, ace.aceFlags,
ace.aceMask, ace.who.id));
ace.aceFlags |= SMB_ACE4_INHERITED_ACE;
if (ace.aceFlags & SMB_ACE4_INHERIT_ONLY_ACE) {
ace.aceFlags &= ~SMB_ACE4_INHERIT_ONLY_ACE;
}
if (ace.aceFlags & SMB_ACE4_NO_PROPAGATE_INHERIT_ACE) {
ace.aceFlags &= ~SMB_ACE4_FILE_INHERIT_ACE;
ace.aceFlags &= ~SMB_ACE4_DIRECTORY_INHERIT_ACE;
ace.aceFlags &= ~SMB_ACE4_NO_PROPAGATE_INHERIT_ACE;
}
pchildace = smb_add_ace4(pchildacl, &ace);
if (pchildace == NULL) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(frame);
errno = ENOMEM;
return NULL;
}
}
/* Set a default ACL if we didn't inherit anything. */
if (smb_first_ace4(pchildacl) == NULL) {
TALLOC_FREE(pchildacl);
pchildacl = nfs4acls_defaultacl(mem_ctx);
}
/* store the returned ACL to get it directly in the
future and avoid dynamic inheritance behavior. */
nfs4acl_xattr_set_smb4acl(handle, path, pchildacl);
TALLOC_FREE(frame);
return pchildacl;
}
static int acl_common_remove_object(vfs_handle_struct *handle,
const char *path,
bool is_directory)
{
connection_struct *conn = handle->conn;
struct file_id id;
files_struct *fsp = NULL;
int ret = 0;
char *parent_dir = NULL;
const char *final_component = NULL;
struct smb_filename local_fname;
int saved_errno = 0;
if (!parent_dirname(talloc_tos(), path,
&parent_dir, &final_component)) {
saved_errno = ENOMEM;
goto out;
}
DEBUG(10,("acl_common_remove_object: removing %s %s/%s\n",
is_directory ? "directory" : "file",
parent_dir, final_component ));
/* cd into the parent dir to pin it. */
ret = SMB_VFS_CHDIR(conn, parent_dir);
if (ret == -1) {
saved_errno = errno;
goto out;
}
ZERO_STRUCT(local_fname);
local_fname.base_name = CONST_DISCARD(char *,final_component);
/* Must use lstat here. */
ret = SMB_VFS_LSTAT(conn, &local_fname);
if (ret == -1) {
saved_errno = errno;
goto out;
}
/* Ensure we have this file open with DELETE access. */
id = vfs_file_id_from_sbuf(conn, &local_fname.st);
for (fsp = file_find_di_first(id); fsp; file_find_di_next(fsp)) {
if (fsp->access_mask & DELETE_ACCESS &&
fsp->delete_on_close) {
/* We did open this for delete,
* allow the delete as root.
*/
break;
}
}
if (!fsp) {
DEBUG(10,("acl_common_remove_object: %s %s/%s "
"not an open file\n",
is_directory ? "directory" : "file",
parent_dir, final_component ));
saved_errno = EACCES;
goto out;
}
become_root();
if (is_directory) {
ret = SMB_VFS_NEXT_RMDIR(handle, final_component);
} else {
ret = SMB_VFS_NEXT_UNLINK(handle, &local_fname);
}
unbecome_root();
if (ret == -1) {
saved_errno = errno;
}
out:
TALLOC_FREE(parent_dir);
vfs_ChDir(conn, conn->connectpath);
if (saved_errno) {
errno = saved_errno;
}
return ret;
}
static struct aio_open_private_data *create_private_open_data(const files_struct *fsp,
int flags,
mode_t mode)
{
struct aio_open_private_data *opd = talloc_zero(NULL,
struct aio_open_private_data);
const char *fname = NULL;
if (!opd) {
return NULL;
}
opd->jobid = aio_pthread_open_jobid++;
opd->dir_fd = -1;
opd->ret_fd = -1;
opd->ret_errno = EINPROGRESS;
opd->flags = flags;
opd->mode = mode;
opd->mid = fsp->mid;
opd->in_progress = true;
opd->sconn = fsp->conn->sconn;
opd->initial_allocation_size = fsp->initial_allocation_size;
/* Copy our current credentials. */
opd->ux_tok = copy_unix_token(opd, get_current_utok(fsp->conn));
if (opd->ux_tok == NULL) {
TALLOC_FREE(opd);
return NULL;
}
/*
* Copy the parent directory name and the
* relative path within it.
*/
if (parent_dirname(opd,
fsp->fsp_name->base_name,
&opd->dname,
&fname) == false) {
TALLOC_FREE(opd);
return NULL;
}
opd->fname = talloc_strdup(opd, fname);
if (opd->fname == NULL) {
TALLOC_FREE(opd);
return NULL;
}
#if defined(O_DIRECTORY)
opd->dir_fd = open(opd->dname, O_RDONLY|O_DIRECTORY);
#else
opd->dir_fd = open(opd->dname, O_RDONLY);
#endif
if (opd->dir_fd == -1) {
TALLOC_FREE(opd);
return NULL;
}
talloc_set_destructor(opd, opd_destructor);
DLIST_ADD_END(open_pd_list, opd, struct aio_open_private_data *);
return opd;
}
