static int sys_acl_set_file_tdb(vfs_handle_struct *handle,
const char *path,
SMB_ACL_TYPE_T type,
SMB_ACL_T theacl)
{
SMB_STRUCT_STAT sbuf;
struct db_context *db = acl_db;
int ret = -1;
ret = vfs_stat_smb_basename(handle->conn, path, &sbuf);
if (ret == -1) {
return -1;
}
ret = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle,
path,
type,
theacl);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &sbuf);
return 0;
}
static NTSTATUS streams_xattr_streaminfo(vfs_handle_struct *handle,
struct files_struct *fsp,
const struct smb_filename *smb_fname,
TALLOC_CTX *mem_ctx,
unsigned int *pnum_streams,
struct stream_struct **pstreams)
{
SMB_STRUCT_STAT sbuf;
int ret;
NTSTATUS status;
struct streaminfo_state state;
ret = vfs_stat_smb_basename(handle->conn, smb_fname, &sbuf);
if (ret == -1) {
return map_nt_error_from_unix(errno);
}
state.streams = *pstreams;
state.num_streams = *pnum_streams;
state.mem_ctx = mem_ctx;
state.handle = handle;
state.status = NT_STATUS_OK;
if (S_ISLNK(sbuf.st_ex_mode)) {
/*
* Currently we do't have SMB_VFS_LLISTXATTR
* inside the VFS which means there's no way
* to cope with a symlink when lp_posix_pathnames().
* returns true. For now ignore links.
* FIXME - by adding SMB_VFS_LLISTXATTR. JRA.
*/
status = NT_STATUS_OK;
} else {
status = walk_xattr_streams(handle, fsp, smb_fname,
collect_one_stream, &state);
}
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(state.streams);
return status;
}
if (!NT_STATUS_IS_OK(state.status)) {
TALLOC_FREE(state.streams);
return state.status;
}
*pnum_streams = state.num_streams;
*pstreams = state.streams;
return SMB_VFS_NEXT_STREAMINFO(handle,
fsp,
smb_fname,
mem_ctx,
pnum_streams,
pstreams);
}
static NTSTATUS get_acl_blob(TALLOC_CTX *ctx,
vfs_handle_struct *handle,
files_struct *fsp,
const struct smb_filename *smb_fname,
DATA_BLOB *pblob)
{
uint8_t id_buf[16];
TDB_DATA data;
struct file_id id;
struct db_context *db = acl_db;
NTSTATUS status = NT_STATUS_OK;
SMB_STRUCT_STAT sbuf;
ZERO_STRUCT(sbuf);
if (fsp) {
status = vfs_stat_fsp(fsp);
sbuf = fsp->fsp_name->st;
} else {
int ret = vfs_stat_smb_basename(handle->conn,
smb_fname,
&sbuf);
if (ret == -1) {
status = map_nt_error_from_unix(errno);
}
}
if (!NT_STATUS_IS_OK(status)) {
return status;
}
id = vfs_file_id_from_sbuf(handle->conn, &sbuf);
/* For backwards compatibility only store the dev/inode. */
push_file_id_16((char *)id_buf, &id);
status = dbwrap_fetch(db,
ctx,
make_tdb_data(id_buf, sizeof(id_buf)),
&data);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
pblob->data = data.dptr;
pblob->length = data.dsize;
DEBUG(10,("get_acl_blob: returned %u bytes from file %s\n",
(unsigned int)data.dsize, smb_fname->base_name ));
if (pblob->length == 0 || pblob->data == NULL) {
return NT_STATUS_NOT_FOUND;
}
return NT_STATUS_OK;
}
static int smbacl4_GetFileOwner(struct connection_struct *conn,
const char *filename,
SMB_STRUCT_STAT *psbuf)
{
ZERO_STRUCTP(psbuf);
/* Get the stat struct for the owner info. */
if (vfs_stat_smb_basename(conn, filename, psbuf) != 0)
{
DEBUG(8, ("vfs_stat_smb_basename failed with error %s\n",
strerror(errno)));
return -1;
}
return 0;
}
static NTSTATUS nfs4acl_xattr_default_sd(
struct vfs_handle_struct *handle,
const struct smb_filename *smb_fname,
TALLOC_CTX *mem_ctx,
struct security_descriptor **sd)
{
struct nfs4acl_config *config = NULL;
enum default_acl_style default_acl_style;
mode_t required_mode;
SMB_STRUCT_STAT sbuf = smb_fname->st;
int ret;
SMB_VFS_HANDLE_GET_DATA(handle, config,
struct nfs4acl_config,
return NT_STATUS_INTERNAL_ERROR);
default_acl_style = config->default_acl_style;
if (!VALID_STAT(sbuf)) {
ret = vfs_stat_smb_basename(handle->conn,
smb_fname,
&sbuf);
if (ret != 0) {
return map_nt_error_from_unix(errno);
}
}
if (S_ISDIR(sbuf.st_ex_mode)) {
required_mode = 0777;
} else {
required_mode = 0666;
}
if ((sbuf.st_ex_mode & required_mode) != required_mode) {
default_acl_style = DEFAULT_ACL_POSIX;
}
return make_default_filesystem_acl(mem_ctx,
default_acl_style,
smb_fname->base_name,
&sbuf,
sd);
}
static int rmdir_acl_tdb(vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
SMB_STRUCT_STAT sbuf;
struct db_context *db = acl_db;
int ret = -1;
ret = vfs_stat_smb_basename(handle->conn, smb_fname, &sbuf);
if (ret == -1) {
return -1;
}
ret = rmdir_acl_common(handle, smb_fname);
if (ret == -1) {
return -1;
}
acl_tdb_delete(handle, db, &sbuf);
return 0;
}
int solarisacl_sys_acl_set_file(vfs_handle_struct *handle,
const char *name,
SMB_ACL_TYPE_T type,
SMB_ACL_T theacl)
{
int ret = -1;
struct stat_ex s;
SOLARIS_ACL_T solaris_acl = NULL;
int count;
DEBUG(10, ("solarisacl_sys_acl_set_file called for file '%s'\n",
name));
if ((type != SMB_ACL_TYPE_ACCESS) && (type != SMB_ACL_TYPE_DEFAULT)) {
errno = EINVAL;
DEBUG(10, ("invalid smb acl type given (%d).\n", type));
goto done;
}
DEBUGADD(10, ("setting %s acl\n",
((type == SMB_ACL_TYPE_ACCESS) ? "access" : "default")));
if(!smb_acl_to_solaris_acl(theacl, &solaris_acl, &count, type)) {
DEBUG(10, ("conversion smb_acl -> solaris_acl failed (%s).\n",
strerror(errno)));
goto done;
}
/*
* if the file is a directory, there is extra work to do:
* since the solaris acl call stores both the access acl and
* the default acl as provided, we have to get the acl part
* that has not been specified in "type" from the file first
* and concatenate it with the acl provided.
*/
if (vfs_stat_smb_basename(handle->conn, name, &s) != 0) {
DEBUG(10, ("Error in stat call: %s\n", strerror(errno)));
goto done;
}
if (S_ISDIR(s.st_ex_mode)) {
SOLARIS_ACL_T other_acl;
int other_count;
SMB_ACL_TYPE_T other_type;
other_type = (type == SMB_ACL_TYPE_ACCESS)
? SMB_ACL_TYPE_DEFAULT
: SMB_ACL_TYPE_ACCESS;
DEBUGADD(10, ("getting acl from filesystem\n"));
if (!solaris_acl_get_file(name, &other_acl, &other_count)) {
DEBUG(10, ("error getting acl from directory\n"));
goto done;
}
DEBUG(10, ("adding %s part of fs acl to given acl\n",
((other_type == SMB_ACL_TYPE_ACCESS)
? "access"
: "default")));
if (!solaris_add_to_acl(&solaris_acl, &count, other_acl,
other_count, other_type))
{
DEBUG(10, ("error adding other acl.\n"));
SAFE_FREE(other_acl);
goto done;
}
SAFE_FREE(other_acl);
}
else if (type != SMB_ACL_TYPE_ACCESS) {
errno = EINVAL;
goto done;
}
if (!solaris_acl_sort(solaris_acl, count)) {
DEBUG(10, ("resulting acl is not valid!\n"));
goto done;
}
ret = acl(name, SETACL, count, solaris_acl);
done:
DEBUG(10, ("solarisacl_sys_acl_set_file %s.\n",
((ret != 0) ? "failed" : "succeeded")));
SAFE_FREE(solaris_acl);
return ret;
}
