2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern userdom_struct current_user_info;
25 extern uint16 global_oplock_port;
26 extern BOOL global_client_failed_oplock_break;
28 /****************************************************************************
29 fd support routines - attempt to do a dos_open.
30 ****************************************************************************/
32 static int fd_open(struct connection_struct *conn, char *fname,
33 int flags, mode_t mode)
37 if (!lp_symlinks(SNUM(conn)))
41 fd = conn->vfs_ops.open(conn,fname,flags,mode);
43 /* Fix for files ending in '.' */
44 if((fd == -1) && (errno == ENOENT) &&
45 (strchr_m(fname,'.')==NULL)) {
47 fd = conn->vfs_ops.open(conn,fname,flags,mode);
50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56 /****************************************************************************
57 Close the file associated with a fsp.
58 ****************************************************************************/
60 int fd_close(struct connection_struct *conn, files_struct *fsp)
63 return 0; /* what we used to call a stat open. */
64 return fd_close_posix(conn, fsp);
68 /****************************************************************************
69 Check a filename for the pipe string.
70 ****************************************************************************/
72 static void check_for_pipe(char *fname)
74 /* special case of pipe opens */
76 StrnCpy(s,fname,sizeof(s)-1);
78 if (strstr(s,"pipe/")) {
79 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
80 unix_ERR_class = ERRSRV;
81 unix_ERR_code = ERRaccess;
85 /****************************************************************************
87 ****************************************************************************/
89 static BOOL open_file(files_struct *fsp,connection_struct *conn,
90 const char *fname1,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access)
92 extern struct current_user current_user;
94 int accmode = (flags & O_ACCMODE);
95 int local_flags = flags;
98 fsp->oplock_type = NO_OPLOCK;
101 pstrcpy(fname,fname1);
103 /* Check permissions */
106 * This code was changed after seeing a client open request
107 * containing the open mode of (DENY_WRITE/read-only) with
108 * the 'create if not exist' bit set. The previous code
109 * would fail to open the file read only on a read-only share
110 * as it was checking the flags parameter directly against O_RDONLY,
111 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
115 if (!CAN_WRITE(conn)) {
116 /* It's a read-only share - fail if we wanted to write. */
117 if(accmode != O_RDONLY) {
118 DEBUG(3,("Permission denied opening %s\n",fname));
119 check_for_pipe(fname);
121 } else if(flags & O_CREAT) {
122 /* We don't want to write - but we must make sure that O_CREAT
123 doesn't create the file if we have write access into the
131 * This little piece of insanity is inspired by the
132 * fact that an NT client can open a file for O_RDONLY,
133 * but set the create disposition to FILE_EXISTS_TRUNCATE.
134 * If the client *can* write to the file, then it expects to
135 * truncate the file, even though it is opening for readonly.
136 * Quicken uses this stupid trick in backup file creation...
137 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
138 * for helping track this one down. It didn't bite us in 2.0.x
139 * as we always opened files read-write in that release. JRA.
142 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC))
143 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
146 * We can't actually truncate here as the file may be locked.
147 * open_file_shared will take care of the truncate later. JRA.
150 local_flags &= ~O_TRUNC;
152 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
153 (local_flags & O_CREAT)) {
155 /* actually do the open */
156 fsp->fd = fd_open(conn, fname, local_flags, mode);
159 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
160 fname,strerror(errno),local_flags,flags));
161 check_for_pipe(fname);
165 fsp->fd = -1; /* What we used to call a stat open. */
167 if (!VALID_STAT(*psbuf)) {
171 ret = vfs_stat(conn, fname, psbuf);
173 ret = vfs_fstat(fsp,fsp->fd,psbuf);
174 /* If we have an fd, this stat should succeed. */
176 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) ));
179 /* For a non-io open, this stat failing means file not found. JRA */
187 * POSIX allows read-only opens of directories. We don't
188 * want to do this (we use a different code path for this)
189 * so catch a directory open and return an EISDIR. JRA.
192 if(S_ISDIR(psbuf->st_mode)) {
198 fsp->mode = psbuf->st_mode;
199 fsp->inode = psbuf->st_ino;
200 fsp->dev = psbuf->st_dev;
201 fsp->vuid = current_user.vuid;
202 fsp->size = psbuf->st_size;
204 fsp->can_lock = True;
205 fsp->can_read = ((flags & O_WRONLY)==0);
206 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
208 fsp->desired_access = desired_access;
209 fsp->print_file = False;
210 fsp->modified = False;
211 fsp->oplock_type = NO_OPLOCK;
212 fsp->sent_oplock_break = NO_BREAK_SENT;
213 fsp->is_directory = False;
214 fsp->directory_delete_on_close = False;
216 string_set(&fsp->fsp_name,fname);
217 fsp->wcp = NULL; /* Write cache pointer. */
219 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
220 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
221 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
222 conn->num_files_open + 1));
227 /****************************************************************************
229 Helper for open_file_shared.
230 Truncate a file after checking locking; close file if locked.
231 **************************************************************************/
233 static int truncate_unless_locked(struct connection_struct *conn, files_struct *fsp)
235 SMB_BIG_UINT mask = (SMB_BIG_UINT)-1;
237 if (is_locked(fsp,fsp->conn,mask,0,WRITE_LOCK,True)){
239 unix_ERR_class = ERRDOS;
240 unix_ERR_code = ERRlock;
243 return conn->vfs_ops.ftruncate(fsp,fsp->fd,0);
247 /*******************************************************************
248 return True if the filename is one of the special executable types
249 ********************************************************************/
250 static BOOL is_executable(const char *fname)
252 if ((fname = strrchr_m(fname,'.'))) {
253 if (strequal(fname,".com") ||
254 strequal(fname,".dll") ||
255 strequal(fname,".exe") ||
256 strequal(fname,".sym")) {
263 enum {AFAIL,AREAD,AWRITE,AALL};
265 /*******************************************************************
266 reproduce the share mode access table
267 this is horrendoously complex, and really can't be justified on any
268 rational grounds except that this is _exactly_ what NT does. See
269 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
271 ********************************************************************/
272 static int access_table(int new_deny,int old_deny,int old_mode,
273 BOOL same_pid, BOOL isexe)
275 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
278 if (isexe && old_mode == DOS_OPEN_RDONLY &&
279 old_deny == DENY_DOS && new_deny == DENY_READ) {
282 if (!isexe && old_mode == DOS_OPEN_RDONLY &&
283 old_deny == DENY_DOS && new_deny == DENY_DOS) {
286 if (new_deny == DENY_FCB && old_deny == DENY_DOS) {
287 if (isexe) return AFAIL;
288 if (old_mode == DOS_OPEN_RDONLY) return AFAIL;
291 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) {
292 if (new_deny == DENY_FCB || new_deny == DENY_READ) {
293 if (isexe) return AREAD;
297 if (old_deny == DENY_FCB) {
298 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL;
303 if (old_deny == DENY_DOS || new_deny == DENY_DOS ||
304 old_deny == DENY_FCB || new_deny == DENY_FCB) {
306 if (old_deny == DENY_FCB || new_deny == DENY_FCB) {
309 if (old_deny == DENY_DOS) {
310 if (new_deny == DENY_READ &&
311 (old_mode == DOS_OPEN_RDONLY ||
312 old_mode == DOS_OPEN_RDWR)) {
315 if (new_deny == DENY_WRITE &&
316 (old_mode == DOS_OPEN_WRONLY ||
317 old_mode == DOS_OPEN_RDWR)) {
322 if (old_deny == DENY_NONE) return AALL;
323 if (old_deny == DENY_READ) return AWRITE;
324 if (old_deny == DENY_WRITE) return AREAD;
326 /* it isn't a exe, dll, sym or com file */
327 if (old_deny == new_deny && same_pid)
330 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL;
331 if (old_mode == DOS_OPEN_RDONLY) return(AREAD);
339 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD);
340 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE);
341 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL);
344 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD);
345 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE);
346 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL);
349 if (old_deny==DENY_WRITE) return(AREAD);
350 if (old_deny==DENY_READ) return(AWRITE);
351 if (old_deny==DENY_NONE) return(AALL);
358 /****************************************************************************
359 check if we can open a file with a share mode
360 ****************************************************************************/
362 static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access,
363 const char *fname, BOOL fcbopen, int *flags)
365 int deny_mode = GET_DENY_MODE(share_mode);
366 int old_open_mode = GET_OPEN_MODE(share->share_mode);
367 int old_deny_mode = GET_DENY_MODE(share->share_mode);
370 * share modes = false means don't bother to check for
371 * DENY mode conflict. This is a *really* bad idea :-). JRA.
374 if(!lp_share_modes(SNUM(conn)))
378 * Don't allow any opens once the delete on close flag has been
382 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) {
383 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
385 unix_ERR_class = ERRDOS;
386 unix_ERR_code = ERRnoaccess;
390 /* this is a nasty hack, but necessary until we rewrite our open
391 handling to use a NTCreateX call as the basic call.
392 NT may open a file with neither read nor write access, and in
393 this case it expects the open not to conflict with any
394 existing deny modes. This happens (for example) during a
395 "xcopy /o" where the second file descriptor is used for
401 * This is a bit wierd - the test for desired access not having the
402 * critical bits seems seems odd. Firstly, if both opens have no
403 * critical bits then always ignore. Then check the "allow delete"
404 * then check for either. This probably isn't quite right yet but
405 * gets us much closer. JRA.
409 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
410 * and the existing desired_acces then share modes don't conflict.
413 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) &&
414 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
417 * Wrinkle discovered by smbtorture....
418 * If both are non-io open and requester is asking for delete and current open has delete access
419 * but neither open has allowed file share delete then deny.... this is very strange and
420 * seems to be the only case in which non-io opens conflict. JRA.
423 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) &&
424 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) {
425 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
427 unix_ERR_class = ERRDOS;
428 unix_ERR_code = ERRbadshare;
433 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
434 and existing desired access (0x%x) are non-data opens\n",
435 fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
440 * If delete access was requested and the existing share mode doesn't have
441 * ALLOW_SHARE_DELETE then deny.
444 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) {
445 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
447 unix_ERR_class = ERRDOS;
448 unix_ERR_code = ERRbadshare;
454 * The inverse of the above.
455 * If delete access was granted and the new share mode doesn't have
456 * ALLOW_SHARE_DELETE then deny.
459 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) {
460 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
462 unix_ERR_class = ERRDOS;
463 unix_ERR_code = ERRbadshare;
469 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
470 * then share modes don't conflict. Likewise with existing desired access.
473 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
474 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
475 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
476 existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
481 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
482 (share->pid == sys_getpid()),is_executable(fname));
484 if ((access_allowed == AFAIL) ||
485 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
486 (access_allowed == AREAD && *flags != O_RDONLY) ||
487 (access_allowed == AWRITE && *flags != O_WRONLY)) {
489 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
490 deny_mode,old_deny_mode,old_open_mode,
491 (int)share->pid,fname, fcbopen, *flags, access_allowed));
493 unix_ERR_class = ERRDOS;
494 unix_ERR_code = ERRbadshare;
499 if (access_allowed == AREAD)
502 if (access_allowed == AWRITE)
510 /****************************************************************************
511 Deal with open deny mode and oplock break processing.
512 Invarient: Share mode must be locked on entry and exit.
513 Returns -1 on error, or number of share modes on success (may be zero).
514 ****************************************************************************/
516 static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev,
518 uint32 desired_access,
519 int share_mode, int *p_flags, int *p_oplock_request,
520 BOOL *p_all_current_opens_are_level_II)
524 int oplock_contention_count = 0;
525 share_mode_entry *old_shares = 0;
526 BOOL fcbopen = False;
529 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB)
532 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
534 if(num_share_modes == 0)
538 * Check if the share modes will give us access.
542 share_mode_entry broken_entry;
544 broke_oplock = False;
545 *p_all_current_opens_are_level_II = True;
547 for(i = 0; i < num_share_modes; i++) {
548 share_mode_entry *share_entry = &old_shares[i];
551 * By observation of NetBench, oplocks are broken *before* share
552 * modes are checked. This allows a file to be closed by the client
553 * if the share mode would deny access and the client has an oplock.
554 * Check if someone has an oplock on this file. If so we must break
555 * it before continuing.
558 if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) ||
559 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) {
563 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
564 dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode));
566 /* Oplock break - unlock to request it. */
567 unlock_share_entry(conn, dev, inode);
569 opb_ret = request_oplock_break(share_entry);
572 lock_share_entry(conn, dev, inode);
574 if(opb_ret == False) {
575 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
576 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
577 SAFE_FREE(old_shares);
579 unix_ERR_class = ERRDOS;
580 unix_ERR_code = ERRbadshare;
585 broken_entry = *share_entry;
588 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) {
589 *p_all_current_opens_are_level_II = False;
592 /* someone else has a share lock on it, check to see if we can too */
593 if (!check_share_mode(conn, share_entry, share_mode, desired_access,
594 fname, fcbopen, p_flags)) {
595 SAFE_FREE(old_shares);
603 SAFE_FREE(old_shares);
604 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
605 oplock_contention_count++;
607 /* Paranoia check that this is no longer an exlusive entry. */
608 for(i = 0; i < num_share_modes; i++) {
609 share_mode_entry *share_entry = &old_shares[i];
611 if (share_modes_identical(&broken_entry, share_entry) &&
612 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) {
615 * This should not happen. The target left this oplock
616 * as exlusive.... The process *must* be dead....
619 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
620 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fname, (unsigned int)dev, (double)inode));
622 if (process_exists(broken_entry.pid)) {
623 DEBUG(0,("open_mode_check: Existent process %d left active oplock.\n",
627 if (del_share_entry(dev, inode, &broken_entry, NULL) == -1) {
629 unix_ERR_class = ERRDOS;
630 unix_ERR_code = ERRbadshare;
635 * We must reload the share modes after deleting the
636 * other process's entry.
639 SAFE_FREE(old_shares);
640 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
643 } /* end for paranoia... */
644 } /* end if broke_oplock */
646 } while(broke_oplock);
649 SAFE_FREE(old_shares);
652 * Refuse to grant an oplock in case the contention limit is
653 * reached when going through the lock list multiple times.
656 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) {
657 *p_oplock_request = 0;
658 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
659 oplock_contention_count ));
662 return num_share_modes;
665 /****************************************************************************
666 set a kernel flock on a file for NFS interoperability
667 this requires a patch to Linux
668 ****************************************************************************/
669 static void kernel_flock(files_struct *fsp, int deny_mode)
671 #if HAVE_KERNEL_SHARE_MODES
673 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE;
674 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ;
675 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND;
676 if (kernel_mode) flock(fsp->fd, kernel_mode);
682 static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode, mode_t new_mode)
684 uint32 old_dos_mode, new_dos_mode;
685 SMB_STRUCT_STAT sbuf;
689 sbuf.st_mode = existing_mode;
690 old_dos_mode = dos_mode(conn, path, &sbuf);
692 sbuf.st_mode = new_mode;
693 new_dos_mode = dos_mode(conn, path, &sbuf);
695 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
696 if (lp_map_system(SNUM(conn))) {
697 if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) != (new_dos_mode & FILE_ATTRIBUTE_SYSTEM))
700 if (lp_map_hidden(SNUM(conn))) {
701 if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) != (new_dos_mode & FILE_ATTRIBUTE_HIDDEN))
707 /****************************************************************************
708 Open a file with a share mode. On output from this open we are guarenteeing
710 ****************************************************************************/
711 files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
712 int share_mode,int ofun, mode_t mode,int oplock_request,
713 int *Access,int *action)
715 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, mode,
716 oplock_request, Access, action);
719 /****************************************************************************
720 Open a file with a share mode. On output from this open we are guarenteeing
722 ****************************************************************************/
723 files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
724 uint32 desired_access,
725 int share_mode,int ofun, mode_t mode,int oplock_request,
726 int *Access,int *action)
730 int deny_mode = GET_DENY_MODE(share_mode);
731 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode);
732 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
733 BOOL file_existed = VALID_STAT(*psbuf);
734 BOOL fcbopen = False;
735 BOOL def_acl = False;
738 int num_share_modes = 0;
739 BOOL all_current_opens_are_level_II = False;
740 BOOL fsp_open = False;
741 files_struct *fsp = NULL;
746 /* printers are handled completely differently. Most of the passed parameters are
749 *Access = DOS_OPEN_WRONLY;
751 *action = FILE_WAS_CREATED;
752 return print_fsp_open(conn, fname);
755 fsp = file_new(conn);
759 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
760 fname, share_mode, ofun, (int)mode, oplock_request ));
762 if (!check_name(fname,conn)) {
767 /* ignore any oplock requests if oplocks are disabled */
768 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) {
772 /* this is for OS/2 EAs - try and say we don't support them */
773 if (strstr(fname,".+,;=[].")) {
774 unix_ERR_class = ERRDOS;
775 /* OS/2 Workplace shell fix may be main code stream in a later release. */
776 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
777 unix_ERR_code = ERRcannotopen;
778 #else /* OS2_WPS_FIX */
779 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
780 #endif /* OS2_WPS_FIX */
782 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
787 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) {
788 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
795 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST))
798 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE))
801 /* We only care about matching attributes on file exists and truncate. */
802 if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) {
803 if (!open_match_attributes(conn, fname, psbuf->st_mode, mode)) {
804 DEBUG(5,("open_file_shared: attributes missmatch for file %s (0%o, 0%o)\n",
805 fname, psbuf->st_mode, mode ));
812 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL)
815 /* note that we ignore the append flag as
816 append does not mean the same thing under dos and unix */
818 switch (GET_OPEN_MODE(share_mode)) {
819 case DOS_OPEN_WRONLY:
821 if (desired_access == 0)
822 desired_access = FILE_WRITE_DATA;
827 if (desired_access == 0)
828 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
832 if (desired_access == 0)
833 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
837 if (desired_access == 0)
838 desired_access = FILE_READ_DATA;
843 if (GET_FILE_SYNC_OPENMODE(share_mode)) {
848 if (flags != O_RDONLY && file_existed &&
849 (!CAN_WRITE(conn) || IS_DOS_READONLY(dos_mode(conn,fname,psbuf)))) {
851 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
852 fname, !CAN_WRITE(conn) ? "share" : "file" ));
860 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) {
861 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
870 inode = psbuf->st_ino;
872 lock_share_entry(conn, dev, inode);
874 num_share_modes = open_mode_check(conn, fname, dev, inode,
877 &flags, &oplock_request, &all_current_opens_are_level_II);
878 if(num_share_modes == -1) {
881 * This next line is a subtlety we need for MS-Access. If a file open will
882 * fail due to share permissions and also for security (access)
883 * reasons, we need to return the access failed error, not the
884 * share error. This means we must attempt to open the file anyway
885 * in order to get the UNIX access error - even if we're going to
886 * fail the open for share reasons. This is bad, as we're burning
887 * another fd if there are existing locks but there's nothing else
888 * we can do. We also ensure we're not going to create or tuncate
889 * the file as we only want an access decision at this stage. JRA.
891 fsp_open = open_file(fsp,conn,fname,psbuf,
892 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access);
894 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
895 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
896 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open ));
898 unlock_share_entry(conn, dev, inode);
906 * We exit this block with the share entry *locked*.....
911 * Ensure we pay attention to default ACLs on directories if required.
914 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
915 (def_acl = directory_has_default_acl(conn, parent_dirname(fname))))
918 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
919 flags,flags2,(int)mode));
922 * open_file strips any O_TRUNC flags itself.
925 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access);
927 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) {
928 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True)
934 unlock_share_entry(conn, dev, inode);
940 * Deal with the race condition where two smbd's detect the file doesn't
941 * exist and do the create at the same time. One of them will win and
942 * set a share mode, the other (ie. this one) should check if the
943 * requested share mode for this create is allowed.
948 lock_share_entry_fsp(fsp);
950 num_share_modes = open_mode_check(conn, fname, dev, inode,
953 &flags, &oplock_request, &all_current_opens_are_level_II);
955 if(num_share_modes == -1) {
956 unlock_share_entry_fsp(fsp);
963 * If there are any share modes set then the file *did*
964 * exist. Ensure we return the correct value for action.
967 if (num_share_modes > 0)
971 * We exit this block with the share entry *locked*.....
975 /* note that we ignore failure for the following. It is
976 basically a hack for NFS, and NFS will never set one of
977 these only read them. Nobody but Samba can ever set a deny
978 mode and we have already checked our more authoritative
979 locking database for permission to set this deny mode. If
980 the kernel refuses the operations then the kernel is wrong */
981 kernel_flock(fsp, deny_mode);
984 * At this point onwards, we can guarentee that the share entry
985 * is locked, whether we created the file or not, and that the
986 * deny mode is compatible with all current opens.
990 * If requested, truncate the file.
993 if (flags2&O_TRUNC) {
995 * We are modifing the file after open - update the stat struct..
997 if ((truncate_unless_locked(conn,fsp) == -1) || (vfs_fstat(fsp,fsp->fd,psbuf)==-1)) {
998 unlock_share_entry_fsp(fsp);
1007 open_mode = DOS_OPEN_RDONLY;
1010 open_mode = DOS_OPEN_RDWR;
1013 open_mode = DOS_OPEN_WRONLY;
1017 fsp->share_mode = SET_DENY_MODE(deny_mode) |
1018 SET_OPEN_MODE(open_mode) |
1019 SET_ALLOW_SHARE_DELETE(allow_share_delete);
1021 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode ));
1024 (*Access) = open_mode;
1027 if (file_existed && !(flags2 & O_TRUNC))
1028 *action = FILE_WAS_OPENED;
1030 *action = FILE_WAS_CREATED;
1031 if (file_existed && (flags2 & O_TRUNC))
1032 *action = FILE_WAS_OVERWRITTEN;
1036 * Setup the oplock info in both the shared memory and
1040 if(oplock_request && (num_share_modes == 0) &&
1041 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) {
1042 port = global_oplock_port;
1043 } else if (oplock_request && all_current_opens_are_level_II) {
1044 port = global_oplock_port;
1045 oplock_request = LEVEL_II_OPLOCK;
1046 set_file_oplock(fsp, oplock_request);
1052 set_share_mode(fsp, port, oplock_request);
1054 if (delete_on_close) {
1055 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1057 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1058 /* Remember to delete the mode we just added. */
1059 del_share_mode(fsp, NULL);
1060 unlock_share_entry_fsp(fsp);
1068 * Take care of inherited ACLs on created files - if default ACL not
1072 if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) {
1073 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1074 if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS)
1075 errno = saved_errno; /* Ignore ENOSYS */
1078 unlock_share_entry_fsp(fsp);
1080 conn->num_files_open++;
1085 /****************************************************************************
1086 Open a file for for write to ensure that we can fchmod it.
1087 ****************************************************************************/
1089 files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf)
1091 files_struct *fsp = NULL;
1094 if (!VALID_STAT(*psbuf))
1097 fsp = file_new(conn);
1101 /* note! we must use a non-zero desired access or we don't get
1102 a real file descriptor. Oh what a twisted web we weave. */
1103 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA);
1106 * This is not a user visible file open.
1107 * Don't set a share mode and don't increment
1108 * the conn->num_files_open.
1119 /****************************************************************************
1120 Close the fchmod file fd - ensure no locks are lost.
1121 ****************************************************************************/
1123 int close_file_fchmod(files_struct *fsp)
1125 int ret = fd_close(fsp->conn, fsp);
1130 /****************************************************************************
1131 Open a directory from an NT SMB call.
1132 ****************************************************************************/
1134 files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf,
1135 uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action)
1137 extern struct current_user current_user;
1138 BOOL got_stat = False;
1139 files_struct *fsp = file_new(conn);
1140 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
1145 fsp->conn = conn; /* The vfs_fXXX() macros need this. */
1147 if (VALID_STAT(*psbuf))
1150 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) {
1152 errno = EEXIST; /* Setup so correct error is returned to client. */
1156 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) {
1160 if(!S_ISDIR(psbuf->st_mode)) {
1161 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1166 *action = FILE_WAS_OPENED;
1171 * Try and create the directory.
1174 if(!CAN_WRITE(conn)) {
1175 DEBUG(2,("open_directory: failing create on read-only share\n"));
1181 if(vfs_mkdir(conn,fname, unix_mode(conn,aDIR, fname)) < 0) {
1182 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1183 fname, strerror(errno) ));
1188 if(vfs_stat(conn,fname, psbuf) != 0) {
1193 *action = FILE_WAS_CREATED;
1199 * Don't create - just check that it *was* a directory.
1203 DEBUG(3,("open_directory: unable to stat name = %s. Error was %s\n",
1204 fname, strerror(errno) ));
1209 if(!S_ISDIR(psbuf->st_mode)) {
1210 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1215 *action = FILE_WAS_OPENED;
1218 DEBUG(5,("open_directory: opening directory %s\n", fname));
1221 * Setup the files_struct for it.
1224 fsp->mode = psbuf->st_mode;
1225 fsp->inode = psbuf->st_ino;
1226 fsp->dev = psbuf->st_dev;
1227 fsp->size = psbuf->st_size;
1228 fsp->vuid = current_user.vuid;
1230 fsp->can_lock = True;
1231 fsp->can_read = False;
1232 fsp->can_write = False;
1233 fsp->share_mode = share_mode;
1234 fsp->desired_access = desired_access;
1235 fsp->print_file = False;
1236 fsp->modified = False;
1237 fsp->oplock_type = NO_OPLOCK;
1238 fsp->sent_oplock_break = NO_BREAK_SENT;
1239 fsp->is_directory = True;
1240 fsp->directory_delete_on_close = False;
1242 string_set(&fsp->fsp_name,fname);
1244 if (delete_on_close) {
1245 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1247 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1252 conn->num_files_open++;
1258 Old code - I have replaced with correct desired_access checking. JRA.
1260 /*******************************************************************
1261 Check if the share mode on a file allows it to be deleted or unlinked.
1262 Return True if sharing doesn't prevent the operation.
1263 ********************************************************************/
1265 BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op)
1269 share_mode_entry *old_shares = 0;
1270 int num_share_modes;
1271 SMB_STRUCT_STAT sbuf;
1272 pid_t pid = sys_getpid();
1276 if (vfs_stat(conn,fname,&sbuf) == -1)
1280 inode = sbuf.st_ino;
1282 lock_share_entry(conn, dev, inode);
1283 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1286 * Check if the share modes will give us access.
1289 if(num_share_modes != 0) {
1294 broke_oplock = False;
1295 for(i = 0; i < num_share_modes; i++) {
1296 share_mode_entry *share_entry = &old_shares[i];
1299 * Break oplocks before checking share modes. See comment in
1300 * open_file_shared for details.
1301 * Check if someone has an oplock on this file. If so we must
1302 * break it before continuing.
1304 if(BATCH_OPLOCK_TYPE(share_entry->op_type)) {
1306 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1307 dev = %x, inode = %.0f\n", share_entry->op_type, fname, (unsigned int)dev, (double)inode));
1309 /* Oplock break.... */
1310 unlock_share_entry(conn, dev, inode);
1312 if(request_oplock_break(share_entry) == False) {
1313 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1314 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
1316 SAFE_FREE(old_shares);
1319 lock_share_entry(conn, dev, inode);
1320 broke_oplock = True;
1325 * If this is a delete request and ALLOW_SHARE_DELETE is set then allow
1326 * this to proceed. This takes precedence over share modes.
1329 if(!rename_op && GET_ALLOW_SHARE_DELETE(share_entry->share_mode))
1333 * Someone else has a share lock on it, check to see
1336 if ((GET_DENY_MODE(share_entry->share_mode) != DENY_DOS) ||
1337 (share_entry->pid != pid))
1343 SAFE_FREE(old_shares);
1344 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1346 } while(broke_oplock);
1350 * XXXX exactly what share mode combinations should be allowed for
1351 * deleting/renaming?
1355 * If we got here then either there were no share modes or
1356 * all share modes were DENY_DOS and the pid == getpid() or
1357 * delete access was requested and all share modes had the
1358 * ALLOW_SHARE_DELETE bit set (takes precedence over other
1366 unlock_share_entry(conn, dev, inode);
1367 SAFE_FREE(old_shares);
git.samba.org / jra / samba / .git / blob