2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
72 if (fsp->fh->fd == -1) {
73 return NT_STATUS_OK; /* What we used to call a stat open. */
75 if (fsp->fh->ref_count > 1) {
76 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
78 return fd_close_posix(conn, fsp);
81 /****************************************************************************
82 Change the ownership of a file to that of the parent directory.
83 Do this by fd if possible.
84 ****************************************************************************/
86 static void change_file_owner_to_parent(connection_struct *conn,
87 const char *inherit_from_dir,
90 SMB_STRUCT_STAT parent_st;
93 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
95 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
96 "directory %s. Error was %s\n",
97 inherit_from_dir, strerror(errno) ));
102 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
105 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
106 "file %s to parent directory uid %u. Error "
107 "was %s\n", fsp->fsp_name,
108 (unsigned int)parent_st.st_uid,
112 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
113 "parent directory uid %u.\n", fsp->fsp_name,
114 (unsigned int)parent_st.st_uid ));
117 static void change_dir_owner_to_parent(connection_struct *conn,
118 const char *inherit_from_dir,
120 SMB_STRUCT_STAT *psbuf)
123 SMB_STRUCT_STAT sbuf;
124 SMB_STRUCT_STAT parent_st;
127 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
129 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
130 "directory %s. Error was %s\n",
131 inherit_from_dir, strerror(errno) ));
135 /* We've already done an lstat into psbuf, and we know it's a
136 directory. If we can cd into the directory and the dev/ino
137 are the same then we can safely chown without races as
138 we're locking the directory in place by being in it. This
139 should work on any UNIX (thanks tridge :-). JRA.
142 if (!vfs_GetWd(conn,saved_dir)) {
143 DEBUG(0,("change_dir_owner_to_parent: failed to get "
144 "current working directory\n"));
148 /* Chdir into the new path. */
149 if (vfs_ChDir(conn, fname) == -1) {
150 DEBUG(0,("change_dir_owner_to_parent: failed to change "
151 "current working directory to %s. Error "
152 "was %s\n", fname, strerror(errno) ));
156 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
157 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
158 "directory '.' (%s) Error was %s\n",
159 fname, strerror(errno)));
163 /* Ensure we're pointing at the same place. */
164 if (sbuf.st_dev != psbuf->st_dev ||
165 sbuf.st_ino != psbuf->st_ino ||
166 sbuf.st_mode != psbuf->st_mode ) {
167 DEBUG(0,("change_dir_owner_to_parent: "
168 "device/inode/mode on directory %s changed. "
169 "Refusing to chown !\n", fname ));
174 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
177 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
178 "directory %s to parent directory uid %u. "
179 "Error was %s\n", fname,
180 (unsigned int)parent_st.st_uid, strerror(errno) ));
184 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
185 "directory %s to parent directory uid %u.\n",
186 fname, (unsigned int)parent_st.st_uid ));
190 vfs_ChDir(conn,saved_dir);
193 /****************************************************************************
195 ****************************************************************************/
197 static NTSTATUS open_file(files_struct *fsp,
198 connection_struct *conn,
199 const char *parent_dir,
202 SMB_STRUCT_STAT *psbuf,
205 uint32 access_mask, /* client requested access mask. */
206 uint32 open_access_mask) /* what we're actually using in the open. */
208 int accmode = (flags & O_ACCMODE);
209 int local_flags = flags;
210 BOOL file_existed = VALID_STAT(*psbuf);
215 /* Check permissions */
218 * This code was changed after seeing a client open request
219 * containing the open mode of (DENY_WRITE/read-only) with
220 * the 'create if not exist' bit set. The previous code
221 * would fail to open the file read only on a read-only share
222 * as it was checking the flags parameter directly against O_RDONLY,
223 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
227 if (!CAN_WRITE(conn)) {
228 /* It's a read-only share - fail if we wanted to write. */
229 if(accmode != O_RDONLY) {
230 DEBUG(3,("Permission denied opening %s\n", path));
231 return NT_STATUS_ACCESS_DENIED;
232 } else if(flags & O_CREAT) {
233 /* We don't want to write - but we must make sure that
234 O_CREAT doesn't create the file if we have write
235 access into the directory.
238 local_flags &= ~O_CREAT;
243 * This little piece of insanity is inspired by the
244 * fact that an NT client can open a file for O_RDONLY,
245 * but set the create disposition to FILE_EXISTS_TRUNCATE.
246 * If the client *can* write to the file, then it expects to
247 * truncate the file, even though it is opening for readonly.
248 * Quicken uses this stupid trick in backup file creation...
249 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
250 * for helping track this one down. It didn't bite us in 2.0.x
251 * as we always opened files read-write in that release. JRA.
254 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
255 DEBUG(10,("open_file: truncate requested on read-only open "
256 "for file %s\n", path));
257 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
260 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
261 (!file_existed && (local_flags & O_CREAT)) ||
262 ((local_flags & O_TRUNC) == O_TRUNC) ) {
265 * We can't actually truncate here as the file may be locked.
266 * open_file_ntcreate will take care of the truncate later. JRA.
269 local_flags &= ~O_TRUNC;
271 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
273 * We would block on opening a FIFO with no one else on the
274 * other end. Do what we used to do and add O_NONBLOCK to the
278 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
279 local_flags |= O_NONBLOCK;
283 /* Don't create files with Microsoft wildcard characters. */
284 if ((local_flags & O_CREAT) && !file_existed &&
286 return NT_STATUS_OBJECT_NAME_INVALID;
289 /* Actually do the open */
290 if (!fd_open(conn, path, fsp, local_flags, unx_mode)) {
291 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
293 path,strerror(errno),local_flags,flags));
294 return map_nt_error_from_unix(errno);
297 if ((local_flags & O_CREAT) && !file_existed) {
299 /* Inherit the ACL if required */
300 if (lp_inherit_perms(SNUM(conn))) {
301 inherit_access_acl(conn, parent_dir, path,
305 /* Change the owner if required. */
306 if (lp_inherit_owner(SNUM(conn))) {
307 change_file_owner_to_parent(conn, parent_dir,
311 notify_fname(conn, NOTIFY_ACTION_ADDED,
312 FILE_NOTIFY_CHANGE_FILE_NAME, path);
316 fsp->fh->fd = -1; /* What we used to call a stat open. */
322 if (fsp->fh->fd == -1) {
323 ret = SMB_VFS_STAT(conn, path, psbuf);
325 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
326 /* If we have an fd, this stat should succeed. */
328 DEBUG(0,("Error doing fstat on open file %s "
329 "(%s)\n", path,strerror(errno) ));
333 /* For a non-io open, this stat failing means file not found. JRA */
335 NTSTATUS status = map_nt_error_from_unix(errno);
342 * POSIX allows read-only opens of directories. We don't
343 * want to do this (we use a different code path for this)
344 * so catch a directory open and return an EISDIR. JRA.
347 if(S_ISDIR(psbuf->st_mode)) {
350 return NT_STATUS_FILE_IS_A_DIRECTORY;
353 fsp->mode = psbuf->st_mode;
354 fsp->inode = psbuf->st_ino;
355 fsp->dev = psbuf->st_dev;
356 fsp->vuid = current_user.vuid;
357 fsp->file_pid = global_smbpid;
358 fsp->can_lock = True;
359 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
360 if (!CAN_WRITE(conn)) {
361 fsp->can_write = False;
363 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
366 fsp->print_file = False;
367 fsp->modified = False;
368 fsp->sent_oplock_break = NO_BREAK_SENT;
369 fsp->is_directory = False;
370 fsp->is_stat = False;
372 string_set(&fsp->fsp_name, path);
373 fsp->wcp = NULL; /* Write cache pointer. */
375 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
376 *current_user_info.smb_name ?
377 current_user_info.smb_name : conn->user,fsp->fsp_name,
378 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
379 conn->num_files_open + 1));
385 /*******************************************************************
386 Return True if the filename is one of the special executable types.
387 ********************************************************************/
389 static BOOL is_executable(const char *fname)
391 if ((fname = strrchr_m(fname,'.'))) {
392 if (strequal(fname,".com") ||
393 strequal(fname,".dll") ||
394 strequal(fname,".exe") ||
395 strequal(fname,".sym")) {
402 /****************************************************************************
403 Check if we can open a file with a share mode.
404 Returns True if conflict, False if not.
405 ****************************************************************************/
407 static BOOL share_conflict(struct share_mode_entry *entry,
411 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
412 "entry->share_access = 0x%x, "
413 "entry->private_options = 0x%x\n",
414 (unsigned int)entry->access_mask,
415 (unsigned int)entry->share_access,
416 (unsigned int)entry->private_options));
418 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
419 (unsigned int)access_mask, (unsigned int)share_access));
421 if ((entry->access_mask & (FILE_WRITE_DATA|
425 DELETE_ACCESS)) == 0) {
426 DEBUG(10,("share_conflict: No conflict due to "
427 "entry->access_mask = 0x%x\n",
428 (unsigned int)entry->access_mask ));
432 if ((access_mask & (FILE_WRITE_DATA|
436 DELETE_ACCESS)) == 0) {
437 DEBUG(10,("share_conflict: No conflict due to "
438 "access_mask = 0x%x\n",
439 (unsigned int)access_mask ));
443 #if 1 /* JRA TEST - Superdebug. */
444 #define CHECK_MASK(num, am, right, sa, share) \
445 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
446 (unsigned int)(num), (unsigned int)(am), \
447 (unsigned int)(right), (unsigned int)(am)&(right) )); \
448 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
449 (unsigned int)(num), (unsigned int)(sa), \
450 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
451 if (((am) & (right)) && !((sa) & (share))) { \
452 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
453 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
454 (unsigned int)(share) )); \
458 #define CHECK_MASK(num, am, right, sa, share) \
459 if (((am) & (right)) && !((sa) & (share))) { \
460 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
461 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
462 (unsigned int)(share) )); \
467 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
468 share_access, FILE_SHARE_WRITE);
469 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
470 entry->share_access, FILE_SHARE_WRITE);
472 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
473 share_access, FILE_SHARE_READ);
474 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
475 entry->share_access, FILE_SHARE_READ);
477 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
478 share_access, FILE_SHARE_DELETE);
479 CHECK_MASK(6, access_mask, DELETE_ACCESS,
480 entry->share_access, FILE_SHARE_DELETE);
482 DEBUG(10,("share_conflict: No conflict.\n"));
486 #if defined(DEVELOPER)
487 static void validate_my_share_entries(int num,
488 struct share_mode_entry *share_entry)
492 if (!procid_is_me(&share_entry->pid)) {
496 if (is_deferred_open_entry(share_entry) &&
497 !open_was_deferred(share_entry->op_mid)) {
499 pstr_sprintf(str, "Got a deferred entry without a request: "
500 "PANIC: %s\n", share_mode_str(num, share_entry));
504 if (!is_valid_share_mode_entry(share_entry)) {
508 fsp = file_find_dif(share_entry->dev, share_entry->inode,
509 share_entry->share_file_id);
511 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
512 share_mode_str(num, share_entry) ));
513 smb_panic("validate_my_share_entries: Cannot match a "
514 "share entry with an open file\n");
517 if (is_deferred_open_entry(share_entry) ||
518 is_unused_share_mode_entry(share_entry)) {
522 if ((share_entry->op_type == NO_OPLOCK) &&
523 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
524 /* Someone has already written to it, but I haven't yet
529 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
538 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
539 share_mode_str(num, share_entry) ));
540 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
541 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
542 fsp->fsp_name, (unsigned int)fsp->oplock_type,
543 (unsigned int)share_entry->op_type );
549 static BOOL is_stat_open(uint32 access_mask)
551 return (access_mask &&
552 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
553 FILE_WRITE_ATTRIBUTES))==0) &&
554 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
555 FILE_WRITE_ATTRIBUTES)) != 0));
558 /****************************************************************************
559 Deal with share modes
560 Invarient: Share mode must be locked on entry and exit.
561 Returns -1 on error, or number of share modes on success (may be zero).
562 ****************************************************************************/
564 static NTSTATUS open_mode_check(connection_struct *conn,
566 struct share_mode_lock *lck,
569 uint32 create_options,
574 if(lck->num_share_modes == 0) {
578 *file_existed = True;
580 if (is_stat_open(access_mask)) {
581 /* Stat open that doesn't trigger oplock breaks or share mode
582 * checks... ! JRA. */
586 /* A delete on close prohibits everything */
588 if (lck->delete_on_close) {
589 return NT_STATUS_DELETE_PENDING;
593 * Check if the share modes will give us access.
596 #if defined(DEVELOPER)
597 for(i = 0; i < lck->num_share_modes; i++) {
598 validate_my_share_entries(i, &lck->share_modes[i]);
602 if (!lp_share_modes(SNUM(conn))) {
606 /* Now we check the share modes, after any oplock breaks. */
607 for(i = 0; i < lck->num_share_modes; i++) {
609 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
613 /* someone else has a share lock on it, check to see if we can
615 if (share_conflict(&lck->share_modes[i],
616 access_mask, share_access)) {
617 return NT_STATUS_SHARING_VIOLATION;
624 static BOOL is_delete_request(files_struct *fsp) {
625 return ((fsp->access_mask == DELETE_ACCESS) &&
626 (fsp->oplock_type == NO_OPLOCK));
630 * 1) No files open at all or internal open: Grant whatever the client wants.
632 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
633 * request, break if the oplock around is a batch oplock. If it's another
634 * requested access type, break.
636 * 3) Only level2 around: Grant level2 and do nothing else.
639 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
645 struct share_mode_entry *exclusive = NULL;
646 BOOL valid_entry = False;
647 BOOL delay_it = False;
648 BOOL have_level2 = False;
650 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
652 if (oplock_request & INTERNAL_OPEN_ONLY) {
653 fsp->oplock_type = NO_OPLOCK;
656 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
660 for (i=0; i<lck->num_share_modes; i++) {
662 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
666 /* At least one entry is not an invalid or deferred entry. */
669 if (pass_number == 1) {
670 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
671 SMB_ASSERT(exclusive == NULL);
672 exclusive = &lck->share_modes[i];
675 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
676 SMB_ASSERT(exclusive == NULL);
677 exclusive = &lck->share_modes[i];
681 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
682 SMB_ASSERT(exclusive == NULL);
688 /* All entries are placeholders or deferred.
689 * Directly grant whatever the client wants. */
690 if (fsp->oplock_type == NO_OPLOCK) {
691 /* Store a level2 oplock, but don't tell the client */
692 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
697 if (exclusive != NULL) { /* Found an exclusive oplock */
698 SMB_ASSERT(!have_level2);
699 delay_it = is_delete_request(fsp) ?
700 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
703 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
704 /* We can at most grant level2 as there are other
705 * level2 or NO_OPLOCK entries. */
706 fsp->oplock_type = LEVEL_II_OPLOCK;
709 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
710 /* Store a level2 oplock, but don't tell the client */
711 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
719 * Send a break message to the oplock holder and delay the open for
723 DEBUG(10, ("Sending break request to PID %s\n",
724 procid_str_static(&exclusive->pid)));
725 exclusive->op_mid = get_current_mid();
727 /* Create the message. */
728 share_mode_entry_to_message(msg, exclusive);
730 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
731 don't want this set in the share mode struct pointed to by lck. */
733 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
734 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
737 status = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
738 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
739 if (!NT_STATUS_IS_OK(status)) {
740 DEBUG(3, ("Could not send oplock break message: %s\n",
747 static BOOL request_timed_out(struct timeval request_time,
748 struct timeval timeout)
750 struct timeval now, end_time;
752 end_time = timeval_sum(&request_time, &timeout);
753 return (timeval_compare(&end_time, &now) < 0);
756 /****************************************************************************
757 Handle the 1 second delay in returning a SHARING_VIOLATION error.
758 ****************************************************************************/
760 static void defer_open(struct share_mode_lock *lck,
761 struct timeval request_time,
762 struct timeval timeout,
763 struct deferred_open_record *state)
765 uint16 mid = get_current_mid();
770 for (i=0; i<lck->num_share_modes; i++) {
771 struct share_mode_entry *e = &lck->share_modes[i];
773 if (!is_deferred_open_entry(e)) {
777 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
778 DEBUG(0, ("Trying to defer an already deferred "
779 "request: mid=%d, exiting\n", mid));
780 exit_server("attempt to defer a deferred request");
784 /* End paranoia check */
786 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
787 "open entry for mid %u\n",
788 (unsigned int)request_time.tv_sec,
789 (unsigned int)request_time.tv_usec,
792 if (!push_deferred_smb_message(mid, request_time, timeout,
793 (char *)state, sizeof(*state))) {
794 exit_server("push_deferred_smb_message failed");
796 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
799 * Push the MID of this packet on the signing queue.
800 * We only do this once, the first time we push the packet
801 * onto the deferred open queue, as this has a side effect
802 * of incrementing the response sequence number.
805 srv_defer_sign_response(mid);
809 /****************************************************************************
810 On overwrite open ensure that the attributes match.
811 ****************************************************************************/
813 static BOOL open_match_attributes(connection_struct *conn,
817 mode_t existing_unx_mode,
819 mode_t *returned_unx_mode)
821 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
823 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
824 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
826 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
827 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
828 *returned_unx_mode = new_unx_mode;
830 *returned_unx_mode = (mode_t)0;
833 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
834 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
835 "returned_unx_mode = 0%o\n",
837 (unsigned int)old_dos_attr,
838 (unsigned int)existing_unx_mode,
839 (unsigned int)new_dos_attr,
840 (unsigned int)*returned_unx_mode ));
842 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
843 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
844 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
845 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
849 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
850 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
851 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
858 /****************************************************************************
859 Special FCB or DOS processing in the case of a sharing violation.
860 Try and find a duplicated file handle.
861 ****************************************************************************/
863 static files_struct *fcb_or_dos_open(connection_struct *conn,
864 const char *fname, SMB_DEV_T dev,
868 uint32 create_options)
871 files_struct *dup_fsp;
873 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
874 "file %s.\n", fname ));
876 for(fsp = file_find_di_first(dev, inode); fsp;
877 fsp = file_find_di_next(fsp)) {
879 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
880 "vuid = %u, file_pid = %u, private_options = 0x%x "
881 "access_mask = 0x%x\n", fsp->fsp_name,
882 fsp->fh->fd, (unsigned int)fsp->vuid,
883 (unsigned int)fsp->file_pid,
884 (unsigned int)fsp->fh->private_options,
885 (unsigned int)fsp->access_mask ));
887 if (fsp->fh->fd != -1 &&
888 fsp->vuid == current_user.vuid &&
889 fsp->file_pid == global_smbpid &&
890 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
891 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
892 (fsp->access_mask & FILE_WRITE_DATA) &&
893 strequal(fsp->fsp_name, fname)) {
894 DEBUG(10,("fcb_or_dos_open: file match\n"));
903 /* quite an insane set of semantics ... */
904 if (is_executable(fname) &&
905 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
906 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
910 /* We need to duplicate this fsp. */
911 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
912 create_options, &dup_fsp))) {
919 /****************************************************************************
920 Open a file with a share mode - old openX method - map into NTCreate.
921 ****************************************************************************/
923 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
924 uint32 *paccess_mask,
926 uint32 *pcreate_disposition,
927 uint32 *pcreate_options)
931 uint32 create_disposition;
932 uint32 create_options = 0;
934 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
935 "open_func = 0x%x\n",
936 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
938 /* Create the NT compatible access_mask. */
939 switch (GET_OPENX_MODE(deny_mode)) {
940 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
941 case DOS_OPEN_RDONLY:
942 access_mask = FILE_GENERIC_READ;
944 case DOS_OPEN_WRONLY:
945 access_mask = FILE_GENERIC_WRITE;
949 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
952 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
953 (unsigned int)GET_OPENX_MODE(deny_mode)));
957 /* Create the NT compatible create_disposition. */
959 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
960 create_disposition = FILE_CREATE;
963 case OPENX_FILE_EXISTS_OPEN:
964 create_disposition = FILE_OPEN;
967 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
968 create_disposition = FILE_OPEN_IF;
971 case OPENX_FILE_EXISTS_TRUNCATE:
972 create_disposition = FILE_OVERWRITE;
975 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
976 create_disposition = FILE_OVERWRITE_IF;
980 /* From samba4 - to be confirmed. */
981 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
982 create_disposition = FILE_CREATE;
985 DEBUG(10,("map_open_params_to_ntcreate: bad "
986 "open_func 0x%x\n", (unsigned int)open_func));
990 /* Create the NT compatible share modes. */
991 switch (GET_DENY_MODE(deny_mode)) {
993 share_mode = FILE_SHARE_NONE;
997 share_mode = FILE_SHARE_READ;
1001 share_mode = FILE_SHARE_WRITE;
1005 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1009 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1010 if (is_executable(fname)) {
1011 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1013 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1014 share_mode = FILE_SHARE_READ;
1016 share_mode = FILE_SHARE_NONE;
1022 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1023 share_mode = FILE_SHARE_NONE;
1027 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1028 (unsigned int)GET_DENY_MODE(deny_mode) ));
1032 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1033 "share_mode = 0x%x, create_disposition = 0x%x, "
1034 "create_options = 0x%x\n",
1036 (unsigned int)access_mask,
1037 (unsigned int)share_mode,
1038 (unsigned int)create_disposition,
1039 (unsigned int)create_options ));
1042 *paccess_mask = access_mask;
1045 *pshare_mode = share_mode;
1047 if (pcreate_disposition) {
1048 *pcreate_disposition = create_disposition;
1050 if (pcreate_options) {
1051 *pcreate_options = create_options;
1058 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1060 struct deferred_open_record state;
1062 /* This is a relative time, added to the absolute
1063 request_time value to get the absolute timeout time.
1064 Note that if this is the second or greater time we enter
1065 this codepath for this particular request mid then
1066 request_time is left as the absolute time of the *first*
1067 time this request mid was processed. This is what allows
1068 the request to eventually time out. */
1070 struct timeval timeout;
1072 /* Normally the smbd we asked should respond within
1073 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1074 * the client did, give twice the timeout as a safety
1075 * measure here in case the other smbd is stuck
1076 * somewhere else. */
1078 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1080 /* Nothing actually uses state.delayed_for_oplocks
1081 but it's handy to differentiate in debug messages
1082 between a 30 second delay due to oplock break, and
1083 a 1 second delay for share mode conflicts. */
1085 state.delayed_for_oplocks = True;
1086 state.dev = lck->dev;
1087 state.inode = lck->ino;
1089 if (!request_timed_out(request_time, timeout)) {
1090 defer_open(lck, request_time, timeout, &state);
1094 /****************************************************************************
1095 Open a file with a share mode.
1096 ****************************************************************************/
1098 NTSTATUS open_file_ntcreate(connection_struct *conn,
1100 SMB_STRUCT_STAT *psbuf,
1101 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1102 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1103 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1104 uint32 create_options, /* options such as delete on close. */
1105 uint32 new_dos_attributes, /* attributes used for new file. */
1106 int oplock_request, /* internal Samba oplock codes. */
1107 /* Information (FILE_EXISTS etc.) */
1109 files_struct **result)
1113 BOOL file_existed = VALID_STAT(*psbuf);
1114 BOOL def_acl = False;
1115 BOOL posix_open = False;
1117 SMB_INO_T inode = 0;
1118 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1119 files_struct *fsp = NULL;
1120 mode_t new_unx_mode = (mode_t)0;
1121 mode_t unx_mode = (mode_t)0;
1123 uint32 existing_dos_attributes = 0;
1124 struct pending_message_list *pml = NULL;
1125 uint16 mid = get_current_mid();
1126 struct timeval request_time = timeval_zero();
1127 struct share_mode_lock *lck = NULL;
1128 uint32 open_access_mask = access_mask;
1132 const char *newname;
1134 if (conn->printer) {
1136 * Printers are handled completely differently.
1137 * Most of the passed parameters are ignored.
1141 *pinfo = FILE_WAS_CREATED;
1144 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1146 return print_fsp_open(conn, fname, result);
1149 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1151 return NT_STATUS_NO_MEMORY;
1154 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1156 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1157 new_dos_attributes = 0;
1159 /* We add aARCH to this as this mode is only used if the file is
1161 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1165 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1166 "access_mask=0x%x share_access=0x%x "
1167 "create_disposition = 0x%x create_options=0x%x "
1168 "unix mode=0%o oplock_request=%d\n",
1169 fname, new_dos_attributes, access_mask, share_access,
1170 create_disposition, create_options, unx_mode,
1173 if ((pml = get_open_deferred_message(mid)) != NULL) {
1174 struct deferred_open_record *state =
1175 (struct deferred_open_record *)pml->private_data.data;
1177 /* Remember the absolute time of the original
1178 request with this mid. We'll use it later to
1179 see if this has timed out. */
1181 request_time = pml->request_time;
1183 /* Remove the deferred open entry under lock. */
1184 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1186 DEBUG(0, ("could not get share mode lock\n"));
1188 del_deferred_open_entry(lck, mid);
1192 /* Ensure we don't reprocess this message. */
1193 remove_deferred_open_smb_message(mid);
1196 status = check_name(conn, fname);
1197 if (!NT_STATUS_IS_OK(status)) {
1202 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1204 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1208 /* ignore any oplock requests if oplocks are disabled */
1209 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1210 IS_VETO_OPLOCK_PATH(conn, fname)) {
1211 /* Mask off everything except the private Samba bits. */
1212 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1215 /* this is for OS/2 long file names - say we don't support them */
1216 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1217 /* OS/2 Workplace shell fix may be main code stream in a later
1219 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1221 if (use_nt_status()) {
1222 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1224 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1227 switch( create_disposition ) {
1229 * Currently we're using FILE_SUPERSEDE as the same as
1230 * FILE_OVERWRITE_IF but they really are
1231 * different. FILE_SUPERSEDE deletes an existing file
1232 * (requiring delete access) then recreates it.
1234 case FILE_SUPERSEDE:
1235 /* If file exists replace/overwrite. If file doesn't
1237 flags2 |= (O_CREAT | O_TRUNC);
1240 case FILE_OVERWRITE_IF:
1241 /* If file exists replace/overwrite. If file doesn't
1243 flags2 |= (O_CREAT | O_TRUNC);
1247 /* If file exists open. If file doesn't exist error. */
1248 if (!file_existed) {
1249 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1250 "requested for file %s and file "
1251 "doesn't exist.\n", fname ));
1253 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1257 case FILE_OVERWRITE:
1258 /* If file exists overwrite. If file doesn't exist
1260 if (!file_existed) {
1261 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1262 "requested for file %s and file "
1263 "doesn't exist.\n", fname ));
1265 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1271 /* If file exists error. If file doesn't exist
1274 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1275 "requested for file %s and file "
1276 "already exists.\n", fname ));
1277 if (S_ISDIR(psbuf->st_mode)) {
1282 return map_nt_error_from_unix(errno);
1284 flags2 |= (O_CREAT|O_EXCL);
1288 /* If file exists open. If file doesn't exist
1294 return NT_STATUS_INVALID_PARAMETER;
1297 /* We only care about matching attributes on file exists and
1300 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1301 (create_disposition == FILE_OVERWRITE_IF))) {
1302 if (!open_match_attributes(conn, fname,
1303 existing_dos_attributes,
1304 new_dos_attributes, psbuf->st_mode,
1305 unx_mode, &new_unx_mode)) {
1306 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1307 "for file %s (%x %x) (0%o, 0%o)\n",
1308 fname, existing_dos_attributes,
1310 (unsigned int)psbuf->st_mode,
1311 (unsigned int)unx_mode ));
1313 return NT_STATUS_ACCESS_DENIED;
1317 /* This is a nasty hack - must fix... JRA. */
1318 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1319 open_access_mask = access_mask = FILE_GENERIC_ALL;
1323 * Convert GENERIC bits to specific bits.
1326 se_map_generic(&access_mask, &file_generic_mapping);
1327 open_access_mask = access_mask;
1329 if (flags2 & O_TRUNC) {
1330 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1333 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1334 "access_mask=0x%x\n", fname, access_mask ));
1337 * Note that we ignore the append flag as append does not
1338 * mean the same thing under DOS and Unix.
1341 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1342 /* DENY_DOS opens are always underlying read-write on the
1343 file handle, no matter what the requested access mask
1345 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1346 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1356 * Currently we only look at FILE_WRITE_THROUGH for create options.
1360 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1365 if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1369 if (!posix_open && !CAN_WRITE(conn)) {
1371 * We should really return a permission denied error if either
1372 * O_CREAT or O_TRUNC are set, but for compatibility with
1373 * older versions of Samba we just AND them out.
1375 flags2 &= ~(O_CREAT|O_TRUNC);
1379 * Ensure we can't write on a read-only share or file.
1382 if (flags != O_RDONLY && file_existed &&
1383 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1384 DEBUG(5,("open_file_ntcreate: write access requested for "
1385 "file %s on read only %s\n",
1386 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1388 return NT_STATUS_ACCESS_DENIED;
1391 status = file_new(conn, &fsp);
1392 if(!NT_STATUS_IS_OK(status)) {
1396 fsp->dev = psbuf->st_dev;
1397 fsp->inode = psbuf->st_ino;
1398 fsp->share_access = share_access;
1399 fsp->fh->private_options = create_options;
1400 fsp->access_mask = open_access_mask; /* We change this to the
1401 * requested access_mask after
1402 * the open is done. */
1403 fsp->posix_open = posix_open;
1405 /* Ensure no SAMBA_PRIVATE bits can be set. */
1406 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1408 if (timeval_is_zero(&request_time)) {
1409 request_time = fsp->open_time;
1413 dev = psbuf->st_dev;
1414 inode = psbuf->st_ino;
1416 lck = get_share_mode_lock(NULL, dev, inode,
1422 DEBUG(0, ("Could not get share mode lock\n"));
1423 return NT_STATUS_SHARING_VIOLATION;
1426 /* First pass - send break only on batch oplocks. */
1427 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1428 schedule_defer_open(lck, request_time);
1431 return NT_STATUS_SHARING_VIOLATION;
1434 /* Use the client requested access mask here, not the one we
1436 status = open_mode_check(conn, fname, lck,
1437 access_mask, share_access,
1438 create_options, &file_existed);
1440 if (NT_STATUS_IS_OK(status)) {
1441 /* We might be going to allow this open. Check oplock
1443 /* Second pass - send break for both batch or
1444 * exclusive oplocks. */
1445 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1446 schedule_defer_open(lck, request_time);
1449 return NT_STATUS_SHARING_VIOLATION;
1453 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1454 /* DELETE_PENDING is not deferred for a second */
1460 if (!NT_STATUS_IS_OK(status)) {
1461 uint32 can_access_mask;
1462 BOOL can_access = True;
1464 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1466 /* Check if this can be done with the deny_dos and fcb
1468 if (create_options &
1469 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1470 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1471 files_struct *fsp_dup;
1473 /* Use the client requested access mask here,
1474 * not the one we open with. */
1475 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1484 *pinfo = FILE_WAS_OPENED;
1486 conn->num_files_open++;
1488 return NT_STATUS_OK;
1493 * This next line is a subtlety we need for
1494 * MS-Access. If a file open will fail due to share
1495 * permissions and also for security (access) reasons,
1496 * we need to return the access failed error, not the
1497 * share error. We can't open the file due to kernel
1498 * oplock deadlock (it's possible we failed above on
1499 * the open_mode_check()) so use a userspace check.
1502 if (flags & O_RDWR) {
1503 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1504 } else if (flags & O_WRONLY) {
1505 can_access_mask = FILE_WRITE_DATA;
1507 can_access_mask = FILE_READ_DATA;
1510 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1511 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1516 * If we're returning a share violation, ensure we
1517 * cope with the braindead 1 second delay.
1520 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1521 lp_defer_sharing_violations()) {
1522 struct timeval timeout;
1523 struct deferred_open_record state;
1526 /* this is a hack to speed up torture tests
1528 timeout_usecs = lp_parm_int(SNUM(conn),
1529 "smbd","sharedelay",
1530 SHARING_VIOLATION_USEC_WAIT);
1532 /* This is a relative time, added to the absolute
1533 request_time value to get the absolute timeout time.
1534 Note that if this is the second or greater time we enter
1535 this codepath for this particular request mid then
1536 request_time is left as the absolute time of the *first*
1537 time this request mid was processed. This is what allows
1538 the request to eventually time out. */
1540 timeout = timeval_set(0, timeout_usecs);
1542 /* Nothing actually uses state.delayed_for_oplocks
1543 but it's handy to differentiate in debug messages
1544 between a 30 second delay due to oplock break, and
1545 a 1 second delay for share mode conflicts. */
1547 state.delayed_for_oplocks = False;
1549 state.inode = inode;
1551 if (!request_timed_out(request_time,
1553 defer_open(lck, request_time, timeout,
1561 * We have detected a sharing violation here
1562 * so return the correct error code
1564 status = NT_STATUS_SHARING_VIOLATION;
1566 status = NT_STATUS_ACCESS_DENIED;
1573 * We exit this block with the share entry *locked*.....
1577 SMB_ASSERT(!file_existed || (lck != NULL));
1580 * Ensure we pay attention to default ACLs on directories if required.
1583 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1584 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1588 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1589 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1590 (unsigned int)flags, (unsigned int)flags2,
1591 (unsigned int)unx_mode, (unsigned int)access_mask,
1592 (unsigned int)open_access_mask));
1595 * open_file strips any O_TRUNC flags itself.
1598 fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1599 flags|flags2, unx_mode, access_mask,
1602 if (!NT_STATUS_IS_OK(fsp_open)) {
1610 if (!file_existed) {
1613 * Deal with the race condition where two smbd's detect the
1614 * file doesn't exist and do the create at the same time. One
1615 * of them will win and set a share mode, the other (ie. this
1616 * one) should check if the requested share mode for this
1617 * create is allowed.
1621 * Now the file exists and fsp is successfully opened,
1622 * fsp->dev and fsp->inode are valid and should replace the
1623 * dev=0,inode=0 from a non existent file. Spotted by
1624 * Nadav Danieli <nadavd@exanet.com>. JRA.
1630 lck = get_share_mode_lock(NULL, dev, inode,
1635 DEBUG(0, ("open_file_ntcreate: Could not get share "
1636 "mode lock for %s\n", fname));
1637 fd_close(conn, fsp);
1639 return NT_STATUS_SHARING_VIOLATION;
1642 status = open_mode_check(conn, fname, lck,
1643 access_mask, share_access,
1644 create_options, &file_existed);
1646 if (!NT_STATUS_IS_OK(status)) {
1647 struct deferred_open_record state;
1649 fd_close(conn, fsp);
1652 state.delayed_for_oplocks = False;
1654 state.inode = inode;
1656 /* Do it all over again immediately. In the second
1657 * round we will find that the file existed and handle
1658 * the DELETE_PENDING and FCB cases correctly. No need
1659 * to duplicate the code here. Essentially this is a
1660 * "goto top of this function", but don't tell
1663 defer_open(lck, request_time, timeval_zero(),
1670 * We exit this block with the share entry *locked*.....
1675 SMB_ASSERT(lck != NULL);
1677 /* note that we ignore failure for the following. It is
1678 basically a hack for NFS, and NFS will never set one of
1679 these only read them. Nobody but Samba can ever set a deny
1680 mode and we have already checked our more authoritative
1681 locking database for permission to set this deny mode. If
1682 the kernel refuses the operations then the kernel is wrong.
1683 note that GPFS supports it as well - jmcd */
1685 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1686 if(ret_flock == -1 ){
1689 fd_close(conn, fsp);
1692 return NT_STATUS_SHARING_VIOLATION;
1696 * At this point onwards, we can guarentee that the share entry
1697 * is locked, whether we created the file or not, and that the
1698 * deny mode is compatible with all current opens.
1702 * If requested, truncate the file.
1705 if (flags2&O_TRUNC) {
1707 * We are modifing the file after open - update the stat
1710 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1711 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1712 status = map_nt_error_from_unix(errno);
1720 /* Record the options we were opened with. */
1721 fsp->share_access = share_access;
1722 fsp->fh->private_options = create_options;
1723 fsp->access_mask = access_mask;
1726 /* stat opens on existing files don't get oplocks. */
1727 if (is_stat_open(open_access_mask)) {
1728 fsp->oplock_type = NO_OPLOCK;
1731 if (!(flags2 & O_TRUNC)) {
1732 info = FILE_WAS_OPENED;
1734 info = FILE_WAS_OVERWRITTEN;
1737 info = FILE_WAS_CREATED;
1745 * Setup the oplock info in both the shared memory and
1749 if ((fsp->oplock_type != NO_OPLOCK) &&
1750 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1751 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1752 /* Could not get the kernel oplock */
1753 fsp->oplock_type = NO_OPLOCK;
1756 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1758 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1759 info == FILE_WAS_SUPERSEDED) {
1761 /* Handle strange delete on close create semantics. */
1762 if (create_options & FILE_DELETE_ON_CLOSE) {
1763 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1765 if (!NT_STATUS_IS_OK(status)) {
1766 /* Remember to delete the mode we just added. */
1767 del_share_mode(lck, fsp);
1773 /* Note that here we set the *inital* delete on close flag,
1774 not the regular one. The magic gets handled in close. */
1775 fsp->initial_delete_on_close = True;
1778 /* Files should be initially set as archive */
1779 if (lp_map_archive(SNUM(conn)) ||
1780 lp_store_dos_attributes(SNUM(conn))) {
1782 file_set_dosmode(conn, fname,
1783 new_dos_attributes | aARCH, NULL,
1790 * Take care of inherited ACLs on created files - if default ACL not
1794 if (!posix_open && !file_existed && !def_acl) {
1796 int saved_errno = errno; /* We might get ENOSYS in the next
1799 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1801 errno = saved_errno; /* Ignore ENOSYS */
1804 } else if (new_unx_mode) {
1808 /* Attributes need changing. File already existed. */
1811 int saved_errno = errno; /* We might get ENOSYS in the
1813 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1816 if (ret == -1 && errno == ENOSYS) {
1817 errno = saved_errno; /* Ignore ENOSYS */
1819 DEBUG(5, ("open_file_ntcreate: reset "
1820 "attributes of file %s to 0%o\n",
1821 fname, (unsigned int)new_unx_mode));
1822 ret = 0; /* Don't do the fchmod below. */
1827 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1828 DEBUG(5, ("open_file_ntcreate: failed to reset "
1829 "attributes of file %s to 0%o\n",
1830 fname, (unsigned int)new_unx_mode));
1833 /* If this is a successful open, we must remove any deferred open
1835 del_deferred_open_entry(lck, mid);
1838 conn->num_files_open++;
1841 return NT_STATUS_OK;
1844 /****************************************************************************
1845 Open a file for for write to ensure that we can fchmod it.
1846 ****************************************************************************/
1848 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1849 SMB_STRUCT_STAT *psbuf, files_struct **result)
1851 files_struct *fsp = NULL;
1854 if (!VALID_STAT(*psbuf)) {
1855 return NT_STATUS_INVALID_PARAMETER;
1858 status = file_new(conn, &fsp);
1859 if(!NT_STATUS_IS_OK(status)) {
1863 /* note! we must use a non-zero desired access or we don't get
1864 a real file descriptor. Oh what a twisted web we weave. */
1865 status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1866 FILE_WRITE_DATA, FILE_WRITE_DATA);
1869 * This is not a user visible file open.
1870 * Don't set a share mode and don't increment
1871 * the conn->num_files_open.
1874 if (!NT_STATUS_IS_OK(status)) {
1880 return NT_STATUS_OK;
1883 /****************************************************************************
1884 Close the fchmod file fd - ensure no locks are lost.
1885 ****************************************************************************/
1887 NTSTATUS close_file_fchmod(files_struct *fsp)
1889 NTSTATUS status = fd_close(fsp->conn, fsp);
1894 static NTSTATUS mkdir_internal(connection_struct *conn,
1896 uint32 file_attributes,
1897 SMB_STRUCT_STAT *psbuf)
1902 const char *dirname;
1905 if(!CAN_WRITE(conn)) {
1906 DEBUG(5,("mkdir_internal: failing create on read-only share "
1907 "%s\n", lp_servicename(SNUM(conn))));
1908 return NT_STATUS_ACCESS_DENIED;
1911 status = check_name(conn, name);
1912 if (!NT_STATUS_IS_OK(status)) {
1916 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1918 return NT_STATUS_NO_MEMORY;
1921 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1922 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1924 mode = unix_mode(conn, aDIR, name, parent_dir);
1927 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1928 return map_nt_error_from_unix(errno);
1931 /* Ensure we're checking for a symlink here.... */
1932 /* We don't want to get caught by a symlink racer. */
1934 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1935 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1936 name, strerror(errno)));
1937 return map_nt_error_from_unix(errno);
1940 if (!S_ISDIR(psbuf->st_mode)) {
1941 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1943 return NT_STATUS_ACCESS_DENIED;
1946 if (lp_inherit_perms(SNUM(conn))) {
1947 inherit_access_acl(conn, parent_dir, name, mode);
1950 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
1952 * Check if high bits should have been set,
1953 * then (if bits are missing): add them.
1954 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1957 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1958 SMB_VFS_CHMOD(conn, name,
1959 psbuf->st_mode | (mode & ~psbuf->st_mode));
1963 /* Change the owner if required. */
1964 if (lp_inherit_owner(SNUM(conn))) {
1965 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1968 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
1971 return NT_STATUS_OK;
1974 /****************************************************************************
1975 Open a directory from an NT SMB call.
1976 ****************************************************************************/
1978 NTSTATUS open_directory(connection_struct *conn,
1980 SMB_STRUCT_STAT *psbuf,
1982 uint32 share_access,
1983 uint32 create_disposition,
1984 uint32 create_options,
1985 uint32 file_attributes,
1987 files_struct **result)
1989 files_struct *fsp = NULL;
1990 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1991 struct share_mode_lock *lck = NULL;
1995 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1996 "share_access = 0x%x create_options = 0x%x, "
1997 "create_disposition = 0x%x, file_attributes = 0x%x\n",
1999 (unsigned int)access_mask,
2000 (unsigned int)share_access,
2001 (unsigned int)create_options,
2002 (unsigned int)create_disposition,
2003 (unsigned int)file_attributes));
2005 if (is_ntfs_stream_name(fname)) {
2006 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2007 return NT_STATUS_NOT_A_DIRECTORY;
2010 switch( create_disposition ) {
2013 info = FILE_WAS_OPENED;
2016 * We want to follow symlinks here.
2019 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2020 return map_nt_error_from_unix(errno);
2027 /* If directory exists error. If directory doesn't
2030 status = mkdir_internal(conn,
2035 if (!NT_STATUS_IS_OK(status)) {
2036 DEBUG(2, ("open_directory: unable to create "
2037 "%s. Error was %s\n", fname,
2038 nt_errstr(status)));
2042 info = FILE_WAS_CREATED;
2047 * If directory exists open. If directory doesn't
2051 status = mkdir_internal(conn,
2056 if (NT_STATUS_IS_OK(status)) {
2057 info = FILE_WAS_CREATED;
2060 if (NT_STATUS_EQUAL(status,
2061 NT_STATUS_OBJECT_NAME_COLLISION)) {
2062 info = FILE_WAS_OPENED;
2063 status = NT_STATUS_OK;
2068 case FILE_SUPERSEDE:
2069 case FILE_OVERWRITE:
2070 case FILE_OVERWRITE_IF:
2072 DEBUG(5,("open_directory: invalid create_disposition "
2073 "0x%x for directory %s\n",
2074 (unsigned int)create_disposition, fname));
2075 return NT_STATUS_INVALID_PARAMETER;
2078 if(!S_ISDIR(psbuf->st_mode)) {
2079 DEBUG(5,("open_directory: %s is not a directory !\n",
2081 return NT_STATUS_NOT_A_DIRECTORY;
2084 status = file_new(conn, &fsp);
2085 if(!NT_STATUS_IS_OK(status)) {
2090 * Setup the files_struct for it.
2093 fsp->mode = psbuf->st_mode;
2094 fsp->inode = psbuf->st_ino;
2095 fsp->dev = psbuf->st_dev;
2096 fsp->vuid = current_user.vuid;
2097 fsp->file_pid = global_smbpid;
2098 fsp->can_lock = False;
2099 fsp->can_read = False;
2100 fsp->can_write = False;
2102 fsp->share_access = share_access;
2103 fsp->fh->private_options = create_options;
2104 fsp->access_mask = access_mask;
2106 fsp->print_file = False;
2107 fsp->modified = False;
2108 fsp->oplock_type = NO_OPLOCK;
2109 fsp->sent_oplock_break = NO_BREAK_SENT;
2110 fsp->is_directory = True;
2111 fsp->is_stat = False;
2112 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2114 string_set(&fsp->fsp_name,fname);
2116 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2121 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2123 return NT_STATUS_SHARING_VIOLATION;
2126 status = open_mode_check(conn, fname, lck,
2127 access_mask, share_access,
2128 create_options, &dir_existed);
2130 if (!NT_STATUS_IS_OK(status)) {
2136 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2138 /* For directories the delete on close bit at open time seems
2139 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2140 if (create_options & FILE_DELETE_ON_CLOSE) {
2141 status = can_set_delete_on_close(fsp, True, 0);
2142 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2148 if (NT_STATUS_IS_OK(status)) {
2149 /* Note that here we set the *inital* delete on close flag,
2150 not the regular one. The magic gets handled in close. */
2151 fsp->initial_delete_on_close = True;
2161 conn->num_files_open++;
2164 return NT_STATUS_OK;
2167 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2170 SMB_STRUCT_STAT sbuf;
2173 SET_STAT_INVALID(sbuf);
2175 status = open_directory(conn, directory, &sbuf,
2176 FILE_READ_ATTRIBUTES, /* Just a stat open */
2177 FILE_SHARE_NONE, /* Ignored for stat opens */
2180 FILE_ATTRIBUTE_DIRECTORY,
2184 if (NT_STATUS_IS_OK(status)) {
2185 close_file(fsp, NORMAL_CLOSE);
2191 /****************************************************************************
2192 Open a pseudo-file (no locking checks - a 'stat' open).
2193 ****************************************************************************/
2195 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2196 SMB_STRUCT_STAT *psbuf, files_struct **result)
2198 files_struct *fsp = NULL;
2201 if (!VALID_STAT(*psbuf)) {
2202 return NT_STATUS_INVALID_PARAMETER;
2205 /* Can't 'stat' open directories. */
2206 if(S_ISDIR(psbuf->st_mode)) {
2207 return NT_STATUS_FILE_IS_A_DIRECTORY;
2210 status = file_new(conn, &fsp);
2211 if(!NT_STATUS_IS_OK(status)) {
2215 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2218 * Setup the files_struct for it.
2221 fsp->mode = psbuf->st_mode;
2222 fsp->inode = psbuf->st_ino;
2223 fsp->dev = psbuf->st_dev;
2224 fsp->vuid = current_user.vuid;
2225 fsp->file_pid = global_smbpid;
2226 fsp->can_lock = False;
2227 fsp->can_read = False;
2228 fsp->can_write = False;
2229 fsp->print_file = False;
2230 fsp->modified = False;
2231 fsp->oplock_type = NO_OPLOCK;
2232 fsp->sent_oplock_break = NO_BREAK_SENT;
2233 fsp->is_directory = False;
2234 fsp->is_stat = True;
2235 string_set(&fsp->fsp_name,fname);
2237 conn->num_files_open++;
2240 return NT_STATUS_OK;
2243 /****************************************************************************
2244 Receive notification that one of our open files has been renamed by another
2246 ****************************************************************************/
2248 void msg_file_was_renamed(int msg_type, struct process_id src,
2249 void *buf, size_t len, void *private_data)
2252 char *frm = (char *)buf;
2255 const char *sharepath;
2256 const char *newname;
2259 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2260 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2264 /* Unpack the message. */
2265 dev = DEV_T_VAL(frm,0);
2266 inode = INO_T_VAL(frm,8);
2267 sharepath = &frm[16];
2268 newname = sharepath + strlen(sharepath) + 1;
2269 sp_len = strlen(sharepath);
2271 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2272 "dev %x, inode %.0f\n",
2273 sharepath, newname, (unsigned int)dev, (double)inode ));
2275 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2276 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2277 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2278 fsp->fnum, fsp->fsp_name, newname ));
2279 string_set(&fsp->fsp_name, newname);
2282 /* Now we have the complete path we can work out if this is
2283 actually within this share and adjust newname accordingly. */
2284 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2285 "not sharepath %s) "
2286 "fnum %d from %s -> %s\n",
2287 fsp->conn->connectpath,