2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "system/filesys.h"
25 #include "smbd/smbd.h"
26 #include "smbd/globals.h"
27 #include "fake_file.h"
28 #include "../libcli/security/security.h"
29 #include "../librpc/gen_ndr/ndr_security.h"
30 #include "../librpc/gen_ndr/open_files.h"
31 #include "../librpc/gen_ndr/idmap.h"
32 #include "passdb/lookup_sid.h"
36 #include "source3/lib/dbwrap/dbwrap_watch.h"
38 extern const struct generic_mapping file_generic_mapping;
40 struct deferred_open_record {
41 bool delayed_for_oplocks;
46 /****************************************************************************
47 If the requester wanted DELETE_ACCESS and was rejected because
48 the file ACL didn't include DELETE_ACCESS, see if the parent ACL
50 ****************************************************************************/
52 static bool parent_override_delete(connection_struct *conn,
53 const struct smb_filename *smb_fname,
55 uint32_t rejected_mask)
57 if ((access_mask & DELETE_ACCESS) &&
58 (rejected_mask & DELETE_ACCESS) &&
59 can_delete_file_in_directory(conn, smb_fname)) {
65 /****************************************************************************
66 Check if we have open rights.
67 ****************************************************************************/
69 NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
70 const struct smb_filename *smb_fname,
74 /* Check if we have rights to open. */
76 struct security_descriptor *sd = NULL;
77 uint32_t rejected_share_access;
78 uint32_t rejected_mask = access_mask;
80 rejected_share_access = access_mask & ~(conn->share_access);
82 if (rejected_share_access) {
83 DEBUG(10, ("smbd_check_access_rights: rejected share access 0x%x "
85 (unsigned int)access_mask,
86 smb_fname_str_dbg(smb_fname),
87 (unsigned int)rejected_share_access ));
88 return NT_STATUS_ACCESS_DENIED;
91 if (!use_privs && get_current_uid(conn) == (uid_t)0) {
92 /* I'm sorry sir, I didn't know you were root... */
93 DEBUG(10,("smbd_check_access_rights: root override "
94 "on %s. Granting 0x%x\n",
95 smb_fname_str_dbg(smb_fname),
96 (unsigned int)access_mask ));
100 if ((access_mask & DELETE_ACCESS) && !lp_acl_check_permissions(SNUM(conn))) {
101 DEBUG(10,("smbd_check_access_rights: not checking ACL "
102 "on DELETE_ACCESS on file %s. Granting 0x%x\n",
103 smb_fname_str_dbg(smb_fname),
104 (unsigned int)access_mask ));
108 if (access_mask == DELETE_ACCESS &&
109 VALID_STAT(smb_fname->st) &&
110 S_ISLNK(smb_fname->st.st_ex_mode)) {
111 /* We can always delete a symlink. */
112 DEBUG(10,("smbd_check_access_rights: not checking ACL "
113 "on DELETE_ACCESS on symlink %s.\n",
114 smb_fname_str_dbg(smb_fname) ));
118 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
121 SECINFO_DACL), talloc_tos(), &sd);
123 if (!NT_STATUS_IS_OK(status)) {
124 DEBUG(10, ("smbd_check_access_rights: Could not get acl "
126 smb_fname_str_dbg(smb_fname),
129 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
137 * If we can access the path to this file, by
138 * default we have FILE_READ_ATTRIBUTES from the
139 * containing directory. See the section:
140 * "Algorithm to Check Access to an Existing File"
143 * se_file_access_check() also takes care of
144 * owner WRITE_DAC and READ_CONTROL.
146 status = se_file_access_check(sd,
147 get_current_nttok(conn),
149 (access_mask & ~FILE_READ_ATTRIBUTES),
152 DEBUG(10,("smbd_check_access_rights: file %s requesting "
153 "0x%x returning 0x%x (%s)\n",
154 smb_fname_str_dbg(smb_fname),
155 (unsigned int)access_mask,
156 (unsigned int)rejected_mask,
157 nt_errstr(status) ));
159 if (!NT_STATUS_IS_OK(status)) {
160 if (DEBUGLEVEL >= 10) {
161 DEBUG(10,("smbd_check_access_rights: acl for %s is:\n",
162 smb_fname_str_dbg(smb_fname) ));
163 NDR_PRINT_DEBUG(security_descriptor, sd);
169 if (NT_STATUS_IS_OK(status) ||
170 !NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
174 /* Here we know status == NT_STATUS_ACCESS_DENIED. */
178 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
179 (rejected_mask & FILE_WRITE_ATTRIBUTES) &&
180 !lp_store_dos_attributes(SNUM(conn)) &&
181 (lp_map_readonly(SNUM(conn)) ||
182 lp_map_archive(SNUM(conn)) ||
183 lp_map_hidden(SNUM(conn)) ||
184 lp_map_system(SNUM(conn)))) {
185 rejected_mask &= ~FILE_WRITE_ATTRIBUTES;
187 DEBUG(10,("smbd_check_access_rights: "
189 "FILE_WRITE_ATTRIBUTES "
191 smb_fname_str_dbg(smb_fname)));
194 if (parent_override_delete(conn,
198 /* Were we trying to do an open
199 * for delete and didn't get DELETE
200 * access (only) ? Check if the
201 * directory allows DELETE_CHILD.
203 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
206 rejected_mask &= ~DELETE_ACCESS;
208 DEBUG(10,("smbd_check_access_rights: "
212 smb_fname_str_dbg(smb_fname)));
215 if (rejected_mask != 0) {
216 return NT_STATUS_ACCESS_DENIED;
221 static NTSTATUS check_parent_access(struct connection_struct *conn,
222 struct smb_filename *smb_fname,
223 uint32_t access_mask)
226 char *parent_dir = NULL;
227 struct security_descriptor *parent_sd = NULL;
228 uint32_t access_granted = 0;
230 if (!parent_dirname(talloc_tos(),
231 smb_fname->base_name,
234 return NT_STATUS_NO_MEMORY;
237 if (get_current_uid(conn) == (uid_t)0) {
238 /* I'm sorry sir, I didn't know you were root... */
239 DEBUG(10,("check_parent_access: root override "
240 "on %s. Granting 0x%x\n",
241 smb_fname_str_dbg(smb_fname),
242 (unsigned int)access_mask ));
246 status = SMB_VFS_GET_NT_ACL(conn,
252 if (!NT_STATUS_IS_OK(status)) {
253 DEBUG(5,("check_parent_access: SMB_VFS_GET_NT_ACL failed for "
254 "%s with error %s\n",
261 * If we can access the path to this file, by
262 * default we have FILE_READ_ATTRIBUTES from the
263 * containing directory. See the section:
264 * "Algorithm to Check Access to an Existing File"
267 * se_file_access_check() also takes care of
268 * owner WRITE_DAC and READ_CONTROL.
270 status = se_file_access_check(parent_sd,
271 get_current_nttok(conn),
273 (access_mask & ~FILE_READ_ATTRIBUTES),
275 if(!NT_STATUS_IS_OK(status)) {
276 DEBUG(5,("check_parent_access: access check "
277 "on directory %s for "
278 "path %s for mask 0x%x returned (0x%x) %s\n",
280 smb_fname->base_name,
283 nt_errstr(status) ));
290 /****************************************************************************
291 fd support routines - attempt to do a dos_open.
292 ****************************************************************************/
294 NTSTATUS fd_open(struct connection_struct *conn,
299 struct smb_filename *smb_fname = fsp->fsp_name;
300 NTSTATUS status = NT_STATUS_OK;
304 * Never follow symlinks on a POSIX client. The
305 * client should be doing this.
308 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
313 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
314 if (fsp->fh->fd == -1) {
315 int posix_errno = errno;
317 #if defined(ENOTSUP) && defined(OSF1)
318 /* handle special Tru64 errno */
319 if (errno == ENOTSUP) {
324 /* fix broken NetBSD errno */
325 if (errno == EFTYPE) {
329 /* fix broken FreeBSD errno */
330 if (errno == EMLINK) {
333 #endif /* O_NOFOLLOW */
334 status = map_nt_error_from_unix(posix_errno);
335 if (errno == EMFILE) {
336 static time_t last_warned = 0L;
338 if (time((time_t *) NULL) > last_warned) {
339 DEBUG(0,("Too many open files, unable "
340 "to open more! smbd's max "
342 lp_max_open_files()));
343 last_warned = time((time_t *) NULL);
349 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
350 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
351 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
356 /****************************************************************************
357 Close the file associated with a fsp.
358 ****************************************************************************/
360 NTSTATUS fd_close(files_struct *fsp)
367 if (fsp->fh->fd == -1) {
368 return NT_STATUS_OK; /* What we used to call a stat open. */
370 if (fsp->fh->ref_count > 1) {
371 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
374 ret = SMB_VFS_CLOSE(fsp);
377 return map_nt_error_from_unix(errno);
382 /****************************************************************************
383 Change the ownership of a file to that of the parent directory.
384 Do this by fd if possible.
385 ****************************************************************************/
387 void change_file_owner_to_parent(connection_struct *conn,
388 const char *inherit_from_dir,
391 struct smb_filename *smb_fname_parent;
394 smb_fname_parent = synthetic_smb_fname(talloc_tos(), inherit_from_dir,
396 if (smb_fname_parent == NULL) {
400 ret = SMB_VFS_STAT(conn, smb_fname_parent);
402 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
403 "directory %s. Error was %s\n",
404 smb_fname_str_dbg(smb_fname_parent),
406 TALLOC_FREE(smb_fname_parent);
410 if (smb_fname_parent->st.st_ex_uid == fsp->fsp_name->st.st_ex_uid) {
411 /* Already this uid - no need to change. */
412 DEBUG(10,("change_file_owner_to_parent: file %s "
413 "is already owned by uid %d\n",
415 (int)fsp->fsp_name->st.st_ex_uid ));
416 TALLOC_FREE(smb_fname_parent);
421 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
424 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
425 "file %s to parent directory uid %u. Error "
426 "was %s\n", fsp_str_dbg(fsp),
427 (unsigned int)smb_fname_parent->st.st_ex_uid,
430 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
431 "parent directory uid %u.\n", fsp_str_dbg(fsp),
432 (unsigned int)smb_fname_parent->st.st_ex_uid));
433 /* Ensure the uid entry is updated. */
434 fsp->fsp_name->st.st_ex_uid = smb_fname_parent->st.st_ex_uid;
437 TALLOC_FREE(smb_fname_parent);
440 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
441 const char *inherit_from_dir,
443 SMB_STRUCT_STAT *psbuf)
445 struct smb_filename *smb_fname_parent;
446 struct smb_filename *smb_fname_cwd = NULL;
447 char *saved_dir = NULL;
448 TALLOC_CTX *ctx = talloc_tos();
449 NTSTATUS status = NT_STATUS_OK;
452 smb_fname_parent = synthetic_smb_fname(ctx, inherit_from_dir,
454 if (smb_fname_parent == NULL) {
455 return NT_STATUS_NO_MEMORY;
458 ret = SMB_VFS_STAT(conn, smb_fname_parent);
460 status = map_nt_error_from_unix(errno);
461 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
462 "directory %s. Error was %s\n",
463 smb_fname_str_dbg(smb_fname_parent),
468 /* We've already done an lstat into psbuf, and we know it's a
469 directory. If we can cd into the directory and the dev/ino
470 are the same then we can safely chown without races as
471 we're locking the directory in place by being in it. This
472 should work on any UNIX (thanks tridge :-). JRA.
475 saved_dir = vfs_GetWd(ctx,conn);
477 status = map_nt_error_from_unix(errno);
478 DEBUG(0,("change_dir_owner_to_parent: failed to get "
479 "current working directory. Error was %s\n",
484 /* Chdir into the new path. */
485 if (vfs_ChDir(conn, fname) == -1) {
486 status = map_nt_error_from_unix(errno);
487 DEBUG(0,("change_dir_owner_to_parent: failed to change "
488 "current working directory to %s. Error "
489 "was %s\n", fname, strerror(errno) ));
493 smb_fname_cwd = synthetic_smb_fname(ctx, ".", NULL, NULL);
494 if (smb_fname_cwd == NULL) {
495 status = NT_STATUS_NO_MEMORY;
499 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
501 status = map_nt_error_from_unix(errno);
502 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
503 "directory '.' (%s) Error was %s\n",
504 fname, strerror(errno)));
508 /* Ensure we're pointing at the same place. */
509 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
510 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino) {
511 DEBUG(0,("change_dir_owner_to_parent: "
512 "device/inode on directory %s changed. "
513 "Refusing to chown !\n", fname ));
514 status = NT_STATUS_ACCESS_DENIED;
518 if (smb_fname_parent->st.st_ex_uid == smb_fname_cwd->st.st_ex_uid) {
519 /* Already this uid - no need to change. */
520 DEBUG(10,("change_dir_owner_to_parent: directory %s "
521 "is already owned by uid %d\n",
523 (int)smb_fname_cwd->st.st_ex_uid ));
524 status = NT_STATUS_OK;
529 ret = SMB_VFS_LCHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
533 status = map_nt_error_from_unix(errno);
534 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
535 "directory %s to parent directory uid %u. "
536 "Error was %s\n", fname,
537 (unsigned int)smb_fname_parent->st.st_ex_uid,
540 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
541 "directory %s to parent directory uid %u.\n",
542 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
543 /* Ensure the uid entry is updated. */
544 psbuf->st_ex_uid = smb_fname_parent->st.st_ex_uid;
548 vfs_ChDir(conn,saved_dir);
550 TALLOC_FREE(smb_fname_parent);
551 TALLOC_FREE(smb_fname_cwd);
555 /****************************************************************************
556 Open a file - returning a guaranteed ATOMIC indication of if the
557 file was created or not.
558 ****************************************************************************/
560 static NTSTATUS fd_open_atomic(struct connection_struct *conn,
566 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
567 bool file_existed = VALID_STAT(fsp->fsp_name->st);
569 *file_created = false;
571 if (!(flags & O_CREAT)) {
573 * We're not creating the file, just pass through.
575 return fd_open(conn, fsp, flags, mode);
578 if (flags & O_EXCL) {
580 * Fail if already exists, just pass through.
582 status = fd_open(conn, fsp, flags, mode);
585 * Here we've opened with O_CREAT|O_EXCL. If that went
586 * NT_STATUS_OK, we *know* we created this file.
588 *file_created = NT_STATUS_IS_OK(status);
594 * Now it gets tricky. We have O_CREAT, but not O_EXCL.
595 * To know absolutely if we created the file or not,
596 * we can never call O_CREAT without O_EXCL. So if
597 * we think the file existed, try without O_CREAT|O_EXCL.
598 * If we think the file didn't exist, try with
599 * O_CREAT|O_EXCL. Keep bouncing between these two
600 * requests until either the file is created, or
601 * opened. Either way, we keep going until we get
602 * a returnable result (error, or open/create).
606 int curr_flags = flags;
609 /* Just try open, do not create. */
610 curr_flags &= ~(O_CREAT);
611 status = fd_open(conn, fsp, curr_flags, mode);
612 if (NT_STATUS_EQUAL(status,
613 NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
615 * Someone deleted it in the meantime.
618 file_existed = false;
619 DEBUG(10,("fd_open_atomic: file %s existed. "
621 smb_fname_str_dbg(fsp->fsp_name)));
625 /* Try create exclusively, fail if it exists. */
626 curr_flags |= O_EXCL;
627 status = fd_open(conn, fsp, curr_flags, mode);
628 if (NT_STATUS_EQUAL(status,
629 NT_STATUS_OBJECT_NAME_COLLISION)) {
631 * Someone created it in the meantime.
632 * Retry without O_CREAT.
635 DEBUG(10,("fd_open_atomic: file %s "
636 "did not exist. Retry.\n",
637 smb_fname_str_dbg(fsp->fsp_name)));
640 if (NT_STATUS_IS_OK(status)) {
642 * Here we've opened with O_CREAT|O_EXCL
643 * and got success. We *know* we created
646 *file_created = true;
649 /* Create is done, or failed. */
655 /****************************************************************************
657 ****************************************************************************/
659 static NTSTATUS open_file(files_struct *fsp,
660 connection_struct *conn,
661 struct smb_request *req,
662 const char *parent_dir,
665 uint32 access_mask, /* client requested access mask. */
666 uint32 open_access_mask, /* what we're actually using in the open. */
667 bool *p_file_created)
669 struct smb_filename *smb_fname = fsp->fsp_name;
670 NTSTATUS status = NT_STATUS_OK;
671 int accmode = (flags & O_ACCMODE);
672 int local_flags = flags;
673 bool file_existed = VALID_STAT(fsp->fsp_name->st);
678 /* Check permissions */
681 * This code was changed after seeing a client open request
682 * containing the open mode of (DENY_WRITE/read-only) with
683 * the 'create if not exist' bit set. The previous code
684 * would fail to open the file read only on a read-only share
685 * as it was checking the flags parameter directly against O_RDONLY,
686 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
690 if (!CAN_WRITE(conn)) {
691 /* It's a read-only share - fail if we wanted to write. */
692 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
693 DEBUG(3,("Permission denied opening %s\n",
694 smb_fname_str_dbg(smb_fname)));
695 return NT_STATUS_ACCESS_DENIED;
697 if (flags & O_CREAT) {
698 /* We don't want to write - but we must make sure that
699 O_CREAT doesn't create the file if we have write
700 access into the directory.
702 flags &= ~(O_CREAT|O_EXCL);
703 local_flags &= ~(O_CREAT|O_EXCL);
708 * This little piece of insanity is inspired by the
709 * fact that an NT client can open a file for O_RDONLY,
710 * but set the create disposition to FILE_EXISTS_TRUNCATE.
711 * If the client *can* write to the file, then it expects to
712 * truncate the file, even though it is opening for readonly.
713 * Quicken uses this stupid trick in backup file creation...
714 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
715 * for helping track this one down. It didn't bite us in 2.0.x
716 * as we always opened files read-write in that release. JRA.
719 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
720 DEBUG(10,("open_file: truncate requested on read-only open "
721 "for file %s\n", smb_fname_str_dbg(smb_fname)));
722 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
725 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
726 (!file_existed && (local_flags & O_CREAT)) ||
727 ((local_flags & O_TRUNC) == O_TRUNC) ) {
731 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
733 * We would block on opening a FIFO with no one else on the
734 * other end. Do what we used to do and add O_NONBLOCK to the
738 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
739 local_flags &= ~O_TRUNC; /* Can't truncate a FIFO. */
740 local_flags |= O_NONBLOCK;
744 /* Don't create files with Microsoft wildcard characters. */
747 * wildcard characters are allowed in stream names
748 * only test the basefilename
750 wild = fsp->base_fsp->fsp_name->base_name;
752 wild = smb_fname->base_name;
754 if ((local_flags & O_CREAT) && !file_existed &&
756 return NT_STATUS_OBJECT_NAME_INVALID;
759 /* Can we access this file ? */
760 if (!fsp->base_fsp) {
761 /* Only do this check on non-stream open. */
763 status = smbd_check_access_rights(conn,
767 } else if (local_flags & O_CREAT){
768 status = check_parent_access(conn,
772 /* File didn't exist and no O_CREAT. */
773 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
775 if (!NT_STATUS_IS_OK(status)) {
776 DEBUG(10,("open_file: "
780 "smbd_check_access_rights" :
781 "check_parent_access",
782 smb_fname_str_dbg(smb_fname),
783 nt_errstr(status) ));
788 /* Actually do the open */
789 status = fd_open_atomic(conn, fsp, local_flags,
790 unx_mode, p_file_created);
791 if (!NT_STATUS_IS_OK(status)) {
792 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
793 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
794 nt_errstr(status),local_flags,flags));
798 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
800 /* If we have an fd, this stat should succeed. */
801 DEBUG(0,("Error doing fstat on open file %s "
803 smb_fname_str_dbg(smb_fname),
805 status = map_nt_error_from_unix(errno);
810 if (*p_file_created) {
811 /* We created this file. */
813 bool need_re_stat = false;
814 /* Do all inheritance work after we've
815 done a successful fstat call and filled
816 in the stat struct in fsp->fsp_name. */
818 /* Inherit the ACL if required */
819 if (lp_inherit_perms(SNUM(conn))) {
820 inherit_access_posix_acl(conn, parent_dir,
821 smb_fname->base_name,
826 /* Change the owner if required. */
827 if (lp_inherit_owner(SNUM(conn))) {
828 change_file_owner_to_parent(conn, parent_dir,
834 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
835 /* If we have an fd, this stat should succeed. */
837 DEBUG(0,("Error doing fstat on open file %s "
839 smb_fname_str_dbg(smb_fname),
844 notify_fname(conn, NOTIFY_ACTION_ADDED,
845 FILE_NOTIFY_CHANGE_FILE_NAME,
846 smb_fname->base_name);
849 fsp->fh->fd = -1; /* What we used to call a stat open. */
851 /* File must exist for a stat open. */
852 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
855 status = smbd_check_access_rights(conn,
860 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
862 S_ISLNK(smb_fname->st.st_ex_mode)) {
863 /* This is a POSIX stat open for delete
864 * or rename on a symlink that points
866 DEBUG(10,("open_file: allowing POSIX "
867 "open on bad symlink %s\n",
868 smb_fname_str_dbg(smb_fname)));
869 status = NT_STATUS_OK;
872 if (!NT_STATUS_IS_OK(status)) {
873 DEBUG(10,("open_file: "
874 "smbd_check_access_rights on file "
876 smb_fname_str_dbg(smb_fname),
877 nt_errstr(status) ));
883 * POSIX allows read-only opens of directories. We don't
884 * want to do this (we use a different code path for this)
885 * so catch a directory open and return an EISDIR. JRA.
888 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
891 return NT_STATUS_FILE_IS_A_DIRECTORY;
894 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
895 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
896 fsp->file_pid = req ? req->smbpid : 0;
897 fsp->can_lock = True;
898 fsp->can_read = ((access_mask & FILE_READ_DATA) != 0);
901 ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) != 0);
902 fsp->print_file = NULL;
903 fsp->modified = False;
904 fsp->sent_oplock_break = NO_BREAK_SENT;
905 fsp->is_directory = False;
906 if (conn->aio_write_behind_list &&
907 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
908 conn->case_sensitive)) {
909 fsp->aio_write_behind = True;
912 fsp->wcp = NULL; /* Write cache pointer. */
914 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
915 conn->session_info->unix_info->unix_name,
916 smb_fname_str_dbg(smb_fname),
917 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
918 conn->num_files_open));
924 /****************************************************************************
925 Check if we can open a file with a share mode.
926 Returns True if conflict, False if not.
927 ****************************************************************************/
929 static bool share_conflict(struct share_mode_entry *entry,
933 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
934 "entry->share_access = 0x%x, "
935 "entry->private_options = 0x%x\n",
936 (unsigned int)entry->access_mask,
937 (unsigned int)entry->share_access,
938 (unsigned int)entry->private_options));
940 if (server_id_is_disconnected(&entry->pid)) {
942 * note: cleanup should have been done by
943 * delay_for_batch_oplocks()
948 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
949 (unsigned int)access_mask, (unsigned int)share_access));
951 if ((entry->access_mask & (FILE_WRITE_DATA|
955 DELETE_ACCESS)) == 0) {
956 DEBUG(10,("share_conflict: No conflict due to "
957 "entry->access_mask = 0x%x\n",
958 (unsigned int)entry->access_mask ));
962 if ((access_mask & (FILE_WRITE_DATA|
966 DELETE_ACCESS)) == 0) {
967 DEBUG(10,("share_conflict: No conflict due to "
968 "access_mask = 0x%x\n",
969 (unsigned int)access_mask ));
973 #if 1 /* JRA TEST - Superdebug. */
974 #define CHECK_MASK(num, am, right, sa, share) \
975 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
976 (unsigned int)(num), (unsigned int)(am), \
977 (unsigned int)(right), (unsigned int)(am)&(right) )); \
978 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
979 (unsigned int)(num), (unsigned int)(sa), \
980 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
981 if (((am) & (right)) && !((sa) & (share))) { \
982 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
983 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
984 (unsigned int)(share) )); \
988 #define CHECK_MASK(num, am, right, sa, share) \
989 if (((am) & (right)) && !((sa) & (share))) { \
990 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
991 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
992 (unsigned int)(share) )); \
997 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
998 share_access, FILE_SHARE_WRITE);
999 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
1000 entry->share_access, FILE_SHARE_WRITE);
1002 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
1003 share_access, FILE_SHARE_READ);
1004 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
1005 entry->share_access, FILE_SHARE_READ);
1007 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
1008 share_access, FILE_SHARE_DELETE);
1009 CHECK_MASK(6, access_mask, DELETE_ACCESS,
1010 entry->share_access, FILE_SHARE_DELETE);
1012 DEBUG(10,("share_conflict: No conflict.\n"));
1016 #if defined(DEVELOPER)
1017 static void validate_my_share_entries(struct smbd_server_connection *sconn,
1019 struct share_mode_entry *share_entry)
1021 struct server_id self = messaging_server_id(sconn->msg_ctx);
1024 if (!serverid_equal(&self, &share_entry->pid)) {
1028 if (!is_valid_share_mode_entry(share_entry)) {
1032 fsp = file_find_dif(sconn, share_entry->id,
1033 share_entry->share_file_id);
1035 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
1036 share_mode_str(talloc_tos(), num, share_entry) ));
1037 smb_panic("validate_my_share_entries: Cannot match a "
1038 "share entry with an open file\n");
1041 if ((share_entry->op_type == NO_OPLOCK) &&
1042 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK))
1044 /* Someone has already written to it, but I haven't yet
1049 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
1058 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
1059 share_mode_str(talloc_tos(), num, share_entry) ));
1060 str = talloc_asprintf(talloc_tos(),
1061 "validate_my_share_entries: "
1062 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
1063 fsp->fsp_name->base_name,
1064 (unsigned int)fsp->oplock_type,
1065 (unsigned int)share_entry->op_type );
1071 bool is_stat_open(uint32 access_mask)
1073 const uint32_t stat_open_bits =
1074 (SYNCHRONIZE_ACCESS|
1075 FILE_READ_ATTRIBUTES|
1076 FILE_WRITE_ATTRIBUTES);
1078 return (((access_mask & stat_open_bits) != 0) &&
1079 ((access_mask & ~stat_open_bits) == 0));
1082 /****************************************************************************
1083 Deal with share modes
1084 Invarient: Share mode must be locked on entry and exit.
1085 Returns -1 on error, or number of share modes on success (may be zero).
1086 ****************************************************************************/
1088 static NTSTATUS open_mode_check(connection_struct *conn,
1089 struct share_mode_lock *lck,
1092 uint32 share_access,
1093 uint32 create_options,
1098 if(lck->data->num_share_modes == 0) {
1099 return NT_STATUS_OK;
1102 /* A delete on close prohibits everything */
1104 if (is_delete_on_close_set(lck, name_hash)) {
1106 * Check the delete on close token
1107 * is valid. It could have been left
1108 * after a server crash.
1110 for(i = 0; i < lck->data->num_share_modes; i++) {
1111 if (!share_mode_stale_pid(lck->data, i)) {
1113 *file_existed = true;
1115 return NT_STATUS_DELETE_PENDING;
1118 return NT_STATUS_OK;
1121 if (is_stat_open(access_mask)) {
1122 /* Stat open that doesn't trigger oplock breaks or share mode
1123 * checks... ! JRA. */
1124 return NT_STATUS_OK;
1128 * Check if the share modes will give us access.
1131 #if defined(DEVELOPER)
1132 for(i = 0; i < lck->data->num_share_modes; i++) {
1133 validate_my_share_entries(conn->sconn, i,
1134 &lck->data->share_modes[i]);
1138 /* Now we check the share modes, after any oplock breaks. */
1139 for(i = 0; i < lck->data->num_share_modes; i++) {
1141 if (!is_valid_share_mode_entry(&lck->data->share_modes[i])) {
1145 /* someone else has a share lock on it, check to see if we can
1147 if (share_conflict(&lck->data->share_modes[i],
1148 access_mask, share_access)) {
1150 if (share_mode_stale_pid(lck->data, i)) {
1154 *file_existed = true;
1156 return NT_STATUS_SHARING_VIOLATION;
1160 if (lck->data->num_share_modes != 0) {
1161 *file_existed = true;
1164 return NT_STATUS_OK;
1168 * Send a break message to the oplock holder and delay the open for
1172 static NTSTATUS send_break_message(files_struct *fsp,
1173 struct share_mode_entry *exclusive,
1178 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
1180 DEBUG(10, ("Sending break request to PID %s\n",
1181 procid_str_static(&exclusive->pid)));
1182 exclusive->op_mid = mid;
1184 /* Create the message. */
1185 share_mode_entry_to_message(msg, exclusive);
1187 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
1188 MSG_SMB_BREAK_REQUEST,
1190 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
1191 if (!NT_STATUS_IS_OK(status)) {
1192 DEBUG(3, ("Could not send oplock break message: %s\n",
1193 nt_errstr(status)));
1200 * Return share_mode_entry pointers for :
1201 * 1). Batch oplock entry.
1202 * 2). Batch or exclusive oplock entry (may be identical to #1).
1203 * bool have_level2_oplock
1204 * bool have_no_oplock.
1205 * Do internal consistency checks on the share mode for a file.
1208 static void find_oplock_types(files_struct *fsp,
1210 const struct share_mode_lock *lck,
1211 struct share_mode_entry **pp_batch,
1212 struct share_mode_entry **pp_ex_or_batch,
1214 bool *got_no_oplock)
1219 *pp_ex_or_batch = NULL;
1220 *got_level2 = false;
1221 *got_no_oplock = false;
1223 /* Ignore stat or internal opens, as is done in
1224 delay_for_batch_oplocks() and
1225 delay_for_exclusive_oplocks().
1227 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
1231 for (i=0; i<lck->data->num_share_modes; i++) {
1232 struct share_mode_entry *e = &lck->data->share_modes[i];
1234 if (!is_valid_share_mode_entry(e)) {
1238 if (e->op_type == NO_OPLOCK && is_stat_open(e->access_mask)) {
1239 /* We ignore stat opens in the table - they
1240 always have NO_OPLOCK and never get or
1241 cause breaks. JRA. */
1245 if (BATCH_OPLOCK_TYPE(e->op_type)) {
1246 /* batch - can only be one. */
1247 if (share_mode_stale_pid(lck->data, i)) {
1248 DEBUG(10, ("Found stale batch oplock\n"));
1251 if (*pp_ex_or_batch || *pp_batch || *got_level2 || *got_no_oplock) {
1252 smb_panic("Bad batch oplock entry.");
1257 if (EXCLUSIVE_OPLOCK_TYPE(e->op_type)) {
1258 if (share_mode_stale_pid(lck->data, i)) {
1259 DEBUG(10, ("Found stale duplicate oplock\n"));
1262 /* Exclusive or batch - can only be one. */
1263 if (*pp_ex_or_batch || *got_level2 || *got_no_oplock) {
1264 smb_panic("Bad exclusive or batch oplock entry.");
1266 *pp_ex_or_batch = e;
1269 if (LEVEL_II_OPLOCK_TYPE(e->op_type)) {
1270 if (*pp_batch || *pp_ex_or_batch) {
1271 if (share_mode_stale_pid(lck->data, i)) {
1272 DEBUG(10, ("Found stale LevelII "
1276 smb_panic("Bad levelII oplock entry.");
1281 if (e->op_type == NO_OPLOCK) {
1282 if (*pp_batch || *pp_ex_or_batch) {
1283 if (share_mode_stale_pid(lck->data, i)) {
1284 DEBUG(10, ("Found stale NO_OPLOCK "
1288 smb_panic("Bad no oplock entry.");
1290 *got_no_oplock = true;
1295 static bool delay_for_batch_oplocks(files_struct *fsp,
1298 struct share_mode_entry *batch_entry)
1300 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
1303 if (batch_entry == NULL) {
1307 if (server_id_is_disconnected(&batch_entry->pid)) {
1310 * This could be achieved by sending a break message
1311 * to ourselves. Special considerations for files
1312 * with delete_on_close flag set!
1314 * For now we keep it simple and do not
1315 * allow delete on close for durable handles.
1320 /* Found a batch oplock */
1321 send_break_message(fsp, batch_entry, mid, oplock_request);
1325 static bool delay_for_exclusive_oplocks(files_struct *fsp,
1328 struct share_mode_entry *ex_entry)
1330 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
1333 if (ex_entry == NULL) {
1337 if (server_id_is_disconnected(&ex_entry->pid)) {
1339 * since only durable handles can get disconnected,
1340 * and we can only get durable handles with batch oplocks,
1341 * this should actually never be reached...
1346 send_break_message(fsp, ex_entry, mid, oplock_request);
1350 static bool file_has_brlocks(files_struct *fsp)
1352 struct byte_range_lock *br_lck;
1354 br_lck = brl_get_locks_readonly(fsp);
1358 return br_lck->num_locks > 0 ? true : false;
1361 static void grant_fsp_oplock_type(files_struct *fsp,
1363 bool got_level2_oplock,
1364 bool got_a_none_oplock)
1366 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
1367 lp_level2_oplocks(SNUM(fsp->conn));
1369 /* Start by granting what the client asked for,
1370 but ensure no SAMBA_PRIVATE bits can be set. */
1371 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1373 if (oplock_request & INTERNAL_OPEN_ONLY) {
1374 /* No oplocks on internal open. */
1375 fsp->oplock_type = NO_OPLOCK;
1376 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1377 fsp->oplock_type, fsp_str_dbg(fsp)));
1381 if (lp_locking(fsp->conn->params) && file_has_brlocks(fsp)) {
1382 DEBUG(10,("grant_fsp_oplock_type: file %s has byte range locks\n",
1384 fsp->oplock_type = NO_OPLOCK;
1387 if (is_stat_open(fsp->access_mask)) {
1388 /* Leave the value already set. */
1389 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1390 fsp->oplock_type, fsp_str_dbg(fsp)));
1395 * Match what was requested (fsp->oplock_type) with
1396 * what was found in the existing share modes.
1399 if (got_a_none_oplock) {
1400 fsp->oplock_type = NO_OPLOCK;
1401 } else if (got_level2_oplock) {
1402 if (fsp->oplock_type == NO_OPLOCK ||
1403 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1404 /* Store a level2 oplock, but don't tell the client */
1405 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1407 fsp->oplock_type = LEVEL_II_OPLOCK;
1410 /* All share_mode_entries are placeholders or deferred.
1411 * Silently upgrade to fake levelII if the client didn't
1412 * ask for an oplock. */
1413 if (fsp->oplock_type == NO_OPLOCK) {
1414 /* Store a level2 oplock, but don't tell the client */
1415 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1420 * Don't grant level2 to clients that don't want them
1421 * or if we've turned them off.
1423 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1424 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1427 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1428 fsp->oplock_type, fsp_str_dbg(fsp)));
1431 static bool request_timed_out(struct timeval request_time,
1432 struct timeval timeout)
1434 struct timeval now, end_time;
1436 end_time = timeval_sum(&request_time, &timeout);
1437 return (timeval_compare(&end_time, &now) < 0);
1440 struct defer_open_state {
1441 struct smbd_server_connection *sconn;
1445 static void defer_open_done(struct tevent_req *req);
1447 /****************************************************************************
1448 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1449 ****************************************************************************/
1451 static void defer_open(struct share_mode_lock *lck,
1452 struct timeval request_time,
1453 struct timeval timeout,
1454 struct smb_request *req,
1455 struct deferred_open_record *state)
1457 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1458 "open entry for mid %llu\n",
1459 (unsigned int)request_time.tv_sec,
1460 (unsigned int)request_time.tv_usec,
1461 (unsigned long long)req->mid));
1463 if (!push_deferred_open_message_smb(req, request_time, timeout,
1464 state->id, (char *)state, sizeof(*state))) {
1466 exit_server("push_deferred_open_message_smb failed");
1469 struct defer_open_state *watch_state;
1470 struct tevent_req *watch_req;
1473 watch_state = talloc(req->sconn, struct defer_open_state);
1474 if (watch_state == NULL) {
1475 exit_server("talloc failed");
1477 watch_state->sconn = req->sconn;
1478 watch_state->mid = req->mid;
1480 DEBUG(10, ("defering mid %llu\n",
1481 (unsigned long long)req->mid));
1483 watch_req = dbwrap_record_watch_send(
1484 watch_state, req->sconn->ev_ctx, lck->data->record,
1485 req->sconn->msg_ctx);
1486 if (watch_req == NULL) {
1487 exit_server("Could not watch share mode record");
1489 tevent_req_set_callback(watch_req, defer_open_done,
1492 ret = tevent_req_set_endtime(
1493 watch_req, req->sconn->ev_ctx,
1494 timeval_sum(&request_time, &timeout));
1499 static void defer_open_done(struct tevent_req *req)
1501 struct defer_open_state *state = tevent_req_callback_data(
1502 req, struct defer_open_state);
1506 status = dbwrap_record_watch_recv(req, talloc_tos(), NULL);
1508 if (!NT_STATUS_IS_OK(status)) {
1509 DEBUG(5, ("dbwrap_record_watch_recv returned %s\n",
1510 nt_errstr(status)));
1512 * Even if it failed, retry anyway. TODO: We need a way to
1513 * tell a re-scheduled open about that error.
1517 DEBUG(10, ("scheduling mid %llu\n", (unsigned long long)state->mid));
1519 ret = schedule_deferred_open_message_smb(state->sconn, state->mid);
1525 /****************************************************************************
1526 On overwrite open ensure that the attributes match.
1527 ****************************************************************************/
1529 static bool open_match_attributes(connection_struct *conn,
1530 uint32 old_dos_attr,
1531 uint32 new_dos_attr,
1532 mode_t existing_unx_mode,
1533 mode_t new_unx_mode,
1534 mode_t *returned_unx_mode)
1536 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1538 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1539 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1541 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1542 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1543 *returned_unx_mode = new_unx_mode;
1545 *returned_unx_mode = (mode_t)0;
1548 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1549 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1550 "returned_unx_mode = 0%o\n",
1551 (unsigned int)old_dos_attr,
1552 (unsigned int)existing_unx_mode,
1553 (unsigned int)new_dos_attr,
1554 (unsigned int)*returned_unx_mode ));
1556 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1557 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1558 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1559 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1563 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1564 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1565 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1572 /****************************************************************************
1573 Special FCB or DOS processing in the case of a sharing violation.
1574 Try and find a duplicated file handle.
1575 ****************************************************************************/
1577 static NTSTATUS fcb_or_dos_open(struct smb_request *req,
1578 connection_struct *conn,
1579 files_struct *fsp_to_dup_into,
1580 const struct smb_filename *smb_fname,
1585 uint32 share_access,
1586 uint32 create_options)
1590 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1591 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1593 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1594 fsp = file_find_di_next(fsp)) {
1596 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1597 "vuid = %llu, file_pid = %u, private_options = 0x%x "
1598 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1599 fsp->fh->fd, (unsigned long long)fsp->vuid,
1600 (unsigned int)fsp->file_pid,
1601 (unsigned int)fsp->fh->private_options,
1602 (unsigned int)fsp->access_mask ));
1604 if (fsp != fsp_to_dup_into &&
1605 fsp->fh->fd != -1 &&
1606 fsp->vuid == vuid &&
1607 fsp->file_pid == file_pid &&
1608 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1609 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1610 (fsp->access_mask & FILE_WRITE_DATA) &&
1611 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1612 strequal(fsp->fsp_name->stream_name,
1613 smb_fname->stream_name)) {
1614 DEBUG(10,("fcb_or_dos_open: file match\n"));
1620 return NT_STATUS_NOT_FOUND;
1623 /* quite an insane set of semantics ... */
1624 if (is_executable(smb_fname->base_name) &&
1625 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1626 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1627 return NT_STATUS_INVALID_PARAMETER;
1630 /* We need to duplicate this fsp. */
1631 return dup_file_fsp(req, fsp, access_mask, share_access,
1632 create_options, fsp_to_dup_into);
1635 static void schedule_defer_open(struct share_mode_lock *lck,
1636 struct timeval request_time,
1637 struct smb_request *req)
1639 struct deferred_open_record state;
1641 /* This is a relative time, added to the absolute
1642 request_time value to get the absolute timeout time.
1643 Note that if this is the second or greater time we enter
1644 this codepath for this particular request mid then
1645 request_time is left as the absolute time of the *first*
1646 time this request mid was processed. This is what allows
1647 the request to eventually time out. */
1649 struct timeval timeout;
1651 /* Normally the smbd we asked should respond within
1652 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1653 * the client did, give twice the timeout as a safety
1654 * measure here in case the other smbd is stuck
1655 * somewhere else. */
1657 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1659 /* Nothing actually uses state.delayed_for_oplocks
1660 but it's handy to differentiate in debug messages
1661 between a 30 second delay due to oplock break, and
1662 a 1 second delay for share mode conflicts. */
1664 state.delayed_for_oplocks = True;
1665 state.async_open = false;
1666 state.id = lck->data->id;
1668 if (!request_timed_out(request_time, timeout)) {
1669 defer_open(lck, request_time, timeout, req, &state);
1673 /****************************************************************************
1674 Reschedule an open call that went asynchronous.
1675 ****************************************************************************/
1677 static void schedule_async_open(struct timeval request_time,
1678 struct smb_request *req)
1680 struct deferred_open_record state;
1681 struct timeval timeout;
1683 timeout = timeval_set(20, 0);
1686 state.delayed_for_oplocks = false;
1687 state.async_open = true;
1689 if (!request_timed_out(request_time, timeout)) {
1690 defer_open(NULL, request_time, timeout, req, &state);
1694 /****************************************************************************
1695 Work out what access_mask to use from what the client sent us.
1696 ****************************************************************************/
1698 static NTSTATUS smbd_calculate_maximum_allowed_access(
1699 connection_struct *conn,
1700 const struct smb_filename *smb_fname,
1702 uint32_t *p_access_mask)
1704 struct security_descriptor *sd;
1705 uint32_t access_granted;
1708 if (!use_privs && (get_current_uid(conn) == (uid_t)0)) {
1709 *p_access_mask |= FILE_GENERIC_ALL;
1710 return NT_STATUS_OK;
1713 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1719 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1721 * File did not exist
1723 *p_access_mask = FILE_GENERIC_ALL;
1724 return NT_STATUS_OK;
1726 if (!NT_STATUS_IS_OK(status)) {
1727 DEBUG(10,("Could not get acl on file %s: %s\n",
1728 smb_fname_str_dbg(smb_fname),
1729 nt_errstr(status)));
1730 return NT_STATUS_ACCESS_DENIED;
1734 * If we can access the path to this file, by
1735 * default we have FILE_READ_ATTRIBUTES from the
1736 * containing directory. See the section:
1737 * "Algorithm to Check Access to an Existing File"
1740 * se_file_access_check()
1741 * also takes care of owner WRITE_DAC and READ_CONTROL.
1743 status = se_file_access_check(sd,
1744 get_current_nttok(conn),
1746 (*p_access_mask & ~FILE_READ_ATTRIBUTES),
1751 if (!NT_STATUS_IS_OK(status)) {
1752 DEBUG(10, ("Access denied on file %s: "
1753 "when calculating maximum access\n",
1754 smb_fname_str_dbg(smb_fname)));
1755 return NT_STATUS_ACCESS_DENIED;
1757 *p_access_mask = (access_granted | FILE_READ_ATTRIBUTES);
1759 if (!(access_granted & DELETE_ACCESS)) {
1760 if (can_delete_file_in_directory(conn, smb_fname)) {
1761 *p_access_mask |= DELETE_ACCESS;
1765 return NT_STATUS_OK;
1768 NTSTATUS smbd_calculate_access_mask(connection_struct *conn,
1769 const struct smb_filename *smb_fname,
1771 uint32_t access_mask,
1772 uint32_t *access_mask_out)
1775 uint32_t orig_access_mask = access_mask;
1776 uint32_t rejected_share_access;
1779 * Convert GENERIC bits to specific bits.
1782 se_map_generic(&access_mask, &file_generic_mapping);
1784 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1785 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1787 status = smbd_calculate_maximum_allowed_access(
1788 conn, smb_fname, use_privs, &access_mask);
1790 if (!NT_STATUS_IS_OK(status)) {
1794 access_mask &= conn->share_access;
1797 rejected_share_access = access_mask & ~(conn->share_access);
1799 if (rejected_share_access) {
1800 DEBUG(10, ("smbd_calculate_access_mask: Access denied on "
1801 "file %s: rejected by share access mask[0x%08X] "
1802 "orig[0x%08X] mapped[0x%08X] reject[0x%08X]\n",
1803 smb_fname_str_dbg(smb_fname),
1805 orig_access_mask, access_mask,
1806 rejected_share_access));
1807 return NT_STATUS_ACCESS_DENIED;
1810 *access_mask_out = access_mask;
1811 return NT_STATUS_OK;
1814 /****************************************************************************
1815 Remove the deferred open entry under lock.
1816 ****************************************************************************/
1818 /****************************************************************************
1819 Return true if this is a state pointer to an asynchronous create.
1820 ****************************************************************************/
1822 bool is_deferred_open_async(const void *ptr)
1824 const struct deferred_open_record *state = (const struct deferred_open_record *)ptr;
1826 return state->async_open;
1829 static bool clear_ads(uint32_t create_disposition)
1833 switch (create_disposition) {
1834 case FILE_SUPERSEDE:
1835 case FILE_OVERWRITE_IF:
1836 case FILE_OVERWRITE:
1845 static int disposition_to_open_flags(uint32_t create_disposition)
1850 * Currently we're using FILE_SUPERSEDE as the same as
1851 * FILE_OVERWRITE_IF but they really are
1852 * different. FILE_SUPERSEDE deletes an existing file
1853 * (requiring delete access) then recreates it.
1856 switch (create_disposition) {
1857 case FILE_SUPERSEDE:
1858 case FILE_OVERWRITE_IF:
1860 * If file exists replace/overwrite. If file doesn't
1863 ret = O_CREAT|O_TRUNC;
1868 * If file exists open. If file doesn't exist error.
1873 case FILE_OVERWRITE:
1875 * If file exists overwrite. If file doesn't exist
1883 * If file exists error. If file doesn't exist create.
1885 ret = O_CREAT|O_EXCL;
1890 * If file exists open. If file doesn't exist create.
1898 static int calculate_open_access_flags(uint32_t access_mask,
1900 uint32_t private_flags)
1902 bool need_write, need_read;
1905 * Note that we ignore the append flag as append does not
1906 * mean the same thing under DOS and Unix.
1909 need_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA));
1914 /* DENY_DOS opens are always underlying read-write on the
1915 file handle, no matter what the requested access mask
1919 ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1920 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|
1921 FILE_READ_EA|FILE_EXECUTE));
1929 /****************************************************************************
1930 Open a file with a share mode. Passed in an already created files_struct *.
1931 ****************************************************************************/
1933 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1934 struct smb_request *req,
1935 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1936 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1937 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1938 uint32 create_options, /* options such as delete on close. */
1939 uint32 new_dos_attributes, /* attributes used for new file. */
1940 int oplock_request, /* internal Samba oplock codes. */
1941 /* Information (FILE_EXISTS etc.) */
1942 uint32_t private_flags, /* Samba specific flags. */
1946 struct smb_filename *smb_fname = fsp->fsp_name;
1949 bool file_existed = VALID_STAT(smb_fname->st);
1950 bool def_acl = False;
1951 bool posix_open = False;
1952 bool new_file_created = False;
1953 bool first_open_attempt = true;
1954 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1955 mode_t new_unx_mode = (mode_t)0;
1956 mode_t unx_mode = (mode_t)0;
1958 uint32 existing_dos_attributes = 0;
1959 struct timeval request_time = timeval_zero();
1960 struct share_mode_lock *lck = NULL;
1961 uint32 open_access_mask = access_mask;
1964 SMB_STRUCT_STAT saved_stat = smb_fname->st;
1965 struct share_mode_entry *batch_entry = NULL;
1966 struct share_mode_entry *exclusive_entry = NULL;
1967 bool got_level2_oplock = false;
1968 bool got_a_none_oplock = false;
1969 struct timespec old_write_time;
1972 if (conn->printer) {
1974 * Printers are handled completely differently.
1975 * Most of the passed parameters are ignored.
1979 *pinfo = FILE_WAS_CREATED;
1982 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1983 smb_fname_str_dbg(smb_fname)));
1986 DEBUG(0,("open_file_ntcreate: printer open without "
1987 "an SMB request!\n"));
1988 return NT_STATUS_INTERNAL_ERROR;
1991 return print_spool_open(fsp, smb_fname->base_name,
1995 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1997 return NT_STATUS_NO_MEMORY;
2000 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2002 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2003 new_dos_attributes = 0;
2005 /* Windows allows a new file to be created and
2006 silently removes a FILE_ATTRIBUTE_DIRECTORY
2007 sent by the client. Do the same. */
2009 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
2011 /* We add FILE_ATTRIBUTE_ARCHIVE to this as this mode is only used if the file is
2013 unx_mode = unix_mode(conn, new_dos_attributes | FILE_ATTRIBUTE_ARCHIVE,
2014 smb_fname, parent_dir);
2017 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
2018 "access_mask=0x%x share_access=0x%x "
2019 "create_disposition = 0x%x create_options=0x%x "
2020 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
2021 smb_fname_str_dbg(smb_fname), new_dos_attributes,
2022 access_mask, share_access, create_disposition,
2023 create_options, (unsigned int)unx_mode, oplock_request,
2024 (unsigned int)private_flags));
2026 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
2027 DEBUG(0, ("No smb request but not an internal only open!\n"));
2028 return NT_STATUS_INTERNAL_ERROR;
2032 * Only non-internal opens can be deferred at all
2037 if (get_deferred_open_message_state(req,
2040 /* Remember the absolute time of the original
2041 request with this mid. We'll use it later to
2042 see if this has timed out. */
2044 /* If it was an async create retry, the file
2047 if (is_deferred_open_async(ptr)) {
2048 SET_STAT_INVALID(smb_fname->st);
2049 file_existed = false;
2052 /* Ensure we don't reprocess this message. */
2053 remove_deferred_open_message_smb(req->sconn, req->mid);
2055 first_open_attempt = false;
2060 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
2062 existing_dos_attributes = dos_mode(conn, smb_fname);
2066 /* ignore any oplock requests if oplocks are disabled */
2067 if (!lp_oplocks(SNUM(conn)) ||
2068 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
2069 /* Mask off everything except the private Samba bits. */
2070 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
2073 /* this is for OS/2 long file names - say we don't support them */
2074 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
2075 /* OS/2 Workplace shell fix may be main code stream in a later
2077 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
2079 if (use_nt_status()) {
2080 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2082 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
2085 switch( create_disposition ) {
2087 /* If file exists open. If file doesn't exist error. */
2088 if (!file_existed) {
2089 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
2090 "requested for file %s and file "
2092 smb_fname_str_dbg(smb_fname)));
2094 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2098 case FILE_OVERWRITE:
2099 /* If file exists overwrite. If file doesn't exist
2101 if (!file_existed) {
2102 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
2103 "requested for file %s and file "
2105 smb_fname_str_dbg(smb_fname) ));
2107 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2112 /* If file exists error. If file doesn't exist
2115 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
2116 "requested for file %s and file "
2117 "already exists.\n",
2118 smb_fname_str_dbg(smb_fname)));
2119 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
2124 return map_nt_error_from_unix(errno);
2128 case FILE_SUPERSEDE:
2129 case FILE_OVERWRITE_IF:
2133 return NT_STATUS_INVALID_PARAMETER;
2136 flags2 = disposition_to_open_flags(create_disposition);
2138 /* We only care about matching attributes on file exists and
2141 if (!posix_open && file_existed &&
2142 ((create_disposition == FILE_OVERWRITE) ||
2143 (create_disposition == FILE_OVERWRITE_IF))) {
2144 if (!open_match_attributes(conn, existing_dos_attributes,
2146 smb_fname->st.st_ex_mode,
2147 unx_mode, &new_unx_mode)) {
2148 DEBUG(5,("open_file_ntcreate: attributes missmatch "
2149 "for file %s (%x %x) (0%o, 0%o)\n",
2150 smb_fname_str_dbg(smb_fname),
2151 existing_dos_attributes,
2153 (unsigned int)smb_fname->st.st_ex_mode,
2154 (unsigned int)unx_mode ));
2156 return NT_STATUS_ACCESS_DENIED;
2160 status = smbd_calculate_access_mask(conn, smb_fname,
2164 if (!NT_STATUS_IS_OK(status)) {
2165 DEBUG(10, ("open_file_ntcreate: smbd_calculate_access_mask "
2166 "on file %s returned %s\n",
2167 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
2171 open_access_mask = access_mask;
2173 if (flags2 & O_TRUNC) {
2174 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
2177 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
2178 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
2182 * Note that we ignore the append flag as append does not
2183 * mean the same thing under DOS and Unix.
2186 flags = calculate_open_access_flags(access_mask, oplock_request,
2190 * Currently we only look at FILE_WRITE_THROUGH for create options.
2194 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
2199 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
2203 if (!posix_open && !CAN_WRITE(conn)) {
2205 * We should really return a permission denied error if either
2206 * O_CREAT or O_TRUNC are set, but for compatibility with
2207 * older versions of Samba we just AND them out.
2209 flags2 &= ~(O_CREAT|O_TRUNC);
2212 if (first_open_attempt && lp_kernel_oplocks(SNUM(conn))) {
2214 * With kernel oplocks the open breaking an oplock
2215 * blocks until the oplock holder has given up the
2216 * oplock or closed the file. We prevent this by first
2217 * trying to open the file with O_NONBLOCK (see "man
2218 * fcntl" on Linux). For the second try, triggered by
2219 * an oplock break response, we do not need this
2222 * This is true under the assumption that only Samba
2223 * requests kernel oplocks. Once someone else like
2224 * NFSv4 starts to use that API, we will have to
2225 * modify this by communicating with the NFSv4 server.
2227 flags2 |= O_NONBLOCK;
2231 * Ensure we can't write on a read-only share or file.
2234 if (flags != O_RDONLY && file_existed &&
2235 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
2236 DEBUG(5,("open_file_ntcreate: write access requested for "
2237 "file %s on read only %s\n",
2238 smb_fname_str_dbg(smb_fname),
2239 !CAN_WRITE(conn) ? "share" : "file" ));
2241 return NT_STATUS_ACCESS_DENIED;
2244 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
2245 fsp->share_access = share_access;
2246 fsp->fh->private_options = private_flags;
2247 fsp->access_mask = open_access_mask; /* We change this to the
2248 * requested access_mask after
2249 * the open is done. */
2250 fsp->posix_open = posix_open;
2252 /* Ensure no SAMBA_PRIVATE bits can be set. */
2253 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
2255 if (timeval_is_zero(&request_time)) {
2256 request_time = fsp->open_time;
2260 * Ensure we pay attention to default ACLs on directories if required.
2263 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
2264 (def_acl = directory_has_default_acl(conn, parent_dir))) {
2265 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
2268 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
2269 "access_mask = 0x%x, open_access_mask = 0x%x\n",
2270 (unsigned int)flags, (unsigned int)flags2,
2271 (unsigned int)unx_mode, (unsigned int)access_mask,
2272 (unsigned int)open_access_mask));
2274 fsp_open = open_file(fsp, conn, req, parent_dir,
2275 flags|flags2, unx_mode, access_mask,
2276 open_access_mask, &new_file_created);
2278 if (NT_STATUS_EQUAL(fsp_open, NT_STATUS_NETWORK_BUSY)) {
2279 struct deferred_open_record state;
2282 * EWOULDBLOCK/EAGAIN maps to NETWORK_BUSY.
2284 if (file_existed && S_ISFIFO(fsp->fsp_name->st.st_ex_mode)) {
2285 DEBUG(10, ("FIFO busy\n"));
2286 return NT_STATUS_NETWORK_BUSY;
2289 DEBUG(10, ("Internal open busy\n"));
2290 return NT_STATUS_NETWORK_BUSY;
2294 * From here on we assume this is an oplock break triggered
2297 lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id);
2299 state.delayed_for_oplocks = false;
2300 state.async_open = false;
2301 state.id = fsp->file_id;
2302 defer_open(NULL, request_time, timeval_set(0, 0),
2304 DEBUG(10, ("No share mode lock found after "
2305 "EWOULDBLOCK, retrying sync\n"));
2306 return NT_STATUS_SHARING_VIOLATION;
2309 find_oplock_types(fsp, 0, lck, &batch_entry, &exclusive_entry,
2310 &got_level2_oplock, &got_a_none_oplock);
2312 if (delay_for_batch_oplocks(fsp, req->mid, 0, batch_entry) ||
2313 delay_for_exclusive_oplocks(fsp, req->mid, 0,
2315 schedule_defer_open(lck, request_time, req);
2317 DEBUG(10, ("Sent oplock break request to kernel "
2318 "oplock holder\n"));
2319 return NT_STATUS_SHARING_VIOLATION;
2323 * No oplock from Samba around. Immediately retry with
2326 state.delayed_for_oplocks = false;
2327 state.async_open = false;
2328 state.id = lck->data->id;
2329 defer_open(lck, request_time, timeval_set(0, 0), req, &state);
2331 DEBUG(10, ("No Samba oplock around after EWOULDBLOCK. "
2332 "Retrying sync\n"));
2333 return NT_STATUS_SHARING_VIOLATION;
2336 if (!NT_STATUS_IS_OK(fsp_open)) {
2337 if (NT_STATUS_EQUAL(fsp_open, NT_STATUS_RETRY)) {
2338 schedule_async_open(request_time, req);
2344 if (file_existed && !check_same_dev_ino(&saved_stat, &smb_fname->st)) {
2346 * The file did exist, but some other (local or NFS)
2347 * process either renamed/unlinked and re-created the
2348 * file with different dev/ino after we walked the path,
2349 * but before we did the open. We could retry the
2350 * open but it's a rare enough case it's easier to
2351 * just fail the open to prevent creating any problems
2352 * in the open file db having the wrong dev/ino key.
2356 DEBUG(1,("open_file_ntcreate: file %s - dev/ino mismatch. "
2357 "Old (dev=0x%llu, ino =0x%llu). "
2358 "New (dev=0x%llu, ino=0x%llu). Failing open "
2359 " with NT_STATUS_ACCESS_DENIED.\n",
2360 smb_fname_str_dbg(smb_fname),
2361 (unsigned long long)saved_stat.st_ex_dev,
2362 (unsigned long long)saved_stat.st_ex_ino,
2363 (unsigned long long)smb_fname->st.st_ex_dev,
2364 (unsigned long long)smb_fname->st.st_ex_ino));
2365 return NT_STATUS_ACCESS_DENIED;
2368 old_write_time = smb_fname->st.st_ex_mtime;
2371 * Deal with the race condition where two smbd's detect the
2372 * file doesn't exist and do the create at the same time. One
2373 * of them will win and set a share mode, the other (ie. this
2374 * one) should check if the requested share mode for this
2375 * create is allowed.
2379 * Now the file exists and fsp is successfully opened,
2380 * fsp->dev and fsp->inode are valid and should replace the
2381 * dev=0,inode=0 from a non existent file. Spotted by
2382 * Nadav Danieli <nadavd@exanet.com>. JRA.
2387 lck = get_share_mode_lock(talloc_tos(), id,
2389 smb_fname, &old_write_time);
2392 DEBUG(0, ("open_file_ntcreate: Could not get share "
2393 "mode lock for %s\n",
2394 smb_fname_str_dbg(smb_fname)));
2396 return NT_STATUS_SHARING_VIOLATION;
2399 /* Get the types we need to examine. */
2400 find_oplock_types(fsp,
2406 &got_a_none_oplock);
2408 /* First pass - send break only on batch oplocks. */
2409 if ((req != NULL) &&
2410 delay_for_batch_oplocks(fsp,
2414 schedule_defer_open(lck, request_time, req);
2417 return NT_STATUS_SHARING_VIOLATION;
2420 status = open_mode_check(conn, lck, fsp->name_hash,
2421 access_mask, share_access,
2422 create_options, &file_existed);
2424 if (NT_STATUS_IS_OK(status)) {
2425 /* We might be going to allow this open. Check oplock
2427 /* Second pass - send break for both batch or
2428 * exclusive oplocks. */
2429 if ((req != NULL) &&
2430 delay_for_exclusive_oplocks(
2435 schedule_defer_open(lck, request_time, req);
2438 return NT_STATUS_SHARING_VIOLATION;
2442 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
2443 /* DELETE_PENDING is not deferred for a second */
2449 if (!NT_STATUS_IS_OK(status)) {
2450 uint32 can_access_mask;
2451 bool can_access = True;
2453 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
2455 /* Check if this can be done with the deny_dos and fcb
2458 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
2459 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
2461 DEBUG(0, ("DOS open without an SMB "
2465 return NT_STATUS_INTERNAL_ERROR;
2468 /* Use the client requested access mask here,
2469 * not the one we open with. */
2470 status = fcb_or_dos_open(req,
2481 if (NT_STATUS_IS_OK(status)) {
2484 *pinfo = FILE_WAS_OPENED;
2486 return NT_STATUS_OK;
2491 * This next line is a subtlety we need for
2492 * MS-Access. If a file open will fail due to share
2493 * permissions and also for security (access) reasons,
2494 * we need to return the access failed error, not the
2495 * share error. We can't open the file due to kernel
2496 * oplock deadlock (it's possible we failed above on
2497 * the open_mode_check()) so use a userspace check.
2500 if (flags & O_RDWR) {
2501 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
2502 } else if (flags & O_WRONLY) {
2503 can_access_mask = FILE_WRITE_DATA;
2505 can_access_mask = FILE_READ_DATA;
2508 if (((can_access_mask & FILE_WRITE_DATA) &&
2509 !CAN_WRITE(conn)) ||
2510 !NT_STATUS_IS_OK(smbd_check_access_rights(conn,
2513 can_access_mask))) {
2518 * If we're returning a share violation, ensure we
2519 * cope with the braindead 1 second delay (SMB1 only).
2522 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
2523 !conn->sconn->using_smb2 &&
2524 lp_defer_sharing_violations()) {
2525 struct timeval timeout;
2526 struct deferred_open_record state;
2529 /* this is a hack to speed up torture tests
2531 timeout_usecs = lp_parm_int(SNUM(conn),
2532 "smbd","sharedelay",
2533 SHARING_VIOLATION_USEC_WAIT);
2535 /* This is a relative time, added to the absolute
2536 request_time value to get the absolute timeout time.
2537 Note that if this is the second or greater time we enter
2538 this codepath for this particular request mid then
2539 request_time is left as the absolute time of the *first*
2540 time this request mid was processed. This is what allows
2541 the request to eventually time out. */
2543 timeout = timeval_set(0, timeout_usecs);
2545 /* Nothing actually uses state.delayed_for_oplocks
2546 but it's handy to differentiate in debug messages
2547 between a 30 second delay due to oplock break, and
2548 a 1 second delay for share mode conflicts. */
2550 state.delayed_for_oplocks = False;
2551 state.async_open = false;
2555 && !request_timed_out(request_time,
2557 defer_open(lck, request_time, timeout,
2566 * We have detected a sharing violation here
2567 * so return the correct error code
2569 status = NT_STATUS_SHARING_VIOLATION;
2571 status = NT_STATUS_ACCESS_DENIED;
2576 grant_fsp_oplock_type(fsp,
2582 * We have the share entry *locked*.....
2585 /* Delete streams if create_disposition requires it */
2586 if (!new_file_created && clear_ads(create_disposition) &&
2587 !is_ntfs_stream_smb_fname(smb_fname)) {
2588 status = delete_all_streams(conn, smb_fname->base_name);
2589 if (!NT_STATUS_IS_OK(status)) {
2596 /* note that we ignore failure for the following. It is
2597 basically a hack for NFS, and NFS will never set one of
2598 these only read them. Nobody but Samba can ever set a deny
2599 mode and we have already checked our more authoritative
2600 locking database for permission to set this deny mode. If
2601 the kernel refuses the operations then the kernel is wrong.
2602 note that GPFS supports it as well - jmcd */
2604 if (fsp->fh->fd != -1 && lp_kernel_share_modes(SNUM(conn))) {
2606 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2607 if(ret_flock == -1 ){
2612 return NT_STATUS_SHARING_VIOLATION;
2617 * At this point onwards, we can guarantee that the share entry
2618 * is locked, whether we created the file or not, and that the
2619 * deny mode is compatible with all current opens.
2623 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2624 * but we don't have to store this - just ignore it on access check.
2626 if (conn->sconn->using_smb2) {
2628 * SMB2 doesn't return it (according to Microsoft tests).
2629 * Test Case: TestSuite_ScenarioNo009GrantedAccessTestS0
2630 * File created with access = 0x7 (Read, Write, Delete)
2631 * Query Info on file returns 0x87 (Read, Write, Delete, Read Attributes)
2633 fsp->access_mask = access_mask;
2635 /* But SMB1 does. */
2636 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2640 /* stat opens on existing files don't get oplocks. */
2641 if (is_stat_open(open_access_mask)) {
2642 fsp->oplock_type = NO_OPLOCK;
2646 if (new_file_created) {
2647 info = FILE_WAS_CREATED;
2649 if (flags2 & O_TRUNC) {
2650 info = FILE_WAS_OVERWRITTEN;
2652 info = FILE_WAS_OPENED;
2661 * Setup the oplock info in both the shared memory and
2665 status = set_file_oplock(fsp, fsp->oplock_type);
2666 if (!NT_STATUS_IS_OK(status)) {
2668 * Could not get the kernel oplock or there are byte-range
2669 * locks on the file.
2671 fsp->oplock_type = NO_OPLOCK;
2674 set_share_mode(lck, fsp, get_current_uid(conn),
2678 /* Handle strange delete on close create semantics. */
2679 if (create_options & FILE_DELETE_ON_CLOSE) {
2681 status = can_set_delete_on_close(fsp, new_dos_attributes);
2683 if (!NT_STATUS_IS_OK(status)) {
2684 /* Remember to delete the mode we just added. */
2685 del_share_mode(lck, fsp);
2690 /* Note that here we set the *inital* delete on close flag,
2691 not the regular one. The magic gets handled in close. */
2692 fsp->initial_delete_on_close = True;
2695 if (info != FILE_WAS_OPENED) {
2696 /* Files should be initially set as archive */
2697 if (lp_map_archive(SNUM(conn)) ||
2698 lp_store_dos_attributes(SNUM(conn))) {
2700 if (file_set_dosmode(conn, smb_fname,
2701 new_dos_attributes | FILE_ATTRIBUTE_ARCHIVE,
2702 parent_dir, true) == 0) {
2703 unx_mode = smb_fname->st.st_ex_mode;
2709 /* Determine sparse flag. */
2711 /* POSIX opens are sparse by default. */
2712 fsp->is_sparse = true;
2714 fsp->is_sparse = (file_existed &&
2715 (existing_dos_attributes & FILE_ATTRIBUTE_SPARSE));
2719 * Take care of inherited ACLs on created files - if default ACL not
2723 if (!posix_open && new_file_created && !def_acl) {
2725 int saved_errno = errno; /* We might get ENOSYS in the next
2728 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2730 errno = saved_errno; /* Ignore ENOSYS */
2733 } else if (new_unx_mode) {
2737 /* Attributes need changing. File already existed. */
2740 int saved_errno = errno; /* We might get ENOSYS in the
2742 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2744 if (ret == -1 && errno == ENOSYS) {
2745 errno = saved_errno; /* Ignore ENOSYS */
2747 DEBUG(5, ("open_file_ntcreate: reset "
2748 "attributes of file %s to 0%o\n",
2749 smb_fname_str_dbg(smb_fname),
2750 (unsigned int)new_unx_mode));
2751 ret = 0; /* Don't do the fchmod below. */
2756 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2757 DEBUG(5, ("open_file_ntcreate: failed to reset "
2758 "attributes of file %s to 0%o\n",
2759 smb_fname_str_dbg(smb_fname),
2760 (unsigned int)new_unx_mode));
2765 return NT_STATUS_OK;
2769 /****************************************************************************
2770 Open a file for for write to ensure that we can fchmod it.
2771 ****************************************************************************/
2773 NTSTATUS open_file_fchmod(connection_struct *conn,
2774 struct smb_filename *smb_fname,
2775 files_struct **result)
2777 if (!VALID_STAT(smb_fname->st)) {
2778 return NT_STATUS_INVALID_PARAMETER;
2781 return SMB_VFS_CREATE_FILE(
2784 0, /* root_dir_fid */
2785 smb_fname, /* fname */
2786 FILE_WRITE_DATA, /* access_mask */
2787 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2789 FILE_OPEN, /* create_disposition*/
2790 0, /* create_options */
2791 0, /* file_attributes */
2792 INTERNAL_OPEN_ONLY, /* oplock_request */
2793 0, /* allocation_size */
2794 0, /* private_flags */
2797 result, /* result */
2801 static NTSTATUS mkdir_internal(connection_struct *conn,
2802 struct smb_filename *smb_dname,
2803 uint32 file_attributes)
2806 char *parent_dir = NULL;
2808 bool posix_open = false;
2809 bool need_re_stat = false;
2810 uint32_t access_mask = SEC_DIR_ADD_SUBDIR;
2812 if (!CAN_WRITE(conn) || (access_mask & ~(conn->share_access))) {
2813 DEBUG(5,("mkdir_internal: failing share access "
2814 "%s\n", lp_servicename(talloc_tos(), SNUM(conn))));
2815 return NT_STATUS_ACCESS_DENIED;
2818 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2820 return NT_STATUS_NO_MEMORY;
2823 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2825 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2827 mode = unix_mode(conn, FILE_ATTRIBUTE_DIRECTORY, smb_dname, parent_dir);
2830 status = check_parent_access(conn,
2833 if(!NT_STATUS_IS_OK(status)) {
2834 DEBUG(5,("mkdir_internal: check_parent_access "
2835 "on directory %s for path %s returned %s\n",
2837 smb_dname->base_name,
2838 nt_errstr(status) ));
2842 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2843 return map_nt_error_from_unix(errno);
2846 /* Ensure we're checking for a symlink here.... */
2847 /* We don't want to get caught by a symlink racer. */
2849 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2850 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2851 smb_fname_str_dbg(smb_dname), strerror(errno)));
2852 return map_nt_error_from_unix(errno);
2855 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2856 DEBUG(0, ("Directory '%s' just created is not a directory !\n",
2857 smb_fname_str_dbg(smb_dname)));
2858 return NT_STATUS_NOT_A_DIRECTORY;
2861 if (lp_store_dos_attributes(SNUM(conn))) {
2863 file_set_dosmode(conn, smb_dname,
2864 file_attributes | FILE_ATTRIBUTE_DIRECTORY,
2869 if (lp_inherit_perms(SNUM(conn))) {
2870 inherit_access_posix_acl(conn, parent_dir,
2871 smb_dname->base_name, mode);
2872 need_re_stat = true;
2877 * Check if high bits should have been set,
2878 * then (if bits are missing): add them.
2879 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2882 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2883 (mode & ~smb_dname->st.st_ex_mode)) {
2884 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2885 (smb_dname->st.st_ex_mode |
2886 (mode & ~smb_dname->st.st_ex_mode)));
2887 need_re_stat = true;
2891 /* Change the owner if required. */
2892 if (lp_inherit_owner(SNUM(conn))) {
2893 change_dir_owner_to_parent(conn, parent_dir,
2894 smb_dname->base_name,
2896 need_re_stat = true;
2900 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2901 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2902 smb_fname_str_dbg(smb_dname), strerror(errno)));
2903 return map_nt_error_from_unix(errno);
2907 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2908 smb_dname->base_name);
2910 return NT_STATUS_OK;
2913 /****************************************************************************
2914 Open a directory from an NT SMB call.
2915 ****************************************************************************/
2917 static NTSTATUS open_directory(connection_struct *conn,
2918 struct smb_request *req,
2919 struct smb_filename *smb_dname,
2921 uint32 share_access,
2922 uint32 create_disposition,
2923 uint32 create_options,
2924 uint32 file_attributes,
2926 files_struct **result)
2928 files_struct *fsp = NULL;
2929 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2930 struct share_mode_lock *lck = NULL;
2932 struct timespec mtimespec;
2935 if (is_ntfs_stream_smb_fname(smb_dname)) {
2936 DEBUG(2, ("open_directory: %s is a stream name!\n",
2937 smb_fname_str_dbg(smb_dname)));
2938 return NT_STATUS_NOT_A_DIRECTORY;
2941 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2942 /* Ensure we have a directory attribute. */
2943 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2946 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2947 "share_access = 0x%x create_options = 0x%x, "
2948 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2949 smb_fname_str_dbg(smb_dname),
2950 (unsigned int)access_mask,
2951 (unsigned int)share_access,
2952 (unsigned int)create_options,
2953 (unsigned int)create_disposition,
2954 (unsigned int)file_attributes));
2956 status = smbd_calculate_access_mask(conn, smb_dname, false,
2957 access_mask, &access_mask);
2958 if (!NT_STATUS_IS_OK(status)) {
2959 DEBUG(10, ("open_directory: smbd_calculate_access_mask "
2960 "on file %s returned %s\n",
2961 smb_fname_str_dbg(smb_dname),
2962 nt_errstr(status)));
2966 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2967 !security_token_has_privilege(get_current_nttok(conn),
2968 SEC_PRIV_SECURITY)) {
2969 DEBUG(10, ("open_directory: open on %s "
2970 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2971 smb_fname_str_dbg(smb_dname)));
2972 return NT_STATUS_PRIVILEGE_NOT_HELD;
2975 switch( create_disposition ) {
2979 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2982 info = FILE_WAS_OPENED;
2987 /* If directory exists error. If directory doesn't
2991 status = NT_STATUS_OBJECT_NAME_COLLISION;
2992 DEBUG(2, ("open_directory: unable to create "
2993 "%s. Error was %s\n",
2994 smb_fname_str_dbg(smb_dname),
2995 nt_errstr(status)));
2999 status = mkdir_internal(conn, smb_dname,
3002 if (!NT_STATUS_IS_OK(status)) {
3003 DEBUG(2, ("open_directory: unable to create "
3004 "%s. Error was %s\n",
3005 smb_fname_str_dbg(smb_dname),
3006 nt_errstr(status)));
3010 info = FILE_WAS_CREATED;
3015 * If directory exists open. If directory doesn't
3020 status = NT_STATUS_OK;
3021 info = FILE_WAS_OPENED;
3023 status = mkdir_internal(conn, smb_dname,
3026 if (NT_STATUS_IS_OK(status)) {
3027 info = FILE_WAS_CREATED;
3029 /* Cope with create race. */
3030 if (!NT_STATUS_EQUAL(status,
3031 NT_STATUS_OBJECT_NAME_COLLISION)) {
3032 DEBUG(2, ("open_directory: unable to create "
3033 "%s. Error was %s\n",
3034 smb_fname_str_dbg(smb_dname),
3035 nt_errstr(status)));
3038 info = FILE_WAS_OPENED;
3044 case FILE_SUPERSEDE:
3045 case FILE_OVERWRITE:
3046 case FILE_OVERWRITE_IF:
3048 DEBUG(5,("open_directory: invalid create_disposition "
3049 "0x%x for directory %s\n",
3050 (unsigned int)create_disposition,
3051 smb_fname_str_dbg(smb_dname)));
3052 return NT_STATUS_INVALID_PARAMETER;
3055 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
3056 DEBUG(5,("open_directory: %s is not a directory !\n",
3057 smb_fname_str_dbg(smb_dname)));
3058 return NT_STATUS_NOT_A_DIRECTORY;
3061 if (info == FILE_WAS_OPENED) {
3062 status = smbd_check_access_rights(conn,
3066 if (!NT_STATUS_IS_OK(status)) {
3067 DEBUG(10, ("open_directory: smbd_check_access_rights on "
3068 "file %s failed with %s\n",
3069 smb_fname_str_dbg(smb_dname),
3070 nt_errstr(status)));
3075 status = file_new(req, conn, &fsp);
3076 if(!NT_STATUS_IS_OK(status)) {
3081 * Setup the files_struct for it.
3084 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
3085 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
3086 fsp->file_pid = req ? req->smbpid : 0;
3087 fsp->can_lock = False;
3088 fsp->can_read = False;
3089 fsp->can_write = False;
3091 fsp->share_access = share_access;
3092 fsp->fh->private_options = 0;
3094 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
3096 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
3097 fsp->print_file = NULL;
3098 fsp->modified = False;
3099 fsp->oplock_type = NO_OPLOCK;
3100 fsp->sent_oplock_break = NO_BREAK_SENT;
3101 fsp->is_directory = True;
3102 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
3103 status = fsp_set_smb_fname(fsp, smb_dname);
3104 if (!NT_STATUS_IS_OK(status)) {
3105 file_free(req, fsp);
3109 mtimespec = smb_dname->st.st_ex_mtime;
3112 status = fd_open(conn, fsp, O_RDONLY|O_DIRECTORY, 0);
3114 /* POSIX allows us to open a directory with O_RDONLY. */
3115 status = fd_open(conn, fsp, O_RDONLY, 0);
3117 if (!NT_STATUS_IS_OK(status)) {
3118 DEBUG(5, ("open_directory: Could not open fd for "
3120 smb_fname_str_dbg(smb_dname),
3121 nt_errstr(status)));
3122 file_free(req, fsp);
3126 status = vfs_stat_fsp(fsp);
3127 if (!NT_STATUS_IS_OK(status)) {
3129 file_free(req, fsp);
3133 /* Ensure there was no race condition. */
3134 if (!check_same_stat(&smb_dname->st, &fsp->fsp_name->st)) {
3135 DEBUG(5,("open_directory: stat struct differs for "
3137 smb_fname_str_dbg(smb_dname)));
3139 file_free(req, fsp);
3140 return NT_STATUS_ACCESS_DENIED;
3143 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
3144 conn->connectpath, smb_dname,
3148 DEBUG(0, ("open_directory: Could not get share mode lock for "
3149 "%s\n", smb_fname_str_dbg(smb_dname)));
3151 file_free(req, fsp);
3152 return NT_STATUS_SHARING_VIOLATION;
3155 status = open_mode_check(conn, lck, fsp->name_hash,
3156 access_mask, share_access,
3157 create_options, &dir_existed);
3159 if (!NT_STATUS_IS_OK(status)) {
3162 file_free(req, fsp);
3166 set_share_mode(lck, fsp, get_current_uid(conn),
3167 req ? req->mid : 0, NO_OPLOCK);
3169 /* For directories the delete on close bit at open time seems
3170 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
3171 if (create_options & FILE_DELETE_ON_CLOSE) {
3172 status = can_set_delete_on_close(fsp, 0);
3173 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
3176 file_free(req, fsp);
3180 if (NT_STATUS_IS_OK(status)) {
3181 /* Note that here we set the *inital* delete on close flag,
3182 not the regular one. The magic gets handled in close. */
3183 fsp->initial_delete_on_close = True;
3194 return NT_STATUS_OK;
3197 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
3198 struct smb_filename *smb_dname)
3203 status = SMB_VFS_CREATE_FILE(
3206 0, /* root_dir_fid */
3207 smb_dname, /* fname */
3208 FILE_READ_ATTRIBUTES, /* access_mask */
3209 FILE_SHARE_NONE, /* share_access */
3210 FILE_CREATE, /* create_disposition*/
3211 FILE_DIRECTORY_FILE, /* create_options */
3212 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
3213 0, /* oplock_request */
3214 0, /* allocation_size */
3215 0, /* private_flags */
3221 if (NT_STATUS_IS_OK(status)) {
3222 close_file(req, fsp, NORMAL_CLOSE);
3228 /****************************************************************************
3229 Receive notification that one of our open files has been renamed by another
3231 ****************************************************************************/
3233 void msg_file_was_renamed(struct messaging_context *msg,
3236 struct server_id server_id,
3240 char *frm = (char *)data->data;
3242 const char *sharepath;
3243 const char *base_name;
3244 const char *stream_name;
3245 struct smb_filename *smb_fname = NULL;
3246 size_t sp_len, bn_len;
3248 struct smbd_server_connection *sconn =
3249 talloc_get_type_abort(private_data,
3250 struct smbd_server_connection);
3252 if (data->data == NULL
3253 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
3254 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
3255 (int)data->length));
3259 /* Unpack the message. */
3260 pull_file_id_24(frm, &id);
3261 sharepath = &frm[24];
3262 sp_len = strlen(sharepath);
3263 base_name = sharepath + sp_len + 1;
3264 bn_len = strlen(base_name);
3265 stream_name = sharepath + sp_len + 1 + bn_len + 1;
3267 /* stream_name must always be NULL if there is no stream. */
3268 if (stream_name[0] == '\0') {
3272 smb_fname = synthetic_smb_fname(talloc_tos(), base_name,
3274 if (smb_fname == NULL) {
3278 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
3280 sharepath, smb_fname_str_dbg(smb_fname),
3281 file_id_string_tos(&id)));
3283 for(fsp = file_find_di_first(sconn, id); fsp;
3284 fsp = file_find_di_next(fsp)) {
3285 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
3287 DEBUG(10,("msg_file_was_renamed: renaming file %s from %s -> %s\n",
3288 fsp_fnum_dbg(fsp), fsp_str_dbg(fsp),
3289 smb_fname_str_dbg(smb_fname)));
3290 status = fsp_set_smb_fname(fsp, smb_fname);
3291 if (!NT_STATUS_IS_OK(status)) {
3296 /* Now we have the complete path we can work out if this is
3297 actually within this share and adjust newname accordingly. */
3298 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
3299 "not sharepath %s) "
3300 "%s from %s -> %s\n",
3301 fsp->conn->connectpath,
3305 smb_fname_str_dbg(smb_fname)));
3309 TALLOC_FREE(smb_fname);
3314 * If a main file is opened for delete, all streams need to be checked for
3315 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
3316 * If that works, delete them all by setting the delete on close and close.
3319 NTSTATUS open_streams_for_delete(connection_struct *conn,
3322 struct stream_struct *stream_info = NULL;
3323 files_struct **streams = NULL;
3325 unsigned int num_streams = 0;
3326 TALLOC_CTX *frame = talloc_stackframe();
3329 status = vfs_streaminfo(conn, NULL, fname, talloc_tos(),
3330 &num_streams, &stream_info);
3332 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
3333 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
3334 DEBUG(10, ("no streams around\n"));
3336 return NT_STATUS_OK;
3339 if (!NT_STATUS_IS_OK(status)) {
3340 DEBUG(10, ("vfs_streaminfo failed: %s\n",
3341 nt_errstr(status)));
3345 DEBUG(10, ("open_streams_for_delete found %d streams\n",
3348 if (num_streams == 0) {
3350 return NT_STATUS_OK;
3353 streams = talloc_array(talloc_tos(), files_struct *, num_streams);
3354 if (streams == NULL) {
3355 DEBUG(0, ("talloc failed\n"));
3356 status = NT_STATUS_NO_MEMORY;
3360 for (i=0; i<num_streams; i++) {
3361 struct smb_filename *smb_fname;
3363 if (strequal(stream_info[i].name, "::$DATA")) {
3368 smb_fname = synthetic_smb_fname(
3369 talloc_tos(), fname, stream_info[i].name, NULL);
3370 if (smb_fname == NULL) {
3371 status = NT_STATUS_NO_MEMORY;
3375 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
3376 DEBUG(10, ("Unable to stat stream: %s\n",
3377 smb_fname_str_dbg(smb_fname)));
3380 status = SMB_VFS_CREATE_FILE(
3383 0, /* root_dir_fid */
3384 smb_fname, /* fname */
3385 DELETE_ACCESS, /* access_mask */
3386 (FILE_SHARE_READ | /* share_access */
3387 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
3388 FILE_OPEN, /* create_disposition*/
3389 0, /* create_options */
3390 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
3391 0, /* oplock_request */
3392 0, /* allocation_size */
3393 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
3396 &streams[i], /* result */
3399 if (!NT_STATUS_IS_OK(status)) {
3400 DEBUG(10, ("Could not open stream %s: %s\n",
3401 smb_fname_str_dbg(smb_fname),
3402 nt_errstr(status)));
3404 TALLOC_FREE(smb_fname);
3407 TALLOC_FREE(smb_fname);
3411 * don't touch the variable "status" beyond this point :-)
3414 for (i -= 1 ; i >= 0; i--) {
3415 if (streams[i] == NULL) {
3419 DEBUG(10, ("Closing stream # %d, %s\n", i,
3420 fsp_str_dbg(streams[i])));
3421 close_file(NULL, streams[i], NORMAL_CLOSE);
3429 /*********************************************************************
3430 Create a default ACL by inheriting from the parent. If no inheritance
3431 from the parent available, don't set anything. This will leave the actual
3432 permissions the new file or directory already got from the filesystem
3433 as the NT ACL when read.
3434 *********************************************************************/
3436 static NTSTATUS inherit_new_acl(files_struct *fsp)
3438 TALLOC_CTX *frame = talloc_stackframe();
3439 char *parent_name = NULL;
3440 struct security_descriptor *parent_desc = NULL;
3441 NTSTATUS status = NT_STATUS_OK;
3442 struct security_descriptor *psd = NULL;
3443 const struct dom_sid *owner_sid = NULL;
3444 const struct dom_sid *group_sid = NULL;
3445 uint32_t security_info_sent = (SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL);
3446 struct security_token *token = fsp->conn->session_info->security_token;
3447 bool inherit_owner = lp_inherit_owner(SNUM(fsp->conn));
3448 bool inheritable_components = false;
3449 bool try_builtin_administrators = false;
3450 const struct dom_sid *BA_U_sid = NULL;
3451 const struct dom_sid *BA_G_sid = NULL;
3452 bool try_system = false;
3453 const struct dom_sid *SY_U_sid = NULL;
3454 const struct dom_sid *SY_G_sid = NULL;
3457 if (!parent_dirname(frame, fsp->fsp_name->base_name, &parent_name, NULL)) {
3459 return NT_STATUS_NO_MEMORY;
3462 status = SMB_VFS_GET_NT_ACL(fsp->conn,
3464 (SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL),
3467 if (!NT_STATUS_IS_OK(status)) {
3472 inheritable_components = sd_has_inheritable_components(parent_desc,
3475 if (!inheritable_components && !inherit_owner) {
3477 /* Nothing to inherit and not setting owner. */
3478 return NT_STATUS_OK;
3481 /* Create an inherited descriptor from the parent. */
3483 if (DEBUGLEVEL >= 10) {
3484 DEBUG(10,("inherit_new_acl: parent acl for %s is:\n",
3485 fsp_str_dbg(fsp) ));
3486 NDR_PRINT_DEBUG(security_descriptor, parent_desc);
3489 /* Inherit from parent descriptor if "inherit owner" set. */
3490 if (inherit_owner) {
3491 owner_sid = parent_desc->owner_sid;
3492 group_sid = parent_desc->group_sid;
3495 if (owner_sid == NULL) {
3496 if (security_token_has_builtin_administrators(token)) {
3497 try_builtin_administrators = true;
3498 } else if (security_token_is_system(token)) {
3499 try_builtin_administrators = true;
3504 if (group_sid == NULL &&
3505 token->num_sids == PRIMARY_GROUP_SID_INDEX)
3507 if (security_token_is_system(token)) {
3508 try_builtin_administrators = true;
3513 if (try_builtin_administrators) {
3518 ok = sids_to_unixids(&global_sid_Builtin_Administrators, 1, &ids);
3522 BA_U_sid = &global_sid_Builtin_Administrators;
3523 BA_G_sid = &global_sid_Builtin_Administrators;
3526 BA_U_sid = &global_sid_Builtin_Administrators;
3529 BA_G_sid = &global_sid_Builtin_Administrators;
3542 ok = sids_to_unixids(&global_sid_System, 1, &ids);
3546 SY_U_sid = &global_sid_System;
3547 SY_G_sid = &global_sid_System;
3550 SY_U_sid = &global_sid_System;
3553 SY_G_sid = &global_sid_System;
3561 if (owner_sid == NULL) {
3562 owner_sid = BA_U_sid;
3565 if (owner_sid == NULL) {
3566 owner_sid = SY_U_sid;
3569 if (group_sid == NULL) {
3570 group_sid = SY_G_sid;
3573 if (try_system && group_sid == NULL) {
3574 group_sid = BA_G_sid;
3577 if (owner_sid == NULL) {
3578 owner_sid = &token->sids[PRIMARY_USER_SID_INDEX];
3580 if (group_sid == NULL) {
3581 if (token->num_sids == PRIMARY_GROUP_SID_INDEX) {
3582 group_sid = &token->sids[PRIMARY_USER_SID_INDEX];
3584 group_sid = &token->sids[PRIMARY_GROUP_SID_INDEX];
3588 status = se_create_child_secdesc(frame,
3595 if (!NT_STATUS_IS_OK(status)) {
3600 /* If inheritable_components == false,
3601 se_create_child_secdesc()
3602 creates a security desriptor with a NULL dacl
3603 entry, but with SEC_DESC_DACL_PRESENT. We need
3604 to remove that flag. */
3606 if (!inheritable_components) {
3607 security_info_sent &= ~SECINFO_DACL;
3608 psd->type &= ~SEC_DESC_DACL_PRESENT;
3611 if (DEBUGLEVEL >= 10) {
3612 DEBUG(10,("inherit_new_acl: child acl for %s is:\n",
3613 fsp_str_dbg(fsp) ));
3614 NDR_PRINT_DEBUG(security_descriptor, psd);
3617 if (inherit_owner) {
3618 /* We need to be root to force this. */
3621 status = SMB_VFS_FSET_NT_ACL(fsp,
3624 if (inherit_owner) {
3632 * Wrapper around open_file_ntcreate and open_directory
3635 static NTSTATUS create_file_unixpath(connection_struct *conn,
3636 struct smb_request *req,
3637 struct smb_filename *smb_fname,
3638 uint32_t access_mask,
3639 uint32_t share_access,
3640 uint32_t create_disposition,
3641 uint32_t create_options,
3642 uint32_t file_attributes,
3643 uint32_t oplock_request,
3644 uint64_t allocation_size,
3645 uint32_t private_flags,
3646 struct security_descriptor *sd,
3647 struct ea_list *ea_list,
3649 files_struct **result,
3652 int info = FILE_WAS_OPENED;
3653 files_struct *base_fsp = NULL;
3654 files_struct *fsp = NULL;
3657 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
3658 "file_attributes = 0x%x, share_access = 0x%x, "
3659 "create_disposition = 0x%x create_options = 0x%x "
3660 "oplock_request = 0x%x private_flags = 0x%x "
3661 "ea_list = 0x%p, sd = 0x%p, "
3663 (unsigned int)access_mask,
3664 (unsigned int)file_attributes,
3665 (unsigned int)share_access,
3666 (unsigned int)create_disposition,
3667 (unsigned int)create_options,
3668 (unsigned int)oplock_request,
3669 (unsigned int)private_flags,
3670 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3672 if (create_options & FILE_OPEN_BY_FILE_ID) {
3673 status = NT_STATUS_NOT_SUPPORTED;
3677 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
3678 status = NT_STATUS_INVALID_PARAMETER;
3683 oplock_request |= INTERNAL_OPEN_ONLY;
3686 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3687 && (access_mask & DELETE_ACCESS)
3688 && !is_ntfs_stream_smb_fname(smb_fname)) {
3690 * We can't open a file with DELETE access if any of the
3691 * streams is open without FILE_SHARE_DELETE
3693 status = open_streams_for_delete(conn, smb_fname->base_name);
3695 if (!NT_STATUS_IS_OK(status)) {
3700 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3701 !security_token_has_privilege(get_current_nttok(conn),
3702 SEC_PRIV_SECURITY)) {
3703 DEBUG(10, ("create_file_unixpath: open on %s "
3704 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
3705 smb_fname_str_dbg(smb_fname)));
3706 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3710 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3711 && is_ntfs_stream_smb_fname(smb_fname)
3712 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3713 uint32 base_create_disposition;
3714 struct smb_filename *smb_fname_base = NULL;
3716 if (create_options & FILE_DIRECTORY_FILE) {
3717 status = NT_STATUS_NOT_A_DIRECTORY;
3721 switch (create_disposition) {
3723 base_create_disposition = FILE_OPEN;
3726 base_create_disposition = FILE_OPEN_IF;
3730 /* Create an smb_filename with stream_name == NULL. */
3731 smb_fname_base = synthetic_smb_fname(talloc_tos(),
3732 smb_fname->base_name,
3734 if (smb_fname_base == NULL) {
3735 status = NT_STATUS_NO_MEMORY;
3739 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3740 DEBUG(10, ("Unable to stat stream: %s\n",
3741 smb_fname_str_dbg(smb_fname_base)));
3744 /* Open the base file. */
3745 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3748 | FILE_SHARE_DELETE,
3749 base_create_disposition,
3750 0, 0, 0, 0, 0, NULL, NULL,
3752 TALLOC_FREE(smb_fname_base);
3754 if (!NT_STATUS_IS_OK(status)) {
3755 DEBUG(10, ("create_file_unixpath for base %s failed: "
3756 "%s\n", smb_fname->base_name,
3757 nt_errstr(status)));
3760 /* we don't need to low level fd */
3765 * If it's a request for a directory open, deal with it separately.
3768 if (create_options & FILE_DIRECTORY_FILE) {
3770 if (create_options & FILE_NON_DIRECTORY_FILE) {
3771 status = NT_STATUS_INVALID_PARAMETER;
3775 /* Can't open a temp directory. IFS kit test. */
3776 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3777 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3778 status = NT_STATUS_INVALID_PARAMETER;
3783 * We will get a create directory here if the Win32
3784 * app specified a security descriptor in the
3785 * CreateDirectory() call.
3789 status = open_directory(
3790 conn, req, smb_fname, access_mask, share_access,
3791 create_disposition, create_options, file_attributes,
3796 * Ordinary file case.
3799 status = file_new(req, conn, &fsp);
3800 if(!NT_STATUS_IS_OK(status)) {
3804 status = fsp_set_smb_fname(fsp, smb_fname);
3805 if (!NT_STATUS_IS_OK(status)) {
3811 * We're opening the stream element of a
3812 * base_fsp we already opened. Set up the
3815 fsp->base_fsp = base_fsp;
3818 if (allocation_size) {
3819 fsp->initial_allocation_size = smb_roundup(fsp->conn,
3823 status = open_file_ntcreate(conn,
3835 if(!NT_STATUS_IS_OK(status)) {
3836 file_free(req, fsp);
3840 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3842 /* A stream open never opens a directory */
3845 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3850 * Fail the open if it was explicitly a non-directory
3854 if (create_options & FILE_NON_DIRECTORY_FILE) {
3855 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3860 status = open_directory(
3861 conn, req, smb_fname, access_mask,
3862 share_access, create_disposition,
3863 create_options, file_attributes,
3868 if (!NT_STATUS_IS_OK(status)) {
3872 fsp->base_fsp = base_fsp;
3874 if ((ea_list != NULL) &&
3875 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3876 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3877 if (!NT_STATUS_IS_OK(status)) {
3882 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3883 status = NT_STATUS_ACCESS_DENIED;
3887 /* Save the requested allocation size. */
3888 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3890 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3891 fsp->initial_allocation_size = smb_roundup(
3892 fsp->conn, allocation_size);
3893 if (fsp->is_directory) {
3894 /* Can't set allocation size on a directory. */
3895 status = NT_STATUS_ACCESS_DENIED;
3898 if (vfs_allocate_file_space(
3899 fsp, fsp->initial_allocation_size) == -1) {
3900 status = NT_STATUS_DISK_FULL;
3904 fsp->initial_allocation_size = smb_roundup(
3905 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3908 fsp->initial_allocation_size = 0;
3911 if ((info == FILE_WAS_CREATED) && lp_nt_acl_support(SNUM(conn)) &&
3912 fsp->base_fsp == NULL) {
3915 * According to the MS documentation, the only time the security
3916 * descriptor is applied to the opened file is iff we *created* the
3917 * file; an existing file stays the same.
3919 * Also, it seems (from observation) that you can open the file with
3920 * any access mask but you can still write the sd. We need to override
3921 * the granted access before we call set_sd
3922 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3925 uint32_t sec_info_sent;
3926 uint32_t saved_access_mask = fsp->access_mask;
3928 sec_info_sent = get_sec_info(sd);
3930 fsp->access_mask = FILE_GENERIC_ALL;
3932 if (sec_info_sent & (SECINFO_OWNER|
3936 status = set_sd(fsp, sd, sec_info_sent);
3939 fsp->access_mask = saved_access_mask;
3941 if (!NT_STATUS_IS_OK(status)) {
3944 } else if (lp_inherit_acls(SNUM(conn))) {
3945 /* Inherit from parent. Errors here are not fatal. */
3946 status = inherit_new_acl(fsp);
3947 if (!NT_STATUS_IS_OK(status)) {
3948 DEBUG(10,("inherit_new_acl: failed for %s with %s\n",
3950 nt_errstr(status) ));
3955 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3958 if (pinfo != NULL) {
3962 smb_fname->st = fsp->fsp_name->st;
3964 return NT_STATUS_OK;
3967 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3970 if (base_fsp && fsp->base_fsp == base_fsp) {
3972 * The close_file below will close
3977 close_file(req, fsp, ERROR_CLOSE);
3980 if (base_fsp != NULL) {
3981 close_file(req, base_fsp, ERROR_CLOSE);
3988 * Calculate the full path name given a relative fid.
3990 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3991 struct smb_request *req,
3992 uint16_t root_dir_fid,
3993 const struct smb_filename *smb_fname,
3994 struct smb_filename **smb_fname_out)
3996 files_struct *dir_fsp;
3997 char *parent_fname = NULL;
3998 char *new_base_name = NULL;
4001 if (root_dir_fid == 0 || !smb_fname) {
4002 status = NT_STATUS_INTERNAL_ERROR;
4006 dir_fsp = file_fsp(req, root_dir_fid);
4008 if (dir_fsp == NULL) {
4009 status = NT_STATUS_INVALID_HANDLE;
4013 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
4014 status = NT_STATUS_INVALID_HANDLE;
4018 if (!dir_fsp->is_directory) {
4021 * Check to see if this is a mac fork of some kind.
4024 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
4025 is_ntfs_stream_smb_fname(smb_fname)) {
4026 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
4031 we need to handle the case when we get a
4032 relative open relative to a file and the
4033 pathname is blank - this is a reopen!
4034 (hint from demyn plantenberg)
4037 status = NT_STATUS_INVALID_HANDLE;
4041 if (ISDOT(dir_fsp->fsp_name->base_name)) {
4043 * We're at the toplevel dir, the final file name
4044 * must not contain ./, as this is filtered out
4045 * normally by srvstr_get_path and unix_convert
4046 * explicitly rejects paths containing ./.
4048 parent_fname = talloc_strdup(talloc_tos(), "");
4049 if (parent_fname == NULL) {
4050 status = NT_STATUS_NO_MEMORY;
4054 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
4057 * Copy in the base directory name.
4060 parent_fname = talloc_array(talloc_tos(), char,
4062 if (parent_fname == NULL) {
4063 status = NT_STATUS_NO_MEMORY;
4066 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
4070 * Ensure it ends in a '/'.
4071 * We used TALLOC_SIZE +2 to add space for the '/'.
4075 && (parent_fname[dir_name_len-1] != '\\')
4076 && (parent_fname[dir_name_len-1] != '/')) {
4077 parent_fname[dir_name_len] = '/';
4078 parent_fname[dir_name_len+1] = '\0';
4082 new_base_name = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
4083 smb_fname->base_name);
4084 if (new_base_name == NULL) {
4085 status = NT_STATUS_NO_MEMORY;
4089 status = filename_convert(req,
4091 req->flags2 & FLAGS2_DFS_PATHNAMES,
4096 if (!NT_STATUS_IS_OK(status)) {
4101 TALLOC_FREE(parent_fname);
4102 TALLOC_FREE(new_base_name);
4106 NTSTATUS create_file_default(connection_struct *conn,
4107 struct smb_request *req,
4108 uint16_t root_dir_fid,
4109 struct smb_filename *smb_fname,
4110 uint32_t access_mask,
4111 uint32_t share_access,
4112 uint32_t create_disposition,
4113 uint32_t create_options,
4114 uint32_t file_attributes,
4115 uint32_t oplock_request,
4116 uint64_t allocation_size,
4117 uint32_t private_flags,
4118 struct security_descriptor *sd,
4119 struct ea_list *ea_list,
4120 files_struct **result,
4123 int info = FILE_WAS_OPENED;
4124 files_struct *fsp = NULL;
4126 bool stream_name = false;
4128 DEBUG(10,("create_file: access_mask = 0x%x "
4129 "file_attributes = 0x%x, share_access = 0x%x, "
4130 "create_disposition = 0x%x create_options = 0x%x "
4131 "oplock_request = 0x%x "
4132 "private_flags = 0x%x "
4133 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
4135 (unsigned int)access_mask,
4136 (unsigned int)file_attributes,
4137 (unsigned int)share_access,
4138 (unsigned int)create_disposition,
4139 (unsigned int)create_options,
4140 (unsigned int)oplock_request,
4141 (unsigned int)private_flags,
4142 (unsigned int)root_dir_fid,
4143 ea_list, sd, smb_fname_str_dbg(smb_fname)));
4146 * Calculate the filename from the root_dir_if if necessary.
4149 if (root_dir_fid != 0) {
4150 struct smb_filename *smb_fname_out = NULL;
4151 status = get_relative_fid_filename(conn, req, root_dir_fid,
4152 smb_fname, &smb_fname_out);
4153 if (!NT_STATUS_IS_OK(status)) {
4156 smb_fname = smb_fname_out;
4160 * Check to see if this is a mac fork of some kind.
4163 stream_name = is_ntfs_stream_smb_fname(smb_fname);
4165 enum FAKE_FILE_TYPE fake_file_type;
4167 fake_file_type = is_fake_file(smb_fname);
4169 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
4172 * Here we go! support for changing the disk quotas
4175 * We need to fake up to open this MAGIC QUOTA file
4176 * and return a valid FID.
4178 * w2k close this file directly after openening xp
4179 * also tries a QUERY_FILE_INFO on the file and then
4182 status = open_fake_file(req, conn, req->vuid,
4183 fake_file_type, smb_fname,
4185 if (!NT_STATUS_IS_OK(status)) {
4189 ZERO_STRUCT(smb_fname->st);
4193 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
4194 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4199 if (is_ntfs_default_stream_smb_fname(smb_fname)) {
4201 smb_fname->stream_name = NULL;
4202 /* We have to handle this error here. */
4203 if (create_options & FILE_DIRECTORY_FILE) {
4204 status = NT_STATUS_NOT_A_DIRECTORY;
4207 if (lp_posix_pathnames()) {
4208 ret = SMB_VFS_LSTAT(conn, smb_fname);
4210 ret = SMB_VFS_STAT(conn, smb_fname);
4213 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
4214 status = NT_STATUS_FILE_IS_A_DIRECTORY;
4219 status = create_file_unixpath(
4220 conn, req, smb_fname, access_mask, share_access,
4221 create_disposition, create_options, file_attributes,
4222 oplock_request, allocation_size, private_flags,
4226 if (!NT_STATUS_IS_OK(status)) {
4231 DEBUG(10, ("create_file: info=%d\n", info));
4234 if (pinfo != NULL) {
4237 return NT_STATUS_OK;
4240 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
4243 close_file(req, fsp, ERROR_CLOSE);