2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 void change_owner_to_parent(connection_struct *conn,
90 SMB_STRUCT_STAT *psbuf)
92 const char *parent_path = parent_dirname(fname);
93 SMB_STRUCT_STAT parent_st;
96 ret = SMB_VFS_STAT(conn, parent_path, &parent_st);
98 DEBUG(0,("change_owner_to_parent: failed to stat parent "
99 "directory %s. Error was %s\n",
100 parent_path, strerror(errno) ));
104 if (fsp && fsp->fh->fd != -1) {
106 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
109 DEBUG(0,("change_owner_to_parent: failed to fchown "
110 "file %s to parent directory uid %u. Error "
112 (unsigned int)parent_st.st_uid,
116 DEBUG(10,("change_owner_to_parent: changed new file %s to "
117 "parent directory uid %u.\n", fname,
118 (unsigned int)parent_st.st_uid ));
121 /* We've already done an lstat into psbuf, and we know it's a
122 directory. If we can cd into the directory and the dev/ino
123 are the same then we can safely chown without races as
124 we're locking the directory in place by being in it. This
125 should work on any UNIX (thanks tridge :-). JRA.
129 SMB_STRUCT_STAT sbuf;
131 if (!vfs_GetWd(conn,saved_dir)) {
132 DEBUG(0,("change_owner_to_parent: failed to get "
133 "current working directory\n"));
137 /* Chdir into the new path. */
138 if (vfs_ChDir(conn, fname) == -1) {
139 DEBUG(0,("change_owner_to_parent: failed to change "
140 "current working directory to %s. Error "
141 "was %s\n", fname, strerror(errno) ));
145 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
146 DEBUG(0,("change_owner_to_parent: failed to stat "
147 "directory '.' (%s) Error was %s\n",
148 fname, strerror(errno)));
152 /* Ensure we're pointing at the same place. */
153 if (sbuf.st_dev != psbuf->st_dev ||
154 sbuf.st_ino != psbuf->st_ino ||
155 sbuf.st_mode != psbuf->st_mode ) {
156 DEBUG(0,("change_owner_to_parent: "
157 "device/inode/mode on directory %s changed. "
158 "Refusing to chown !\n", fname ));
163 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
166 DEBUG(10,("change_owner_to_parent: failed to chown "
167 "directory %s to parent directory uid %u. "
168 "Error was %s\n", fname,
169 (unsigned int)parent_st.st_uid, strerror(errno) ));
173 DEBUG(10,("change_owner_to_parent: changed ownership of new "
174 "directory %s to parent directory uid %u.\n",
175 fname, (unsigned int)parent_st.st_uid ));
179 vfs_ChDir(conn,saved_dir);
183 /****************************************************************************
185 ****************************************************************************/
187 static NTSTATUS open_file(files_struct *fsp,
188 connection_struct *conn,
190 SMB_STRUCT_STAT *psbuf,
193 uint32 access_mask, /* client requested access mask. */
194 uint32 open_access_mask) /* what we're actually using in the open. */
196 int accmode = (flags & O_ACCMODE);
197 int local_flags = flags;
198 BOOL file_existed = VALID_STAT(*psbuf);
203 /* Check permissions */
206 * This code was changed after seeing a client open request
207 * containing the open mode of (DENY_WRITE/read-only) with
208 * the 'create if not exist' bit set. The previous code
209 * would fail to open the file read only on a read-only share
210 * as it was checking the flags parameter directly against O_RDONLY,
211 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
215 if (!CAN_WRITE(conn)) {
216 /* It's a read-only share - fail if we wanted to write. */
217 if(accmode != O_RDONLY) {
218 DEBUG(3,("Permission denied opening %s\n",fname));
219 return NT_STATUS_ACCESS_DENIED;
220 } else if(flags & O_CREAT) {
221 /* We don't want to write - but we must make sure that
222 O_CREAT doesn't create the file if we have write
223 access into the directory.
226 local_flags &= ~O_CREAT;
231 * This little piece of insanity is inspired by the
232 * fact that an NT client can open a file for O_RDONLY,
233 * but set the create disposition to FILE_EXISTS_TRUNCATE.
234 * If the client *can* write to the file, then it expects to
235 * truncate the file, even though it is opening for readonly.
236 * Quicken uses this stupid trick in backup file creation...
237 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
238 * for helping track this one down. It didn't bite us in 2.0.x
239 * as we always opened files read-write in that release. JRA.
242 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
243 DEBUG(10,("open_file: truncate requested on read-only open "
244 "for file %s\n",fname ));
245 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
248 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
249 (!file_existed && (local_flags & O_CREAT)) ||
250 ((local_flags & O_TRUNC) == O_TRUNC) ) {
253 * We can't actually truncate here as the file may be locked.
254 * open_file_ntcreate will take care of the truncate later. JRA.
257 local_flags &= ~O_TRUNC;
259 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
261 * We would block on opening a FIFO with no one else on the
262 * other end. Do what we used to do and add O_NONBLOCK to the
266 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
267 local_flags |= O_NONBLOCK;
271 /* Don't create files with Microsoft wildcard characters. */
272 if ((local_flags & O_CREAT) && !file_existed &&
273 ms_has_wild(fname)) {
274 return NT_STATUS_OBJECT_NAME_INVALID;
277 /* Actually do the open */
278 if (!fd_open(conn, fname, fsp, local_flags, unx_mode)) {
279 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
281 fname,strerror(errno),local_flags,flags));
282 return map_nt_error_from_unix(errno);
285 /* Inherit the ACL if the file was created. */
286 if ((local_flags & O_CREAT) && !file_existed) {
287 inherit_access_acl(conn, fname, unx_mode);
291 fsp->fh->fd = -1; /* What we used to call a stat open. */
297 if (fsp->fh->fd == -1) {
298 ret = SMB_VFS_STAT(conn, fname, psbuf);
300 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
301 /* If we have an fd, this stat should succeed. */
303 DEBUG(0,("Error doing fstat on open file %s "
304 "(%s)\n", fname,strerror(errno) ));
308 /* For a non-io open, this stat failing means file not found. JRA */
310 NTSTATUS status = map_nt_error_from_unix(errno);
317 * POSIX allows read-only opens of directories. We don't
318 * want to do this (we use a different code path for this)
319 * so catch a directory open and return an EISDIR. JRA.
322 if(S_ISDIR(psbuf->st_mode)) {
325 return NT_STATUS_FILE_IS_A_DIRECTORY;
328 fsp->mode = psbuf->st_mode;
329 fsp->inode = psbuf->st_ino;
330 fsp->dev = psbuf->st_dev;
331 fsp->vuid = current_user.vuid;
332 fsp->file_pid = global_smbpid;
333 fsp->can_lock = True;
334 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
335 if (!CAN_WRITE(conn)) {
336 fsp->can_write = False;
338 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
341 fsp->print_file = False;
342 fsp->modified = False;
343 fsp->sent_oplock_break = NO_BREAK_SENT;
344 fsp->is_directory = False;
345 fsp->is_stat = False;
346 if (conn->aio_write_behind_list &&
347 is_in_path(fname, conn->aio_write_behind_list, conn->case_sensitive)) {
348 fsp->aio_write_behind = True;
351 string_set(&fsp->fsp_name,fname);
352 fsp->wcp = NULL; /* Write cache pointer. */
354 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
355 *current_user_info.smb_name ?
356 current_user_info.smb_name : conn->user,fsp->fsp_name,
357 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
358 conn->num_files_open + 1));
364 /*******************************************************************
365 Return True if the filename is one of the special executable types.
366 ********************************************************************/
368 static BOOL is_executable(const char *fname)
370 if ((fname = strrchr_m(fname,'.'))) {
371 if (strequal(fname,".com") ||
372 strequal(fname,".dll") ||
373 strequal(fname,".exe") ||
374 strequal(fname,".sym")) {
381 /****************************************************************************
382 Check if we can open a file with a share mode.
383 Returns True if conflict, False if not.
384 ****************************************************************************/
386 static BOOL share_conflict(struct share_mode_entry *entry,
390 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
391 "entry->share_access = 0x%x, "
392 "entry->private_options = 0x%x\n",
393 (unsigned int)entry->access_mask,
394 (unsigned int)entry->share_access,
395 (unsigned int)entry->private_options));
397 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
398 (unsigned int)access_mask, (unsigned int)share_access));
400 if ((entry->access_mask & (FILE_WRITE_DATA|
404 DELETE_ACCESS)) == 0) {
405 DEBUG(10,("share_conflict: No conflict due to "
406 "entry->access_mask = 0x%x\n",
407 (unsigned int)entry->access_mask ));
411 if ((access_mask & (FILE_WRITE_DATA|
415 DELETE_ACCESS)) == 0) {
416 DEBUG(10,("share_conflict: No conflict due to "
417 "access_mask = 0x%x\n",
418 (unsigned int)access_mask ));
422 #if 1 /* JRA TEST - Superdebug. */
423 #define CHECK_MASK(num, am, right, sa, share) \
424 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
425 (unsigned int)(num), (unsigned int)(am), \
426 (unsigned int)(right), (unsigned int)(am)&(right) )); \
427 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
428 (unsigned int)(num), (unsigned int)(sa), \
429 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
430 if (((am) & (right)) && !((sa) & (share))) { \
431 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
432 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
433 (unsigned int)(share) )); \
437 #define CHECK_MASK(num, am, right, sa, share) \
438 if (((am) & (right)) && !((sa) & (share))) { \
439 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
440 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
441 (unsigned int)(share) )); \
446 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
447 share_access, FILE_SHARE_WRITE);
448 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
449 entry->share_access, FILE_SHARE_WRITE);
451 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
452 share_access, FILE_SHARE_READ);
453 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
454 entry->share_access, FILE_SHARE_READ);
456 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
457 share_access, FILE_SHARE_DELETE);
458 CHECK_MASK(6, access_mask, DELETE_ACCESS,
459 entry->share_access, FILE_SHARE_DELETE);
461 DEBUG(10,("share_conflict: No conflict.\n"));
465 #if defined(DEVELOPER)
466 static void validate_my_share_entries(int num,
467 struct share_mode_entry *share_entry)
471 if (!procid_is_me(&share_entry->pid)) {
475 if (is_deferred_open_entry(share_entry) &&
476 !open_was_deferred(share_entry->op_mid)) {
478 pstr_sprintf(str, "Got a deferred entry without a request: "
479 "PANIC: %s\n", share_mode_str(num, share_entry));
483 if (!is_valid_share_mode_entry(share_entry)) {
487 fsp = file_find_dif(share_entry->dev, share_entry->inode,
488 share_entry->share_file_id);
490 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
491 share_mode_str(num, share_entry) ));
492 smb_panic("validate_my_share_entries: Cannot match a "
493 "share entry with an open file\n");
496 if (is_deferred_open_entry(share_entry) ||
497 is_unused_share_mode_entry(share_entry)) {
501 if ((share_entry->op_type == NO_OPLOCK) &&
502 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
503 /* Someone has already written to it, but I haven't yet
508 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
517 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
518 share_mode_str(num, share_entry) ));
519 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
520 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
521 fsp->fsp_name, (unsigned int)fsp->oplock_type,
522 (unsigned int)share_entry->op_type );
528 static BOOL is_stat_open(uint32 access_mask)
530 return (access_mask &&
531 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
532 FILE_WRITE_ATTRIBUTES))==0) &&
533 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
534 FILE_WRITE_ATTRIBUTES)) != 0));
537 /****************************************************************************
538 Deal with share modes
539 Invarient: Share mode must be locked on entry and exit.
540 Returns -1 on error, or number of share modes on success (may be zero).
541 ****************************************************************************/
543 static NTSTATUS open_mode_check(connection_struct *conn,
545 struct share_mode_lock *lck,
548 uint32 create_options,
553 if(lck->num_share_modes == 0) {
557 *file_existed = True;
559 if (is_stat_open(access_mask)) {
560 /* Stat open that doesn't trigger oplock breaks or share mode
561 * checks... ! JRA. */
565 /* A delete on close prohibits everything */
567 if (lck->delete_on_close) {
568 return NT_STATUS_DELETE_PENDING;
572 * Check if the share modes will give us access.
575 #if defined(DEVELOPER)
576 for(i = 0; i < lck->num_share_modes; i++) {
577 validate_my_share_entries(i, &lck->share_modes[i]);
581 if (!lp_share_modes(SNUM(conn))) {
585 /* Now we check the share modes, after any oplock breaks. */
586 for(i = 0; i < lck->num_share_modes; i++) {
588 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
592 /* someone else has a share lock on it, check to see if we can
594 if (share_conflict(&lck->share_modes[i],
595 access_mask, share_access)) {
596 return NT_STATUS_SHARING_VIOLATION;
603 static BOOL is_delete_request(files_struct *fsp) {
604 return ((fsp->access_mask == DELETE_ACCESS) &&
605 (fsp->oplock_type == NO_OPLOCK));
609 * 1) No files open at all or internal open: Grant whatever the client wants.
611 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
612 * request, break if the oplock around is a batch oplock. If it's another
613 * requested access type, break.
615 * 3) Only level2 around: Grant level2 and do nothing else.
618 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
624 struct share_mode_entry *exclusive = NULL;
625 BOOL valid_entry = False;
626 BOOL delay_it = False;
627 BOOL have_level2 = False;
629 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
631 if (oplock_request & INTERNAL_OPEN_ONLY) {
632 fsp->oplock_type = NO_OPLOCK;
635 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
639 for (i=0; i<lck->num_share_modes; i++) {
641 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
645 /* At least one entry is not an invalid or deferred entry. */
648 if (pass_number == 1) {
649 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
650 SMB_ASSERT(exclusive == NULL);
651 exclusive = &lck->share_modes[i];
654 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
655 SMB_ASSERT(exclusive == NULL);
656 exclusive = &lck->share_modes[i];
660 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
661 SMB_ASSERT(exclusive == NULL);
667 /* All entries are placeholders or deferred.
668 * Directly grant whatever the client wants. */
669 if (fsp->oplock_type == NO_OPLOCK) {
670 /* Store a level2 oplock, but don't tell the client */
671 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
676 if (exclusive != NULL) { /* Found an exclusive oplock */
677 SMB_ASSERT(!have_level2);
678 delay_it = is_delete_request(fsp) ?
679 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
682 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
683 /* We can at most grant level2 as there are other
684 * level2 or NO_OPLOCK entries. */
685 fsp->oplock_type = LEVEL_II_OPLOCK;
688 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
689 /* Store a level2 oplock, but don't tell the client */
690 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
698 * Send a break message to the oplock holder and delay the open for
702 DEBUG(10, ("Sending break request to PID %s\n",
703 procid_str_static(&exclusive->pid)));
704 exclusive->op_mid = get_current_mid();
706 /* Create the message. */
707 share_mode_entry_to_message(msg, exclusive);
709 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
710 don't want this set in the share mode struct pointed to by lck. */
712 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
713 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
716 ret = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
717 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
719 DEBUG(3, ("Could not send oplock break message\n"));
725 static BOOL request_timed_out(struct timeval request_time,
726 struct timeval timeout)
728 struct timeval now, end_time;
730 end_time = timeval_sum(&request_time, &timeout);
731 return (timeval_compare(&end_time, &now) < 0);
734 /****************************************************************************
735 Handle the 1 second delay in returning a SHARING_VIOLATION error.
736 ****************************************************************************/
738 static void defer_open(struct share_mode_lock *lck,
739 struct timeval request_time,
740 struct timeval timeout,
741 struct deferred_open_record *state)
743 uint16 mid = get_current_mid();
748 for (i=0; i<lck->num_share_modes; i++) {
749 struct share_mode_entry *e = &lck->share_modes[i];
751 if (!is_deferred_open_entry(e)) {
755 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
756 DEBUG(0, ("Trying to defer an already deferred "
757 "request: mid=%d, exiting\n", mid));
758 exit_server("attempt to defer a deferred request");
762 /* End paranoia check */
764 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
765 "open entry for mid %u\n",
766 (unsigned int)request_time.tv_sec,
767 (unsigned int)request_time.tv_usec,
770 if (!push_deferred_smb_message(mid, request_time, timeout,
771 (char *)state, sizeof(*state))) {
772 exit_server("push_deferred_smb_message failed");
774 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
777 * Push the MID of this packet on the signing queue.
778 * We only do this once, the first time we push the packet
779 * onto the deferred open queue, as this has a side effect
780 * of incrementing the response sequence number.
783 srv_defer_sign_response(mid);
787 /****************************************************************************
788 On overwrite open ensure that the attributes match.
789 ****************************************************************************/
791 static BOOL open_match_attributes(connection_struct *conn,
795 mode_t existing_unx_mode,
797 mode_t *returned_unx_mode)
799 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
801 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
802 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
804 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
805 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
806 *returned_unx_mode = new_unx_mode;
808 *returned_unx_mode = (mode_t)0;
811 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
812 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
813 "returned_unx_mode = 0%o\n",
815 (unsigned int)old_dos_attr,
816 (unsigned int)existing_unx_mode,
817 (unsigned int)new_dos_attr,
818 (unsigned int)*returned_unx_mode ));
820 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
821 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
822 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
823 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
827 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
828 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
829 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
836 /****************************************************************************
837 Special FCB or DOS processing in the case of a sharing violation.
838 Try and find a duplicated file handle.
839 ****************************************************************************/
841 static files_struct *fcb_or_dos_open(connection_struct *conn,
842 const char *fname, SMB_DEV_T dev,
846 uint32 create_options)
849 files_struct *dup_fsp;
851 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
852 "file %s.\n", fname ));
854 for(fsp = file_find_di_first(dev, inode); fsp;
855 fsp = file_find_di_next(fsp)) {
857 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
858 "vuid = %u, file_pid = %u, private_options = 0x%x "
859 "access_mask = 0x%x\n", fsp->fsp_name,
860 fsp->fh->fd, (unsigned int)fsp->vuid,
861 (unsigned int)fsp->file_pid,
862 (unsigned int)fsp->fh->private_options,
863 (unsigned int)fsp->access_mask ));
865 if (fsp->fh->fd != -1 &&
866 fsp->vuid == current_user.vuid &&
867 fsp->file_pid == global_smbpid &&
868 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
869 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
870 (fsp->access_mask & FILE_WRITE_DATA) &&
871 strequal(fsp->fsp_name, fname)) {
872 DEBUG(10,("fcb_or_dos_open: file match\n"));
881 /* quite an insane set of semantics ... */
882 if (is_executable(fname) &&
883 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
884 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
888 /* We need to duplicate this fsp. */
889 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
890 create_options, &dup_fsp))) {
897 /****************************************************************************
898 Open a file with a share mode - old openX method - map into NTCreate.
899 ****************************************************************************/
901 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
902 uint32 *paccess_mask,
904 uint32 *pcreate_disposition,
905 uint32 *pcreate_options)
909 uint32 create_disposition;
910 uint32 create_options = 0;
912 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
913 "open_func = 0x%x\n",
914 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
916 /* Create the NT compatible access_mask. */
917 switch (GET_OPENX_MODE(deny_mode)) {
918 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
919 case DOS_OPEN_RDONLY:
920 access_mask = FILE_GENERIC_READ;
922 case DOS_OPEN_WRONLY:
923 access_mask = FILE_GENERIC_WRITE;
927 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
930 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
931 (unsigned int)GET_OPENX_MODE(deny_mode)));
935 /* Create the NT compatible create_disposition. */
937 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
938 create_disposition = FILE_CREATE;
941 case OPENX_FILE_EXISTS_OPEN:
942 create_disposition = FILE_OPEN;
945 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
946 create_disposition = FILE_OPEN_IF;
949 case OPENX_FILE_EXISTS_TRUNCATE:
950 create_disposition = FILE_OVERWRITE;
953 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
954 create_disposition = FILE_OVERWRITE_IF;
958 /* From samba4 - to be confirmed. */
959 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
960 create_disposition = FILE_CREATE;
963 DEBUG(10,("map_open_params_to_ntcreate: bad "
964 "open_func 0x%x\n", (unsigned int)open_func));
968 /* Create the NT compatible share modes. */
969 switch (GET_DENY_MODE(deny_mode)) {
971 share_mode = FILE_SHARE_NONE;
975 share_mode = FILE_SHARE_READ;
979 share_mode = FILE_SHARE_WRITE;
983 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
987 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
988 if (is_executable(fname)) {
989 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
991 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
992 share_mode = FILE_SHARE_READ;
994 share_mode = FILE_SHARE_NONE;
1000 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1001 share_mode = FILE_SHARE_NONE;
1005 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1006 (unsigned int)GET_DENY_MODE(deny_mode) ));
1010 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1011 "share_mode = 0x%x, create_disposition = 0x%x, "
1012 "create_options = 0x%x\n",
1014 (unsigned int)access_mask,
1015 (unsigned int)share_mode,
1016 (unsigned int)create_disposition,
1017 (unsigned int)create_options ));
1020 *paccess_mask = access_mask;
1023 *pshare_mode = share_mode;
1025 if (pcreate_disposition) {
1026 *pcreate_disposition = create_disposition;
1028 if (pcreate_options) {
1029 *pcreate_options = create_options;
1036 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1038 struct deferred_open_record state;
1040 /* This is a relative time, added to the absolute
1041 request_time value to get the absolute timeout time.
1042 Note that if this is the second or greater time we enter
1043 this codepath for this particular request mid then
1044 request_time is left as the absolute time of the *first*
1045 time this request mid was processed. This is what allows
1046 the request to eventually time out. */
1048 struct timeval timeout;
1050 /* Normally the smbd we asked should respond within
1051 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1052 * the client did, give twice the timeout as a safety
1053 * measure here in case the other smbd is stuck
1054 * somewhere else. */
1056 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1058 /* Nothing actually uses state.delayed_for_oplocks
1059 but it's handy to differentiate in debug messages
1060 between a 30 second delay due to oplock break, and
1061 a 1 second delay for share mode conflicts. */
1063 state.delayed_for_oplocks = True;
1064 state.dev = lck->dev;
1065 state.inode = lck->ino;
1067 if (!request_timed_out(request_time, timeout)) {
1068 defer_open(lck, request_time, timeout, &state);
1072 /****************************************************************************
1073 Open a file with a share mode.
1074 ****************************************************************************/
1076 NTSTATUS open_file_ntcreate(connection_struct *conn,
1078 SMB_STRUCT_STAT *psbuf,
1079 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1080 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1081 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1082 uint32 create_options, /* options such as delete on close. */
1083 uint32 new_dos_attributes, /* attributes used for new file. */
1084 int oplock_request, /* internal Samba oplock codes. */
1085 /* Information (FILE_EXISTS etc.) */
1087 files_struct **result)
1091 BOOL file_existed = VALID_STAT(*psbuf);
1092 BOOL def_acl = False;
1094 SMB_INO_T inode = 0;
1095 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1096 files_struct *fsp = NULL;
1097 mode_t new_unx_mode = (mode_t)0;
1098 mode_t unx_mode = (mode_t)0;
1100 uint32 existing_dos_attributes = 0;
1101 struct pending_message_list *pml = NULL;
1102 uint16 mid = get_current_mid();
1103 struct timeval request_time = timeval_zero();
1104 struct share_mode_lock *lck = NULL;
1105 uint32 open_access_mask = access_mask;
1109 if (conn->printer) {
1111 * Printers are handled completely differently.
1112 * Most of the passed parameters are ignored.
1116 *pinfo = FILE_WAS_CREATED;
1119 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1121 return print_fsp_open(conn, fname, result);
1124 /* We add aARCH to this as this mode is only used if the file is
1126 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,fname, True);
1128 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1129 "access_mask=0x%x share_access=0x%x "
1130 "create_disposition = 0x%x create_options=0x%x "
1131 "unix mode=0%o oplock_request=%d\n",
1132 fname, new_dos_attributes, access_mask, share_access,
1133 create_disposition, create_options, unx_mode,
1136 if ((pml = get_open_deferred_message(mid)) != NULL) {
1137 struct deferred_open_record *state =
1138 (struct deferred_open_record *)pml->private_data.data;
1140 /* Remember the absolute time of the original
1141 request with this mid. We'll use it later to
1142 see if this has timed out. */
1144 request_time = pml->request_time;
1146 /* Remove the deferred open entry under lock. */
1147 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1149 DEBUG(0, ("could not get share mode lock\n"));
1151 del_deferred_open_entry(lck, mid);
1155 /* Ensure we don't reprocess this message. */
1156 remove_deferred_open_smb_message(mid);
1159 if (!check_name(fname,conn)) {
1160 return map_nt_error_from_unix(errno);
1163 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1165 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1168 /* ignore any oplock requests if oplocks are disabled */
1169 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1170 IS_VETO_OPLOCK_PATH(conn, fname)) {
1171 /* Mask off everything except the private Samba bits. */
1172 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1175 /* this is for OS/2 long file names - say we don't support them */
1176 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1177 /* OS/2 Workplace shell fix may be main code stream in a later
1179 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1181 if (use_nt_status()) {
1182 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1184 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1187 switch( create_disposition ) {
1189 * Currently we're using FILE_SUPERSEDE as the same as
1190 * FILE_OVERWRITE_IF but they really are
1191 * different. FILE_SUPERSEDE deletes an existing file
1192 * (requiring delete access) then recreates it.
1194 case FILE_SUPERSEDE:
1195 /* If file exists replace/overwrite. If file doesn't
1197 flags2 |= (O_CREAT | O_TRUNC);
1200 case FILE_OVERWRITE_IF:
1201 /* If file exists replace/overwrite. If file doesn't
1203 flags2 |= (O_CREAT | O_TRUNC);
1207 /* If file exists open. If file doesn't exist error. */
1208 if (!file_existed) {
1209 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1210 "requested for file %s and file "
1211 "doesn't exist.\n", fname ));
1213 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1217 case FILE_OVERWRITE:
1218 /* If file exists overwrite. If file doesn't exist
1220 if (!file_existed) {
1221 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1222 "requested for file %s and file "
1223 "doesn't exist.\n", fname ));
1225 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1231 /* If file exists error. If file doesn't exist
1234 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1235 "requested for file %s and file "
1236 "already exists.\n", fname ));
1237 if (S_ISDIR(psbuf->st_mode)) {
1242 return map_nt_error_from_unix(errno);
1244 flags2 |= (O_CREAT|O_EXCL);
1248 /* If file exists open. If file doesn't exist
1254 return NT_STATUS_INVALID_PARAMETER;
1257 /* We only care about matching attributes on file exists and
1260 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1261 (create_disposition == FILE_OVERWRITE_IF))) {
1262 if (!open_match_attributes(conn, fname,
1263 existing_dos_attributes,
1264 new_dos_attributes, psbuf->st_mode,
1265 unx_mode, &new_unx_mode)) {
1266 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1267 "for file %s (%x %x) (0%o, 0%o)\n",
1268 fname, existing_dos_attributes,
1270 (unsigned int)psbuf->st_mode,
1271 (unsigned int)unx_mode ));
1273 return NT_STATUS_ACCESS_DENIED;
1277 /* This is a nasty hack - must fix... JRA. */
1278 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1279 open_access_mask = access_mask = FILE_GENERIC_ALL;
1283 * Convert GENERIC bits to specific bits.
1286 se_map_generic(&access_mask, &file_generic_mapping);
1287 open_access_mask = access_mask;
1289 if (flags2 & O_TRUNC) {
1290 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1293 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1294 "access_mask=0x%x\n", fname, access_mask ));
1297 * Note that we ignore the append flag as append does not
1298 * mean the same thing under DOS and Unix.
1301 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1302 /* DENY_DOS opens are always underlying read-write on the
1303 file handle, no matter what the requested access mask
1305 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1306 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1316 * Currently we only look at FILE_WRITE_THROUGH for create options.
1320 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1325 if (!CAN_WRITE(conn)) {
1327 * We should really return a permission denied error if either
1328 * O_CREAT or O_TRUNC are set, but for compatibility with
1329 * older versions of Samba we just AND them out.
1331 flags2 &= ~(O_CREAT|O_TRUNC);
1335 * Ensure we can't write on a read-only share or file.
1338 if (flags != O_RDONLY && file_existed &&
1339 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1340 DEBUG(5,("open_file_ntcreate: write access requested for "
1341 "file %s on read only %s\n",
1342 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1344 return NT_STATUS_ACCESS_DENIED;
1347 status = file_new(conn, &fsp);
1348 if(!NT_STATUS_IS_OK(status)) {
1352 fsp->dev = psbuf->st_dev;
1353 fsp->inode = psbuf->st_ino;
1354 fsp->share_access = share_access;
1355 fsp->fh->private_options = create_options;
1356 fsp->access_mask = open_access_mask; /* We change this to the
1357 * requested access_mask after
1358 * the open is done. */
1359 /* Ensure no SAMBA_PRIVATE bits can be set. */
1360 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1362 if (timeval_is_zero(&request_time)) {
1363 request_time = fsp->open_time;
1367 dev = psbuf->st_dev;
1368 inode = psbuf->st_ino;
1370 lck = get_share_mode_lock(NULL, dev, inode,
1376 DEBUG(0, ("Could not get share mode lock\n"));
1377 return NT_STATUS_SHARING_VIOLATION;
1380 /* First pass - send break only on batch oplocks. */
1381 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1382 schedule_defer_open(lck, request_time);
1385 return NT_STATUS_SHARING_VIOLATION;
1388 /* Use the client requested access mask here, not the one we
1390 status = open_mode_check(conn, fname, lck,
1391 access_mask, share_access,
1392 create_options, &file_existed);
1394 if (NT_STATUS_IS_OK(status)) {
1395 /* We might be going to allow this open. Check oplock
1397 /* Second pass - send break for both batch or
1398 * exclusive oplocks. */
1399 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1400 schedule_defer_open(lck, request_time);
1403 return NT_STATUS_SHARING_VIOLATION;
1407 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1408 /* DELETE_PENDING is not deferred for a second */
1414 if (!NT_STATUS_IS_OK(status)) {
1415 uint32 can_access_mask;
1416 BOOL can_access = True;
1418 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1420 /* Check if this can be done with the deny_dos and fcb
1422 if (create_options &
1423 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1424 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1425 files_struct *fsp_dup;
1427 /* Use the client requested access mask here,
1428 * not the one we open with. */
1429 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1438 *pinfo = FILE_WAS_OPENED;
1440 conn->num_files_open++;
1442 return NT_STATUS_OK;
1447 * This next line is a subtlety we need for
1448 * MS-Access. If a file open will fail due to share
1449 * permissions and also for security (access) reasons,
1450 * we need to return the access failed error, not the
1451 * share error. We can't open the file due to kernel
1452 * oplock deadlock (it's possible we failed above on
1453 * the open_mode_check()) so use a userspace check.
1456 if (flags & O_RDWR) {
1457 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1458 } else if (flags & O_WRONLY) {
1459 can_access_mask = FILE_WRITE_DATA;
1461 can_access_mask = FILE_READ_DATA;
1464 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1465 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1470 * If we're returning a share violation, ensure we
1471 * cope with the braindead 1 second delay.
1474 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1475 lp_defer_sharing_violations()) {
1476 struct timeval timeout;
1477 struct deferred_open_record state;
1480 /* this is a hack to speed up torture tests
1482 timeout_usecs = lp_parm_int(SNUM(conn),
1483 "smbd","sharedelay",
1484 SHARING_VIOLATION_USEC_WAIT);
1486 /* This is a relative time, added to the absolute
1487 request_time value to get the absolute timeout time.
1488 Note that if this is the second or greater time we enter
1489 this codepath for this particular request mid then
1490 request_time is left as the absolute time of the *first*
1491 time this request mid was processed. This is what allows
1492 the request to eventually time out. */
1494 timeout = timeval_set(0, timeout_usecs);
1496 /* Nothing actually uses state.delayed_for_oplocks
1497 but it's handy to differentiate in debug messages
1498 between a 30 second delay due to oplock break, and
1499 a 1 second delay for share mode conflicts. */
1501 state.delayed_for_oplocks = False;
1503 state.inode = inode;
1505 if (!request_timed_out(request_time,
1507 defer_open(lck, request_time, timeout,
1515 * We have detected a sharing violation here
1516 * so return the correct error code
1518 status = NT_STATUS_SHARING_VIOLATION;
1520 status = NT_STATUS_ACCESS_DENIED;
1527 * We exit this block with the share entry *locked*.....
1531 SMB_ASSERT(!file_existed || (lck != NULL));
1534 * Ensure we pay attention to default ACLs on directories if required.
1537 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1538 (def_acl = directory_has_default_acl(conn,
1539 parent_dirname(fname)))) {
1543 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1544 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1545 (unsigned int)flags, (unsigned int)flags2,
1546 (unsigned int)unx_mode, (unsigned int)access_mask,
1547 (unsigned int)open_access_mask));
1550 * open_file strips any O_TRUNC flags itself.
1553 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,
1554 access_mask, open_access_mask);
1556 if (!NT_STATUS_IS_OK(fsp_open)) {
1564 if (!file_existed) {
1567 * Deal with the race condition where two smbd's detect the
1568 * file doesn't exist and do the create at the same time. One
1569 * of them will win and set a share mode, the other (ie. this
1570 * one) should check if the requested share mode for this
1571 * create is allowed.
1575 * Now the file exists and fsp is successfully opened,
1576 * fsp->dev and fsp->inode are valid and should replace the
1577 * dev=0,inode=0 from a non existent file. Spotted by
1578 * Nadav Danieli <nadavd@exanet.com>. JRA.
1584 lck = get_share_mode_lock(NULL, dev, inode,
1589 DEBUG(0, ("open_file_ntcreate: Could not get share "
1590 "mode lock for %s\n", fname));
1591 fd_close(conn, fsp);
1593 return NT_STATUS_SHARING_VIOLATION;
1596 status = open_mode_check(conn, fname, lck,
1597 access_mask, share_access,
1598 create_options, &file_existed);
1600 if (!NT_STATUS_IS_OK(status)) {
1601 struct deferred_open_record state;
1603 fd_close(conn, fsp);
1606 state.delayed_for_oplocks = False;
1608 state.inode = inode;
1610 /* Do it all over again immediately. In the second
1611 * round we will find that the file existed and handle
1612 * the DELETE_PENDING and FCB cases correctly. No need
1613 * to duplicate the code here. Essentially this is a
1614 * "goto top of this function", but don't tell
1617 defer_open(lck, request_time, timeval_zero(),
1624 * We exit this block with the share entry *locked*.....
1629 SMB_ASSERT(lck != NULL);
1631 /* note that we ignore failure for the following. It is
1632 basically a hack for NFS, and NFS will never set one of
1633 these only read them. Nobody but Samba can ever set a deny
1634 mode and we have already checked our more authoritative
1635 locking database for permission to set this deny mode. If
1636 the kernel refuses the operations then the kernel is wrong.
1637 note that GPFS supports it as well - jmcd */
1639 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1640 if(ret_flock == -1 ){
1643 fd_close(conn, fsp);
1646 return NT_STATUS_SHARING_VIOLATION;
1650 * At this point onwards, we can guarentee that the share entry
1651 * is locked, whether we created the file or not, and that the
1652 * deny mode is compatible with all current opens.
1656 * If requested, truncate the file.
1659 if (flags2&O_TRUNC) {
1661 * We are modifing the file after open - update the stat
1664 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1665 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1666 status = map_nt_error_from_unix(errno);
1674 /* Record the options we were opened with. */
1675 fsp->share_access = share_access;
1676 fsp->fh->private_options = create_options;
1677 fsp->access_mask = access_mask;
1680 /* stat opens on existing files don't get oplocks. */
1681 if (is_stat_open(open_access_mask)) {
1682 fsp->oplock_type = NO_OPLOCK;
1685 if (!(flags2 & O_TRUNC)) {
1686 info = FILE_WAS_OPENED;
1688 info = FILE_WAS_OVERWRITTEN;
1691 info = FILE_WAS_CREATED;
1692 /* Change the owner if required. */
1693 if (lp_inherit_owner(SNUM(conn))) {
1694 change_owner_to_parent(conn, fsp, fsp->fsp_name,
1704 * Setup the oplock info in both the shared memory and
1708 if ((fsp->oplock_type != NO_OPLOCK) &&
1709 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1710 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1711 /* Could not get the kernel oplock */
1712 fsp->oplock_type = NO_OPLOCK;
1715 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1717 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1718 info == FILE_WAS_SUPERSEDED) {
1720 /* Handle strange delete on close create semantics. */
1721 if (create_options & FILE_DELETE_ON_CLOSE) {
1722 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1724 if (!NT_STATUS_IS_OK(status)) {
1725 /* Remember to delete the mode we just added. */
1726 del_share_mode(lck, fsp);
1732 /* Note that here we set the *inital* delete on close flag,
1733 not the regular one. */
1734 set_delete_on_close_token(lck, ¤t_user.ut);
1735 lck->initial_delete_on_close = True;
1736 lck->modified = True;
1739 /* Files should be initially set as archive */
1740 if (lp_map_archive(SNUM(conn)) ||
1741 lp_store_dos_attributes(SNUM(conn))) {
1742 file_set_dosmode(conn, fname,
1743 new_dos_attributes | aARCH, NULL,
1749 * Take care of inherited ACLs on created files - if default ACL not
1753 if (!file_existed && !def_acl) {
1755 int saved_errno = errno; /* We might get ENOSYS in the next
1758 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1760 errno = saved_errno; /* Ignore ENOSYS */
1763 } else if (new_unx_mode) {
1767 /* Attributes need changing. File already existed. */
1770 int saved_errno = errno; /* We might get ENOSYS in the
1772 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1775 if (ret == -1 && errno == ENOSYS) {
1776 errno = saved_errno; /* Ignore ENOSYS */
1778 DEBUG(5, ("open_file_ntcreate: reset "
1779 "attributes of file %s to 0%o\n",
1780 fname, (unsigned int)new_unx_mode));
1781 ret = 0; /* Don't do the fchmod below. */
1786 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1787 DEBUG(5, ("open_file_ntcreate: failed to reset "
1788 "attributes of file %s to 0%o\n",
1789 fname, (unsigned int)new_unx_mode));
1792 /* If this is a successful open, we must remove any deferred open
1794 del_deferred_open_entry(lck, mid);
1797 conn->num_files_open++;
1800 return NT_STATUS_OK;
1803 /****************************************************************************
1804 Open a file for for write to ensure that we can fchmod it.
1805 ****************************************************************************/
1807 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1808 SMB_STRUCT_STAT *psbuf, files_struct **result)
1810 files_struct *fsp = NULL;
1813 if (!VALID_STAT(*psbuf)) {
1814 return NT_STATUS_INVALID_PARAMETER;
1817 status = file_new(conn, &fsp);
1818 if(!NT_STATUS_IS_OK(status)) {
1822 /* note! we must use a non-zero desired access or we don't get
1823 a real file descriptor. Oh what a twisted web we weave. */
1824 status = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA,FILE_WRITE_DATA);
1827 * This is not a user visible file open.
1828 * Don't set a share mode and don't increment
1829 * the conn->num_files_open.
1832 if (!NT_STATUS_IS_OK(status)) {
1838 return NT_STATUS_OK;
1841 /****************************************************************************
1842 Close the fchmod file fd - ensure no locks are lost.
1843 ****************************************************************************/
1845 int close_file_fchmod(files_struct *fsp)
1847 int ret = fd_close(fsp->conn, fsp);
1852 /****************************************************************************
1853 Open a directory from an NT SMB call.
1854 ****************************************************************************/
1856 NTSTATUS open_directory(connection_struct *conn,
1858 SMB_STRUCT_STAT *psbuf,
1860 uint32 share_access,
1861 uint32 create_disposition,
1862 uint32 create_options,
1864 files_struct **result)
1866 files_struct *fsp = NULL;
1867 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1868 BOOL create_dir = False;
1869 struct share_mode_lock *lck = NULL;
1873 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1874 "share_access = 0x%x create_options = 0x%x, "
1875 "create_disposition = 0x%x\n",
1877 (unsigned int)access_mask,
1878 (unsigned int)share_access,
1879 (unsigned int)create_options,
1880 (unsigned int)create_disposition));
1882 if (is_ntfs_stream_name(fname)) {
1883 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1884 return NT_STATUS_NOT_A_DIRECTORY;
1887 switch( create_disposition ) {
1889 /* If directory exists open. If directory doesn't
1892 DEBUG(5,("open_directory: FILE_OPEN requested "
1893 "for directory %s and it doesn't "
1894 "exist.\n", fname ));
1895 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1897 info = FILE_WAS_OPENED;
1901 /* If directory exists error. If directory doesn't
1904 DEBUG(5,("open_directory: FILE_CREATE "
1905 "requested for directory %s and it "
1906 "already exists.\n", fname ));
1907 if (use_nt_status()) {
1908 return NT_STATUS_OBJECT_NAME_COLLISION;
1910 return NT_STATUS_DOS(ERRDOS,
1915 info = FILE_WAS_CREATED;
1919 /* If directory exists open. If directory doesn't
1923 info = FILE_WAS_CREATED;
1925 info = FILE_WAS_OPENED;
1929 case FILE_SUPERSEDE:
1930 case FILE_OVERWRITE:
1931 case FILE_OVERWRITE_IF:
1933 DEBUG(5,("open_directory: invalid create_disposition "
1934 "0x%x for directory %s\n",
1935 (unsigned int)create_disposition, fname));
1936 return NT_STATUS_INVALID_PARAMETER;
1941 * Try and create the directory.
1944 /* We know bad_path is false as it's caught earlier. */
1946 status = mkdir_internal(conn, fname, False);
1948 if (!NT_STATUS_IS_OK(status)) {
1949 DEBUG(2,("open_directory: unable to create %s. "
1950 "Error was %s\n", fname, strerror(errno) ));
1951 /* Ensure we return the correct NT status to the
1956 /* Ensure we're checking for a symlink here.... */
1957 /* We don't want to get caught by a symlink racer. */
1959 if(SMB_VFS_LSTAT(conn,fname, psbuf) != 0) {
1960 return map_nt_error_from_unix(errno);
1963 if(!S_ISDIR(psbuf->st_mode)) {
1964 DEBUG(0,("open_directory: %s is not a directory !\n",
1966 return NT_STATUS_NOT_A_DIRECTORY;
1970 status = file_new(conn, &fsp);
1971 if(!NT_STATUS_IS_OK(status)) {
1976 * Setup the files_struct for it.
1979 fsp->mode = psbuf->st_mode;
1980 fsp->inode = psbuf->st_ino;
1981 fsp->dev = psbuf->st_dev;
1982 fsp->vuid = current_user.vuid;
1983 fsp->file_pid = global_smbpid;
1984 fsp->can_lock = False;
1985 fsp->can_read = False;
1986 fsp->can_write = False;
1988 fsp->share_access = share_access;
1989 fsp->fh->private_options = create_options;
1990 fsp->access_mask = access_mask;
1992 fsp->print_file = False;
1993 fsp->modified = False;
1994 fsp->oplock_type = NO_OPLOCK;
1995 fsp->sent_oplock_break = NO_BREAK_SENT;
1996 fsp->is_directory = True;
1997 fsp->is_stat = False;
1998 string_set(&fsp->fsp_name,fname);
2000 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2005 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2007 return NT_STATUS_SHARING_VIOLATION;
2010 status = open_mode_check(conn, fname, lck,
2011 access_mask, share_access,
2012 create_options, &dir_existed);
2014 if (!NT_STATUS_IS_OK(status)) {
2020 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2022 /* For directories the delete on close bit at open time seems
2023 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2024 if (create_options & FILE_DELETE_ON_CLOSE) {
2025 status = can_set_delete_on_close(fsp, True, 0);
2026 if (!NT_STATUS_IS_OK(status)) {
2032 set_delete_on_close_token(lck, ¤t_user.ut);
2033 lck->initial_delete_on_close = True;
2034 lck->modified = True;
2039 /* Change the owner if required. */
2040 if ((info == FILE_WAS_CREATED) && lp_inherit_owner(SNUM(conn))) {
2041 change_owner_to_parent(conn, fsp, fsp->fsp_name, psbuf);
2048 conn->num_files_open++;
2051 return NT_STATUS_OK;
2054 /****************************************************************************
2055 Open a pseudo-file (no locking checks - a 'stat' open).
2056 ****************************************************************************/
2058 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2059 SMB_STRUCT_STAT *psbuf, files_struct **result)
2061 files_struct *fsp = NULL;
2064 if (!VALID_STAT(*psbuf)) {
2065 return NT_STATUS_INVALID_PARAMETER;
2068 /* Can't 'stat' open directories. */
2069 if(S_ISDIR(psbuf->st_mode)) {
2070 return NT_STATUS_FILE_IS_A_DIRECTORY;
2073 status = file_new(conn, &fsp);
2074 if(!NT_STATUS_IS_OK(status)) {
2078 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2081 * Setup the files_struct for it.
2084 fsp->mode = psbuf->st_mode;
2085 fsp->inode = psbuf->st_ino;
2086 fsp->dev = psbuf->st_dev;
2087 fsp->vuid = current_user.vuid;
2088 fsp->file_pid = global_smbpid;
2089 fsp->can_lock = False;
2090 fsp->can_read = False;
2091 fsp->can_write = False;
2092 fsp->print_file = False;
2093 fsp->modified = False;
2094 fsp->oplock_type = NO_OPLOCK;
2095 fsp->sent_oplock_break = NO_BREAK_SENT;
2096 fsp->is_directory = False;
2097 fsp->is_stat = True;
2098 string_set(&fsp->fsp_name,fname);
2100 conn->num_files_open++;
2103 return NT_STATUS_OK;
2106 /****************************************************************************
2107 Receive notification that one of our open files has been renamed by another
2109 ****************************************************************************/
2111 void msg_file_was_renamed(int msg_type, struct process_id src, void *buf, size_t len)
2114 char *frm = (char *)buf;
2117 const char *sharepath;
2118 const char *newname;
2121 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2122 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2126 /* Unpack the message. */
2127 dev = DEV_T_VAL(frm,0);
2128 inode = INO_T_VAL(frm,8);
2129 sharepath = &frm[16];
2130 newname = sharepath + strlen(sharepath) + 1;
2131 sp_len = strlen(sharepath);
2133 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2134 "dev %x, inode %.0f\n",
2135 sharepath, newname, (unsigned int)dev, (double)inode ));
2137 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2138 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2139 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2140 fsp->fnum, fsp->fsp_name, newname ));
2141 string_set(&fsp->fsp_name, newname);
2144 /* Now we have the complete path we can work out if this is
2145 actually within this share and adjust newname accordingly. */
2146 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2147 "not sharepath %s) "
2148 "fnum %d from %s -> %s\n",
2149 fsp->conn->connectpath,