2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/globals.h"
25 #include "fake_file.h"
26 #include "librpc/gen_ndr/messaging.h"
27 #include "../libcli/security/security.h"
28 #include "../librpc/gen_ndr/ndr_security.h"
30 extern const struct generic_mapping file_generic_mapping;
32 struct deferred_open_record {
33 bool delayed_for_oplocks;
37 /****************************************************************************
38 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
39 ****************************************************************************/
41 NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
42 const struct security_descriptor *sd,
43 const struct security_token *token,
44 uint32_t access_desired,
45 uint32_t *access_granted)
49 if (get_current_uid(conn) == (uid_t)0) {
50 /* I'm sorry sir, I didn't know you were root... */
51 *access_granted = access_desired;
52 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
53 *access_granted |= FILE_GENERIC_ALL;
58 return se_access_check(sd,
60 (access_desired & ~FILE_READ_ATTRIBUTES),
64 /****************************************************************************
65 Check if we have open rights.
66 ****************************************************************************/
68 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
69 const struct smb_filename *smb_fname,
71 uint32_t *access_granted)
73 /* Check if we have rights to open. */
75 struct security_descriptor *sd = NULL;
77 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
82 if (!NT_STATUS_IS_OK(status)) {
83 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
85 smb_fname_str_dbg(smb_fname),
90 status = smb1_file_se_access_check(conn,
92 get_current_nttok(conn),
96 DEBUG(10,("smbd_check_open_rights: file %s requesting "
97 "0x%x returning 0x%x (%s)\n",
98 smb_fname_str_dbg(smb_fname),
99 (unsigned int)access_mask,
100 (unsigned int)*access_granted,
101 nt_errstr(status) ));
103 if (!NT_STATUS_IS_OK(status)) {
104 if (DEBUGLEVEL >= 10) {
105 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
106 smb_fname_str_dbg(smb_fname) ));
107 NDR_PRINT_DEBUG(security_descriptor, sd);
116 /****************************************************************************
117 fd support routines - attempt to do a dos_open.
118 ****************************************************************************/
120 static NTSTATUS fd_open(struct connection_struct *conn,
125 struct smb_filename *smb_fname = fsp->fsp_name;
126 NTSTATUS status = NT_STATUS_OK;
130 * Never follow symlinks on a POSIX client. The
131 * client should be doing this.
134 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
139 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
140 if (fsp->fh->fd == -1) {
141 status = map_nt_error_from_unix(errno);
142 if (errno == EMFILE) {
143 static time_t last_warned = 0L;
145 if (time((time_t *) NULL) > last_warned) {
146 DEBUG(0,("Too many open files, unable "
147 "to open more! smbd's max "
149 lp_max_open_files()));
150 last_warned = time((time_t *) NULL);
156 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
157 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
158 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
163 /****************************************************************************
164 Close the file associated with a fsp.
165 ****************************************************************************/
167 NTSTATUS fd_close(files_struct *fsp)
174 if (fsp->fh->fd == -1) {
175 return NT_STATUS_OK; /* What we used to call a stat open. */
177 if (fsp->fh->ref_count > 1) {
178 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
181 ret = SMB_VFS_CLOSE(fsp);
184 return map_nt_error_from_unix(errno);
189 /****************************************************************************
190 Change the ownership of a file to that of the parent directory.
191 Do this by fd if possible.
192 ****************************************************************************/
194 void change_file_owner_to_parent(connection_struct *conn,
195 const char *inherit_from_dir,
198 struct smb_filename *smb_fname_parent = NULL;
202 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
203 NULL, NULL, &smb_fname_parent);
204 if (!NT_STATUS_IS_OK(status)) {
208 ret = SMB_VFS_STAT(conn, smb_fname_parent);
210 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
211 "directory %s. Error was %s\n",
212 smb_fname_str_dbg(smb_fname_parent),
218 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
221 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
222 "file %s to parent directory uid %u. Error "
223 "was %s\n", fsp_str_dbg(fsp),
224 (unsigned int)smb_fname_parent->st.st_ex_uid,
228 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
229 "parent directory uid %u.\n", fsp_str_dbg(fsp),
230 (unsigned int)smb_fname_parent->st.st_ex_uid));
232 TALLOC_FREE(smb_fname_parent);
235 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
236 const char *inherit_from_dir,
238 SMB_STRUCT_STAT *psbuf)
240 struct smb_filename *smb_fname_parent = NULL;
241 struct smb_filename *smb_fname_cwd = NULL;
242 char *saved_dir = NULL;
243 TALLOC_CTX *ctx = talloc_tos();
244 NTSTATUS status = NT_STATUS_OK;
247 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
249 if (!NT_STATUS_IS_OK(status)) {
253 ret = SMB_VFS_STAT(conn, smb_fname_parent);
255 status = map_nt_error_from_unix(errno);
256 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
257 "directory %s. Error was %s\n",
258 smb_fname_str_dbg(smb_fname_parent),
263 /* We've already done an lstat into psbuf, and we know it's a
264 directory. If we can cd into the directory and the dev/ino
265 are the same then we can safely chown without races as
266 we're locking the directory in place by being in it. This
267 should work on any UNIX (thanks tridge :-). JRA.
270 saved_dir = vfs_GetWd(ctx,conn);
272 status = map_nt_error_from_unix(errno);
273 DEBUG(0,("change_dir_owner_to_parent: failed to get "
274 "current working directory. Error was %s\n",
279 /* Chdir into the new path. */
280 if (vfs_ChDir(conn, fname) == -1) {
281 status = map_nt_error_from_unix(errno);
282 DEBUG(0,("change_dir_owner_to_parent: failed to change "
283 "current working directory to %s. Error "
284 "was %s\n", fname, strerror(errno) ));
288 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
290 if (!NT_STATUS_IS_OK(status)) {
294 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
296 status = map_nt_error_from_unix(errno);
297 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
298 "directory '.' (%s) Error was %s\n",
299 fname, strerror(errno)));
303 /* Ensure we're pointing at the same place. */
304 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
305 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
306 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
307 DEBUG(0,("change_dir_owner_to_parent: "
308 "device/inode/mode on directory %s changed. "
309 "Refusing to chown !\n", fname ));
310 status = NT_STATUS_ACCESS_DENIED;
315 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
319 status = map_nt_error_from_unix(errno);
320 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
321 "directory %s to parent directory uid %u. "
322 "Error was %s\n", fname,
323 (unsigned int)smb_fname_parent->st.st_ex_uid,
328 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
329 "directory %s to parent directory uid %u.\n",
330 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
333 vfs_ChDir(conn,saved_dir);
335 TALLOC_FREE(smb_fname_parent);
336 TALLOC_FREE(smb_fname_cwd);
340 /****************************************************************************
342 ****************************************************************************/
344 static NTSTATUS open_file(files_struct *fsp,
345 connection_struct *conn,
346 struct smb_request *req,
347 const char *parent_dir,
350 uint32 access_mask, /* client requested access mask. */
351 uint32 open_access_mask) /* what we're actually using in the open. */
353 struct smb_filename *smb_fname = fsp->fsp_name;
354 NTSTATUS status = NT_STATUS_OK;
355 int accmode = (flags & O_ACCMODE);
356 int local_flags = flags;
357 bool file_existed = VALID_STAT(fsp->fsp_name->st);
362 /* Check permissions */
365 * This code was changed after seeing a client open request
366 * containing the open mode of (DENY_WRITE/read-only) with
367 * the 'create if not exist' bit set. The previous code
368 * would fail to open the file read only on a read-only share
369 * as it was checking the flags parameter directly against O_RDONLY,
370 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
374 if (!CAN_WRITE(conn)) {
375 /* It's a read-only share - fail if we wanted to write. */
376 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
377 DEBUG(3,("Permission denied opening %s\n",
378 smb_fname_str_dbg(smb_fname)));
379 return NT_STATUS_ACCESS_DENIED;
380 } else if(flags & O_CREAT) {
381 /* We don't want to write - but we must make sure that
382 O_CREAT doesn't create the file if we have write
383 access into the directory.
385 flags &= ~(O_CREAT|O_EXCL);
386 local_flags &= ~(O_CREAT|O_EXCL);
391 * This little piece of insanity is inspired by the
392 * fact that an NT client can open a file for O_RDONLY,
393 * but set the create disposition to FILE_EXISTS_TRUNCATE.
394 * If the client *can* write to the file, then it expects to
395 * truncate the file, even though it is opening for readonly.
396 * Quicken uses this stupid trick in backup file creation...
397 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
398 * for helping track this one down. It didn't bite us in 2.0.x
399 * as we always opened files read-write in that release. JRA.
402 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
403 DEBUG(10,("open_file: truncate requested on read-only open "
404 "for file %s\n", smb_fname_str_dbg(smb_fname)));
405 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
408 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
409 (!file_existed && (local_flags & O_CREAT)) ||
410 ((local_flags & O_TRUNC) == O_TRUNC) ) {
414 * We can't actually truncate here as the file may be locked.
415 * open_file_ntcreate will take care of the truncate later. JRA.
418 local_flags &= ~O_TRUNC;
420 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
422 * We would block on opening a FIFO with no one else on the
423 * other end. Do what we used to do and add O_NONBLOCK to the
427 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
428 local_flags |= O_NONBLOCK;
432 /* Don't create files with Microsoft wildcard characters. */
435 * wildcard characters are allowed in stream names
436 * only test the basefilename
438 wild = fsp->base_fsp->fsp_name->base_name;
440 wild = smb_fname->base_name;
442 if ((local_flags & O_CREAT) && !file_existed &&
444 return NT_STATUS_OBJECT_NAME_INVALID;
447 /* Actually do the open */
448 status = fd_open(conn, fsp, local_flags, unx_mode);
449 if (!NT_STATUS_IS_OK(status)) {
450 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
451 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
452 nt_errstr(status),local_flags,flags));
456 if ((local_flags & O_CREAT) && !file_existed) {
458 /* Inherit the ACL if required */
459 if (lp_inherit_perms(SNUM(conn))) {
460 inherit_access_posix_acl(conn, parent_dir,
461 smb_fname->base_name,
465 /* Change the owner if required. */
466 if (lp_inherit_owner(SNUM(conn))) {
467 change_file_owner_to_parent(conn, parent_dir,
471 notify_fname(conn, NOTIFY_ACTION_ADDED,
472 FILE_NOTIFY_CHANGE_FILE_NAME,
473 smb_fname->base_name);
477 fsp->fh->fd = -1; /* What we used to call a stat open. */
479 uint32_t access_granted = 0;
481 status = smbd_check_open_rights(conn,
485 if (!NT_STATUS_IS_OK(status)) {
486 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
488 * On NT_STATUS_ACCESS_DENIED, access_granted
489 * contains the denied bits.
492 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
493 (access_granted & FILE_WRITE_ATTRIBUTES) &&
494 (lp_map_readonly(SNUM(conn)) ||
495 lp_map_archive(SNUM(conn)) ||
496 lp_map_hidden(SNUM(conn)) ||
497 lp_map_system(SNUM(conn)))) {
498 access_granted &= ~FILE_WRITE_ATTRIBUTES;
500 DEBUG(10,("open_file: "
509 if ((access_mask & DELETE_ACCESS) &&
510 (access_granted & DELETE_ACCESS) &&
511 can_delete_file_in_directory(conn,
513 /* Were we trying to do a stat open
514 * for delete and didn't get DELETE
515 * access (only) ? Check if the
516 * directory allows DELETE_CHILD.
518 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
521 access_granted &= ~DELETE_ACCESS;
523 DEBUG(10,("open_file: "
531 if (access_granted != 0) {
532 DEBUG(10,("open_file: Access "
539 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
541 S_ISLNK(smb_fname->st.st_ex_mode)) {
542 /* This is a POSIX stat open for delete
543 * or rename on a symlink that points
545 DEBUG(10,("open_file: allowing POSIX "
546 "open on bad symlink %s\n",
550 DEBUG(10,("open_file: "
551 "smbd_check_open_rights on file "
553 smb_fname_str_dbg(smb_fname),
554 nt_errstr(status) ));
564 if (fsp->fh->fd == -1) {
565 ret = SMB_VFS_STAT(conn, smb_fname);
567 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
568 /* If we have an fd, this stat should succeed. */
570 DEBUG(0,("Error doing fstat on open file %s "
572 smb_fname_str_dbg(smb_fname),
577 /* For a non-io open, this stat failing means file not found. JRA */
579 status = map_nt_error_from_unix(errno);
586 * POSIX allows read-only opens of directories. We don't
587 * want to do this (we use a different code path for this)
588 * so catch a directory open and return an EISDIR. JRA.
591 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
594 return NT_STATUS_FILE_IS_A_DIRECTORY;
597 fsp->mode = smb_fname->st.st_ex_mode;
598 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
599 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
600 fsp->file_pid = req ? req->smbpid : 0;
601 fsp->can_lock = True;
602 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
603 if (!CAN_WRITE(conn)) {
604 fsp->can_write = False;
606 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
609 fsp->print_file = NULL;
610 fsp->modified = False;
611 fsp->sent_oplock_break = NO_BREAK_SENT;
612 fsp->is_directory = False;
613 if (conn->aio_write_behind_list &&
614 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
615 conn->case_sensitive)) {
616 fsp->aio_write_behind = True;
619 fsp->wcp = NULL; /* Write cache pointer. */
621 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
622 conn->server_info->unix_name,
623 smb_fname_str_dbg(smb_fname),
624 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
625 conn->num_files_open));
631 /*******************************************************************
632 Return True if the filename is one of the special executable types.
633 ********************************************************************/
635 bool is_executable(const char *fname)
637 if ((fname = strrchr_m(fname,'.'))) {
638 if (strequal(fname,".com") ||
639 strequal(fname,".dll") ||
640 strequal(fname,".exe") ||
641 strequal(fname,".sym")) {
648 /****************************************************************************
649 Check if we can open a file with a share mode.
650 Returns True if conflict, False if not.
651 ****************************************************************************/
653 static bool share_conflict(struct share_mode_entry *entry,
657 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
658 "entry->share_access = 0x%x, "
659 "entry->private_options = 0x%x\n",
660 (unsigned int)entry->access_mask,
661 (unsigned int)entry->share_access,
662 (unsigned int)entry->private_options));
664 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
665 (unsigned int)access_mask, (unsigned int)share_access));
667 if ((entry->access_mask & (FILE_WRITE_DATA|
671 DELETE_ACCESS)) == 0) {
672 DEBUG(10,("share_conflict: No conflict due to "
673 "entry->access_mask = 0x%x\n",
674 (unsigned int)entry->access_mask ));
678 if ((access_mask & (FILE_WRITE_DATA|
682 DELETE_ACCESS)) == 0) {
683 DEBUG(10,("share_conflict: No conflict due to "
684 "access_mask = 0x%x\n",
685 (unsigned int)access_mask ));
689 #if 1 /* JRA TEST - Superdebug. */
690 #define CHECK_MASK(num, am, right, sa, share) \
691 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
692 (unsigned int)(num), (unsigned int)(am), \
693 (unsigned int)(right), (unsigned int)(am)&(right) )); \
694 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
695 (unsigned int)(num), (unsigned int)(sa), \
696 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
697 if (((am) & (right)) && !((sa) & (share))) { \
698 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
699 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
700 (unsigned int)(share) )); \
704 #define CHECK_MASK(num, am, right, sa, share) \
705 if (((am) & (right)) && !((sa) & (share))) { \
706 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
707 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
708 (unsigned int)(share) )); \
713 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
714 share_access, FILE_SHARE_WRITE);
715 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
716 entry->share_access, FILE_SHARE_WRITE);
718 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
719 share_access, FILE_SHARE_READ);
720 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
721 entry->share_access, FILE_SHARE_READ);
723 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
724 share_access, FILE_SHARE_DELETE);
725 CHECK_MASK(6, access_mask, DELETE_ACCESS,
726 entry->share_access, FILE_SHARE_DELETE);
728 DEBUG(10,("share_conflict: No conflict.\n"));
732 #if defined(DEVELOPER)
733 static void validate_my_share_entries(struct smbd_server_connection *sconn,
735 struct share_mode_entry *share_entry)
739 if (!procid_is_me(&share_entry->pid)) {
743 if (is_deferred_open_entry(share_entry) &&
744 !open_was_deferred(share_entry->op_mid)) {
745 char *str = talloc_asprintf(talloc_tos(),
746 "Got a deferred entry without a request: "
748 share_mode_str(talloc_tos(), num, share_entry));
752 if (!is_valid_share_mode_entry(share_entry)) {
756 fsp = file_find_dif(sconn, share_entry->id,
757 share_entry->share_file_id);
759 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
760 share_mode_str(talloc_tos(), num, share_entry) ));
761 smb_panic("validate_my_share_entries: Cannot match a "
762 "share entry with an open file\n");
765 if (is_deferred_open_entry(share_entry) ||
766 is_unused_share_mode_entry(share_entry)) {
770 if ((share_entry->op_type == NO_OPLOCK) &&
771 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
772 /* Someone has already written to it, but I haven't yet
777 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
786 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
787 share_mode_str(talloc_tos(), num, share_entry) ));
788 str = talloc_asprintf(talloc_tos(),
789 "validate_my_share_entries: "
790 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
791 fsp->fsp_name->base_name,
792 (unsigned int)fsp->oplock_type,
793 (unsigned int)share_entry->op_type );
799 bool is_stat_open(uint32 access_mask)
801 return (access_mask &&
802 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
803 FILE_WRITE_ATTRIBUTES))==0) &&
804 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
805 FILE_WRITE_ATTRIBUTES)) != 0));
808 /****************************************************************************
809 Deal with share modes
810 Invarient: Share mode must be locked on entry and exit.
811 Returns -1 on error, or number of share modes on success (may be zero).
812 ****************************************************************************/
814 static NTSTATUS open_mode_check(connection_struct *conn,
815 struct share_mode_lock *lck,
819 uint32 create_options,
824 if(lck->num_share_modes == 0) {
828 *file_existed = True;
830 /* A delete on close prohibits everything */
832 if (is_delete_on_close_set(lck, name_hash)) {
833 return NT_STATUS_DELETE_PENDING;
836 if (is_stat_open(access_mask)) {
837 /* Stat open that doesn't trigger oplock breaks or share mode
838 * checks... ! JRA. */
843 * Check if the share modes will give us access.
846 #if defined(DEVELOPER)
847 for(i = 0; i < lck->num_share_modes; i++) {
848 validate_my_share_entries(conn->sconn, i,
849 &lck->share_modes[i]);
853 if (!lp_share_modes(SNUM(conn))) {
857 /* Now we check the share modes, after any oplock breaks. */
858 for(i = 0; i < lck->num_share_modes; i++) {
860 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
864 /* someone else has a share lock on it, check to see if we can
866 if (share_conflict(&lck->share_modes[i],
867 access_mask, share_access)) {
868 return NT_STATUS_SHARING_VIOLATION;
875 static bool is_delete_request(files_struct *fsp) {
876 return ((fsp->access_mask == DELETE_ACCESS) &&
877 (fsp->oplock_type == NO_OPLOCK));
881 * Send a break message to the oplock holder and delay the open for
885 static NTSTATUS send_break_message(files_struct *fsp,
886 struct share_mode_entry *exclusive,
891 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
893 DEBUG(10, ("Sending break request to PID %s\n",
894 procid_str_static(&exclusive->pid)));
895 exclusive->op_mid = mid;
897 /* Create the message. */
898 share_mode_entry_to_message(msg, exclusive);
900 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
901 don't want this set in the share mode struct pointed to by lck. */
903 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
904 SSVAL(msg,OP_BREAK_MSG_OP_TYPE_OFFSET,
905 exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
908 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
909 MSG_SMB_BREAK_REQUEST,
911 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
912 if (!NT_STATUS_IS_OK(status)) {
913 DEBUG(3, ("Could not send oplock break message: %s\n",
921 * Return share_mode_entry pointers for :
922 * 1). Batch oplock entry.
923 * 2). Batch or exclusive oplock entry (may be identical to #1).
924 * bool have_level2_oplock
925 * bool have_no_oplock.
926 * Do internal consistency checks on the share mode for a file.
929 static void find_oplock_types(struct share_mode_lock *lck,
930 struct share_mode_entry **pp_batch,
931 struct share_mode_entry **pp_ex_or_batch,
938 *pp_ex_or_batch = NULL;
940 *got_no_oplock = false;
942 for (i=0; i<lck->num_share_modes; i++) {
943 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
947 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
948 /* batch - can only be one. */
949 if (*pp_batch || *got_level2 || *got_no_oplock) {
950 smb_panic("Bad batch oplock entry.");
952 *pp_batch = &lck->share_modes[i];
955 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
956 /* Exclusive or batch - can only be one. */
957 if (*pp_ex_or_batch || *got_level2 || *got_no_oplock) {
958 smb_panic("Bad exclusive or batch oplock entry.");
960 *pp_ex_or_batch = &lck->share_modes[i];
963 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
964 if (*pp_batch || *pp_ex_or_batch) {
965 smb_panic("Bad levelII oplock entry.");
970 if (lck->share_modes[i].op_type == NO_OPLOCK) {
971 if (*pp_batch || *pp_ex_or_batch) {
972 smb_panic("Bad no oplock entry.");
974 *got_no_oplock = true;
979 static bool delay_for_batch_oplocks(files_struct *fsp,
982 struct share_mode_entry *batch_entry)
984 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
988 if (batch_entry != NULL) {
989 /* Found a batch oplock */
990 send_break_message(fsp, batch_entry, mid, oplock_request);
996 static bool delay_for_exclusive_oplocks(files_struct *fsp,
999 struct share_mode_entry *ex_entry)
1001 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
1005 if (ex_entry != NULL) {
1006 /* Found an exclusive or batch oplock */
1007 bool delay_it = is_delete_request(fsp) ?
1008 BATCH_OPLOCK_TYPE(ex_entry->op_type) : true;
1010 send_break_message(fsp, ex_entry, mid, oplock_request);
1017 static bool file_has_brlocks(files_struct *fsp)
1019 struct byte_range_lock *br_lck;
1021 br_lck = brl_get_locks_readonly(fsp);
1025 return br_lck->num_locks > 0 ? true : false;
1028 static void grant_fsp_oplock_type(files_struct *fsp,
1030 bool got_level2_oplock,
1031 bool got_a_none_oplock)
1033 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
1034 lp_level2_oplocks(SNUM(fsp->conn));
1036 /* Start by granting what the client asked for,
1037 but ensure no SAMBA_PRIVATE bits can be set. */
1038 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1040 if (oplock_request & INTERNAL_OPEN_ONLY) {
1041 /* No oplocks on internal open. */
1042 fsp->oplock_type = NO_OPLOCK;
1043 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1044 fsp->oplock_type, fsp_str_dbg(fsp)));
1046 } else if (lp_locking(fsp->conn->params) && file_has_brlocks(fsp)) {
1047 DEBUG(10,("grant_fsp_oplock_type: file %s has byte range locks\n",
1049 fsp->oplock_type = NO_OPLOCK;
1052 if (is_stat_open(fsp->access_mask)) {
1053 /* Leave the value already set. */
1054 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1055 fsp->oplock_type, fsp_str_dbg(fsp)));
1060 * Match what was requested (fsp->oplock_type) with
1061 * what was found in the existing share modes.
1064 if (got_a_none_oplock) {
1065 fsp->oplock_type = NO_OPLOCK;
1066 } else if (got_level2_oplock) {
1067 if (fsp->oplock_type == NO_OPLOCK ||
1068 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1069 /* Store a level2 oplock, but don't tell the client */
1070 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1072 fsp->oplock_type = LEVEL_II_OPLOCK;
1075 /* All share_mode_entries are placeholders or deferred.
1076 * Silently upgrade to fake levelII if the client didn't
1077 * ask for an oplock. */
1078 if (fsp->oplock_type == NO_OPLOCK) {
1079 /* Store a level2 oplock, but don't tell the client */
1080 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1085 * Don't grant level2 to clients that don't want them
1086 * or if we've turned them off.
1088 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1089 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1092 DEBUG(10,("grant_fsp_oplock_type: oplock type 0x%x on file %s\n",
1093 fsp->oplock_type, fsp_str_dbg(fsp)));
1096 bool request_timed_out(struct timeval request_time,
1097 struct timeval timeout)
1099 struct timeval now, end_time;
1101 end_time = timeval_sum(&request_time, &timeout);
1102 return (timeval_compare(&end_time, &now) < 0);
1105 /****************************************************************************
1106 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1107 ****************************************************************************/
1109 static void defer_open(struct share_mode_lock *lck,
1110 struct timeval request_time,
1111 struct timeval timeout,
1112 struct smb_request *req,
1113 struct deferred_open_record *state)
1117 /* Paranoia check */
1119 for (i=0; i<lck->num_share_modes; i++) {
1120 struct share_mode_entry *e = &lck->share_modes[i];
1122 if (!is_deferred_open_entry(e)) {
1126 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1127 DEBUG(0, ("Trying to defer an already deferred "
1128 "request: mid=%llu, exiting\n",
1129 (unsigned long long)req->mid));
1130 exit_server("attempt to defer a deferred request");
1134 /* End paranoia check */
1136 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1137 "open entry for mid %llu\n",
1138 (unsigned int)request_time.tv_sec,
1139 (unsigned int)request_time.tv_usec,
1140 (unsigned long long)req->mid));
1142 if (!push_deferred_open_message_smb(req, request_time, timeout,
1143 state->id, (char *)state, sizeof(*state))) {
1144 exit_server("push_deferred_open_message_smb failed");
1146 add_deferred_open(lck, req->mid, request_time,
1147 sconn_server_id(req->sconn), state->id);
1151 /****************************************************************************
1152 On overwrite open ensure that the attributes match.
1153 ****************************************************************************/
1155 bool open_match_attributes(connection_struct *conn,
1156 uint32 old_dos_attr,
1157 uint32 new_dos_attr,
1158 mode_t existing_unx_mode,
1159 mode_t new_unx_mode,
1160 mode_t *returned_unx_mode)
1162 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1164 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1165 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1167 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1168 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1169 *returned_unx_mode = new_unx_mode;
1171 *returned_unx_mode = (mode_t)0;
1174 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1175 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1176 "returned_unx_mode = 0%o\n",
1177 (unsigned int)old_dos_attr,
1178 (unsigned int)existing_unx_mode,
1179 (unsigned int)new_dos_attr,
1180 (unsigned int)*returned_unx_mode ));
1182 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1183 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1184 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1185 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1189 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1190 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1191 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1198 /****************************************************************************
1199 Special FCB or DOS processing in the case of a sharing violation.
1200 Try and find a duplicated file handle.
1201 ****************************************************************************/
1203 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1204 connection_struct *conn,
1205 files_struct *fsp_to_dup_into,
1206 const struct smb_filename *smb_fname,
1211 uint32 share_access,
1212 uint32 create_options)
1216 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1217 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1219 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1220 fsp = file_find_di_next(fsp)) {
1222 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1223 "vuid = %u, file_pid = %u, private_options = 0x%x "
1224 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1225 fsp->fh->fd, (unsigned int)fsp->vuid,
1226 (unsigned int)fsp->file_pid,
1227 (unsigned int)fsp->fh->private_options,
1228 (unsigned int)fsp->access_mask ));
1230 if (fsp->fh->fd != -1 &&
1231 fsp->vuid == vuid &&
1232 fsp->file_pid == file_pid &&
1233 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1234 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1235 (fsp->access_mask & FILE_WRITE_DATA) &&
1236 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1237 strequal(fsp->fsp_name->stream_name,
1238 smb_fname->stream_name)) {
1239 DEBUG(10,("fcb_or_dos_open: file match\n"));
1245 return NT_STATUS_NOT_FOUND;
1248 /* quite an insane set of semantics ... */
1249 if (is_executable(smb_fname->base_name) &&
1250 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1251 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1252 return NT_STATUS_INVALID_PARAMETER;
1255 /* We need to duplicate this fsp. */
1256 return dup_file_fsp(req, fsp, access_mask, share_access,
1257 create_options, fsp_to_dup_into);
1260 /****************************************************************************
1261 Open a file with a share mode - old openX method - map into NTCreate.
1262 ****************************************************************************/
1264 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1265 int deny_mode, int open_func,
1266 uint32 *paccess_mask,
1267 uint32 *pshare_mode,
1268 uint32 *pcreate_disposition,
1269 uint32 *pcreate_options,
1270 uint32_t *pprivate_flags)
1274 uint32 create_disposition;
1275 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1276 uint32_t private_flags = 0;
1278 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1279 "open_func = 0x%x\n",
1280 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1281 (unsigned int)open_func ));
1283 /* Create the NT compatible access_mask. */
1284 switch (GET_OPENX_MODE(deny_mode)) {
1285 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1286 case DOS_OPEN_RDONLY:
1287 access_mask = FILE_GENERIC_READ;
1289 case DOS_OPEN_WRONLY:
1290 access_mask = FILE_GENERIC_WRITE;
1294 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1297 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1298 (unsigned int)GET_OPENX_MODE(deny_mode)));
1302 /* Create the NT compatible create_disposition. */
1303 switch (open_func) {
1304 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1305 create_disposition = FILE_CREATE;
1308 case OPENX_FILE_EXISTS_OPEN:
1309 create_disposition = FILE_OPEN;
1312 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1313 create_disposition = FILE_OPEN_IF;
1316 case OPENX_FILE_EXISTS_TRUNCATE:
1317 create_disposition = FILE_OVERWRITE;
1320 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1321 create_disposition = FILE_OVERWRITE_IF;
1325 /* From samba4 - to be confirmed. */
1326 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1327 create_disposition = FILE_CREATE;
1330 DEBUG(10,("map_open_params_to_ntcreate: bad "
1331 "open_func 0x%x\n", (unsigned int)open_func));
1335 /* Create the NT compatible share modes. */
1336 switch (GET_DENY_MODE(deny_mode)) {
1338 share_mode = FILE_SHARE_NONE;
1342 share_mode = FILE_SHARE_READ;
1346 share_mode = FILE_SHARE_WRITE;
1350 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1354 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1355 if (is_executable(smb_fname->base_name)) {
1356 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1358 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1359 share_mode = FILE_SHARE_READ;
1361 share_mode = FILE_SHARE_NONE;
1367 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1368 share_mode = FILE_SHARE_NONE;
1372 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1373 (unsigned int)GET_DENY_MODE(deny_mode) ));
1377 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1378 "share_mode = 0x%x, create_disposition = 0x%x, "
1379 "create_options = 0x%x private_flags = 0x%x\n",
1380 smb_fname_str_dbg(smb_fname),
1381 (unsigned int)access_mask,
1382 (unsigned int)share_mode,
1383 (unsigned int)create_disposition,
1384 (unsigned int)create_options,
1385 (unsigned int)private_flags));
1388 *paccess_mask = access_mask;
1391 *pshare_mode = share_mode;
1393 if (pcreate_disposition) {
1394 *pcreate_disposition = create_disposition;
1396 if (pcreate_options) {
1397 *pcreate_options = create_options;
1399 if (pprivate_flags) {
1400 *pprivate_flags = private_flags;
1407 static void schedule_defer_open(struct share_mode_lock *lck,
1408 struct timeval request_time,
1409 struct smb_request *req)
1411 struct deferred_open_record state;
1413 /* This is a relative time, added to the absolute
1414 request_time value to get the absolute timeout time.
1415 Note that if this is the second or greater time we enter
1416 this codepath for this particular request mid then
1417 request_time is left as the absolute time of the *first*
1418 time this request mid was processed. This is what allows
1419 the request to eventually time out. */
1421 struct timeval timeout;
1423 /* Normally the smbd we asked should respond within
1424 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1425 * the client did, give twice the timeout as a safety
1426 * measure here in case the other smbd is stuck
1427 * somewhere else. */
1429 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1431 /* Nothing actually uses state.delayed_for_oplocks
1432 but it's handy to differentiate in debug messages
1433 between a 30 second delay due to oplock break, and
1434 a 1 second delay for share mode conflicts. */
1436 state.delayed_for_oplocks = True;
1439 if (!request_timed_out(request_time, timeout)) {
1440 defer_open(lck, request_time, timeout, req, &state);
1444 /****************************************************************************
1445 Work out what access_mask to use from what the client sent us.
1446 ****************************************************************************/
1448 static NTSTATUS calculate_access_mask(connection_struct *conn,
1449 const struct smb_filename *smb_fname,
1451 uint32_t access_mask,
1452 uint32_t *access_mask_out)
1457 * Convert GENERIC bits to specific bits.
1460 se_map_generic(&access_mask, &file_generic_mapping);
1462 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1463 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1466 struct security_descriptor *sd;
1467 uint32_t access_granted = 0;
1469 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1474 if (!NT_STATUS_IS_OK(status)) {
1475 DEBUG(10, ("calculate_access_mask: Could not get acl "
1477 smb_fname_str_dbg(smb_fname),
1478 nt_errstr(status)));
1479 return NT_STATUS_ACCESS_DENIED;
1482 status = smb1_file_se_access_check(conn,
1484 get_current_nttok(conn),
1490 if (!NT_STATUS_IS_OK(status)) {
1491 DEBUG(10, ("calculate_access_mask: Access denied on "
1492 "file %s: when calculating maximum access\n",
1493 smb_fname_str_dbg(smb_fname)));
1494 return NT_STATUS_ACCESS_DENIED;
1497 access_mask = access_granted;
1499 access_mask = FILE_GENERIC_ALL;
1503 *access_mask_out = access_mask;
1504 return NT_STATUS_OK;
1507 /****************************************************************************
1508 Remove the deferred open entry under lock.
1509 ****************************************************************************/
1511 void remove_deferred_open_entry(struct file_id id, uint64_t mid,
1512 struct server_id pid)
1514 struct share_mode_lock *lck = get_share_mode_lock(talloc_tos(), id,
1517 DEBUG(0, ("could not get share mode lock\n"));
1519 del_deferred_open_entry(lck, mid, pid);
1524 /****************************************************************************
1525 Open a file with a share mode. Passed in an already created files_struct *.
1526 ****************************************************************************/
1528 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1529 struct smb_request *req,
1530 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1531 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1532 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1533 uint32 create_options, /* options such as delete on close. */
1534 uint32 new_dos_attributes, /* attributes used for new file. */
1535 int oplock_request, /* internal Samba oplock codes. */
1536 /* Information (FILE_EXISTS etc.) */
1537 uint32_t private_flags, /* Samba specific flags. */
1541 struct smb_filename *smb_fname = fsp->fsp_name;
1544 bool file_existed = VALID_STAT(smb_fname->st);
1545 bool def_acl = False;
1546 bool posix_open = False;
1547 bool new_file_created = False;
1548 bool clear_ads = false;
1550 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1551 mode_t new_unx_mode = (mode_t)0;
1552 mode_t unx_mode = (mode_t)0;
1554 uint32 existing_dos_attributes = 0;
1555 struct timeval request_time = timeval_zero();
1556 struct share_mode_lock *lck = NULL;
1557 uint32 open_access_mask = access_mask;
1563 /* Windows allows a new file to be created and
1564 silently removes a FILE_ATTRIBUTE_DIRECTORY
1565 sent by the client. Do the same. */
1567 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1569 if (conn->printer) {
1571 * Printers are handled completely differently.
1572 * Most of the passed parameters are ignored.
1576 *pinfo = FILE_WAS_CREATED;
1579 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1580 smb_fname_str_dbg(smb_fname)));
1583 DEBUG(0,("open_file_ntcreate: printer open without "
1584 "an SMB request!\n"));
1585 return NT_STATUS_INTERNAL_ERROR;
1588 return print_spool_open(fsp, smb_fname->base_name,
1592 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1594 return NT_STATUS_NO_MEMORY;
1597 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1599 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1600 new_dos_attributes = 0;
1602 /* We add aARCH to this as this mode is only used if the file is
1604 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1605 smb_fname, parent_dir);
1608 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1609 "access_mask=0x%x share_access=0x%x "
1610 "create_disposition = 0x%x create_options=0x%x "
1611 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
1612 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1613 access_mask, share_access, create_disposition,
1614 create_options, (unsigned int)unx_mode, oplock_request,
1615 (unsigned int)private_flags));
1617 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1618 DEBUG(0, ("No smb request but not an internal only open!\n"));
1619 return NT_STATUS_INTERNAL_ERROR;
1623 * Only non-internal opens can be deferred at all
1628 if (get_deferred_open_message_state(req,
1632 struct deferred_open_record *state = (struct deferred_open_record *)ptr;
1633 /* Remember the absolute time of the original
1634 request with this mid. We'll use it later to
1635 see if this has timed out. */
1637 /* Remove the deferred open entry under lock. */
1638 remove_deferred_open_entry(
1639 state->id, req->mid,
1640 sconn_server_id(req->sconn));
1642 /* Ensure we don't reprocess this message. */
1643 remove_deferred_open_message_smb(req->mid);
1647 status = check_name(conn, smb_fname->base_name);
1648 if (!NT_STATUS_IS_OK(status)) {
1653 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1655 existing_dos_attributes = dos_mode(conn, smb_fname);
1659 /* ignore any oplock requests if oplocks are disabled */
1660 if (!lp_oplocks(SNUM(conn)) ||
1661 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1662 /* Mask off everything except the private Samba bits. */
1663 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1666 /* this is for OS/2 long file names - say we don't support them */
1667 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1668 /* OS/2 Workplace shell fix may be main code stream in a later
1670 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1672 if (use_nt_status()) {
1673 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1675 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1678 switch( create_disposition ) {
1680 * Currently we're using FILE_SUPERSEDE as the same as
1681 * FILE_OVERWRITE_IF but they really are
1682 * different. FILE_SUPERSEDE deletes an existing file
1683 * (requiring delete access) then recreates it.
1685 case FILE_SUPERSEDE:
1686 /* If file exists replace/overwrite. If file doesn't
1688 flags2 |= (O_CREAT | O_TRUNC);
1692 case FILE_OVERWRITE_IF:
1693 /* If file exists replace/overwrite. If file doesn't
1695 flags2 |= (O_CREAT | O_TRUNC);
1700 /* If file exists open. If file doesn't exist error. */
1701 if (!file_existed) {
1702 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1703 "requested for file %s and file "
1705 smb_fname_str_dbg(smb_fname)));
1707 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1711 case FILE_OVERWRITE:
1712 /* If file exists overwrite. If file doesn't exist
1714 if (!file_existed) {
1715 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1716 "requested for file %s and file "
1718 smb_fname_str_dbg(smb_fname) ));
1720 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1727 /* If file exists error. If file doesn't exist
1730 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1731 "requested for file %s and file "
1732 "already exists.\n",
1733 smb_fname_str_dbg(smb_fname)));
1734 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1739 return map_nt_error_from_unix(errno);
1741 flags2 |= (O_CREAT|O_EXCL);
1745 /* If file exists open. If file doesn't exist
1751 return NT_STATUS_INVALID_PARAMETER;
1754 /* We only care about matching attributes on file exists and
1757 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1758 (create_disposition == FILE_OVERWRITE_IF))) {
1759 if (!open_match_attributes(conn, existing_dos_attributes,
1761 smb_fname->st.st_ex_mode,
1762 unx_mode, &new_unx_mode)) {
1763 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1764 "for file %s (%x %x) (0%o, 0%o)\n",
1765 smb_fname_str_dbg(smb_fname),
1766 existing_dos_attributes,
1768 (unsigned int)smb_fname->st.st_ex_mode,
1769 (unsigned int)unx_mode ));
1771 return NT_STATUS_ACCESS_DENIED;
1775 status = calculate_access_mask(conn, smb_fname, file_existed,
1778 if (!NT_STATUS_IS_OK(status)) {
1779 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1780 "on file %s returned %s\n",
1781 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1785 open_access_mask = access_mask;
1787 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1788 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1791 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1792 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1796 * Note that we ignore the append flag as append does not
1797 * mean the same thing under DOS and Unix.
1800 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1801 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1802 /* DENY_DOS opens are always underlying read-write on the
1803 file handle, no matter what the requested access mask
1805 if ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1806 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1816 * Currently we only look at FILE_WRITE_THROUGH for create options.
1820 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1825 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1829 if (!posix_open && !CAN_WRITE(conn)) {
1831 * We should really return a permission denied error if either
1832 * O_CREAT or O_TRUNC are set, but for compatibility with
1833 * older versions of Samba we just AND them out.
1835 flags2 &= ~(O_CREAT|O_TRUNC);
1839 * Ensure we can't write on a read-only share or file.
1842 if (flags != O_RDONLY && file_existed &&
1843 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1844 DEBUG(5,("open_file_ntcreate: write access requested for "
1845 "file %s on read only %s\n",
1846 smb_fname_str_dbg(smb_fname),
1847 !CAN_WRITE(conn) ? "share" : "file" ));
1849 return NT_STATUS_ACCESS_DENIED;
1852 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1853 fsp->share_access = share_access;
1854 fsp->fh->private_options = private_flags;
1855 fsp->access_mask = open_access_mask; /* We change this to the
1856 * requested access_mask after
1857 * the open is done. */
1858 fsp->posix_open = posix_open;
1860 /* Ensure no SAMBA_PRIVATE bits can be set. */
1861 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1863 if (timeval_is_zero(&request_time)) {
1864 request_time = fsp->open_time;
1868 struct share_mode_entry *batch_entry = NULL;
1869 struct share_mode_entry *exclusive_entry = NULL;
1870 bool got_level2_oplock = false;
1871 bool got_a_none_oplock = false;
1873 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1874 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1876 lck = get_share_mode_lock(talloc_tos(), id,
1878 smb_fname, &old_write_time);
1881 DEBUG(0, ("Could not get share mode lock\n"));
1882 return NT_STATUS_SHARING_VIOLATION;
1885 /* Get the types we need to examine. */
1886 find_oplock_types(lck,
1890 &got_a_none_oplock);
1892 /* First pass - send break only on batch oplocks. */
1893 if ((req != NULL) &&
1894 delay_for_batch_oplocks(fsp,
1898 schedule_defer_open(lck, request_time, req);
1900 return NT_STATUS_SHARING_VIOLATION;
1903 /* Use the client requested access mask here, not the one we
1905 status = open_mode_check(conn, lck, fsp->name_hash,
1906 access_mask, share_access,
1907 create_options, &file_existed);
1909 if (NT_STATUS_IS_OK(status)) {
1910 /* We might be going to allow this open. Check oplock
1912 /* Second pass - send break for both batch or
1913 * exclusive oplocks. */
1914 if ((req != NULL) &&
1915 delay_for_exclusive_oplocks(
1920 schedule_defer_open(lck, request_time, req);
1922 return NT_STATUS_SHARING_VIOLATION;
1926 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1927 /* DELETE_PENDING is not deferred for a second */
1932 grant_fsp_oplock_type(fsp,
1937 if (!NT_STATUS_IS_OK(status)) {
1938 uint32 can_access_mask;
1939 bool can_access = True;
1941 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1943 /* Check if this can be done with the deny_dos and fcb
1946 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1947 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1949 DEBUG(0, ("DOS open without an SMB "
1952 return NT_STATUS_INTERNAL_ERROR;
1955 /* Use the client requested access mask here,
1956 * not the one we open with. */
1957 status = fcb_or_dos_open(req,
1968 if (NT_STATUS_IS_OK(status)) {
1971 *pinfo = FILE_WAS_OPENED;
1973 return NT_STATUS_OK;
1978 * This next line is a subtlety we need for
1979 * MS-Access. If a file open will fail due to share
1980 * permissions and also for security (access) reasons,
1981 * we need to return the access failed error, not the
1982 * share error. We can't open the file due to kernel
1983 * oplock deadlock (it's possible we failed above on
1984 * the open_mode_check()) so use a userspace check.
1987 if (flags & O_RDWR) {
1988 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1989 } else if (flags & O_WRONLY) {
1990 can_access_mask = FILE_WRITE_DATA;
1992 can_access_mask = FILE_READ_DATA;
1995 if (((can_access_mask & FILE_WRITE_DATA) &&
1996 !CAN_WRITE(conn)) ||
1997 !can_access_file_data(conn, smb_fname,
2003 * If we're returning a share violation, ensure we
2004 * cope with the braindead 1 second delay.
2007 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
2008 lp_defer_sharing_violations()) {
2009 struct timeval timeout;
2010 struct deferred_open_record state;
2013 /* this is a hack to speed up torture tests
2015 timeout_usecs = lp_parm_int(SNUM(conn),
2016 "smbd","sharedelay",
2017 SHARING_VIOLATION_USEC_WAIT);
2019 /* This is a relative time, added to the absolute
2020 request_time value to get the absolute timeout time.
2021 Note that if this is the second or greater time we enter
2022 this codepath for this particular request mid then
2023 request_time is left as the absolute time of the *first*
2024 time this request mid was processed. This is what allows
2025 the request to eventually time out. */
2027 timeout = timeval_set(0, timeout_usecs);
2029 /* Nothing actually uses state.delayed_for_oplocks
2030 but it's handy to differentiate in debug messages
2031 between a 30 second delay due to oplock break, and
2032 a 1 second delay for share mode conflicts. */
2034 state.delayed_for_oplocks = False;
2038 && !request_timed_out(request_time,
2040 defer_open(lck, request_time, timeout,
2048 * We have detected a sharing violation here
2049 * so return the correct error code
2051 status = NT_STATUS_SHARING_VIOLATION;
2053 status = NT_STATUS_ACCESS_DENIED;
2059 * We exit this block with the share entry *locked*.....
2063 SMB_ASSERT(!file_existed || (lck != NULL));
2066 * Ensure we pay attention to default ACLs on directories if required.
2069 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
2070 (def_acl = directory_has_default_acl(conn, parent_dir))) {
2071 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
2074 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
2075 "access_mask = 0x%x, open_access_mask = 0x%x\n",
2076 (unsigned int)flags, (unsigned int)flags2,
2077 (unsigned int)unx_mode, (unsigned int)access_mask,
2078 (unsigned int)open_access_mask));
2081 * open_file strips any O_TRUNC flags itself.
2084 fsp_open = open_file(fsp, conn, req, parent_dir,
2085 flags|flags2, unx_mode, access_mask,
2088 if (!NT_STATUS_IS_OK(fsp_open)) {
2095 if (!file_existed) {
2096 struct share_mode_entry *batch_entry = NULL;
2097 struct share_mode_entry *exclusive_entry = NULL;
2098 bool got_level2_oplock = false;
2099 bool got_a_none_oplock = false;
2100 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2102 * Deal with the race condition where two smbd's detect the
2103 * file doesn't exist and do the create at the same time. One
2104 * of them will win and set a share mode, the other (ie. this
2105 * one) should check if the requested share mode for this
2106 * create is allowed.
2110 * Now the file exists and fsp is successfully opened,
2111 * fsp->dev and fsp->inode are valid and should replace the
2112 * dev=0,inode=0 from a non existent file. Spotted by
2113 * Nadav Danieli <nadavd@exanet.com>. JRA.
2118 lck = get_share_mode_lock(talloc_tos(), id,
2120 smb_fname, &old_write_time);
2123 DEBUG(0, ("open_file_ntcreate: Could not get share "
2124 "mode lock for %s\n",
2125 smb_fname_str_dbg(smb_fname)));
2127 return NT_STATUS_SHARING_VIOLATION;
2130 /* Get the types we need to examine. */
2131 find_oplock_types(lck,
2135 &got_a_none_oplock);
2137 /* First pass - send break only on batch oplocks. */
2138 if ((req != NULL) &&
2139 delay_for_batch_oplocks(fsp,
2143 schedule_defer_open(lck, request_time, req);
2146 return NT_STATUS_SHARING_VIOLATION;
2149 status = open_mode_check(conn, lck, fsp->name_hash,
2150 access_mask, share_access,
2151 create_options, &file_existed);
2153 if (NT_STATUS_IS_OK(status)) {
2154 /* We might be going to allow this open. Check oplock
2156 /* Second pass - send break for both batch or
2157 * exclusive oplocks. */
2158 if ((req != NULL) &&
2159 delay_for_exclusive_oplocks(
2164 schedule_defer_open(lck, request_time, req);
2167 return NT_STATUS_SHARING_VIOLATION;
2171 if (!NT_STATUS_IS_OK(status)) {
2172 struct deferred_open_record state;
2176 state.delayed_for_oplocks = False;
2179 /* Do it all over again immediately. In the second
2180 * round we will find that the file existed and handle
2181 * the DELETE_PENDING and FCB cases correctly. No need
2182 * to duplicate the code here. Essentially this is a
2183 * "goto top of this function", but don't tell
2187 defer_open(lck, request_time, timeval_zero(),
2194 grant_fsp_oplock_type(fsp,
2200 * We exit this block with the share entry *locked*.....
2205 SMB_ASSERT(lck != NULL);
2207 /* Delete streams if create_disposition requires it */
2208 if (file_existed && clear_ads &&
2209 !is_ntfs_stream_smb_fname(smb_fname)) {
2210 status = delete_all_streams(conn, smb_fname->base_name);
2211 if (!NT_STATUS_IS_OK(status)) {
2218 /* note that we ignore failure for the following. It is
2219 basically a hack for NFS, and NFS will never set one of
2220 these only read them. Nobody but Samba can ever set a deny
2221 mode and we have already checked our more authoritative
2222 locking database for permission to set this deny mode. If
2223 the kernel refuses the operations then the kernel is wrong.
2224 note that GPFS supports it as well - jmcd */
2226 if (fsp->fh->fd != -1) {
2228 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2229 if(ret_flock == -1 ){
2234 return NT_STATUS_SHARING_VIOLATION;
2239 * At this point onwards, we can guarentee that the share entry
2240 * is locked, whether we created the file or not, and that the
2241 * deny mode is compatible with all current opens.
2245 * If requested, truncate the file.
2248 if (file_existed && (flags2&O_TRUNC)) {
2250 * We are modifing the file after open - update the stat
2253 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2254 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2255 status = map_nt_error_from_unix(errno);
2263 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2265 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2268 /* stat opens on existing files don't get oplocks. */
2269 if (is_stat_open(open_access_mask)) {
2270 fsp->oplock_type = NO_OPLOCK;
2273 if (!(flags2 & O_TRUNC)) {
2274 info = FILE_WAS_OPENED;
2276 info = FILE_WAS_OVERWRITTEN;
2279 info = FILE_WAS_CREATED;
2287 * Setup the oplock info in both the shared memory and
2291 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2293 * Could not get the kernel oplock or there are byte-range
2294 * locks on the file.
2296 fsp->oplock_type = NO_OPLOCK;
2299 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2300 new_file_created = True;
2303 set_share_mode(lck, fsp, get_current_uid(conn), 0,
2306 /* Handle strange delete on close create semantics. */
2307 if (create_options & FILE_DELETE_ON_CLOSE) {
2309 status = can_set_delete_on_close(fsp, new_dos_attributes);
2311 if (!NT_STATUS_IS_OK(status)) {
2312 /* Remember to delete the mode we just added. */
2313 del_share_mode(lck, fsp);
2318 /* Note that here we set the *inital* delete on close flag,
2319 not the regular one. The magic gets handled in close. */
2320 fsp->initial_delete_on_close = True;
2323 if (new_file_created) {
2324 /* Files should be initially set as archive */
2325 if (lp_map_archive(SNUM(conn)) ||
2326 lp_store_dos_attributes(SNUM(conn))) {
2328 if (file_set_dosmode(conn, smb_fname,
2329 new_dos_attributes | aARCH,
2330 parent_dir, true) == 0) {
2331 unx_mode = smb_fname->st.st_ex_mode;
2337 /* Determine sparse flag. */
2339 /* POSIX opens are sparse by default. */
2340 fsp->is_sparse = true;
2342 fsp->is_sparse = (file_existed &&
2343 (existing_dos_attributes & FILE_ATTRIBUTE_SPARSE));
2347 * Take care of inherited ACLs on created files - if default ACL not
2351 if (!posix_open && !file_existed && !def_acl) {
2353 int saved_errno = errno; /* We might get ENOSYS in the next
2356 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2358 errno = saved_errno; /* Ignore ENOSYS */
2361 } else if (new_unx_mode) {
2365 /* Attributes need changing. File already existed. */
2368 int saved_errno = errno; /* We might get ENOSYS in the
2370 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2372 if (ret == -1 && errno == ENOSYS) {
2373 errno = saved_errno; /* Ignore ENOSYS */
2375 DEBUG(5, ("open_file_ntcreate: reset "
2376 "attributes of file %s to 0%o\n",
2377 smb_fname_str_dbg(smb_fname),
2378 (unsigned int)new_unx_mode));
2379 ret = 0; /* Don't do the fchmod below. */
2384 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2385 DEBUG(5, ("open_file_ntcreate: failed to reset "
2386 "attributes of file %s to 0%o\n",
2387 smb_fname_str_dbg(smb_fname),
2388 (unsigned int)new_unx_mode));
2391 /* If this is a successful open, we must remove any deferred open
2394 del_deferred_open_entry(lck, req->mid,
2395 sconn_server_id(req->sconn));
2399 return NT_STATUS_OK;
2403 /****************************************************************************
2404 Open a file for for write to ensure that we can fchmod it.
2405 ****************************************************************************/
2407 NTSTATUS open_file_fchmod(connection_struct *conn,
2408 struct smb_filename *smb_fname,
2409 files_struct **result)
2411 if (!VALID_STAT(smb_fname->st)) {
2412 return NT_STATUS_INVALID_PARAMETER;
2415 return SMB_VFS_CREATE_FILE(
2418 0, /* root_dir_fid */
2419 smb_fname, /* fname */
2420 FILE_WRITE_DATA, /* access_mask */
2421 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2423 FILE_OPEN, /* create_disposition*/
2424 0, /* create_options */
2425 0, /* file_attributes */
2426 INTERNAL_OPEN_ONLY, /* oplock_request */
2427 0, /* allocation_size */
2428 0, /* private_flags */
2431 result, /* result */
2435 static NTSTATUS mkdir_internal(connection_struct *conn,
2436 struct smb_filename *smb_dname,
2437 uint32 file_attributes)
2442 bool posix_open = false;
2444 if(!CAN_WRITE(conn)) {
2445 DEBUG(5,("mkdir_internal: failing create on read-only share "
2446 "%s\n", lp_servicename(SNUM(conn))));
2447 return NT_STATUS_ACCESS_DENIED;
2450 status = check_name(conn, smb_dname->base_name);
2451 if (!NT_STATUS_IS_OK(status)) {
2455 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2457 return NT_STATUS_NO_MEMORY;
2460 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2462 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2464 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2467 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2468 return map_nt_error_from_unix(errno);
2471 /* Ensure we're checking for a symlink here.... */
2472 /* We don't want to get caught by a symlink racer. */
2474 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2475 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2476 smb_fname_str_dbg(smb_dname), strerror(errno)));
2477 return map_nt_error_from_unix(errno);
2480 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2481 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2482 smb_fname_str_dbg(smb_dname)));
2483 return NT_STATUS_ACCESS_DENIED;
2486 if (lp_store_dos_attributes(SNUM(conn))) {
2488 file_set_dosmode(conn, smb_dname,
2489 file_attributes | aDIR,
2494 if (lp_inherit_perms(SNUM(conn))) {
2495 inherit_access_posix_acl(conn, parent_dir,
2496 smb_dname->base_name, mode);
2501 * Check if high bits should have been set,
2502 * then (if bits are missing): add them.
2503 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2506 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2507 (mode & ~smb_dname->st.st_ex_mode)) {
2508 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2509 (smb_dname->st.st_ex_mode |
2510 (mode & ~smb_dname->st.st_ex_mode)));
2514 /* Change the owner if required. */
2515 if (lp_inherit_owner(SNUM(conn))) {
2516 change_dir_owner_to_parent(conn, parent_dir,
2517 smb_dname->base_name,
2521 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2522 smb_dname->base_name);
2524 return NT_STATUS_OK;
2527 /****************************************************************************
2528 Open a directory from an NT SMB call.
2529 ****************************************************************************/
2531 static NTSTATUS open_directory(connection_struct *conn,
2532 struct smb_request *req,
2533 struct smb_filename *smb_dname,
2535 uint32 share_access,
2536 uint32 create_disposition,
2537 uint32 create_options,
2538 uint32 file_attributes,
2540 files_struct **result)
2542 files_struct *fsp = NULL;
2543 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2544 struct share_mode_lock *lck = NULL;
2546 struct timespec mtimespec;
2549 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2551 /* Ensure we have a directory attribute. */
2552 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2554 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2555 "share_access = 0x%x create_options = 0x%x, "
2556 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2557 smb_fname_str_dbg(smb_dname),
2558 (unsigned int)access_mask,
2559 (unsigned int)share_access,
2560 (unsigned int)create_options,
2561 (unsigned int)create_disposition,
2562 (unsigned int)file_attributes));
2564 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2565 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2566 is_ntfs_stream_smb_fname(smb_dname)) {
2567 DEBUG(2, ("open_directory: %s is a stream name!\n",
2568 smb_fname_str_dbg(smb_dname)));
2569 return NT_STATUS_NOT_A_DIRECTORY;
2572 status = calculate_access_mask(conn, smb_dname, dir_existed,
2573 access_mask, &access_mask);
2574 if (!NT_STATUS_IS_OK(status)) {
2575 DEBUG(10, ("open_directory: calculate_access_mask "
2576 "on file %s returned %s\n",
2577 smb_fname_str_dbg(smb_dname),
2578 nt_errstr(status)));
2582 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2583 !security_token_has_privilege(get_current_nttok(conn),
2584 SEC_PRIV_SECURITY)) {
2585 DEBUG(10, ("open_directory: open on %s "
2586 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2587 smb_fname_str_dbg(smb_dname)));
2588 return NT_STATUS_PRIVILEGE_NOT_HELD;
2591 switch( create_disposition ) {
2595 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2598 info = FILE_WAS_OPENED;
2603 /* If directory exists error. If directory doesn't
2606 status = mkdir_internal(conn, smb_dname,
2609 if (!NT_STATUS_IS_OK(status)) {
2610 DEBUG(2, ("open_directory: unable to create "
2611 "%s. Error was %s\n",
2612 smb_fname_str_dbg(smb_dname),
2613 nt_errstr(status)));
2617 info = FILE_WAS_CREATED;
2622 * If directory exists open. If directory doesn't
2626 status = mkdir_internal(conn, smb_dname,
2629 if (NT_STATUS_IS_OK(status)) {
2630 info = FILE_WAS_CREATED;
2633 if (NT_STATUS_EQUAL(status,
2634 NT_STATUS_OBJECT_NAME_COLLISION)) {
2635 info = FILE_WAS_OPENED;
2636 status = NT_STATUS_OK;
2641 case FILE_SUPERSEDE:
2642 case FILE_OVERWRITE:
2643 case FILE_OVERWRITE_IF:
2645 DEBUG(5,("open_directory: invalid create_disposition "
2646 "0x%x for directory %s\n",
2647 (unsigned int)create_disposition,
2648 smb_fname_str_dbg(smb_dname)));
2649 return NT_STATUS_INVALID_PARAMETER;
2652 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2653 DEBUG(5,("open_directory: %s is not a directory !\n",
2654 smb_fname_str_dbg(smb_dname)));
2655 return NT_STATUS_NOT_A_DIRECTORY;
2658 if (info == FILE_WAS_OPENED) {
2659 uint32_t access_granted = 0;
2660 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2663 /* Were we trying to do a directory open
2664 * for delete and didn't get DELETE
2665 * access (only) ? Check if the
2666 * directory allows DELETE_CHILD.
2668 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2671 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2672 (access_mask & DELETE_ACCESS) &&
2673 (access_granted == DELETE_ACCESS) &&
2674 can_delete_file_in_directory(conn, smb_dname))) {
2675 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2676 "on directory %s\n",
2677 smb_fname_str_dbg(smb_dname)));
2678 status = NT_STATUS_OK;
2681 if (!NT_STATUS_IS_OK(status)) {
2682 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2683 "file %s failed with %s\n",
2684 smb_fname_str_dbg(smb_dname),
2685 nt_errstr(status)));
2690 status = file_new(req, conn, &fsp);
2691 if(!NT_STATUS_IS_OK(status)) {
2696 * Setup the files_struct for it.
2699 fsp->mode = smb_dname->st.st_ex_mode;
2700 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2701 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2702 fsp->file_pid = req ? req->smbpid : 0;
2703 fsp->can_lock = False;
2704 fsp->can_read = False;
2705 fsp->can_write = False;
2707 fsp->share_access = share_access;
2708 fsp->fh->private_options = 0;
2710 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2712 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2713 fsp->print_file = NULL;
2714 fsp->modified = False;
2715 fsp->oplock_type = NO_OPLOCK;
2716 fsp->sent_oplock_break = NO_BREAK_SENT;
2717 fsp->is_directory = True;
2718 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2719 status = fsp_set_smb_fname(fsp, smb_dname);
2720 if (!NT_STATUS_IS_OK(status)) {
2721 file_free(req, fsp);
2725 mtimespec = smb_dname->st.st_ex_mtime;
2728 status = fd_open(conn, fsp, O_RDONLY|O_DIRECTORY, 0);
2729 if (!NT_STATUS_IS_OK(status)) {
2730 DEBUG(5, ("open_directory: Could not open fd for "
2732 smb_fname_str_dbg(smb_dname),
2733 nt_errstr(status)));
2734 file_free(req, fsp);
2739 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2740 conn->connectpath, smb_dname, &mtimespec);
2743 DEBUG(0, ("open_directory: Could not get share mode lock for "
2744 "%s\n", smb_fname_str_dbg(smb_dname)));
2746 file_free(req, fsp);
2747 return NT_STATUS_SHARING_VIOLATION;
2750 status = open_mode_check(conn, lck, fsp->name_hash,
2751 access_mask, share_access,
2752 create_options, &dir_existed);
2754 if (!NT_STATUS_IS_OK(status)) {
2757 file_free(req, fsp);
2761 set_share_mode(lck, fsp, get_current_uid(conn), 0, NO_OPLOCK);
2763 /* For directories the delete on close bit at open time seems
2764 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2765 if (create_options & FILE_DELETE_ON_CLOSE) {
2766 status = can_set_delete_on_close(fsp, 0);
2767 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2770 file_free(req, fsp);
2774 if (NT_STATUS_IS_OK(status)) {
2775 /* Note that here we set the *inital* delete on close flag,
2776 not the regular one. The magic gets handled in close. */
2777 fsp->initial_delete_on_close = True;
2788 return NT_STATUS_OK;
2791 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2792 struct smb_filename *smb_dname)
2797 status = SMB_VFS_CREATE_FILE(
2800 0, /* root_dir_fid */
2801 smb_dname, /* fname */
2802 FILE_READ_ATTRIBUTES, /* access_mask */
2803 FILE_SHARE_NONE, /* share_access */
2804 FILE_CREATE, /* create_disposition*/
2805 FILE_DIRECTORY_FILE, /* create_options */
2806 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2807 0, /* oplock_request */
2808 0, /* allocation_size */
2809 0, /* private_flags */
2815 if (NT_STATUS_IS_OK(status)) {
2816 close_file(req, fsp, NORMAL_CLOSE);
2822 /****************************************************************************
2823 Receive notification that one of our open files has been renamed by another
2825 ****************************************************************************/
2827 void msg_file_was_renamed(struct messaging_context *msg,
2830 struct server_id server_id,
2833 struct smbd_server_connection *sconn;
2835 char *frm = (char *)data->data;
2837 const char *sharepath;
2838 const char *base_name;
2839 const char *stream_name;
2840 struct smb_filename *smb_fname = NULL;
2841 size_t sp_len, bn_len;
2844 sconn = msg_ctx_to_sconn(msg);
2845 if (sconn == NULL) {
2846 DEBUG(1, ("could not find sconn\n"));
2850 if (data->data == NULL
2851 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2852 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2853 (int)data->length));
2857 /* Unpack the message. */
2858 pull_file_id_24(frm, &id);
2859 sharepath = &frm[24];
2860 sp_len = strlen(sharepath);
2861 base_name = sharepath + sp_len + 1;
2862 bn_len = strlen(base_name);
2863 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2865 /* stream_name must always be NULL if there is no stream. */
2866 if (stream_name[0] == '\0') {
2870 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2871 stream_name, NULL, &smb_fname);
2872 if (!NT_STATUS_IS_OK(status)) {
2876 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2878 sharepath, smb_fname_str_dbg(smb_fname),
2879 file_id_string_tos(&id)));
2881 for(fsp = file_find_di_first(sconn, id); fsp;
2882 fsp = file_find_di_next(fsp)) {
2883 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2885 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2886 fsp->fnum, fsp_str_dbg(fsp),
2887 smb_fname_str_dbg(smb_fname)));
2888 status = fsp_set_smb_fname(fsp, smb_fname);
2889 if (!NT_STATUS_IS_OK(status)) {
2894 /* Now we have the complete path we can work out if this is
2895 actually within this share and adjust newname accordingly. */
2896 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2897 "not sharepath %s) "
2898 "fnum %d from %s -> %s\n",
2899 fsp->conn->connectpath,
2903 smb_fname_str_dbg(smb_fname)));
2907 TALLOC_FREE(smb_fname);
2912 * If a main file is opened for delete, all streams need to be checked for
2913 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2914 * If that works, delete them all by setting the delete on close and close.
2917 NTSTATUS open_streams_for_delete(connection_struct *conn,
2920 struct stream_struct *stream_info;
2921 files_struct **streams;
2923 unsigned int num_streams;
2924 TALLOC_CTX *frame = talloc_stackframe();
2927 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2928 &num_streams, &stream_info);
2930 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2931 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2932 DEBUG(10, ("no streams around\n"));
2934 return NT_STATUS_OK;
2937 if (!NT_STATUS_IS_OK(status)) {
2938 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2939 nt_errstr(status)));
2943 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2946 if (num_streams == 0) {
2948 return NT_STATUS_OK;
2951 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2952 if (streams == NULL) {
2953 DEBUG(0, ("talloc failed\n"));
2954 status = NT_STATUS_NO_MEMORY;
2958 for (i=0; i<num_streams; i++) {
2959 struct smb_filename *smb_fname = NULL;
2961 if (strequal(stream_info[i].name, "::$DATA")) {
2966 status = create_synthetic_smb_fname(talloc_tos(), fname,
2967 stream_info[i].name,
2969 if (!NT_STATUS_IS_OK(status)) {
2973 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2974 DEBUG(10, ("Unable to stat stream: %s\n",
2975 smb_fname_str_dbg(smb_fname)));
2978 status = SMB_VFS_CREATE_FILE(
2981 0, /* root_dir_fid */
2982 smb_fname, /* fname */
2983 DELETE_ACCESS, /* access_mask */
2984 (FILE_SHARE_READ | /* share_access */
2985 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2986 FILE_OPEN, /* create_disposition*/
2987 0, /* create_options */
2988 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2989 0, /* oplock_request */
2990 0, /* allocation_size */
2991 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
2994 &streams[i], /* result */
2997 if (!NT_STATUS_IS_OK(status)) {
2998 DEBUG(10, ("Could not open stream %s: %s\n",
2999 smb_fname_str_dbg(smb_fname),
3000 nt_errstr(status)));
3002 TALLOC_FREE(smb_fname);
3005 TALLOC_FREE(smb_fname);
3009 * don't touch the variable "status" beyond this point :-)
3012 for (i -= 1 ; i >= 0; i--) {
3013 if (streams[i] == NULL) {
3017 DEBUG(10, ("Closing stream # %d, %s\n", i,
3018 fsp_str_dbg(streams[i])));
3019 close_file(NULL, streams[i], NORMAL_CLOSE);
3028 * Wrapper around open_file_ntcreate and open_directory
3031 static NTSTATUS create_file_unixpath(connection_struct *conn,
3032 struct smb_request *req,
3033 struct smb_filename *smb_fname,
3034 uint32_t access_mask,
3035 uint32_t share_access,
3036 uint32_t create_disposition,
3037 uint32_t create_options,
3038 uint32_t file_attributes,
3039 uint32_t oplock_request,
3040 uint64_t allocation_size,
3041 uint32_t private_flags,
3042 struct security_descriptor *sd,
3043 struct ea_list *ea_list,
3045 files_struct **result,
3048 int info = FILE_WAS_OPENED;
3049 files_struct *base_fsp = NULL;
3050 files_struct *fsp = NULL;
3053 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
3054 "file_attributes = 0x%x, share_access = 0x%x, "
3055 "create_disposition = 0x%x create_options = 0x%x "
3056 "oplock_request = 0x%x private_flags = 0x%x "
3057 "ea_list = 0x%p, sd = 0x%p, "
3059 (unsigned int)access_mask,
3060 (unsigned int)file_attributes,
3061 (unsigned int)share_access,
3062 (unsigned int)create_disposition,
3063 (unsigned int)create_options,
3064 (unsigned int)oplock_request,
3065 (unsigned int)private_flags,
3066 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3068 if (create_options & FILE_OPEN_BY_FILE_ID) {
3069 status = NT_STATUS_NOT_SUPPORTED;
3073 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
3074 status = NT_STATUS_INVALID_PARAMETER;
3079 oplock_request |= INTERNAL_OPEN_ONLY;
3082 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3083 && (access_mask & DELETE_ACCESS)
3084 && !is_ntfs_stream_smb_fname(smb_fname)) {
3086 * We can't open a file with DELETE access if any of the
3087 * streams is open without FILE_SHARE_DELETE
3089 status = open_streams_for_delete(conn, smb_fname->base_name);
3091 if (!NT_STATUS_IS_OK(status)) {
3096 /* This is the correct thing to do (check every time) but can_delete
3097 * is expensive (it may have to read the parent directory
3098 * permissions). So for now we're not doing it unless we have a strong
3099 * hint the client is really going to delete this file. If the client
3100 * is forcing FILE_CREATE let the filesystem take care of the
3103 /* Setting FILE_SHARE_DELETE is the hint. */
3105 if (lp_acl_check_permissions(SNUM(conn))
3106 && (create_disposition != FILE_CREATE)
3107 && (share_access & FILE_SHARE_DELETE)
3108 && (access_mask & DELETE_ACCESS)
3109 && (!(can_delete_file_in_directory(conn, smb_fname) ||
3110 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
3111 status = NT_STATUS_ACCESS_DENIED;
3112 DEBUG(10,("create_file_unixpath: open file %s "
3113 "for delete ACCESS_DENIED\n",
3114 smb_fname_str_dbg(smb_fname)));
3118 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3119 !security_token_has_privilege(get_current_nttok(conn),
3120 SEC_PRIV_SECURITY)) {
3121 DEBUG(10, ("create_file_unixpath: open on %s "
3122 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
3123 smb_fname_str_dbg(smb_fname)));
3124 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3128 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3129 && is_ntfs_stream_smb_fname(smb_fname)
3130 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3131 uint32 base_create_disposition;
3132 struct smb_filename *smb_fname_base = NULL;
3134 if (create_options & FILE_DIRECTORY_FILE) {
3135 status = NT_STATUS_NOT_A_DIRECTORY;
3139 switch (create_disposition) {
3141 base_create_disposition = FILE_OPEN;
3144 base_create_disposition = FILE_OPEN_IF;
3148 /* Create an smb_filename with stream_name == NULL. */
3149 status = create_synthetic_smb_fname(talloc_tos(),
3150 smb_fname->base_name,
3153 if (!NT_STATUS_IS_OK(status)) {
3157 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3158 DEBUG(10, ("Unable to stat stream: %s\n",
3159 smb_fname_str_dbg(smb_fname_base)));
3162 /* Open the base file. */
3163 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3166 | FILE_SHARE_DELETE,
3167 base_create_disposition,
3168 0, 0, 0, 0, 0, NULL, NULL,
3170 TALLOC_FREE(smb_fname_base);
3172 if (!NT_STATUS_IS_OK(status)) {
3173 DEBUG(10, ("create_file_unixpath for base %s failed: "
3174 "%s\n", smb_fname->base_name,
3175 nt_errstr(status)));
3178 /* we don't need to low level fd */
3183 * If it's a request for a directory open, deal with it separately.
3186 if (create_options & FILE_DIRECTORY_FILE) {
3188 if (create_options & FILE_NON_DIRECTORY_FILE) {
3189 status = NT_STATUS_INVALID_PARAMETER;
3193 /* Can't open a temp directory. IFS kit test. */
3194 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3195 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3196 status = NT_STATUS_INVALID_PARAMETER;
3201 * We will get a create directory here if the Win32
3202 * app specified a security descriptor in the
3203 * CreateDirectory() call.
3207 status = open_directory(
3208 conn, req, smb_fname, access_mask, share_access,
3209 create_disposition, create_options, file_attributes,
3214 * Ordinary file case.
3217 status = file_new(req, conn, &fsp);
3218 if(!NT_STATUS_IS_OK(status)) {
3222 status = fsp_set_smb_fname(fsp, smb_fname);
3223 if (!NT_STATUS_IS_OK(status)) {
3228 * We're opening the stream element of a base_fsp
3229 * we already opened. Set up the base_fsp pointer.
3232 fsp->base_fsp = base_fsp;
3235 status = open_file_ntcreate(conn,
3247 if(!NT_STATUS_IS_OK(status)) {
3248 file_free(req, fsp);
3252 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3254 /* A stream open never opens a directory */
3257 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3262 * Fail the open if it was explicitly a non-directory
3266 if (create_options & FILE_NON_DIRECTORY_FILE) {
3267 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3272 status = open_directory(
3273 conn, req, smb_fname, access_mask,
3274 share_access, create_disposition,
3275 create_options, file_attributes,
3280 if (!NT_STATUS_IS_OK(status)) {
3284 fsp->base_fsp = base_fsp;
3287 * According to the MS documentation, the only time the security
3288 * descriptor is applied to the opened file is iff we *created* the
3289 * file; an existing file stays the same.
3291 * Also, it seems (from observation) that you can open the file with
3292 * any access mask but you can still write the sd. We need to override
3293 * the granted access before we call set_sd
3294 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3297 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3298 && lp_nt_acl_support(SNUM(conn))) {
3300 uint32_t sec_info_sent;
3301 uint32_t saved_access_mask = fsp->access_mask;
3303 sec_info_sent = get_sec_info(sd);
3305 fsp->access_mask = FILE_GENERIC_ALL;
3307 /* Convert all the generic bits. */
3308 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3309 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3311 if (sec_info_sent & (SECINFO_OWNER|
3315 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3318 fsp->access_mask = saved_access_mask;
3320 if (!NT_STATUS_IS_OK(status)) {
3325 if ((ea_list != NULL) &&
3326 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3327 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3328 if (!NT_STATUS_IS_OK(status)) {
3333 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3334 status = NT_STATUS_ACCESS_DENIED;
3338 /* Save the requested allocation size. */
3339 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3341 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3342 fsp->initial_allocation_size = smb_roundup(
3343 fsp->conn, allocation_size);
3344 if (fsp->is_directory) {
3345 /* Can't set allocation size on a directory. */
3346 status = NT_STATUS_ACCESS_DENIED;
3349 if (vfs_allocate_file_space(
3350 fsp, fsp->initial_allocation_size) == -1) {
3351 status = NT_STATUS_DISK_FULL;
3355 fsp->initial_allocation_size = smb_roundup(
3356 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3360 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3363 if (pinfo != NULL) {
3367 smb_fname->st = fsp->fsp_name->st;
3369 return NT_STATUS_OK;
3372 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3375 if (base_fsp && fsp->base_fsp == base_fsp) {
3377 * The close_file below will close
3382 close_file(req, fsp, ERROR_CLOSE);
3385 if (base_fsp != NULL) {
3386 close_file(req, base_fsp, ERROR_CLOSE);
3393 * Calculate the full path name given a relative fid.
3395 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3396 struct smb_request *req,
3397 uint16_t root_dir_fid,
3398 struct smb_filename *smb_fname)
3400 files_struct *dir_fsp;
3401 char *parent_fname = NULL;
3402 char *new_base_name = NULL;
3405 if (root_dir_fid == 0 || !smb_fname) {
3406 status = NT_STATUS_INTERNAL_ERROR;
3410 dir_fsp = file_fsp(req, root_dir_fid);
3412 if (dir_fsp == NULL) {
3413 status = NT_STATUS_INVALID_HANDLE;
3417 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3418 status = NT_STATUS_INVALID_HANDLE;
3422 if (!dir_fsp->is_directory) {
3425 * Check to see if this is a mac fork of some kind.
3428 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3429 is_ntfs_stream_smb_fname(smb_fname)) {
3430 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3435 we need to handle the case when we get a
3436 relative open relative to a file and the
3437 pathname is blank - this is a reopen!
3438 (hint from demyn plantenberg)
3441 status = NT_STATUS_INVALID_HANDLE;
3445 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3447 * We're at the toplevel dir, the final file name
3448 * must not contain ./, as this is filtered out
3449 * normally by srvstr_get_path and unix_convert
3450 * explicitly rejects paths containing ./.
3452 parent_fname = talloc_strdup(talloc_tos(), "");
3453 if (parent_fname == NULL) {
3454 status = NT_STATUS_NO_MEMORY;
3458 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3461 * Copy in the base directory name.
3464 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3466 if (parent_fname == NULL) {
3467 status = NT_STATUS_NO_MEMORY;
3470 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3474 * Ensure it ends in a '/'.
3475 * We used TALLOC_SIZE +2 to add space for the '/'.
3479 && (parent_fname[dir_name_len-1] != '\\')
3480 && (parent_fname[dir_name_len-1] != '/')) {
3481 parent_fname[dir_name_len] = '/';
3482 parent_fname[dir_name_len+1] = '\0';
3486 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3487 smb_fname->base_name);
3488 if (new_base_name == NULL) {
3489 status = NT_STATUS_NO_MEMORY;
3493 TALLOC_FREE(smb_fname->base_name);
3494 smb_fname->base_name = new_base_name;
3495 status = NT_STATUS_OK;
3498 TALLOC_FREE(parent_fname);
3502 NTSTATUS create_file_default(connection_struct *conn,
3503 struct smb_request *req,
3504 uint16_t root_dir_fid,
3505 struct smb_filename *smb_fname,
3506 uint32_t access_mask,
3507 uint32_t share_access,
3508 uint32_t create_disposition,
3509 uint32_t create_options,
3510 uint32_t file_attributes,
3511 uint32_t oplock_request,
3512 uint64_t allocation_size,
3513 uint32_t private_flags,
3514 struct security_descriptor *sd,
3515 struct ea_list *ea_list,
3516 files_struct **result,
3519 int info = FILE_WAS_OPENED;
3520 files_struct *fsp = NULL;
3522 bool stream_name = false;
3524 DEBUG(10,("create_file: access_mask = 0x%x "
3525 "file_attributes = 0x%x, share_access = 0x%x, "
3526 "create_disposition = 0x%x create_options = 0x%x "
3527 "oplock_request = 0x%x "
3528 "private_flags = 0x%x "
3529 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3531 (unsigned int)access_mask,
3532 (unsigned int)file_attributes,
3533 (unsigned int)share_access,
3534 (unsigned int)create_disposition,
3535 (unsigned int)create_options,
3536 (unsigned int)oplock_request,
3537 (unsigned int)private_flags,
3538 (unsigned int)root_dir_fid,
3539 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3542 * Calculate the filename from the root_dir_if if necessary.
3545 if (root_dir_fid != 0) {
3546 status = get_relative_fid_filename(conn, req, root_dir_fid,
3548 if (!NT_STATUS_IS_OK(status)) {
3554 * Check to see if this is a mac fork of some kind.
3557 stream_name = is_ntfs_stream_smb_fname(smb_fname);
3559 enum FAKE_FILE_TYPE fake_file_type;
3561 fake_file_type = is_fake_file(smb_fname);
3563 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3566 * Here we go! support for changing the disk quotas
3569 * We need to fake up to open this MAGIC QUOTA file
3570 * and return a valid FID.
3572 * w2k close this file directly after openening xp
3573 * also tries a QUERY_FILE_INFO on the file and then
3576 status = open_fake_file(req, conn, req->vuid,
3577 fake_file_type, smb_fname,
3579 if (!NT_STATUS_IS_OK(status)) {
3583 ZERO_STRUCT(smb_fname->st);
3587 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3588 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3593 /* All file access must go through check_name() */
3595 status = check_name(conn, smb_fname->base_name);
3596 if (!NT_STATUS_IS_OK(status)) {
3600 if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
3602 smb_fname->stream_name = NULL;
3603 /* We have to handle this error here. */
3604 if (create_options & FILE_DIRECTORY_FILE) {
3605 status = NT_STATUS_NOT_A_DIRECTORY;
3608 if (lp_posix_pathnames()) {
3609 ret = SMB_VFS_LSTAT(conn, smb_fname);
3611 ret = SMB_VFS_STAT(conn, smb_fname);
3614 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
3615 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3620 status = create_file_unixpath(
3621 conn, req, smb_fname, access_mask, share_access,
3622 create_disposition, create_options, file_attributes,
3623 oplock_request, allocation_size, private_flags,
3627 if (!NT_STATUS_IS_OK(status)) {
3632 DEBUG(10, ("create_file: info=%d\n", info));
3635 if (pinfo != NULL) {
3638 return NT_STATUS_OK;
3641 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3644 close_file(req, fsp, ERROR_CLOSE);
git.samba.org / mat / samba.git / blob