*/
#include "includes.h"
+#include "system/passwd.h"
#include "auth/auth.h"
#include "vfs_posix.h"
#include "librpc/gen_ndr/xattr.h"
#include "libcli/security/security.h"
#include "param/param.h"
#include "../lib/util/unix_privs.h"
-
-#if defined(UID_WRAPPER)
-#if !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE)
-#define UID_WRAPPER_REPLACE
-#include "../uid_wrapper/uid_wrapper.h"
-#endif
-#else
-#define uwrap_enabled() 0
-#endif
+#include "lib/util/samba_module.h"
/* the list of currently registered ACL backends */
static struct pvfs_acl_backend {
return NULL;
}
-NTSTATUS pvfs_acl_init(struct loadparm_context *lp_ctx)
+NTSTATUS pvfs_acl_init(void)
{
static bool initialized = false;
#define _MODULE_PROTO(init) extern NTSTATUS init(void);
STATIC_pvfs_acl_MODULES_PROTO;
- init_module_fn static_init[] = { STATIC_pvfs_acl_MODULES };
- init_module_fn *shared_init;
+ samba_module_init_fn static_init[] = { STATIC_pvfs_acl_MODULES };
+ samba_module_init_fn *shared_init;
if (initialized) return NT_STATUS_OK;
initialized = true;
- shared_init = load_samba_modules(NULL, lp_ctx, "pvfs_acl");
+ shared_init = samba_modules_load(NULL, "pvfs_acl");
- run_init_functions(static_init);
- run_init_functions(shared_init);
+ samba_module_init_fns_run(static_init);
+ samba_module_init_fns_run(shared_init);
talloc_free(shared_init);
return NT_STATUS_ACCESS_DENIED;
}
- if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) {
+ if (pvfs->ntvfs->ctx->protocol < PROTOCOL_SMB2_02) {
/* on SMB, this bit is always granted, even if not
asked for */
*access_mask |= SEC_FILE_READ_ATTRIBUTE;
bool allow_delete = false;
/* on SMB2 a blank access mask is always denied */
- if (pvfs->ntvfs->ctx->protocol == PROTOCOL_SMB2 &&
+ if (pvfs->ntvfs->ctx->protocol >= PROTOCOL_SMB2_02 &&
*access_mask == 0) {
return NT_STATUS_ACCESS_DENIED;
}
/* expand the generic access bits to file specific bits */
*access_mask = pvfs_translate_mask(*access_mask);
- if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) {
+ if (pvfs->ntvfs->ctx->protocol < PROTOCOL_SMB2_02) {
*access_mask &= ~SEC_FILE_READ_ATTRIBUTE;
}
status = se_access_check(sd, token, *access_mask, access_mask);
talloc_free(acl);
done:
- if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) {
+ if (pvfs->ntvfs->ctx->protocol < PROTOCOL_SMB2_02) {
/* on SMB, this bit is always granted, even if not
asked for */
*access_mask |= SEC_FILE_READ_ATTRIBUTE;
status = pvfs_resolve_parent(pvfs, req, name, &parent);
NT_STATUS_NOT_OK_RETURN(status);
- if (name->dos.attrib & FILE_ATTRIBUTE_DIRECTORY) {
+ if (container) {
parent_mask = SEC_DIR_ADD_SUBDIR;
} else {
parent_mask = SEC_DIR_ADD_FILE;
*access_mask &= ~SEC_FLAG_MAXIMUM_ALLOWED;
}
- if (pvfs->ntvfs->ctx->protocol != PROTOCOL_SMB2) {
+ if (pvfs->ntvfs->ctx->protocol < PROTOCOL_SMB2_02) {
/* on SMB, this bit is always granted, even if not
asked for */
*access_mask |= SEC_FILE_READ_ATTRIBUTE;
git.samba.org / kai / samba.git / blobdiff