2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1992-2007.
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "system/filesys.h"
24 #include "lib/util/server_id.h"
26 #include "locking/share_mode_lock.h"
27 #include "smbd/smbd.h"
28 #include "smbd/globals.h"
29 #include "smbd/scavenger.h"
30 #include "fake_file.h"
31 #include "transfer_file.h"
34 #include "../librpc/gen_ndr/open_files.h"
35 #include "lib/util/tevent_ntstatus.h"
37 /****************************************************************************
38 Run a file if it is a magic script.
39 ****************************************************************************/
41 static NTSTATUS check_magic(struct files_struct *fsp)
44 const struct loadparm_substitution *lp_sub =
45 loadparm_s3_global_substitution();
46 const char *magic_output = NULL;
49 TALLOC_CTX *ctx = NULL;
51 struct connection_struct *conn = fsp->conn;
55 if (!*lp_magic_script(talloc_tos(), lp_sub, SNUM(conn))) {
59 DEBUG(5,("checking magic for %s\n", fsp_str_dbg(fsp)));
61 ctx = talloc_stackframe();
63 fname = fsp->fsp_name->base_name;
65 if (!(p = strrchr_m(fname,'/'))) {
71 if (!strequal(lp_magic_script(talloc_tos(), lp_sub, SNUM(conn)),p)) {
72 status = NT_STATUS_OK;
76 if (*lp_magic_output(talloc_tos(), lp_sub, SNUM(conn))) {
77 magic_output = lp_magic_output(talloc_tos(), lp_sub, SNUM(conn));
79 magic_output = talloc_asprintf(ctx,
84 status = NT_STATUS_NO_MEMORY;
88 /* Ensure we don't depend on user's PATH. */
89 p = talloc_asprintf(ctx, "./%s", fname);
91 status = NT_STATUS_NO_MEMORY;
95 if (chmod(fname, 0755) == -1) {
96 status = map_nt_error_from_unix(errno);
99 ret = smbrun(p, &tmp_fd, NULL);
100 DEBUG(3,("Invoking magic command %s gave %d\n",
104 if (ret != 0 || tmp_fd == -1) {
108 status = NT_STATUS_UNSUCCESSFUL;
111 outfd = open(magic_output, O_CREAT|O_EXCL|O_RDWR, 0600);
115 status = map_nt_error_from_unix(err);
119 if (sys_fstat(tmp_fd, &st, false) == -1) {
123 status = map_nt_error_from_unix(err);
127 if (transfer_file(tmp_fd,outfd,(off_t)st.st_ex_size) == (off_t)-1) {
131 status = map_nt_error_from_unix(err);
135 if (close(outfd) == -1) {
136 status = map_nt_error_from_unix(errno);
140 status = NT_STATUS_OK;
147 /****************************************************************************
149 ****************************************************************************/
151 NTSTATUS delete_all_streams(connection_struct *conn,
152 const struct smb_filename *smb_fname)
154 struct stream_struct *stream_info = NULL;
156 unsigned int num_streams = 0;
157 TALLOC_CTX *frame = talloc_stackframe();
160 status = vfs_streaminfo(conn, NULL, smb_fname, talloc_tos(),
161 &num_streams, &stream_info);
163 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
164 DEBUG(10, ("no streams around\n"));
169 if (!NT_STATUS_IS_OK(status)) {
170 DEBUG(10, ("vfs_streaminfo failed: %s\n",
175 DEBUG(10, ("delete_all_streams found %d streams\n",
178 if (num_streams == 0) {
183 for (i=0; i<num_streams; i++) {
185 struct smb_filename *smb_fname_stream;
187 if (strequal(stream_info[i].name, "::$DATA")) {
191 status = synthetic_pathref(talloc_tos(),
193 smb_fname->base_name,
198 ~SMB_FILENAME_POSIX_PATH),
200 if (!NT_STATUS_IS_OK(status)) {
201 DEBUG(0, ("talloc_aprintf failed\n"));
202 status = NT_STATUS_NO_MEMORY;
206 res = SMB_VFS_UNLINKAT(conn,
212 status = map_nt_error_from_unix(errno);
213 DEBUG(10, ("Could not delete stream %s: %s\n",
214 smb_fname_str_dbg(smb_fname_stream),
216 TALLOC_FREE(smb_fname_stream);
219 TALLOC_FREE(smb_fname_stream);
227 struct has_other_nonposix_opens_state {
232 static bool has_other_nonposix_opens_fn(
233 struct share_mode_entry *e,
237 struct has_other_nonposix_opens_state *state = private_data;
238 struct files_struct *fsp = state->fsp;
240 if (e->name_hash != fsp->name_hash) {
243 if ((fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) &&
244 (e->flags & SHARE_MODE_FLAG_POSIX_OPEN)) {
247 if (e->share_file_id == fh_get_gen_id(fsp->fh)) {
248 struct server_id self = messaging_server_id(
249 fsp->conn->sconn->msg_ctx);
250 if (server_id_equal(&self, &e->pid)) {
254 if (share_entry_stale_pid(e)) {
258 state->found_another = true;
262 bool has_other_nonposix_opens(struct share_mode_lock *lck,
263 struct files_struct *fsp)
265 struct has_other_nonposix_opens_state state = { .fsp = fsp };
268 ok = share_mode_forall_entries(
269 lck, has_other_nonposix_opens_fn, &state);
273 return state.found_another;
276 /****************************************************************************
277 Deal with removing a share mode on last close.
278 ****************************************************************************/
280 static NTSTATUS close_remove_share_mode(files_struct *fsp,
281 enum file_close_type close_type)
283 connection_struct *conn = fsp->conn;
284 bool delete_file = false;
285 bool changed_user = false;
286 struct share_mode_lock *lck = NULL;
287 NTSTATUS status = NT_STATUS_OK;
290 const struct security_unix_token *del_token = NULL;
291 const struct security_token *del_nt_token = NULL;
292 struct smb_filename *parent_fname = NULL;
293 struct smb_filename *base_fname = NULL;
294 bool got_tokens = false;
298 /* Ensure any pending write time updates are done. */
299 if (fsp->update_write_time_event) {
300 fsp_flush_write_time_update(fsp);
304 * Lock the share entries, and determine if we should delete
305 * on close. If so delete whilst the lock is still in effect.
306 * This prevents race conditions with the file being created. JRA.
309 lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id);
311 DEBUG(0, ("close_remove_share_mode: Could not get share mode "
312 "lock for file %s\n", fsp_str_dbg(fsp)));
313 return NT_STATUS_INVALID_PARAMETER;
316 /* Remove the oplock before potentially deleting the file. */
317 if(fsp->oplock_type) {
321 if (fsp->fsp_flags.write_time_forced) {
322 NTTIME mtime = share_mode_changed_write_time(lck);
323 struct timespec ts = nt_time_to_full_timespec(mtime);
325 DEBUG(10,("close_remove_share_mode: write time forced "
328 set_close_write_time(fsp, ts);
329 } else if (fsp->fsp_flags.update_write_time_on_close) {
330 /* Someone had a pending write. */
331 if (is_omit_timespec(&fsp->close_write_time)) {
332 DEBUG(10,("close_remove_share_mode: update to current time "
335 /* Update to current time due to "normal" write. */
336 set_close_write_time(fsp, timespec_current());
338 DEBUG(10,("close_remove_share_mode: write time pending "
341 /* Update to time set on close call. */
342 set_close_write_time(fsp, fsp->close_write_time);
346 if (fsp->fsp_flags.initial_delete_on_close &&
347 !is_delete_on_close_set(lck, fsp->name_hash)) {
348 /* Initial delete on close was set and no one else
349 * wrote a real delete on close. */
351 fsp->fsp_flags.delete_on_close = true;
352 set_delete_on_close_lck(fsp, lck,
353 fsp->conn->session_info->security_token,
354 fsp->conn->session_info->unix_token);
357 delete_file = is_delete_on_close_set(lck, fsp->name_hash) &&
358 !has_other_nonposix_opens(lck, fsp);
361 * NT can set delete_on_close of the last open
362 * reference to a file.
365 normal_close = (close_type == NORMAL_CLOSE || close_type == SHUTDOWN_CLOSE);
367 if (!normal_close || !delete_file) {
368 status = NT_STATUS_OK;
373 * Ok, we have to delete the file
376 DEBUG(5,("close_remove_share_mode: file %s. Delete on close was set "
377 "- deleting file.\n", fsp_str_dbg(fsp)));
380 * Don't try to update the write time when we delete the file
382 fsp->fsp_flags.update_write_time_on_close = false;
384 got_tokens = get_delete_on_close_token(lck, fsp->name_hash,
385 &del_nt_token, &del_token);
386 SMB_ASSERT(got_tokens);
388 if (!unix_token_equal(del_token, get_current_utok(conn))) {
389 /* Become the user who requested the delete. */
391 DEBUG(5,("close_remove_share_mode: file %s. "
392 "Change user to uid %u\n",
394 (unsigned int)del_token->uid));
396 if (!push_sec_ctx()) {
397 smb_panic("close_remove_share_mode: file %s. failed to push "
401 set_sec_ctx(del_token->uid,
410 /* We can only delete the file if the name we have is still valid and
411 hasn't been renamed. */
413 tmp_status = vfs_stat_fsp(fsp);
414 if (!NT_STATUS_IS_OK(tmp_status)) {
415 DEBUG(5,("close_remove_share_mode: file %s. Delete on close "
416 "was set and stat failed with error %s\n",
417 fsp_str_dbg(fsp), nt_errstr(tmp_status)));
419 * Don't save the errno here, we ignore this error
424 id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
426 if (!file_id_equal(&fsp->file_id, &id)) {
427 struct file_id_buf ftmp1, ftmp2;
428 DEBUG(5,("close_remove_share_mode: file %s. Delete on close "
429 "was set and dev and/or inode does not match\n",
431 DEBUG(5,("close_remove_share_mode: file %s. stored file_id %s, "
434 file_id_str_buf(fsp->file_id, &ftmp1),
435 file_id_str_buf(id, &ftmp2)));
437 * Don't save the errno here, we ignore this error
442 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
443 && !is_ntfs_stream_smb_fname(fsp->fsp_name)) {
445 status = delete_all_streams(conn, fsp->fsp_name);
447 if (!NT_STATUS_IS_OK(status)) {
448 DEBUG(5, ("delete_all_streams failed: %s\n",
454 if (fsp->fsp_flags.kernel_share_modes_taken) {
458 * A file system sharemode could block the unlink;
459 * remove filesystem sharemodes first.
461 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, 0, 0);
462 if (ret_flock == -1) {
463 DBG_INFO("removing kernel flock for %s failed: %s\n",
464 fsp_str_dbg(fsp), strerror(errno));
467 fsp->fsp_flags.kernel_share_modes_taken = false;
470 status = parent_pathref(talloc_tos(),
475 if (!NT_STATUS_IS_OK(status)) {
479 ret = SMB_VFS_UNLINKAT(conn,
483 TALLOC_FREE(parent_fname);
487 * This call can potentially fail as another smbd may
488 * have had the file open with delete on close set and
489 * deleted it when its last reference to this file
490 * went away. Hence we log this but not at debug level
494 DEBUG(5,("close_remove_share_mode: file %s. Delete on close "
495 "was set and unlink failed with error %s\n",
496 fsp_str_dbg(fsp), strerror(errno)));
498 status = map_nt_error_from_unix(errno);
501 /* As we now have POSIX opens which can unlink
502 * with other open files we may have taken
503 * this code path with more than one share mode
504 * entry - ensure we only delete once by resetting
505 * the delete on close flag. JRA.
508 fsp->fsp_flags.delete_on_close = false;
509 reset_delete_on_close_lck(fsp, lck);
518 if (fsp->fsp_flags.kernel_share_modes_taken) {
521 /* remove filesystem sharemodes */
522 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, 0, 0);
523 if (ret_flock == -1) {
524 DEBUG(2, ("close_remove_share_mode: removing kernel "
525 "flock for %s failed: %s\n",
526 fsp_str_dbg(fsp), strerror(errno)));
530 if (!del_share_mode(lck, fsp)) {
531 DEBUG(0, ("close_remove_share_mode: Could not delete share "
532 "entry for file %s\n", fsp_str_dbg(fsp)));
539 * Do the notification after we released the share
540 * mode lock. Inside notify_fname we take out another
541 * tdb lock. With ctdb also accessing our databases,
542 * this can lead to deadlocks. Putting this notify
543 * after the TALLOC_FREE(lck) above we avoid locking
544 * two records simultaneously. Notifies are async and
545 * informational only, so calling the notify_fname
546 * without holding the share mode lock should not do
549 notify_fname(conn, NOTIFY_ACTION_REMOVED,
550 FILE_NOTIFY_CHANGE_FILE_NAME,
551 fsp->fsp_name->base_name);
557 void set_close_write_time(struct files_struct *fsp, struct timespec ts)
559 DEBUG(6,("close_write_time: %s" , time_to_asc(convert_timespec_to_time_t(ts))));
561 if (is_omit_timespec(&ts)) {
564 fsp->fsp_flags.write_time_forced = false;
565 fsp->fsp_flags.update_write_time_on_close = true;
566 fsp->close_write_time = ts;
569 static NTSTATUS update_write_time_on_close(struct files_struct *fsp)
571 struct smb_file_time ft;
573 struct share_mode_lock *lck = NULL;
575 init_smb_file_time(&ft);
577 if (!(fsp->fsp_flags.update_write_time_on_close)) {
581 if (is_omit_timespec(&fsp->close_write_time)) {
582 fsp->close_write_time = timespec_current();
585 /* Ensure we have a valid stat struct for the source. */
586 status = vfs_stat_fsp(fsp);
587 if (!NT_STATUS_IS_OK(status)) {
591 if (!VALID_STAT(fsp->fsp_name->st)) {
592 /* if it doesn't seem to be a real file */
597 * get_existing_share_mode_lock() isn't really the right
598 * call here, as we're being called after
599 * close_remove_share_mode() inside close_normal_file()
600 * so it's quite normal to not have an existing share
601 * mode here. However, get_share_mode_lock() doesn't
602 * work because that will create a new share mode if
603 * one doesn't exist - so stick with this call (just
604 * ignore any error we get if the share mode doesn't
608 lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id);
610 NTTIME share_mtime = share_mode_changed_write_time(lck);
611 /* On close if we're changing the real file time we
612 * must update it in the open file db too. */
613 (void)set_write_time(fsp->file_id, fsp->close_write_time);
615 /* Close write times overwrite sticky write times
616 so we must replace any sticky write time here. */
617 if (!null_nttime(share_mtime)) {
618 (void)set_sticky_write_time(fsp->file_id, fsp->close_write_time);
623 ft.mtime = fsp->close_write_time;
624 /* As this is a close based update, we are not directly changing the
625 file attributes from a client call, but indirectly from a write. */
626 status = smb_set_file_time(fsp->conn, fsp, fsp->fsp_name, &ft, false);
627 if (!NT_STATUS_IS_OK(status)) {
628 DEBUG(10,("update_write_time_on_close: smb_set_file_time "
629 "on file %s returned %s\n",
638 static NTSTATUS ntstatus_keeperror(NTSTATUS s1, NTSTATUS s2)
640 if (!NT_STATUS_IS_OK(s1)) {
646 static void assert_no_pending_aio(struct files_struct *fsp,
647 enum file_close_type close_type)
649 struct smbXsrv_client *client = global_smbXsrv_client;
650 size_t num_connections_alive;
651 unsigned num_requests = fsp->num_aio_requests;
653 if (num_requests == 0) {
657 num_connections_alive = smbXsrv_client_valid_connections(client);
659 if (close_type == SHUTDOWN_CLOSE && num_connections_alive == 0) {
661 * fsp->aio_requests and the contents (fsp->aio_requests[x])
662 * are both independently owned by fsp and are not in a
663 * talloc heirarchy. This allows the fsp->aio_requests array to
664 * be reallocated independently of the array contents so it can
667 * This means we must ensure order of deallocation
668 * on a SHUTDOWN_CLOSE by deallocating the fsp->aio_requests[x]
669 * contents first, as their destructors access the
670 * fsp->aio_request array. If we don't deallocate them
671 * first, when fsp is deallocated fsp->aio_requests
672 * could have been deallocated *before* its contents
673 * fsp->aio_requests[x], causing a crash.
675 while (fsp->num_aio_requests != 0) {
678 * talloc_free(fsp->aio_requests[0]),
679 * and *NOT* TALLOC_FREE() here, as
680 * TALLOC_FREE(fsp->aio_requests[0])
681 * will overwrite any new contents of
682 * fsp->aio_requests[0] that were
683 * copied into it via the destructor
684 * aio_del_req_from_fsp().
686 * BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515
688 talloc_free(fsp->aio_requests[0]);
693 DBG_ERR("fsp->num_aio_requests=%u\n", num_requests);
694 smb_panic("can not close with outstanding aio requests");
698 /****************************************************************************
701 close_type can be NORMAL_CLOSE=0,SHUTDOWN_CLOSE,ERROR_CLOSE.
702 printing and magic scripts are only run on normal close.
703 delete on close is done on normal and shutdown close.
704 ****************************************************************************/
706 static NTSTATUS close_normal_file(struct smb_request *req, files_struct *fsp,
707 enum file_close_type close_type)
709 NTSTATUS status = NT_STATUS_OK;
711 connection_struct *conn = fsp->conn;
712 bool is_durable = false;
714 SMB_ASSERT(fsp->fsp_flags.is_fsa);
716 assert_no_pending_aio(fsp, close_type);
718 while (talloc_array_length(fsp->blocked_smb1_lock_reqs) != 0) {
719 smbd_smb1_brl_finish_by_req(
720 fsp->blocked_smb1_lock_reqs[0],
721 NT_STATUS_RANGE_NOT_LOCKED);
725 * If we're flushing on a close we can get a write
726 * error here, we must remember this.
729 if (NT_STATUS_IS_OK(status) && fsp->op != NULL) {
730 is_durable = fsp->op->global->durable;
733 if (close_type != SHUTDOWN_CLOSE) {
738 DATA_BLOB new_cookie = data_blob_null;
740 tmp = SMB_VFS_DURABLE_DISCONNECT(fsp,
741 fsp->op->global->backend_cookie,
744 if (NT_STATUS_IS_OK(tmp)) {
749 tv = req->request_time;
751 tv = timeval_current();
753 now = timeval_to_nttime(&tv);
755 data_blob_free(&fsp->op->global->backend_cookie);
756 fsp->op->global->backend_cookie = new_cookie;
758 fsp->op->compat = NULL;
759 tmp = smbXsrv_open_close(fsp->op, now);
760 if (!NT_STATUS_IS_OK(tmp)) {
761 DEBUG(1, ("Failed to update smbXsrv_open "
762 "record when disconnecting durable "
763 "handle for file %s: %s - "
764 "proceeding with normal close\n",
765 fsp_str_dbg(fsp), nt_errstr(tmp)));
767 scavenger_schedule_disconnected(fsp);
769 DEBUG(1, ("Failed to disconnect durable handle for "
770 "file %s: %s - proceeding with normal "
771 "close\n", fsp_str_dbg(fsp), nt_errstr(tmp)));
773 if (!NT_STATUS_IS_OK(tmp)) {
780 * This is the case where we successfully disconnected
781 * a durable handle and closed the underlying file.
782 * In all other cases, we proceed with a genuine close.
784 DEBUG(10, ("%s disconnected durable handle for file %s\n",
785 conn->session_info->unix_info->unix_name,
791 if (fsp->op != NULL) {
793 * Make sure the handle is not marked as durable anymore
795 fsp->op->global->durable = false;
798 /* If this is an old DOS or FCB open and we have multiple opens on
799 the same handle we only have one share mode. Ensure we only remove
800 the share mode on the last close. */
802 if (fh_get_refcount(fsp->fh) == 1) {
803 /* Should we return on error here... ? */
804 tmp = close_remove_share_mode(fsp, close_type);
805 status = ntstatus_keeperror(status, tmp);
808 locking_close_file(fsp, close_type);
811 * Ensure pending modtime is set before closing underlying fd.
814 tmp = update_write_time_on_close(fsp);
815 if (NT_STATUS_EQUAL(tmp, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
817 * Someone renamed the file or a parent directory containing
818 * this file. We can't do anything about this, eat the error.
822 status = ntstatus_keeperror(status, tmp);
825 status = ntstatus_keeperror(status, tmp);
827 /* check for magic scripts */
828 if (close_type == NORMAL_CLOSE) {
829 tmp = check_magic(fsp);
830 status = ntstatus_keeperror(status, tmp);
833 DEBUG(2,("%s closed file %s (numopen=%d) %s\n",
834 conn->session_info->unix_info->unix_name, fsp_str_dbg(fsp),
835 conn->num_files_open - 1,
836 nt_errstr(status) ));
841 /****************************************************************************
842 Function used by reply_rmdir to delete an entire directory
843 tree recursively. Return True on ok, False on fail.
844 ****************************************************************************/
846 bool recursive_rmdir(TALLOC_CTX *ctx,
847 connection_struct *conn,
848 struct smb_filename *smb_dname)
850 const char *dname = NULL;
851 char *talloced = NULL;
855 struct smb_Dir *dir_hnd;
856 struct files_struct *dirfsp = NULL;
860 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
862 dir_hnd = OpenDir(talloc_tos(), conn, smb_dname, NULL, 0);
866 dirfsp = dir_hnd_fetch_fsp(dir_hnd);
868 while ((dname = ReadDirName(dir_hnd, &offset, &st, &talloced))) {
869 struct smb_filename *atname = NULL;
870 struct smb_filename *smb_dname_full = NULL;
871 char *fullname = NULL;
872 bool do_break = true;
873 int unlink_flags = 0;
875 if (ISDOT(dname) || ISDOTDOT(dname)) {
876 TALLOC_FREE(talloced);
880 if (!is_visible_file(conn,
885 TALLOC_FREE(talloced);
889 /* Construct the full name. */
890 fullname = talloc_asprintf(ctx,
892 smb_dname->base_name,
899 smb_dname_full = synthetic_smb_fname(talloc_tos(),
905 if (smb_dname_full == NULL) {
910 if (SMB_VFS_LSTAT(conn, smb_dname_full) != 0) {
914 if (smb_dname_full->st.st_ex_mode & S_IFDIR) {
915 if (!recursive_rmdir(ctx, conn, smb_dname_full)) {
918 unlink_flags = AT_REMOVEDIR;
921 status = synthetic_pathref(talloc_tos(),
926 smb_dname_full->twrp,
927 smb_dname_full->flags,
929 if (!NT_STATUS_IS_OK(status)) {
930 errno = map_errno_from_nt_status(status);
934 retval = SMB_VFS_UNLINKAT(conn,
942 /* Successful iteration. */
946 TALLOC_FREE(smb_dname_full);
947 TALLOC_FREE(fullname);
948 TALLOC_FREE(talloced);
955 TALLOC_FREE(dir_hnd);
959 /****************************************************************************
960 The internals of the rmdir code - called elsewhere.
961 ****************************************************************************/
963 static NTSTATUS rmdir_internals(TALLOC_CTX *ctx, struct files_struct *fsp)
965 struct connection_struct *conn = fsp->conn;
966 struct smb_filename *smb_dname = fsp->fsp_name;
967 struct smb_filename *parent_fname = NULL;
968 struct smb_filename *at_fname = NULL;
969 const struct loadparm_substitution *lp_sub =
970 loadparm_s3_global_substitution();
972 const char *dname = NULL;
973 char *talloced = NULL;
975 struct smb_Dir *dir_hnd = NULL;
976 struct files_struct *dirfsp = NULL;
977 int unlink_flags = 0;
981 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
983 status = parent_pathref(talloc_tos(),
988 if (!NT_STATUS_IS_OK(status)) {
993 * Todo: use SMB_VFS_STATX() once it's available.
996 /* Might be a symlink. */
997 ret = SMB_VFS_LSTAT(conn, smb_dname);
999 TALLOC_FREE(parent_fname);
1000 return map_nt_error_from_unix(errno);
1003 if (S_ISLNK(smb_dname->st.st_ex_mode)) {
1004 /* Is what it points to a directory ? */
1005 ret = SMB_VFS_STAT(conn, smb_dname);
1007 TALLOC_FREE(parent_fname);
1008 return map_nt_error_from_unix(errno);
1010 if (!(S_ISDIR(smb_dname->st.st_ex_mode))) {
1011 TALLOC_FREE(parent_fname);
1012 return NT_STATUS_NOT_A_DIRECTORY;
1015 unlink_flags = AT_REMOVEDIR;
1018 ret = SMB_VFS_UNLINKAT(conn,
1023 TALLOC_FREE(parent_fname);
1024 notify_fname(conn, NOTIFY_ACTION_REMOVED,
1025 FILE_NOTIFY_CHANGE_DIR_NAME,
1026 smb_dname->base_name);
1027 return NT_STATUS_OK;
1030 if (!((errno == ENOTEMPTY) || (errno == EEXIST)) ||
1031 !*lp_veto_files(talloc_tos(), lp_sub, SNUM(conn)))
1033 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
1034 "%s\n", smb_fname_str_dbg(smb_dname),
1036 TALLOC_FREE(parent_fname);
1037 return map_nt_error_from_unix(errno);
1041 * Check to see if the only thing in this directory are
1042 * vetoed files/directories. If so then delete them and
1043 * retry. If we fail to delete any of them (and we *don't*
1044 * do a recursive delete) then fail the rmdir.
1047 dir_hnd = OpenDir(talloc_tos(), conn, smb_dname, NULL, 0);
1048 if (dir_hnd == NULL) {
1053 while ((dname = ReadDirName(dir_hnd, &dirpos, &st, &talloced)) != NULL) {
1054 if ((strcmp(dname, ".") == 0) ||
1055 (strcmp(dname, "..") == 0))
1057 TALLOC_FREE(talloced);
1060 if (!is_visible_file(conn,
1066 TALLOC_FREE(talloced);
1069 if (!IS_VETO_PATH(conn, dname)) {
1070 TALLOC_FREE(dir_hnd);
1071 TALLOC_FREE(talloced);
1075 TALLOC_FREE(talloced);
1078 /* We only have veto files/directories.
1079 * Are we allowed to delete them ? */
1081 if (!lp_delete_veto_files(SNUM(conn))) {
1082 TALLOC_FREE(dir_hnd);
1087 /* Do a recursive delete. */
1088 RewindDir(dir_hnd,&dirpos);
1089 dirfsp = dir_hnd_fetch_fsp(dir_hnd);
1091 while ((dname = ReadDirName(dir_hnd, &dirpos, &st, &talloced)) != NULL) {
1092 struct smb_filename *direntry_fname = NULL;
1093 struct smb_filename *smb_dname_full = NULL;
1094 char *fullname = NULL;
1095 bool do_break = true;
1098 if (ISDOT(dname) || ISDOTDOT(dname)) {
1099 TALLOC_FREE(talloced);
1102 if (!is_visible_file(conn,
1108 TALLOC_FREE(talloced);
1112 fullname = talloc_asprintf(ctx,
1114 smb_dname->base_name,
1117 if (fullname == NULL) {
1122 smb_dname_full = synthetic_smb_fname(talloc_tos(),
1128 if (smb_dname_full == NULL) {
1134 * Todo: use SMB_VFS_STATX() once that's available.
1137 ret = SMB_VFS_LSTAT(conn, smb_dname_full);
1144 if (smb_dname_full->st.st_ex_mode & S_IFDIR) {
1145 if (!recursive_rmdir(ctx, conn,
1150 unlink_flags = AT_REMOVEDIR;
1153 status = synthetic_pathref(talloc_tos(),
1161 if (!NT_STATUS_IS_OK(status)) {
1162 errno = map_errno_from_nt_status(status);
1166 retval = SMB_VFS_UNLINKAT(conn,
1174 /* Successful iteration. */
1178 TALLOC_FREE(fullname);
1179 TALLOC_FREE(smb_dname_full);
1180 TALLOC_FREE(talloced);
1181 TALLOC_FREE(direntry_fname);
1187 /* Retry the rmdir */
1188 ret = SMB_VFS_UNLINKAT(conn,
1193 TALLOC_FREE(dir_hnd);
1196 TALLOC_FREE(parent_fname);
1199 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
1200 "%s\n", smb_fname_str_dbg(smb_dname),
1202 return map_nt_error_from_unix(errno);
1205 notify_fname(conn, NOTIFY_ACTION_REMOVED,
1206 FILE_NOTIFY_CHANGE_DIR_NAME,
1207 smb_dname->base_name);
1209 return NT_STATUS_OK;
1212 /****************************************************************************
1213 Close a directory opened by an NT SMB call.
1214 ****************************************************************************/
1216 static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
1217 enum file_close_type close_type)
1219 struct share_mode_lock *lck = NULL;
1220 bool delete_dir = False;
1221 NTSTATUS status = NT_STATUS_OK;
1222 NTSTATUS status1 = NT_STATUS_OK;
1223 const struct security_token *del_nt_token = NULL;
1224 const struct security_unix_token *del_token = NULL;
1225 NTSTATUS notify_status;
1227 SMB_ASSERT(fsp->fsp_flags.is_fsa);
1229 if (fsp->conn->sconn->using_smb2) {
1230 notify_status = NT_STATUS_NOTIFY_CLEANUP;
1232 notify_status = NT_STATUS_OK;
1235 assert_no_pending_aio(fsp, close_type);
1238 * NT can set delete_on_close of the last open
1239 * reference to a directory also.
1242 lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id);
1244 DEBUG(0, ("close_directory: Could not get share mode lock for "
1245 "%s\n", fsp_str_dbg(fsp)));
1246 file_free(req, fsp);
1247 return NT_STATUS_INVALID_PARAMETER;
1250 if (fsp->fsp_flags.initial_delete_on_close) {
1251 /* Initial delete on close was set - for
1252 * directories we don't care if anyone else
1253 * wrote a real delete on close. */
1255 send_stat_cache_delete_message(fsp->conn->sconn->msg_ctx,
1256 fsp->fsp_name->base_name);
1257 set_delete_on_close_lck(fsp, lck,
1258 fsp->conn->session_info->security_token,
1259 fsp->conn->session_info->unix_token);
1260 fsp->fsp_flags.delete_on_close = true;
1263 delete_dir = get_delete_on_close_token(
1264 lck, fsp->name_hash, &del_nt_token, &del_token) &&
1265 !has_other_nonposix_opens(lck, fsp);
1267 if ((close_type == NORMAL_CLOSE || close_type == SHUTDOWN_CLOSE) &&
1270 /* Become the user who requested the delete. */
1272 if (!push_sec_ctx()) {
1273 smb_panic("close_directory: failed to push sec_ctx.\n");
1276 set_sec_ctx(del_token->uid,
1282 if (!del_share_mode(lck, fsp)) {
1283 DEBUG(0, ("close_directory: Could not delete share entry for "
1284 "%s\n", fsp_str_dbg(fsp)));
1289 if ((fsp->conn->fs_capabilities & FILE_NAMED_STREAMS)
1290 && !is_ntfs_stream_smb_fname(fsp->fsp_name)) {
1292 status = delete_all_streams(fsp->conn, fsp->fsp_name);
1293 if (!NT_STATUS_IS_OK(status)) {
1294 DEBUG(5, ("delete_all_streams failed: %s\n",
1295 nt_errstr(status)));
1296 file_free(req, fsp);
1301 status = rmdir_internals(talloc_tos(), fsp);
1303 DEBUG(5,("close_directory: %s. Delete on close was set - "
1304 "deleting directory returned %s.\n",
1305 fsp_str_dbg(fsp), nt_errstr(status)));
1307 /* unbecome user. */
1311 * Ensure we remove any change notify requests that would
1312 * now fail as the directory has been deleted.
1315 if (NT_STATUS_IS_OK(status)) {
1316 notify_status = NT_STATUS_DELETE_PENDING;
1319 if (!del_share_mode(lck, fsp)) {
1320 DEBUG(0, ("close_directory: Could not delete share entry for "
1321 "%s\n", fsp_str_dbg(fsp)));
1327 remove_pending_change_notify_requests_by_fid(fsp, notify_status);
1329 status1 = fd_close(fsp);
1331 if (!NT_STATUS_IS_OK(status1)) {
1332 DEBUG(0, ("Could not close dir! fname=%s, fd=%d, err=%d=%s\n",
1333 fsp_str_dbg(fsp), fsp_get_pathref_fd(fsp), errno,
1338 * Do the code common to files and directories.
1340 file_free(req, fsp);
1342 if (NT_STATUS_IS_OK(status) && !NT_STATUS_IS_OK(status1)) {
1348 /****************************************************************************
1349 Close a files_struct.
1350 ****************************************************************************/
1352 NTSTATUS close_file(struct smb_request *req, files_struct *fsp,
1353 enum file_close_type close_type)
1356 struct files_struct *base_fsp = fsp->base_fsp;
1357 bool close_base_fsp = false;
1360 * This fsp can never be an internal dirfsp. They must
1361 * be explicitly closed by TALLOC_FREE of the dir handle.
1363 SMB_ASSERT(!fsp->fsp_flags.is_dirfsp);
1365 if (fsp->stream_fsp != NULL) {
1367 * fsp is the base for a stream.
1369 * We're called with SHUTDOWN_CLOSE from files.c which walks the
1370 * complete list of files.
1372 * We need to wait until the stream is closed.
1374 SMB_ASSERT(close_type == SHUTDOWN_CLOSE);
1375 return NT_STATUS_OK;
1378 if (base_fsp != NULL) {
1380 * We need to remove the link in order to
1381 * recurse for the base fsp below.
1383 SMB_ASSERT(base_fsp->base_fsp == NULL);
1384 SMB_ASSERT(base_fsp->stream_fsp == fsp);
1385 base_fsp->stream_fsp = NULL;
1387 if (close_type == SHUTDOWN_CLOSE) {
1389 * We're called with SHUTDOWN_CLOSE from files.c
1390 * which walks the complete list of files.
1392 * We may need to defer the SHUTDOWN_CLOSE
1393 * if it's the next in the linked list.
1395 * So we only close if the base is *not* the
1398 close_base_fsp = (fsp->next != base_fsp);
1400 close_base_fsp = true;
1404 if (fsp->fake_file_handle != NULL) {
1405 status = close_fake_file(req, fsp);
1406 } else if (fsp->print_file != NULL) {
1407 /* FIXME: return spool errors */
1408 print_spool_end(fsp, close_type);
1409 file_free(req, fsp);
1410 status = NT_STATUS_OK;
1411 } else if (!fsp->fsp_flags.is_fsa) {
1412 if (close_type == NORMAL_CLOSE) {
1413 DBG_ERR("unexpected NORMAL_CLOSE for [%s] "
1414 "is_fsa[%u] is_pathref[%u] is_directory[%u]\n",
1416 fsp->fsp_flags.is_fsa,
1417 fsp->fsp_flags.is_pathref,
1418 fsp->fsp_flags.is_directory);
1420 SMB_ASSERT(close_type != NORMAL_CLOSE);
1422 file_free(req, fsp);
1423 status = NT_STATUS_OK;
1424 } else if (fsp->fsp_flags.is_directory) {
1425 status = close_directory(req, fsp, close_type);
1427 status = close_normal_file(req, fsp, close_type);
1430 if (close_base_fsp) {
1433 * fsp was a stream, the base fsp can't be a stream as well
1435 * For SHUTDOWN_CLOSE this is not possible here
1436 * (if the base_fsp was the next in the linked list), because
1437 * SHUTDOWN_CLOSE only happens from files.c which walks the
1438 * complete list of files. If we mess with more than one fsp
1439 * those loops will become confused.
1442 close_file(req, base_fsp, close_type);
1448 /****************************************************************************
1449 Deal with an (authorized) message to close a file given the share mode
1451 ****************************************************************************/
1453 void msg_close_file(struct messaging_context *msg_ctx,
1456 struct server_id server_id,
1459 files_struct *fsp = NULL;
1461 struct share_mode_entry e;
1462 struct smbd_server_connection *sconn =
1463 talloc_get_type_abort(private_data,
1464 struct smbd_server_connection);
1466 message_to_share_mode_entry(&id, &e, (char *)data->data);
1469 char *sm_str = share_mode_str(NULL, 0, &id, &e);
1471 smb_panic("talloc failed");
1473 DEBUG(10,("msg_close_file: got request to close share mode "
1474 "entry %s\n", sm_str));
1475 TALLOC_FREE(sm_str);
1478 fsp = file_find_dif(sconn, id, e.share_file_id);
1480 DEBUG(10,("msg_close_file: failed to find file.\n"));
1483 close_file(NULL, fsp, NORMAL_CLOSE);