2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_file_owner_to_parent(connection_struct *conn,
88 const char *inherit_from_dir,
91 SMB_STRUCT_STAT parent_st;
94 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
96 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
97 "directory %s. Error was %s\n",
98 inherit_from_dir, strerror(errno) ));
103 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
107 "file %s to parent directory uid %u. Error "
108 "was %s\n", fsp->fsp_name,
109 (unsigned int)parent_st.st_uid,
113 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
114 "parent directory uid %u.\n", fsp->fsp_name,
115 (unsigned int)parent_st.st_uid ));
118 static void change_dir_owner_to_parent(connection_struct *conn,
119 const char *inherit_from_dir,
121 SMB_STRUCT_STAT *psbuf)
124 SMB_STRUCT_STAT sbuf;
125 SMB_STRUCT_STAT parent_st;
128 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
130 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
131 "directory %s. Error was %s\n",
132 inherit_from_dir, strerror(errno) ));
136 /* We've already done an lstat into psbuf, and we know it's a
137 directory. If we can cd into the directory and the dev/ino
138 are the same then we can safely chown without races as
139 we're locking the directory in place by being in it. This
140 should work on any UNIX (thanks tridge :-). JRA.
143 if (!vfs_GetWd(conn,saved_dir)) {
144 DEBUG(0,("change_dir_owner_to_parent: failed to get "
145 "current working directory\n"));
149 /* Chdir into the new path. */
150 if (vfs_ChDir(conn, fname) == -1) {
151 DEBUG(0,("change_dir_owner_to_parent: failed to change "
152 "current working directory to %s. Error "
153 "was %s\n", fname, strerror(errno) ));
157 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
158 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
159 "directory '.' (%s) Error was %s\n",
160 fname, strerror(errno)));
164 /* Ensure we're pointing at the same place. */
165 if (sbuf.st_dev != psbuf->st_dev ||
166 sbuf.st_ino != psbuf->st_ino ||
167 sbuf.st_mode != psbuf->st_mode ) {
168 DEBUG(0,("change_dir_owner_to_parent: "
169 "device/inode/mode on directory %s changed. "
170 "Refusing to chown !\n", fname ));
175 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
178 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
179 "directory %s to parent directory uid %u. "
180 "Error was %s\n", fname,
181 (unsigned int)parent_st.st_uid, strerror(errno) ));
185 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
186 "directory %s to parent directory uid %u.\n",
187 fname, (unsigned int)parent_st.st_uid ));
191 vfs_ChDir(conn,saved_dir);
194 /****************************************************************************
196 ****************************************************************************/
198 static NTSTATUS open_file(files_struct *fsp,
199 connection_struct *conn,
200 const char *parent_dir,
203 SMB_STRUCT_STAT *psbuf,
206 uint32 access_mask, /* client requested access mask. */
207 uint32 open_access_mask) /* what we're actually using in the open. */
209 int accmode = (flags & O_ACCMODE);
210 int local_flags = flags;
211 BOOL file_existed = VALID_STAT(*psbuf);
216 /* Check permissions */
219 * This code was changed after seeing a client open request
220 * containing the open mode of (DENY_WRITE/read-only) with
221 * the 'create if not exist' bit set. The previous code
222 * would fail to open the file read only on a read-only share
223 * as it was checking the flags parameter directly against O_RDONLY,
224 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
228 if (!CAN_WRITE(conn)) {
229 /* It's a read-only share - fail if we wanted to write. */
230 if(accmode != O_RDONLY) {
231 DEBUG(3,("Permission denied opening %s\n", path));
232 return NT_STATUS_ACCESS_DENIED;
233 } else if(flags & O_CREAT) {
234 /* We don't want to write - but we must make sure that
235 O_CREAT doesn't create the file if we have write
236 access into the directory.
239 local_flags &= ~O_CREAT;
244 * This little piece of insanity is inspired by the
245 * fact that an NT client can open a file for O_RDONLY,
246 * but set the create disposition to FILE_EXISTS_TRUNCATE.
247 * If the client *can* write to the file, then it expects to
248 * truncate the file, even though it is opening for readonly.
249 * Quicken uses this stupid trick in backup file creation...
250 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
251 * for helping track this one down. It didn't bite us in 2.0.x
252 * as we always opened files read-write in that release. JRA.
255 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
256 DEBUG(10,("open_file: truncate requested on read-only open "
257 "for file %s\n", path));
258 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
261 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
262 (!file_existed && (local_flags & O_CREAT)) ||
263 ((local_flags & O_TRUNC) == O_TRUNC) ) {
266 * We can't actually truncate here as the file may be locked.
267 * open_file_ntcreate will take care of the truncate later. JRA.
270 local_flags &= ~O_TRUNC;
272 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
274 * We would block on opening a FIFO with no one else on the
275 * other end. Do what we used to do and add O_NONBLOCK to the
279 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
280 local_flags |= O_NONBLOCK;
284 /* Don't create files with Microsoft wildcard characters. */
285 if ((local_flags & O_CREAT) && !file_existed &&
287 return NT_STATUS_OBJECT_NAME_INVALID;
290 /* Actually do the open */
291 if (!fd_open(conn, path, fsp, local_flags, unx_mode)) {
292 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
294 path,strerror(errno),local_flags,flags));
295 return map_nt_error_from_unix(errno);
298 if ((local_flags & O_CREAT) && !file_existed) {
300 /* Inherit the ACL if required */
301 if (lp_inherit_perms(SNUM(conn))) {
302 inherit_access_acl(conn, parent_dir, path,
306 /* Change the owner if required. */
307 if (lp_inherit_owner(SNUM(conn))) {
308 change_file_owner_to_parent(conn, parent_dir,
315 fsp->fh->fd = -1; /* What we used to call a stat open. */
321 if (fsp->fh->fd == -1) {
322 ret = SMB_VFS_STAT(conn, path, psbuf);
324 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
325 /* If we have an fd, this stat should succeed. */
327 DEBUG(0,("Error doing fstat on open file %s "
328 "(%s)\n", path,strerror(errno) ));
332 /* For a non-io open, this stat failing means file not found. JRA */
334 NTSTATUS status = map_nt_error_from_unix(errno);
341 * POSIX allows read-only opens of directories. We don't
342 * want to do this (we use a different code path for this)
343 * so catch a directory open and return an EISDIR. JRA.
346 if(S_ISDIR(psbuf->st_mode)) {
349 return NT_STATUS_FILE_IS_A_DIRECTORY;
352 fsp->mode = psbuf->st_mode;
353 fsp->inode = psbuf->st_ino;
354 fsp->dev = psbuf->st_dev;
355 fsp->vuid = current_user.vuid;
356 fsp->file_pid = global_smbpid;
357 fsp->can_lock = True;
358 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
359 if (!CAN_WRITE(conn)) {
360 fsp->can_write = False;
362 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
365 fsp->print_file = False;
366 fsp->modified = False;
367 fsp->sent_oplock_break = NO_BREAK_SENT;
368 fsp->is_directory = False;
369 fsp->is_stat = False;
370 if (conn->aio_write_behind_list
371 && is_in_path(path, conn->aio_write_behind_list,
372 conn->case_sensitive)) {
373 fsp->aio_write_behind = True;
376 string_set(&fsp->fsp_name, path);
377 fsp->wcp = NULL; /* Write cache pointer. */
379 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
380 *current_user_info.smb_name ?
381 current_user_info.smb_name : conn->user,fsp->fsp_name,
382 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
383 conn->num_files_open + 1));
389 /*******************************************************************
390 Return True if the filename is one of the special executable types.
391 ********************************************************************/
393 static BOOL is_executable(const char *fname)
395 if ((fname = strrchr_m(fname,'.'))) {
396 if (strequal(fname,".com") ||
397 strequal(fname,".dll") ||
398 strequal(fname,".exe") ||
399 strequal(fname,".sym")) {
406 /****************************************************************************
407 Check if we can open a file with a share mode.
408 Returns True if conflict, False if not.
409 ****************************************************************************/
411 static BOOL share_conflict(struct share_mode_entry *entry,
415 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
416 "entry->share_access = 0x%x, "
417 "entry->private_options = 0x%x\n",
418 (unsigned int)entry->access_mask,
419 (unsigned int)entry->share_access,
420 (unsigned int)entry->private_options));
422 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
423 (unsigned int)access_mask, (unsigned int)share_access));
425 if ((entry->access_mask & (FILE_WRITE_DATA|
429 DELETE_ACCESS)) == 0) {
430 DEBUG(10,("share_conflict: No conflict due to "
431 "entry->access_mask = 0x%x\n",
432 (unsigned int)entry->access_mask ));
436 if ((access_mask & (FILE_WRITE_DATA|
440 DELETE_ACCESS)) == 0) {
441 DEBUG(10,("share_conflict: No conflict due to "
442 "access_mask = 0x%x\n",
443 (unsigned int)access_mask ));
447 #if 1 /* JRA TEST - Superdebug. */
448 #define CHECK_MASK(num, am, right, sa, share) \
449 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
450 (unsigned int)(num), (unsigned int)(am), \
451 (unsigned int)(right), (unsigned int)(am)&(right) )); \
452 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
453 (unsigned int)(num), (unsigned int)(sa), \
454 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
455 if (((am) & (right)) && !((sa) & (share))) { \
456 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
457 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
458 (unsigned int)(share) )); \
462 #define CHECK_MASK(num, am, right, sa, share) \
463 if (((am) & (right)) && !((sa) & (share))) { \
464 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
465 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
466 (unsigned int)(share) )); \
471 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
472 share_access, FILE_SHARE_WRITE);
473 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
474 entry->share_access, FILE_SHARE_WRITE);
476 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
477 share_access, FILE_SHARE_READ);
478 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
479 entry->share_access, FILE_SHARE_READ);
481 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
482 share_access, FILE_SHARE_DELETE);
483 CHECK_MASK(6, access_mask, DELETE_ACCESS,
484 entry->share_access, FILE_SHARE_DELETE);
486 DEBUG(10,("share_conflict: No conflict.\n"));
490 #if defined(DEVELOPER)
491 static void validate_my_share_entries(int num,
492 struct share_mode_entry *share_entry)
496 if (!procid_is_me(&share_entry->pid)) {
500 if (is_deferred_open_entry(share_entry) &&
501 !open_was_deferred(share_entry->op_mid)) {
503 pstr_sprintf(str, "Got a deferred entry without a request: "
504 "PANIC: %s\n", share_mode_str(num, share_entry));
508 if (!is_valid_share_mode_entry(share_entry)) {
512 fsp = file_find_dif(share_entry->dev, share_entry->inode,
513 share_entry->share_file_id);
515 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
516 share_mode_str(num, share_entry) ));
517 smb_panic("validate_my_share_entries: Cannot match a "
518 "share entry with an open file\n");
521 if (is_deferred_open_entry(share_entry) ||
522 is_unused_share_mode_entry(share_entry)) {
526 if ((share_entry->op_type == NO_OPLOCK) &&
527 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
528 /* Someone has already written to it, but I haven't yet
533 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
542 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
543 share_mode_str(num, share_entry) ));
544 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
545 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
546 fsp->fsp_name, (unsigned int)fsp->oplock_type,
547 (unsigned int)share_entry->op_type );
553 static BOOL is_stat_open(uint32 access_mask)
555 return (access_mask &&
556 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
557 FILE_WRITE_ATTRIBUTES))==0) &&
558 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
559 FILE_WRITE_ATTRIBUTES)) != 0));
562 /****************************************************************************
563 Deal with share modes
564 Invarient: Share mode must be locked on entry and exit.
565 Returns -1 on error, or number of share modes on success (may be zero).
566 ****************************************************************************/
568 static NTSTATUS open_mode_check(connection_struct *conn,
570 struct share_mode_lock *lck,
573 uint32 create_options,
578 if(lck->num_share_modes == 0) {
582 *file_existed = True;
584 if (is_stat_open(access_mask)) {
585 /* Stat open that doesn't trigger oplock breaks or share mode
586 * checks... ! JRA. */
590 /* A delete on close prohibits everything */
592 if (lck->delete_on_close) {
593 return NT_STATUS_DELETE_PENDING;
597 * Check if the share modes will give us access.
600 #if defined(DEVELOPER)
601 for(i = 0; i < lck->num_share_modes; i++) {
602 validate_my_share_entries(i, &lck->share_modes[i]);
606 if (!lp_share_modes(SNUM(conn))) {
610 /* Now we check the share modes, after any oplock breaks. */
611 for(i = 0; i < lck->num_share_modes; i++) {
613 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
617 /* someone else has a share lock on it, check to see if we can
619 if (share_conflict(&lck->share_modes[i],
620 access_mask, share_access)) {
621 return NT_STATUS_SHARING_VIOLATION;
628 static BOOL is_delete_request(files_struct *fsp) {
629 return ((fsp->access_mask == DELETE_ACCESS) &&
630 (fsp->oplock_type == NO_OPLOCK));
634 * 1) No files open at all or internal open: Grant whatever the client wants.
636 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
637 * request, break if the oplock around is a batch oplock. If it's another
638 * requested access type, break.
640 * 3) Only level2 around: Grant level2 and do nothing else.
643 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
649 struct share_mode_entry *exclusive = NULL;
650 BOOL valid_entry = False;
651 BOOL delay_it = False;
652 BOOL have_level2 = False;
654 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
656 if (oplock_request & INTERNAL_OPEN_ONLY) {
657 fsp->oplock_type = NO_OPLOCK;
660 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
664 for (i=0; i<lck->num_share_modes; i++) {
666 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
670 /* At least one entry is not an invalid or deferred entry. */
673 if (pass_number == 1) {
674 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
675 SMB_ASSERT(exclusive == NULL);
676 exclusive = &lck->share_modes[i];
679 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
680 SMB_ASSERT(exclusive == NULL);
681 exclusive = &lck->share_modes[i];
685 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
686 SMB_ASSERT(exclusive == NULL);
692 /* All entries are placeholders or deferred.
693 * Directly grant whatever the client wants. */
694 if (fsp->oplock_type == NO_OPLOCK) {
695 /* Store a level2 oplock, but don't tell the client */
696 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
701 if (exclusive != NULL) { /* Found an exclusive oplock */
702 SMB_ASSERT(!have_level2);
703 delay_it = is_delete_request(fsp) ?
704 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
707 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
708 /* We can at most grant level2 as there are other
709 * level2 or NO_OPLOCK entries. */
710 fsp->oplock_type = LEVEL_II_OPLOCK;
713 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
714 /* Store a level2 oplock, but don't tell the client */
715 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
723 * Send a break message to the oplock holder and delay the open for
727 DEBUG(10, ("Sending break request to PID %s\n",
728 procid_str_static(&exclusive->pid)));
729 exclusive->op_mid = get_current_mid();
731 /* Create the message. */
732 share_mode_entry_to_message(msg, exclusive);
734 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
735 don't want this set in the share mode struct pointed to by lck. */
737 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
738 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
741 ret = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
742 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
744 DEBUG(3, ("Could not send oplock break message\n"));
750 static BOOL request_timed_out(struct timeval request_time,
751 struct timeval timeout)
753 struct timeval now, end_time;
755 end_time = timeval_sum(&request_time, &timeout);
756 return (timeval_compare(&end_time, &now) < 0);
759 /****************************************************************************
760 Handle the 1 second delay in returning a SHARING_VIOLATION error.
761 ****************************************************************************/
763 static void defer_open(struct share_mode_lock *lck,
764 struct timeval request_time,
765 struct timeval timeout,
766 struct deferred_open_record *state)
768 uint16 mid = get_current_mid();
773 for (i=0; i<lck->num_share_modes; i++) {
774 struct share_mode_entry *e = &lck->share_modes[i];
776 if (!is_deferred_open_entry(e)) {
780 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
781 DEBUG(0, ("Trying to defer an already deferred "
782 "request: mid=%d, exiting\n", mid));
783 exit_server("attempt to defer a deferred request");
787 /* End paranoia check */
789 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
790 "open entry for mid %u\n",
791 (unsigned int)request_time.tv_sec,
792 (unsigned int)request_time.tv_usec,
795 if (!push_deferred_smb_message(mid, request_time, timeout,
796 (char *)state, sizeof(*state))) {
797 exit_server("push_deferred_smb_message failed");
799 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
802 * Push the MID of this packet on the signing queue.
803 * We only do this once, the first time we push the packet
804 * onto the deferred open queue, as this has a side effect
805 * of incrementing the response sequence number.
808 srv_defer_sign_response(mid);
812 /****************************************************************************
813 On overwrite open ensure that the attributes match.
814 ****************************************************************************/
816 static BOOL open_match_attributes(connection_struct *conn,
820 mode_t existing_unx_mode,
822 mode_t *returned_unx_mode)
824 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
826 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
827 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
829 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
830 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
831 *returned_unx_mode = new_unx_mode;
833 *returned_unx_mode = (mode_t)0;
836 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
837 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
838 "returned_unx_mode = 0%o\n",
840 (unsigned int)old_dos_attr,
841 (unsigned int)existing_unx_mode,
842 (unsigned int)new_dos_attr,
843 (unsigned int)*returned_unx_mode ));
845 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
846 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
847 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
848 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
852 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
853 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
854 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
861 /****************************************************************************
862 Special FCB or DOS processing in the case of a sharing violation.
863 Try and find a duplicated file handle.
864 ****************************************************************************/
866 static files_struct *fcb_or_dos_open(connection_struct *conn,
867 const char *fname, SMB_DEV_T dev,
871 uint32 create_options)
874 files_struct *dup_fsp;
876 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
877 "file %s.\n", fname ));
879 for(fsp = file_find_di_first(dev, inode); fsp;
880 fsp = file_find_di_next(fsp)) {
882 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
883 "vuid = %u, file_pid = %u, private_options = 0x%x "
884 "access_mask = 0x%x\n", fsp->fsp_name,
885 fsp->fh->fd, (unsigned int)fsp->vuid,
886 (unsigned int)fsp->file_pid,
887 (unsigned int)fsp->fh->private_options,
888 (unsigned int)fsp->access_mask ));
890 if (fsp->fh->fd != -1 &&
891 fsp->vuid == current_user.vuid &&
892 fsp->file_pid == global_smbpid &&
893 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
894 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
895 (fsp->access_mask & FILE_WRITE_DATA) &&
896 strequal(fsp->fsp_name, fname)) {
897 DEBUG(10,("fcb_or_dos_open: file match\n"));
906 /* quite an insane set of semantics ... */
907 if (is_executable(fname) &&
908 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
909 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
913 /* We need to duplicate this fsp. */
914 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
915 create_options, &dup_fsp))) {
922 /****************************************************************************
923 Open a file with a share mode - old openX method - map into NTCreate.
924 ****************************************************************************/
926 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
927 uint32 *paccess_mask,
929 uint32 *pcreate_disposition,
930 uint32 *pcreate_options)
934 uint32 create_disposition;
935 uint32 create_options = 0;
937 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
938 "open_func = 0x%x\n",
939 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
941 /* Create the NT compatible access_mask. */
942 switch (GET_OPENX_MODE(deny_mode)) {
943 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
944 case DOS_OPEN_RDONLY:
945 access_mask = FILE_GENERIC_READ;
947 case DOS_OPEN_WRONLY:
948 access_mask = FILE_GENERIC_WRITE;
952 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
955 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
956 (unsigned int)GET_OPENX_MODE(deny_mode)));
960 /* Create the NT compatible create_disposition. */
962 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
963 create_disposition = FILE_CREATE;
966 case OPENX_FILE_EXISTS_OPEN:
967 create_disposition = FILE_OPEN;
970 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
971 create_disposition = FILE_OPEN_IF;
974 case OPENX_FILE_EXISTS_TRUNCATE:
975 create_disposition = FILE_OVERWRITE;
978 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
979 create_disposition = FILE_OVERWRITE_IF;
983 /* From samba4 - to be confirmed. */
984 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
985 create_disposition = FILE_CREATE;
988 DEBUG(10,("map_open_params_to_ntcreate: bad "
989 "open_func 0x%x\n", (unsigned int)open_func));
993 /* Create the NT compatible share modes. */
994 switch (GET_DENY_MODE(deny_mode)) {
996 share_mode = FILE_SHARE_NONE;
1000 share_mode = FILE_SHARE_READ;
1004 share_mode = FILE_SHARE_WRITE;
1008 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1012 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1013 if (is_executable(fname)) {
1014 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1016 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1017 share_mode = FILE_SHARE_READ;
1019 share_mode = FILE_SHARE_NONE;
1025 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1026 share_mode = FILE_SHARE_NONE;
1030 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1031 (unsigned int)GET_DENY_MODE(deny_mode) ));
1035 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1036 "share_mode = 0x%x, create_disposition = 0x%x, "
1037 "create_options = 0x%x\n",
1039 (unsigned int)access_mask,
1040 (unsigned int)share_mode,
1041 (unsigned int)create_disposition,
1042 (unsigned int)create_options ));
1045 *paccess_mask = access_mask;
1048 *pshare_mode = share_mode;
1050 if (pcreate_disposition) {
1051 *pcreate_disposition = create_disposition;
1053 if (pcreate_options) {
1054 *pcreate_options = create_options;
1061 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1063 struct deferred_open_record state;
1065 /* This is a relative time, added to the absolute
1066 request_time value to get the absolute timeout time.
1067 Note that if this is the second or greater time we enter
1068 this codepath for this particular request mid then
1069 request_time is left as the absolute time of the *first*
1070 time this request mid was processed. This is what allows
1071 the request to eventually time out. */
1073 struct timeval timeout;
1075 /* Normally the smbd we asked should respond within
1076 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1077 * the client did, give twice the timeout as a safety
1078 * measure here in case the other smbd is stuck
1079 * somewhere else. */
1081 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1083 /* Nothing actually uses state.delayed_for_oplocks
1084 but it's handy to differentiate in debug messages
1085 between a 30 second delay due to oplock break, and
1086 a 1 second delay for share mode conflicts. */
1088 state.delayed_for_oplocks = True;
1089 state.dev = lck->dev;
1090 state.inode = lck->ino;
1092 if (!request_timed_out(request_time, timeout)) {
1093 defer_open(lck, request_time, timeout, &state);
1097 /****************************************************************************
1098 Open a file with a share mode.
1099 ****************************************************************************/
1101 NTSTATUS open_file_ntcreate(connection_struct *conn,
1103 SMB_STRUCT_STAT *psbuf,
1104 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1105 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1106 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1107 uint32 create_options, /* options such as delete on close. */
1108 uint32 new_dos_attributes, /* attributes used for new file. */
1109 int oplock_request, /* internal Samba oplock codes. */
1110 /* Information (FILE_EXISTS etc.) */
1112 files_struct **result)
1116 BOOL file_existed = VALID_STAT(*psbuf);
1117 BOOL def_acl = False;
1119 SMB_INO_T inode = 0;
1120 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1121 files_struct *fsp = NULL;
1122 mode_t new_unx_mode = (mode_t)0;
1123 mode_t unx_mode = (mode_t)0;
1125 uint32 existing_dos_attributes = 0;
1126 struct pending_message_list *pml = NULL;
1127 uint16 mid = get_current_mid();
1128 struct timeval request_time = timeval_zero();
1129 struct share_mode_lock *lck = NULL;
1130 uint32 open_access_mask = access_mask;
1134 const char *newname;
1136 if (conn->printer) {
1138 * Printers are handled completely differently.
1139 * Most of the passed parameters are ignored.
1143 *pinfo = FILE_WAS_CREATED;
1146 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1148 return print_fsp_open(conn, fname, result);
1151 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1153 return NT_STATUS_NO_MEMORY;
1156 /* We add aARCH to this as this mode is only used if the file is
1158 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1161 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1162 "access_mask=0x%x share_access=0x%x "
1163 "create_disposition = 0x%x create_options=0x%x "
1164 "unix mode=0%o oplock_request=%d\n",
1165 fname, new_dos_attributes, access_mask, share_access,
1166 create_disposition, create_options, unx_mode,
1169 if ((pml = get_open_deferred_message(mid)) != NULL) {
1170 struct deferred_open_record *state =
1171 (struct deferred_open_record *)pml->private_data.data;
1173 /* Remember the absolute time of the original
1174 request with this mid. We'll use it later to
1175 see if this has timed out. */
1177 request_time = pml->request_time;
1179 /* Remove the deferred open entry under lock. */
1180 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1182 DEBUG(0, ("could not get share mode lock\n"));
1184 del_deferred_open_entry(lck, mid);
1188 /* Ensure we don't reprocess this message. */
1189 remove_deferred_open_smb_message(mid);
1192 if (!check_name(fname,conn)) {
1193 return map_nt_error_from_unix(errno);
1196 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1198 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1201 /* ignore any oplock requests if oplocks are disabled */
1202 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1203 IS_VETO_OPLOCK_PATH(conn, fname)) {
1204 /* Mask off everything except the private Samba bits. */
1205 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1208 /* this is for OS/2 long file names - say we don't support them */
1209 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1210 /* OS/2 Workplace shell fix may be main code stream in a later
1212 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1214 if (use_nt_status()) {
1215 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1217 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1220 switch( create_disposition ) {
1222 * Currently we're using FILE_SUPERSEDE as the same as
1223 * FILE_OVERWRITE_IF but they really are
1224 * different. FILE_SUPERSEDE deletes an existing file
1225 * (requiring delete access) then recreates it.
1227 case FILE_SUPERSEDE:
1228 /* If file exists replace/overwrite. If file doesn't
1230 flags2 |= (O_CREAT | O_TRUNC);
1233 case FILE_OVERWRITE_IF:
1234 /* If file exists replace/overwrite. If file doesn't
1236 flags2 |= (O_CREAT | O_TRUNC);
1240 /* If file exists open. If file doesn't exist error. */
1241 if (!file_existed) {
1242 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1243 "requested for file %s and file "
1244 "doesn't exist.\n", fname ));
1246 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1250 case FILE_OVERWRITE:
1251 /* If file exists overwrite. If file doesn't exist
1253 if (!file_existed) {
1254 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1255 "requested for file %s and file "
1256 "doesn't exist.\n", fname ));
1258 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1264 /* If file exists error. If file doesn't exist
1267 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1268 "requested for file %s and file "
1269 "already exists.\n", fname ));
1270 if (S_ISDIR(psbuf->st_mode)) {
1275 return map_nt_error_from_unix(errno);
1277 flags2 |= (O_CREAT|O_EXCL);
1281 /* If file exists open. If file doesn't exist
1287 return NT_STATUS_INVALID_PARAMETER;
1290 /* We only care about matching attributes on file exists and
1293 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1294 (create_disposition == FILE_OVERWRITE_IF))) {
1295 if (!open_match_attributes(conn, fname,
1296 existing_dos_attributes,
1297 new_dos_attributes, psbuf->st_mode,
1298 unx_mode, &new_unx_mode)) {
1299 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1300 "for file %s (%x %x) (0%o, 0%o)\n",
1301 fname, existing_dos_attributes,
1303 (unsigned int)psbuf->st_mode,
1304 (unsigned int)unx_mode ));
1306 return NT_STATUS_ACCESS_DENIED;
1310 /* This is a nasty hack - must fix... JRA. */
1311 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1312 open_access_mask = access_mask = FILE_GENERIC_ALL;
1316 * Convert GENERIC bits to specific bits.
1319 se_map_generic(&access_mask, &file_generic_mapping);
1320 open_access_mask = access_mask;
1322 if (flags2 & O_TRUNC) {
1323 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1326 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1327 "access_mask=0x%x\n", fname, access_mask ));
1330 * Note that we ignore the append flag as append does not
1331 * mean the same thing under DOS and Unix.
1334 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1335 /* DENY_DOS opens are always underlying read-write on the
1336 file handle, no matter what the requested access mask
1338 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1339 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1349 * Currently we only look at FILE_WRITE_THROUGH for create options.
1353 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1358 if (!CAN_WRITE(conn)) {
1360 * We should really return a permission denied error if either
1361 * O_CREAT or O_TRUNC are set, but for compatibility with
1362 * older versions of Samba we just AND them out.
1364 flags2 &= ~(O_CREAT|O_TRUNC);
1368 * Ensure we can't write on a read-only share or file.
1371 if (flags != O_RDONLY && file_existed &&
1372 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1373 DEBUG(5,("open_file_ntcreate: write access requested for "
1374 "file %s on read only %s\n",
1375 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1377 return NT_STATUS_ACCESS_DENIED;
1380 status = file_new(conn, &fsp);
1381 if(!NT_STATUS_IS_OK(status)) {
1385 fsp->dev = psbuf->st_dev;
1386 fsp->inode = psbuf->st_ino;
1387 fsp->share_access = share_access;
1388 fsp->fh->private_options = create_options;
1389 fsp->access_mask = open_access_mask; /* We change this to the
1390 * requested access_mask after
1391 * the open is done. */
1392 /* Ensure no SAMBA_PRIVATE bits can be set. */
1393 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1395 if (timeval_is_zero(&request_time)) {
1396 request_time = fsp->open_time;
1400 dev = psbuf->st_dev;
1401 inode = psbuf->st_ino;
1403 lck = get_share_mode_lock(NULL, dev, inode,
1409 DEBUG(0, ("Could not get share mode lock\n"));
1410 return NT_STATUS_SHARING_VIOLATION;
1413 /* First pass - send break only on batch oplocks. */
1414 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1415 schedule_defer_open(lck, request_time);
1418 return NT_STATUS_SHARING_VIOLATION;
1421 /* Use the client requested access mask here, not the one we
1423 status = open_mode_check(conn, fname, lck,
1424 access_mask, share_access,
1425 create_options, &file_existed);
1427 if (NT_STATUS_IS_OK(status)) {
1428 /* We might be going to allow this open. Check oplock
1430 /* Second pass - send break for both batch or
1431 * exclusive oplocks. */
1432 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1433 schedule_defer_open(lck, request_time);
1436 return NT_STATUS_SHARING_VIOLATION;
1440 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1441 /* DELETE_PENDING is not deferred for a second */
1447 if (!NT_STATUS_IS_OK(status)) {
1448 uint32 can_access_mask;
1449 BOOL can_access = True;
1451 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1453 /* Check if this can be done with the deny_dos and fcb
1455 if (create_options &
1456 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1457 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1458 files_struct *fsp_dup;
1460 /* Use the client requested access mask here,
1461 * not the one we open with. */
1462 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1471 *pinfo = FILE_WAS_OPENED;
1473 conn->num_files_open++;
1475 return NT_STATUS_OK;
1480 * This next line is a subtlety we need for
1481 * MS-Access. If a file open will fail due to share
1482 * permissions and also for security (access) reasons,
1483 * we need to return the access failed error, not the
1484 * share error. We can't open the file due to kernel
1485 * oplock deadlock (it's possible we failed above on
1486 * the open_mode_check()) so use a userspace check.
1489 if (flags & O_RDWR) {
1490 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1491 } else if (flags & O_WRONLY) {
1492 can_access_mask = FILE_WRITE_DATA;
1494 can_access_mask = FILE_READ_DATA;
1497 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1498 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1503 * If we're returning a share violation, ensure we
1504 * cope with the braindead 1 second delay.
1507 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1508 lp_defer_sharing_violations()) {
1509 struct timeval timeout;
1510 struct deferred_open_record state;
1513 /* this is a hack to speed up torture tests
1515 timeout_usecs = lp_parm_int(SNUM(conn),
1516 "smbd","sharedelay",
1517 SHARING_VIOLATION_USEC_WAIT);
1519 /* This is a relative time, added to the absolute
1520 request_time value to get the absolute timeout time.
1521 Note that if this is the second or greater time we enter
1522 this codepath for this particular request mid then
1523 request_time is left as the absolute time of the *first*
1524 time this request mid was processed. This is what allows
1525 the request to eventually time out. */
1527 timeout = timeval_set(0, timeout_usecs);
1529 /* Nothing actually uses state.delayed_for_oplocks
1530 but it's handy to differentiate in debug messages
1531 between a 30 second delay due to oplock break, and
1532 a 1 second delay for share mode conflicts. */
1534 state.delayed_for_oplocks = False;
1536 state.inode = inode;
1538 if (!request_timed_out(request_time,
1540 defer_open(lck, request_time, timeout,
1548 * We have detected a sharing violation here
1549 * so return the correct error code
1551 status = NT_STATUS_SHARING_VIOLATION;
1553 status = NT_STATUS_ACCESS_DENIED;
1560 * We exit this block with the share entry *locked*.....
1564 SMB_ASSERT(!file_existed || (lck != NULL));
1567 * Ensure we pay attention to default ACLs on directories if required.
1570 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1571 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1575 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1576 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1577 (unsigned int)flags, (unsigned int)flags2,
1578 (unsigned int)unx_mode, (unsigned int)access_mask,
1579 (unsigned int)open_access_mask));
1582 * open_file strips any O_TRUNC flags itself.
1585 fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1586 flags|flags2, unx_mode, access_mask,
1589 if (!NT_STATUS_IS_OK(fsp_open)) {
1597 if (!file_existed) {
1600 * Deal with the race condition where two smbd's detect the
1601 * file doesn't exist and do the create at the same time. One
1602 * of them will win and set a share mode, the other (ie. this
1603 * one) should check if the requested share mode for this
1604 * create is allowed.
1608 * Now the file exists and fsp is successfully opened,
1609 * fsp->dev and fsp->inode are valid and should replace the
1610 * dev=0,inode=0 from a non existent file. Spotted by
1611 * Nadav Danieli <nadavd@exanet.com>. JRA.
1617 lck = get_share_mode_lock(NULL, dev, inode,
1622 DEBUG(0, ("open_file_ntcreate: Could not get share "
1623 "mode lock for %s\n", fname));
1624 fd_close(conn, fsp);
1626 return NT_STATUS_SHARING_VIOLATION;
1629 status = open_mode_check(conn, fname, lck,
1630 access_mask, share_access,
1631 create_options, &file_existed);
1633 if (!NT_STATUS_IS_OK(status)) {
1634 struct deferred_open_record state;
1636 fd_close(conn, fsp);
1639 state.delayed_for_oplocks = False;
1641 state.inode = inode;
1643 /* Do it all over again immediately. In the second
1644 * round we will find that the file existed and handle
1645 * the DELETE_PENDING and FCB cases correctly. No need
1646 * to duplicate the code here. Essentially this is a
1647 * "goto top of this function", but don't tell
1650 defer_open(lck, request_time, timeval_zero(),
1657 * We exit this block with the share entry *locked*.....
1662 SMB_ASSERT(lck != NULL);
1664 /* note that we ignore failure for the following. It is
1665 basically a hack for NFS, and NFS will never set one of
1666 these only read them. Nobody but Samba can ever set a deny
1667 mode and we have already checked our more authoritative
1668 locking database for permission to set this deny mode. If
1669 the kernel refuses the operations then the kernel is wrong.
1670 note that GPFS supports it as well - jmcd */
1672 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1673 if(ret_flock == -1 ){
1676 fd_close(conn, fsp);
1679 return NT_STATUS_SHARING_VIOLATION;
1683 * At this point onwards, we can guarentee that the share entry
1684 * is locked, whether we created the file or not, and that the
1685 * deny mode is compatible with all current opens.
1689 * If requested, truncate the file.
1692 if (flags2&O_TRUNC) {
1694 * We are modifing the file after open - update the stat
1697 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1698 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1699 status = map_nt_error_from_unix(errno);
1707 /* Record the options we were opened with. */
1708 fsp->share_access = share_access;
1709 fsp->fh->private_options = create_options;
1710 fsp->access_mask = access_mask;
1713 /* stat opens on existing files don't get oplocks. */
1714 if (is_stat_open(open_access_mask)) {
1715 fsp->oplock_type = NO_OPLOCK;
1718 if (!(flags2 & O_TRUNC)) {
1719 info = FILE_WAS_OPENED;
1721 info = FILE_WAS_OVERWRITTEN;
1724 info = FILE_WAS_CREATED;
1732 * Setup the oplock info in both the shared memory and
1736 if ((fsp->oplock_type != NO_OPLOCK) &&
1737 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1738 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1739 /* Could not get the kernel oplock */
1740 fsp->oplock_type = NO_OPLOCK;
1743 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1745 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1746 info == FILE_WAS_SUPERSEDED) {
1748 /* Handle strange delete on close create semantics. */
1749 if (create_options & FILE_DELETE_ON_CLOSE) {
1750 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1752 if (!NT_STATUS_IS_OK(status)) {
1753 /* Remember to delete the mode we just added. */
1754 del_share_mode(lck, fsp);
1760 /* Note that here we set the *inital* delete on close flag,
1761 not the regular one. */
1762 set_delete_on_close_token(lck, ¤t_user.ut);
1763 lck->initial_delete_on_close = True;
1764 lck->modified = True;
1767 /* Files should be initially set as archive */
1768 if (lp_map_archive(SNUM(conn)) ||
1769 lp_store_dos_attributes(SNUM(conn))) {
1770 file_set_dosmode(conn, fname,
1771 new_dos_attributes | aARCH, NULL,
1777 * Take care of inherited ACLs on created files - if default ACL not
1781 if (!file_existed && !def_acl) {
1783 int saved_errno = errno; /* We might get ENOSYS in the next
1786 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1788 errno = saved_errno; /* Ignore ENOSYS */
1791 } else if (new_unx_mode) {
1795 /* Attributes need changing. File already existed. */
1798 int saved_errno = errno; /* We might get ENOSYS in the
1800 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1803 if (ret == -1 && errno == ENOSYS) {
1804 errno = saved_errno; /* Ignore ENOSYS */
1806 DEBUG(5, ("open_file_ntcreate: reset "
1807 "attributes of file %s to 0%o\n",
1808 fname, (unsigned int)new_unx_mode));
1809 ret = 0; /* Don't do the fchmod below. */
1814 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1815 DEBUG(5, ("open_file_ntcreate: failed to reset "
1816 "attributes of file %s to 0%o\n",
1817 fname, (unsigned int)new_unx_mode));
1820 /* If this is a successful open, we must remove any deferred open
1822 del_deferred_open_entry(lck, mid);
1825 conn->num_files_open++;
1828 return NT_STATUS_OK;
1831 /****************************************************************************
1832 Open a file for for write to ensure that we can fchmod it.
1833 ****************************************************************************/
1835 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1836 SMB_STRUCT_STAT *psbuf, files_struct **result)
1838 files_struct *fsp = NULL;
1841 if (!VALID_STAT(*psbuf)) {
1842 return NT_STATUS_INVALID_PARAMETER;
1845 status = file_new(conn, &fsp);
1846 if(!NT_STATUS_IS_OK(status)) {
1850 /* note! we must use a non-zero desired access or we don't get
1851 a real file descriptor. Oh what a twisted web we weave. */
1852 status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1853 FILE_WRITE_DATA, FILE_WRITE_DATA);
1856 * This is not a user visible file open.
1857 * Don't set a share mode and don't increment
1858 * the conn->num_files_open.
1861 if (!NT_STATUS_IS_OK(status)) {
1867 return NT_STATUS_OK;
1870 /****************************************************************************
1871 Close the fchmod file fd - ensure no locks are lost.
1872 ****************************************************************************/
1874 int close_file_fchmod(files_struct *fsp)
1876 int ret = fd_close(fsp->conn, fsp);
1881 static NTSTATUS mkdir_internal(connection_struct *conn, const char *name,
1882 SMB_STRUCT_STAT *psbuf)
1887 const char *dirname;
1889 if(!CAN_WRITE(conn)) {
1890 DEBUG(5,("mkdir_internal: failing create on read-only share "
1891 "%s\n", lp_servicename(SNUM(conn))));
1892 return NT_STATUS_ACCESS_DENIED;
1895 if (!check_name(name, conn)) {
1896 return map_nt_error_from_unix(errno);
1899 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1901 return NT_STATUS_NO_MEMORY;
1904 mode = unix_mode(conn, aDIR, name, parent_dir);
1906 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1907 return map_nt_error_from_unix(errno);
1910 /* Ensure we're checking for a symlink here.... */
1911 /* We don't want to get caught by a symlink racer. */
1913 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1914 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1915 name, strerror(errno)));
1916 return map_nt_error_from_unix(errno);
1919 if (!S_ISDIR(psbuf->st_mode)) {
1920 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1922 return NT_STATUS_ACCESS_DENIED;
1925 if (lp_inherit_perms(SNUM(conn))) {
1926 inherit_access_acl(conn, parent_dir, name, mode);
1930 * Check if high bits should have been set,
1931 * then (if bits are missing): add them.
1932 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1935 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1936 SMB_VFS_CHMOD(conn, name,
1937 psbuf->st_mode | (mode & ~psbuf->st_mode));
1940 /* Change the owner if required. */
1941 if (lp_inherit_owner(SNUM(conn))) {
1942 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1945 return NT_STATUS_OK;
1948 /****************************************************************************
1949 Open a directory from an NT SMB call.
1950 ****************************************************************************/
1952 NTSTATUS open_directory(connection_struct *conn,
1954 SMB_STRUCT_STAT *psbuf,
1956 uint32 share_access,
1957 uint32 create_disposition,
1958 uint32 create_options,
1960 files_struct **result)
1962 files_struct *fsp = NULL;
1963 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1964 struct share_mode_lock *lck = NULL;
1968 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1969 "share_access = 0x%x create_options = 0x%x, "
1970 "create_disposition = 0x%x\n",
1972 (unsigned int)access_mask,
1973 (unsigned int)share_access,
1974 (unsigned int)create_options,
1975 (unsigned int)create_disposition));
1977 if (is_ntfs_stream_name(fname)) {
1978 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1979 return NT_STATUS_NOT_A_DIRECTORY;
1982 switch( create_disposition ) {
1985 info = FILE_WAS_OPENED;
1988 * We want to follow symlinks here.
1991 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
1992 return map_nt_error_from_unix(errno);
1999 /* If directory exists error. If directory doesn't
2002 status = mkdir_internal(conn, fname, psbuf);
2003 if (!NT_STATUS_IS_OK(status)) {
2004 DEBUG(2, ("open_directory: unable to create "
2005 "%s. Error was %s\n", fname,
2006 nt_errstr(status)));
2010 info = FILE_WAS_CREATED;
2015 * If directory exists open. If directory doesn't
2019 status = mkdir_internal(conn, fname, psbuf);
2021 if (NT_STATUS_IS_OK(status)) {
2022 info = FILE_WAS_CREATED;
2025 if (NT_STATUS_EQUAL(status,
2026 NT_STATUS_OBJECT_NAME_COLLISION)) {
2027 info = FILE_WAS_OPENED;
2028 status = NT_STATUS_OK;
2033 case FILE_SUPERSEDE:
2034 case FILE_OVERWRITE:
2035 case FILE_OVERWRITE_IF:
2037 DEBUG(5,("open_directory: invalid create_disposition "
2038 "0x%x for directory %s\n",
2039 (unsigned int)create_disposition, fname));
2040 return NT_STATUS_INVALID_PARAMETER;
2043 if(!S_ISDIR(psbuf->st_mode)) {
2044 DEBUG(5,("open_directory: %s is not a directory !\n",
2046 return NT_STATUS_NOT_A_DIRECTORY;
2049 status = file_new(conn, &fsp);
2050 if(!NT_STATUS_IS_OK(status)) {
2055 * Setup the files_struct for it.
2058 fsp->mode = psbuf->st_mode;
2059 fsp->inode = psbuf->st_ino;
2060 fsp->dev = psbuf->st_dev;
2061 fsp->vuid = current_user.vuid;
2062 fsp->file_pid = global_smbpid;
2063 fsp->can_lock = False;
2064 fsp->can_read = False;
2065 fsp->can_write = False;
2067 fsp->share_access = share_access;
2068 fsp->fh->private_options = create_options;
2069 fsp->access_mask = access_mask;
2071 fsp->print_file = False;
2072 fsp->modified = False;
2073 fsp->oplock_type = NO_OPLOCK;
2074 fsp->sent_oplock_break = NO_BREAK_SENT;
2075 fsp->is_directory = True;
2076 fsp->is_stat = False;
2077 string_set(&fsp->fsp_name,fname);
2079 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2084 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2086 return NT_STATUS_SHARING_VIOLATION;
2089 status = open_mode_check(conn, fname, lck,
2090 access_mask, share_access,
2091 create_options, &dir_existed);
2093 if (!NT_STATUS_IS_OK(status)) {
2099 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2101 /* For directories the delete on close bit at open time seems
2102 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2103 if (create_options & FILE_DELETE_ON_CLOSE) {
2104 status = can_set_delete_on_close(fsp, True, 0);
2105 if (!NT_STATUS_IS_OK(status)) {
2111 set_delete_on_close_token(lck, ¤t_user.ut);
2112 lck->initial_delete_on_close = True;
2113 lck->modified = True;
2122 conn->num_files_open++;
2125 return NT_STATUS_OK;
2128 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2131 SMB_STRUCT_STAT sbuf;
2134 SET_STAT_INVALID(sbuf);
2136 status = open_directory(conn, directory, &sbuf,
2137 FILE_READ_ATTRIBUTES, /* Just a stat open */
2138 FILE_SHARE_NONE, /* Ignored for stat opens */
2139 FILE_CREATE, 0, NULL, &fsp);
2141 if (NT_STATUS_IS_OK(status)) {
2142 close_file(fsp, NORMAL_CLOSE);
2148 /****************************************************************************
2149 Open a pseudo-file (no locking checks - a 'stat' open).
2150 ****************************************************************************/
2152 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2153 SMB_STRUCT_STAT *psbuf, files_struct **result)
2155 files_struct *fsp = NULL;
2158 if (!VALID_STAT(*psbuf)) {
2159 return NT_STATUS_INVALID_PARAMETER;
2162 /* Can't 'stat' open directories. */
2163 if(S_ISDIR(psbuf->st_mode)) {
2164 return NT_STATUS_FILE_IS_A_DIRECTORY;
2167 status = file_new(conn, &fsp);
2168 if(!NT_STATUS_IS_OK(status)) {
2172 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2175 * Setup the files_struct for it.
2178 fsp->mode = psbuf->st_mode;
2179 fsp->inode = psbuf->st_ino;
2180 fsp->dev = psbuf->st_dev;
2181 fsp->vuid = current_user.vuid;
2182 fsp->file_pid = global_smbpid;
2183 fsp->can_lock = False;
2184 fsp->can_read = False;
2185 fsp->can_write = False;
2186 fsp->print_file = False;
2187 fsp->modified = False;
2188 fsp->oplock_type = NO_OPLOCK;
2189 fsp->sent_oplock_break = NO_BREAK_SENT;
2190 fsp->is_directory = False;
2191 fsp->is_stat = True;
2192 string_set(&fsp->fsp_name,fname);
2194 conn->num_files_open++;
2197 return NT_STATUS_OK;
2200 /****************************************************************************
2201 Receive notification that one of our open files has been renamed by another
2203 ****************************************************************************/
2205 void msg_file_was_renamed(int msg_type, struct process_id src, void *buf, size_t len)
2208 char *frm = (char *)buf;
2211 const char *sharepath;
2212 const char *newname;
2215 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2216 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2220 /* Unpack the message. */
2221 dev = DEV_T_VAL(frm,0);
2222 inode = INO_T_VAL(frm,8);
2223 sharepath = &frm[16];
2224 newname = sharepath + strlen(sharepath) + 1;
2225 sp_len = strlen(sharepath);
2227 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2228 "dev %x, inode %.0f\n",
2229 sharepath, newname, (unsigned int)dev, (double)inode ));
2231 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2232 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2233 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2234 fsp->fnum, fsp->fsp_name, newname ));
2235 string_set(&fsp->fsp_name, newname);
2238 /* Now we have the complete path we can work out if this is
2239 actually within this share and adjust newname accordingly. */
2240 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2241 "not sharepath %s) "
2242 "fnum %d from %s -> %s\n",
2243 fsp->conn->connectpath,