*/
#include "includes.h"
+#include "globals.h"
#include "system/filesys.h"
#include "librpc/gen_ndr/ndr_xattr.h"
+#include "librpc/gen_ndr/ioctl.h"
#include "../libcli/security/security.h"
#include "smbd/smbd.h"
+#include "lib/param/loadparm.h"
+#include "lib/util/tevent_ntstatus.h"
+
+static NTSTATUS get_file_handle_for_metadata(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ files_struct **ret_fsp,
+ bool *need_close);
+
+static void dos_mode_debug_print(const char *func, uint32_t mode)
+{
+ fstring modestr;
+
+ if (DEBUGLEVEL < DBGLVL_INFO) {
+ return;
+ }
+
+ modestr[0] = '\0';
+
+ if (mode & FILE_ATTRIBUTE_HIDDEN) {
+ fstrcat(modestr, "h");
+ }
+ if (mode & FILE_ATTRIBUTE_READONLY) {
+ fstrcat(modestr, "r");
+ }
+ if (mode & FILE_ATTRIBUTE_SYSTEM) {
+ fstrcat(modestr, "s");
+ }
+ if (mode & FILE_ATTRIBUTE_DIRECTORY) {
+ fstrcat(modestr, "d");
+ }
+ if (mode & FILE_ATTRIBUTE_ARCHIVE) {
+ fstrcat(modestr, "a");
+ }
+ if (mode & FILE_ATTRIBUTE_SPARSE) {
+ fstrcat(modestr, "[sparse]");
+ }
+ if (mode & FILE_ATTRIBUTE_OFFLINE) {
+ fstrcat(modestr, "[offline]");
+ }
+ if (mode & FILE_ATTRIBUTE_COMPRESSED) {
+ fstrcat(modestr, "[compressed]");
+ }
+
+ DBG_INFO("%s returning (0x%x): \"%s\"\n", func, (unsigned)mode,
+ modestr);
+}
static uint32_t filter_mode_by_protocol(uint32_t mode)
{
#ifdef S_ISLNK
#if LINKS_READ_ONLY
if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
- return aRONLY;
+ return FILE_ATTRIBUTE_READONLY;
#endif
#endif
return 0;
mode_t unix_mode(connection_struct *conn, int dosmode,
const struct smb_filename *smb_fname,
- const char *inherit_from_dir)
+ struct smb_filename *smb_fname_parent)
{
mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
mode_t dir_mode = 0; /* Mode of the inherit_from directory if
result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
}
- if ((inherit_from_dir != NULL) && lp_inherit_perms(SNUM(conn))) {
- struct smb_filename *smb_fname_parent = NULL;
- NTSTATUS status;
-
- DEBUG(2, ("unix_mode(%s) inheriting from %s\n",
+ if ((smb_fname_parent != NULL) && lp_inherit_permissions(SNUM(conn))) {
+ DBG_DEBUG("[%s] inheriting from [%s]\n",
smb_fname_str_dbg(smb_fname),
- inherit_from_dir));
-
- status = create_synthetic_smb_fname(talloc_tos(),
- inherit_from_dir, NULL,
- NULL, &smb_fname_parent);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1,("unix_mode(%s) failed, [dir %s]: %s\n",
- smb_fname_str_dbg(smb_fname),
- inherit_from_dir, nt_errstr(status)));
- return(0);
- }
+ smb_fname_str_dbg(smb_fname_parent));
if (SMB_VFS_STAT(conn, smb_fname_parent) != 0) {
- DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",
- smb_fname_str_dbg(smb_fname),
- inherit_from_dir, strerror(errno)));
+ DBG_ERR("stat failed [%s]: %s\n",
+ smb_fname_str_dbg(smb_fname_parent),
+ strerror(errno));
TALLOC_FREE(smb_fname_parent);
return(0); /* *** shouldn't happen! *** */
}
result |= (S_IXUSR | S_IXGRP | S_IXOTH);
/* Apply directory mask */
- result &= lp_dir_mask(SNUM(conn));
+ result &= lp_directory_mask(SNUM(conn));
/* Add in force bits */
- result |= lp_force_dir_mode(SNUM(conn));
+ result |= lp_force_directory_mode(SNUM(conn));
}
} else {
if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
}
}
- DEBUG(3,("unix_mode(%s) returning 0%o\n", smb_fname_str_dbg(smb_fname),
- (int)result));
+ DBG_INFO("unix_mode(%s) returning 0%o\n",
+ smb_fname_str_dbg(smb_fname), (int)result);
+
return(result);
}
Change a unix mode to a dos mode.
****************************************************************************/
-static uint32 dos_mode_from_sbuf(connection_struct *conn,
+static uint32_t dos_mode_from_sbuf(connection_struct *conn,
const struct smb_filename *smb_fname)
{
int result = 0;
enum mapreadonly_options ro_opts = (enum mapreadonly_options)lp_map_readonly(SNUM(conn));
+#if defined(UF_IMMUTABLE) && defined(SF_IMMUTABLE)
+ /* if we can find out if a file is immutable we should report it r/o */
+ if (smb_fname->st.st_ex_flags & (UF_IMMUTABLE | SF_IMMUTABLE)) {
+ result |= FILE_ATTRIBUTE_READONLY;
+ }
+#endif
if (ro_opts == MAP_READONLY_YES) {
/* Original Samba method - map inverse of user "w" bit. */
if ((smb_fname->st.st_ex_mode & S_IWUSR) == 0) {
- result |= aRONLY;
+ result |= FILE_ATTRIBUTE_READONLY;
}
} else if (ro_opts == MAP_READONLY_PERMISSIONS) {
/* Check actual permissions for read-only. */
- if (!can_write_to_file(conn, smb_fname)) {
- result |= aRONLY;
+ if (!can_write_to_file(conn,
+ smb_fname))
+ {
+ result |= FILE_ATTRIBUTE_READONLY;
}
} /* Else never set the readonly bit. */
if (MAP_ARCHIVE(conn) && ((smb_fname->st.st_ex_mode & S_IXUSR) != 0))
- result |= aARCH;
+ result |= FILE_ATTRIBUTE_ARCHIVE;
if (MAP_SYSTEM(conn) && ((smb_fname->st.st_ex_mode & S_IXGRP) != 0))
- result |= aSYSTEM;
+ result |= FILE_ATTRIBUTE_SYSTEM;
if (MAP_HIDDEN(conn) && ((smb_fname->st.st_ex_mode & S_IXOTH) != 0))
- result |= aHIDDEN;
+ result |= FILE_ATTRIBUTE_HIDDEN;
if (S_ISDIR(smb_fname->st.st_ex_mode))
- result = aDIR | (result & aRONLY);
+ result = FILE_ATTRIBUTE_DIRECTORY | (result & FILE_ATTRIBUTE_READONLY);
result |= set_link_read_only_flag(&smb_fname->st);
- DEBUG(8,("dos_mode_from_sbuf returning "));
-
- if (result & aHIDDEN) DEBUG(8, ("h"));
- if (result & aRONLY ) DEBUG(8, ("r"));
- if (result & aSYSTEM) DEBUG(8, ("s"));
- if (result & aDIR ) DEBUG(8, ("d"));
- if (result & aARCH ) DEBUG(8, ("a"));
+ dos_mode_debug_print(__func__, result);
- DEBUG(8,("\n"));
return result;
}
This can also pull the create time into the stat struct inside smb_fname.
****************************************************************************/
-static bool get_ea_dos_attribute(connection_struct *conn,
- struct smb_filename *smb_fname,
- uint32 *pattr)
+NTSTATUS parse_dos_attribute_blob(struct smb_filename *smb_fname,
+ DATA_BLOB blob,
+ uint32_t *pattr)
{
struct xattr_DOSATTRIB dosattrib;
enum ndr_err_code ndr_err;
- DATA_BLOB blob;
- ssize_t sizeret;
- fstring attrstr;
uint32_t dosattr;
- if (!lp_store_dos_attributes(SNUM(conn))) {
- return False;
+ ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
+ (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
+
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DBG_WARNING("bad ndr decode "
+ "from EA on file %s: Error = %s\n",
+ smb_fname_str_dbg(smb_fname),
+ ndr_errstr(ndr_err));
+ return ndr_map_error2ntstatus(ndr_err);
}
- /* Don't reset pattr to zero as we may already have filename-based attributes we
- need to preserve. */
+ DBG_DEBUG("%s attr = %s\n",
+ smb_fname_str_dbg(smb_fname), dosattrib.attrib_hex);
- sizeret = SMB_VFS_GETXATTR(conn, smb_fname->base_name,
- SAMBA_XATTR_DOS_ATTRIB, attrstr,
- sizeof(attrstr));
- if (sizeret == -1) {
- if (errno == ENOSYS
-#if defined(ENOTSUP)
- || errno == ENOTSUP) {
-#else
- ) {
-#endif
- DEBUG(1,("get_ea_dos_attribute: Cannot get attribute "
- "from EA on file %s: Error = %s\n",
- smb_fname_str_dbg(smb_fname),
- strerror(errno)));
- set_store_dos_attributes(SNUM(conn), False);
+ switch (dosattrib.version) {
+ case 0xFFFF:
+ dosattr = dosattrib.info.compatinfoFFFF.attrib;
+ break;
+ case 1:
+ dosattr = dosattrib.info.info1.attrib;
+ if (!null_nttime(dosattrib.info.info1.create_time)) {
+ struct timespec create_time =
+ nt_time_to_unix_timespec(
+ dosattrib.info.info1.create_time);
+
+ update_stat_ex_create_time(&smb_fname->st,
+ create_time);
+
+ DBG_DEBUG("file %s case 1 set btime %s\n",
+ smb_fname_str_dbg(smb_fname),
+ time_to_asc(convert_timespec_to_time_t(
+ create_time)));
}
- return False;
- }
+ break;
+ case 2:
+ dosattr = dosattrib.info.oldinfo2.attrib;
+ /* Don't know what flags to check for this case. */
+ break;
+ case 3:
+ dosattr = dosattrib.info.info3.attrib;
+ if ((dosattrib.info.info3.valid_flags & XATTR_DOSINFO_CREATE_TIME) &&
+ !null_nttime(dosattrib.info.info3.create_time)) {
+ struct timespec create_time =
+ nt_time_to_full_timespec(
+ dosattrib.info.info3.create_time);
+
+ update_stat_ex_create_time(&smb_fname->st,
+ create_time);
+
+ DBG_DEBUG("file %s case 3 set btime %s\n",
+ smb_fname_str_dbg(smb_fname),
+ time_to_asc(convert_timespec_to_time_t(
+ create_time)));
+ }
+ break;
+ case 4:
+ {
+ struct xattr_DosInfo4 *info = &dosattrib.info.info4;
- blob.data = (uint8_t *)attrstr;
- blob.length = sizeret;
+ dosattr = info->attrib;
- ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
- (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
+ if ((info->valid_flags & XATTR_DOSINFO_CREATE_TIME) &&
+ !null_nttime(info->create_time))
+ {
+ struct timespec creat_time;
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DEBUG(1,("get_ea_dos_attribute: bad ndr decode "
- "from EA on file %s: Error = %s\n",
- smb_fname_str_dbg(smb_fname),
- ndr_errstr(ndr_err)));
- return false;
- }
+ creat_time = nt_time_to_full_timespec(info->create_time);
+ update_stat_ex_create_time(&smb_fname->st, creat_time);
- DEBUG(10,("get_ea_dos_attribute: %s attr = %s\n",
- smb_fname_str_dbg(smb_fname), dosattrib.attrib_hex));
+ DBG_DEBUG("file [%s] creation time [%s]\n",
+ smb_fname_str_dbg(smb_fname),
+ nt_time_string(talloc_tos(), info->create_time));
+ }
- switch (dosattrib.version) {
- case 0xFFFF:
- dosattr = dosattrib.info.compatinfoFFFF.attrib;
- break;
- case 1:
- dosattr = dosattrib.info.info1.attrib;
- if (!null_nttime(dosattrib.info.info1.create_time)) {
- struct timespec create_time =
- nt_time_to_unix_timespec(
- &dosattrib.info.info1.create_time);
-
- update_stat_ex_create_time(&smb_fname->st,
- create_time);
-
- DEBUG(10,("get_ea_dos_attribute: file %s case 1 "
- "set btime %s\n",
- smb_fname_str_dbg(smb_fname),
- time_to_asc(convert_timespec_to_time_t(
- create_time)) ));
+ if (info->valid_flags & XATTR_DOSINFO_ITIME) {
+ struct timespec itime;
+ uint64_t file_id;
+
+ itime = nt_time_to_unix_timespec(info->itime);
+ if (smb_fname->st.st_ex_iflags &
+ ST_EX_IFLAG_CALCULATED_ITIME)
+ {
+ update_stat_ex_itime(&smb_fname->st, itime);
}
- break;
- case 2:
- dosattr = dosattrib.info.oldinfo2.attrib;
- /* Don't know what flags to check for this case. */
- break;
- case 3:
- dosattr = dosattrib.info.info3.attrib;
- if ((dosattrib.info.info3.valid_flags & XATTR_DOSINFO_CREATE_TIME) &&
- !null_nttime(dosattrib.info.info3.create_time)) {
- struct timespec create_time =
- nt_time_to_unix_timespec(
- &dosattrib.info.info3.create_time);
-
- update_stat_ex_create_time(&smb_fname->st,
- create_time);
-
- DEBUG(10,("get_ea_dos_attribute: file %s case 3 "
- "set btime %s\n",
- smb_fname_str_dbg(smb_fname),
- time_to_asc(convert_timespec_to_time_t(
- create_time)) ));
+
+ file_id = make_file_id_from_itime(&smb_fname->st);
+ if (smb_fname->st.st_ex_iflags &
+ ST_EX_IFLAG_CALCULATED_FILE_ID)
+ {
+ update_stat_ex_file_id(&smb_fname->st, file_id);
}
- break;
- default:
- DEBUG(1,("get_ea_dos_attribute: Badly formed DOSATTRIB on "
- "file %s - %s\n", smb_fname_str_dbg(smb_fname),
- attrstr));
- return false;
+
+ DBG_DEBUG("file [%s] itime [%s] fileid [%"PRIx64"]\n",
+ smb_fname_str_dbg(smb_fname),
+ nt_time_string(talloc_tos(), info->itime),
+ file_id);
+ }
+ break;
+ }
+ default:
+ DBG_WARNING("Badly formed DOSATTRIB on file %s - %s\n",
+ smb_fname_str_dbg(smb_fname), blob.data);
+ /* Should this be INTERNAL_ERROR? */
+ return NT_STATUS_INVALID_PARAMETER;
}
if (S_ISDIR(smb_fname->st.st_ex_mode)) {
- dosattr |= aDIR;
+ dosattr |= FILE_ATTRIBUTE_DIRECTORY;
}
+
/* FILE_ATTRIBUTE_SPARSE is valid on get but not on set. */
- *pattr = (uint32)(dosattr & (SAMBA_ATTRIBUTES_MASK|FILE_ATTRIBUTE_SPARSE));
+ *pattr |= (uint32_t)(dosattr & (SAMBA_ATTRIBUTES_MASK|FILE_ATTRIBUTE_SPARSE));
- DEBUG(8,("get_ea_dos_attribute returning (0x%x)", dosattr));
+ dos_mode_debug_print(__func__, *pattr);
- if (dosattr & aHIDDEN) DEBUG(8, ("h"));
- if (dosattr & aRONLY ) DEBUG(8, ("r"));
- if (dosattr & aSYSTEM) DEBUG(8, ("s"));
- if (dosattr & aDIR ) DEBUG(8, ("d"));
- if (dosattr & aARCH ) DEBUG(8, ("a"));
+ return NT_STATUS_OK;
+}
- DEBUG(8,("\n"));
+NTSTATUS get_ea_dos_attribute(connection_struct *conn,
+ struct smb_filename *smb_fname,
+ uint32_t *pattr)
+{
+ DATA_BLOB blob;
+ ssize_t sizeret;
+ fstring attrstr;
+ NTSTATUS status;
+
+ if (!lp_store_dos_attributes(SNUM(conn))) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ /* Don't reset pattr to zero as we may already have filename-based attributes we
+ need to preserve. */
+
+ sizeret = SMB_VFS_GETXATTR(conn, smb_fname,
+ SAMBA_XATTR_DOS_ATTRIB, attrstr,
+ sizeof(attrstr));
+ if (sizeret == -1 && errno == EACCES) {
+ int saved_errno = 0;
+
+ /*
+ * According to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to
+ * an Existing File" FILE_LIST_DIRECTORY on a directory implies
+ * FILE_READ_ATTRIBUTES for directory entries. Being able to
+ * stat() a file implies FILE_LIST_DIRECTORY for the directory
+ * containing the file.
+ */
- return True;
+ if (!VALID_STAT(smb_fname->st)) {
+ /*
+ * Safety net: dos_mode() already checks this, but as we
+ * become root based on this, add an additional layer of
+ * defense.
+ */
+ DBG_ERR("Rejecting root override, invalid stat [%s]\n",
+ smb_fname_str_dbg(smb_fname));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ become_root();
+ sizeret = SMB_VFS_GETXATTR(conn, smb_fname,
+ SAMBA_XATTR_DOS_ATTRIB,
+ attrstr,
+ sizeof(attrstr));
+ if (sizeret == -1) {
+ saved_errno = errno;
+ }
+ unbecome_root();
+
+ if (saved_errno != 0) {
+ errno = saved_errno;
+ }
+ }
+ if (sizeret == -1) {
+ DBG_INFO("Cannot get attribute "
+ "from EA on file %s: Error = %s\n",
+ smb_fname_str_dbg(smb_fname), strerror(errno));
+ return map_nt_error_from_unix(errno);
+ }
+
+ blob.data = (uint8_t *)attrstr;
+ blob.length = sizeret;
+
+ status = parse_dos_attribute_blob(smb_fname, blob, pattr);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return NT_STATUS_OK;
}
/****************************************************************************
Also sets the create time.
****************************************************************************/
-static bool set_ea_dos_attribute(connection_struct *conn,
- struct smb_filename *smb_fname,
- uint32 dosmode)
+NTSTATUS set_ea_dos_attribute(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ uint32_t dosmode)
{
struct xattr_DOSATTRIB dosattrib;
enum ndr_err_code ndr_err;
DATA_BLOB blob;
- files_struct *fsp = NULL;
- bool ret = false;
+ int ret;
if (!lp_store_dos_attributes(SNUM(conn))) {
- return False;
+ return NT_STATUS_NOT_IMPLEMENTED;
}
+ /*
+ * Don't store FILE_ATTRIBUTE_OFFLINE, it's dealt with in
+ * vfs_default via DMAPI if that is enabled.
+ */
+ dosmode &= ~FILE_ATTRIBUTE_OFFLINE;
+
ZERO_STRUCT(dosattrib);
ZERO_STRUCT(blob);
- dosattrib.version = 3;
- dosattrib.info.info3.valid_flags = XATTR_DOSINFO_ATTRIB|
+ dosattrib.version = 4;
+ dosattrib.info.info4.valid_flags = XATTR_DOSINFO_ATTRIB |
XATTR_DOSINFO_CREATE_TIME;
- dosattrib.info.info3.attrib = dosmode;
- unix_timespec_to_nt_time(&dosattrib.info.info3.create_time,
- smb_fname->st.st_ex_btime);
+ dosattrib.info.info4.attrib = dosmode;
+ dosattrib.info.info4.create_time = full_timespec_to_nt_time(
+ &smb_fname->st.st_ex_btime);
+
+ if (!(smb_fname->st.st_ex_iflags & ST_EX_IFLAG_CALCULATED_ITIME)) {
+ dosattrib.info.info4.valid_flags |= XATTR_DOSINFO_ITIME;
+ dosattrib.info.info4.itime = full_timespec_to_nt_time(
+ &smb_fname->st.st_ex_itime);
+ }
DEBUG(10,("set_ea_dos_attributes: set attribute 0x%x, btime = %s on file %s\n",
(unsigned int)dosmode,
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(5, ("create_acl_blob: ndr_push_xattr_DOSATTRIB failed: %s\n",
ndr_errstr(ndr_err)));
- return false;
+ return ndr_map_error2ntstatus(ndr_err);
}
if (blob.data == NULL || blob.length == 0) {
- return false;
+ /* Should this be INTERNAL_ERROR? */
+ return NT_STATUS_INVALID_PARAMETER;
}
- if (SMB_VFS_SETXATTR(conn, smb_fname->base_name,
- SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length,
- 0) == -1) {
- if((errno != EPERM) && (errno != EACCES)) {
- if (errno == ENOSYS
-#if defined(ENOTSUP)
- || errno == ENOTSUP) {
-#else
- ) {
-#endif
- DEBUG(1,("set_ea_dos_attributes: Cannot set "
- "attribute EA on file %s: Error = %s\n",
- smb_fname_str_dbg(smb_fname),
- strerror(errno) ));
- set_store_dos_attributes(SNUM(conn), False);
- }
- return false;
+ ret = SMB_VFS_SETXATTR(conn, smb_fname,
+ SAMBA_XATTR_DOS_ATTRIB,
+ blob.data, blob.length, 0);
+ if (ret != 0) {
+ NTSTATUS status = NT_STATUS_OK;
+ bool need_close = false;
+ files_struct *fsp = NULL;
+ bool set_dosmode_ok = false;
+
+ if ((errno != EPERM) && (errno != EACCES)) {
+ DBG_INFO("Cannot set "
+ "attribute EA on file %s: Error = %s\n",
+ smb_fname_str_dbg(smb_fname), strerror(errno));
+ return map_nt_error_from_unix(errno);
}
/* We want DOS semantics, ie allow non owner with write permission to change the
*/
/* Check if we have write access. */
- if(!CAN_WRITE(conn) || !lp_dos_filemode(SNUM(conn)))
- return false;
+ if (!CAN_WRITE(conn)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ status = smbd_check_access_rights(conn, smb_fname, false,
+ FILE_WRITE_ATTRIBUTES);
+ if (NT_STATUS_IS_OK(status)) {
+ set_dosmode_ok = true;
+ }
+
+ if (!set_dosmode_ok && lp_dos_filemode(SNUM(conn))) {
+ set_dosmode_ok = can_write_to_file(conn,
+ smb_fname);
+ }
+
+ if (!set_dosmode_ok) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
/*
- * We need to open the file with write access whilst
- * still in our current user context. This ensures we
- * are not violating security in doing the setxattr.
+ * We need to get an open file handle to do the
+ * metadata operation under root.
*/
- if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
- &fsp)))
- return ret;
+ status = get_file_handle_for_metadata(conn,
+ smb_fname,
+ &fsp,
+ &need_close);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
become_root();
- if (SMB_VFS_SETXATTR(conn, smb_fname->base_name,
- SAMBA_XATTR_DOS_ATTRIB, blob.data,
- blob.length, 0) == 0) {
- ret = true;
+ ret = SMB_VFS_FSETXATTR(fsp,
+ SAMBA_XATTR_DOS_ATTRIB,
+ blob.data, blob.length, 0);
+ if (ret == 0) {
+ status = NT_STATUS_OK;
}
unbecome_root();
- close_file(NULL, fsp, NORMAL_CLOSE);
- return ret;
+ if (need_close) {
+ close_file(NULL, fsp, NORMAL_CLOSE);
+ }
+ return status;
}
DEBUG(10,("set_ea_dos_attribute: set EA 0x%x on file %s\n",
(unsigned int)dosmode,
smb_fname_str_dbg(smb_fname)));
- return true;
+ return NT_STATUS_OK;
}
/****************************************************************************
Change a unix mode to a dos mode for an ms dfs link.
****************************************************************************/
-uint32 dos_mode_msdfs(connection_struct *conn,
+uint32_t dos_mode_msdfs(connection_struct *conn,
const struct smb_filename *smb_fname)
{
- uint32 result = 0;
+ uint32_t result = 0;
DEBUG(8,("dos_mode_msdfs: %s\n", smb_fname_str_dbg(smb_fname)));
/* Only . and .. are not hidden. */
if (p[0] == '.' && !((p[1] == '\0') ||
(p[1] == '.' && p[2] == '\0'))) {
- result |= aHIDDEN;
+ result |= FILE_ATTRIBUTE_HIDDEN;
}
}
/* Optimization : Only call is_hidden_path if it's not already
hidden. */
- if (!(result & aHIDDEN) &&
+ if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
IS_HIDDEN_PATH(conn, smb_fname->base_name)) {
- result |= aHIDDEN;
+ result |= FILE_ATTRIBUTE_HIDDEN;
}
if (result == 0) {
result = filter_mode_by_protocol(result);
- DEBUG(8,("dos_mode_msdfs returning "));
-
- if (result & aHIDDEN) DEBUG(8, ("h"));
- if (result & aRONLY ) DEBUG(8, ("r"));
- if (result & aSYSTEM) DEBUG(8, ("s"));
- if (result & aDIR ) DEBUG(8, ("d"));
- if (result & aARCH ) DEBUG(8, ("a"));
- if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
+ /*
+ * Add in that it is a reparse point
+ */
+ result |= FILE_ATTRIBUTE_REPARSE_POINT;
- DEBUG(8,("\n"));
+ dos_mode_debug_print(__func__, result);
return(result);
}
-#ifdef HAVE_STAT_DOS_FLAGS
-/****************************************************************************
- Convert dos attributes (FILE_ATTRIBUTE_*) to dos stat flags (UF_*)
-****************************************************************************/
-
-int dos_attributes_to_stat_dos_flags(uint32_t dosmode)
+/*
+ * check whether a file or directory is flagged as compressed.
+ */
+static NTSTATUS dos_mode_check_compressed(connection_struct *conn,
+ struct smb_filename *smb_fname,
+ bool *is_compressed)
{
- uint32_t dos_stat_flags = 0;
-
- if (dosmode & aARCH)
- dos_stat_flags |= UF_DOS_ARCHIVE;
- if (dosmode & aHIDDEN)
- dos_stat_flags |= UF_DOS_HIDDEN;
- if (dosmode & aRONLY)
- dos_stat_flags |= UF_DOS_RO;
- if (dosmode & aSYSTEM)
- dos_stat_flags |= UF_DOS_SYSTEM;
- if (dosmode & FILE_ATTRIBUTE_NONINDEXED)
- dos_stat_flags |= UF_DOS_NOINDEX;
-
- return dos_stat_flags;
-}
+ NTSTATUS status;
+ uint16_t compression_fmt;
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto err_out;
+ }
-/****************************************************************************
- Gets DOS attributes, accessed via st_ex_flags in the stat struct.
-****************************************************************************/
+ status = SMB_VFS_GET_COMPRESSION(conn, tmp_ctx, NULL, smb_fname,
+ &compression_fmt);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto err_ctx_free;
+ }
+
+ if (compression_fmt == COMPRESSION_FORMAT_LZNT1) {
+ *is_compressed = true;
+ } else {
+ *is_compressed = false;
+ }
+ status = NT_STATUS_OK;
+
+err_ctx_free:
+ talloc_free(tmp_ctx);
+err_out:
+ return status;
+}
-static bool get_stat_dos_flags(connection_struct *conn,
- const struct smb_filename *smb_fname,
- uint32_t *dosmode)
+static uint32_t dos_mode_from_name(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ uint32_t dosmode)
{
- SMB_ASSERT(VALID_STAT(smb_fname->st));
- SMB_ASSERT(dosmode);
+ const char *p = NULL;
+ uint32_t result = dosmode;
- if (!lp_store_dos_attributes(SNUM(conn))) {
- return false;
- }
+ if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
+ lp_hide_dot_files(SNUM(conn)))
+ {
+ p = strrchr_m(smb_fname->base_name, '/');
+ if (p) {
+ p++;
+ } else {
+ p = smb_fname->base_name;
+ }
- DEBUG(5, ("Getting stat dos attributes for %s.\n",
- smb_fname_str_dbg(smb_fname)));
-
- if (smb_fname->st.st_ex_flags & UF_DOS_ARCHIVE)
- *dosmode |= aARCH;
- if (smb_fname->st.st_ex_flags & UF_DOS_HIDDEN)
- *dosmode |= aHIDDEN;
- if (smb_fname->st.st_ex_flags & UF_DOS_RO)
- *dosmode |= aRONLY;
- if (smb_fname->st.st_ex_flags & UF_DOS_SYSTEM)
- *dosmode |= aSYSTEM;
- if (smb_fname->st.st_ex_flags & UF_DOS_NOINDEX)
- *dosmode |= FILE_ATTRIBUTE_NONINDEXED;
- if (smb_fname->st.st_ex_flags & FILE_ATTRIBUTE_SPARSE)
- *dosmode |= FILE_ATTRIBUTE_SPARSE;
- if (S_ISDIR(smb_fname->st.st_ex_mode))
- *dosmode |= aDIR;
+ /* Only . and .. are not hidden. */
+ if ((p[0] == '.') &&
+ !((p[1] == '\0') || (p[1] == '.' && p[2] == '\0')))
+ {
+ result |= FILE_ATTRIBUTE_HIDDEN;
+ }
+ }
- *dosmode |= set_link_read_only_flag(&smb_fname->st);
+ if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
+ IS_HIDDEN_PATH(conn, smb_fname->base_name))
+ {
+ result |= FILE_ATTRIBUTE_HIDDEN;
+ }
- return true;
+ return result;
}
-/****************************************************************************
- Sets DOS attributes, stored in st_ex_flags of the inode.
-****************************************************************************/
-
-static bool set_stat_dos_flags(connection_struct *conn,
- const struct smb_filename *smb_fname,
- uint32_t dosmode,
- bool *attributes_changed)
+static uint32_t dos_mode_post(uint32_t dosmode,
+ connection_struct *conn,
+ struct smb_filename *smb_fname,
+ const char *func)
{
- uint32_t new_flags = 0;
- int error = 0;
-
- SMB_ASSERT(VALID_STAT(smb_fname->st));
- SMB_ASSERT(attributes_changed);
+ NTSTATUS status;
- *attributes_changed = false;
+ /*
+ * According to MS-FSA a stream name does not have
+ * separate DOS attribute metadata, so we must return
+ * the DOS attribute from the base filename. With one caveat,
+ * a non-default stream name can never be a directory.
+ *
+ * As this is common to all streams data stores, we handle
+ * it here instead of inside all stream VFS modules.
+ *
+ * BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
+ */
- if (!lp_store_dos_attributes(SNUM(conn))) {
- return false;
+ if (is_named_stream(smb_fname)) {
+ /* is_ntfs_stream_smb_fname() returns false for a POSIX path. */
+ dosmode &= ~(FILE_ATTRIBUTE_DIRECTORY);
}
- DEBUG(5, ("Setting stat dos attributes for %s.\n",
- smb_fname_str_dbg(smb_fname)));
+ if (conn->fs_capabilities & FILE_FILE_COMPRESSION) {
+ bool compressed = false;
- new_flags = (smb_fname->st.st_ex_flags & ~UF_DOS_FLAGS) |
- dos_attributes_to_stat_dos_flags(dosmode);
-
- /* Return early if no flags changed. */
- if (new_flags == smb_fname->st.st_ex_flags)
- return true;
+ status = dos_mode_check_compressed(conn, smb_fname,
+ &compressed);
+ if (NT_STATUS_IS_OK(status) && compressed) {
+ dosmode |= FILE_ATTRIBUTE_COMPRESSED;
+ }
+ }
- DEBUG(5, ("Setting stat dos attributes=0x%x, prev=0x%x\n", new_flags,
- smb_fname->st.st_ex_flags));
+ dosmode |= dos_mode_from_name(conn, smb_fname, dosmode);
- /* Set new flags with chflags. */
- error = SMB_VFS_CHFLAGS(conn, smb_fname->base_name, new_flags);
- if (error) {
- DEBUG(0, ("Failed setting new stat dos attributes (0x%x) on "
- "file %s! errno=%d\n", new_flags,
- smb_fname_str_dbg(smb_fname), errno));
- return false;
+ if (S_ISDIR(smb_fname->st.st_ex_mode)) {
+ dosmode |= FILE_ATTRIBUTE_DIRECTORY;
+ } else if (dosmode == 0) {
+ dosmode = FILE_ATTRIBUTE_NORMAL;
}
- *attributes_changed = true;
- return true;
+ dosmode = filter_mode_by_protocol(dosmode);
+
+ dos_mode_debug_print(func, dosmode);
+ return dosmode;
}
-#endif /* HAVE_STAT_DOS_FLAGS */
/****************************************************************************
Change a unix mode to a dos mode.
if "store dos attributes" is true.
****************************************************************************/
-uint32 dos_mode(connection_struct *conn, struct smb_filename *smb_fname)
+uint32_t dos_mode(connection_struct *conn, struct smb_filename *smb_fname)
{
- uint32 result = 0;
- bool offline, used_stat_dos_flags = false;
+ uint32_t result = 0;
+ NTSTATUS status = NT_STATUS_OK;
DEBUG(8,("dos_mode: %s\n", smb_fname_str_dbg(smb_fname)));
return 0;
}
- /* First do any modifications that depend on the path name. */
- /* hide files with a name starting with a . */
- if (lp_hide_dot_files(SNUM(conn))) {
- const char *p = strrchr_m(smb_fname->base_name,'/');
- if (p) {
- p++;
- } else {
- p = smb_fname->base_name;
+ /* Get the DOS attributes via the VFS if we can */
+ status = SMB_VFS_GET_DOS_ATTRIBUTES(conn, smb_fname, &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * Only fall back to using UNIX modes if we get NOT_IMPLEMENTED.
+ */
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+ result |= dos_mode_from_sbuf(conn, smb_fname);
}
+ }
- /* Only . and .. are not hidden. */
- if (p[0] == '.' && !((p[1] == '\0') ||
- (p[1] == '.' && p[2] == '\0'))) {
- result |= aHIDDEN;
- }
+ result = dos_mode_post(result, conn, smb_fname, __func__);
+ return result;
+}
+
+struct dos_mode_at_state {
+ files_struct *dir_fsp;
+ struct smb_filename *smb_fname;
+ uint32_t dosmode;
+};
+
+static void dos_mode_at_vfs_get_dosmode_done(struct tevent_req *subreq);
+
+struct tevent_req *dos_mode_at_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ files_struct *dir_fsp,
+ struct smb_filename *smb_fname)
+{
+ struct tevent_req *req = NULL;
+ struct dos_mode_at_state *state = NULL;
+ struct tevent_req *subreq = NULL;
+
+ DBG_DEBUG("%s\n", smb_fname_str_dbg(smb_fname));
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct dos_mode_at_state);
+ if (req == NULL) {
+ return NULL;
}
-#ifdef HAVE_STAT_DOS_FLAGS
- used_stat_dos_flags = get_stat_dos_flags(conn, smb_fname, &result);
-#endif
- if (!used_stat_dos_flags) {
- /* Get the DOS attributes from an EA by preference. */
- if (!get_ea_dos_attribute(conn, smb_fname, &result)) {
- result |= dos_mode_from_sbuf(conn, smb_fname);
- }
+ *state = (struct dos_mode_at_state) {
+ .dir_fsp = dir_fsp,
+ .smb_fname = smb_fname,
+ };
+
+ if (!VALID_STAT(smb_fname->st)) {
+ tevent_req_done(req);
+ return tevent_req_post(req, ev);
}
- offline = SMB_VFS_IS_OFFLINE(conn, smb_fname, &smb_fname->st);
- if (S_ISREG(smb_fname->st.st_ex_mode) && offline) {
- result |= FILE_ATTRIBUTE_OFFLINE;
+ subreq = SMB_VFS_GET_DOS_ATTRIBUTES_SEND(state,
+ ev,
+ dir_fsp,
+ smb_fname);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
}
+ tevent_req_set_callback(subreq, dos_mode_at_vfs_get_dosmode_done, req);
- /* Optimization : Only call is_hidden_path if it's not already
- hidden. */
- if (!(result & aHIDDEN) &&
- IS_HIDDEN_PATH(conn, smb_fname->base_name)) {
- result |= aHIDDEN;
+ return req;
+}
+
+static void dos_mode_at_vfs_get_dosmode_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct dos_mode_at_state *state =
+ tevent_req_data(req,
+ struct dos_mode_at_state);
+ char *path = NULL;
+ struct smb_filename *smb_path = NULL;
+ struct vfs_aio_state aio_state;
+ NTSTATUS status;
+ bool ok;
+
+ /*
+ * Make sure we run as the user again
+ */
+ ok = change_to_user_and_service_by_fsp(state->dir_fsp);
+ SMB_ASSERT(ok);
+
+ status = SMB_VFS_GET_DOS_ATTRIBUTES_RECV(subreq,
+ &aio_state,
+ &state->dosmode);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * Both the sync dos_mode() as well as the async
+ * dos_mode_at_[send|recv] have no real error return, the only
+ * unhandled error is when the stat info in smb_fname is not
+ * valid (cf the checks in dos_mode() and dos_mode_at_send().
+ *
+ * If SMB_VFS_GET_DOS_ATTRIBUTES[_SEND|_RECV] fails we must call
+ * dos_mode_post() which also does the mapping of a last ressort
+ * from S_IFMT(st_mode).
+ *
+ * Only if we get NT_STATUS_NOT_IMPLEMENTED from a stacked VFS
+ * module we must fallback to sync processing.
+ */
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+ /*
+ * state->dosmode should still be 0, but reset
+ * it to be sure.
+ */
+ state->dosmode = 0;
+ status = NT_STATUS_OK;
+ }
+ }
+ if (NT_STATUS_IS_OK(status)) {
+ state->dosmode = dos_mode_post(state->dosmode,
+ state->dir_fsp->conn,
+ state->smb_fname,
+ __func__);
+ tevent_req_done(req);
+ return;
}
- if (result == 0) {
- result = FILE_ATTRIBUTE_NORMAL;
+ /*
+ * Fall back to sync dos_mode() if we got NOT_IMPLEMENTED.
+ */
+
+ path = talloc_asprintf(state,
+ "%s/%s",
+ state->dir_fsp->fsp_name->base_name,
+ state->smb_fname->base_name);
+ if (tevent_req_nomem(path, req)) {
+ return;
}
- result = filter_mode_by_protocol(result);
+ smb_path = synthetic_smb_fname(state,
+ path,
+ NULL,
+ &state->smb_fname->st,
+ 0);
+ if (tevent_req_nomem(smb_path, req)) {
+ return;
+ }
- DEBUG(8,("dos_mode returning "));
+ state->dosmode = dos_mode(state->dir_fsp->conn, smb_path);
+ tevent_req_done(req);
+ return;
+}
- if (result & aHIDDEN) DEBUG(8, ("h"));
- if (result & aRONLY ) DEBUG(8, ("r"));
- if (result & aSYSTEM) DEBUG(8, ("s"));
- if (result & aDIR ) DEBUG(8, ("d"));
- if (result & aARCH ) DEBUG(8, ("a"));
- if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
+NTSTATUS dos_mode_at_recv(struct tevent_req *req, uint32_t *dosmode)
+{
+ struct dos_mode_at_state *state =
+ tevent_req_data(req,
+ struct dos_mode_at_state);
+ NTSTATUS status;
- DEBUG(8,("\n"));
+ if (tevent_req_is_nterror(req, &status)) {
+ tevent_req_received(req);
+ return status;
+ }
- return(result);
+ *dosmode = state->dosmode;
+ tevent_req_received(req);
+ return NT_STATUS_OK;
}
/*******************************************************************
attribute also.
********************************************************************/
-int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname,
- uint32 dosmode, const char *parent_dir, bool newfile)
+int file_set_dosmode(connection_struct *conn,
+ struct smb_filename *smb_fname,
+ uint32_t dosmode,
+ struct smb_filename *parent_dir,
+ bool newfile)
{
int mask=0;
mode_t tmp;
mode_t unixmode;
int ret = -1, lret = -1;
- uint32_t old_mode;
- struct timespec new_create_timespec;
+ files_struct *fsp = NULL;
+ bool need_close = false;
+ NTSTATUS status;
+
+ if (!CAN_WRITE(conn)) {
+ errno = EROFS;
+ return -1;
+ }
- /* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
- dosmode &= (SAMBA_ATTRIBUTES_MASK | FILE_ATTRIBUTE_OFFLINE);
+ dosmode &= SAMBA_ATTRIBUTES_MASK;
DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n",
dosmode, smb_fname_str_dbg(smb_fname)));
unixmode = smb_fname->st.st_ex_mode;
- get_acl_group_bits(conn, smb_fname->base_name,
- &smb_fname->st.st_ex_mode);
+ get_acl_group_bits(conn, smb_fname,
+ &smb_fname->st.st_ex_mode);
if (S_ISDIR(smb_fname->st.st_ex_mode))
- dosmode |= aDIR;
+ dosmode |= FILE_ATTRIBUTE_DIRECTORY;
else
- dosmode &= ~aDIR;
-
- new_create_timespec = smb_fname->st.st_ex_btime;
-
- old_mode = dos_mode(conn, smb_fname);
-
- if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
- if (!(old_mode & FILE_ATTRIBUTE_OFFLINE)) {
- lret = SMB_VFS_SET_OFFLINE(conn, smb_fname);
- if (lret == -1) {
- DEBUG(0, ("set_dos_mode: client has asked to "
- "set FILE_ATTRIBUTE_OFFLINE to "
- "%s/%s but there was an error while "
- "setting it or it is not "
- "supported.\n", parent_dir,
- smb_fname_str_dbg(smb_fname)));
- }
- }
- }
+ dosmode &= ~FILE_ATTRIBUTE_DIRECTORY;
- dosmode &= ~FILE_ATTRIBUTE_OFFLINE;
- old_mode &= ~FILE_ATTRIBUTE_OFFLINE;
-
- smb_fname->st.st_ex_btime = new_create_timespec;
-
-#ifdef HAVE_STAT_DOS_FLAGS
- {
- bool attributes_changed;
-
- if (set_stat_dos_flags(conn, smb_fname, dosmode,
- &attributes_changed))
- {
- if (!newfile && attributes_changed) {
- notify_fname(conn, NOTIFY_ACTION_MODIFIED,
- FILE_NOTIFY_CHANGE_ATTRIBUTES,
- smb_fname->base_name);
- }
- smb_fname->st.st_ex_mode = unixmode;
- return 0;
- }
- }
-#endif
/* Store the DOS attributes in an EA by preference. */
- if (set_ea_dos_attribute(conn, smb_fname, dosmode)) {
+ status = SMB_VFS_SET_DOS_ATTRIBUTES(conn, smb_fname, dosmode);
+ if (NT_STATUS_IS_OK(status)) {
if (!newfile) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
- FILE_NOTIFY_CHANGE_ATTRIBUTES,
- smb_fname->base_name);
+ FILE_NOTIFY_CHANGE_ATTRIBUTES,
+ smb_fname->base_name);
}
smb_fname->st.st_ex_mode = unixmode;
return 0;
+ } else {
+ /*
+ * Only fall back to using UNIX modes if
+ * we get NOT_IMPLEMENTED.
+ */
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+ errno = map_errno_from_nt_status(status);
+ return -1;
+ }
}
+ /* Fall back to UNIX modes. */
unixmode = unix_mode(conn, dosmode, smb_fname, parent_dir);
+ /* preserve the file type bits */
+ mask |= S_IFMT;
+
/* preserve the s bits */
mask |= (S_ISUID | S_ISGID);
return -1;
}
- ret = SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode);
+ ret = SMB_VFS_CHMOD(conn, smb_fname, unixmode);
if (ret == 0) {
if(!newfile || (lret != -1)) {
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
bits on a file. Just like file_ntimes below.
*/
- /* Check if we have write access. */
- if (CAN_WRITE(conn)) {
- /*
- * We need to open the file with write access whilst
- * still in our current user context. This ensures we
- * are not violating security in doing the fchmod.
- */
- files_struct *fsp;
- if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
- &fsp)))
- return -1;
- become_root();
- ret = SMB_VFS_FCHMOD(fsp, unixmode);
- unbecome_root();
+ if (!can_write_to_file(conn,
+ smb_fname))
+ {
+ errno = EACCES;
+ return -1;
+ }
+
+ /*
+ * We need to get an open file handle to do the
+ * metadata operation under root.
+ */
+
+ status = get_file_handle_for_metadata(conn,
+ smb_fname,
+ &fsp,
+ &need_close);
+ if (!NT_STATUS_IS_OK(status)) {
+ errno = map_errno_from_nt_status(status);
+ return -1;
+ }
+
+ become_root();
+ ret = SMB_VFS_FCHMOD(fsp, unixmode);
+ unbecome_root();
+ if (need_close) {
close_file(NULL, fsp, NORMAL_CLOSE);
- if (!newfile) {
- notify_fname(conn, NOTIFY_ACTION_MODIFIED,
- FILE_NOTIFY_CHANGE_ATTRIBUTES,
- smb_fname->base_name);
- }
- if (ret == 0) {
- smb_fname->st.st_ex_mode = unixmode;
- }
+ }
+ if (!newfile) {
+ notify_fname(conn, NOTIFY_ACTION_MODIFIED,
+ FILE_NOTIFY_CHANGE_ATTRIBUTES,
+ smb_fname->base_name);
+ }
+ if (ret == 0) {
+ smb_fname->st.st_ex_mode = unixmode;
}
return( ret );
files_struct *fsp,
bool sparse)
{
+ const struct loadparm_substitution *lp_sub =
+ loadparm_s3_global_substitution();
uint32_t old_dosmode;
uint32_t new_dosmode;
NTSTATUS status;
"on readonly share[%s]\n",
smb_fname_str_dbg(fsp->fsp_name),
sparse,
- lp_servicename(SNUM(conn))));
+ lp_servicename(talloc_tos(), lp_sub, SNUM(conn))));
return NT_STATUS_MEDIA_WRITE_PROTECTED;
}
- if (!(fsp->access_mask & FILE_WRITE_DATA) &&
- !(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) {
+ /*
+ * Windows Server 2008 & 2012 permit FSCTL_SET_SPARSE if any of the
+ * following access flags are granted.
+ */
+ if ((fsp->access_mask & (FILE_WRITE_DATA
+ | FILE_WRITE_ATTRIBUTES
+ | SEC_FILE_APPEND_DATA)) == 0) {
DEBUG(9,("file_set_sparse: fname[%s] set[%u] "
"access_mask[0x%08X] - access denied\n",
smb_fname_str_dbg(fsp->fsp_name),
return NT_STATUS_ACCESS_DENIED;
}
+ if (fsp->fsp_flags.is_directory) {
+ DEBUG(9, ("invalid attempt to %s sparse flag on dir %s\n",
+ (sparse ? "set" : "clear"),
+ smb_fname_str_dbg(fsp->fsp_name)));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (IS_IPC(conn) || IS_PRINT(conn)) {
+ DEBUG(9, ("attempt to %s sparse flag over invalid conn\n",
+ (sparse ? "set" : "clear")));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
DEBUG(10,("file_set_sparse: setting sparse bit %u on file %s\n",
sparse, smb_fname_str_dbg(fsp->fsp_name)));
}
/* Store the DOS attributes in an EA. */
- if (!set_ea_dos_attribute(conn, fsp->fsp_name,
- new_dosmode)) {
- if (errno == 0) {
- errno = EIO;
- }
- return map_nt_error_from_unix(errno);
+ status = SMB_VFS_FSET_DOS_ATTRIBUTES(conn, fsp, new_dosmode);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
notify_fname(conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_ATTRIBUTES,
fsp->fsp_name->base_name);
- fsp->is_sparse = sparse;
+ fsp->fsp_flags.is_sparse = sparse;
return NT_STATUS_OK;
}
*/
/* Check if we have write access. */
- if (can_write_to_file(conn, smb_fname)) {
+ if (can_write_to_file(conn,
+ smb_fname))
+ {
/* We are allowed to become root and change the filetime. */
become_root();
ret = SMB_VFS_NTIMES(conn, smb_fname, ft);
bool set_sticky_write_time_path(struct file_id fileid, struct timespec mtime)
{
- if (null_timespec(mtime)) {
+ if (is_omit_timespec(&mtime)) {
return true;
}
bool set_sticky_write_time_fsp(struct files_struct *fsp, struct timespec mtime)
{
- if (null_timespec(mtime)) {
+ if (is_omit_timespec(&mtime)) {
return true;
}
- fsp->write_time_forced = true;
+ fsp->fsp_flags.write_time_forced = true;
TALLOC_FREE(fsp->update_write_time_event);
return set_sticky_write_time_path(fsp->file_id, mtime);
const struct smb_filename *psmb_fname,
struct timespec create_time)
{
- NTSTATUS status;
- struct smb_filename *smb_fname = NULL;
+ struct smb_filename *smb_fname;
uint32_t dosmode;
int ret;
return NT_STATUS_OK;
}
- status = create_synthetic_smb_fname(talloc_tos(),
- psmb_fname->base_name,
- NULL, &psmb_fname->st,
- &smb_fname);
+ smb_fname = synthetic_smb_fname(talloc_tos(),
+ psmb_fname->base_name,
+ NULL,
+ &psmb_fname->st,
+ psmb_fname->flags);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ if (smb_fname == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
dosmode = dos_mode(conn, smb_fname);
ret = file_set_dosmode(conn, smb_fname, dosmode, NULL, false);
if (ret == -1) {
- map_nt_error_from_unix(errno);
+ return map_nt_error_from_unix(errno);
}
DEBUG(10,("set_create_timespec_ea: wrote create time EA for file %s\n",
{
return smb_fname->st.st_ex_mtime;
}
+
+/****************************************************************************
+ Get a real open file handle we can do meta-data operations on. As it's
+ going to be used under root access only on meta-data we should look for
+ any existing open file handle first, and use that in preference (also to
+ avoid kernel self-oplock breaks). If not use an INTERNAL_OPEN_ONLY handle.
+****************************************************************************/
+
+static NTSTATUS get_file_handle_for_metadata(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ files_struct **ret_fsp,
+ bool *need_close)
+{
+ NTSTATUS status;
+ files_struct *fsp;
+ struct file_id file_id;
+ struct smb_filename *smb_fname_cp = NULL;
+
+ *need_close = false;
+
+ if (!VALID_STAT(smb_fname->st)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
+
+ for(fsp = file_find_di_first(conn->sconn, file_id);
+ fsp;
+ fsp = file_find_di_next(fsp)) {
+ if (fsp->fh->fd != -1) {
+ *ret_fsp = fsp;
+ return NT_STATUS_OK;
+ }
+ }
+
+ smb_fname_cp = cp_smb_filename(talloc_tos(),
+ smb_fname);
+ if (smb_fname_cp == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* Opens an INTERNAL_OPEN_ONLY write handle. */
+ status = SMB_VFS_CREATE_FILE(
+ conn, /* conn */
+ NULL, /* req */
+ 0, /* root_dir_fid */
+ smb_fname_cp, /* fname */
+ FILE_WRITE_ATTRIBUTES, /* access_mask */
+ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
+ FILE_SHARE_DELETE),
+ FILE_OPEN, /* create_disposition*/
+ 0, /* create_options */
+ 0, /* file_attributes */
+ INTERNAL_OPEN_ONLY, /* oplock_request */
+ NULL, /* lease */
+ 0, /* allocation_size */
+ 0, /* private_flags */
+ NULL, /* sd */
+ NULL, /* ea_list */
+ ret_fsp, /* result */
+ NULL, /* pinfo */
+ NULL, NULL); /* create context */
+
+ TALLOC_FREE(smb_fname_cp);
+
+ if (NT_STATUS_IS_OK(status)) {
+ *need_close = true;
+ }
+ return status;
+}
git.samba.org / samba.git / blobdiff