Do this by fd if possible.
****************************************************************************/
-void change_owner_to_parent(connection_struct *conn,
- files_struct *fsp,
- const char *fname,
- SMB_STRUCT_STAT *psbuf)
+static void change_owner_to_parent(connection_struct *conn,
+ files_struct *fsp,
+ const char *fname,
+ SMB_STRUCT_STAT *psbuf)
{
const char *parent_path = parent_dirname(fname);
SMB_STRUCT_STAT parent_st;
}
/* Inherit the ACL if the file was created. */
- if ((local_flags & O_CREAT) && !file_existed) {
+ if ((local_flags & O_CREAT)
+ && !file_existed
+ && lp_inherit_perms(SNUM(conn))) {
inherit_access_acl(conn, fname, unx_mode);
}
if (is_deferred_open_entry(share_entry) &&
!open_was_deferred(share_entry->op_mid)) {
pstring str;
- DEBUG(0, ("Got a deferred entry without a request: "
- "PANIC: %s\n", share_mode_str(num, share_entry)));
+ pstr_sprintf(str, "Got a deferred entry without a request: "
+ "PANIC: %s\n", share_mode_str(num, share_entry));
smb_panic(str);
}
srv_defer_sign_response(mid);
}
-/****************************************************************************
- Set a kernel flock on a file for NFS interoperability.
- This requires a patch to Linux.
-****************************************************************************/
-
-static void kernel_flock(files_struct *fsp, uint32 share_mode)
-{
-#if HAVE_KERNEL_SHARE_MODES
- int kernel_mode = 0;
- if (share_mode == FILE_SHARE_WRITE) {
- kernel_mode = LOCK_MAND|LOCK_WRITE;
- } else if (share_mode == FILE_SHARE_READ) {
- kernel_mode = LOCK_MAND|LOCK_READ;
- } else if (share_mode == FILE_SHARE_NONE) {
- kernel_mode = LOCK_MAND;
- }
- if (kernel_mode) {
- flock(fsp->fh->fd, kernel_mode);
- }
-#endif
- ;
-}
/****************************************************************************
On overwrite open ensure that the attributes match.
struct share_mode_lock *lck = NULL;
uint32 open_access_mask = access_mask;
NTSTATUS status;
+ int ret_flock;
if (conn->printer) {
/*
*/
if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
- flags = O_RDWR;
+ /* DENY_DOS opens are always underlying read-write on the
+ file handle, no matter what the requested access mask
+ says. */
+ if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
+ access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
+ flags = O_RDWR;
+ } else {
+ flags = O_WRONLY;
+ }
} else {
flags = O_RDONLY;
}
if (flags & O_RDWR) {
can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
+ } else if (flags & O_WRONLY) {
+ can_access_mask = FILE_WRITE_DATA;
} else {
can_access_mask = FILE_READ_DATA;
}
- if (((flags & O_RDWR) && !CAN_WRITE(conn)) ||
+ if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
!can_access_file(conn,fname,psbuf,can_access_mask)) {
can_access = False;
}
these only read them. Nobody but Samba can ever set a deny
mode and we have already checked our more authoritative
locking database for permission to set this deny mode. If
- the kernel refuses the operations then the kernel is wrong */
+ the kernel refuses the operations then the kernel is wrong.
+ note that GPFS supports it as well - jmcd */
- kernel_flock(fsp, share_access);
+ ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
+ if(ret_flock == -1 ){
+
+ talloc_free(lck);
+ fd_close(conn, fsp);
+ file_free(fsp);
+
+ return NT_STATUS_SHARING_VIOLATION;
+ }
/*
* At this point onwards, we can guarentee that the share entry
git.samba.org / samba.git / blobdiff