return NT_STATUS_NOT_IMPLEMENTED;
}
-static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const
- char *name, uint32 security_info_sent, SEC_DESC *psd)
-{
- errno = ENOSYS;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
static int skel_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode)
{
errno = ENOSYS;
{SMB_VFS_OP(skel_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(skel_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(skel_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(skel_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_OPAQUE},
/* POSIX ACL operations */
return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
}
-static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent, SEC_DESC *psd)
-{
- return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, psd);
-}
-
static int skel_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode)
{
/* If the underlying VFS doesn't have ACL support... */
{SMB_VFS_OP(skel_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(skel_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(skel_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(skel_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
/* POSIX ACL operations */
#define fget_nt_acl_count __profile_stats_value(PR_VALUE_FGET_NT_ACL, count)
#define fget_nt_acl_time __profile_stats_value(PR_VALUE_FGET_NT_ACL, time)
- PR_VALUE_SET_NT_ACL,
-#define set_nt_acl_count __profile_stats_value(PR_VALUE_SET_NT_ACL, count)
-#define set_nt_acl_time __profile_stats_value(PR_VALUE_SET_NT_ACL, time)
-
PR_VALUE_FSET_NT_ACL,
#define fset_nt_acl_count __profile_stats_value(PR_VALUE_FSET_NT_ACL, count)
#define fset_nt_acl_time __profile_stats_value(PR_VALUE_FSET_NT_ACL, time)
/* Leave at 22 - not yet released. Additional change: add operations for offline files -- ab */
/* Leave at 22 - not yet released. Add the streaminfo call. -- jpeach, vl */
/* Leave at 22 - not yet released. Remove parameter fd from close_fn. - obnox */
+/* Changed to version 23 - remove set_nt_acl call. This can only be done via an
+ open handle. JRA. */
-#define SMB_VFS_INTERFACE_VERSION 22
+#define SMB_VFS_INTERFACE_VERSION 23
/* to bug old modules which are trying to compile with the old functions */
SMB_VFS_OP_FGET_NT_ACL,
SMB_VFS_OP_GET_NT_ACL,
SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_OP_SET_NT_ACL,
/* POSIX ACL operations. */
struct files_struct *fsp,
uint32 security_info_sent,
struct security_descriptor *psd);
- NTSTATUS (*set_nt_acl)(struct vfs_handle_struct *handle,
- struct files_struct *fsp,
- const char *name,
- uint32 security_info_sent,
- struct security_descriptor *psd);
/* POSIX ACL operations. */
struct vfs_handle_struct *fget_nt_acl;
struct vfs_handle_struct *get_nt_acl;
struct vfs_handle_struct *fset_nt_acl;
- struct vfs_handle_struct *set_nt_acl;
/* POSIX ACL operations. */
#define SMB_VFS_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs.ops.fget_nt_acl((fsp)->conn->vfs.handles.fget_nt_acl, (fsp), (security_info), (ppdesc)))
#define SMB_VFS_GET_NT_ACL(conn, name, security_info, ppdesc) ((conn)->vfs.ops.get_nt_acl((conn)->vfs.handles.get_nt_acl, (name), (security_info), (ppdesc)))
#define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) ((fsp)->conn->vfs.ops.fset_nt_acl((fsp)->conn->vfs.handles.fset_nt_acl, (fsp), (security_info_sent), (psd)))
-#define SMB_VFS_SET_NT_ACL(fsp, name, security_info_sent, psd) ((fsp)->conn->vfs.ops.set_nt_acl((fsp)->conn->vfs.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd)))
/* POSIX ACL operations. */
#define SMB_VFS_CHMOD_ACL(conn, name, mode) ((conn)->vfs.ops.chmod_acl((conn)->vfs.handles.chmod_acl, (name), (mode)))
#define SMB_VFS_OPAQUE_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs_opaque.ops.fget_nt_acl((fsp)->conn->vfs_opaque.handles.fget_nt_acl, (fsp), (security_info), (ppdesc)))
#define SMB_VFS_OPAQUE_GET_NT_ACL(conn, name, security_info, ppdesc) ((conn)->vfs_opaque.ops.get_nt_acl((conn)->vfs_opaque.handles.get_nt_acl, (name), (security_info), (ppdesc)))
#define SMB_VFS_OPAQUE_FSET_NT_ACL(fsp, security_info_sent, psd) ((fsp)->conn->vfs_opaque.ops.fset_nt_acl((fsp)->conn->vfs_opaque.handles.fset_nt_acl, (fsp), (security_info_sent), (psd)))
-#define SMB_VFS_OPAQUE_SET_NT_ACL(fsp, name, security_info_sent, psd) ((fsp)->conn->vfs_opaque.ops.set_nt_acl((fsp)->conn->vfs_opaque.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd)))
/* POSIX ACL operations. */
#define SMB_VFS_OPAQUE_CHMOD_ACL(conn, name, mode) ((conn)->vfs_opaque.ops.chmod_acl((conn)->vfs_opaque.handles.chmod_acl, (name), (mode)))
#define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc) ((handle)->vfs_next.ops.fget_nt_acl((handle)->vfs_next.handles.fget_nt_acl, (fsp), (security_info), (ppdesc)))
#define SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc) ((handle)->vfs_next.ops.get_nt_acl((handle)->vfs_next.handles.get_nt_acl, (name), (security_info), (ppdesc)))
#define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) ((handle)->vfs_next.ops.fset_nt_acl((handle)->vfs_next.handles.fset_nt_acl, (fsp), (security_info_sent), (psd)))
-#define SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, psd) ((handle)->vfs_next.ops.set_nt_acl((handle)->vfs_next.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd)))
/* POSIX ACL operations. */
#define SMB_VFS_NEXT_CHMOD_ACL(handle, name, mode) ((handle)->vfs_next.ops.chmod_acl((handle)->vfs_next.handles.chmod_acl, (name), (mode)))
return afs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
-NTSTATUS afsacl_set_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- return afs_set_nt_acl(handle, fsp, security_info_sent, psd);
-}
-
static int afsacl_connect(vfs_handle_struct *handle,
const char *service,
const char *user)
SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(afsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(afsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
}
-NTSTATUS aixjfs2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
-{
- return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
-}
-
int aixjfs2_sys_acl_set_file(vfs_handle_struct *handle,
const char *name,
SMB_ACL_TYPE_T type,
SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(aixjfs2_set_nt_acl),
- SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
-
{SMB_VFS_OP(aixjfs2_sys_acl_get_file),
SMB_VFS_OP_SYS_ACL_GET_FILE,
SMB_VFS_LAYER_TRANSPARENT},
return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
}
-static NTSTATUS cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *path, uint32 security_info_sent, struct security_descriptor *psd)
-{
- char *cappath = capencode(talloc_tos(), path);
-
- if (!cappath) {
- errno = ENOMEM;
- return NT_STATUS_NO_MEMORY;
- }
- return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, cappath, security_info_sent, psd);
-}
-
static int cap_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mode)
{
char *cappath = capencode(talloc_tos(), path);
{SMB_VFS_OP(cap_mknod), SMB_VFS_OP_MKNOD, SMB_VFS_LAYER_TRANSPARENT},
{SMB_VFS_OP(cap_realpath), SMB_VFS_OP_REALPATH, SMB_VFS_LAYER_TRANSPARENT},
- /* NT File ACL operations */
-
- {SMB_VFS_OP(cap_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
-
/* POSIX ACL operations */
{SMB_VFS_OP(cap_chmod_acl), SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
return SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc);
}
-static NTSTATUS catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent,
- struct security_descriptor *psd)
-{
- return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
- psd);
-}
-
static int catia_chmod_acl(vfs_handle_struct *handle,
const char *name, mode_t mode)
{
{SMB_VFS_OP(catia_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(catia_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
-SMB_VFS_LAYER_TRANSPARENT},
/* POSIX ACL operations */
return result;
}
-static NTSTATUS vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
-{
- NTSTATUS result;
-
- START_PROFILE(set_nt_acl);
- result = set_nt_acl(fsp, security_info_sent, psd);
- END_PROFILE(set_nt_acl);
- return result;
-}
-
static int vfswrap_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode)
{
#ifdef HAVE_NO_ACL
SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(vfswrap_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(vfswrap_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_OPAQUE},
/* POSIX ACL operations. */
static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
SEC_DESC *psd);
-static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd);
static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
const char *path, mode_t mode);
static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp,
SMB_VFS_LAYER_LOGGER},
{SMB_VFS_OP(smb_full_audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_LOGGER},
- {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_LOGGER},
/* POSIX ACL operations. */
{ SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" },
{ SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" },
{ SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" },
- { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" },
{ SMB_VFS_OP_CHMOD_ACL, "chmod_acl" },
{ SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" },
{ SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" },
return result;
}
-static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- NTSTATUS result;
-
- result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
- psd);
-
- do_log(SMB_VFS_OP_SET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name);
-
- return result;
-}
-
static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
const char *path, mode_t mode)
{
return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
}
-static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd)
-{
- return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
-}
-
static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl)
{
SMB_ACL_T result;
SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_TRANSPARENT },
- { SMB_VFS_OP(gpfsacl_set_nt_acl),
- SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT },
-
{ SMB_VFS_OP(gpfsacl_sys_acl_get_file),
SMB_VFS_OP_SYS_ACL_GET_FILE,
SMB_VFS_LAYER_TRANSPARENT },
SHADOW2_NTSTATUS_NEXT(GET_NT_ACL, (handle, name, security_info, ppdesc), NT_STATUS_ACCESS_DENIED);
}
-static NTSTATUS shadow_copy2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
- const char *fname, uint32 security_info_sent,
- struct security_descriptor *psd)
-{
- SHADOW2_NTSTATUS_NEXT(SET_NT_ACL, (handle, fsp, name, security_info_sent, psd), NT_STATUS_ACCESS_DENIED);
-}
-
static int shadow_copy2_mkdir(vfs_handle_struct *handle, const char *fname, mode_t mode)
{
SHADOW2_NEXT(MKDIR, (handle, name, mode), int, -1);
/* NT File ACL operations */
{SMB_VFS_OP(shadow_copy2_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
- {SMB_VFS_OP(shadow_copy2_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
/* POSIX ACL operations */
{SMB_VFS_OP(shadow_copy2_chmod_acl), SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
-static NTSTATUS zfsacl_set_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp,
- const char *name, uint32 security_info_sent,
- SEC_DESC *psd)
-{
- return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
-}
-
/* VFS operations structure */
static vfs_op_tuple zfsacl_ops[] = {
SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(zfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_OPAQUE},
{SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
"NT_transact_set_user_quota",/* PR_VALUE_NT_TRANSACT_SET_USER_QUOTA */
"get_nt_acl", /* PR_VALUE_GET_NT_ACL */
"fget_nt_acl", /* PR_VALUE_FGET_NT_ACL */
- "set_nt_acl", /* PR_VALUE_SET_NT_ACL */
"fset_nt_acl", /* PR_VALUE_FSET_NT_ACL */
"chmod_acl", /* PR_VALUE_CHMOD_ACL */
"fchmod_acl", /* PR_VALUE_FCHMOD_ACL */
}
}
- nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name,
+ nt_status = SMB_VFS_FSET_NT_ACL(fsp,
r->in.securityinformation,
r->in.sd_buf->sd);
security_info_sent &= ~DACL_SECURITY_INFORMATION;
}
- if (fsp->fh->fd != -1) {
- status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd);
- }
- else {
- status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name,
- security_info_sent, psd);
- }
+ status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd);
TALLOC_FREE(psd);
d_printf("get_nt_acl_time: %u\n", profile_p->get_nt_acl_time);
d_printf("fget_nt_acl_count: %u\n", profile_p->fget_nt_acl_count);
d_printf("fget_nt_acl_time: %u\n", profile_p->fget_nt_acl_time);
- d_printf("set_nt_acl_count: %u\n", profile_p->set_nt_acl_count);
- d_printf("set_nt_acl_time: %u\n", profile_p->set_nt_acl_time);
d_printf("fset_nt_acl_count: %u\n", profile_p->fset_nt_acl_count);
d_printf("fset_nt_acl_time: %u\n", profile_p->fset_nt_acl_time);
d_printf("chmod_acl_count: %u\n", profile_p->chmod_acl_count);