2 * Fake Perms VFS module. Implements passthrough operation of all VFS
3 * calls to disk functions, except for file permissions, which are now
4 * mode 0700 for the current uid/gid.
6 * Copyright (C) Tim Potter, 1999-2000
7 * Copyright (C) Alexander Bokovoy, 2002
8 * Copyright (C) Andrew Bartlett, 2002
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
44 static struct vfs_ops default_vfs_ops; /* For passthrough operation */
45 static struct smb_vfs_handle_struct *fake_perms_handle; /* use fake_perms_handle->data for storing per-instance private data */
47 static int fake_perms_stat(struct connection_struct *conn, const char *fname, SMB_STRUCT_STAT *sbuf)
49 int ret = default_vfs_ops.stat(conn, fname, sbuf);
51 extern struct current_user current_user;
53 if (S_ISDIR(sbuf->st_mode)) {
54 sbuf->st_mode = S_IFDIR | S_IRWXU;
56 sbuf->st_mode = S_IRWXU;
58 sbuf->st_uid = current_user.uid;
59 sbuf->st_gid = current_user.gid;
64 static int fake_perms_fstat(struct files_struct *fsp, int fd, SMB_STRUCT_STAT *sbuf)
66 int ret = default_vfs_ops.fstat(fsp, fd, sbuf);
68 extern struct current_user current_user;
70 if (S_ISDIR(sbuf->st_mode)) {
71 sbuf->st_mode = S_IFDIR | S_IRWXU;
73 sbuf->st_mode = S_IRWXU;
75 sbuf->st_uid = current_user.uid;
76 sbuf->st_gid = current_user.gid;
82 static size_t fake_perms_fget_nt_acl(struct files_struct *fsp, int fd, struct security_descriptor_info **ppdesc)
84 return default_vfs_ops.fget_nt_acl(fsp, fd, ppdesc);
87 static size_t fake_perms_get_nt_acl(struct files_struct *fsp, const char *name, struct security_descriptor_info **ppdesc)
89 return default_vfs_ops.get_nt_acl(fsp, name, ppdesc);
92 static BOOL fake_perms_fset_nt_acl(struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor_info *psd)
94 return default_vfs_ops.fset_nt_acl(fsp, fd, security_info_sent, psd);
97 static BOOL fake_perms_set_nt_acl(struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor_info *psd)
99 return default_vfs_ops.set_nt_acl(fsp, name, security_info_sent, psd);
102 static BOOL fake_perms_chmod_acl(struct connection_struct *conn, const char *name, mode_t mode)
104 return default_vfs_ops.chmod_acl(conn, name, mode);
107 static BOOL fake_perms_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
109 return default_vfs_ops.fchmod_acl(fsp, fd, mode);
112 static int fake_perms_sys_acl_get_entry(struct connection_struct *conn, SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
114 return default_vfs_ops.sys_acl_get_entry(conn, theacl, entry_id, entry_p);
117 static int fake_perms_sys_acl_get_tag_type(struct connection_struct *conn, SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
119 return default_vfs_ops.sys_acl_get_tag_type(conn, entry_d, tag_type_p);
122 static int fake_perms_sys_acl_get_permset(struct connection_struct *conn, SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
124 return default_vfs_ops.sys_acl_get_permset(conn, entry_d, permset_p);
127 static void *fake_perms_sys_acl_get_qualifier(struct connection_struct *conn, SMB_ACL_ENTRY_T entry_d)
129 return default_vfs_ops.sys_acl_get_qualifier(conn, entry_d);
132 static SMB_ACL_T fake_perms_sys_acl_get_file(struct connection_struct *conn, const char *path_p, SMB_ACL_TYPE_T type)
134 return default_vfs_ops.sys_acl_get_file(conn, path_p, type);
137 static SMB_ACL_T fake_perms_sys_acl_get_fd(struct files_struct *fsp, int fd)
139 return default_vfs_ops.sys_acl_get_fd(fsp, fd);
142 static int fake_perms_sys_acl_clear_perms(struct connection_struct *conn, SMB_ACL_PERMSET_T permset)
144 return default_vfs_ops.sys_acl_clear_perms(conn, permset);
147 static int fake_perms_sys_acl_add_perm(struct connection_struct *conn, SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
149 return default_vfs_ops.sys_acl_add_perm(conn, permset, perm);
152 static char *fake_perms_sys_acl_to_text(struct connection_struct *conn, SMB_ACL_T theacl, ssize_t *plen)
154 return default_vfs_ops.sys_acl_to_text(conn, theacl, plen);
157 static SMB_ACL_T fake_perms_sys_acl_init(struct connection_struct *conn, int count)
159 return default_vfs_ops.sys_acl_init(conn, count);
162 static int fake_perms_sys_acl_create_entry(struct connection_struct *conn, SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
164 return default_vfs_ops.sys_acl_create_entry(conn, pacl, pentry);
167 static int fake_perms_sys_acl_set_tag_type(struct connection_struct *conn, SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
169 return default_vfs_ops.sys_acl_set_tag_type(conn, entry, tagtype);
172 static int fake_perms_sys_acl_set_qualifier(struct connection_struct *conn, SMB_ACL_ENTRY_T entry, void *qual)
174 return default_vfs_ops.sys_acl_set_qualifier(conn, entry, qual);
177 static int fake_perms_sys_acl_set_permset(struct connection_struct *conn, SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
179 return default_vfs_ops.sys_acl_set_permset(conn, entry, permset);
182 static int fake_perms_sys_acl_valid(struct connection_struct *conn, SMB_ACL_T theacl )
184 return default_vfs_ops.sys_acl_valid(conn, theacl );
187 static int fake_perms_sys_acl_set_file(struct connection_struct *conn, const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
189 return default_vfs_ops.sys_acl_set_file(conn, name, acltype, theacl);
192 static int fake_perms_sys_acl_set_fd(struct files_struct *fsp, int fd, SMB_ACL_T theacl)
194 return default_vfs_ops.sys_acl_set_fd(fsp, fd, theacl);
197 static int fake_perms_sys_acl_delete_def_file(struct connection_struct *conn, const char *path)
199 return default_vfs_ops.sys_acl_delete_def_file(conn, path);
202 static int fake_perms_sys_acl_get_perm(struct connection_struct *conn, SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
204 return default_vfs_ops.sys_acl_get_perm(conn, permset, perm);
207 static int fake_perms_sys_acl_free_text(struct connection_struct *conn, char *text)
209 return default_vfs_ops.sys_acl_free_text(conn, text);
212 static int fake_perms_sys_acl_free_acl(struct connection_struct *conn, SMB_ACL_T posix_acl)
214 return default_vfs_ops.sys_acl_free_acl(conn, posix_acl);
217 static int fake_perms_sys_acl_free_qualifier(struct connection_struct *conn, void *qualifier, SMB_ACL_TAG_T tagtype)
219 return default_vfs_ops.sys_acl_free_qualifier(conn, qualifier, tagtype);
223 /* VFS operations structure */
225 static vfs_op_tuple fake_perms_ops[] = {
227 /* NT File ACL operations */
229 {fake_perms_fget_nt_acl, SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
230 {fake_perms_get_nt_acl, SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
231 {fake_perms_fset_nt_acl, SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
232 {fake_perms_set_nt_acl, SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
234 /* POSIX ACL operations */
236 {fake_perms_chmod_acl, SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
237 {fake_perms_fchmod_acl, SMB_VFS_OP_FCHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
239 {fake_perms_sys_acl_get_entry, SMB_VFS_OP_SYS_ACL_GET_ENTRY, SMB_VFS_LAYER_TRANSPARENT},
240 {fake_perms_sys_acl_get_tag_type, SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, SMB_VFS_LAYER_TRANSPARENT},
241 {fake_perms_sys_acl_get_permset, SMB_VFS_OP_SYS_ACL_GET_PERMSET, SMB_VFS_LAYER_TRANSPARENT},
242 {fake_perms_sys_acl_get_qualifier, SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
243 {fake_perms_sys_acl_get_file, SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT},
244 {fake_perms_sys_acl_get_fd, SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT},
245 {fake_perms_sys_acl_clear_perms, SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, SMB_VFS_LAYER_TRANSPARENT},
246 {fake_perms_sys_acl_add_perm, SMB_VFS_OP_SYS_ACL_ADD_PERM, SMB_VFS_LAYER_TRANSPARENT},
247 {fake_perms_sys_acl_to_text, SMB_VFS_OP_SYS_ACL_TO_TEXT, SMB_VFS_LAYER_TRANSPARENT},
248 {fake_perms_sys_acl_init, SMB_VFS_OP_SYS_ACL_INIT, SMB_VFS_LAYER_TRANSPARENT},
249 {fake_perms_sys_acl_create_entry, SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, SMB_VFS_LAYER_TRANSPARENT},
250 {fake_perms_sys_acl_set_tag_type, SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, SMB_VFS_LAYER_TRANSPARENT},
251 {fake_perms_sys_acl_set_qualifier, SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
252 {fake_perms_sys_acl_set_permset, SMB_VFS_OP_SYS_ACL_SET_PERMSET, SMB_VFS_LAYER_TRANSPARENT},
253 {fake_perms_sys_acl_valid, SMB_VFS_OP_SYS_ACL_VALID, SMB_VFS_LAYER_TRANSPARENT},
254 {fake_perms_sys_acl_set_file, SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT},
255 {fake_perms_sys_acl_set_fd, SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT},
256 {fake_perms_sys_acl_delete_def_file, SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT},
257 {fake_perms_sys_acl_get_perm, SMB_VFS_OP_SYS_ACL_GET_PERM, SMB_VFS_LAYER_TRANSPARENT},
258 {fake_perms_sys_acl_free_text, SMB_VFS_OP_SYS_ACL_FREE_TEXT, SMB_VFS_LAYER_TRANSPARENT},
259 {fake_perms_sys_acl_free_acl, SMB_VFS_OP_SYS_ACL_FREE_ACL, SMB_VFS_LAYER_TRANSPARENT},
260 {fake_perms_sys_acl_free_qualifier, SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
263 {fake_perms_stat, SMB_VFS_OP_STAT, SMB_VFS_LAYER_TRANSPARENT},
264 {fake_perms_fstat, SMB_VFS_OP_FSTAT, SMB_VFS_LAYER_TRANSPARENT},
265 {NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
268 /* VFS initialisation - return initialized vfs_op_tuple array back to Samba */
270 static vfs_op_tuple *fake_perms_init(const struct vfs_ops *def_vfs_ops,
271 struct smb_vfs_handle_struct *vfs_handle)
273 DEBUG(3, ("Initialising default vfs hooks\n"));
275 memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
277 /* Remember vfs_handle for further allocation and referencing of private
278 information in vfs_handle->data
280 fake_perms_handle = vfs_handle;
281 return fake_perms_ops;
284 NTSTATUS vfs_fake_perms_init(void)
286 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "fake_perms", fake_perms_init);