2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 extern struct generic_mapping file_generic_mapping;
25 extern struct current_user current_user;
26 extern userdom_struct current_user_info;
27 extern BOOL global_client_failed_oplock_break;
29 struct deferred_open_record {
30 BOOL delayed_for_oplocks;
34 /****************************************************************************
35 fd support routines - attempt to do a dos_open.
36 ****************************************************************************/
38 static NTSTATUS fd_open(struct connection_struct *conn,
44 NTSTATUS status = NT_STATUS_OK;
48 * Never follow symlinks on a POSIX client. The
49 * client should be doing this.
52 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
57 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 if (fsp->fh->fd == -1) {
59 status = map_nt_error_from_unix(errno);
62 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
63 fname, flags, (int)mode, fsp->fh->fd,
64 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
69 /****************************************************************************
70 Close the file associated with a fsp.
71 ****************************************************************************/
73 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
75 if (fsp->fh->fd == -1) {
76 return NT_STATUS_OK; /* What we used to call a stat open. */
78 if (fsp->fh->ref_count > 1) {
79 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
81 return fd_close_posix(conn, fsp);
84 /****************************************************************************
85 Change the ownership of a file to that of the parent directory.
86 Do this by fd if possible.
87 ****************************************************************************/
89 static void change_file_owner_to_parent(connection_struct *conn,
90 const char *inherit_from_dir,
93 SMB_STRUCT_STAT parent_st;
96 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
98 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
99 "directory %s. Error was %s\n",
100 inherit_from_dir, strerror(errno) ));
105 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
108 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
109 "file %s to parent directory uid %u. Error "
110 "was %s\n", fsp->fsp_name,
111 (unsigned int)parent_st.st_uid,
115 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
116 "parent directory uid %u.\n", fsp->fsp_name,
117 (unsigned int)parent_st.st_uid ));
120 static void change_dir_owner_to_parent(connection_struct *conn,
121 const char *inherit_from_dir,
123 SMB_STRUCT_STAT *psbuf)
126 SMB_STRUCT_STAT sbuf;
127 SMB_STRUCT_STAT parent_st;
130 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
132 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
133 "directory %s. Error was %s\n",
134 inherit_from_dir, strerror(errno) ));
138 /* We've already done an lstat into psbuf, and we know it's a
139 directory. If we can cd into the directory and the dev/ino
140 are the same then we can safely chown without races as
141 we're locking the directory in place by being in it. This
142 should work on any UNIX (thanks tridge :-). JRA.
145 if (!vfs_GetWd(conn,saved_dir)) {
146 DEBUG(0,("change_dir_owner_to_parent: failed to get "
147 "current working directory\n"));
151 /* Chdir into the new path. */
152 if (vfs_ChDir(conn, fname) == -1) {
153 DEBUG(0,("change_dir_owner_to_parent: failed to change "
154 "current working directory to %s. Error "
155 "was %s\n", fname, strerror(errno) ));
159 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
160 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
161 "directory '.' (%s) Error was %s\n",
162 fname, strerror(errno)));
166 /* Ensure we're pointing at the same place. */
167 if (sbuf.st_dev != psbuf->st_dev ||
168 sbuf.st_ino != psbuf->st_ino ||
169 sbuf.st_mode != psbuf->st_mode ) {
170 DEBUG(0,("change_dir_owner_to_parent: "
171 "device/inode/mode on directory %s changed. "
172 "Refusing to chown !\n", fname ));
177 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
180 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
181 "directory %s to parent directory uid %u. "
182 "Error was %s\n", fname,
183 (unsigned int)parent_st.st_uid, strerror(errno) ));
187 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
188 "directory %s to parent directory uid %u.\n",
189 fname, (unsigned int)parent_st.st_uid ));
193 vfs_ChDir(conn,saved_dir);
196 /****************************************************************************
198 ****************************************************************************/
200 static NTSTATUS open_file(files_struct *fsp,
201 connection_struct *conn,
202 struct smb_request *req,
203 const char *parent_dir,
206 SMB_STRUCT_STAT *psbuf,
209 uint32 access_mask, /* client requested access mask. */
210 uint32 open_access_mask) /* what we're actually using in the open. */
212 NTSTATUS status = NT_STATUS_OK;
213 int accmode = (flags & O_ACCMODE);
214 int local_flags = flags;
215 BOOL file_existed = VALID_STAT(*psbuf);
220 /* Check permissions */
223 * This code was changed after seeing a client open request
224 * containing the open mode of (DENY_WRITE/read-only) with
225 * the 'create if not exist' bit set. The previous code
226 * would fail to open the file read only on a read-only share
227 * as it was checking the flags parameter directly against O_RDONLY,
228 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
232 if (!CAN_WRITE(conn)) {
233 /* It's a read-only share - fail if we wanted to write. */
234 if(accmode != O_RDONLY) {
235 DEBUG(3,("Permission denied opening %s\n", path));
236 return NT_STATUS_ACCESS_DENIED;
237 } else if(flags & O_CREAT) {
238 /* We don't want to write - but we must make sure that
239 O_CREAT doesn't create the file if we have write
240 access into the directory.
243 local_flags &= ~O_CREAT;
248 * This little piece of insanity is inspired by the
249 * fact that an NT client can open a file for O_RDONLY,
250 * but set the create disposition to FILE_EXISTS_TRUNCATE.
251 * If the client *can* write to the file, then it expects to
252 * truncate the file, even though it is opening for readonly.
253 * Quicken uses this stupid trick in backup file creation...
254 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
255 * for helping track this one down. It didn't bite us in 2.0.x
256 * as we always opened files read-write in that release. JRA.
259 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
260 DEBUG(10,("open_file: truncate requested on read-only open "
261 "for file %s\n", path));
262 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
265 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
266 (!file_existed && (local_flags & O_CREAT)) ||
267 ((local_flags & O_TRUNC) == O_TRUNC) ) {
270 * We can't actually truncate here as the file may be locked.
271 * open_file_ntcreate will take care of the truncate later. JRA.
274 local_flags &= ~O_TRUNC;
276 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
278 * We would block on opening a FIFO with no one else on the
279 * other end. Do what we used to do and add O_NONBLOCK to the
283 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
284 local_flags |= O_NONBLOCK;
288 /* Don't create files with Microsoft wildcard characters. */
289 if ((local_flags & O_CREAT) && !file_existed &&
291 return NT_STATUS_OBJECT_NAME_INVALID;
294 /* Actually do the open */
295 status = fd_open(conn, path, fsp, local_flags, unx_mode);
296 if (!NT_STATUS_IS_OK(status)) {
297 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
299 path,nt_errstr(status),local_flags,flags));
303 if ((local_flags & O_CREAT) && !file_existed) {
305 /* Inherit the ACL if required */
306 if (lp_inherit_perms(SNUM(conn))) {
307 inherit_access_acl(conn, parent_dir, path,
311 /* Change the owner if required. */
312 if (lp_inherit_owner(SNUM(conn))) {
313 change_file_owner_to_parent(conn, parent_dir,
317 notify_fname(conn, NOTIFY_ACTION_ADDED,
318 FILE_NOTIFY_CHANGE_FILE_NAME, path);
322 fsp->fh->fd = -1; /* What we used to call a stat open. */
328 if (fsp->fh->fd == -1) {
329 ret = SMB_VFS_STAT(conn, path, psbuf);
331 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
332 /* If we have an fd, this stat should succeed. */
334 DEBUG(0,("Error doing fstat on open file %s "
335 "(%s)\n", path,strerror(errno) ));
339 /* For a non-io open, this stat failing means file not found. JRA */
341 status = map_nt_error_from_unix(errno);
348 * POSIX allows read-only opens of directories. We don't
349 * want to do this (we use a different code path for this)
350 * so catch a directory open and return an EISDIR. JRA.
353 if(S_ISDIR(psbuf->st_mode)) {
356 return NT_STATUS_FILE_IS_A_DIRECTORY;
359 fsp->mode = psbuf->st_mode;
360 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
361 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
362 fsp->file_pid = req ? req->smbpid : 0;
363 fsp->can_lock = True;
364 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
365 if (!CAN_WRITE(conn)) {
366 fsp->can_write = False;
368 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
371 fsp->print_file = False;
372 fsp->modified = False;
373 fsp->sent_oplock_break = NO_BREAK_SENT;
374 fsp->is_directory = False;
375 fsp->is_stat = False;
377 string_set(&fsp->fsp_name, path);
378 fsp->wcp = NULL; /* Write cache pointer. */
380 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
381 *current_user_info.smb_name ?
382 current_user_info.smb_name : conn->user,fsp->fsp_name,
383 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
384 conn->num_files_open + 1));
390 /*******************************************************************
391 Return True if the filename is one of the special executable types.
392 ********************************************************************/
394 static BOOL is_executable(const char *fname)
396 if ((fname = strrchr_m(fname,'.'))) {
397 if (strequal(fname,".com") ||
398 strequal(fname,".dll") ||
399 strequal(fname,".exe") ||
400 strequal(fname,".sym")) {
407 /****************************************************************************
408 Check if we can open a file with a share mode.
409 Returns True if conflict, False if not.
410 ****************************************************************************/
412 static BOOL share_conflict(struct share_mode_entry *entry,
416 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
417 "entry->share_access = 0x%x, "
418 "entry->private_options = 0x%x\n",
419 (unsigned int)entry->access_mask,
420 (unsigned int)entry->share_access,
421 (unsigned int)entry->private_options));
423 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
424 (unsigned int)access_mask, (unsigned int)share_access));
426 if ((entry->access_mask & (FILE_WRITE_DATA|
430 DELETE_ACCESS)) == 0) {
431 DEBUG(10,("share_conflict: No conflict due to "
432 "entry->access_mask = 0x%x\n",
433 (unsigned int)entry->access_mask ));
437 if ((access_mask & (FILE_WRITE_DATA|
441 DELETE_ACCESS)) == 0) {
442 DEBUG(10,("share_conflict: No conflict due to "
443 "access_mask = 0x%x\n",
444 (unsigned int)access_mask ));
448 #if 1 /* JRA TEST - Superdebug. */
449 #define CHECK_MASK(num, am, right, sa, share) \
450 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
451 (unsigned int)(num), (unsigned int)(am), \
452 (unsigned int)(right), (unsigned int)(am)&(right) )); \
453 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
454 (unsigned int)(num), (unsigned int)(sa), \
455 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
456 if (((am) & (right)) && !((sa) & (share))) { \
457 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
458 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
459 (unsigned int)(share) )); \
463 #define CHECK_MASK(num, am, right, sa, share) \
464 if (((am) & (right)) && !((sa) & (share))) { \
465 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
466 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
467 (unsigned int)(share) )); \
472 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
473 share_access, FILE_SHARE_WRITE);
474 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
475 entry->share_access, FILE_SHARE_WRITE);
477 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
478 share_access, FILE_SHARE_READ);
479 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
480 entry->share_access, FILE_SHARE_READ);
482 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
483 share_access, FILE_SHARE_DELETE);
484 CHECK_MASK(6, access_mask, DELETE_ACCESS,
485 entry->share_access, FILE_SHARE_DELETE);
487 DEBUG(10,("share_conflict: No conflict.\n"));
491 #if defined(DEVELOPER)
492 static void validate_my_share_entries(int num,
493 struct share_mode_entry *share_entry)
497 if (!procid_is_me(&share_entry->pid)) {
501 if (is_deferred_open_entry(share_entry) &&
502 !open_was_deferred(share_entry->op_mid)) {
504 pstr_sprintf(str, "Got a deferred entry without a request: "
505 "PANIC: %s\n", share_mode_str(num, share_entry));
509 if (!is_valid_share_mode_entry(share_entry)) {
513 fsp = file_find_dif(share_entry->id,
514 share_entry->share_file_id);
516 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
517 share_mode_str(num, share_entry) ));
518 smb_panic("validate_my_share_entries: Cannot match a "
519 "share entry with an open file\n");
522 if (is_deferred_open_entry(share_entry) ||
523 is_unused_share_mode_entry(share_entry)) {
527 if ((share_entry->op_type == NO_OPLOCK) &&
528 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
529 /* Someone has already written to it, but I haven't yet
534 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
543 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
544 share_mode_str(num, share_entry) ));
545 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
546 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
547 fsp->fsp_name, (unsigned int)fsp->oplock_type,
548 (unsigned int)share_entry->op_type );
554 static BOOL is_stat_open(uint32 access_mask)
556 return (access_mask &&
557 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
558 FILE_WRITE_ATTRIBUTES))==0) &&
559 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
560 FILE_WRITE_ATTRIBUTES)) != 0));
563 /****************************************************************************
564 Deal with share modes
565 Invarient: Share mode must be locked on entry and exit.
566 Returns -1 on error, or number of share modes on success (may be zero).
567 ****************************************************************************/
569 static NTSTATUS open_mode_check(connection_struct *conn,
571 struct share_mode_lock *lck,
574 uint32 create_options,
579 if(lck->num_share_modes == 0) {
583 *file_existed = True;
585 if (is_stat_open(access_mask)) {
586 /* Stat open that doesn't trigger oplock breaks or share mode
587 * checks... ! JRA. */
591 /* A delete on close prohibits everything */
593 if (lck->delete_on_close) {
594 return NT_STATUS_DELETE_PENDING;
598 * Check if the share modes will give us access.
601 #if defined(DEVELOPER)
602 for(i = 0; i < lck->num_share_modes; i++) {
603 validate_my_share_entries(i, &lck->share_modes[i]);
607 if (!lp_share_modes(SNUM(conn))) {
611 /* Now we check the share modes, after any oplock breaks. */
612 for(i = 0; i < lck->num_share_modes; i++) {
614 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
618 /* someone else has a share lock on it, check to see if we can
620 if (share_conflict(&lck->share_modes[i],
621 access_mask, share_access)) {
622 return NT_STATUS_SHARING_VIOLATION;
629 static BOOL is_delete_request(files_struct *fsp) {
630 return ((fsp->access_mask == DELETE_ACCESS) &&
631 (fsp->oplock_type == NO_OPLOCK));
635 * 1) No files open at all or internal open: Grant whatever the client wants.
637 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
638 * request, break if the oplock around is a batch oplock. If it's another
639 * requested access type, break.
641 * 3) Only level2 around: Grant level2 and do nothing else.
644 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
651 struct share_mode_entry *exclusive = NULL;
652 BOOL valid_entry = False;
653 BOOL delay_it = False;
654 BOOL have_level2 = False;
656 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
658 if (oplock_request & INTERNAL_OPEN_ONLY) {
659 fsp->oplock_type = NO_OPLOCK;
662 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
666 for (i=0; i<lck->num_share_modes; i++) {
668 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
672 /* At least one entry is not an invalid or deferred entry. */
675 if (pass_number == 1) {
676 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
677 SMB_ASSERT(exclusive == NULL);
678 exclusive = &lck->share_modes[i];
681 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
682 SMB_ASSERT(exclusive == NULL);
683 exclusive = &lck->share_modes[i];
687 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
688 SMB_ASSERT(exclusive == NULL);
694 /* All entries are placeholders or deferred.
695 * Directly grant whatever the client wants. */
696 if (fsp->oplock_type == NO_OPLOCK) {
697 /* Store a level2 oplock, but don't tell the client */
698 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
703 if (exclusive != NULL) { /* Found an exclusive oplock */
704 SMB_ASSERT(!have_level2);
705 delay_it = is_delete_request(fsp) ?
706 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
709 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
710 /* We can at most grant level2 as there are other
711 * level2 or NO_OPLOCK entries. */
712 fsp->oplock_type = LEVEL_II_OPLOCK;
715 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
716 /* Store a level2 oplock, but don't tell the client */
717 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
725 * Send a break message to the oplock holder and delay the open for
729 DEBUG(10, ("Sending break request to PID %s\n",
730 procid_str_static(&exclusive->pid)));
731 exclusive->op_mid = mid;
733 /* Create the message. */
734 share_mode_entry_to_message(msg, exclusive);
736 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
737 don't want this set in the share mode struct pointed to by lck. */
739 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
740 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
743 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
744 MSG_SMB_BREAK_REQUEST,
746 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
747 if (!NT_STATUS_IS_OK(status)) {
748 DEBUG(3, ("Could not send oplock break message: %s\n",
755 static BOOL request_timed_out(struct timeval request_time,
756 struct timeval timeout)
758 struct timeval now, end_time;
760 end_time = timeval_sum(&request_time, &timeout);
761 return (timeval_compare(&end_time, &now) < 0);
764 /****************************************************************************
765 Handle the 1 second delay in returning a SHARING_VIOLATION error.
766 ****************************************************************************/
768 static void defer_open(struct share_mode_lock *lck,
769 struct timeval request_time,
770 struct timeval timeout,
771 struct smb_request *req,
772 struct deferred_open_record *state)
778 for (i=0; i<lck->num_share_modes; i++) {
779 struct share_mode_entry *e = &lck->share_modes[i];
781 if (!is_deferred_open_entry(e)) {
785 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
786 DEBUG(0, ("Trying to defer an already deferred "
787 "request: mid=%d, exiting\n", req->mid));
788 exit_server("attempt to defer a deferred request");
792 /* End paranoia check */
794 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
795 "open entry for mid %u\n",
796 (unsigned int)request_time.tv_sec,
797 (unsigned int)request_time.tv_usec,
798 (unsigned int)req->mid));
800 if (!push_deferred_smb_message(req, request_time, timeout,
801 (char *)state, sizeof(*state))) {
802 exit_server("push_deferred_smb_message failed");
804 add_deferred_open(lck, req->mid, request_time, state->id);
807 * Push the MID of this packet on the signing queue.
808 * We only do this once, the first time we push the packet
809 * onto the deferred open queue, as this has a side effect
810 * of incrementing the response sequence number.
813 srv_defer_sign_response(req->mid);
817 /****************************************************************************
818 On overwrite open ensure that the attributes match.
819 ****************************************************************************/
821 static BOOL open_match_attributes(connection_struct *conn,
825 mode_t existing_unx_mode,
827 mode_t *returned_unx_mode)
829 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
831 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
832 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
834 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
835 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
836 *returned_unx_mode = new_unx_mode;
838 *returned_unx_mode = (mode_t)0;
841 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
842 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
843 "returned_unx_mode = 0%o\n",
845 (unsigned int)old_dos_attr,
846 (unsigned int)existing_unx_mode,
847 (unsigned int)new_dos_attr,
848 (unsigned int)*returned_unx_mode ));
850 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
851 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
852 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
853 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
857 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
858 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
859 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
866 /****************************************************************************
867 Special FCB or DOS processing in the case of a sharing violation.
868 Try and find a duplicated file handle.
869 ****************************************************************************/
871 static files_struct *fcb_or_dos_open(connection_struct *conn,
878 uint32 create_options)
881 files_struct *dup_fsp;
883 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
884 "file %s.\n", fname ));
886 for(fsp = file_find_di_first(id); fsp;
887 fsp = file_find_di_next(fsp)) {
889 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
890 "vuid = %u, file_pid = %u, private_options = 0x%x "
891 "access_mask = 0x%x\n", fsp->fsp_name,
892 fsp->fh->fd, (unsigned int)fsp->vuid,
893 (unsigned int)fsp->file_pid,
894 (unsigned int)fsp->fh->private_options,
895 (unsigned int)fsp->access_mask ));
897 if (fsp->fh->fd != -1 &&
899 fsp->file_pid == file_pid &&
900 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
901 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
902 (fsp->access_mask & FILE_WRITE_DATA) &&
903 strequal(fsp->fsp_name, fname)) {
904 DEBUG(10,("fcb_or_dos_open: file match\n"));
913 /* quite an insane set of semantics ... */
914 if (is_executable(fname) &&
915 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
916 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
920 /* We need to duplicate this fsp. */
921 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
922 create_options, &dup_fsp))) {
929 /****************************************************************************
930 Open a file with a share mode - old openX method - map into NTCreate.
931 ****************************************************************************/
933 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
934 uint32 *paccess_mask,
936 uint32 *pcreate_disposition,
937 uint32 *pcreate_options)
941 uint32 create_disposition;
942 uint32 create_options = 0;
944 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
945 "open_func = 0x%x\n",
946 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
948 /* Create the NT compatible access_mask. */
949 switch (GET_OPENX_MODE(deny_mode)) {
950 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
951 case DOS_OPEN_RDONLY:
952 access_mask = FILE_GENERIC_READ;
954 case DOS_OPEN_WRONLY:
955 access_mask = FILE_GENERIC_WRITE;
959 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
962 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
963 (unsigned int)GET_OPENX_MODE(deny_mode)));
967 /* Create the NT compatible create_disposition. */
969 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
970 create_disposition = FILE_CREATE;
973 case OPENX_FILE_EXISTS_OPEN:
974 create_disposition = FILE_OPEN;
977 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
978 create_disposition = FILE_OPEN_IF;
981 case OPENX_FILE_EXISTS_TRUNCATE:
982 create_disposition = FILE_OVERWRITE;
985 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
986 create_disposition = FILE_OVERWRITE_IF;
990 /* From samba4 - to be confirmed. */
991 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
992 create_disposition = FILE_CREATE;
995 DEBUG(10,("map_open_params_to_ntcreate: bad "
996 "open_func 0x%x\n", (unsigned int)open_func));
1000 /* Create the NT compatible share modes. */
1001 switch (GET_DENY_MODE(deny_mode)) {
1003 share_mode = FILE_SHARE_NONE;
1007 share_mode = FILE_SHARE_READ;
1011 share_mode = FILE_SHARE_WRITE;
1015 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1019 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1020 if (is_executable(fname)) {
1021 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1023 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1024 share_mode = FILE_SHARE_READ;
1026 share_mode = FILE_SHARE_NONE;
1032 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1033 share_mode = FILE_SHARE_NONE;
1037 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1038 (unsigned int)GET_DENY_MODE(deny_mode) ));
1042 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1043 "share_mode = 0x%x, create_disposition = 0x%x, "
1044 "create_options = 0x%x\n",
1046 (unsigned int)access_mask,
1047 (unsigned int)share_mode,
1048 (unsigned int)create_disposition,
1049 (unsigned int)create_options ));
1052 *paccess_mask = access_mask;
1055 *pshare_mode = share_mode;
1057 if (pcreate_disposition) {
1058 *pcreate_disposition = create_disposition;
1060 if (pcreate_options) {
1061 *pcreate_options = create_options;
1068 static void schedule_defer_open(struct share_mode_lock *lck,
1069 struct timeval request_time,
1070 struct smb_request *req)
1072 struct deferred_open_record state;
1074 /* This is a relative time, added to the absolute
1075 request_time value to get the absolute timeout time.
1076 Note that if this is the second or greater time we enter
1077 this codepath for this particular request mid then
1078 request_time is left as the absolute time of the *first*
1079 time this request mid was processed. This is what allows
1080 the request to eventually time out. */
1082 struct timeval timeout;
1084 /* Normally the smbd we asked should respond within
1085 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1086 * the client did, give twice the timeout as a safety
1087 * measure here in case the other smbd is stuck
1088 * somewhere else. */
1090 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1092 /* Nothing actually uses state.delayed_for_oplocks
1093 but it's handy to differentiate in debug messages
1094 between a 30 second delay due to oplock break, and
1095 a 1 second delay for share mode conflicts. */
1097 state.delayed_for_oplocks = True;
1100 if (!request_timed_out(request_time, timeout)) {
1101 defer_open(lck, request_time, timeout, req, &state);
1105 /****************************************************************************
1106 Open a file with a share mode.
1107 ****************************************************************************/
1109 NTSTATUS open_file_ntcreate(connection_struct *conn,
1110 struct smb_request *req,
1112 SMB_STRUCT_STAT *psbuf,
1113 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1114 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1115 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1116 uint32 create_options, /* options such as delete on close. */
1117 uint32 new_dos_attributes, /* attributes used for new file. */
1118 int oplock_request, /* internal Samba oplock codes. */
1119 /* Information (FILE_EXISTS etc.) */
1121 files_struct **result)
1125 BOOL file_existed = VALID_STAT(*psbuf);
1126 BOOL def_acl = False;
1127 BOOL posix_open = False;
1128 BOOL new_file_created = False;
1130 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1131 files_struct *fsp = NULL;
1132 mode_t new_unx_mode = (mode_t)0;
1133 mode_t unx_mode = (mode_t)0;
1135 uint32 existing_dos_attributes = 0;
1136 struct pending_message_list *pml = NULL;
1137 struct timeval request_time = timeval_zero();
1138 struct share_mode_lock *lck = NULL;
1139 uint32 open_access_mask = access_mask;
1143 const char *newname;
1147 if (conn->printer) {
1149 * Printers are handled completely differently.
1150 * Most of the passed parameters are ignored.
1154 *pinfo = FILE_WAS_CREATED;
1157 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1159 return print_fsp_open(conn, fname, result);
1162 if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir,
1164 return NT_STATUS_NO_MEMORY;
1167 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1169 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1170 new_dos_attributes = 0;
1172 /* We add aARCH to this as this mode is only used if the file is
1174 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1178 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1179 "access_mask=0x%x share_access=0x%x "
1180 "create_disposition = 0x%x create_options=0x%x "
1181 "unix mode=0%o oplock_request=%d\n",
1182 fname, new_dos_attributes, access_mask, share_access,
1183 create_disposition, create_options, unx_mode,
1186 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1187 DEBUG(0, ("No smb request but not an internal only open!\n"));
1188 return NT_STATUS_INTERNAL_ERROR;
1192 * Only non-internal opens can be deferred at all
1196 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1197 struct deferred_open_record *state =
1198 (struct deferred_open_record *)pml->private_data.data;
1200 /* Remember the absolute time of the original
1201 request with this mid. We'll use it later to
1202 see if this has timed out. */
1204 request_time = pml->request_time;
1206 /* Remove the deferred open entry under lock. */
1207 lck = get_share_mode_lock(NULL, state->id, NULL, NULL);
1209 DEBUG(0, ("could not get share mode lock\n"));
1211 del_deferred_open_entry(lck, req->mid);
1215 /* Ensure we don't reprocess this message. */
1216 remove_deferred_open_smb_message(req->mid);
1219 status = check_name(conn, fname);
1220 if (!NT_STATUS_IS_OK(status)) {
1225 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1227 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1231 /* ignore any oplock requests if oplocks are disabled */
1232 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1233 IS_VETO_OPLOCK_PATH(conn, fname)) {
1234 /* Mask off everything except the private Samba bits. */
1235 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1238 /* this is for OS/2 long file names - say we don't support them */
1239 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1240 /* OS/2 Workplace shell fix may be main code stream in a later
1242 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1244 if (use_nt_status()) {
1245 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1247 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1250 switch( create_disposition ) {
1252 * Currently we're using FILE_SUPERSEDE as the same as
1253 * FILE_OVERWRITE_IF but they really are
1254 * different. FILE_SUPERSEDE deletes an existing file
1255 * (requiring delete access) then recreates it.
1257 case FILE_SUPERSEDE:
1258 /* If file exists replace/overwrite. If file doesn't
1260 flags2 |= (O_CREAT | O_TRUNC);
1263 case FILE_OVERWRITE_IF:
1264 /* If file exists replace/overwrite. If file doesn't
1266 flags2 |= (O_CREAT | O_TRUNC);
1270 /* If file exists open. If file doesn't exist error. */
1271 if (!file_existed) {
1272 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1273 "requested for file %s and file "
1274 "doesn't exist.\n", fname ));
1276 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1280 case FILE_OVERWRITE:
1281 /* If file exists overwrite. If file doesn't exist
1283 if (!file_existed) {
1284 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1285 "requested for file %s and file "
1286 "doesn't exist.\n", fname ));
1288 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1294 /* If file exists error. If file doesn't exist
1297 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1298 "requested for file %s and file "
1299 "already exists.\n", fname ));
1300 if (S_ISDIR(psbuf->st_mode)) {
1305 return map_nt_error_from_unix(errno);
1307 flags2 |= (O_CREAT|O_EXCL);
1311 /* If file exists open. If file doesn't exist
1317 return NT_STATUS_INVALID_PARAMETER;
1320 /* We only care about matching attributes on file exists and
1323 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1324 (create_disposition == FILE_OVERWRITE_IF))) {
1325 if (!open_match_attributes(conn, fname,
1326 existing_dos_attributes,
1327 new_dos_attributes, psbuf->st_mode,
1328 unx_mode, &new_unx_mode)) {
1329 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1330 "for file %s (%x %x) (0%o, 0%o)\n",
1331 fname, existing_dos_attributes,
1333 (unsigned int)psbuf->st_mode,
1334 (unsigned int)unx_mode ));
1336 return NT_STATUS_ACCESS_DENIED;
1340 /* This is a nasty hack - must fix... JRA. */
1341 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1342 open_access_mask = access_mask = FILE_GENERIC_ALL;
1346 * Convert GENERIC bits to specific bits.
1349 se_map_generic(&access_mask, &file_generic_mapping);
1350 open_access_mask = access_mask;
1352 if (flags2 & O_TRUNC) {
1353 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1356 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1357 "access_mask=0x%x\n", fname, access_mask ));
1360 * Note that we ignore the append flag as append does not
1361 * mean the same thing under DOS and Unix.
1364 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1365 /* DENY_DOS opens are always underlying read-write on the
1366 file handle, no matter what the requested access mask
1368 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1369 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1379 * Currently we only look at FILE_WRITE_THROUGH for create options.
1383 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1388 if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1392 if (!posix_open && !CAN_WRITE(conn)) {
1394 * We should really return a permission denied error if either
1395 * O_CREAT or O_TRUNC are set, but for compatibility with
1396 * older versions of Samba we just AND them out.
1398 flags2 &= ~(O_CREAT|O_TRUNC);
1402 * Ensure we can't write on a read-only share or file.
1405 if (flags != O_RDONLY && file_existed &&
1406 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1407 DEBUG(5,("open_file_ntcreate: write access requested for "
1408 "file %s on read only %s\n",
1409 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1411 return NT_STATUS_ACCESS_DENIED;
1414 status = file_new(conn, &fsp);
1415 if(!NT_STATUS_IS_OK(status)) {
1419 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1420 fsp->share_access = share_access;
1421 fsp->fh->private_options = create_options;
1422 fsp->access_mask = open_access_mask; /* We change this to the
1423 * requested access_mask after
1424 * the open is done. */
1425 fsp->posix_open = posix_open;
1427 /* Ensure no SAMBA_PRIVATE bits can be set. */
1428 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1430 if (timeval_is_zero(&request_time)) {
1431 request_time = fsp->open_time;
1435 id = vfs_file_id_from_sbuf(conn, psbuf);
1437 lck = get_share_mode_lock(NULL, id,
1443 DEBUG(0, ("Could not get share mode lock\n"));
1444 return NT_STATUS_SHARING_VIOLATION;
1447 /* First pass - send break only on batch oplocks. */
1449 && delay_for_oplocks(lck, fsp, req->mid, 1,
1451 schedule_defer_open(lck, request_time, req);
1454 return NT_STATUS_SHARING_VIOLATION;
1457 /* Use the client requested access mask here, not the one we
1459 status = open_mode_check(conn, fname, lck,
1460 access_mask, share_access,
1461 create_options, &file_existed);
1463 if (NT_STATUS_IS_OK(status)) {
1464 /* We might be going to allow this open. Check oplock
1466 /* Second pass - send break for both batch or
1467 * exclusive oplocks. */
1469 && delay_for_oplocks(lck, fsp, req->mid, 2,
1471 schedule_defer_open(lck, request_time, req);
1474 return NT_STATUS_SHARING_VIOLATION;
1478 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1479 /* DELETE_PENDING is not deferred for a second */
1485 if (!NT_STATUS_IS_OK(status)) {
1486 uint32 can_access_mask;
1487 BOOL can_access = True;
1489 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1491 /* Check if this can be done with the deny_dos and fcb
1493 if (create_options &
1494 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1495 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1496 files_struct *fsp_dup;
1499 DEBUG(0, ("DOS open without an SMB "
1503 return NT_STATUS_INTERNAL_ERROR;
1506 /* Use the client requested access mask here,
1507 * not the one we open with. */
1508 fsp_dup = fcb_or_dos_open(conn, fname, id,
1519 *pinfo = FILE_WAS_OPENED;
1521 conn->num_files_open++;
1523 return NT_STATUS_OK;
1528 * This next line is a subtlety we need for
1529 * MS-Access. If a file open will fail due to share
1530 * permissions and also for security (access) reasons,
1531 * we need to return the access failed error, not the
1532 * share error. We can't open the file due to kernel
1533 * oplock deadlock (it's possible we failed above on
1534 * the open_mode_check()) so use a userspace check.
1537 if (flags & O_RDWR) {
1538 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1539 } else if (flags & O_WRONLY) {
1540 can_access_mask = FILE_WRITE_DATA;
1542 can_access_mask = FILE_READ_DATA;
1545 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1546 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1551 * If we're returning a share violation, ensure we
1552 * cope with the braindead 1 second delay.
1555 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1556 lp_defer_sharing_violations()) {
1557 struct timeval timeout;
1558 struct deferred_open_record state;
1561 /* this is a hack to speed up torture tests
1563 timeout_usecs = lp_parm_int(SNUM(conn),
1564 "smbd","sharedelay",
1565 SHARING_VIOLATION_USEC_WAIT);
1567 /* This is a relative time, added to the absolute
1568 request_time value to get the absolute timeout time.
1569 Note that if this is the second or greater time we enter
1570 this codepath for this particular request mid then
1571 request_time is left as the absolute time of the *first*
1572 time this request mid was processed. This is what allows
1573 the request to eventually time out. */
1575 timeout = timeval_set(0, timeout_usecs);
1577 /* Nothing actually uses state.delayed_for_oplocks
1578 but it's handy to differentiate in debug messages
1579 between a 30 second delay due to oplock break, and
1580 a 1 second delay for share mode conflicts. */
1582 state.delayed_for_oplocks = False;
1586 && !request_timed_out(request_time,
1588 defer_open(lck, request_time, timeout,
1596 * We have detected a sharing violation here
1597 * so return the correct error code
1599 status = NT_STATUS_SHARING_VIOLATION;
1601 status = NT_STATUS_ACCESS_DENIED;
1608 * We exit this block with the share entry *locked*.....
1612 SMB_ASSERT(!file_existed || (lck != NULL));
1615 * Ensure we pay attention to default ACLs on directories if required.
1618 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1619 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1623 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1624 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1625 (unsigned int)flags, (unsigned int)flags2,
1626 (unsigned int)unx_mode, (unsigned int)access_mask,
1627 (unsigned int)open_access_mask));
1630 * open_file strips any O_TRUNC flags itself.
1633 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1634 flags|flags2, unx_mode, access_mask,
1637 if (!NT_STATUS_IS_OK(fsp_open)) {
1645 if (!file_existed) {
1648 * Deal with the race condition where two smbd's detect the
1649 * file doesn't exist and do the create at the same time. One
1650 * of them will win and set a share mode, the other (ie. this
1651 * one) should check if the requested share mode for this
1652 * create is allowed.
1656 * Now the file exists and fsp is successfully opened,
1657 * fsp->dev and fsp->inode are valid and should replace the
1658 * dev=0,inode=0 from a non existent file. Spotted by
1659 * Nadav Danieli <nadavd@exanet.com>. JRA.
1664 lck = get_share_mode_lock(NULL, id,
1669 DEBUG(0, ("open_file_ntcreate: Could not get share "
1670 "mode lock for %s\n", fname));
1671 fd_close(conn, fsp);
1673 return NT_STATUS_SHARING_VIOLATION;
1676 /* First pass - send break only on batch oplocks. */
1678 && delay_for_oplocks(lck, fsp, req->mid, 1,
1680 schedule_defer_open(lck, request_time, req);
1682 fd_close(conn, fsp);
1684 return NT_STATUS_SHARING_VIOLATION;
1687 status = open_mode_check(conn, fname, lck,
1688 access_mask, share_access,
1689 create_options, &file_existed);
1691 if (NT_STATUS_IS_OK(status)) {
1692 /* We might be going to allow this open. Check oplock
1694 /* Second pass - send break for both batch or
1695 * exclusive oplocks. */
1697 && delay_for_oplocks(lck, fsp, req->mid, 2,
1699 schedule_defer_open(lck, request_time, req);
1701 fd_close(conn, fsp);
1703 return NT_STATUS_SHARING_VIOLATION;
1707 if (!NT_STATUS_IS_OK(status)) {
1708 struct deferred_open_record state;
1710 fd_close(conn, fsp);
1713 state.delayed_for_oplocks = False;
1716 /* Do it all over again immediately. In the second
1717 * round we will find that the file existed and handle
1718 * the DELETE_PENDING and FCB cases correctly. No need
1719 * to duplicate the code here. Essentially this is a
1720 * "goto top of this function", but don't tell
1724 defer_open(lck, request_time, timeval_zero(),
1732 * We exit this block with the share entry *locked*.....
1737 SMB_ASSERT(lck != NULL);
1739 /* note that we ignore failure for the following. It is
1740 basically a hack for NFS, and NFS will never set one of
1741 these only read them. Nobody but Samba can ever set a deny
1742 mode and we have already checked our more authoritative
1743 locking database for permission to set this deny mode. If
1744 the kernel refuses the operations then the kernel is wrong.
1745 note that GPFS supports it as well - jmcd */
1747 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1748 if(ret_flock == -1 ){
1751 fd_close(conn, fsp);
1754 return NT_STATUS_SHARING_VIOLATION;
1758 * At this point onwards, we can guarentee that the share entry
1759 * is locked, whether we created the file or not, and that the
1760 * deny mode is compatible with all current opens.
1764 * If requested, truncate the file.
1767 if (flags2&O_TRUNC) {
1769 * We are modifing the file after open - update the stat
1772 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1773 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1774 status = map_nt_error_from_unix(errno);
1782 /* Record the options we were opened with. */
1783 fsp->share_access = share_access;
1784 fsp->fh->private_options = create_options;
1785 fsp->access_mask = access_mask;
1788 /* stat opens on existing files don't get oplocks. */
1789 if (is_stat_open(open_access_mask)) {
1790 fsp->oplock_type = NO_OPLOCK;
1793 if (!(flags2 & O_TRUNC)) {
1794 info = FILE_WAS_OPENED;
1796 info = FILE_WAS_OVERWRITTEN;
1799 info = FILE_WAS_CREATED;
1807 * Setup the oplock info in both the shared memory and
1811 if ((fsp->oplock_type != NO_OPLOCK) &&
1812 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1813 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1814 /* Could not get the kernel oplock */
1815 fsp->oplock_type = NO_OPLOCK;
1819 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
1820 new_file_created = True;
1823 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created);
1825 /* Handle strange delete on close create semantics. */
1826 if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) {
1827 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1829 if (!NT_STATUS_IS_OK(status)) {
1830 /* Remember to delete the mode we just added. */
1831 del_share_mode(lck, fsp);
1837 /* Note that here we set the *inital* delete on close flag,
1838 not the regular one. The magic gets handled in close. */
1839 fsp->initial_delete_on_close = True;
1842 if (new_file_created) {
1843 /* Files should be initially set as archive */
1844 if (lp_map_archive(SNUM(conn)) ||
1845 lp_store_dos_attributes(SNUM(conn))) {
1847 file_set_dosmode(conn, fname,
1848 new_dos_attributes | aARCH, NULL,
1855 * Take care of inherited ACLs on created files - if default ACL not
1859 if (!posix_open && !file_existed && !def_acl) {
1861 int saved_errno = errno; /* We might get ENOSYS in the next
1864 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1866 errno = saved_errno; /* Ignore ENOSYS */
1869 } else if (new_unx_mode) {
1873 /* Attributes need changing. File already existed. */
1876 int saved_errno = errno; /* We might get ENOSYS in the
1878 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1881 if (ret == -1 && errno == ENOSYS) {
1882 errno = saved_errno; /* Ignore ENOSYS */
1884 DEBUG(5, ("open_file_ntcreate: reset "
1885 "attributes of file %s to 0%o\n",
1886 fname, (unsigned int)new_unx_mode));
1887 ret = 0; /* Don't do the fchmod below. */
1892 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1893 DEBUG(5, ("open_file_ntcreate: failed to reset "
1894 "attributes of file %s to 0%o\n",
1895 fname, (unsigned int)new_unx_mode));
1898 /* If this is a successful open, we must remove any deferred open
1901 del_deferred_open_entry(lck, req->mid);
1905 conn->num_files_open++;
1908 return NT_STATUS_OK;
1911 /****************************************************************************
1912 Open a file for for write to ensure that we can fchmod it.
1913 ****************************************************************************/
1915 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1916 SMB_STRUCT_STAT *psbuf, files_struct **result)
1918 files_struct *fsp = NULL;
1921 if (!VALID_STAT(*psbuf)) {
1922 return NT_STATUS_INVALID_PARAMETER;
1925 status = file_new(conn, &fsp);
1926 if(!NT_STATUS_IS_OK(status)) {
1930 /* note! we must use a non-zero desired access or we don't get
1931 a real file descriptor. Oh what a twisted web we weave. */
1932 status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY,
1933 0, FILE_WRITE_DATA, FILE_WRITE_DATA);
1936 * This is not a user visible file open.
1937 * Don't set a share mode and don't increment
1938 * the conn->num_files_open.
1941 if (!NT_STATUS_IS_OK(status)) {
1947 return NT_STATUS_OK;
1950 /****************************************************************************
1951 Close the fchmod file fd - ensure no locks are lost.
1952 ****************************************************************************/
1954 NTSTATUS close_file_fchmod(files_struct *fsp)
1956 NTSTATUS status = fd_close(fsp->conn, fsp);
1961 static NTSTATUS mkdir_internal(connection_struct *conn,
1963 uint32 file_attributes,
1964 SMB_STRUCT_STAT *psbuf)
1968 const char *dirname;
1971 if(!CAN_WRITE(conn)) {
1972 DEBUG(5,("mkdir_internal: failing create on read-only share "
1973 "%s\n", lp_servicename(SNUM(conn))));
1974 return NT_STATUS_ACCESS_DENIED;
1977 status = check_name(conn, name);
1978 if (!NT_STATUS_IS_OK(status)) {
1982 if (!parent_dirname_talloc(talloc_tos(), name, &parent_dir,
1984 return NT_STATUS_NO_MEMORY;
1987 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1988 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1990 mode = unix_mode(conn, aDIR, name, parent_dir);
1993 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
1994 return map_nt_error_from_unix(errno);
1997 /* Ensure we're checking for a symlink here.... */
1998 /* We don't want to get caught by a symlink racer. */
2000 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2001 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2002 name, strerror(errno)));
2003 return map_nt_error_from_unix(errno);
2006 if (!S_ISDIR(psbuf->st_mode)) {
2007 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2009 return NT_STATUS_ACCESS_DENIED;
2012 if (lp_inherit_perms(SNUM(conn))) {
2013 inherit_access_acl(conn, parent_dir, name, mode);
2016 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2018 * Check if high bits should have been set,
2019 * then (if bits are missing): add them.
2020 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2023 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2024 SMB_VFS_CHMOD(conn, name,
2025 psbuf->st_mode | (mode & ~psbuf->st_mode));
2029 /* Change the owner if required. */
2030 if (lp_inherit_owner(SNUM(conn))) {
2031 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2034 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2037 return NT_STATUS_OK;
2040 /****************************************************************************
2041 Open a directory from an NT SMB call.
2042 ****************************************************************************/
2044 NTSTATUS open_directory(connection_struct *conn,
2045 struct smb_request *req,
2047 SMB_STRUCT_STAT *psbuf,
2049 uint32 share_access,
2050 uint32 create_disposition,
2051 uint32 create_options,
2052 uint32 file_attributes,
2054 files_struct **result)
2056 files_struct *fsp = NULL;
2057 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
2058 struct share_mode_lock *lck = NULL;
2062 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2063 "share_access = 0x%x create_options = 0x%x, "
2064 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2066 (unsigned int)access_mask,
2067 (unsigned int)share_access,
2068 (unsigned int)create_options,
2069 (unsigned int)create_disposition,
2070 (unsigned int)file_attributes));
2072 if (is_ntfs_stream_name(fname)) {
2073 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2074 return NT_STATUS_NOT_A_DIRECTORY;
2077 switch( create_disposition ) {
2080 info = FILE_WAS_OPENED;
2083 * We want to follow symlinks here.
2086 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2087 return map_nt_error_from_unix(errno);
2094 /* If directory exists error. If directory doesn't
2097 status = mkdir_internal(conn,
2102 if (!NT_STATUS_IS_OK(status)) {
2103 DEBUG(2, ("open_directory: unable to create "
2104 "%s. Error was %s\n", fname,
2105 nt_errstr(status)));
2109 info = FILE_WAS_CREATED;
2114 * If directory exists open. If directory doesn't
2118 status = mkdir_internal(conn,
2123 if (NT_STATUS_IS_OK(status)) {
2124 info = FILE_WAS_CREATED;
2127 if (NT_STATUS_EQUAL(status,
2128 NT_STATUS_OBJECT_NAME_COLLISION)) {
2129 info = FILE_WAS_OPENED;
2130 status = NT_STATUS_OK;
2135 case FILE_SUPERSEDE:
2136 case FILE_OVERWRITE:
2137 case FILE_OVERWRITE_IF:
2139 DEBUG(5,("open_directory: invalid create_disposition "
2140 "0x%x for directory %s\n",
2141 (unsigned int)create_disposition, fname));
2142 return NT_STATUS_INVALID_PARAMETER;
2145 if(!S_ISDIR(psbuf->st_mode)) {
2146 DEBUG(5,("open_directory: %s is not a directory !\n",
2148 return NT_STATUS_NOT_A_DIRECTORY;
2151 status = file_new(conn, &fsp);
2152 if(!NT_STATUS_IS_OK(status)) {
2157 * Setup the files_struct for it.
2160 fsp->mode = psbuf->st_mode;
2161 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2162 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2163 fsp->file_pid = req ? req->smbpid : 0;
2164 fsp->can_lock = False;
2165 fsp->can_read = False;
2166 fsp->can_write = False;
2168 fsp->share_access = share_access;
2169 fsp->fh->private_options = create_options;
2170 fsp->access_mask = access_mask;
2172 fsp->print_file = False;
2173 fsp->modified = False;
2174 fsp->oplock_type = NO_OPLOCK;
2175 fsp->sent_oplock_break = NO_BREAK_SENT;
2176 fsp->is_directory = True;
2177 fsp->is_stat = False;
2178 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2180 string_set(&fsp->fsp_name,fname);
2182 lck = get_share_mode_lock(NULL, fsp->file_id,
2187 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2189 return NT_STATUS_SHARING_VIOLATION;
2192 status = open_mode_check(conn, fname, lck,
2193 access_mask, share_access,
2194 create_options, &dir_existed);
2196 if (!NT_STATUS_IS_OK(status)) {
2202 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True);
2204 /* For directories the delete on close bit at open time seems
2205 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2206 if (create_options & FILE_DELETE_ON_CLOSE) {
2207 status = can_set_delete_on_close(fsp, True, 0);
2208 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2214 if (NT_STATUS_IS_OK(status)) {
2215 /* Note that here we set the *inital* delete on close flag,
2216 not the regular one. The magic gets handled in close. */
2217 fsp->initial_delete_on_close = True;
2227 conn->num_files_open++;
2230 return NT_STATUS_OK;
2233 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2236 SMB_STRUCT_STAT sbuf;
2239 SET_STAT_INVALID(sbuf);
2241 status = open_directory(conn, NULL, directory, &sbuf,
2242 FILE_READ_ATTRIBUTES, /* Just a stat open */
2243 FILE_SHARE_NONE, /* Ignored for stat opens */
2246 FILE_ATTRIBUTE_DIRECTORY,
2250 if (NT_STATUS_IS_OK(status)) {
2251 close_file(fsp, NORMAL_CLOSE);
2257 /****************************************************************************
2258 Open a pseudo-file (no locking checks - a 'stat' open).
2259 ****************************************************************************/
2261 NTSTATUS open_file_stat(connection_struct *conn, struct smb_request *req,
2262 const char *fname, SMB_STRUCT_STAT *psbuf,
2263 files_struct **result)
2265 files_struct *fsp = NULL;
2268 if (!VALID_STAT(*psbuf)) {
2269 return NT_STATUS_INVALID_PARAMETER;
2272 /* Can't 'stat' open directories. */
2273 if(S_ISDIR(psbuf->st_mode)) {
2274 return NT_STATUS_FILE_IS_A_DIRECTORY;
2277 status = file_new(conn, &fsp);
2278 if(!NT_STATUS_IS_OK(status)) {
2282 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2285 * Setup the files_struct for it.
2288 fsp->mode = psbuf->st_mode;
2289 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2290 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2291 fsp->file_pid = req ? req->smbpid : 0;
2292 fsp->can_lock = False;
2293 fsp->can_read = False;
2294 fsp->can_write = False;
2295 fsp->print_file = False;
2296 fsp->modified = False;
2297 fsp->oplock_type = NO_OPLOCK;
2298 fsp->sent_oplock_break = NO_BREAK_SENT;
2299 fsp->is_directory = False;
2300 fsp->is_stat = True;
2301 string_set(&fsp->fsp_name,fname);
2303 conn->num_files_open++;
2306 return NT_STATUS_OK;
2309 /****************************************************************************
2310 Receive notification that one of our open files has been renamed by another
2312 ****************************************************************************/
2314 void msg_file_was_renamed(struct messaging_context *msg,
2317 struct server_id server_id,
2321 char *frm = (char *)data->data;
2323 const char *sharepath;
2324 const char *newname;
2327 if (data->data == NULL
2328 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2329 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2330 (int)data->length));
2334 /* Unpack the message. */
2335 pull_file_id_16(frm, &id);
2336 sharepath = &frm[16];
2337 newname = sharepath + strlen(sharepath) + 1;
2338 sp_len = strlen(sharepath);
2340 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2342 sharepath, newname, file_id_static_string(&id)));
2344 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2345 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2346 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2347 fsp->fnum, fsp->fsp_name, newname ));
2348 string_set(&fsp->fsp_name, newname);
2351 /* Now we have the complete path we can work out if this is
2352 actually within this share and adjust newname accordingly. */
2353 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2354 "not sharepath %s) "
2355 "fnum %d from %s -> %s\n",
2356 fsp->conn->connectpath,
git.samba.org / ira / wip.git / blob