-#define OLD_NTDOMAIN 1
-
/*
Unix SMB/Netbios implementation.
Version 1.9.
extern int DEBUGLEVEL;
-extern pstring sesssetup_user;
+extern userdom_struct current_user_info;
extern uint16 global_oplock_port;
extern BOOL global_client_failed_oplock_break;
fsp->wcp = NULL; /* Write cache pointer. */
DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
- *sesssetup_user ? sesssetup_user : conn->user,fsp->fsp_name,
+ *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
conn->num_files_open + 1));
+ /*
+ * Take care of inherited ACLs on created files. JRA.
+ */
+
+ if ((flags & O_CREAT) && (conn->vfs_ops.fchmod_acl != NULL))
+ conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode);
+
return True;
}
num_share_modes = open_mode_check(conn, fname, dev, inode, share_mode,
&flags, &oplock_request, &all_current_opens_are_level_II);
if(num_share_modes == -1) {
+
+ /*
+ * This next line is a subtlety we need for MS-Access. If a file open will
+ * fail due to share permissions and also for security (access)
+ * reasons, we need to return the access failed error, not the
+ * share error. This means we must attempt to open the file anyway
+ * in order to get the UNIX access error - even if we're going to
+ * fail the open for share reasons. This is bad, as we're burning
+ * another fd if there are existing locks but there's nothing else
+ * we can do. We also ensure we're not going to create or tuncate
+ * the file as we only want an access decision at this stage. JRA.
+ */
+ open_file(fsp,conn,fname,psbuf,flags|(flags2&~(O_TRUNC|O_CREAT)),mode);
+
unlock_share_entry(conn, dev, inode);
file_free(fsp);
return NULL;
return NULL;
}
- /* not that we ignore failure for the following. It is
- basically a hack for NFS, and NFS will never set one of
- these only read them. Nobody but Samba can ever set a deny
- mode and we have already checked our more authoritative
- locking database for permission to set this deny mode. If
- the kernel refuses the operations then the kernel is wrong */
- kernel_flock(fsp, deny_mode);
-
/*
* Deal with the race condition where two smbd's detect the file doesn't
* exist and do the create at the same time. One of them will win and
*/
}
+ /* note that we ignore failure for the following. It is
+ basically a hack for NFS, and NFS will never set one of
+ these only read them. Nobody but Samba can ever set a deny
+ mode and we have already checked our more authoritative
+ locking database for permission to set this deny mode. If
+ the kernel refuses the operations then the kernel is wrong */
+ kernel_flock(fsp, deny_mode);
+
/*
* At this point onwards, we can guarentee that the share entry
* is locked, whether we created the file or not, and that the
free((char *)old_shares);
return(ret);
}
-
-#undef OLD_NTDOMAIN
git.samba.org / ira / wip.git / blobdiff