s3: smbd: Change semantics of strict rename to search the file open db.
authorJeremy Allison <jra@samba.org>
Tue, 24 Nov 2015 16:43:14 +0000 (08:43 -0800)
committerJeremy Allison <jra@samba.org>
Tue, 24 Nov 2015 19:44:14 +0000 (20:44 +0100)
Without strict rename just look in local process. POSIX renames are
already dealt with above.

Documentation change to follow.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
source3/smbd/dir.c
source3/smbd/proto.h
source3/smbd/reply.c

index 2ab37680b58a546820a0c5c93f08663eaedccee8..ad572947edd386a45daacc715e56d9a3b1404b48 100644 (file)
@@ -1963,7 +1963,7 @@ static int have_file_open_below_fn(struct file_id fid,
        return 1;
 }
 
-static bool have_file_open_below(connection_struct *conn,
+bool have_file_open_below(connection_struct *conn,
                                 const struct smb_filename *name)
 {
        struct have_file_open_below_state state = {
index be51182628ef17cf5ea0971a0f54009cf95b5f05..55e828649b7ad656f239f1cec297cf62e556b1b3 100644 (file)
@@ -232,6 +232,8 @@ long TellDir(struct smb_Dir *dirp);
 bool SearchDir(struct smb_Dir *dirp, const char *name, long *poffset);
 NTSTATUS can_delete_directory(struct connection_struct *conn,
                                const char *dirname);
+bool have_file_open_below(connection_struct *conn,
+                       const struct smb_filename *name);
 
 /* The following definitions come from smbd/dmapi.c  */
 
index c43713555bf3d425a03dccce82ac2a6ed9c43f69..efef6138d9b14bba18ac6f8076a99a51ed532f0f 100644 (file)
@@ -2676,7 +2676,17 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
                /* If no pathnames are open below this
                   directory, allow the rename. */
 
-               if (file_find_subpath(fsp)) {
+               if (lp_strict_rename(SNUM(conn))) {
+                       /*
+                        * Strict rename, check open file db.
+                        */
+                       if (have_file_open_below(fsp->conn, fsp->fsp_name)) {
+                               return NT_STATUS_ACCESS_DENIED;
+                       }
+               } else if (file_find_subpath(fsp)) {
+                       /*
+                        * No strict rename, just look in local process.
+                        */
                        return NT_STATUS_ACCESS_DENIED;
                }
                return NT_STATUS_OK;