*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "system/filesys.h"
+#include "smbd/smbd.h"
#include "nfs4_acls.h"
#undef DBGC_CLASS
#define AIXACL2_MODULE_NAME "aixacl2"
-extern struct current_user current_user;
-extern int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid);
-extern BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp,
- uint32 security_info_sent, SEC_DESC *psd);
-
extern SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl);
extern struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl);
uint64_t ctl_flag=0;
TALLOC_CTX *mem_ctx;
- mem_ctx = main_loop_talloc_get();
- acl = (AIXJFS2_ACL_T *)talloc_size(mem_ctx, len);
+ mem_ctx = talloc_tos();
+ acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len);
if (acl == NULL) {
errno = ENOMEM;
return NULL;
len = aixacl2_getlen(acl, type) + sizeof(AIXJFS2_ACL_T);
DEBUG(10,("aixjfs2_getacl_alloc - acl_len:%d\n",len));
- acl = (AIXJFS2_ACL_T *)talloc_size(mem_ctx, len);
+ acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len);
if (acl == NULL) {
errno = ENOMEM;
return NULL;
return acl;
}
-static BOOL aixjfs2_get_nfs4_acl(files_struct *fsp,
- SMB4ACL_T **ppacl, BOOL *pretryPosix)
+static bool aixjfs2_get_nfs4_acl(const char *name,
+ SMB4ACL_T **ppacl, bool *pretryPosix)
{
int32_t i;
nfs4_ace_int_t *jfs2_ace = NULL;
acl_type_t type;
- DEBUG(10,("jfs2 get_nt_acl invoked for %s\n", fsp->fsp_name));
+ DEBUG(10,("jfs2 get_nt_acl invoked for %s\n", name));
memset(&type, 0, sizeof(acl_type_t));
type.u64 = ACL_NFS4;
- pacl = aixjfs2_getacl_alloc(fsp->fsp_name, &type);
+ pacl = aixjfs2_getacl_alloc(name, &type);
if (pacl == NULL) {
DEBUG(9, ("aixjfs2_getacl_alloc failed for %s with %s\n",
- fsp->fsp_name, strerror(errno)));
+ name, strerror(errno)));
if (errno==ENOSYS)
*pretryPosix = True;
return False;
return True;
}
-static size_t aixjfs2_get_nt_acl_common(files_struct *fsp,
- uint32 security_info, SEC_DESC **ppdesc)
+static NTSTATUS aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
+ files_struct *fsp, uint32 security_info,
+ struct security_descriptor **ppdesc)
{
SMB4ACL_T *pacl = NULL;
- BOOL result;
- BOOL retryPosix = False;
+ bool result;
+ bool retryPosix = False;
*ppdesc = NULL;
- result = aixjfs2_get_nfs4_acl(fsp, &pacl, &retryPosix);
+ result = aixjfs2_get_nfs4_acl(fsp->fsp_name->base_name, &pacl,
+ &retryPosix);
if (retryPosix)
{
DEBUG(10, ("retrying with posix acl...\n"));
- return get_nt_acl(fsp, security_info, ppdesc);
+ return posix_fget_nt_acl(fsp, security_info, ppdesc);
}
if (result==False)
- return 0;
+ return NT_STATUS_ACCESS_DENIED;
- return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
+ return smb_fget_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
}
-size_t aixjfs2_fget_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp, int fd, uint32 security_info,
- SEC_DESC **ppdesc)
+static NTSTATUS aixjfs2_get_nt_acl(vfs_handle_struct *handle,
+ const char *name,
+ uint32 security_info, struct security_descriptor **ppdesc)
{
- return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc);
-}
+ SMB4ACL_T *pacl = NULL;
+ bool result;
+ bool retryPosix = False;
-size_t aixjfs2_get_nt_acl(vfs_handle_struct *handle,
- files_struct *fsp, const char *name,
- uint32 security_info, SEC_DESC **ppdesc)
-{
- return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc);
+ *ppdesc = NULL;
+ result = aixjfs2_get_nfs4_acl(name, &pacl, &retryPosix);
+ if (retryPosix)
+ {
+ DEBUG(10, ("retrying with posix acl...\n"));
+ return posix_get_nt_acl(handle->conn, name, security_info,
+ ppdesc);
+ }
+ if (result==False)
+ return NT_STATUS_ACCESS_DENIED;
+
+ return smb_get_nt_acl_nfs4(handle->conn, name, security_info, ppdesc,
+ pacl);
}
static SMB_ACL_T aixjfs2_get_posix_acl(const char *path, acl_type_t type)
done:
if (errno != 0) {
- SAFE_FREE(result);
+ TALLOC_FREE(result);
}
return result;
}
}
SMB_ACL_T aixjfs2_sys_acl_get_fd(vfs_handle_struct *handle,
- files_struct *fsp,
- int fd)
+ files_struct *fsp)
{
acl_type_t aixjfs2_type;
aixjfs2_type.u64 = ACL_AIXC;
- return aixjfs2_get_posix_acl(fsp->fsp_name, aixjfs2_type);
+ return aixjfs2_get_posix_acl(fsp->fsp_name->base_name, aixjfs2_type);
}
/*
return 1; /* haven't found that ACL type. */
}
-static BOOL aixjfs2_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
+static bool aixjfs2_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
{
SMB4ACE_T *smbace;
TALLOC_CTX *mem_ctx;
int rc;
acl_type_t acltype;
- DEBUG(10, ("jfs2_process_smbacl invoked on %s\n", fsp->fsp_name));
+ DEBUG(10, ("jfs2_process_smbacl invoked on %s\n", fsp_str_dbg(fsp)));
/* no need to be freed which is alloced with mem_ctx */
- mem_ctx = main_loop_talloc_get();
+ mem_ctx = talloc_tos();
entryLen = sizeof(nfs4_ace_int_t);
if (entryLen & 0x03)
naces = smb_get_naces(smbacl);
aclLen = ACL_V4_SIZ + naces * entryLen;
- jfs2acl = (nfs4_acl_int_t *)talloc_size(mem_ctx, aclLen);
+ jfs2acl = (nfs4_acl_int_t *)TALLOC_SIZE(mem_ctx, aclLen);
if (jfs2acl==NULL) {
- DEBUG(0, ("talloc_size failed\n"));
+ DEBUG(0, ("TALLOC_SIZE failed\n"));
errno = ENOMEM;
return False;
}
/* won't set S_ISUID - the only one JFS2/NFS4 accepts */
rc = aclx_put(
- fsp->fsp_name,
+ fsp->fsp_name->base_name,
SET_ACL, /* set only the ACL, not mode bits */
acltype, /* not a pointer !!! */
jfs2acl,
return True;
}
-static BOOL aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
acl_type_t acl_type_info;
- BOOL result = False;
+ NTSTATUS result = NT_STATUS_ACCESS_DENIED;
int rc;
rc = aixjfs2_query_acl_support(
} else if (rc==1) { /* assume POSIX ACL - by default... */
result = set_nt_acl(fsp, security_info_sent, psd);
} else
- result = False; /* query failed */
+ result = map_nt_error_from_unix(errno); /* query failed */
return result;
}
-BOOL aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
-{
- return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
-}
-
-BOOL aixjfs2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
{
return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
}
int aixjfs2_sys_acl_set_fd(vfs_handle_struct *handle,
files_struct *fsp,
- int fd, SMB_ACL_T theacl)
+ SMB_ACL_T theacl)
{
struct acl *acl_aixc;
acl_type_t acl_type_info;
int rc;
- DEBUG(10, ("aixjfs2_sys_acl_set_fd invoked for %s", fsp->fsp_name));
+ DEBUG(10, ("aixjfs2_sys_acl_set_fd invoked for %s", fsp_str_dbg(fsp)));
- rc = aixjfs2_query_acl_support(fsp->fsp_name, ACL_AIXC, &acl_type_info);
+ rc = aixjfs2_query_acl_support(fsp->fsp_name->base_name, ACL_AIXC,
+ &acl_type_info);
if (rc) {
DEBUG(8, ("jfs2_set_nt_acl: AIXC support not found\n"));
return -1;
return -1;
rc = aclx_fput(
- fd,
+ fsp->fh->fd,
SET_ACL, /* set only the ACL, not mode bits */
acl_type_info,
acl_aixc,
);
if (rc) {
DEBUG(2, ("aclx_fput failed with %s for %s\n",
- strerror(errno), fsp->fsp_name));
+ strerror(errno), fsp_str_dbg(fsp)));
return -1;
}
return 0;
}
-
-/* VFS operations structure */
-
-static vfs_op_tuple aixjfs2_ops[] =
-{
- {SMB_VFS_OP(aixjfs2_fget_nt_acl),
- SMB_VFS_OP_FGET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_get_nt_acl),
- SMB_VFS_OP_GET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_fset_nt_acl),
- SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_set_nt_acl),
- SMB_VFS_OP_SET_NT_ACL,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_sys_acl_get_file),
- SMB_VFS_OP_SYS_ACL_GET_FILE,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_sys_acl_get_fd),
- SMB_VFS_OP_SYS_ACL_GET_FD,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_sys_acl_set_file),
- SMB_VFS_OP_SYS_ACL_SET_FILE,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_sys_acl_set_fd),
- SMB_VFS_OP_SYS_ACL_SET_FD,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(aixjfs2_sys_acl_delete_def_file),
- SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
- SMB_VFS_LAYER_TRANSPARENT},
-
- {SMB_VFS_OP(NULL),
- SMB_VFS_OP_NOOP,
- SMB_VFS_LAYER_NOOP}
+static struct vfs_fn_pointers vfs_aixacl2_fns = {
+ .fget_nt_acl_fn = aixjfs2_fget_nt_acl,
+ .get_nt_acl_fn = aixjfs2_get_nt_acl,
+ .fset_nt_acl_fn = aixjfs2_fset_nt_acl,
+ .sys_acl_get_file_fn = aixjfs2_sys_acl_get_file,
+ .sys_acl_get_fd_fn = aixjfs2_sys_acl_get_fd,
+ .sys_acl_set_file_fn = aixjfs2_sys_acl_set_file,
+ .sys_acl_set_fd_fn = aixjfs2_sys_acl_set_fd,
+ .sys_acl_delete_def_file_fn = aixjfs2_sys_acl_delete_def_file
};
NTSTATUS vfs_aixacl2_init(void);
NTSTATUS vfs_aixacl2_init(void)
{
return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, AIXACL2_MODULE_NAME,
- aixjfs2_ops);
+ &vfs_aixacl2_fns);
}