return 0;
}
-static BOOL skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int
+static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int
fd, uint32 security_info_sent, SEC_DESC *psd)
{
errno = ENOSYS;
- return False;
+ return NT_STATUS_NOT_IMPLEMENTED;
}
-static BOOL skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const
+static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const
char *name, uint32 security_info_sent, SEC_DESC *psd)
{
errno = ENOSYS;
- return False;
+ return NT_STATUS_NOT_IMPLEMENTED;
}
static int skel_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode)
return SMB_VFS_NEXT_GET_NT_ACL(handle, fsp, name, security_info, ppdesc);
}
-static BOOL skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
int fd, uint32 security_info_sent, SEC_DESC *psd)
{
return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent, psd);
}
-static BOOL skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info_sent, SEC_DESC *psd)
{
return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, psd);
* timestamp resolition. JRA. */
/* Changed to version21 to add chflags operation -- jpeach */
/* Changed to version22 to add lchown operation -- jra */
+/* Leave at 22 - not yet released. But change set_nt_acl to return an NTSTATUS. jra. */
#define SMB_VFS_INTERFACE_VERSION 22
size_t (*fget_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info, struct security_descriptor **ppdesc);
size_t (*get_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info, struct security_descriptor **ppdesc);
- BOOL (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd);
- BOOL (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd);
+ NTSTATUS (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, int fd, uint32 security_info_sent, struct security_descriptor *psd);
+ NTSTATUS (*set_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd);
/* POSIX ACL operations. */
extern struct current_user current_user;
extern int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid);
-extern BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp,
+extern NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp,
uint32 security_info_sent, SEC_DESC *psd);
static SMB_ACL4_INT_T *get_validated_aclint(SMB4ACL_T *acl)
return acl;
}
-BOOL smb_set_nt_acl_nfs4(files_struct *fsp,
+NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
uint32 security_info_sent,
SEC_DESC *psd,
set_nfs4acl_native_fn_t set_nfs4_native)
BOOL result;
SMB_STRUCT_STAT sbuf;
- BOOL need_chown = False;
uid_t newUID = (uid_t)-1;
gid_t newGID = (gid_t)-1;
{
DEBUG(9, ("security_info_sent (0x%x) ignored\n",
security_info_sent));
- return True; /* won't show error - later to be refined... */
+ return NT_STATUS_OK; /* won't show error - later to be refined... */
}
/* Special behaviours */
if (smbacl4_get_vfs_params(SMBACL4_PARAM_TYPE_NAME, fsp, ¶ms))
- return False;
+ return NT_STATUS_NO_MEMORY;
if (smbacl4_GetFileOwner(fsp, &sbuf))
- return False;
+ return map_nt_error_from_unix(errno);
if (params.do_chown) {
/* chown logic is a copy/paste from posix_acl.c:set_nt_acl */
- if (!unpack_nt_owners(SNUM(fsp->conn), &newUID, &newGID, security_info_sent, psd))
- {
+ NTSTATUS status = unpack_nt_owners(SNUM(fsp->conn), &newUID, &newGID, security_info_sent, psd);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(8, ("unpack_nt_owners failed"));
- return False;
+ return status;
}
if (((newUID != (uid_t)-1) && (sbuf.st_uid != newUID)) ||
- ((newGID != (gid_t)-1) && (sbuf.st_gid != newGID))) {
- need_chown = True;
- }
- if (need_chown) {
- if ((newUID == (uid_t)-1 || newUID == current_user.ut.uid)) {
- if(try_chown(fsp->conn, fsp->fsp_name, newUID, newGID)) {
- DEBUG(3,("chown %s, %u, %u failed. Error = %s.\n",
- fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID, strerror(errno) ));
- return False;
+ ((newGID != (gid_t)-1) && (sbuf.st_gid != newGID))) {
+ if(try_chown(fsp->conn, fsp->fsp_name, newUID, newGID)) {
+ DEBUG(3,("chown %s, %u, %u failed. Error = %s.\n",
+ fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID, strerror(errno) ));
+ if (errno == EPERM) {
+ return NT_STATUS_INVALID_OWNER;
}
- DEBUG(10,("chown %s, %u, %u succeeded.\n",
- fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID));
- if (smbacl4_GetFileOwner(fsp, &sbuf))
- return False;
- need_chown = False;
- } else { /* chown is needed, but _after_ changing acl */
- sbuf.st_uid = newUID; /* OWNER@ in case of e_special */
- sbuf.st_gid = newGID; /* GROUP@ in case of e_special */
+ return map_nt_error_from_unix(errno);
}
+ DEBUG(10,("chown %s, %u, %u succeeded.\n",
+ fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID));
+ if (smbacl4_GetFileOwner(fsp, &sbuf))
+ return map_nt_error_from_unix(errno);
}
}
{
acl = smbacl4_win2nfs4(psd->dacl, ¶ms, sbuf.st_uid, sbuf.st_gid);
if (!acl)
- return False;
+ return map_nt_error_from_unix(errno);
smbacl4_dump_nfs4acl(10, acl);
if (result!=True)
{
DEBUG(10, ("set_nfs4_native failed with %s\n", strerror(errno)));
- return False;
+ return map_nt_error_from_unix(errno);
}
} else
DEBUG(10, ("no dacl found; security_info_sent = 0x%x\n", security_info_sent));
- /* Any chown pending? */
- if (need_chown) {
- DEBUG(3,("chown#2 %s. uid = %u, gid = %u.\n",
- fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID));
- if (try_chown(fsp->conn, fsp->fsp_name, newUID, newGID)) {
- DEBUG(2,("chown#2 %s, %u, %u failed. Error = %s.\n",
- fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID,
- strerror(errno)));
- return False;
- }
- DEBUG(10,("chown#2 %s, %u, %u succeeded.\n",
- fsp->fsp_name, (unsigned int)newUID, (unsigned int)newGID));
- }
-
DEBUG(10, ("smb_set_nt_acl_nfs4 succeeded\n"));
- return True;
+ return NT_STATUS_OK;
}
}
}
-static BOOL afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS afs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
struct security_descriptor *psd)
{
free_afs_acl(&old_afs_acl);
free_afs_acl(&new_afs_acl);
- return (ret == 0);
+ return (ret == 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
}
static size_t afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
return afs_get_nt_acl(fsp, security_info, ppdesc);
}
-BOOL afsacl_fset_nt_acl(vfs_handle_struct *handle,
+NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
int fd, uint32 security_info_sent,
SEC_DESC *psd)
return afs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
-BOOL afsacl_set_nt_acl(vfs_handle_struct *handle,
+NTSTATUS afsacl_set_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
const char *name, uint32 security_info_sent,
SEC_DESC *psd)
return True;
}
-static BOOL aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS aixjfs2_set_nt_acl_common(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
{
acl_type_t acl_type_info;
- BOOL result = False;
+ NTSTATUS result = NT_STATUS_ACCESS_DENIED;
int rc;
rc = aixjfs2_query_acl_support(
} else if (rc==1) { /* assume POSIX ACL - by default... */
result = set_nt_acl(fsp, security_info_sent, psd);
} else
- result = False; /* query failed */
+ result = map_nt_error_from_unix(errno); /* query failed */
return result;
}
-BOOL aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
{
return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
}
-BOOL aixjfs2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS aixjfs2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
{
return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
}
return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path);
}
-static BOOL cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd)
+static NTSTATUS cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, struct security_descriptor *psd)
{
pstring capname;
capencode(capname, name);
ppdesc);
}
-static BOOL catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info_sent,
struct security_descriptor_info *psd)
{
return result;
}
-static BOOL vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
{
- BOOL result;
+ NTSTATUS result;
START_PROFILE(fset_nt_acl);
result = set_nt_acl(fsp, security_info_sent, psd);
return result;
}
-static BOOL vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
{
- BOOL result;
+ NTSTATUS result;
START_PROFILE(set_nt_acl);
result = set_nt_acl(fsp, security_info_sent, psd);
static size_t smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info,
SEC_DESC **ppdesc);
-static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
int fd, uint32 security_info_sent,
SEC_DESC *psd);
-static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info_sent,
SEC_DESC *psd);
static int smb_full_audit_chmod_acl(vfs_handle_struct *handle,
return result;
}
-static BOOL smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
int fd, uint32 security_info_sent,
SEC_DESC *psd)
{
- BOOL result;
+ NTSTATUS result;
result = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, fd, security_info_sent,
psd);
- do_log(SMB_VFS_OP_FSET_NT_ACL, result, handle, "%s", fsp->fsp_name);
+ do_log(SMB_VFS_OP_FSET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name);
return result;
}
-static BOOL smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
const char *name, uint32 security_info_sent,
SEC_DESC *psd)
{
- BOOL result;
+ NTSTATUS result;
result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent,
psd);
- do_log(SMB_VFS_OP_SET_NT_ACL, result, handle, "%s", fsp->fsp_name);
+ do_log(SMB_VFS_OP_SET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name);
return result;
}
return True;
}
-static BOOL gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS gpfsacl_set_nt_acl_internal(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
{
struct gpfs_acl *acl;
- BOOL result = False;
+ NTSTATUS result = NT_STATUS_ACCESS_DENIED;
acl = gpfs_getacl_alloc(fsp->fsp_name, GPFS_ACL_TYPE_ACCESS);
if (acl == NULL)
- return False;
+ return result;
if (acl->acl_version&GPFS_ACL_VERSION_NFS4)
{
return result;
}
-static BOOL gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
{
return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
}
-static BOOL gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd)
+static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd)
{
return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd);
}
* set the local file's acls obtaining it in NT form
* using the NFSv4 format conversion
*/
-static BOOL zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
+static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info_sent,
struct security_descriptor *psd)
{
return zfs_get_nt_acl(fsp, security_info, ppdesc);
}
-static BOOL zfsacl_fset_nt_acl(vfs_handle_struct *handle,
+static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
int fd, uint32 security_info_sent,
SEC_DESC *psd)
return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
}
-static BOOL zfsacl_set_nt_acl(vfs_handle_struct *handle,
+static NTSTATUS zfsacl_set_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
const char *name, uint32 security_info_sent,
SEC_DESC *psd)
WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecurity *r)
{
- BOOL ret;
DATA_BLOB null_pw;
files_struct *fsp = NULL;
SMB_STRUCT_STAT st;
}
}
- ret = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, r->in.securityinformation, r->in.sd_buf.sd);
+ nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, r->in.securityinformation, r->in.sd_buf.sd);
- if (ret == False) {
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", r->in.file));
status = WERR_ACCESS_DENIED;
goto error_exit;
prs_struct pd;
SEC_DESC *psd = NULL;
TALLOC_CTX *mem_ctx;
- BOOL ret;
+ NTSTATUS status;
if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) {
return NT_STATUS_OK;
security_info_sent &= ~DACL_SECURITY_INFORMATION;
}
- ret = SMB_VFS_FSET_NT_ACL( fsp, fsp->fh->fd, security_info_sent, psd);
-
- if (!ret) {
- talloc_destroy(mem_ctx);
- return NT_STATUS_ACCESS_DENIED;
- }
+ status = SMB_VFS_FSET_NT_ACL( fsp, fsp->fh->fd, security_info_sent, psd);
talloc_destroy(mem_ctx);
-
- return NT_STATUS_OK;
+ return status;
}
/****************************************************************************
Unpack a SEC_DESC into a UNIX owner and group.
****************************************************************************/
-BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd)
{
DOM_SID owner_sid;
DOM_SID grp_sid;
if(security_info_sent == 0) {
DEBUG(0,("unpack_nt_owners: no security info sent !\n"));
- return True;
+ return NT_STATUS_OK;
}
/*
DEBUG(3,("unpack_nt_owners: unable to validate"
" owner sid for %s\n",
sid_string_static(&owner_sid)));
- return False;
+ return NT_STATUS_INVALID_OWNER;
}
}
+ DEBUG(3,("unpack_nt_owners: owner sid mapped to uid %u\n",
+ (unsigned int)*puser ));
}
/*
} else {
DEBUG(3,("unpack_nt_owners: unable to validate"
" group sid.\n"));
- return False;
+ return NT_STATUS_INVALID_OWNER;
}
}
- }
+ DEBUG(3,("unpack_nt_owners: group sid mapped to gid %u\n",
+ (unsigned int)*pgrp));
+ }
DEBUG(5,("unpack_nt_owners: owner_sids validated.\n"));
- return True;
+ return NT_STATUS_OK;
}
/****************************************************************************
/* Case (4). */
if (!lp_dos_filemode(SNUM(conn))) {
+ errno = EPERM;
return -1;
}
This should be the only external function needed for the UNIX style set ACL.
****************************************************************************/
-BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
{
connection_struct *conn = fsp->conn;
uid_t user = (uid_t)-1;
canon_ace *dir_ace_list = NULL;
BOOL acl_perms = False;
mode_t orig_mode = (mode_t)0;
- uid_t orig_uid;
- gid_t orig_gid;
- BOOL need_chown = False;
+ NTSTATUS status;
DEBUG(10,("set_nt_acl: called for file %s\n", fsp->fsp_name ));
if (!CAN_WRITE(conn)) {
DEBUG(10,("set acl rejected on read-only share\n"));
- return False;
+ return NT_STATUS_MEDIA_WRITE_PROTECTED;
}
/*
if(fsp->is_directory || fsp->fh->fd == -1) {
if(SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf) != 0)
- return False;
+ return map_nt_error_from_unix(errno);
} else {
if(SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) != 0)
- return False;
+ return map_nt_error_from_unix(errno);
}
/* Save the original elements we check against. */
orig_mode = sbuf.st_mode;
- orig_uid = sbuf.st_uid;
- orig_gid = sbuf.st_gid;
/*
* Unpack the user/group/world id's.
*/
- if (!unpack_nt_owners( SNUM(conn), &user, &grp, security_info_sent, psd)) {
- return False;
+ status = unpack_nt_owners( SNUM(conn), &user, &grp, security_info_sent, psd);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
/*
* Do we need to chown ?
*/
- if (((user != (uid_t)-1) && (orig_uid != user)) || (( grp != (gid_t)-1) && (orig_gid != grp))) {
- need_chown = True;
- }
-
- /*
- * Chown before setting ACL only if we don't change the user, or
- * if we change to the current user, but not if we want to give away
- * the file.
- */
-
- if (need_chown && (user == (uid_t)-1 || user == current_user.ut.uid)) {
+ if (((user != (uid_t)-1) && (sbuf.st_uid != user)) || (( grp != (gid_t)-1) && (sbuf.st_gid != grp))) {
DEBUG(3,("set_nt_acl: chown %s. uid = %u, gid = %u.\n",
fsp->fsp_name, (unsigned int)user, (unsigned int)grp ));
if(try_chown( fsp->conn, fsp->fsp_name, user, grp) == -1) {
DEBUG(3,("set_nt_acl: chown %s, %u, %u failed. Error = %s.\n",
fsp->fsp_name, (unsigned int)user, (unsigned int)grp, strerror(errno) ));
- return False;
+ if (errno == EPERM) {
+ return NT_STATUS_INVALID_OWNER;
+ }
+ return map_nt_error_from_unix(errno);
}
/*
if(fsp->is_directory) {
if(SMB_VFS_STAT(fsp->conn, fsp->fsp_name, &sbuf) != 0) {
- return False;
+ return map_nt_error_from_unix(errno);
}
} else {
ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf);
if(ret != 0)
- return False;
+ return map_nt_error_from_unix(errno);
}
/* Save the original elements we check against. */
orig_mode = sbuf.st_mode;
- orig_uid = sbuf.st_uid;
- orig_gid = sbuf.st_gid;
-
- /* We did it, don't try again */
- need_chown = False;
}
create_file_sids(&sbuf, &file_owner_sid, &file_grp_sid);
DEBUG(3,("set_nt_acl: cannot set permissions\n"));
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
- return False;
+ return NT_STATUS_ACCESS_DENIED;
}
/*
DEBUG(3,("set_nt_acl: failed to set file acl on file %s (%s).\n", fsp->fsp_name, strerror(errno) ));
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
- return False;
+ return map_nt_error_from_unix(errno);
}
}
DEBUG(3,("set_nt_acl: failed to set default acl on directory %s (%s).\n", fsp->fsp_name, strerror(errno) ));
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
- return False;
+ return map_nt_error_from_unix(errno);
}
} else {
DEBUG(3,("set_nt_acl: sys_acl_delete_def_file failed (%s)\n", strerror(errno)));
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
- return False;
+ return map_nt_error_from_unix(errno);
}
}
}
free_canon_ace_list(dir_ace_list);
DEBUG(3,("set_nt_acl: failed to convert file acl to posix permissions for file %s.\n",
fsp->fsp_name ));
- return False;
+ return NT_STATUS_ACCESS_DENIED;
}
if (orig_mode != posix_perms) {
fsp->fsp_name, (unsigned int)posix_perms, strerror(errno) ));
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
- return False;
+ return map_nt_error_from_unix(errno);
}
}
}
free_canon_ace_list(dir_ace_list);
}
- /* Any chown pending? */
- if (need_chown) {
-
- DEBUG(3,("set_nt_acl: chown %s. uid = %u, gid = %u.\n",
- fsp->fsp_name, (unsigned int)user, (unsigned int)grp ));
-
- if(try_chown( fsp->conn, fsp->fsp_name, user, grp) == -1) {
- DEBUG(3,("set_nt_acl: chown %s, %u, %u failed. Error = %s.\n",
- fsp->fsp_name, (unsigned int)user, (unsigned int)grp, strerror(errno) ));
- return False;
- }
- }
-
- return True;
+ return NT_STATUS_OK;
}
/****************************************************************************
git.samba.org / nivanova / samba-autobuild / .git / commitdiff