2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static NTSTATUS fd_open(struct connection_struct *conn,
47 NTSTATUS status = NT_STATUS_OK;
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
56 if (fsp->fh->fd == -1) {
57 status = map_nt_error_from_unix(errno);
60 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
61 fname, flags, (int)mode, fsp->fh->fd,
62 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
67 /****************************************************************************
68 Close the file associated with a fsp.
69 ****************************************************************************/
71 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
73 if (fsp->fh->fd == -1) {
74 return NT_STATUS_OK; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_file_owner_to_parent(connection_struct *conn,
88 const char *inherit_from_dir,
91 SMB_STRUCT_STAT parent_st;
94 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
96 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
97 "directory %s. Error was %s\n",
98 inherit_from_dir, strerror(errno) ));
103 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
107 "file %s to parent directory uid %u. Error "
108 "was %s\n", fsp->fsp_name,
109 (unsigned int)parent_st.st_uid,
113 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
114 "parent directory uid %u.\n", fsp->fsp_name,
115 (unsigned int)parent_st.st_uid ));
118 static void change_dir_owner_to_parent(connection_struct *conn,
119 const char *inherit_from_dir,
121 SMB_STRUCT_STAT *psbuf)
124 SMB_STRUCT_STAT sbuf;
125 SMB_STRUCT_STAT parent_st;
128 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
130 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
131 "directory %s. Error was %s\n",
132 inherit_from_dir, strerror(errno) ));
136 /* We've already done an lstat into psbuf, and we know it's a
137 directory. If we can cd into the directory and the dev/ino
138 are the same then we can safely chown without races as
139 we're locking the directory in place by being in it. This
140 should work on any UNIX (thanks tridge :-). JRA.
143 if (!vfs_GetWd(conn,saved_dir)) {
144 DEBUG(0,("change_dir_owner_to_parent: failed to get "
145 "current working directory\n"));
149 /* Chdir into the new path. */
150 if (vfs_ChDir(conn, fname) == -1) {
151 DEBUG(0,("change_dir_owner_to_parent: failed to change "
152 "current working directory to %s. Error "
153 "was %s\n", fname, strerror(errno) ));
157 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
158 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
159 "directory '.' (%s) Error was %s\n",
160 fname, strerror(errno)));
164 /* Ensure we're pointing at the same place. */
165 if (sbuf.st_dev != psbuf->st_dev ||
166 sbuf.st_ino != psbuf->st_ino ||
167 sbuf.st_mode != psbuf->st_mode ) {
168 DEBUG(0,("change_dir_owner_to_parent: "
169 "device/inode/mode on directory %s changed. "
170 "Refusing to chown !\n", fname ));
175 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
178 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
179 "directory %s to parent directory uid %u. "
180 "Error was %s\n", fname,
181 (unsigned int)parent_st.st_uid, strerror(errno) ));
185 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
186 "directory %s to parent directory uid %u.\n",
187 fname, (unsigned int)parent_st.st_uid ));
191 vfs_ChDir(conn,saved_dir);
194 /****************************************************************************
196 ****************************************************************************/
198 static NTSTATUS open_file(files_struct *fsp,
199 connection_struct *conn,
200 const char *parent_dir,
203 SMB_STRUCT_STAT *psbuf,
206 uint32 access_mask, /* client requested access mask. */
207 uint32 open_access_mask) /* what we're actually using in the open. */
209 NTSTATUS status = NT_STATUS_OK;
210 int accmode = (flags & O_ACCMODE);
211 int local_flags = flags;
212 BOOL file_existed = VALID_STAT(*psbuf);
217 /* Check permissions */
220 * This code was changed after seeing a client open request
221 * containing the open mode of (DENY_WRITE/read-only) with
222 * the 'create if not exist' bit set. The previous code
223 * would fail to open the file read only on a read-only share
224 * as it was checking the flags parameter directly against O_RDONLY,
225 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
229 if (!CAN_WRITE(conn)) {
230 /* It's a read-only share - fail if we wanted to write. */
231 if(accmode != O_RDONLY) {
232 DEBUG(3,("Permission denied opening %s\n", path));
233 return NT_STATUS_ACCESS_DENIED;
234 } else if(flags & O_CREAT) {
235 /* We don't want to write - but we must make sure that
236 O_CREAT doesn't create the file if we have write
237 access into the directory.
240 local_flags &= ~O_CREAT;
245 * This little piece of insanity is inspired by the
246 * fact that an NT client can open a file for O_RDONLY,
247 * but set the create disposition to FILE_EXISTS_TRUNCATE.
248 * If the client *can* write to the file, then it expects to
249 * truncate the file, even though it is opening for readonly.
250 * Quicken uses this stupid trick in backup file creation...
251 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
252 * for helping track this one down. It didn't bite us in 2.0.x
253 * as we always opened files read-write in that release. JRA.
256 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
257 DEBUG(10,("open_file: truncate requested on read-only open "
258 "for file %s\n", path));
259 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
262 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
263 (!file_existed && (local_flags & O_CREAT)) ||
264 ((local_flags & O_TRUNC) == O_TRUNC) ) {
267 * We can't actually truncate here as the file may be locked.
268 * open_file_ntcreate will take care of the truncate later. JRA.
271 local_flags &= ~O_TRUNC;
273 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
275 * We would block on opening a FIFO with no one else on the
276 * other end. Do what we used to do and add O_NONBLOCK to the
280 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
281 local_flags |= O_NONBLOCK;
285 /* Don't create files with Microsoft wildcard characters. */
286 if ((local_flags & O_CREAT) && !file_existed &&
288 return NT_STATUS_OBJECT_NAME_INVALID;
291 /* Actually do the open */
292 status = fd_open(conn, path, fsp, local_flags, unx_mode);
293 if (!NT_STATUS_IS_OK(status)) {
294 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
296 path,nt_errstr(status),local_flags,flags));
300 if ((local_flags & O_CREAT) && !file_existed) {
302 /* Inherit the ACL if required */
303 if (lp_inherit_perms(SNUM(conn))) {
304 inherit_access_acl(conn, parent_dir, path,
308 /* Change the owner if required. */
309 if (lp_inherit_owner(SNUM(conn))) {
310 change_file_owner_to_parent(conn, parent_dir,
314 notify_fname(conn, NOTIFY_ACTION_ADDED,
315 FILE_NOTIFY_CHANGE_FILE_NAME, path);
319 fsp->fh->fd = -1; /* What we used to call a stat open. */
325 if (fsp->fh->fd == -1) {
326 ret = SMB_VFS_STAT(conn, path, psbuf);
328 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
329 /* If we have an fd, this stat should succeed. */
331 DEBUG(0,("Error doing fstat on open file %s "
332 "(%s)\n", path,strerror(errno) ));
336 /* For a non-io open, this stat failing means file not found. JRA */
338 status = map_nt_error_from_unix(errno);
345 * POSIX allows read-only opens of directories. We don't
346 * want to do this (we use a different code path for this)
347 * so catch a directory open and return an EISDIR. JRA.
350 if(S_ISDIR(psbuf->st_mode)) {
353 return NT_STATUS_FILE_IS_A_DIRECTORY;
356 fsp->mode = psbuf->st_mode;
357 fsp->inode = psbuf->st_ino;
358 fsp->dev = psbuf->st_dev;
359 fsp->vuid = current_user.vuid;
360 fsp->file_pid = global_smbpid;
361 fsp->can_lock = True;
362 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
363 if (!CAN_WRITE(conn)) {
364 fsp->can_write = False;
366 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
369 fsp->print_file = False;
370 fsp->modified = False;
371 fsp->sent_oplock_break = NO_BREAK_SENT;
372 fsp->is_directory = False;
373 fsp->is_stat = False;
375 string_set(&fsp->fsp_name, path);
376 fsp->wcp = NULL; /* Write cache pointer. */
378 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
379 *current_user_info.smb_name ?
380 current_user_info.smb_name : conn->user,fsp->fsp_name,
381 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
382 conn->num_files_open + 1));
388 /*******************************************************************
389 Return True if the filename is one of the special executable types.
390 ********************************************************************/
392 static BOOL is_executable(const char *fname)
394 if ((fname = strrchr_m(fname,'.'))) {
395 if (strequal(fname,".com") ||
396 strequal(fname,".dll") ||
397 strequal(fname,".exe") ||
398 strequal(fname,".sym")) {
405 /****************************************************************************
406 Check if we can open a file with a share mode.
407 Returns True if conflict, False if not.
408 ****************************************************************************/
410 static BOOL share_conflict(struct share_mode_entry *entry,
414 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
415 "entry->share_access = 0x%x, "
416 "entry->private_options = 0x%x\n",
417 (unsigned int)entry->access_mask,
418 (unsigned int)entry->share_access,
419 (unsigned int)entry->private_options));
421 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
422 (unsigned int)access_mask, (unsigned int)share_access));
424 if ((entry->access_mask & (FILE_WRITE_DATA|
428 DELETE_ACCESS)) == 0) {
429 DEBUG(10,("share_conflict: No conflict due to "
430 "entry->access_mask = 0x%x\n",
431 (unsigned int)entry->access_mask ));
435 if ((access_mask & (FILE_WRITE_DATA|
439 DELETE_ACCESS)) == 0) {
440 DEBUG(10,("share_conflict: No conflict due to "
441 "access_mask = 0x%x\n",
442 (unsigned int)access_mask ));
446 #if 1 /* JRA TEST - Superdebug. */
447 #define CHECK_MASK(num, am, right, sa, share) \
448 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
449 (unsigned int)(num), (unsigned int)(am), \
450 (unsigned int)(right), (unsigned int)(am)&(right) )); \
451 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
452 (unsigned int)(num), (unsigned int)(sa), \
453 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
454 if (((am) & (right)) && !((sa) & (share))) { \
455 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
456 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
457 (unsigned int)(share) )); \
461 #define CHECK_MASK(num, am, right, sa, share) \
462 if (((am) & (right)) && !((sa) & (share))) { \
463 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
464 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
465 (unsigned int)(share) )); \
470 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
471 share_access, FILE_SHARE_WRITE);
472 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
473 entry->share_access, FILE_SHARE_WRITE);
475 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
476 share_access, FILE_SHARE_READ);
477 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
478 entry->share_access, FILE_SHARE_READ);
480 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
481 share_access, FILE_SHARE_DELETE);
482 CHECK_MASK(6, access_mask, DELETE_ACCESS,
483 entry->share_access, FILE_SHARE_DELETE);
485 DEBUG(10,("share_conflict: No conflict.\n"));
489 #if defined(DEVELOPER)
490 static void validate_my_share_entries(int num,
491 struct share_mode_entry *share_entry)
495 if (!procid_is_me(&share_entry->pid)) {
499 if (is_deferred_open_entry(share_entry) &&
500 !open_was_deferred(share_entry->op_mid)) {
502 pstr_sprintf(str, "Got a deferred entry without a request: "
503 "PANIC: %s\n", share_mode_str(num, share_entry));
507 if (!is_valid_share_mode_entry(share_entry)) {
511 fsp = file_find_dif(share_entry->dev, share_entry->inode,
512 share_entry->share_file_id);
514 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
515 share_mode_str(num, share_entry) ));
516 smb_panic("validate_my_share_entries: Cannot match a "
517 "share entry with an open file\n");
520 if (is_deferred_open_entry(share_entry) ||
521 is_unused_share_mode_entry(share_entry)) {
525 if ((share_entry->op_type == NO_OPLOCK) &&
526 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
527 /* Someone has already written to it, but I haven't yet
532 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
541 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
542 share_mode_str(num, share_entry) ));
543 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
544 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
545 fsp->fsp_name, (unsigned int)fsp->oplock_type,
546 (unsigned int)share_entry->op_type );
552 static BOOL is_stat_open(uint32 access_mask)
554 return (access_mask &&
555 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
556 FILE_WRITE_ATTRIBUTES))==0) &&
557 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
558 FILE_WRITE_ATTRIBUTES)) != 0));
561 /****************************************************************************
562 Deal with share modes
563 Invarient: Share mode must be locked on entry and exit.
564 Returns -1 on error, or number of share modes on success (may be zero).
565 ****************************************************************************/
567 static NTSTATUS open_mode_check(connection_struct *conn,
569 struct share_mode_lock *lck,
572 uint32 create_options,
577 if(lck->num_share_modes == 0) {
581 *file_existed = True;
583 if (is_stat_open(access_mask)) {
584 /* Stat open that doesn't trigger oplock breaks or share mode
585 * checks... ! JRA. */
589 /* A delete on close prohibits everything */
591 if (lck->delete_on_close) {
592 return NT_STATUS_DELETE_PENDING;
596 * Check if the share modes will give us access.
599 #if defined(DEVELOPER)
600 for(i = 0; i < lck->num_share_modes; i++) {
601 validate_my_share_entries(i, &lck->share_modes[i]);
605 if (!lp_share_modes(SNUM(conn))) {
609 /* Now we check the share modes, after any oplock breaks. */
610 for(i = 0; i < lck->num_share_modes; i++) {
612 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
616 /* someone else has a share lock on it, check to see if we can
618 if (share_conflict(&lck->share_modes[i],
619 access_mask, share_access)) {
620 return NT_STATUS_SHARING_VIOLATION;
627 static BOOL is_delete_request(files_struct *fsp) {
628 return ((fsp->access_mask == DELETE_ACCESS) &&
629 (fsp->oplock_type == NO_OPLOCK));
633 * 1) No files open at all or internal open: Grant whatever the client wants.
635 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
636 * request, break if the oplock around is a batch oplock. If it's another
637 * requested access type, break.
639 * 3) Only level2 around: Grant level2 and do nothing else.
642 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
648 struct share_mode_entry *exclusive = NULL;
649 BOOL valid_entry = False;
650 BOOL delay_it = False;
651 BOOL have_level2 = False;
653 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
655 if (oplock_request & INTERNAL_OPEN_ONLY) {
656 fsp->oplock_type = NO_OPLOCK;
659 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
663 for (i=0; i<lck->num_share_modes; i++) {
665 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
669 /* At least one entry is not an invalid or deferred entry. */
672 if (pass_number == 1) {
673 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
674 SMB_ASSERT(exclusive == NULL);
675 exclusive = &lck->share_modes[i];
678 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
679 SMB_ASSERT(exclusive == NULL);
680 exclusive = &lck->share_modes[i];
684 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
685 SMB_ASSERT(exclusive == NULL);
691 /* All entries are placeholders or deferred.
692 * Directly grant whatever the client wants. */
693 if (fsp->oplock_type == NO_OPLOCK) {
694 /* Store a level2 oplock, but don't tell the client */
695 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
700 if (exclusive != NULL) { /* Found an exclusive oplock */
701 SMB_ASSERT(!have_level2);
702 delay_it = is_delete_request(fsp) ?
703 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
706 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
707 /* We can at most grant level2 as there are other
708 * level2 or NO_OPLOCK entries. */
709 fsp->oplock_type = LEVEL_II_OPLOCK;
712 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
713 /* Store a level2 oplock, but don't tell the client */
714 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
722 * Send a break message to the oplock holder and delay the open for
726 DEBUG(10, ("Sending break request to PID %s\n",
727 procid_str_static(&exclusive->pid)));
728 exclusive->op_mid = get_current_mid();
730 /* Create the message. */
731 share_mode_entry_to_message(msg, exclusive);
733 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
734 don't want this set in the share mode struct pointed to by lck. */
736 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
737 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
740 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
741 MSG_SMB_BREAK_REQUEST,
743 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
744 if (!NT_STATUS_IS_OK(status)) {
745 DEBUG(3, ("Could not send oplock break message: %s\n",
752 static BOOL request_timed_out(struct timeval request_time,
753 struct timeval timeout)
755 struct timeval now, end_time;
757 end_time = timeval_sum(&request_time, &timeout);
758 return (timeval_compare(&end_time, &now) < 0);
761 /****************************************************************************
762 Handle the 1 second delay in returning a SHARING_VIOLATION error.
763 ****************************************************************************/
765 static void defer_open(struct share_mode_lock *lck,
766 struct timeval request_time,
767 struct timeval timeout,
768 struct deferred_open_record *state)
770 uint16 mid = get_current_mid();
775 for (i=0; i<lck->num_share_modes; i++) {
776 struct share_mode_entry *e = &lck->share_modes[i];
778 if (!is_deferred_open_entry(e)) {
782 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
783 DEBUG(0, ("Trying to defer an already deferred "
784 "request: mid=%d, exiting\n", mid));
785 exit_server("attempt to defer a deferred request");
789 /* End paranoia check */
791 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
792 "open entry for mid %u\n",
793 (unsigned int)request_time.tv_sec,
794 (unsigned int)request_time.tv_usec,
797 if (!push_deferred_smb_message(mid, request_time, timeout,
798 (char *)state, sizeof(*state))) {
799 exit_server("push_deferred_smb_message failed");
801 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
804 * Push the MID of this packet on the signing queue.
805 * We only do this once, the first time we push the packet
806 * onto the deferred open queue, as this has a side effect
807 * of incrementing the response sequence number.
810 srv_defer_sign_response(mid);
814 /****************************************************************************
815 On overwrite open ensure that the attributes match.
816 ****************************************************************************/
818 static BOOL open_match_attributes(connection_struct *conn,
822 mode_t existing_unx_mode,
824 mode_t *returned_unx_mode)
826 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
828 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
829 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
831 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
832 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
833 *returned_unx_mode = new_unx_mode;
835 *returned_unx_mode = (mode_t)0;
838 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
839 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
840 "returned_unx_mode = 0%o\n",
842 (unsigned int)old_dos_attr,
843 (unsigned int)existing_unx_mode,
844 (unsigned int)new_dos_attr,
845 (unsigned int)*returned_unx_mode ));
847 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
848 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
849 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
850 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
854 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
855 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
856 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
863 /****************************************************************************
864 Special FCB or DOS processing in the case of a sharing violation.
865 Try and find a duplicated file handle.
866 ****************************************************************************/
868 static files_struct *fcb_or_dos_open(connection_struct *conn,
869 const char *fname, SMB_DEV_T dev,
873 uint32 create_options)
876 files_struct *dup_fsp;
878 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
879 "file %s.\n", fname ));
881 for(fsp = file_find_di_first(dev, inode); fsp;
882 fsp = file_find_di_next(fsp)) {
884 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
885 "vuid = %u, file_pid = %u, private_options = 0x%x "
886 "access_mask = 0x%x\n", fsp->fsp_name,
887 fsp->fh->fd, (unsigned int)fsp->vuid,
888 (unsigned int)fsp->file_pid,
889 (unsigned int)fsp->fh->private_options,
890 (unsigned int)fsp->access_mask ));
892 if (fsp->fh->fd != -1 &&
893 fsp->vuid == current_user.vuid &&
894 fsp->file_pid == global_smbpid &&
895 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
896 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
897 (fsp->access_mask & FILE_WRITE_DATA) &&
898 strequal(fsp->fsp_name, fname)) {
899 DEBUG(10,("fcb_or_dos_open: file match\n"));
908 /* quite an insane set of semantics ... */
909 if (is_executable(fname) &&
910 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
911 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
915 /* We need to duplicate this fsp. */
916 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
917 create_options, &dup_fsp))) {
924 /****************************************************************************
925 Open a file with a share mode - old openX method - map into NTCreate.
926 ****************************************************************************/
928 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
929 uint32 *paccess_mask,
931 uint32 *pcreate_disposition,
932 uint32 *pcreate_options)
936 uint32 create_disposition;
937 uint32 create_options = 0;
939 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
940 "open_func = 0x%x\n",
941 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
943 /* Create the NT compatible access_mask. */
944 switch (GET_OPENX_MODE(deny_mode)) {
945 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
946 case DOS_OPEN_RDONLY:
947 access_mask = FILE_GENERIC_READ;
949 case DOS_OPEN_WRONLY:
950 access_mask = FILE_GENERIC_WRITE;
954 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
957 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
958 (unsigned int)GET_OPENX_MODE(deny_mode)));
962 /* Create the NT compatible create_disposition. */
964 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
965 create_disposition = FILE_CREATE;
968 case OPENX_FILE_EXISTS_OPEN:
969 create_disposition = FILE_OPEN;
972 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
973 create_disposition = FILE_OPEN_IF;
976 case OPENX_FILE_EXISTS_TRUNCATE:
977 create_disposition = FILE_OVERWRITE;
980 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
981 create_disposition = FILE_OVERWRITE_IF;
985 /* From samba4 - to be confirmed. */
986 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
987 create_disposition = FILE_CREATE;
990 DEBUG(10,("map_open_params_to_ntcreate: bad "
991 "open_func 0x%x\n", (unsigned int)open_func));
995 /* Create the NT compatible share modes. */
996 switch (GET_DENY_MODE(deny_mode)) {
998 share_mode = FILE_SHARE_NONE;
1002 share_mode = FILE_SHARE_READ;
1006 share_mode = FILE_SHARE_WRITE;
1010 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1014 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1015 if (is_executable(fname)) {
1016 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1018 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1019 share_mode = FILE_SHARE_READ;
1021 share_mode = FILE_SHARE_NONE;
1027 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1028 share_mode = FILE_SHARE_NONE;
1032 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1033 (unsigned int)GET_DENY_MODE(deny_mode) ));
1037 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1038 "share_mode = 0x%x, create_disposition = 0x%x, "
1039 "create_options = 0x%x\n",
1041 (unsigned int)access_mask,
1042 (unsigned int)share_mode,
1043 (unsigned int)create_disposition,
1044 (unsigned int)create_options ));
1047 *paccess_mask = access_mask;
1050 *pshare_mode = share_mode;
1052 if (pcreate_disposition) {
1053 *pcreate_disposition = create_disposition;
1055 if (pcreate_options) {
1056 *pcreate_options = create_options;
1063 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1065 struct deferred_open_record state;
1067 /* This is a relative time, added to the absolute
1068 request_time value to get the absolute timeout time.
1069 Note that if this is the second or greater time we enter
1070 this codepath for this particular request mid then
1071 request_time is left as the absolute time of the *first*
1072 time this request mid was processed. This is what allows
1073 the request to eventually time out. */
1075 struct timeval timeout;
1077 /* Normally the smbd we asked should respond within
1078 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1079 * the client did, give twice the timeout as a safety
1080 * measure here in case the other smbd is stuck
1081 * somewhere else. */
1083 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1085 /* Nothing actually uses state.delayed_for_oplocks
1086 but it's handy to differentiate in debug messages
1087 between a 30 second delay due to oplock break, and
1088 a 1 second delay for share mode conflicts. */
1090 state.delayed_for_oplocks = True;
1091 state.dev = lck->dev;
1092 state.inode = lck->ino;
1094 if (!request_timed_out(request_time, timeout)) {
1095 defer_open(lck, request_time, timeout, &state);
1099 /****************************************************************************
1100 Open a file with a share mode.
1101 ****************************************************************************/
1103 NTSTATUS open_file_ntcreate(connection_struct *conn,
1105 SMB_STRUCT_STAT *psbuf,
1106 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1107 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1108 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1109 uint32 create_options, /* options such as delete on close. */
1110 uint32 new_dos_attributes, /* attributes used for new file. */
1111 int oplock_request, /* internal Samba oplock codes. */
1112 /* Information (FILE_EXISTS etc.) */
1114 files_struct **result)
1118 BOOL file_existed = VALID_STAT(*psbuf);
1119 BOOL def_acl = False;
1120 BOOL posix_open = False;
1122 SMB_INO_T inode = 0;
1123 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1124 files_struct *fsp = NULL;
1125 mode_t new_unx_mode = (mode_t)0;
1126 mode_t unx_mode = (mode_t)0;
1128 uint32 existing_dos_attributes = 0;
1129 struct pending_message_list *pml = NULL;
1130 uint16 mid = get_current_mid();
1131 struct timeval request_time = timeval_zero();
1132 struct share_mode_lock *lck = NULL;
1133 uint32 open_access_mask = access_mask;
1137 const char *newname;
1139 if (conn->printer) {
1141 * Printers are handled completely differently.
1142 * Most of the passed parameters are ignored.
1146 *pinfo = FILE_WAS_CREATED;
1149 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1151 return print_fsp_open(conn, fname, result);
1154 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1156 return NT_STATUS_NO_MEMORY;
1159 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1161 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1162 new_dos_attributes = 0;
1164 /* We add aARCH to this as this mode is only used if the file is
1166 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1170 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1171 "access_mask=0x%x share_access=0x%x "
1172 "create_disposition = 0x%x create_options=0x%x "
1173 "unix mode=0%o oplock_request=%d\n",
1174 fname, new_dos_attributes, access_mask, share_access,
1175 create_disposition, create_options, unx_mode,
1178 if ((pml = get_open_deferred_message(mid)) != NULL) {
1179 struct deferred_open_record *state =
1180 (struct deferred_open_record *)pml->private_data.data;
1182 /* Remember the absolute time of the original
1183 request with this mid. We'll use it later to
1184 see if this has timed out. */
1186 request_time = pml->request_time;
1188 /* Remove the deferred open entry under lock. */
1189 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1191 DEBUG(0, ("could not get share mode lock\n"));
1193 del_deferred_open_entry(lck, mid);
1197 /* Ensure we don't reprocess this message. */
1198 remove_deferred_open_smb_message(mid);
1201 status = check_name(conn, fname);
1202 if (!NT_STATUS_IS_OK(status)) {
1207 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1209 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1213 /* ignore any oplock requests if oplocks are disabled */
1214 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1215 IS_VETO_OPLOCK_PATH(conn, fname)) {
1216 /* Mask off everything except the private Samba bits. */
1217 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1220 /* this is for OS/2 long file names - say we don't support them */
1221 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1222 /* OS/2 Workplace shell fix may be main code stream in a later
1224 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1226 if (use_nt_status()) {
1227 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1229 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1232 switch( create_disposition ) {
1234 * Currently we're using FILE_SUPERSEDE as the same as
1235 * FILE_OVERWRITE_IF but they really are
1236 * different. FILE_SUPERSEDE deletes an existing file
1237 * (requiring delete access) then recreates it.
1239 case FILE_SUPERSEDE:
1240 /* If file exists replace/overwrite. If file doesn't
1242 flags2 |= (O_CREAT | O_TRUNC);
1245 case FILE_OVERWRITE_IF:
1246 /* If file exists replace/overwrite. If file doesn't
1248 flags2 |= (O_CREAT | O_TRUNC);
1252 /* If file exists open. If file doesn't exist error. */
1253 if (!file_existed) {
1254 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1255 "requested for file %s and file "
1256 "doesn't exist.\n", fname ));
1258 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1262 case FILE_OVERWRITE:
1263 /* If file exists overwrite. If file doesn't exist
1265 if (!file_existed) {
1266 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1267 "requested for file %s and file "
1268 "doesn't exist.\n", fname ));
1270 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1276 /* If file exists error. If file doesn't exist
1279 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1280 "requested for file %s and file "
1281 "already exists.\n", fname ));
1282 if (S_ISDIR(psbuf->st_mode)) {
1287 return map_nt_error_from_unix(errno);
1289 flags2 |= (O_CREAT|O_EXCL);
1293 /* If file exists open. If file doesn't exist
1299 return NT_STATUS_INVALID_PARAMETER;
1302 /* We only care about matching attributes on file exists and
1305 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1306 (create_disposition == FILE_OVERWRITE_IF))) {
1307 if (!open_match_attributes(conn, fname,
1308 existing_dos_attributes,
1309 new_dos_attributes, psbuf->st_mode,
1310 unx_mode, &new_unx_mode)) {
1311 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1312 "for file %s (%x %x) (0%o, 0%o)\n",
1313 fname, existing_dos_attributes,
1315 (unsigned int)psbuf->st_mode,
1316 (unsigned int)unx_mode ));
1318 return NT_STATUS_ACCESS_DENIED;
1322 /* This is a nasty hack - must fix... JRA. */
1323 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1324 open_access_mask = access_mask = FILE_GENERIC_ALL;
1328 * Convert GENERIC bits to specific bits.
1331 se_map_generic(&access_mask, &file_generic_mapping);
1332 open_access_mask = access_mask;
1334 if (flags2 & O_TRUNC) {
1335 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1338 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1339 "access_mask=0x%x\n", fname, access_mask ));
1342 * Note that we ignore the append flag as append does not
1343 * mean the same thing under DOS and Unix.
1346 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1347 /* DENY_DOS opens are always underlying read-write on the
1348 file handle, no matter what the requested access mask
1350 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1351 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1361 * Currently we only look at FILE_WRITE_THROUGH for create options.
1365 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1370 if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1374 if (!posix_open && !CAN_WRITE(conn)) {
1376 * We should really return a permission denied error if either
1377 * O_CREAT or O_TRUNC are set, but for compatibility with
1378 * older versions of Samba we just AND them out.
1380 flags2 &= ~(O_CREAT|O_TRUNC);
1384 * Ensure we can't write on a read-only share or file.
1387 if (flags != O_RDONLY && file_existed &&
1388 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1389 DEBUG(5,("open_file_ntcreate: write access requested for "
1390 "file %s on read only %s\n",
1391 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1393 return NT_STATUS_ACCESS_DENIED;
1396 status = file_new(conn, &fsp);
1397 if(!NT_STATUS_IS_OK(status)) {
1401 fsp->dev = psbuf->st_dev;
1402 fsp->inode = psbuf->st_ino;
1403 fsp->share_access = share_access;
1404 fsp->fh->private_options = create_options;
1405 fsp->access_mask = open_access_mask; /* We change this to the
1406 * requested access_mask after
1407 * the open is done. */
1408 fsp->posix_open = posix_open;
1410 /* Ensure no SAMBA_PRIVATE bits can be set. */
1411 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1413 if (timeval_is_zero(&request_time)) {
1414 request_time = fsp->open_time;
1418 dev = psbuf->st_dev;
1419 inode = psbuf->st_ino;
1421 lck = get_share_mode_lock(NULL, dev, inode,
1427 DEBUG(0, ("Could not get share mode lock\n"));
1428 return NT_STATUS_SHARING_VIOLATION;
1431 /* First pass - send break only on batch oplocks. */
1432 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1433 schedule_defer_open(lck, request_time);
1436 return NT_STATUS_SHARING_VIOLATION;
1439 /* Use the client requested access mask here, not the one we
1441 status = open_mode_check(conn, fname, lck,
1442 access_mask, share_access,
1443 create_options, &file_existed);
1445 if (NT_STATUS_IS_OK(status)) {
1446 /* We might be going to allow this open. Check oplock
1448 /* Second pass - send break for both batch or
1449 * exclusive oplocks. */
1450 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1451 schedule_defer_open(lck, request_time);
1454 return NT_STATUS_SHARING_VIOLATION;
1458 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1459 /* DELETE_PENDING is not deferred for a second */
1465 if (!NT_STATUS_IS_OK(status)) {
1466 uint32 can_access_mask;
1467 BOOL can_access = True;
1469 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1471 /* Check if this can be done with the deny_dos and fcb
1473 if (create_options &
1474 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1475 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1476 files_struct *fsp_dup;
1478 /* Use the client requested access mask here,
1479 * not the one we open with. */
1480 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1489 *pinfo = FILE_WAS_OPENED;
1491 conn->num_files_open++;
1493 return NT_STATUS_OK;
1498 * This next line is a subtlety we need for
1499 * MS-Access. If a file open will fail due to share
1500 * permissions and also for security (access) reasons,
1501 * we need to return the access failed error, not the
1502 * share error. We can't open the file due to kernel
1503 * oplock deadlock (it's possible we failed above on
1504 * the open_mode_check()) so use a userspace check.
1507 if (flags & O_RDWR) {
1508 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1509 } else if (flags & O_WRONLY) {
1510 can_access_mask = FILE_WRITE_DATA;
1512 can_access_mask = FILE_READ_DATA;
1515 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1516 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1521 * If we're returning a share violation, ensure we
1522 * cope with the braindead 1 second delay.
1525 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1526 lp_defer_sharing_violations()) {
1527 struct timeval timeout;
1528 struct deferred_open_record state;
1531 /* this is a hack to speed up torture tests
1533 timeout_usecs = lp_parm_int(SNUM(conn),
1534 "smbd","sharedelay",
1535 SHARING_VIOLATION_USEC_WAIT);
1537 /* This is a relative time, added to the absolute
1538 request_time value to get the absolute timeout time.
1539 Note that if this is the second or greater time we enter
1540 this codepath for this particular request mid then
1541 request_time is left as the absolute time of the *first*
1542 time this request mid was processed. This is what allows
1543 the request to eventually time out. */
1545 timeout = timeval_set(0, timeout_usecs);
1547 /* Nothing actually uses state.delayed_for_oplocks
1548 but it's handy to differentiate in debug messages
1549 between a 30 second delay due to oplock break, and
1550 a 1 second delay for share mode conflicts. */
1552 state.delayed_for_oplocks = False;
1554 state.inode = inode;
1556 if (!request_timed_out(request_time,
1558 defer_open(lck, request_time, timeout,
1566 * We have detected a sharing violation here
1567 * so return the correct error code
1569 status = NT_STATUS_SHARING_VIOLATION;
1571 status = NT_STATUS_ACCESS_DENIED;
1578 * We exit this block with the share entry *locked*.....
1582 SMB_ASSERT(!file_existed || (lck != NULL));
1585 * Ensure we pay attention to default ACLs on directories if required.
1588 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1589 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1593 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1594 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1595 (unsigned int)flags, (unsigned int)flags2,
1596 (unsigned int)unx_mode, (unsigned int)access_mask,
1597 (unsigned int)open_access_mask));
1600 * open_file strips any O_TRUNC flags itself.
1603 fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1604 flags|flags2, unx_mode, access_mask,
1607 if (!NT_STATUS_IS_OK(fsp_open)) {
1615 if (!file_existed) {
1618 * Deal with the race condition where two smbd's detect the
1619 * file doesn't exist and do the create at the same time. One
1620 * of them will win and set a share mode, the other (ie. this
1621 * one) should check if the requested share mode for this
1622 * create is allowed.
1626 * Now the file exists and fsp is successfully opened,
1627 * fsp->dev and fsp->inode are valid and should replace the
1628 * dev=0,inode=0 from a non existent file. Spotted by
1629 * Nadav Danieli <nadavd@exanet.com>. JRA.
1635 lck = get_share_mode_lock(NULL, dev, inode,
1640 DEBUG(0, ("open_file_ntcreate: Could not get share "
1641 "mode lock for %s\n", fname));
1642 fd_close(conn, fsp);
1644 return NT_STATUS_SHARING_VIOLATION;
1647 status = open_mode_check(conn, fname, lck,
1648 access_mask, share_access,
1649 create_options, &file_existed);
1651 if (!NT_STATUS_IS_OK(status)) {
1652 struct deferred_open_record state;
1654 fd_close(conn, fsp);
1657 state.delayed_for_oplocks = False;
1659 state.inode = inode;
1661 /* Do it all over again immediately. In the second
1662 * round we will find that the file existed and handle
1663 * the DELETE_PENDING and FCB cases correctly. No need
1664 * to duplicate the code here. Essentially this is a
1665 * "goto top of this function", but don't tell
1668 defer_open(lck, request_time, timeval_zero(),
1675 * We exit this block with the share entry *locked*.....
1680 SMB_ASSERT(lck != NULL);
1682 /* note that we ignore failure for the following. It is
1683 basically a hack for NFS, and NFS will never set one of
1684 these only read them. Nobody but Samba can ever set a deny
1685 mode and we have already checked our more authoritative
1686 locking database for permission to set this deny mode. If
1687 the kernel refuses the operations then the kernel is wrong.
1688 note that GPFS supports it as well - jmcd */
1690 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1691 if(ret_flock == -1 ){
1694 fd_close(conn, fsp);
1697 return NT_STATUS_SHARING_VIOLATION;
1701 * At this point onwards, we can guarentee that the share entry
1702 * is locked, whether we created the file or not, and that the
1703 * deny mode is compatible with all current opens.
1707 * If requested, truncate the file.
1710 if (flags2&O_TRUNC) {
1712 * We are modifing the file after open - update the stat
1715 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1716 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1717 status = map_nt_error_from_unix(errno);
1725 /* Record the options we were opened with. */
1726 fsp->share_access = share_access;
1727 fsp->fh->private_options = create_options;
1728 fsp->access_mask = access_mask;
1731 /* stat opens on existing files don't get oplocks. */
1732 if (is_stat_open(open_access_mask)) {
1733 fsp->oplock_type = NO_OPLOCK;
1736 if (!(flags2 & O_TRUNC)) {
1737 info = FILE_WAS_OPENED;
1739 info = FILE_WAS_OVERWRITTEN;
1742 info = FILE_WAS_CREATED;
1750 * Setup the oplock info in both the shared memory and
1754 if ((fsp->oplock_type != NO_OPLOCK) &&
1755 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1756 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1757 /* Could not get the kernel oplock */
1758 fsp->oplock_type = NO_OPLOCK;
1761 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1763 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1764 info == FILE_WAS_SUPERSEDED) {
1766 /* Handle strange delete on close create semantics. */
1767 if (create_options & FILE_DELETE_ON_CLOSE) {
1768 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1770 if (!NT_STATUS_IS_OK(status)) {
1771 /* Remember to delete the mode we just added. */
1772 del_share_mode(lck, fsp);
1778 /* Note that here we set the *inital* delete on close flag,
1779 not the regular one. The magic gets handled in close. */
1780 fsp->initial_delete_on_close = True;
1783 /* Files should be initially set as archive */
1784 if (lp_map_archive(SNUM(conn)) ||
1785 lp_store_dos_attributes(SNUM(conn))) {
1787 file_set_dosmode(conn, fname,
1788 new_dos_attributes | aARCH, NULL,
1795 * Take care of inherited ACLs on created files - if default ACL not
1799 if (!posix_open && !file_existed && !def_acl) {
1801 int saved_errno = errno; /* We might get ENOSYS in the next
1804 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1806 errno = saved_errno; /* Ignore ENOSYS */
1809 } else if (new_unx_mode) {
1813 /* Attributes need changing. File already existed. */
1816 int saved_errno = errno; /* We might get ENOSYS in the
1818 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1821 if (ret == -1 && errno == ENOSYS) {
1822 errno = saved_errno; /* Ignore ENOSYS */
1824 DEBUG(5, ("open_file_ntcreate: reset "
1825 "attributes of file %s to 0%o\n",
1826 fname, (unsigned int)new_unx_mode));
1827 ret = 0; /* Don't do the fchmod below. */
1832 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1833 DEBUG(5, ("open_file_ntcreate: failed to reset "
1834 "attributes of file %s to 0%o\n",
1835 fname, (unsigned int)new_unx_mode));
1838 /* If this is a successful open, we must remove any deferred open
1840 del_deferred_open_entry(lck, mid);
1843 conn->num_files_open++;
1846 return NT_STATUS_OK;
1849 /****************************************************************************
1850 Open a file for for write to ensure that we can fchmod it.
1851 ****************************************************************************/
1853 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1854 SMB_STRUCT_STAT *psbuf, files_struct **result)
1856 files_struct *fsp = NULL;
1859 if (!VALID_STAT(*psbuf)) {
1860 return NT_STATUS_INVALID_PARAMETER;
1863 status = file_new(conn, &fsp);
1864 if(!NT_STATUS_IS_OK(status)) {
1868 /* note! we must use a non-zero desired access or we don't get
1869 a real file descriptor. Oh what a twisted web we weave. */
1870 status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1871 FILE_WRITE_DATA, FILE_WRITE_DATA);
1874 * This is not a user visible file open.
1875 * Don't set a share mode and don't increment
1876 * the conn->num_files_open.
1879 if (!NT_STATUS_IS_OK(status)) {
1885 return NT_STATUS_OK;
1888 /****************************************************************************
1889 Close the fchmod file fd - ensure no locks are lost.
1890 ****************************************************************************/
1892 NTSTATUS close_file_fchmod(files_struct *fsp)
1894 NTSTATUS status = fd_close(fsp->conn, fsp);
1899 static NTSTATUS mkdir_internal(connection_struct *conn,
1901 uint32 file_attributes,
1902 SMB_STRUCT_STAT *psbuf)
1906 const char *dirname;
1909 if(!CAN_WRITE(conn)) {
1910 DEBUG(5,("mkdir_internal: failing create on read-only share "
1911 "%s\n", lp_servicename(SNUM(conn))));
1912 return NT_STATUS_ACCESS_DENIED;
1915 status = check_name(conn, name);
1916 if (!NT_STATUS_IS_OK(status)) {
1920 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1922 return NT_STATUS_NO_MEMORY;
1925 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1926 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1928 mode = unix_mode(conn, aDIR, name, parent_dir);
1931 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
1932 return map_nt_error_from_unix(errno);
1935 /* Ensure we're checking for a symlink here.... */
1936 /* We don't want to get caught by a symlink racer. */
1938 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1939 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1940 name, strerror(errno)));
1941 return map_nt_error_from_unix(errno);
1944 if (!S_ISDIR(psbuf->st_mode)) {
1945 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1947 return NT_STATUS_ACCESS_DENIED;
1950 if (lp_inherit_perms(SNUM(conn))) {
1951 inherit_access_acl(conn, parent_dir, name, mode);
1954 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
1956 * Check if high bits should have been set,
1957 * then (if bits are missing): add them.
1958 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1961 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1962 SMB_VFS_CHMOD(conn, name,
1963 psbuf->st_mode | (mode & ~psbuf->st_mode));
1967 /* Change the owner if required. */
1968 if (lp_inherit_owner(SNUM(conn))) {
1969 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1972 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
1975 return NT_STATUS_OK;
1978 /****************************************************************************
1979 Open a directory from an NT SMB call.
1980 ****************************************************************************/
1982 NTSTATUS open_directory(connection_struct *conn,
1984 SMB_STRUCT_STAT *psbuf,
1986 uint32 share_access,
1987 uint32 create_disposition,
1988 uint32 create_options,
1989 uint32 file_attributes,
1991 files_struct **result)
1993 files_struct *fsp = NULL;
1994 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1995 struct share_mode_lock *lck = NULL;
1999 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2000 "share_access = 0x%x create_options = 0x%x, "
2001 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2003 (unsigned int)access_mask,
2004 (unsigned int)share_access,
2005 (unsigned int)create_options,
2006 (unsigned int)create_disposition,
2007 (unsigned int)file_attributes));
2009 if (is_ntfs_stream_name(fname)) {
2010 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2011 return NT_STATUS_NOT_A_DIRECTORY;
2014 switch( create_disposition ) {
2017 info = FILE_WAS_OPENED;
2020 * We want to follow symlinks here.
2023 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2024 return map_nt_error_from_unix(errno);
2031 /* If directory exists error. If directory doesn't
2034 status = mkdir_internal(conn,
2039 if (!NT_STATUS_IS_OK(status)) {
2040 DEBUG(2, ("open_directory: unable to create "
2041 "%s. Error was %s\n", fname,
2042 nt_errstr(status)));
2046 info = FILE_WAS_CREATED;
2051 * If directory exists open. If directory doesn't
2055 status = mkdir_internal(conn,
2060 if (NT_STATUS_IS_OK(status)) {
2061 info = FILE_WAS_CREATED;
2064 if (NT_STATUS_EQUAL(status,
2065 NT_STATUS_OBJECT_NAME_COLLISION)) {
2066 info = FILE_WAS_OPENED;
2067 status = NT_STATUS_OK;
2072 case FILE_SUPERSEDE:
2073 case FILE_OVERWRITE:
2074 case FILE_OVERWRITE_IF:
2076 DEBUG(5,("open_directory: invalid create_disposition "
2077 "0x%x for directory %s\n",
2078 (unsigned int)create_disposition, fname));
2079 return NT_STATUS_INVALID_PARAMETER;
2082 if(!S_ISDIR(psbuf->st_mode)) {
2083 DEBUG(5,("open_directory: %s is not a directory !\n",
2085 return NT_STATUS_NOT_A_DIRECTORY;
2088 status = file_new(conn, &fsp);
2089 if(!NT_STATUS_IS_OK(status)) {
2094 * Setup the files_struct for it.
2097 fsp->mode = psbuf->st_mode;
2098 fsp->inode = psbuf->st_ino;
2099 fsp->dev = psbuf->st_dev;
2100 fsp->vuid = current_user.vuid;
2101 fsp->file_pid = global_smbpid;
2102 fsp->can_lock = False;
2103 fsp->can_read = False;
2104 fsp->can_write = False;
2106 fsp->share_access = share_access;
2107 fsp->fh->private_options = create_options;
2108 fsp->access_mask = access_mask;
2110 fsp->print_file = False;
2111 fsp->modified = False;
2112 fsp->oplock_type = NO_OPLOCK;
2113 fsp->sent_oplock_break = NO_BREAK_SENT;
2114 fsp->is_directory = True;
2115 fsp->is_stat = False;
2116 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2118 string_set(&fsp->fsp_name,fname);
2120 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2125 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2127 return NT_STATUS_SHARING_VIOLATION;
2130 status = open_mode_check(conn, fname, lck,
2131 access_mask, share_access,
2132 create_options, &dir_existed);
2134 if (!NT_STATUS_IS_OK(status)) {
2140 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2142 /* For directories the delete on close bit at open time seems
2143 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2144 if (create_options & FILE_DELETE_ON_CLOSE) {
2145 status = can_set_delete_on_close(fsp, True, 0);
2146 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2152 if (NT_STATUS_IS_OK(status)) {
2153 /* Note that here we set the *inital* delete on close flag,
2154 not the regular one. The magic gets handled in close. */
2155 fsp->initial_delete_on_close = True;
2165 conn->num_files_open++;
2168 return NT_STATUS_OK;
2171 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2174 SMB_STRUCT_STAT sbuf;
2177 SET_STAT_INVALID(sbuf);
2179 status = open_directory(conn, directory, &sbuf,
2180 FILE_READ_ATTRIBUTES, /* Just a stat open */
2181 FILE_SHARE_NONE, /* Ignored for stat opens */
2184 FILE_ATTRIBUTE_DIRECTORY,
2188 if (NT_STATUS_IS_OK(status)) {
2189 close_file(fsp, NORMAL_CLOSE);
2195 /****************************************************************************
2196 Open a pseudo-file (no locking checks - a 'stat' open).
2197 ****************************************************************************/
2199 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2200 SMB_STRUCT_STAT *psbuf, files_struct **result)
2202 files_struct *fsp = NULL;
2205 if (!VALID_STAT(*psbuf)) {
2206 return NT_STATUS_INVALID_PARAMETER;
2209 /* Can't 'stat' open directories. */
2210 if(S_ISDIR(psbuf->st_mode)) {
2211 return NT_STATUS_FILE_IS_A_DIRECTORY;
2214 status = file_new(conn, &fsp);
2215 if(!NT_STATUS_IS_OK(status)) {
2219 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2222 * Setup the files_struct for it.
2225 fsp->mode = psbuf->st_mode;
2226 fsp->inode = psbuf->st_ino;
2227 fsp->dev = psbuf->st_dev;
2228 fsp->vuid = current_user.vuid;
2229 fsp->file_pid = global_smbpid;
2230 fsp->can_lock = False;
2231 fsp->can_read = False;
2232 fsp->can_write = False;
2233 fsp->print_file = False;
2234 fsp->modified = False;
2235 fsp->oplock_type = NO_OPLOCK;
2236 fsp->sent_oplock_break = NO_BREAK_SENT;
2237 fsp->is_directory = False;
2238 fsp->is_stat = True;
2239 string_set(&fsp->fsp_name,fname);
2241 conn->num_files_open++;
2244 return NT_STATUS_OK;
2247 /****************************************************************************
2248 Receive notification that one of our open files has been renamed by another
2250 ****************************************************************************/
2252 void msg_file_was_renamed(struct messaging_context *msg,
2255 struct server_id server_id,
2259 char *frm = (char *)data->data;
2262 const char *sharepath;
2263 const char *newname;
2266 if (data->data == NULL
2267 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2268 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2273 /* Unpack the message. */
2274 dev = DEV_T_VAL(frm,0);
2275 inode = INO_T_VAL(frm,8);
2276 sharepath = &frm[16];
2277 newname = sharepath + strlen(sharepath) + 1;
2278 sp_len = strlen(sharepath);
2280 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2281 "dev %x, inode %.0f\n",
2282 sharepath, newname, (unsigned int)dev, (double)inode ));
2284 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2285 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2286 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2287 fsp->fnum, fsp->fsp_name, newname ));
2288 string_set(&fsp->fsp_name, newname);
2291 /* Now we have the complete path we can work out if this is
2292 actually within this share and adjust newname accordingly. */
2293 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2294 "not sharepath %s) "
2295 "fnum %d from %s -> %s\n",
2296 fsp->conn->connectpath,