2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern BOOL global_client_failed_oplock_break;
30 struct deferred_open_record {
31 BOOL delayed_for_oplocks;
35 /****************************************************************************
36 fd support routines - attempt to do a dos_open.
37 ****************************************************************************/
39 static NTSTATUS fd_open(struct connection_struct *conn,
45 NTSTATUS status = NT_STATUS_OK;
49 * Never follow symlinks on a POSIX client. The
50 * client should be doing this.
53 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
58 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
59 if (fsp->fh->fd == -1) {
60 status = map_nt_error_from_unix(errno);
63 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
64 fname, flags, (int)mode, fsp->fh->fd,
65 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
70 /****************************************************************************
71 Close the file associated with a fsp.
72 ****************************************************************************/
74 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
76 if (fsp->fh->fd == -1) {
77 return NT_STATUS_OK; /* What we used to call a stat open. */
79 if (fsp->fh->ref_count > 1) {
80 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
82 return fd_close_posix(conn, fsp);
85 /****************************************************************************
86 Change the ownership of a file to that of the parent directory.
87 Do this by fd if possible.
88 ****************************************************************************/
90 static void change_file_owner_to_parent(connection_struct *conn,
91 const char *inherit_from_dir,
94 SMB_STRUCT_STAT parent_st;
97 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
99 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
100 "directory %s. Error was %s\n",
101 inherit_from_dir, strerror(errno) ));
106 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
109 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
110 "file %s to parent directory uid %u. Error "
111 "was %s\n", fsp->fsp_name,
112 (unsigned int)parent_st.st_uid,
116 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
117 "parent directory uid %u.\n", fsp->fsp_name,
118 (unsigned int)parent_st.st_uid ));
121 static void change_dir_owner_to_parent(connection_struct *conn,
122 const char *inherit_from_dir,
124 SMB_STRUCT_STAT *psbuf)
127 SMB_STRUCT_STAT sbuf;
128 SMB_STRUCT_STAT parent_st;
131 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
133 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
134 "directory %s. Error was %s\n",
135 inherit_from_dir, strerror(errno) ));
139 /* We've already done an lstat into psbuf, and we know it's a
140 directory. If we can cd into the directory and the dev/ino
141 are the same then we can safely chown without races as
142 we're locking the directory in place by being in it. This
143 should work on any UNIX (thanks tridge :-). JRA.
146 if (!vfs_GetWd(conn,saved_dir)) {
147 DEBUG(0,("change_dir_owner_to_parent: failed to get "
148 "current working directory\n"));
152 /* Chdir into the new path. */
153 if (vfs_ChDir(conn, fname) == -1) {
154 DEBUG(0,("change_dir_owner_to_parent: failed to change "
155 "current working directory to %s. Error "
156 "was %s\n", fname, strerror(errno) ));
160 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
161 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
162 "directory '.' (%s) Error was %s\n",
163 fname, strerror(errno)));
167 /* Ensure we're pointing at the same place. */
168 if (sbuf.st_dev != psbuf->st_dev ||
169 sbuf.st_ino != psbuf->st_ino ||
170 sbuf.st_mode != psbuf->st_mode ) {
171 DEBUG(0,("change_dir_owner_to_parent: "
172 "device/inode/mode on directory %s changed. "
173 "Refusing to chown !\n", fname ));
178 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
181 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
182 "directory %s to parent directory uid %u. "
183 "Error was %s\n", fname,
184 (unsigned int)parent_st.st_uid, strerror(errno) ));
188 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
189 "directory %s to parent directory uid %u.\n",
190 fname, (unsigned int)parent_st.st_uid ));
194 vfs_ChDir(conn,saved_dir);
197 /****************************************************************************
199 ****************************************************************************/
201 static NTSTATUS open_file(files_struct *fsp,
202 connection_struct *conn,
203 struct smb_request *req,
204 const char *parent_dir,
207 SMB_STRUCT_STAT *psbuf,
210 uint32 access_mask, /* client requested access mask. */
211 uint32 open_access_mask) /* what we're actually using in the open. */
213 NTSTATUS status = NT_STATUS_OK;
214 int accmode = (flags & O_ACCMODE);
215 int local_flags = flags;
216 BOOL file_existed = VALID_STAT(*psbuf);
221 /* Check permissions */
224 * This code was changed after seeing a client open request
225 * containing the open mode of (DENY_WRITE/read-only) with
226 * the 'create if not exist' bit set. The previous code
227 * would fail to open the file read only on a read-only share
228 * as it was checking the flags parameter directly against O_RDONLY,
229 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
233 if (!CAN_WRITE(conn)) {
234 /* It's a read-only share - fail if we wanted to write. */
235 if(accmode != O_RDONLY) {
236 DEBUG(3,("Permission denied opening %s\n", path));
237 return NT_STATUS_ACCESS_DENIED;
238 } else if(flags & O_CREAT) {
239 /* We don't want to write - but we must make sure that
240 O_CREAT doesn't create the file if we have write
241 access into the directory.
244 local_flags &= ~O_CREAT;
249 * This little piece of insanity is inspired by the
250 * fact that an NT client can open a file for O_RDONLY,
251 * but set the create disposition to FILE_EXISTS_TRUNCATE.
252 * If the client *can* write to the file, then it expects to
253 * truncate the file, even though it is opening for readonly.
254 * Quicken uses this stupid trick in backup file creation...
255 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
256 * for helping track this one down. It didn't bite us in 2.0.x
257 * as we always opened files read-write in that release. JRA.
260 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
261 DEBUG(10,("open_file: truncate requested on read-only open "
262 "for file %s\n", path));
263 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
266 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
267 (!file_existed && (local_flags & O_CREAT)) ||
268 ((local_flags & O_TRUNC) == O_TRUNC) ) {
271 * We can't actually truncate here as the file may be locked.
272 * open_file_ntcreate will take care of the truncate later. JRA.
275 local_flags &= ~O_TRUNC;
277 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
279 * We would block on opening a FIFO with no one else on the
280 * other end. Do what we used to do and add O_NONBLOCK to the
284 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
285 local_flags |= O_NONBLOCK;
289 /* Don't create files with Microsoft wildcard characters. */
290 if ((local_flags & O_CREAT) && !file_existed &&
292 return NT_STATUS_OBJECT_NAME_INVALID;
295 /* Actually do the open */
296 status = fd_open(conn, path, fsp, local_flags, unx_mode);
297 if (!NT_STATUS_IS_OK(status)) {
298 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
300 path,nt_errstr(status),local_flags,flags));
304 if ((local_flags & O_CREAT) && !file_existed) {
306 /* Inherit the ACL if required */
307 if (lp_inherit_perms(SNUM(conn))) {
308 inherit_access_acl(conn, parent_dir, path,
312 /* Change the owner if required. */
313 if (lp_inherit_owner(SNUM(conn))) {
314 change_file_owner_to_parent(conn, parent_dir,
318 notify_fname(conn, NOTIFY_ACTION_ADDED,
319 FILE_NOTIFY_CHANGE_FILE_NAME, path);
323 fsp->fh->fd = -1; /* What we used to call a stat open. */
329 if (fsp->fh->fd == -1) {
330 ret = SMB_VFS_STAT(conn, path, psbuf);
332 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
333 /* If we have an fd, this stat should succeed. */
335 DEBUG(0,("Error doing fstat on open file %s "
336 "(%s)\n", path,strerror(errno) ));
340 /* For a non-io open, this stat failing means file not found. JRA */
342 status = map_nt_error_from_unix(errno);
349 * POSIX allows read-only opens of directories. We don't
350 * want to do this (we use a different code path for this)
351 * so catch a directory open and return an EISDIR. JRA.
354 if(S_ISDIR(psbuf->st_mode)) {
357 return NT_STATUS_FILE_IS_A_DIRECTORY;
360 fsp->mode = psbuf->st_mode;
361 fsp->file_id = file_id_sbuf(psbuf);
362 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
363 fsp->file_pid = req ? req->smbpid : 0;
364 fsp->can_lock = True;
365 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
366 if (!CAN_WRITE(conn)) {
367 fsp->can_write = False;
369 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
372 fsp->print_file = False;
373 fsp->modified = False;
374 fsp->sent_oplock_break = NO_BREAK_SENT;
375 fsp->is_directory = False;
376 fsp->is_stat = False;
378 string_set(&fsp->fsp_name, path);
379 fsp->wcp = NULL; /* Write cache pointer. */
381 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
382 *current_user_info.smb_name ?
383 current_user_info.smb_name : conn->user,fsp->fsp_name,
384 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
385 conn->num_files_open + 1));
391 /*******************************************************************
392 Return True if the filename is one of the special executable types.
393 ********************************************************************/
395 static BOOL is_executable(const char *fname)
397 if ((fname = strrchr_m(fname,'.'))) {
398 if (strequal(fname,".com") ||
399 strequal(fname,".dll") ||
400 strequal(fname,".exe") ||
401 strequal(fname,".sym")) {
408 /****************************************************************************
409 Check if we can open a file with a share mode.
410 Returns True if conflict, False if not.
411 ****************************************************************************/
413 static BOOL share_conflict(struct share_mode_entry *entry,
417 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
418 "entry->share_access = 0x%x, "
419 "entry->private_options = 0x%x\n",
420 (unsigned int)entry->access_mask,
421 (unsigned int)entry->share_access,
422 (unsigned int)entry->private_options));
424 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
425 (unsigned int)access_mask, (unsigned int)share_access));
427 if ((entry->access_mask & (FILE_WRITE_DATA|
431 DELETE_ACCESS)) == 0) {
432 DEBUG(10,("share_conflict: No conflict due to "
433 "entry->access_mask = 0x%x\n",
434 (unsigned int)entry->access_mask ));
438 if ((access_mask & (FILE_WRITE_DATA|
442 DELETE_ACCESS)) == 0) {
443 DEBUG(10,("share_conflict: No conflict due to "
444 "access_mask = 0x%x\n",
445 (unsigned int)access_mask ));
449 #if 1 /* JRA TEST - Superdebug. */
450 #define CHECK_MASK(num, am, right, sa, share) \
451 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
452 (unsigned int)(num), (unsigned int)(am), \
453 (unsigned int)(right), (unsigned int)(am)&(right) )); \
454 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
455 (unsigned int)(num), (unsigned int)(sa), \
456 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
457 if (((am) & (right)) && !((sa) & (share))) { \
458 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
459 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
460 (unsigned int)(share) )); \
464 #define CHECK_MASK(num, am, right, sa, share) \
465 if (((am) & (right)) && !((sa) & (share))) { \
466 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
467 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
468 (unsigned int)(share) )); \
473 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
474 share_access, FILE_SHARE_WRITE);
475 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
476 entry->share_access, FILE_SHARE_WRITE);
478 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
479 share_access, FILE_SHARE_READ);
480 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
481 entry->share_access, FILE_SHARE_READ);
483 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
484 share_access, FILE_SHARE_DELETE);
485 CHECK_MASK(6, access_mask, DELETE_ACCESS,
486 entry->share_access, FILE_SHARE_DELETE);
488 DEBUG(10,("share_conflict: No conflict.\n"));
492 #if defined(DEVELOPER)
493 static void validate_my_share_entries(int num,
494 struct share_mode_entry *share_entry)
498 if (!procid_is_me(&share_entry->pid)) {
502 if (is_deferred_open_entry(share_entry) &&
503 !open_was_deferred(share_entry->op_mid)) {
505 pstr_sprintf(str, "Got a deferred entry without a request: "
506 "PANIC: %s\n", share_mode_str(num, share_entry));
510 if (!is_valid_share_mode_entry(share_entry)) {
514 fsp = file_find_dif(share_entry->id,
515 share_entry->share_file_id);
517 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
518 share_mode_str(num, share_entry) ));
519 smb_panic("validate_my_share_entries: Cannot match a "
520 "share entry with an open file\n");
523 if (is_deferred_open_entry(share_entry) ||
524 is_unused_share_mode_entry(share_entry)) {
528 if ((share_entry->op_type == NO_OPLOCK) &&
529 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
530 /* Someone has already written to it, but I haven't yet
535 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
544 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
545 share_mode_str(num, share_entry) ));
546 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
547 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
548 fsp->fsp_name, (unsigned int)fsp->oplock_type,
549 (unsigned int)share_entry->op_type );
555 static BOOL is_stat_open(uint32 access_mask)
557 return (access_mask &&
558 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
559 FILE_WRITE_ATTRIBUTES))==0) &&
560 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
561 FILE_WRITE_ATTRIBUTES)) != 0));
564 /****************************************************************************
565 Deal with share modes
566 Invarient: Share mode must be locked on entry and exit.
567 Returns -1 on error, or number of share modes on success (may be zero).
568 ****************************************************************************/
570 static NTSTATUS open_mode_check(connection_struct *conn,
572 struct share_mode_lock *lck,
575 uint32 create_options,
580 if(lck->num_share_modes == 0) {
584 *file_existed = True;
586 if (is_stat_open(access_mask)) {
587 /* Stat open that doesn't trigger oplock breaks or share mode
588 * checks... ! JRA. */
592 /* A delete on close prohibits everything */
594 if (lck->delete_on_close) {
595 return NT_STATUS_DELETE_PENDING;
599 * Check if the share modes will give us access.
602 #if defined(DEVELOPER)
603 for(i = 0; i < lck->num_share_modes; i++) {
604 validate_my_share_entries(i, &lck->share_modes[i]);
608 if (!lp_share_modes(SNUM(conn))) {
612 /* Now we check the share modes, after any oplock breaks. */
613 for(i = 0; i < lck->num_share_modes; i++) {
615 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
619 /* someone else has a share lock on it, check to see if we can
621 if (share_conflict(&lck->share_modes[i],
622 access_mask, share_access)) {
623 return NT_STATUS_SHARING_VIOLATION;
630 static BOOL is_delete_request(files_struct *fsp) {
631 return ((fsp->access_mask == DELETE_ACCESS) &&
632 (fsp->oplock_type == NO_OPLOCK));
636 * 1) No files open at all or internal open: Grant whatever the client wants.
638 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
639 * request, break if the oplock around is a batch oplock. If it's another
640 * requested access type, break.
642 * 3) Only level2 around: Grant level2 and do nothing else.
645 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
652 struct share_mode_entry *exclusive = NULL;
653 BOOL valid_entry = False;
654 BOOL delay_it = False;
655 BOOL have_level2 = False;
657 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
659 if (oplock_request & INTERNAL_OPEN_ONLY) {
660 fsp->oplock_type = NO_OPLOCK;
663 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
667 for (i=0; i<lck->num_share_modes; i++) {
669 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
673 /* At least one entry is not an invalid or deferred entry. */
676 if (pass_number == 1) {
677 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
678 SMB_ASSERT(exclusive == NULL);
679 exclusive = &lck->share_modes[i];
682 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
683 SMB_ASSERT(exclusive == NULL);
684 exclusive = &lck->share_modes[i];
688 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
689 SMB_ASSERT(exclusive == NULL);
695 /* All entries are placeholders or deferred.
696 * Directly grant whatever the client wants. */
697 if (fsp->oplock_type == NO_OPLOCK) {
698 /* Store a level2 oplock, but don't tell the client */
699 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
704 if (exclusive != NULL) { /* Found an exclusive oplock */
705 SMB_ASSERT(!have_level2);
706 delay_it = is_delete_request(fsp) ?
707 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
710 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
711 /* We can at most grant level2 as there are other
712 * level2 or NO_OPLOCK entries. */
713 fsp->oplock_type = LEVEL_II_OPLOCK;
716 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
717 /* Store a level2 oplock, but don't tell the client */
718 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
726 * Send a break message to the oplock holder and delay the open for
730 DEBUG(10, ("Sending break request to PID %s\n",
731 procid_str_static(&exclusive->pid)));
732 exclusive->op_mid = mid;
734 /* Create the message. */
735 share_mode_entry_to_message(msg, exclusive);
737 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
738 don't want this set in the share mode struct pointed to by lck. */
740 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
741 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
744 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
745 MSG_SMB_BREAK_REQUEST,
747 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
748 if (!NT_STATUS_IS_OK(status)) {
749 DEBUG(3, ("Could not send oplock break message: %s\n",
756 static BOOL request_timed_out(struct timeval request_time,
757 struct timeval timeout)
759 struct timeval now, end_time;
761 end_time = timeval_sum(&request_time, &timeout);
762 return (timeval_compare(&end_time, &now) < 0);
765 /****************************************************************************
766 Handle the 1 second delay in returning a SHARING_VIOLATION error.
767 ****************************************************************************/
769 static void defer_open(struct share_mode_lock *lck,
770 struct timeval request_time,
771 struct timeval timeout,
773 struct deferred_open_record *state)
779 for (i=0; i<lck->num_share_modes; i++) {
780 struct share_mode_entry *e = &lck->share_modes[i];
782 if (!is_deferred_open_entry(e)) {
786 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
787 DEBUG(0, ("Trying to defer an already deferred "
788 "request: mid=%d, exiting\n", mid));
789 exit_server("attempt to defer a deferred request");
793 /* End paranoia check */
795 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
796 "open entry for mid %u\n",
797 (unsigned int)request_time.tv_sec,
798 (unsigned int)request_time.tv_usec,
801 if (!push_deferred_smb_message(mid, request_time, timeout,
802 (char *)state, sizeof(*state))) {
803 exit_server("push_deferred_smb_message failed");
805 add_deferred_open(lck, mid, request_time, state->id);
808 * Push the MID of this packet on the signing queue.
809 * We only do this once, the first time we push the packet
810 * onto the deferred open queue, as this has a side effect
811 * of incrementing the response sequence number.
814 srv_defer_sign_response(mid);
818 /****************************************************************************
819 On overwrite open ensure that the attributes match.
820 ****************************************************************************/
822 static BOOL open_match_attributes(connection_struct *conn,
826 mode_t existing_unx_mode,
828 mode_t *returned_unx_mode)
830 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
832 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
833 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
835 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
836 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
837 *returned_unx_mode = new_unx_mode;
839 *returned_unx_mode = (mode_t)0;
842 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
843 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
844 "returned_unx_mode = 0%o\n",
846 (unsigned int)old_dos_attr,
847 (unsigned int)existing_unx_mode,
848 (unsigned int)new_dos_attr,
849 (unsigned int)*returned_unx_mode ));
851 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
852 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
853 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
854 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
858 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
859 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
860 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
867 /****************************************************************************
868 Special FCB or DOS processing in the case of a sharing violation.
869 Try and find a duplicated file handle.
870 ****************************************************************************/
872 static files_struct *fcb_or_dos_open(connection_struct *conn,
879 uint32 create_options)
882 files_struct *dup_fsp;
884 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
885 "file %s.\n", fname ));
887 for(fsp = file_find_di_first(id); fsp;
888 fsp = file_find_di_next(fsp)) {
890 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
891 "vuid = %u, file_pid = %u, private_options = 0x%x "
892 "access_mask = 0x%x\n", fsp->fsp_name,
893 fsp->fh->fd, (unsigned int)fsp->vuid,
894 (unsigned int)fsp->file_pid,
895 (unsigned int)fsp->fh->private_options,
896 (unsigned int)fsp->access_mask ));
898 if (fsp->fh->fd != -1 &&
900 fsp->file_pid == file_pid &&
901 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
902 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
903 (fsp->access_mask & FILE_WRITE_DATA) &&
904 strequal(fsp->fsp_name, fname)) {
905 DEBUG(10,("fcb_or_dos_open: file match\n"));
914 /* quite an insane set of semantics ... */
915 if (is_executable(fname) &&
916 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
917 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
921 /* We need to duplicate this fsp. */
922 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
923 create_options, &dup_fsp))) {
930 /****************************************************************************
931 Open a file with a share mode - old openX method - map into NTCreate.
932 ****************************************************************************/
934 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
935 uint32 *paccess_mask,
937 uint32 *pcreate_disposition,
938 uint32 *pcreate_options)
942 uint32 create_disposition;
943 uint32 create_options = 0;
945 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
946 "open_func = 0x%x\n",
947 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
949 /* Create the NT compatible access_mask. */
950 switch (GET_OPENX_MODE(deny_mode)) {
951 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
952 case DOS_OPEN_RDONLY:
953 access_mask = FILE_GENERIC_READ;
955 case DOS_OPEN_WRONLY:
956 access_mask = FILE_GENERIC_WRITE;
960 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
963 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
964 (unsigned int)GET_OPENX_MODE(deny_mode)));
968 /* Create the NT compatible create_disposition. */
970 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
971 create_disposition = FILE_CREATE;
974 case OPENX_FILE_EXISTS_OPEN:
975 create_disposition = FILE_OPEN;
978 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
979 create_disposition = FILE_OPEN_IF;
982 case OPENX_FILE_EXISTS_TRUNCATE:
983 create_disposition = FILE_OVERWRITE;
986 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
987 create_disposition = FILE_OVERWRITE_IF;
991 /* From samba4 - to be confirmed. */
992 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
993 create_disposition = FILE_CREATE;
996 DEBUG(10,("map_open_params_to_ntcreate: bad "
997 "open_func 0x%x\n", (unsigned int)open_func));
1001 /* Create the NT compatible share modes. */
1002 switch (GET_DENY_MODE(deny_mode)) {
1004 share_mode = FILE_SHARE_NONE;
1008 share_mode = FILE_SHARE_READ;
1012 share_mode = FILE_SHARE_WRITE;
1016 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1020 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1021 if (is_executable(fname)) {
1022 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1024 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1025 share_mode = FILE_SHARE_READ;
1027 share_mode = FILE_SHARE_NONE;
1033 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1034 share_mode = FILE_SHARE_NONE;
1038 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1039 (unsigned int)GET_DENY_MODE(deny_mode) ));
1043 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1044 "share_mode = 0x%x, create_disposition = 0x%x, "
1045 "create_options = 0x%x\n",
1047 (unsigned int)access_mask,
1048 (unsigned int)share_mode,
1049 (unsigned int)create_disposition,
1050 (unsigned int)create_options ));
1053 *paccess_mask = access_mask;
1056 *pshare_mode = share_mode;
1058 if (pcreate_disposition) {
1059 *pcreate_disposition = create_disposition;
1061 if (pcreate_options) {
1062 *pcreate_options = create_options;
1069 static void schedule_defer_open(struct share_mode_lock *lck,
1070 struct timeval request_time,
1073 struct deferred_open_record state;
1075 /* This is a relative time, added to the absolute
1076 request_time value to get the absolute timeout time.
1077 Note that if this is the second or greater time we enter
1078 this codepath for this particular request mid then
1079 request_time is left as the absolute time of the *first*
1080 time this request mid was processed. This is what allows
1081 the request to eventually time out. */
1083 struct timeval timeout;
1085 /* Normally the smbd we asked should respond within
1086 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1087 * the client did, give twice the timeout as a safety
1088 * measure here in case the other smbd is stuck
1089 * somewhere else. */
1091 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1093 /* Nothing actually uses state.delayed_for_oplocks
1094 but it's handy to differentiate in debug messages
1095 between a 30 second delay due to oplock break, and
1096 a 1 second delay for share mode conflicts. */
1098 state.delayed_for_oplocks = True;
1101 if (!request_timed_out(request_time, timeout)) {
1102 defer_open(lck, request_time, timeout, mid, &state);
1106 /****************************************************************************
1107 Open a file with a share mode.
1108 ****************************************************************************/
1110 NTSTATUS open_file_ntcreate(connection_struct *conn,
1111 struct smb_request *req,
1113 SMB_STRUCT_STAT *psbuf,
1114 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1115 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1116 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1117 uint32 create_options, /* options such as delete on close. */
1118 uint32 new_dos_attributes, /* attributes used for new file. */
1119 int oplock_request, /* internal Samba oplock codes. */
1120 /* Information (FILE_EXISTS etc.) */
1122 files_struct **result)
1126 BOOL file_existed = VALID_STAT(*psbuf);
1127 BOOL def_acl = False;
1128 BOOL posix_open = False;
1129 BOOL new_file_created = False;
1131 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1132 files_struct *fsp = NULL;
1133 mode_t new_unx_mode = (mode_t)0;
1134 mode_t unx_mode = (mode_t)0;
1136 uint32 existing_dos_attributes = 0;
1137 struct pending_message_list *pml = NULL;
1138 struct timeval request_time = timeval_zero();
1139 struct share_mode_lock *lck = NULL;
1140 uint32 open_access_mask = access_mask;
1144 const char *newname;
1148 if (conn->printer) {
1150 * Printers are handled completely differently.
1151 * Most of the passed parameters are ignored.
1155 *pinfo = FILE_WAS_CREATED;
1158 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1160 return print_fsp_open(conn, fname, result);
1163 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1165 return NT_STATUS_NO_MEMORY;
1168 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1170 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1171 new_dos_attributes = 0;
1173 /* We add aARCH to this as this mode is only used if the file is
1175 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1179 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1180 "access_mask=0x%x share_access=0x%x "
1181 "create_disposition = 0x%x create_options=0x%x "
1182 "unix mode=0%o oplock_request=%d\n",
1183 fname, new_dos_attributes, access_mask, share_access,
1184 create_disposition, create_options, unx_mode,
1187 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1188 DEBUG(0, ("No smb request but not an internal only open!\n"));
1189 return NT_STATUS_INTERNAL_ERROR;
1193 * Only non-internal opens can be deferred at all
1197 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1198 struct deferred_open_record *state =
1199 (struct deferred_open_record *)pml->private_data.data;
1201 /* Remember the absolute time of the original
1202 request with this mid. We'll use it later to
1203 see if this has timed out. */
1205 request_time = pml->request_time;
1207 /* Remove the deferred open entry under lock. */
1208 lck = get_share_mode_lock(NULL, state->id, NULL, NULL);
1210 DEBUG(0, ("could not get share mode lock\n"));
1212 del_deferred_open_entry(lck, req->mid);
1216 /* Ensure we don't reprocess this message. */
1217 remove_deferred_open_smb_message(req->mid);
1220 status = check_name(conn, fname);
1221 if (!NT_STATUS_IS_OK(status)) {
1226 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1228 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1232 /* ignore any oplock requests if oplocks are disabled */
1233 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1234 IS_VETO_OPLOCK_PATH(conn, fname)) {
1235 /* Mask off everything except the private Samba bits. */
1236 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1239 /* this is for OS/2 long file names - say we don't support them */
1240 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1241 /* OS/2 Workplace shell fix may be main code stream in a later
1243 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1245 if (use_nt_status()) {
1246 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1248 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1251 switch( create_disposition ) {
1253 * Currently we're using FILE_SUPERSEDE as the same as
1254 * FILE_OVERWRITE_IF but they really are
1255 * different. FILE_SUPERSEDE deletes an existing file
1256 * (requiring delete access) then recreates it.
1258 case FILE_SUPERSEDE:
1259 /* If file exists replace/overwrite. If file doesn't
1261 flags2 |= (O_CREAT | O_TRUNC);
1264 case FILE_OVERWRITE_IF:
1265 /* If file exists replace/overwrite. If file doesn't
1267 flags2 |= (O_CREAT | O_TRUNC);
1271 /* If file exists open. If file doesn't exist error. */
1272 if (!file_existed) {
1273 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1274 "requested for file %s and file "
1275 "doesn't exist.\n", fname ));
1277 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1281 case FILE_OVERWRITE:
1282 /* If file exists overwrite. If file doesn't exist
1284 if (!file_existed) {
1285 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1286 "requested for file %s and file "
1287 "doesn't exist.\n", fname ));
1289 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1295 /* If file exists error. If file doesn't exist
1298 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1299 "requested for file %s and file "
1300 "already exists.\n", fname ));
1301 if (S_ISDIR(psbuf->st_mode)) {
1306 return map_nt_error_from_unix(errno);
1308 flags2 |= (O_CREAT|O_EXCL);
1312 /* If file exists open. If file doesn't exist
1318 return NT_STATUS_INVALID_PARAMETER;
1321 /* We only care about matching attributes on file exists and
1324 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1325 (create_disposition == FILE_OVERWRITE_IF))) {
1326 if (!open_match_attributes(conn, fname,
1327 existing_dos_attributes,
1328 new_dos_attributes, psbuf->st_mode,
1329 unx_mode, &new_unx_mode)) {
1330 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1331 "for file %s (%x %x) (0%o, 0%o)\n",
1332 fname, existing_dos_attributes,
1334 (unsigned int)psbuf->st_mode,
1335 (unsigned int)unx_mode ));
1337 return NT_STATUS_ACCESS_DENIED;
1341 /* This is a nasty hack - must fix... JRA. */
1342 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1343 open_access_mask = access_mask = FILE_GENERIC_ALL;
1347 * Convert GENERIC bits to specific bits.
1350 se_map_generic(&access_mask, &file_generic_mapping);
1351 open_access_mask = access_mask;
1353 if (flags2 & O_TRUNC) {
1354 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1357 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1358 "access_mask=0x%x\n", fname, access_mask ));
1361 * Note that we ignore the append flag as append does not
1362 * mean the same thing under DOS and Unix.
1365 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1366 /* DENY_DOS opens are always underlying read-write on the
1367 file handle, no matter what the requested access mask
1369 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1370 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1380 * Currently we only look at FILE_WRITE_THROUGH for create options.
1384 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1389 if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1393 if (!posix_open && !CAN_WRITE(conn)) {
1395 * We should really return a permission denied error if either
1396 * O_CREAT or O_TRUNC are set, but for compatibility with
1397 * older versions of Samba we just AND them out.
1399 flags2 &= ~(O_CREAT|O_TRUNC);
1403 * Ensure we can't write on a read-only share or file.
1406 if (flags != O_RDONLY && file_existed &&
1407 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1408 DEBUG(5,("open_file_ntcreate: write access requested for "
1409 "file %s on read only %s\n",
1410 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1412 return NT_STATUS_ACCESS_DENIED;
1415 status = file_new(conn, &fsp);
1416 if(!NT_STATUS_IS_OK(status)) {
1420 fsp->file_id = file_id_sbuf(psbuf);
1421 fsp->share_access = share_access;
1422 fsp->fh->private_options = create_options;
1423 fsp->access_mask = open_access_mask; /* We change this to the
1424 * requested access_mask after
1425 * the open is done. */
1426 fsp->posix_open = posix_open;
1428 /* Ensure no SAMBA_PRIVATE bits can be set. */
1429 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1431 if (timeval_is_zero(&request_time)) {
1432 request_time = fsp->open_time;
1436 id = file_id_sbuf(psbuf);
1438 lck = get_share_mode_lock(NULL, id,
1444 DEBUG(0, ("Could not get share mode lock\n"));
1445 return NT_STATUS_SHARING_VIOLATION;
1448 /* First pass - send break only on batch oplocks. */
1450 && delay_for_oplocks(lck, fsp, req->mid, 1,
1452 schedule_defer_open(lck, request_time, req->mid);
1455 return NT_STATUS_SHARING_VIOLATION;
1458 /* Use the client requested access mask here, not the one we
1460 status = open_mode_check(conn, fname, lck,
1461 access_mask, share_access,
1462 create_options, &file_existed);
1464 if (NT_STATUS_IS_OK(status)) {
1465 /* We might be going to allow this open. Check oplock
1467 /* Second pass - send break for both batch or
1468 * exclusive oplocks. */
1470 && delay_for_oplocks(lck, fsp, req->mid, 2,
1472 schedule_defer_open(lck, request_time,
1476 return NT_STATUS_SHARING_VIOLATION;
1480 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1481 /* DELETE_PENDING is not deferred for a second */
1487 if (!NT_STATUS_IS_OK(status)) {
1488 uint32 can_access_mask;
1489 BOOL can_access = True;
1491 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1493 /* Check if this can be done with the deny_dos and fcb
1495 if (create_options &
1496 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1497 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1498 files_struct *fsp_dup;
1501 DEBUG(0, ("DOS open without an SMB "
1505 return NT_STATUS_INTERNAL_ERROR;
1508 /* Use the client requested access mask here,
1509 * not the one we open with. */
1510 fsp_dup = fcb_or_dos_open(conn, fname, id,
1521 *pinfo = FILE_WAS_OPENED;
1523 conn->num_files_open++;
1525 return NT_STATUS_OK;
1530 * This next line is a subtlety we need for
1531 * MS-Access. If a file open will fail due to share
1532 * permissions and also for security (access) reasons,
1533 * we need to return the access failed error, not the
1534 * share error. We can't open the file due to kernel
1535 * oplock deadlock (it's possible we failed above on
1536 * the open_mode_check()) so use a userspace check.
1539 if (flags & O_RDWR) {
1540 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1541 } else if (flags & O_WRONLY) {
1542 can_access_mask = FILE_WRITE_DATA;
1544 can_access_mask = FILE_READ_DATA;
1547 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1548 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1553 * If we're returning a share violation, ensure we
1554 * cope with the braindead 1 second delay.
1557 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1558 lp_defer_sharing_violations()) {
1559 struct timeval timeout;
1560 struct deferred_open_record state;
1563 /* this is a hack to speed up torture tests
1565 timeout_usecs = lp_parm_int(SNUM(conn),
1566 "smbd","sharedelay",
1567 SHARING_VIOLATION_USEC_WAIT);
1569 /* This is a relative time, added to the absolute
1570 request_time value to get the absolute timeout time.
1571 Note that if this is the second or greater time we enter
1572 this codepath for this particular request mid then
1573 request_time is left as the absolute time of the *first*
1574 time this request mid was processed. This is what allows
1575 the request to eventually time out. */
1577 timeout = timeval_set(0, timeout_usecs);
1579 /* Nothing actually uses state.delayed_for_oplocks
1580 but it's handy to differentiate in debug messages
1581 between a 30 second delay due to oplock break, and
1582 a 1 second delay for share mode conflicts. */
1584 state.delayed_for_oplocks = False;
1588 && !request_timed_out(request_time,
1590 defer_open(lck, request_time, timeout,
1598 * We have detected a sharing violation here
1599 * so return the correct error code
1601 status = NT_STATUS_SHARING_VIOLATION;
1603 status = NT_STATUS_ACCESS_DENIED;
1610 * We exit this block with the share entry *locked*.....
1614 SMB_ASSERT(!file_existed || (lck != NULL));
1617 * Ensure we pay attention to default ACLs on directories if required.
1620 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1621 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1625 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1626 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1627 (unsigned int)flags, (unsigned int)flags2,
1628 (unsigned int)unx_mode, (unsigned int)access_mask,
1629 (unsigned int)open_access_mask));
1632 * open_file strips any O_TRUNC flags itself.
1635 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1636 flags|flags2, unx_mode, access_mask,
1639 if (!NT_STATUS_IS_OK(fsp_open)) {
1647 if (!file_existed) {
1650 * Deal with the race condition where two smbd's detect the
1651 * file doesn't exist and do the create at the same time. One
1652 * of them will win and set a share mode, the other (ie. this
1653 * one) should check if the requested share mode for this
1654 * create is allowed.
1658 * Now the file exists and fsp is successfully opened,
1659 * fsp->dev and fsp->inode are valid and should replace the
1660 * dev=0,inode=0 from a non existent file. Spotted by
1661 * Nadav Danieli <nadavd@exanet.com>. JRA.
1666 lck = get_share_mode_lock(NULL, id,
1671 DEBUG(0, ("open_file_ntcreate: Could not get share "
1672 "mode lock for %s\n", fname));
1673 fd_close(conn, fsp);
1675 return NT_STATUS_SHARING_VIOLATION;
1678 /* First pass - send break only on batch oplocks. */
1680 && delay_for_oplocks(lck, fsp, req->mid, 1,
1682 schedule_defer_open(lck, request_time, req->mid);
1684 fd_close(conn, fsp);
1686 return NT_STATUS_SHARING_VIOLATION;
1689 status = open_mode_check(conn, fname, lck,
1690 access_mask, share_access,
1691 create_options, &file_existed);
1693 if (NT_STATUS_IS_OK(status)) {
1694 /* We might be going to allow this open. Check oplock
1696 /* Second pass - send break for both batch or
1697 * exclusive oplocks. */
1699 && delay_for_oplocks(lck, fsp, req->mid, 2,
1701 schedule_defer_open(lck, request_time,
1704 fd_close(conn, fsp);
1706 return NT_STATUS_SHARING_VIOLATION;
1710 if (!NT_STATUS_IS_OK(status)) {
1711 struct deferred_open_record state;
1713 fd_close(conn, fsp);
1716 state.delayed_for_oplocks = False;
1719 /* Do it all over again immediately. In the second
1720 * round we will find that the file existed and handle
1721 * the DELETE_PENDING and FCB cases correctly. No need
1722 * to duplicate the code here. Essentially this is a
1723 * "goto top of this function", but don't tell
1727 defer_open(lck, request_time, timeval_zero(),
1735 * We exit this block with the share entry *locked*.....
1740 SMB_ASSERT(lck != NULL);
1742 /* note that we ignore failure for the following. It is
1743 basically a hack for NFS, and NFS will never set one of
1744 these only read them. Nobody but Samba can ever set a deny
1745 mode and we have already checked our more authoritative
1746 locking database for permission to set this deny mode. If
1747 the kernel refuses the operations then the kernel is wrong.
1748 note that GPFS supports it as well - jmcd */
1750 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1751 if(ret_flock == -1 ){
1754 fd_close(conn, fsp);
1757 return NT_STATUS_SHARING_VIOLATION;
1761 * At this point onwards, we can guarentee that the share entry
1762 * is locked, whether we created the file or not, and that the
1763 * deny mode is compatible with all current opens.
1767 * If requested, truncate the file.
1770 if (flags2&O_TRUNC) {
1772 * We are modifing the file after open - update the stat
1775 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1776 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1777 status = map_nt_error_from_unix(errno);
1785 /* Record the options we were opened with. */
1786 fsp->share_access = share_access;
1787 fsp->fh->private_options = create_options;
1788 fsp->access_mask = access_mask;
1791 /* stat opens on existing files don't get oplocks. */
1792 if (is_stat_open(open_access_mask)) {
1793 fsp->oplock_type = NO_OPLOCK;
1796 if (!(flags2 & O_TRUNC)) {
1797 info = FILE_WAS_OPENED;
1799 info = FILE_WAS_OVERWRITTEN;
1802 info = FILE_WAS_CREATED;
1810 * Setup the oplock info in both the shared memory and
1814 if ((fsp->oplock_type != NO_OPLOCK) &&
1815 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1816 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1817 /* Could not get the kernel oplock */
1818 fsp->oplock_type = NO_OPLOCK;
1822 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
1823 new_file_created = True;
1826 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created);
1828 /* Handle strange delete on close create semantics. */
1829 if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) {
1830 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1832 if (!NT_STATUS_IS_OK(status)) {
1833 /* Remember to delete the mode we just added. */
1834 del_share_mode(lck, fsp);
1840 /* Note that here we set the *inital* delete on close flag,
1841 not the regular one. The magic gets handled in close. */
1842 fsp->initial_delete_on_close = True;
1845 if (new_file_created) {
1846 /* Files should be initially set as archive */
1847 if (lp_map_archive(SNUM(conn)) ||
1848 lp_store_dos_attributes(SNUM(conn))) {
1850 file_set_dosmode(conn, fname,
1851 new_dos_attributes | aARCH, NULL,
1858 * Take care of inherited ACLs on created files - if default ACL not
1862 if (!posix_open && !file_existed && !def_acl) {
1864 int saved_errno = errno; /* We might get ENOSYS in the next
1867 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1869 errno = saved_errno; /* Ignore ENOSYS */
1872 } else if (new_unx_mode) {
1876 /* Attributes need changing. File already existed. */
1879 int saved_errno = errno; /* We might get ENOSYS in the
1881 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1884 if (ret == -1 && errno == ENOSYS) {
1885 errno = saved_errno; /* Ignore ENOSYS */
1887 DEBUG(5, ("open_file_ntcreate: reset "
1888 "attributes of file %s to 0%o\n",
1889 fname, (unsigned int)new_unx_mode));
1890 ret = 0; /* Don't do the fchmod below. */
1895 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1896 DEBUG(5, ("open_file_ntcreate: failed to reset "
1897 "attributes of file %s to 0%o\n",
1898 fname, (unsigned int)new_unx_mode));
1901 /* If this is a successful open, we must remove any deferred open
1904 del_deferred_open_entry(lck, req->mid);
1908 conn->num_files_open++;
1911 return NT_STATUS_OK;
1914 /****************************************************************************
1915 Open a file for for write to ensure that we can fchmod it.
1916 ****************************************************************************/
1918 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1919 SMB_STRUCT_STAT *psbuf, files_struct **result)
1921 files_struct *fsp = NULL;
1924 if (!VALID_STAT(*psbuf)) {
1925 return NT_STATUS_INVALID_PARAMETER;
1928 status = file_new(conn, &fsp);
1929 if(!NT_STATUS_IS_OK(status)) {
1933 /* note! we must use a non-zero desired access or we don't get
1934 a real file descriptor. Oh what a twisted web we weave. */
1935 status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY,
1936 0, FILE_WRITE_DATA, FILE_WRITE_DATA);
1939 * This is not a user visible file open.
1940 * Don't set a share mode and don't increment
1941 * the conn->num_files_open.
1944 if (!NT_STATUS_IS_OK(status)) {
1950 return NT_STATUS_OK;
1953 /****************************************************************************
1954 Close the fchmod file fd - ensure no locks are lost.
1955 ****************************************************************************/
1957 NTSTATUS close_file_fchmod(files_struct *fsp)
1959 NTSTATUS status = fd_close(fsp->conn, fsp);
1964 static NTSTATUS mkdir_internal(connection_struct *conn,
1966 uint32 file_attributes,
1967 SMB_STRUCT_STAT *psbuf)
1971 const char *dirname;
1974 if(!CAN_WRITE(conn)) {
1975 DEBUG(5,("mkdir_internal: failing create on read-only share "
1976 "%s\n", lp_servicename(SNUM(conn))));
1977 return NT_STATUS_ACCESS_DENIED;
1980 status = check_name(conn, name);
1981 if (!NT_STATUS_IS_OK(status)) {
1985 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1987 return NT_STATUS_NO_MEMORY;
1990 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1991 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1993 mode = unix_mode(conn, aDIR, name, parent_dir);
1996 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
1997 return map_nt_error_from_unix(errno);
2000 /* Ensure we're checking for a symlink here.... */
2001 /* We don't want to get caught by a symlink racer. */
2003 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2004 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2005 name, strerror(errno)));
2006 return map_nt_error_from_unix(errno);
2009 if (!S_ISDIR(psbuf->st_mode)) {
2010 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2012 return NT_STATUS_ACCESS_DENIED;
2015 if (lp_inherit_perms(SNUM(conn))) {
2016 inherit_access_acl(conn, parent_dir, name, mode);
2019 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2021 * Check if high bits should have been set,
2022 * then (if bits are missing): add them.
2023 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2026 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2027 SMB_VFS_CHMOD(conn, name,
2028 psbuf->st_mode | (mode & ~psbuf->st_mode));
2032 /* Change the owner if required. */
2033 if (lp_inherit_owner(SNUM(conn))) {
2034 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2037 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2040 return NT_STATUS_OK;
2043 /****************************************************************************
2044 Open a directory from an NT SMB call.
2045 ****************************************************************************/
2047 NTSTATUS open_directory(connection_struct *conn,
2048 struct smb_request *req,
2050 SMB_STRUCT_STAT *psbuf,
2052 uint32 share_access,
2053 uint32 create_disposition,
2054 uint32 create_options,
2055 uint32 file_attributes,
2057 files_struct **result)
2059 files_struct *fsp = NULL;
2060 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
2061 struct share_mode_lock *lck = NULL;
2065 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2066 "share_access = 0x%x create_options = 0x%x, "
2067 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2069 (unsigned int)access_mask,
2070 (unsigned int)share_access,
2071 (unsigned int)create_options,
2072 (unsigned int)create_disposition,
2073 (unsigned int)file_attributes));
2075 if (is_ntfs_stream_name(fname)) {
2076 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2077 return NT_STATUS_NOT_A_DIRECTORY;
2080 switch( create_disposition ) {
2083 info = FILE_WAS_OPENED;
2086 * We want to follow symlinks here.
2089 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2090 return map_nt_error_from_unix(errno);
2097 /* If directory exists error. If directory doesn't
2100 status = mkdir_internal(conn,
2105 if (!NT_STATUS_IS_OK(status)) {
2106 DEBUG(2, ("open_directory: unable to create "
2107 "%s. Error was %s\n", fname,
2108 nt_errstr(status)));
2112 info = FILE_WAS_CREATED;
2117 * If directory exists open. If directory doesn't
2121 status = mkdir_internal(conn,
2126 if (NT_STATUS_IS_OK(status)) {
2127 info = FILE_WAS_CREATED;
2130 if (NT_STATUS_EQUAL(status,
2131 NT_STATUS_OBJECT_NAME_COLLISION)) {
2132 info = FILE_WAS_OPENED;
2133 status = NT_STATUS_OK;
2138 case FILE_SUPERSEDE:
2139 case FILE_OVERWRITE:
2140 case FILE_OVERWRITE_IF:
2142 DEBUG(5,("open_directory: invalid create_disposition "
2143 "0x%x for directory %s\n",
2144 (unsigned int)create_disposition, fname));
2145 return NT_STATUS_INVALID_PARAMETER;
2148 if(!S_ISDIR(psbuf->st_mode)) {
2149 DEBUG(5,("open_directory: %s is not a directory !\n",
2151 return NT_STATUS_NOT_A_DIRECTORY;
2154 status = file_new(conn, &fsp);
2155 if(!NT_STATUS_IS_OK(status)) {
2160 * Setup the files_struct for it.
2163 fsp->mode = psbuf->st_mode;
2164 fsp->file_id = file_id_sbuf(psbuf);
2165 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2166 fsp->file_pid = req ? req->smbpid : 0;
2167 fsp->can_lock = False;
2168 fsp->can_read = False;
2169 fsp->can_write = False;
2171 fsp->share_access = share_access;
2172 fsp->fh->private_options = create_options;
2173 fsp->access_mask = access_mask;
2175 fsp->print_file = False;
2176 fsp->modified = False;
2177 fsp->oplock_type = NO_OPLOCK;
2178 fsp->sent_oplock_break = NO_BREAK_SENT;
2179 fsp->is_directory = True;
2180 fsp->is_stat = False;
2181 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2183 string_set(&fsp->fsp_name,fname);
2185 lck = get_share_mode_lock(NULL, fsp->file_id,
2190 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2192 return NT_STATUS_SHARING_VIOLATION;
2195 status = open_mode_check(conn, fname, lck,
2196 access_mask, share_access,
2197 create_options, &dir_existed);
2199 if (!NT_STATUS_IS_OK(status)) {
2205 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True);
2207 /* For directories the delete on close bit at open time seems
2208 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2209 if (create_options & FILE_DELETE_ON_CLOSE) {
2210 status = can_set_delete_on_close(fsp, True, 0);
2211 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2217 if (NT_STATUS_IS_OK(status)) {
2218 /* Note that here we set the *inital* delete on close flag,
2219 not the regular one. The magic gets handled in close. */
2220 fsp->initial_delete_on_close = True;
2230 conn->num_files_open++;
2233 return NT_STATUS_OK;
2236 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2239 SMB_STRUCT_STAT sbuf;
2242 SET_STAT_INVALID(sbuf);
2244 status = open_directory(conn, NULL, directory, &sbuf,
2245 FILE_READ_ATTRIBUTES, /* Just a stat open */
2246 FILE_SHARE_NONE, /* Ignored for stat opens */
2249 FILE_ATTRIBUTE_DIRECTORY,
2253 if (NT_STATUS_IS_OK(status)) {
2254 close_file(fsp, NORMAL_CLOSE);
2260 /****************************************************************************
2261 Open a pseudo-file (no locking checks - a 'stat' open).
2262 ****************************************************************************/
2264 NTSTATUS open_file_stat(connection_struct *conn, struct smb_request *req,
2265 const char *fname, SMB_STRUCT_STAT *psbuf,
2266 files_struct **result)
2268 files_struct *fsp = NULL;
2271 if (!VALID_STAT(*psbuf)) {
2272 return NT_STATUS_INVALID_PARAMETER;
2275 /* Can't 'stat' open directories. */
2276 if(S_ISDIR(psbuf->st_mode)) {
2277 return NT_STATUS_FILE_IS_A_DIRECTORY;
2280 status = file_new(conn, &fsp);
2281 if(!NT_STATUS_IS_OK(status)) {
2285 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2288 * Setup the files_struct for it.
2291 fsp->mode = psbuf->st_mode;
2292 fsp->file_id = file_id_sbuf(psbuf);
2293 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2294 fsp->file_pid = req ? req->smbpid : 0;
2295 fsp->can_lock = False;
2296 fsp->can_read = False;
2297 fsp->can_write = False;
2298 fsp->print_file = False;
2299 fsp->modified = False;
2300 fsp->oplock_type = NO_OPLOCK;
2301 fsp->sent_oplock_break = NO_BREAK_SENT;
2302 fsp->is_directory = False;
2303 fsp->is_stat = True;
2304 string_set(&fsp->fsp_name,fname);
2306 conn->num_files_open++;
2309 return NT_STATUS_OK;
2312 /****************************************************************************
2313 Receive notification that one of our open files has been renamed by another
2315 ****************************************************************************/
2317 void msg_file_was_renamed(struct messaging_context *msg,
2320 struct server_id server_id,
2324 char *frm = (char *)data->data;
2326 const char *sharepath;
2327 const char *newname;
2330 if (data->data == NULL
2331 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2332 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2333 (int)data->length));
2337 /* Unpack the message. */
2338 pull_file_id_16(frm, &id);
2339 sharepath = &frm[16];
2340 newname = sharepath + strlen(sharepath) + 1;
2341 sp_len = strlen(sharepath);
2343 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2345 sharepath, newname, file_id_static_string(&id)));
2347 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2348 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2349 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2350 fsp->fnum, fsp->fsp_name, newname ));
2351 string_set(&fsp->fsp_name, newname);
2354 /* Now we have the complete path we can work out if this is
2355 actually within this share and adjust newname accordingly. */
2356 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2357 "not sharepath %s) "
2358 "fnum %d from %s -> %s\n",
2359 fsp->conn->connectpath,
git.samba.org / tprouty / samba.git / blob