2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern userdom_struct current_user_info;
25 extern uint16 global_oplock_port;
26 extern BOOL global_client_failed_oplock_break;
28 /****************************************************************************
29 fd support routines - attempt to do a dos_open.
30 ****************************************************************************/
32 static int fd_open(struct connection_struct *conn, char *fname,
33 int flags, mode_t mode)
37 if (!lp_symlinks(SNUM(conn)))
41 fd = conn->vfs_ops.open(conn,fname,flags,mode);
43 /* Fix for files ending in '.' */
44 if((fd == -1) && (errno == ENOENT) &&
45 (strchr_m(fname,'.')==NULL)) {
47 fd = conn->vfs_ops.open(conn,fname,flags,mode);
50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56 /****************************************************************************
57 Close the file associated with a fsp.
58 ****************************************************************************/
60 int fd_close(struct connection_struct *conn, files_struct *fsp)
63 return 0; /* what we used to call a stat open. */
64 return fd_close_posix(conn, fsp);
68 /****************************************************************************
69 Check a filename for the pipe string.
70 ****************************************************************************/
72 static void check_for_pipe(char *fname)
74 /* special case of pipe opens */
76 StrnCpy(s,fname,sizeof(s)-1);
78 if (strstr(s,"pipe/")) {
79 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
80 unix_ERR_class = ERRSRV;
81 unix_ERR_code = ERRaccess;
85 /****************************************************************************
87 ****************************************************************************/
89 static BOOL open_file(files_struct *fsp,connection_struct *conn,
90 const char *fname1,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access)
92 extern struct current_user current_user;
94 int accmode = (flags & O_ACCMODE);
95 int local_flags = flags;
98 fsp->oplock_type = NO_OPLOCK;
101 pstrcpy(fname,fname1);
103 /* Check permissions */
106 * This code was changed after seeing a client open request
107 * containing the open mode of (DENY_WRITE/read-only) with
108 * the 'create if not exist' bit set. The previous code
109 * would fail to open the file read only on a read-only share
110 * as it was checking the flags parameter directly against O_RDONLY,
111 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
115 if (!CAN_WRITE(conn)) {
116 /* It's a read-only share - fail if we wanted to write. */
117 if(accmode != O_RDONLY) {
118 DEBUG(3,("Permission denied opening %s\n",fname));
119 check_for_pipe(fname);
121 } else if(flags & O_CREAT) {
122 /* We don't want to write - but we must make sure that O_CREAT
123 doesn't create the file if we have write access into the
131 * This little piece of insanity is inspired by the
132 * fact that an NT client can open a file for O_RDONLY,
133 * but set the create disposition to FILE_EXISTS_TRUNCATE.
134 * If the client *can* write to the file, then it expects to
135 * truncate the file, even though it is opening for readonly.
136 * Quicken uses this stupid trick in backup file creation...
137 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
138 * for helping track this one down. It didn't bite us in 2.0.x
139 * as we always opened files read-write in that release. JRA.
142 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
143 DEBUG(10,("open_file: truncate requested on read-only open for file %s\n",fname ));
144 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
147 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
148 (local_flags & O_CREAT) || ((local_flags & O_TRUNC) == O_TRUNC) ) {
151 * We can't actually truncate here as the file may be locked.
152 * open_file_shared will take care of the truncate later. JRA.
155 local_flags &= ~O_TRUNC;
157 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
159 * We would block on opening a FIFO with no one else on the
160 * other end. Do what we used to do and add O_NONBLOCK to the
164 if (VALID_STAT(*psbuf) && S_ISFIFO(psbuf->st_mode))
165 local_flags |= O_NONBLOCK;
168 /* actually do the open */
169 fsp->fd = fd_open(conn, fname, local_flags, mode);
172 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
173 fname,strerror(errno),local_flags,flags));
174 check_for_pipe(fname);
178 fsp->fd = -1; /* What we used to call a stat open. */
180 if (!VALID_STAT(*psbuf)) {
184 ret = vfs_stat(conn, fname, psbuf);
186 ret = vfs_fstat(fsp,fsp->fd,psbuf);
187 /* If we have an fd, this stat should succeed. */
189 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) ));
192 /* For a non-io open, this stat failing means file not found. JRA */
200 * POSIX allows read-only opens of directories. We don't
201 * want to do this (we use a different code path for this)
202 * so catch a directory open and return an EISDIR. JRA.
205 if(S_ISDIR(psbuf->st_mode)) {
211 fsp->mode = psbuf->st_mode;
212 fsp->inode = psbuf->st_ino;
213 fsp->dev = psbuf->st_dev;
214 fsp->vuid = current_user.vuid;
215 fsp->size = psbuf->st_size;
217 fsp->can_lock = True;
218 fsp->can_read = ((flags & O_WRONLY)==0);
219 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
221 fsp->desired_access = desired_access;
222 fsp->print_file = False;
223 fsp->modified = False;
224 fsp->oplock_type = NO_OPLOCK;
225 fsp->sent_oplock_break = NO_BREAK_SENT;
226 fsp->is_directory = False;
227 fsp->directory_delete_on_close = False;
229 string_set(&fsp->fsp_name,fname);
230 fsp->wcp = NULL; /* Write cache pointer. */
232 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
233 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
234 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
235 conn->num_files_open + 1));
240 /****************************************************************************
242 Helper for open_file_shared.
243 Truncate a file after checking locking; close file if locked.
244 **************************************************************************/
246 static int truncate_unless_locked(struct connection_struct *conn, files_struct *fsp)
248 SMB_BIG_UINT mask = (SMB_BIG_UINT)-1;
250 if (is_locked(fsp,fsp->conn,mask,0,WRITE_LOCK,True)){
252 unix_ERR_class = ERRDOS;
253 unix_ERR_code = ERRlock;
256 return conn->vfs_ops.ftruncate(fsp,fsp->fd,0);
260 /*******************************************************************
261 return True if the filename is one of the special executable types
262 ********************************************************************/
263 static BOOL is_executable(const char *fname)
265 if ((fname = strrchr_m(fname,'.'))) {
266 if (strequal(fname,".com") ||
267 strequal(fname,".dll") ||
268 strequal(fname,".exe") ||
269 strequal(fname,".sym")) {
276 enum {AFAIL,AREAD,AWRITE,AALL};
278 /*******************************************************************
279 reproduce the share mode access table
280 this is horrendoously complex, and really can't be justified on any
281 rational grounds except that this is _exactly_ what NT does. See
282 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
284 ********************************************************************/
285 static int access_table(int new_deny,int old_deny,int old_mode,
286 BOOL same_pid, BOOL isexe)
288 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
291 if (isexe && old_mode == DOS_OPEN_RDONLY &&
292 old_deny == DENY_DOS && new_deny == DENY_READ) {
295 if (!isexe && old_mode == DOS_OPEN_RDONLY &&
296 old_deny == DENY_DOS && new_deny == DENY_DOS) {
299 if (new_deny == DENY_FCB && old_deny == DENY_DOS) {
300 if (isexe) return AFAIL;
301 if (old_mode == DOS_OPEN_RDONLY) return AFAIL;
304 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) {
305 if (new_deny == DENY_FCB || new_deny == DENY_READ) {
306 if (isexe) return AREAD;
310 if (old_deny == DENY_FCB) {
311 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL;
316 if (old_deny == DENY_DOS || new_deny == DENY_DOS ||
317 old_deny == DENY_FCB || new_deny == DENY_FCB) {
319 if (old_deny == DENY_FCB || new_deny == DENY_FCB) {
322 if (old_deny == DENY_DOS) {
323 if (new_deny == DENY_READ &&
324 (old_mode == DOS_OPEN_RDONLY ||
325 old_mode == DOS_OPEN_RDWR)) {
328 if (new_deny == DENY_WRITE &&
329 (old_mode == DOS_OPEN_WRONLY ||
330 old_mode == DOS_OPEN_RDWR)) {
335 if (old_deny == DENY_NONE) return AALL;
336 if (old_deny == DENY_READ) return AWRITE;
337 if (old_deny == DENY_WRITE) return AREAD;
339 /* it isn't a exe, dll, sym or com file */
340 if (old_deny == new_deny && same_pid)
343 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL;
344 if (old_mode == DOS_OPEN_RDONLY) return(AREAD);
352 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD);
353 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE);
354 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL);
357 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD);
358 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE);
359 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL);
362 if (old_deny==DENY_WRITE) return(AREAD);
363 if (old_deny==DENY_READ) return(AWRITE);
364 if (old_deny==DENY_NONE) return(AALL);
371 /****************************************************************************
372 check if we can open a file with a share mode
373 ****************************************************************************/
375 static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access,
376 const char *fname, BOOL fcbopen, int *flags)
378 int deny_mode = GET_DENY_MODE(share_mode);
379 int old_open_mode = GET_OPEN_MODE(share->share_mode);
380 int old_deny_mode = GET_DENY_MODE(share->share_mode);
383 * share modes = false means don't bother to check for
384 * DENY mode conflict. This is a *really* bad idea :-). JRA.
387 if(!lp_share_modes(SNUM(conn)))
391 * Don't allow any opens once the delete on close flag has been
395 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) {
396 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
398 unix_ERR_class = ERRDOS;
399 unix_ERR_code = ERRnoaccess;
403 /* this is a nasty hack, but necessary until we rewrite our open
404 handling to use a NTCreateX call as the basic call.
405 NT may open a file with neither read nor write access, and in
406 this case it expects the open not to conflict with any
407 existing deny modes. This happens (for example) during a
408 "xcopy /o" where the second file descriptor is used for
414 * This is a bit wierd - the test for desired access not having the
415 * critical bits seems seems odd. Firstly, if both opens have no
416 * critical bits then always ignore. Then check the "allow delete"
417 * then check for either. This probably isn't quite right yet but
418 * gets us much closer. JRA.
422 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
423 * and the existing desired_acces then share modes don't conflict.
426 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) &&
427 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
430 * Wrinkle discovered by smbtorture....
431 * If both are non-io open and requester is asking for delete and current open has delete access
432 * but neither open has allowed file share delete then deny.... this is very strange and
433 * seems to be the only case in which non-io opens conflict. JRA.
436 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) &&
437 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) {
438 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
440 unix_ERR_class = ERRDOS;
441 unix_ERR_code = ERRbadshare;
446 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
447 and existing desired access (0x%x) are non-data opens\n",
448 fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
453 * If delete access was requested and the existing share mode doesn't have
454 * ALLOW_SHARE_DELETE then deny.
457 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) {
458 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
460 unix_ERR_class = ERRDOS;
461 unix_ERR_code = ERRbadshare;
467 * The inverse of the above.
468 * If delete access was granted and the new share mode doesn't have
469 * ALLOW_SHARE_DELETE then deny.
472 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) {
473 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
475 unix_ERR_class = ERRDOS;
476 unix_ERR_code = ERRbadshare;
482 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
483 * then share modes don't conflict. Likewise with existing desired access.
486 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
487 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
488 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
489 existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
494 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
495 (share->pid == sys_getpid()),is_executable(fname));
497 if ((access_allowed == AFAIL) ||
498 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
499 (access_allowed == AREAD && *flags != O_RDONLY) ||
500 (access_allowed == AWRITE && *flags != O_WRONLY)) {
502 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
503 deny_mode,old_deny_mode,old_open_mode,
504 (int)share->pid,fname, fcbopen, *flags, access_allowed));
506 unix_ERR_class = ERRDOS;
507 unix_ERR_code = ERRbadshare;
512 if (access_allowed == AREAD)
515 if (access_allowed == AWRITE)
523 /****************************************************************************
524 Deal with open deny mode and oplock break processing.
525 Invarient: Share mode must be locked on entry and exit.
526 Returns -1 on error, or number of share modes on success (may be zero).
527 ****************************************************************************/
529 static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev,
531 uint32 desired_access,
532 int share_mode, int *p_flags, int *p_oplock_request,
533 BOOL *p_all_current_opens_are_level_II)
537 int oplock_contention_count = 0;
538 share_mode_entry *old_shares = 0;
539 BOOL fcbopen = False;
542 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB)
545 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
547 if(num_share_modes == 0)
551 * Check if the share modes will give us access.
555 share_mode_entry broken_entry;
557 broke_oplock = False;
558 *p_all_current_opens_are_level_II = True;
560 for(i = 0; i < num_share_modes; i++) {
561 share_mode_entry *share_entry = &old_shares[i];
564 * By observation of NetBench, oplocks are broken *before* share
565 * modes are checked. This allows a file to be closed by the client
566 * if the share mode would deny access and the client has an oplock.
567 * Check if someone has an oplock on this file. If so we must break
568 * it before continuing.
571 if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) ||
572 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) {
576 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
577 dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode));
579 /* Oplock break - unlock to request it. */
580 unlock_share_entry(conn, dev, inode);
582 opb_ret = request_oplock_break(share_entry);
585 lock_share_entry(conn, dev, inode);
587 if(opb_ret == False) {
588 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
589 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
590 SAFE_FREE(old_shares);
592 unix_ERR_class = ERRDOS;
593 unix_ERR_code = ERRbadshare;
598 broken_entry = *share_entry;
601 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) {
602 *p_all_current_opens_are_level_II = False;
605 /* someone else has a share lock on it, check to see if we can too */
606 if (!check_share_mode(conn, share_entry, share_mode, desired_access,
607 fname, fcbopen, p_flags)) {
608 SAFE_FREE(old_shares);
616 SAFE_FREE(old_shares);
617 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
618 oplock_contention_count++;
620 /* Paranoia check that this is no longer an exlusive entry. */
621 for(i = 0; i < num_share_modes; i++) {
622 share_mode_entry *share_entry = &old_shares[i];
624 if (share_modes_identical(&broken_entry, share_entry) &&
625 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) {
628 * This should not happen. The target left this oplock
629 * as exlusive.... The process *must* be dead....
632 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
633 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fname, (unsigned int)dev, (double)inode));
635 if (process_exists(broken_entry.pid)) {
636 DEBUG(0,("open_mode_check: Existent process %d left active oplock.\n",
640 if (del_share_entry(dev, inode, &broken_entry, NULL) == -1) {
642 unix_ERR_class = ERRDOS;
643 unix_ERR_code = ERRbadshare;
648 * We must reload the share modes after deleting the
649 * other process's entry.
652 SAFE_FREE(old_shares);
653 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
656 } /* end for paranoia... */
657 } /* end if broke_oplock */
659 } while(broke_oplock);
662 SAFE_FREE(old_shares);
665 * Refuse to grant an oplock in case the contention limit is
666 * reached when going through the lock list multiple times.
669 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) {
670 *p_oplock_request = 0;
671 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
672 oplock_contention_count ));
675 return num_share_modes;
678 /****************************************************************************
679 set a kernel flock on a file for NFS interoperability
680 this requires a patch to Linux
681 ****************************************************************************/
682 static void kernel_flock(files_struct *fsp, int deny_mode)
684 #if HAVE_KERNEL_SHARE_MODES
686 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE;
687 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ;
688 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND;
689 if (kernel_mode) flock(fsp->fd, kernel_mode);
695 static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode, mode_t new_mode)
697 uint32 old_dos_mode, new_dos_mode;
698 SMB_STRUCT_STAT sbuf;
702 sbuf.st_mode = existing_mode;
703 old_dos_mode = dos_mode(conn, path, &sbuf);
705 sbuf.st_mode = new_mode;
706 new_dos_mode = dos_mode(conn, path, &sbuf);
708 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
709 if (lp_map_system(SNUM(conn))) {
710 if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) != (new_dos_mode & FILE_ATTRIBUTE_SYSTEM))
713 if (lp_map_hidden(SNUM(conn))) {
714 if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) != (new_dos_mode & FILE_ATTRIBUTE_HIDDEN))
720 /****************************************************************************
721 Open a file with a share mode. On output from this open we are guarenteeing
723 ****************************************************************************/
724 files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
725 int share_mode,int ofun, mode_t mode,int oplock_request,
726 int *Access,int *action)
728 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, mode,
729 oplock_request, Access, action);
732 /****************************************************************************
733 Open a file with a share mode. On output from this open we are guarenteeing
735 ****************************************************************************/
736 files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
737 uint32 desired_access,
738 int share_mode,int ofun, mode_t mode,int oplock_request,
739 int *Access,int *action)
743 int deny_mode = GET_DENY_MODE(share_mode);
744 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode);
745 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
746 BOOL file_existed = VALID_STAT(*psbuf);
747 BOOL fcbopen = False;
748 BOOL def_acl = False;
751 int num_share_modes = 0;
752 BOOL all_current_opens_are_level_II = False;
753 BOOL fsp_open = False;
754 files_struct *fsp = NULL;
759 /* printers are handled completely differently. Most of the passed parameters are
762 *Access = DOS_OPEN_WRONLY;
764 *action = FILE_WAS_CREATED;
765 return print_fsp_open(conn, fname);
768 fsp = file_new(conn);
772 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
773 fname, share_mode, ofun, (int)mode, oplock_request ));
775 if (!check_name(fname,conn)) {
780 /* ignore any oplock requests if oplocks are disabled */
781 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) {
785 /* this is for OS/2 EAs - try and say we don't support them */
786 if (strstr(fname,".+,;=[].")) {
787 unix_ERR_class = ERRDOS;
788 /* OS/2 Workplace shell fix may be main code stream in a later release. */
789 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
790 unix_ERR_code = ERRcannotopen;
791 #else /* OS2_WPS_FIX */
792 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
793 #endif /* OS2_WPS_FIX */
795 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
800 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) {
801 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
808 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST))
811 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE))
814 /* We only care about matching attributes on file exists and truncate. */
815 if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) {
816 if (!open_match_attributes(conn, fname, psbuf->st_mode, mode)) {
817 DEBUG(5,("open_file_shared: attributes missmatch for file %s (0%o, 0%o)\n",
818 fname, psbuf->st_mode, mode ));
825 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL)
828 /* note that we ignore the append flag as
829 append does not mean the same thing under dos and unix */
831 switch (GET_OPEN_MODE(share_mode)) {
832 case DOS_OPEN_WRONLY:
834 if (desired_access == 0)
835 desired_access = FILE_WRITE_DATA;
840 if (desired_access == 0)
841 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
845 if (desired_access == 0)
846 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
850 if (desired_access == 0)
851 desired_access = FILE_READ_DATA;
856 if (GET_FILE_SYNC_OPENMODE(share_mode)) {
861 if (flags != O_RDONLY && file_existed &&
862 (!CAN_WRITE(conn) || IS_DOS_READONLY(dos_mode(conn,fname,psbuf)))) {
864 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
865 fname, !CAN_WRITE(conn) ? "share" : "file" ));
873 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) {
874 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
883 inode = psbuf->st_ino;
885 lock_share_entry(conn, dev, inode);
887 num_share_modes = open_mode_check(conn, fname, dev, inode,
890 &flags, &oplock_request, &all_current_opens_are_level_II);
891 if(num_share_modes == -1) {
894 * This next line is a subtlety we need for MS-Access. If a file open will
895 * fail due to share permissions and also for security (access)
896 * reasons, we need to return the access failed error, not the
897 * share error. This means we must attempt to open the file anyway
898 * in order to get the UNIX access error - even if we're going to
899 * fail the open for share reasons. This is bad, as we're burning
900 * another fd if there are existing locks but there's nothing else
901 * we can do. We also ensure we're not going to create or tuncate
902 * the file as we only want an access decision at this stage. JRA.
904 fsp_open = open_file(fsp,conn,fname,psbuf,
905 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access);
907 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
908 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
909 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open ));
911 unlock_share_entry(conn, dev, inode);
919 * We exit this block with the share entry *locked*.....
924 * Ensure we pay attention to default ACLs on directories if required.
927 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
928 (def_acl = directory_has_default_acl(conn, parent_dirname(fname))))
931 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
932 flags,flags2,(int)mode));
935 * open_file strips any O_TRUNC flags itself.
938 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access);
940 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) {
941 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True)
947 unlock_share_entry(conn, dev, inode);
953 * Deal with the race condition where two smbd's detect the file doesn't
954 * exist and do the create at the same time. One of them will win and
955 * set a share mode, the other (ie. this one) should check if the
956 * requested share mode for this create is allowed.
961 lock_share_entry_fsp(fsp);
963 num_share_modes = open_mode_check(conn, fname, dev, inode,
966 &flags, &oplock_request, &all_current_opens_are_level_II);
968 if(num_share_modes == -1) {
969 unlock_share_entry_fsp(fsp);
976 * If there are any share modes set then the file *did*
977 * exist. Ensure we return the correct value for action.
980 if (num_share_modes > 0)
984 * We exit this block with the share entry *locked*.....
988 /* note that we ignore failure for the following. It is
989 basically a hack for NFS, and NFS will never set one of
990 these only read them. Nobody but Samba can ever set a deny
991 mode and we have already checked our more authoritative
992 locking database for permission to set this deny mode. If
993 the kernel refuses the operations then the kernel is wrong */
994 kernel_flock(fsp, deny_mode);
997 * At this point onwards, we can guarentee that the share entry
998 * is locked, whether we created the file or not, and that the
999 * deny mode is compatible with all current opens.
1003 * If requested, truncate the file.
1006 if (flags2&O_TRUNC) {
1008 * We are modifing the file after open - update the stat struct..
1010 if ((truncate_unless_locked(conn,fsp) == -1) || (vfs_fstat(fsp,fsp->fd,psbuf)==-1)) {
1011 unlock_share_entry_fsp(fsp);
1020 open_mode = DOS_OPEN_RDONLY;
1023 open_mode = DOS_OPEN_RDWR;
1026 open_mode = DOS_OPEN_WRONLY;
1030 fsp->share_mode = SET_DENY_MODE(deny_mode) |
1031 SET_OPEN_MODE(open_mode) |
1032 SET_ALLOW_SHARE_DELETE(allow_share_delete);
1034 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode ));
1037 (*Access) = open_mode;
1040 if (file_existed && !(flags2 & O_TRUNC))
1041 *action = FILE_WAS_OPENED;
1043 *action = FILE_WAS_CREATED;
1044 if (file_existed && (flags2 & O_TRUNC))
1045 *action = FILE_WAS_OVERWRITTEN;
1049 * Setup the oplock info in both the shared memory and
1053 if(oplock_request && (num_share_modes == 0) &&
1054 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) {
1055 port = global_oplock_port;
1056 } else if (oplock_request && all_current_opens_are_level_II) {
1057 port = global_oplock_port;
1058 oplock_request = LEVEL_II_OPLOCK;
1059 set_file_oplock(fsp, oplock_request);
1065 set_share_mode(fsp, port, oplock_request);
1067 if (delete_on_close) {
1068 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1070 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1071 /* Remember to delete the mode we just added. */
1072 del_share_mode(fsp, NULL);
1073 unlock_share_entry_fsp(fsp);
1081 * Take care of inherited ACLs on created files - if default ACL not
1085 if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) {
1086 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1087 if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS)
1088 errno = saved_errno; /* Ignore ENOSYS */
1091 unlock_share_entry_fsp(fsp);
1093 conn->num_files_open++;
1098 /****************************************************************************
1099 Open a file for for write to ensure that we can fchmod it.
1100 ****************************************************************************/
1102 files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf)
1104 files_struct *fsp = NULL;
1107 if (!VALID_STAT(*psbuf))
1110 fsp = file_new(conn);
1114 /* note! we must use a non-zero desired access or we don't get
1115 a real file descriptor. Oh what a twisted web we weave. */
1116 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA);
1119 * This is not a user visible file open.
1120 * Don't set a share mode and don't increment
1121 * the conn->num_files_open.
1132 /****************************************************************************
1133 Close the fchmod file fd - ensure no locks are lost.
1134 ****************************************************************************/
1136 int close_file_fchmod(files_struct *fsp)
1138 int ret = fd_close(fsp->conn, fsp);
1143 /****************************************************************************
1144 Open a directory from an NT SMB call.
1145 ****************************************************************************/
1147 files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf,
1148 uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action)
1150 extern struct current_user current_user;
1151 BOOL got_stat = False;
1152 files_struct *fsp = file_new(conn);
1153 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
1158 fsp->conn = conn; /* The vfs_fXXX() macros need this. */
1160 if (VALID_STAT(*psbuf))
1163 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) {
1165 errno = EEXIST; /* Setup so correct error is returned to client. */
1169 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) {
1173 if(!S_ISDIR(psbuf->st_mode)) {
1174 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1179 *action = FILE_WAS_OPENED;
1184 * Try and create the directory.
1187 if(!CAN_WRITE(conn)) {
1188 DEBUG(2,("open_directory: failing create on read-only share\n"));
1194 if(vfs_mkdir(conn,fname, unix_mode(conn,aDIR, fname)) < 0) {
1195 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1196 fname, strerror(errno) ));
1201 if(vfs_stat(conn,fname, psbuf) != 0) {
1206 *action = FILE_WAS_CREATED;
1212 * Don't create - just check that it *was* a directory.
1216 DEBUG(3,("open_directory: unable to stat name = %s. Error was %s\n",
1217 fname, strerror(errno) ));
1222 if(!S_ISDIR(psbuf->st_mode)) {
1223 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1228 *action = FILE_WAS_OPENED;
1231 DEBUG(5,("open_directory: opening directory %s\n", fname));
1234 * Setup the files_struct for it.
1237 fsp->mode = psbuf->st_mode;
1238 fsp->inode = psbuf->st_ino;
1239 fsp->dev = psbuf->st_dev;
1240 fsp->size = psbuf->st_size;
1241 fsp->vuid = current_user.vuid;
1243 fsp->can_lock = True;
1244 fsp->can_read = False;
1245 fsp->can_write = False;
1246 fsp->share_mode = share_mode;
1247 fsp->desired_access = desired_access;
1248 fsp->print_file = False;
1249 fsp->modified = False;
1250 fsp->oplock_type = NO_OPLOCK;
1251 fsp->sent_oplock_break = NO_BREAK_SENT;
1252 fsp->is_directory = True;
1253 fsp->directory_delete_on_close = False;
1255 string_set(&fsp->fsp_name,fname);
1257 if (delete_on_close) {
1258 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1260 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1265 conn->num_files_open++;
1271 Old code - I have replaced with correct desired_access checking. JRA.
1273 /*******************************************************************
1274 Check if the share mode on a file allows it to be deleted or unlinked.
1275 Return True if sharing doesn't prevent the operation.
1276 ********************************************************************/
1278 BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op)
1282 share_mode_entry *old_shares = 0;
1283 int num_share_modes;
1284 SMB_STRUCT_STAT sbuf;
1285 pid_t pid = sys_getpid();
1289 if (vfs_stat(conn,fname,&sbuf) == -1)
1293 inode = sbuf.st_ino;
1295 lock_share_entry(conn, dev, inode);
1296 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1299 * Check if the share modes will give us access.
1302 if(num_share_modes != 0) {
1307 broke_oplock = False;
1308 for(i = 0; i < num_share_modes; i++) {
1309 share_mode_entry *share_entry = &old_shares[i];
1312 * Break oplocks before checking share modes. See comment in
1313 * open_file_shared for details.
1314 * Check if someone has an oplock on this file. If so we must
1315 * break it before continuing.
1317 if(BATCH_OPLOCK_TYPE(share_entry->op_type)) {
1319 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1320 dev = %x, inode = %.0f\n", share_entry->op_type, fname, (unsigned int)dev, (double)inode));
1322 /* Oplock break.... */
1323 unlock_share_entry(conn, dev, inode);
1325 if(request_oplock_break(share_entry) == False) {
1326 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1327 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
1329 SAFE_FREE(old_shares);
1332 lock_share_entry(conn, dev, inode);
1333 broke_oplock = True;
1338 * If this is a delete request and ALLOW_SHARE_DELETE is set then allow
1339 * this to proceed. This takes precedence over share modes.
1342 if(!rename_op && GET_ALLOW_SHARE_DELETE(share_entry->share_mode))
1346 * Someone else has a share lock on it, check to see
1349 if ((GET_DENY_MODE(share_entry->share_mode) != DENY_DOS) ||
1350 (share_entry->pid != pid))
1356 SAFE_FREE(old_shares);
1357 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1359 } while(broke_oplock);
1363 * XXXX exactly what share mode combinations should be allowed for
1364 * deleting/renaming?
1368 * If we got here then either there were no share modes or
1369 * all share modes were DENY_DOS and the pid == getpid() or
1370 * delete access was requested and all share modes had the
1371 * ALLOW_SHARE_DELETE bit set (takes precedence over other
1379 unlock_share_entry(conn, dev, inode);
1380 SAFE_FREE(old_shares);
git.samba.org / tprouty / samba.git / blob