2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern userdom_struct current_user_info;
25 extern uint16 global_oplock_port;
26 extern BOOL global_client_failed_oplock_break;
28 /****************************************************************************
29 fd support routines - attempt to do a dos_open.
30 ****************************************************************************/
32 static int fd_open(struct connection_struct *conn, char *fname,
33 int flags, mode_t mode)
37 if (!lp_symlinks(SNUM(conn)))
41 fd = conn->vfs_ops.open(conn,fname,flags,mode);
43 /* Fix for files ending in '.' */
44 if((fd == -1) && (errno == ENOENT) &&
45 (strchr_m(fname,'.')==NULL)) {
47 fd = conn->vfs_ops.open(conn,fname,flags,mode);
50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56 /****************************************************************************
57 Close the file associated with a fsp.
58 ****************************************************************************/
60 int fd_close(struct connection_struct *conn, files_struct *fsp)
63 return 0; /* what we used to call a stat open. */
64 return fd_close_posix(conn, fsp);
68 /****************************************************************************
69 Check a filename for the pipe string.
70 ****************************************************************************/
72 static void check_for_pipe(char *fname)
74 /* special case of pipe opens */
76 StrnCpy(s,fname,sizeof(s)-1);
78 if (strstr(s,"pipe/")) {
79 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
80 unix_ERR_class = ERRSRV;
81 unix_ERR_code = ERRaccess;
85 /****************************************************************************
87 ****************************************************************************/
89 static BOOL open_file(files_struct *fsp,connection_struct *conn,
90 char *fname1,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access)
92 extern struct current_user current_user;
94 int accmode = (flags & O_ACCMODE);
95 int local_flags = flags;
98 fsp->oplock_type = NO_OPLOCK;
101 pstrcpy(fname,fname1);
103 /* Check permissions */
106 * This code was changed after seeing a client open request
107 * containing the open mode of (DENY_WRITE/read-only) with
108 * the 'create if not exist' bit set. The previous code
109 * would fail to open the file read only on a read-only share
110 * as it was checking the flags parameter directly against O_RDONLY,
111 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
115 if (!CAN_WRITE(conn)) {
116 /* It's a read-only share - fail if we wanted to write. */
117 if(accmode != O_RDONLY) {
118 DEBUG(3,("Permission denied opening %s\n",fname));
119 check_for_pipe(fname);
121 } else if(flags & O_CREAT) {
122 /* We don't want to write - but we must make sure that O_CREAT
123 doesn't create the file if we have write access into the
131 * This little piece of insanity is inspired by the
132 * fact that an NT client can open a file for O_RDONLY,
133 * but set the create disposition to FILE_EXISTS_TRUNCATE.
134 * If the client *can* write to the file, then it expects to
135 * truncate the file, even though it is opening for readonly.
136 * Quicken uses this stupid trick in backup file creation...
137 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
138 * for helping track this one down. It didn't bite us in 2.0.x
139 * as we always opened files read-write in that release. JRA.
142 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC))
143 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
146 * We can't actually truncate here as the file may be locked.
147 * open_file_shared will take care of the truncate later. JRA.
150 local_flags &= ~O_TRUNC;
152 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
153 (local_flags & O_CREAT)) {
155 /* actually do the open */
156 fsp->fd = fd_open(conn, fname, local_flags, mode);
159 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
160 fname,strerror(errno),local_flags,flags));
161 check_for_pipe(fname);
165 fsp->fd = -1; /* What we used to call a stat open. */
167 if (!VALID_STAT(*psbuf)) {
171 ret = vfs_stat(conn, fname, psbuf);
173 ret = vfs_fstat(fsp,fsp->fd,psbuf);
176 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) ));
183 * POSIX allows read-only opens of directories. We don't
184 * want to do this (we use a different code path for this)
185 * so catch a directory open and return an EISDIR. JRA.
188 if(S_ISDIR(psbuf->st_mode)) {
194 fsp->mode = psbuf->st_mode;
195 fsp->inode = psbuf->st_ino;
196 fsp->dev = psbuf->st_dev;
197 fsp->vuid = current_user.vuid;
198 fsp->size = psbuf->st_size;
200 fsp->can_lock = True;
201 fsp->can_read = ((flags & O_WRONLY)==0);
202 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
204 fsp->desired_access = desired_access;
205 fsp->print_file = False;
206 fsp->modified = False;
207 fsp->oplock_type = NO_OPLOCK;
208 fsp->sent_oplock_break = NO_BREAK_SENT;
209 fsp->is_directory = False;
210 fsp->directory_delete_on_close = False;
212 string_set(&fsp->fsp_name,fname);
213 fsp->wcp = NULL; /* Write cache pointer. */
215 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
216 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
217 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
218 conn->num_files_open + 1));
223 /****************************************************************************
225 Helper for open_file_shared.
226 Truncate a file after checking locking; close file if locked.
227 **************************************************************************/
229 static int truncate_unless_locked(struct connection_struct *conn, files_struct *fsp)
231 SMB_BIG_UINT mask = (SMB_BIG_UINT)-1;
233 if (is_locked(fsp,fsp->conn,mask,0,WRITE_LOCK,True)){
235 unix_ERR_class = ERRDOS;
236 unix_ERR_code = ERRlock;
239 return conn->vfs_ops.ftruncate(fsp,fsp->fd,0);
243 /*******************************************************************
244 return True if the filename is one of the special executable types
245 ********************************************************************/
246 static BOOL is_executable(const char *fname)
248 if ((fname = strrchr_m(fname,'.'))) {
249 if (strequal(fname,".com") ||
250 strequal(fname,".dll") ||
251 strequal(fname,".exe") ||
252 strequal(fname,".sym")) {
259 enum {AFAIL,AREAD,AWRITE,AALL};
261 /*******************************************************************
262 reproduce the share mode access table
263 this is horrendoously complex, and really can't be justified on any
264 rational grounds except that this is _exactly_ what NT does. See
265 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
267 ********************************************************************/
268 static int access_table(int new_deny,int old_deny,int old_mode,
269 BOOL same_pid, BOOL isexe)
271 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
274 if (isexe && old_mode == DOS_OPEN_RDONLY &&
275 old_deny == DENY_DOS && new_deny == DENY_READ) {
278 if (!isexe && old_mode == DOS_OPEN_RDONLY &&
279 old_deny == DENY_DOS && new_deny == DENY_DOS) {
282 if (new_deny == DENY_FCB && old_deny == DENY_DOS) {
283 if (isexe) return AFAIL;
284 if (old_mode == DOS_OPEN_RDONLY) return AFAIL;
287 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) {
288 if (new_deny == DENY_FCB || new_deny == DENY_READ) {
289 if (isexe) return AREAD;
293 if (old_deny == DENY_FCB) {
294 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL;
299 if (old_deny == DENY_DOS || new_deny == DENY_DOS ||
300 old_deny == DENY_FCB || new_deny == DENY_FCB) {
302 if (old_deny == DENY_FCB || new_deny == DENY_FCB) {
305 if (old_deny == DENY_DOS) {
306 if (new_deny == DENY_READ &&
307 (old_mode == DOS_OPEN_RDONLY ||
308 old_mode == DOS_OPEN_RDWR)) {
311 if (new_deny == DENY_WRITE &&
312 (old_mode == DOS_OPEN_WRONLY ||
313 old_mode == DOS_OPEN_RDWR)) {
318 if (old_deny == DENY_NONE) return AALL;
319 if (old_deny == DENY_READ) return AWRITE;
320 if (old_deny == DENY_WRITE) return AREAD;
322 /* it isn't a exe, dll, sym or com file */
323 if (old_deny == new_deny && same_pid)
326 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL;
327 if (old_mode == DOS_OPEN_RDONLY) return(AREAD);
335 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD);
336 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE);
337 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL);
340 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD);
341 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE);
342 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL);
345 if (old_deny==DENY_WRITE) return(AREAD);
346 if (old_deny==DENY_READ) return(AWRITE);
347 if (old_deny==DENY_NONE) return(AALL);
354 /****************************************************************************
355 check if we can open a file with a share mode
356 ****************************************************************************/
358 static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access,
359 const char *fname, BOOL fcbopen, int *flags)
361 int deny_mode = GET_DENY_MODE(share_mode);
362 int old_open_mode = GET_OPEN_MODE(share->share_mode);
363 int old_deny_mode = GET_DENY_MODE(share->share_mode);
366 * share modes = false means don't bother to check for
367 * DENY mode conflict. This is a *really* bad idea :-). JRA.
370 if(!lp_share_modes(SNUM(conn)))
374 * Don't allow any opens once the delete on close flag has been
378 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) {
379 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
381 unix_ERR_class = ERRDOS;
382 unix_ERR_code = ERRnoaccess;
386 /* this is a nasty hack, but necessary until we rewrite our open
387 handling to use a NTCreateX call as the basic call.
388 NT may open a file with neither read nor write access, and in
389 this case it expects the open not to conflict with any
390 existing deny modes. This happens (for example) during a
391 "xcopy /o" where the second file descriptor is used for
397 * This is a bit wierd - the test for desired access not having the
398 * critical bits seems seems odd. Firstly, if both opens have no
399 * critical bits then always ignore. Then check the "allow delete"
400 * then check for either. This probably isn't quite right yet but
401 * gets us much closer. JRA.
405 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
406 * and the existing desired_acces then share modes don't conflict.
409 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) &&
410 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
413 * Wrinkle discovered by smbtorture....
414 * If both are non-io open and requester is asking for delete and current open has delete access
415 * but neither open has allowed file share delete then deny.... this is very strange and
416 * seems to be the only case in which non-io opens conflict. JRA.
419 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) &&
420 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) {
421 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
423 unix_ERR_class = ERRDOS;
424 unix_ERR_code = ERRbadshare;
429 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
430 and existing desired access (0x%x) are non-data opens\n",
431 fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
436 * If delete access was requested and the existing share mode doesn't have
437 * ALLOW_SHARE_DELETE then deny.
440 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) {
441 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
443 unix_ERR_class = ERRDOS;
444 unix_ERR_code = ERRbadshare;
450 * The inverse of the above.
451 * If delete access was granted and the new share mode doesn't have
452 * ALLOW_SHARE_DELETE then deny.
455 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) {
456 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
458 unix_ERR_class = ERRDOS;
459 unix_ERR_code = ERRbadshare;
465 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
466 * then share modes don't conflict. Likewise with existing desired access.
469 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
470 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
471 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
472 existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
477 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
478 (share->pid == sys_getpid()),is_executable(fname));
480 if ((access_allowed == AFAIL) ||
481 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
482 (access_allowed == AREAD && *flags != O_RDONLY) ||
483 (access_allowed == AWRITE && *flags != O_WRONLY)) {
485 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
486 deny_mode,old_deny_mode,old_open_mode,
487 (int)share->pid,fname, fcbopen, *flags, access_allowed));
489 unix_ERR_class = ERRDOS;
490 unix_ERR_code = ERRbadshare;
495 if (access_allowed == AREAD)
498 if (access_allowed == AWRITE)
506 /****************************************************************************
507 Deal with open deny mode and oplock break processing.
508 Invarient: Share mode must be locked on entry and exit.
509 Returns -1 on error, or number of share modes on success (may be zero).
510 ****************************************************************************/
512 static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev,
514 uint32 desired_access,
515 int share_mode, int *p_flags, int *p_oplock_request,
516 BOOL *p_all_current_opens_are_level_II)
520 int oplock_contention_count = 0;
521 share_mode_entry *old_shares = 0;
522 BOOL fcbopen = False;
525 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB)
528 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
530 if(num_share_modes == 0)
534 * Check if the share modes will give us access.
538 share_mode_entry broken_entry;
540 broke_oplock = False;
541 *p_all_current_opens_are_level_II = True;
543 for(i = 0; i < num_share_modes; i++) {
544 share_mode_entry *share_entry = &old_shares[i];
547 * By observation of NetBench, oplocks are broken *before* share
548 * modes are checked. This allows a file to be closed by the client
549 * if the share mode would deny access and the client has an oplock.
550 * Check if someone has an oplock on this file. If so we must break
551 * it before continuing.
554 if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) ||
555 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) {
559 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
560 dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode));
562 /* Oplock break - unlock to request it. */
563 unlock_share_entry(conn, dev, inode);
565 opb_ret = request_oplock_break(share_entry);
568 lock_share_entry(conn, dev, inode);
570 if(opb_ret == False) {
571 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
572 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
573 SAFE_FREE(old_shares);
575 unix_ERR_class = ERRDOS;
576 unix_ERR_code = ERRbadshare;
581 broken_entry = *share_entry;
584 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) {
585 *p_all_current_opens_are_level_II = False;
588 /* someone else has a share lock on it, check to see if we can too */
589 if (!check_share_mode(conn, share_entry, share_mode, desired_access,
590 fname, fcbopen, p_flags)) {
591 SAFE_FREE(old_shares);
599 SAFE_FREE(old_shares);
600 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
601 oplock_contention_count++;
603 /* Paranoia check that this is no longer an exlusive entry. */
604 for(i = 0; i < num_share_modes; i++) {
605 share_mode_entry *share_entry = &old_shares[i];
607 if (share_modes_identical(&broken_entry, share_entry) &&
608 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) {
611 * This should not happen. The target left this oplock
612 * as exlusive.... The process *must* be dead....
615 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
616 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fname, (unsigned int)dev, (double)inode));
618 if (process_exists(broken_entry.pid)) {
619 DEBUG(0,("open_mode_check: Existent process %d left active oplock.\n",
623 if (del_share_entry(dev, inode, &broken_entry, NULL) == -1) {
625 unix_ERR_class = ERRDOS;
626 unix_ERR_code = ERRbadshare;
631 * We must reload the share modes after deleting the
632 * other process's entry.
635 SAFE_FREE(old_shares);
636 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
639 } /* end for paranoia... */
640 } /* end if broke_oplock */
642 } while(broke_oplock);
645 SAFE_FREE(old_shares);
648 * Refuse to grant an oplock in case the contention limit is
649 * reached when going through the lock list multiple times.
652 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) {
653 *p_oplock_request = 0;
654 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
655 oplock_contention_count ));
658 return num_share_modes;
661 /****************************************************************************
662 set a kernel flock on a file for NFS interoperability
663 this requires a patch to Linux
664 ****************************************************************************/
665 static void kernel_flock(files_struct *fsp, int deny_mode)
667 #if HAVE_KERNEL_SHARE_MODES
669 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE;
670 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ;
671 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND;
672 if (kernel_mode) flock(fsp->fd, kernel_mode);
678 /****************************************************************************
679 Open a file with a share mode. On output from this open we are guarenteeing
681 ****************************************************************************/
682 files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
683 int share_mode,int ofun, mode_t mode,int oplock_request,
684 int *Access,int *action)
686 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, mode,
687 oplock_request, Access, action);
690 /****************************************************************************
691 Open a file with a share mode. On output from this open we are guarenteeing
693 ****************************************************************************/
694 files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
695 uint32 desired_access,
696 int share_mode,int ofun, mode_t mode,int oplock_request,
697 int *Access,int *action)
701 int deny_mode = GET_DENY_MODE(share_mode);
702 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode);
703 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
704 BOOL file_existed = VALID_STAT(*psbuf);
705 BOOL fcbopen = False;
706 BOOL def_acl = False;
709 int num_share_modes = 0;
710 BOOL all_current_opens_are_level_II = False;
711 BOOL fsp_open = False;
712 files_struct *fsp = NULL;
717 /* printers are handled completely differently. Most of the passed parameters are
720 *Access = DOS_OPEN_WRONLY;
722 *action = FILE_WAS_CREATED;
723 return print_fsp_open(conn, fname);
726 fsp = file_new(conn);
730 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
731 fname, share_mode, ofun, (int)mode, oplock_request ));
733 if (!check_name(fname,conn)) {
738 /* ignore any oplock requests if oplocks are disabled */
739 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) {
743 /* this is for OS/2 EAs - try and say we don't support them */
744 if (strstr(fname,".+,;=[].")) {
745 unix_ERR_class = ERRDOS;
746 /* OS/2 Workplace shell fix may be main code stream in a later release. */
747 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
748 unix_ERR_code = ERRcannotopen;
749 #else /* OS2_WPS_FIX */
750 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
751 #endif /* OS2_WPS_FIX */
753 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
758 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) {
759 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
766 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST))
769 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE))
772 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL)
775 /* note that we ignore the append flag as
776 append does not mean the same thing under dos and unix */
778 switch (GET_OPEN_MODE(share_mode)) {
779 case DOS_OPEN_WRONLY:
781 if (desired_access == 0)
782 desired_access = FILE_WRITE_DATA;
787 if (desired_access == 0)
788 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
792 if (desired_access == 0)
793 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
797 if (desired_access == 0)
798 desired_access = FILE_READ_DATA;
803 if (GET_FILE_SYNC_OPENMODE(share_mode)) {
808 if (flags != O_RDONLY && file_existed &&
809 (!CAN_WRITE(conn) || IS_DOS_READONLY(dos_mode(conn,fname,psbuf)))) {
811 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
812 fname, !CAN_WRITE(conn) ? "share" : "file" ));
820 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) {
821 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
830 inode = psbuf->st_ino;
832 lock_share_entry(conn, dev, inode);
834 num_share_modes = open_mode_check(conn, fname, dev, inode,
837 &flags, &oplock_request, &all_current_opens_are_level_II);
838 if(num_share_modes == -1) {
841 * This next line is a subtlety we need for MS-Access. If a file open will
842 * fail due to share permissions and also for security (access)
843 * reasons, we need to return the access failed error, not the
844 * share error. This means we must attempt to open the file anyway
845 * in order to get the UNIX access error - even if we're going to
846 * fail the open for share reasons. This is bad, as we're burning
847 * another fd if there are existing locks but there's nothing else
848 * we can do. We also ensure we're not going to create or tuncate
849 * the file as we only want an access decision at this stage. JRA.
851 fsp_open = open_file(fsp,conn,fname,psbuf,
852 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access);
854 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
855 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
856 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open ));
858 unlock_share_entry(conn, dev, inode);
866 * We exit this block with the share entry *locked*.....
871 * Ensure we pay attention to default ACLs on directories if required.
874 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
875 (def_acl = directory_has_default_acl(conn, parent_dirname(fname))))
878 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
879 flags,flags2,(int)mode));
882 * open_file strips any O_TRUNC flags itself.
885 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access);
887 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) {
888 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True)
894 unlock_share_entry(conn, dev, inode);
900 * Deal with the race condition where two smbd's detect the file doesn't
901 * exist and do the create at the same time. One of them will win and
902 * set a share mode, the other (ie. this one) should check if the
903 * requested share mode for this create is allowed.
908 lock_share_entry_fsp(fsp);
910 num_share_modes = open_mode_check(conn, fname, dev, inode,
913 &flags, &oplock_request, &all_current_opens_are_level_II);
915 if(num_share_modes == -1) {
916 unlock_share_entry_fsp(fsp);
923 * If there are any share modes set then the file *did*
924 * exist. Ensure we return the correct value for action.
927 if (num_share_modes > 0)
931 * We exit this block with the share entry *locked*.....
935 /* note that we ignore failure for the following. It is
936 basically a hack for NFS, and NFS will never set one of
937 these only read them. Nobody but Samba can ever set a deny
938 mode and we have already checked our more authoritative
939 locking database for permission to set this deny mode. If
940 the kernel refuses the operations then the kernel is wrong */
941 kernel_flock(fsp, deny_mode);
944 * At this point onwards, we can guarentee that the share entry
945 * is locked, whether we created the file or not, and that the
946 * deny mode is compatible with all current opens.
950 * If requested, truncate the file.
953 if (flags2&O_TRUNC) {
955 * We are modifing the file after open - update the stat struct..
957 if ((truncate_unless_locked(conn,fsp) == -1) || (vfs_fstat(fsp,fsp->fd,psbuf)==-1)) {
958 unlock_share_entry_fsp(fsp);
967 open_mode = DOS_OPEN_RDONLY;
970 open_mode = DOS_OPEN_RDWR;
973 open_mode = DOS_OPEN_WRONLY;
977 fsp->share_mode = SET_DENY_MODE(deny_mode) |
978 SET_OPEN_MODE(open_mode) |
979 SET_ALLOW_SHARE_DELETE(allow_share_delete);
981 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode ));
984 (*Access) = open_mode;
987 if (file_existed && !(flags2 & O_TRUNC))
988 *action = FILE_WAS_OPENED;
990 *action = FILE_WAS_CREATED;
991 if (file_existed && (flags2 & O_TRUNC))
992 *action = FILE_WAS_OVERWRITTEN;
996 * Setup the oplock info in both the shared memory and
1000 if(oplock_request && (num_share_modes == 0) &&
1001 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) {
1002 port = global_oplock_port;
1003 } else if (oplock_request && all_current_opens_are_level_II) {
1004 port = global_oplock_port;
1005 oplock_request = LEVEL_II_OPLOCK;
1006 set_file_oplock(fsp, oplock_request);
1012 set_share_mode(fsp, port, oplock_request);
1014 if (delete_on_close) {
1015 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1017 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1018 /* Remember to delete the mode we just added. */
1019 del_share_mode(fsp, NULL);
1020 unlock_share_entry_fsp(fsp);
1028 * Take care of inherited ACLs on created files - if default ACL not
1032 if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) {
1033 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1034 if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS)
1035 errno = saved_errno; /* Ignore ENOSYS */
1038 unlock_share_entry_fsp(fsp);
1040 conn->num_files_open++;
1045 /****************************************************************************
1046 Open a file for for write to ensure that we can fchmod it.
1047 ****************************************************************************/
1049 files_struct *open_file_fchmod(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf)
1051 files_struct *fsp = NULL;
1054 if (!VALID_STAT(*psbuf))
1057 fsp = file_new(conn);
1061 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,0);
1064 * This is not a user visible file open.
1065 * Don't set a share mode and don't increment
1066 * the conn->num_files_open.
1077 /****************************************************************************
1078 Close the fchmod file fd - ensure no locks are lost.
1079 ****************************************************************************/
1081 int close_file_fchmod(files_struct *fsp)
1083 int ret = fd_close(fsp->conn, fsp);
1088 /****************************************************************************
1089 Open a directory from an NT SMB call.
1090 ****************************************************************************/
1092 files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf,
1093 uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action)
1095 extern struct current_user current_user;
1096 BOOL got_stat = False;
1097 files_struct *fsp = file_new(conn);
1098 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
1103 fsp->conn = conn; /* The vfs_fXXX() macros need this. */
1105 if (VALID_STAT(*psbuf))
1108 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) {
1110 errno = EEXIST; /* Setup so correct error is returned to client. */
1114 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) {
1118 if(!S_ISDIR(psbuf->st_mode)) {
1119 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1124 *action = FILE_WAS_OPENED;
1129 * Try and create the directory.
1132 if(!CAN_WRITE(conn)) {
1133 DEBUG(2,("open_directory: failing create on read-only share\n"));
1139 if(vfs_mkdir(conn,fname, unix_mode(conn,aDIR, fname)) < 0) {
1140 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1141 fname, strerror(errno) ));
1146 if(vfs_stat(conn,fname, psbuf) != 0) {
1151 *action = FILE_WAS_CREATED;
1157 * Don't create - just check that it *was* a directory.
1161 DEBUG(0,("open_directory: unable to stat name = %s. Error was %s\n",
1162 fname, strerror(errno) ));
1167 if(!S_ISDIR(psbuf->st_mode)) {
1168 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1173 *action = FILE_WAS_OPENED;
1176 DEBUG(5,("open_directory: opening directory %s\n", fname));
1179 * Setup the files_struct for it.
1182 fsp->mode = psbuf->st_mode;
1183 fsp->inode = psbuf->st_ino;
1184 fsp->dev = psbuf->st_dev;
1185 fsp->size = psbuf->st_size;
1186 fsp->vuid = current_user.vuid;
1188 fsp->can_lock = True;
1189 fsp->can_read = False;
1190 fsp->can_write = False;
1191 fsp->share_mode = share_mode;
1192 fsp->desired_access = desired_access;
1193 fsp->print_file = False;
1194 fsp->modified = False;
1195 fsp->oplock_type = NO_OPLOCK;
1196 fsp->sent_oplock_break = NO_BREAK_SENT;
1197 fsp->is_directory = True;
1198 fsp->directory_delete_on_close = False;
1200 string_set(&fsp->fsp_name,fname);
1202 if (delete_on_close) {
1203 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1205 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1210 conn->num_files_open++;
1216 Old code - I have replaced with correct desired_access checking. JRA.
1218 /*******************************************************************
1219 Check if the share mode on a file allows it to be deleted or unlinked.
1220 Return True if sharing doesn't prevent the operation.
1221 ********************************************************************/
1223 BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op)
1227 share_mode_entry *old_shares = 0;
1228 int num_share_modes;
1229 SMB_STRUCT_STAT sbuf;
1230 pid_t pid = sys_getpid();
1234 if (vfs_stat(conn,fname,&sbuf) == -1)
1238 inode = sbuf.st_ino;
1240 lock_share_entry(conn, dev, inode);
1241 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1244 * Check if the share modes will give us access.
1247 if(num_share_modes != 0) {
1252 broke_oplock = False;
1253 for(i = 0; i < num_share_modes; i++) {
1254 share_mode_entry *share_entry = &old_shares[i];
1257 * Break oplocks before checking share modes. See comment in
1258 * open_file_shared for details.
1259 * Check if someone has an oplock on this file. If so we must
1260 * break it before continuing.
1262 if(BATCH_OPLOCK_TYPE(share_entry->op_type)) {
1264 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1265 dev = %x, inode = %.0f\n", share_entry->op_type, fname, (unsigned int)dev, (double)inode));
1267 /* Oplock break.... */
1268 unlock_share_entry(conn, dev, inode);
1270 if(request_oplock_break(share_entry) == False) {
1271 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1272 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
1274 SAFE_FREE(old_shares);
1277 lock_share_entry(conn, dev, inode);
1278 broke_oplock = True;
1283 * If this is a delete request and ALLOW_SHARE_DELETE is set then allow
1284 * this to proceed. This takes precedence over share modes.
1287 if(!rename_op && GET_ALLOW_SHARE_DELETE(share_entry->share_mode))
1291 * Someone else has a share lock on it, check to see
1294 if ((GET_DENY_MODE(share_entry->share_mode) != DENY_DOS) ||
1295 (share_entry->pid != pid))
1301 SAFE_FREE(old_shares);
1302 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
1304 } while(broke_oplock);
1308 * XXXX exactly what share mode combinations should be allowed for
1309 * deleting/renaming?
1313 * If we got here then either there were no share modes or
1314 * all share modes were DENY_DOS and the pid == getpid() or
1315 * delete access was requested and all share modes had the
1316 * ALLOW_SHARE_DELETE bit set (takes precedence over other
1324 unlock_share_entry(conn, dev, inode);
1325 SAFE_FREE(old_shares);
git.samba.org / tprouty / samba.git / blob