2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern userdom_struct current_user_info;
25 extern uint16 global_oplock_port;
26 extern BOOL global_client_failed_oplock_break;
28 /****************************************************************************
29 fd support routines - attempt to do a dos_open.
30 ****************************************************************************/
32 static int fd_open(struct connection_struct *conn, char *fname,
33 int flags, mode_t mode)
37 if (!lp_symlinks(SNUM(conn)))
41 fd = conn->vfs_ops.open(conn,fname,flags,mode);
43 /* Fix for files ending in '.' */
44 if((fd == -1) && (errno == ENOENT) &&
45 (strchr_m(fname,'.')==NULL)) {
47 fd = conn->vfs_ops.open(conn,fname,flags,mode);
50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56 /****************************************************************************
57 Close the file associated with a fsp.
58 ****************************************************************************/
60 int fd_close(struct connection_struct *conn, files_struct *fsp)
63 return 0; /* what we used to call a stat open. */
64 return fd_close_posix(conn, fsp);
68 /****************************************************************************
69 Check a filename for the pipe string.
70 ****************************************************************************/
72 static void check_for_pipe(char *fname)
74 /* special case of pipe opens */
76 StrnCpy(s,fname,sizeof(s)-1);
78 if (strstr(s,"pipe/")) {
79 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
80 unix_ERR_class = ERRSRV;
81 unix_ERR_code = ERRaccess;
85 /****************************************************************************
87 ****************************************************************************/
89 static BOOL open_file(files_struct *fsp,connection_struct *conn,
90 const char *fname1,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access)
92 extern struct current_user current_user;
94 int accmode = (flags & O_ACCMODE);
95 int local_flags = flags;
98 fsp->oplock_type = NO_OPLOCK;
101 pstrcpy(fname,fname1);
103 /* Check permissions */
106 * This code was changed after seeing a client open request
107 * containing the open mode of (DENY_WRITE/read-only) with
108 * the 'create if not exist' bit set. The previous code
109 * would fail to open the file read only on a read-only share
110 * as it was checking the flags parameter directly against O_RDONLY,
111 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
115 if (!CAN_WRITE(conn)) {
116 /* It's a read-only share - fail if we wanted to write. */
117 if(accmode != O_RDONLY) {
118 DEBUG(3,("Permission denied opening %s\n",fname));
119 check_for_pipe(fname);
121 } else if(flags & O_CREAT) {
122 /* We don't want to write - but we must make sure that O_CREAT
123 doesn't create the file if we have write access into the
131 * This little piece of insanity is inspired by the
132 * fact that an NT client can open a file for O_RDONLY,
133 * but set the create disposition to FILE_EXISTS_TRUNCATE.
134 * If the client *can* write to the file, then it expects to
135 * truncate the file, even though it is opening for readonly.
136 * Quicken uses this stupid trick in backup file creation...
137 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
138 * for helping track this one down. It didn't bite us in 2.0.x
139 * as we always opened files read-write in that release. JRA.
142 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
143 DEBUG(10,("open_file: truncate requested on read-only open for file %s\n",fname ));
144 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
147 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
148 (local_flags & O_CREAT) || ((local_flags & O_TRUNC) == O_TRUNC) ) {
151 * We can't actually truncate here as the file may be locked.
152 * open_file_shared will take care of the truncate later. JRA.
155 local_flags &= ~O_TRUNC;
157 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
159 * We would block on opening a FIFO with no one else on the
160 * other end. Do what we used to do and add O_NONBLOCK to the
164 if (VALID_STAT(*psbuf) && S_ISFIFO(psbuf->st_mode))
165 local_flags |= O_NONBLOCK;
168 /* Actually do the open */
169 fsp->fd = fd_open(conn, fname, local_flags, mode);
171 /* Inherit the ACL if the file was created. */
172 if ((local_flags & O_CREAT) && !VALID_STAT(*psbuf))
173 inherit_access_acl(conn, fname, mode);
176 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
177 fname,strerror(errno),local_flags,flags));
178 check_for_pipe(fname);
182 fsp->fd = -1; /* What we used to call a stat open. */
184 if (!VALID_STAT(*psbuf)) {
188 ret = vfs_stat(conn, fname, psbuf);
190 ret = vfs_fstat(fsp,fsp->fd,psbuf);
191 /* If we have an fd, this stat should succeed. */
193 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) ));
196 /* For a non-io open, this stat failing means file not found. JRA */
204 * POSIX allows read-only opens of directories. We don't
205 * want to do this (we use a different code path for this)
206 * so catch a directory open and return an EISDIR. JRA.
209 if(S_ISDIR(psbuf->st_mode)) {
215 fsp->mode = psbuf->st_mode;
216 fsp->inode = psbuf->st_ino;
217 fsp->dev = psbuf->st_dev;
218 fsp->vuid = current_user.vuid;
219 fsp->size = psbuf->st_size;
221 fsp->can_lock = True;
222 fsp->can_read = ((flags & O_WRONLY)==0);
223 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
225 fsp->desired_access = desired_access;
226 fsp->print_file = False;
227 fsp->modified = False;
228 fsp->oplock_type = NO_OPLOCK;
229 fsp->sent_oplock_break = NO_BREAK_SENT;
230 fsp->is_directory = False;
231 fsp->is_stat = False;
232 fsp->directory_delete_on_close = False;
234 string_set(&fsp->fsp_name,fname);
235 fsp->wcp = NULL; /* Write cache pointer. */
237 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
238 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
239 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
240 conn->num_files_open + 1));
245 /****************************************************************************
247 Helper for open_file_shared.
248 Truncate a file after checking locking; close file if locked.
249 **************************************************************************/
251 static int truncate_unless_locked(struct connection_struct *conn, files_struct *fsp)
253 SMB_BIG_UINT mask = (SMB_BIG_UINT)-1;
255 if (is_locked(fsp,fsp->conn,mask,0,WRITE_LOCK,True)){
257 unix_ERR_class = ERRDOS;
258 unix_ERR_code = ERRlock;
261 return conn->vfs_ops.ftruncate(fsp,fsp->fd,0);
265 /*******************************************************************
266 return True if the filename is one of the special executable types
267 ********************************************************************/
268 static BOOL is_executable(const char *fname)
270 if ((fname = strrchr_m(fname,'.'))) {
271 if (strequal(fname,".com") ||
272 strequal(fname,".dll") ||
273 strequal(fname,".exe") ||
274 strequal(fname,".sym")) {
281 enum {AFAIL,AREAD,AWRITE,AALL};
283 /*******************************************************************
284 reproduce the share mode access table
285 this is horrendoously complex, and really can't be justified on any
286 rational grounds except that this is _exactly_ what NT does. See
287 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
289 ********************************************************************/
290 static int access_table(int new_deny,int old_deny,int old_mode,
291 BOOL same_pid, BOOL isexe)
293 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
296 if (isexe && old_mode == DOS_OPEN_RDONLY &&
297 old_deny == DENY_DOS && new_deny == DENY_READ) {
300 if (!isexe && old_mode == DOS_OPEN_RDONLY &&
301 old_deny == DENY_DOS && new_deny == DENY_DOS) {
304 if (new_deny == DENY_FCB && old_deny == DENY_DOS) {
305 if (isexe) return AFAIL;
306 if (old_mode == DOS_OPEN_RDONLY) return AFAIL;
309 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) {
310 if (new_deny == DENY_FCB || new_deny == DENY_READ) {
311 if (isexe) return AREAD;
315 if (old_deny == DENY_FCB) {
316 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL;
321 if (old_deny == DENY_DOS || new_deny == DENY_DOS ||
322 old_deny == DENY_FCB || new_deny == DENY_FCB) {
324 if (old_deny == DENY_FCB || new_deny == DENY_FCB) {
327 if (old_deny == DENY_DOS) {
328 if (new_deny == DENY_READ &&
329 (old_mode == DOS_OPEN_RDONLY ||
330 old_mode == DOS_OPEN_RDWR)) {
333 if (new_deny == DENY_WRITE &&
334 (old_mode == DOS_OPEN_WRONLY ||
335 old_mode == DOS_OPEN_RDWR)) {
340 if (old_deny == DENY_NONE) return AALL;
341 if (old_deny == DENY_READ) return AWRITE;
342 if (old_deny == DENY_WRITE) return AREAD;
344 /* it isn't a exe, dll, sym or com file */
345 if (old_deny == new_deny && same_pid)
348 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL;
349 if (old_mode == DOS_OPEN_RDONLY) return(AREAD);
357 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD);
358 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE);
359 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL);
362 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD);
363 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE);
364 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL);
367 if (old_deny==DENY_WRITE) return(AREAD);
368 if (old_deny==DENY_READ) return(AWRITE);
369 if (old_deny==DENY_NONE) return(AALL);
376 /****************************************************************************
377 check if we can open a file with a share mode
378 ****************************************************************************/
380 static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access,
381 const char *fname, BOOL fcbopen, int *flags)
383 int deny_mode = GET_DENY_MODE(share_mode);
384 int old_open_mode = GET_OPEN_MODE(share->share_mode);
385 int old_deny_mode = GET_DENY_MODE(share->share_mode);
388 * share modes = false means don't bother to check for
389 * DENY mode conflict. This is a *really* bad idea :-). JRA.
392 if(!lp_share_modes(SNUM(conn)))
396 * Don't allow any opens once the delete on close flag has been
400 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) {
401 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
403 unix_ERR_class = ERRDOS;
404 unix_ERR_code = ERRnoaccess;
405 unix_ERR_ntstatus = NT_STATUS_DELETE_PENDING;
409 /* this is a nasty hack, but necessary until we rewrite our open
410 handling to use a NTCreateX call as the basic call.
411 NT may open a file with neither read nor write access, and in
412 this case it expects the open not to conflict with any
413 existing deny modes. This happens (for example) during a
414 "xcopy /o" where the second file descriptor is used for
420 * This is a bit wierd - the test for desired access not having the
421 * critical bits seems seems odd. Firstly, if both opens have no
422 * critical bits then always ignore. Then check the "allow delete"
423 * then check for either. This probably isn't quite right yet but
424 * gets us much closer. JRA.
428 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
429 * and the existing desired_acces then share modes don't conflict.
432 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) &&
433 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
436 * Wrinkle discovered by smbtorture....
437 * If both are non-io open and requester is asking for delete and current open has delete access
438 * but neither open has allowed file share delete then deny.... this is very strange and
439 * seems to be the only case in which non-io opens conflict. JRA.
442 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) &&
443 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) {
444 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
446 unix_ERR_class = ERRDOS;
447 unix_ERR_code = ERRbadshare;
452 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
453 and existing desired access (0x%x) are non-data opens\n",
454 fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
459 * If delete access was requested and the existing share mode doesn't have
460 * ALLOW_SHARE_DELETE then deny.
463 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) {
464 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
466 unix_ERR_class = ERRDOS;
467 unix_ERR_code = ERRbadshare;
473 * The inverse of the above.
474 * If delete access was granted and the new share mode doesn't have
475 * ALLOW_SHARE_DELETE then deny.
478 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) {
479 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
481 unix_ERR_class = ERRDOS;
482 unix_ERR_code = ERRbadshare;
488 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
489 * then share modes don't conflict. Likewise with existing desired access.
492 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
493 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
494 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
495 existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
500 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
501 (share->pid == sys_getpid()),is_executable(fname));
503 if ((access_allowed == AFAIL) ||
504 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
505 (access_allowed == AREAD && *flags != O_RDONLY) ||
506 (access_allowed == AWRITE && *flags != O_WRONLY)) {
508 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
509 deny_mode,old_deny_mode,old_open_mode,
510 (int)share->pid,fname, fcbopen, *flags, access_allowed));
512 unix_ERR_class = ERRDOS;
513 unix_ERR_code = ERRbadshare;
518 if (access_allowed == AREAD)
521 if (access_allowed == AWRITE)
529 /****************************************************************************
530 Deal with open deny mode and oplock break processing.
531 Invarient: Share mode must be locked on entry and exit.
532 Returns -1 on error, or number of share modes on success (may be zero).
533 ****************************************************************************/
535 static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev,
537 uint32 desired_access,
538 int share_mode, int *p_flags, int *p_oplock_request,
539 BOOL *p_all_current_opens_are_level_II)
543 int oplock_contention_count = 0;
544 share_mode_entry *old_shares = 0;
545 BOOL fcbopen = False;
548 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB)
551 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
553 if(num_share_modes == 0)
557 * Check if the share modes will give us access.
561 share_mode_entry broken_entry;
563 broke_oplock = False;
564 *p_all_current_opens_are_level_II = True;
566 for(i = 0; i < num_share_modes; i++) {
567 share_mode_entry *share_entry = &old_shares[i];
570 * By observation of NetBench, oplocks are broken *before* share
571 * modes are checked. This allows a file to be closed by the client
572 * if the share mode would deny access and the client has an oplock.
573 * Check if someone has an oplock on this file. If so we must break
574 * it before continuing.
577 if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) ||
578 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) {
582 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
583 dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode));
585 /* Oplock break - unlock to request it. */
586 unlock_share_entry(conn, dev, inode);
588 opb_ret = request_oplock_break(share_entry);
591 lock_share_entry(conn, dev, inode);
593 if(opb_ret == False) {
594 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
595 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
596 SAFE_FREE(old_shares);
598 unix_ERR_class = ERRDOS;
599 unix_ERR_code = ERRbadshare;
604 broken_entry = *share_entry;
607 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) {
608 *p_all_current_opens_are_level_II = False;
611 /* someone else has a share lock on it, check to see if we can too */
612 if (!check_share_mode(conn, share_entry, share_mode, desired_access,
613 fname, fcbopen, p_flags)) {
614 SAFE_FREE(old_shares);
622 SAFE_FREE(old_shares);
623 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
624 oplock_contention_count++;
626 /* Paranoia check that this is no longer an exlusive entry. */
627 for(i = 0; i < num_share_modes; i++) {
628 share_mode_entry *share_entry = &old_shares[i];
630 if (share_modes_identical(&broken_entry, share_entry) &&
631 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) {
634 * This should not happen. The target left this oplock
635 * as exlusive.... The process *must* be dead....
638 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
639 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fname, (unsigned int)dev, (double)inode));
641 if (process_exists(broken_entry.pid)) {
642 DEBUG(0,("open_mode_check: Existent process %d left active oplock.\n",
646 if (del_share_entry(dev, inode, &broken_entry, NULL) == -1) {
648 unix_ERR_class = ERRDOS;
649 unix_ERR_code = ERRbadshare;
654 * We must reload the share modes after deleting the
655 * other process's entry.
658 SAFE_FREE(old_shares);
659 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
662 } /* end for paranoia... */
663 } /* end if broke_oplock */
665 } while(broke_oplock);
668 SAFE_FREE(old_shares);
671 * Refuse to grant an oplock in case the contention limit is
672 * reached when going through the lock list multiple times.
675 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) {
676 *p_oplock_request = 0;
677 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
678 oplock_contention_count ));
681 return num_share_modes;
684 /****************************************************************************
685 set a kernel flock on a file for NFS interoperability
686 this requires a patch to Linux
687 ****************************************************************************/
688 static void kernel_flock(files_struct *fsp, int deny_mode)
690 #if HAVE_KERNEL_SHARE_MODES
692 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE;
693 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ;
694 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND;
695 if (kernel_mode) flock(fsp->fd, kernel_mode);
701 static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode, mode_t new_mode)
703 uint32 old_dos_mode, new_dos_mode;
704 SMB_STRUCT_STAT sbuf;
708 sbuf.st_mode = existing_mode;
709 old_dos_mode = dos_mode(conn, path, &sbuf);
711 sbuf.st_mode = new_mode;
712 new_dos_mode = dos_mode(conn, path, &sbuf);
714 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
715 if (lp_map_system(SNUM(conn))) {
716 if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) && !(new_dos_mode & FILE_ATTRIBUTE_SYSTEM))
719 if (lp_map_hidden(SNUM(conn))) {
720 if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) && !(new_dos_mode & FILE_ATTRIBUTE_HIDDEN))
726 /****************************************************************************
727 Open a file with a share mode. On output from this open we are guarenteeing
729 ****************************************************************************/
730 files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
731 int share_mode,int ofun, mode_t mode,int oplock_request,
732 int *Access,int *action)
734 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, mode,
735 oplock_request, Access, action);
738 /****************************************************************************
739 Open a file with a share mode. On output from this open we are guarenteeing
741 ****************************************************************************/
742 files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
743 uint32 desired_access,
744 int share_mode,int ofun, mode_t mode,int oplock_request,
745 int *Access,int *action)
749 int deny_mode = GET_DENY_MODE(share_mode);
750 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode);
751 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
752 BOOL file_existed = VALID_STAT(*psbuf);
753 BOOL fcbopen = False;
754 BOOL def_acl = False;
757 int num_share_modes = 0;
758 BOOL all_current_opens_are_level_II = False;
759 BOOL fsp_open = False;
760 files_struct *fsp = NULL;
765 /* printers are handled completely differently. Most of the passed parameters are
768 *Access = DOS_OPEN_WRONLY;
770 *action = FILE_WAS_CREATED;
771 return print_fsp_open(conn, fname);
774 fsp = file_new(conn);
778 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
779 fname, share_mode, ofun, (int)mode, oplock_request ));
781 if (!check_name(fname,conn)) {
786 /* ignore any oplock requests if oplocks are disabled */
787 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) {
791 /* this is for OS/2 EAs - try and say we don't support them */
792 if (strstr(fname,".+,;=[].")) {
793 unix_ERR_class = ERRDOS;
794 /* OS/2 Workplace shell fix may be main code stream in a later release. */
795 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
796 unix_ERR_code = ERRcannotopen;
797 #else /* OS2_WPS_FIX */
798 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
799 #endif /* OS2_WPS_FIX */
801 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
806 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) {
807 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
814 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST))
817 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE))
820 /* We only care about matching attributes on file exists and truncate. */
821 if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) {
822 if (!open_match_attributes(conn, fname, psbuf->st_mode, mode)) {
823 DEBUG(5,("open_file_shared: attributes missmatch for file %s (0%o, 0%o)\n",
824 fname, psbuf->st_mode, mode ));
831 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL)
834 /* note that we ignore the append flag as
835 append does not mean the same thing under dos and unix */
837 switch (GET_OPEN_MODE(share_mode)) {
838 case DOS_OPEN_WRONLY:
840 if (desired_access == 0)
841 desired_access = FILE_WRITE_DATA;
846 if (desired_access == 0)
847 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
851 if (desired_access == 0)
852 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
856 if (desired_access == 0)
857 desired_access = FILE_READ_DATA;
862 if (GET_FILE_SYNC_OPENMODE(share_mode)) {
867 if (flags != O_RDONLY && file_existed &&
868 (!CAN_WRITE(conn) || IS_DOS_READONLY(dos_mode(conn,fname,psbuf)))) {
870 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
871 fname, !CAN_WRITE(conn) ? "share" : "file" ));
879 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) {
880 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
889 inode = psbuf->st_ino;
891 lock_share_entry(conn, dev, inode);
893 num_share_modes = open_mode_check(conn, fname, dev, inode,
896 &flags, &oplock_request, &all_current_opens_are_level_II);
897 if(num_share_modes == -1) {
900 * This next line is a subtlety we need for MS-Access. If a file open will
901 * fail due to share permissions and also for security (access)
902 * reasons, we need to return the access failed error, not the
903 * share error. This means we must attempt to open the file anyway
904 * in order to get the UNIX access error - even if we're going to
905 * fail the open for share reasons. This is bad, as we're burning
906 * another fd if there are existing locks but there's nothing else
907 * we can do. We also ensure we're not going to create or tuncate
908 * the file as we only want an access decision at this stage. JRA.
910 fsp_open = open_file(fsp,conn,fname,psbuf,
911 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access);
913 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
914 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
915 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open ));
917 unlock_share_entry(conn, dev, inode);
925 * We exit this block with the share entry *locked*.....
930 * Ensure we pay attention to default ACLs on directories if required.
933 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
934 (def_acl = directory_has_default_acl(conn, parent_dirname(fname))))
937 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
938 flags,flags2,(int)mode));
941 * open_file strips any O_TRUNC flags itself.
944 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access);
946 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) {
947 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True)
953 unlock_share_entry(conn, dev, inode);
959 * Deal with the race condition where two smbd's detect the file doesn't
960 * exist and do the create at the same time. One of them will win and
961 * set a share mode, the other (ie. this one) should check if the
962 * requested share mode for this create is allowed.
967 lock_share_entry_fsp(fsp);
969 num_share_modes = open_mode_check(conn, fname, dev, inode,
972 &flags, &oplock_request, &all_current_opens_are_level_II);
974 if(num_share_modes == -1) {
975 unlock_share_entry_fsp(fsp);
982 * If there are any share modes set then the file *did*
983 * exist. Ensure we return the correct value for action.
986 if (num_share_modes > 0)
990 * We exit this block with the share entry *locked*.....
994 /* note that we ignore failure for the following. It is
995 basically a hack for NFS, and NFS will never set one of
996 these only read them. Nobody but Samba can ever set a deny
997 mode and we have already checked our more authoritative
998 locking database for permission to set this deny mode. If
999 the kernel refuses the operations then the kernel is wrong */
1000 kernel_flock(fsp, deny_mode);
1003 * At this point onwards, we can guarentee that the share entry
1004 * is locked, whether we created the file or not, and that the
1005 * deny mode is compatible with all current opens.
1009 * If requested, truncate the file.
1012 if (flags2&O_TRUNC) {
1014 * We are modifing the file after open - update the stat struct..
1016 if ((truncate_unless_locked(conn,fsp) == -1) || (vfs_fstat(fsp,fsp->fd,psbuf)==-1)) {
1017 unlock_share_entry_fsp(fsp);
1026 open_mode = DOS_OPEN_RDONLY;
1029 open_mode = DOS_OPEN_RDWR;
1032 open_mode = DOS_OPEN_WRONLY;
1036 fsp->share_mode = SET_DENY_MODE(deny_mode) |
1037 SET_OPEN_MODE(open_mode) |
1038 SET_ALLOW_SHARE_DELETE(allow_share_delete);
1040 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode ));
1043 (*Access) = open_mode;
1046 if (file_existed && !(flags2 & O_TRUNC))
1047 *action = FILE_WAS_OPENED;
1049 *action = FILE_WAS_CREATED;
1050 if (file_existed && (flags2 & O_TRUNC))
1051 *action = FILE_WAS_OVERWRITTEN;
1055 * Setup the oplock info in both the shared memory and
1059 if(oplock_request && (num_share_modes == 0) &&
1060 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) {
1061 port = global_oplock_port;
1062 } else if (oplock_request && all_current_opens_are_level_II) {
1063 port = global_oplock_port;
1064 oplock_request = LEVEL_II_OPLOCK;
1065 set_file_oplock(fsp, oplock_request);
1071 set_share_mode(fsp, port, oplock_request);
1073 if (delete_on_close) {
1074 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1076 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1077 /* Remember to delete the mode we just added. */
1078 del_share_mode(fsp, NULL);
1079 unlock_share_entry_fsp(fsp);
1087 * Take care of inherited ACLs on created files - if default ACL not
1091 if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) {
1092 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1093 if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS)
1094 errno = saved_errno; /* Ignore ENOSYS */
1097 unlock_share_entry_fsp(fsp);
1099 conn->num_files_open++;
1104 /****************************************************************************
1105 Open a file for for write to ensure that we can fchmod it.
1106 ****************************************************************************/
1108 files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf)
1110 files_struct *fsp = NULL;
1113 if (!VALID_STAT(*psbuf))
1116 fsp = file_new(conn);
1120 /* note! we must use a non-zero desired access or we don't get
1121 a real file descriptor. Oh what a twisted web we weave. */
1122 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA);
1125 * This is not a user visible file open.
1126 * Don't set a share mode and don't increment
1127 * the conn->num_files_open.
1138 /****************************************************************************
1139 Close the fchmod file fd - ensure no locks are lost.
1140 ****************************************************************************/
1142 int close_file_fchmod(files_struct *fsp)
1144 int ret = fd_close(fsp->conn, fsp);
1149 /****************************************************************************
1150 Open a directory from an NT SMB call.
1151 ****************************************************************************/
1153 files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf,
1154 uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action)
1156 extern struct current_user current_user;
1157 BOOL got_stat = False;
1158 files_struct *fsp = file_new(conn);
1159 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
1164 fsp->conn = conn; /* The vfs_fXXX() macros need this. */
1166 if (VALID_STAT(*psbuf))
1169 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) {
1171 errno = EEXIST; /* Setup so correct error is returned to client. */
1175 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) {
1179 if(!S_ISDIR(psbuf->st_mode)) {
1180 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1185 *action = FILE_WAS_OPENED;
1190 * Try and create the directory.
1193 if(!CAN_WRITE(conn)) {
1194 DEBUG(2,("open_directory: failing create on read-only share\n"));
1200 if(vfs_mkdir(conn,fname, unix_mode(conn,aDIR, fname)) < 0) {
1201 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1202 fname, strerror(errno) ));
1207 if(vfs_stat(conn,fname, psbuf) != 0) {
1212 *action = FILE_WAS_CREATED;
1218 * Don't create - just check that it *was* a directory.
1222 DEBUG(3,("open_directory: unable to stat name = %s. Error was %s\n",
1223 fname, strerror(errno) ));
1228 if(!S_ISDIR(psbuf->st_mode)) {
1229 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1234 *action = FILE_WAS_OPENED;
1237 DEBUG(5,("open_directory: opening directory %s\n", fname));
1240 * Setup the files_struct for it.
1243 fsp->mode = psbuf->st_mode;
1244 fsp->inode = psbuf->st_ino;
1245 fsp->dev = psbuf->st_dev;
1246 fsp->size = psbuf->st_size;
1247 fsp->vuid = current_user.vuid;
1249 fsp->can_lock = True;
1250 fsp->can_read = False;
1251 fsp->can_write = False;
1252 fsp->share_mode = share_mode;
1253 fsp->desired_access = desired_access;
1254 fsp->print_file = False;
1255 fsp->modified = False;
1256 fsp->oplock_type = NO_OPLOCK;
1257 fsp->sent_oplock_break = NO_BREAK_SENT;
1258 fsp->is_directory = True;
1259 fsp->is_stat = False;
1260 fsp->directory_delete_on_close = False;
1262 string_set(&fsp->fsp_name,fname);
1264 if (delete_on_close) {
1265 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1267 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1272 conn->num_files_open++;
1277 /****************************************************************************
1278 Open a pseudo-file (no locking checks - a 'stat' open).
1279 ****************************************************************************/
1281 files_struct *open_file_stat(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf)
1283 extern struct current_user current_user;
1284 BOOL got_stat = False;
1285 files_struct *fsp = NULL;
1287 if (!VALID_STAT(*psbuf))
1290 /* Can't 'stat' open directories. */
1291 if(S_ISDIR(psbuf->st_mode))
1294 fsp = file_new(conn);
1298 fsp->conn = conn; /* The vfs_fXXX() macros need this. */
1300 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
1303 * Setup the files_struct for it.
1306 fsp->mode = psbuf->st_mode;
1308 * Don't store dev or inode, we don't want any iterator
1311 fsp->inode = (SMB_INO_T)0;
1312 fsp->dev = (SMB_DEV_T)0;
1313 fsp->size = psbuf->st_size;
1314 fsp->vuid = current_user.vuid;
1316 fsp->can_lock = False;
1317 fsp->can_read = False;
1318 fsp->can_write = False;
1319 fsp->share_mode = 0;
1320 fsp->desired_access = 0;
1321 fsp->print_file = False;
1322 fsp->modified = False;
1323 fsp->oplock_type = NO_OPLOCK;
1324 fsp->sent_oplock_break = NO_BREAK_SENT;
1325 fsp->is_directory = False;
1326 fsp->is_stat = True;
1327 fsp->directory_delete_on_close = False;
1329 string_set(&fsp->fsp_name,fname);
1331 conn->num_files_open++;