2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern userdom_struct current_user_info;
25 extern uint16 global_oplock_port;
26 extern BOOL global_client_failed_oplock_break;
28 /****************************************************************************
29 fd support routines - attempt to do a dos_open.
30 ****************************************************************************/
32 static int fd_open(struct connection_struct *conn, char *fname,
33 int flags, mode_t mode)
37 if (!lp_symlinks(SNUM(conn)))
41 fd = conn->vfs_ops.open(conn,fname,flags,mode);
43 /* Fix for files ending in '.' */
44 if((fd == -1) && (errno == ENOENT) &&
45 (strchr_m(fname,'.')==NULL)) {
47 fd = conn->vfs_ops.open(conn,fname,flags,mode);
50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56 /****************************************************************************
57 Close the file associated with a fsp.
58 ****************************************************************************/
60 int fd_close(struct connection_struct *conn, files_struct *fsp)
63 return 0; /* what we used to call a stat open. */
64 return fd_close_posix(conn, fsp);
68 /****************************************************************************
69 Check a filename for the pipe string.
70 ****************************************************************************/
72 static void check_for_pipe(char *fname)
74 /* special case of pipe opens */
76 StrnCpy(s,fname,sizeof(s)-1);
78 if (strstr(s,"pipe/")) {
79 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
80 unix_ERR_class = ERRSRV;
81 unix_ERR_code = ERRaccess;
85 /****************************************************************************
87 ****************************************************************************/
89 static BOOL open_file(files_struct *fsp,connection_struct *conn,
90 const char *fname1,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access)
92 extern struct current_user current_user;
94 int accmode = (flags & O_ACCMODE);
95 int local_flags = flags;
98 fsp->oplock_type = NO_OPLOCK;
101 pstrcpy(fname,fname1);
103 /* Check permissions */
106 * This code was changed after seeing a client open request
107 * containing the open mode of (DENY_WRITE/read-only) with
108 * the 'create if not exist' bit set. The previous code
109 * would fail to open the file read only on a read-only share
110 * as it was checking the flags parameter directly against O_RDONLY,
111 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
115 if (!CAN_WRITE(conn)) {
116 /* It's a read-only share - fail if we wanted to write. */
117 if(accmode != O_RDONLY) {
118 DEBUG(3,("Permission denied opening %s\n",fname));
119 check_for_pipe(fname);
121 } else if(flags & O_CREAT) {
122 /* We don't want to write - but we must make sure that O_CREAT
123 doesn't create the file if we have write access into the
131 * This little piece of insanity is inspired by the
132 * fact that an NT client can open a file for O_RDONLY,
133 * but set the create disposition to FILE_EXISTS_TRUNCATE.
134 * If the client *can* write to the file, then it expects to
135 * truncate the file, even though it is opening for readonly.
136 * Quicken uses this stupid trick in backup file creation...
137 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
138 * for helping track this one down. It didn't bite us in 2.0.x
139 * as we always opened files read-write in that release. JRA.
142 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
143 DEBUG(10,("open_file: truncate requested on read-only open for file %s\n",fname ));
144 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
147 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
148 (local_flags & O_CREAT) || ((local_flags & O_TRUNC) == O_TRUNC) ) {
151 * We can't actually truncate here as the file may be locked.
152 * open_file_shared will take care of the truncate later. JRA.
155 local_flags &= ~O_TRUNC;
157 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
159 * We would block on opening a FIFO with no one else on the
160 * other end. Do what we used to do and add O_NONBLOCK to the
164 if (VALID_STAT(*psbuf) && S_ISFIFO(psbuf->st_mode))
165 local_flags |= O_NONBLOCK;
168 /* Actually do the open */
169 fsp->fd = fd_open(conn, fname, local_flags, mode);
171 /* Inherit the ACL if the file was created. */
172 if ((local_flags & O_CREAT) && !VALID_STAT(*psbuf))
173 inherit_access_acl(conn, fname, mode);
176 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
177 fname,strerror(errno),local_flags,flags));
178 check_for_pipe(fname);
182 fsp->fd = -1; /* What we used to call a stat open. */
184 if (!VALID_STAT(*psbuf)) {
188 ret = vfs_stat(conn, fname, psbuf);
190 ret = vfs_fstat(fsp,fsp->fd,psbuf);
191 /* If we have an fd, this stat should succeed. */
193 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) ));
196 /* For a non-io open, this stat failing means file not found. JRA */
204 * POSIX allows read-only opens of directories. We don't
205 * want to do this (we use a different code path for this)
206 * so catch a directory open and return an EISDIR. JRA.
209 if(S_ISDIR(psbuf->st_mode)) {
215 fsp->mode = psbuf->st_mode;
216 fsp->inode = psbuf->st_ino;
217 fsp->dev = psbuf->st_dev;
218 fsp->vuid = current_user.vuid;
219 fsp->size = psbuf->st_size;
221 fsp->can_lock = True;
222 fsp->can_read = ((flags & O_WRONLY)==0);
223 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
225 fsp->desired_access = desired_access;
226 fsp->print_file = False;
227 fsp->modified = False;
228 fsp->oplock_type = NO_OPLOCK;
229 fsp->sent_oplock_break = NO_BREAK_SENT;
230 fsp->is_directory = False;
231 fsp->is_stat = False;
232 fsp->directory_delete_on_close = False;
233 string_set(&fsp->fsp_name,fname);
234 fsp->wcp = NULL; /* Write cache pointer. */
236 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
237 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
238 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
239 conn->num_files_open + 1));
244 /****************************************************************************
246 Helper for open_file_shared.
247 Truncate a file after checking locking; close file if locked.
248 **************************************************************************/
250 static int truncate_unless_locked(struct connection_struct *conn, files_struct *fsp)
252 SMB_BIG_UINT mask = (SMB_BIG_UINT)-1;
254 if (is_locked(fsp,fsp->conn,mask,0,WRITE_LOCK,True)){
256 unix_ERR_class = ERRDOS;
257 unix_ERR_code = ERRlock;
260 return conn->vfs_ops.ftruncate(fsp,fsp->fd,0);
264 /*******************************************************************
265 return True if the filename is one of the special executable types
266 ********************************************************************/
267 static BOOL is_executable(const char *fname)
269 if ((fname = strrchr_m(fname,'.'))) {
270 if (strequal(fname,".com") ||
271 strequal(fname,".dll") ||
272 strequal(fname,".exe") ||
273 strequal(fname,".sym")) {
280 enum {AFAIL,AREAD,AWRITE,AALL};
282 /*******************************************************************
283 reproduce the share mode access table
284 this is horrendoously complex, and really can't be justified on any
285 rational grounds except that this is _exactly_ what NT does. See
286 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
288 ********************************************************************/
289 static int access_table(int new_deny,int old_deny,int old_mode,
290 BOOL same_pid, BOOL isexe)
292 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
295 if (isexe && old_mode == DOS_OPEN_RDONLY &&
296 old_deny == DENY_DOS && new_deny == DENY_READ) {
299 if (!isexe && old_mode == DOS_OPEN_RDONLY &&
300 old_deny == DENY_DOS && new_deny == DENY_DOS) {
303 if (new_deny == DENY_FCB && old_deny == DENY_DOS) {
304 if (isexe) return AFAIL;
305 if (old_mode == DOS_OPEN_RDONLY) return AFAIL;
308 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) {
309 if (new_deny == DENY_FCB || new_deny == DENY_READ) {
310 if (isexe) return AREAD;
314 if (old_deny == DENY_FCB) {
315 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL;
320 if (old_deny == DENY_DOS || new_deny == DENY_DOS ||
321 old_deny == DENY_FCB || new_deny == DENY_FCB) {
323 if (old_deny == DENY_FCB || new_deny == DENY_FCB) {
326 if (old_deny == DENY_DOS) {
327 if (new_deny == DENY_READ &&
328 (old_mode == DOS_OPEN_RDONLY ||
329 old_mode == DOS_OPEN_RDWR)) {
332 if (new_deny == DENY_WRITE &&
333 (old_mode == DOS_OPEN_WRONLY ||
334 old_mode == DOS_OPEN_RDWR)) {
339 if (old_deny == DENY_NONE) return AALL;
340 if (old_deny == DENY_READ) return AWRITE;
341 if (old_deny == DENY_WRITE) return AREAD;
343 /* it isn't a exe, dll, sym or com file */
344 if (old_deny == new_deny && same_pid)
347 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL;
348 if (old_mode == DOS_OPEN_RDONLY) return(AREAD);
356 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD);
357 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE);
358 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL);
361 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD);
362 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE);
363 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL);
366 if (old_deny==DENY_WRITE) return(AREAD);
367 if (old_deny==DENY_READ) return(AWRITE);
368 if (old_deny==DENY_NONE) return(AALL);
375 /****************************************************************************
376 check if we can open a file with a share mode
377 ****************************************************************************/
379 static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access,
380 const char *fname, BOOL fcbopen, int *flags)
382 int deny_mode = GET_DENY_MODE(share_mode);
383 int old_open_mode = GET_OPEN_MODE(share->share_mode);
384 int old_deny_mode = GET_DENY_MODE(share->share_mode);
387 * share modes = false means don't bother to check for
388 * DENY mode conflict. This is a *really* bad idea :-). JRA.
391 if(!lp_share_modes(SNUM(conn)))
395 * Don't allow any opens once the delete on close flag has been
399 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) {
400 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
402 unix_ERR_class = ERRDOS;
403 unix_ERR_code = ERRnoaccess;
404 unix_ERR_ntstatus = NT_STATUS_DELETE_PENDING;
408 /* this is a nasty hack, but necessary until we rewrite our open
409 handling to use a NTCreateX call as the basic call.
410 NT may open a file with neither read nor write access, and in
411 this case it expects the open not to conflict with any
412 existing deny modes. This happens (for example) during a
413 "xcopy /o" where the second file descriptor is used for
419 * This is a bit wierd - the test for desired access not having the
420 * critical bits seems seems odd. Firstly, if both opens have no
421 * critical bits then always ignore. Then check the "allow delete"
422 * then check for either. This probably isn't quite right yet but
423 * gets us much closer. JRA.
427 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
428 * and the existing desired_acces then share modes don't conflict.
431 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) &&
432 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
435 * Wrinkle discovered by smbtorture....
436 * If both are non-io open and requester is asking for delete and current open has delete access
437 * but neither open has allowed file share delete then deny.... this is very strange and
438 * seems to be the only case in which non-io opens conflict. JRA.
441 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) &&
442 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) {
443 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
445 unix_ERR_class = ERRDOS;
446 unix_ERR_code = ERRbadshare;
451 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
452 and existing desired access (0x%x) are non-data opens\n",
453 fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
458 * If delete access was requested and the existing share mode doesn't have
459 * ALLOW_SHARE_DELETE then deny.
462 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) {
463 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
465 unix_ERR_class = ERRDOS;
466 unix_ERR_code = ERRbadshare;
472 * The inverse of the above.
473 * If delete access was granted and the new share mode doesn't have
474 * ALLOW_SHARE_DELETE then deny.
477 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) {
478 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
480 unix_ERR_class = ERRDOS;
481 unix_ERR_code = ERRbadshare;
487 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
488 * then share modes don't conflict. Likewise with existing desired access.
491 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
492 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
493 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
494 existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access ));
499 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
500 (share->pid == sys_getpid()),is_executable(fname));
502 if ((access_allowed == AFAIL) ||
503 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
504 (access_allowed == AREAD && *flags != O_RDONLY) ||
505 (access_allowed == AWRITE && *flags != O_WRONLY)) {
507 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
508 deny_mode,old_deny_mode,old_open_mode,
509 (int)share->pid,fname, fcbopen, *flags, access_allowed));
511 unix_ERR_class = ERRDOS;
512 unix_ERR_code = ERRbadshare;
517 if (access_allowed == AREAD)
520 if (access_allowed == AWRITE)
528 /****************************************************************************
529 Deal with open deny mode and oplock break processing.
530 Invarient: Share mode must be locked on entry and exit.
531 Returns -1 on error, or number of share modes on success (may be zero).
532 ****************************************************************************/
534 static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev,
536 uint32 desired_access,
537 int share_mode, int *p_flags, int *p_oplock_request,
538 BOOL *p_all_current_opens_are_level_II)
542 int oplock_contention_count = 0;
543 share_mode_entry *old_shares = 0;
544 BOOL fcbopen = False;
547 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB)
550 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
552 if(num_share_modes == 0)
556 * Check if the share modes will give us access.
560 share_mode_entry broken_entry;
562 broke_oplock = False;
563 *p_all_current_opens_are_level_II = True;
565 for(i = 0; i < num_share_modes; i++) {
566 share_mode_entry *share_entry = &old_shares[i];
569 * By observation of NetBench, oplocks are broken *before* share
570 * modes are checked. This allows a file to be closed by the client
571 * if the share mode would deny access and the client has an oplock.
572 * Check if someone has an oplock on this file. If so we must break
573 * it before continuing.
576 if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) ||
577 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) {
581 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
582 dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode));
584 /* Oplock break - unlock to request it. */
585 unlock_share_entry(conn, dev, inode);
587 opb_ret = request_oplock_break(share_entry, False);
590 lock_share_entry(conn, dev, inode);
592 if(opb_ret == False) {
593 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
594 dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode));
595 SAFE_FREE(old_shares);
597 unix_ERR_class = ERRDOS;
598 unix_ERR_code = ERRbadshare;
603 broken_entry = *share_entry;
606 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) {
607 *p_all_current_opens_are_level_II = False;
610 /* someone else has a share lock on it, check to see if we can too */
611 if (!check_share_mode(conn, share_entry, share_mode, desired_access,
612 fname, fcbopen, p_flags)) {
613 SAFE_FREE(old_shares);
621 SAFE_FREE(old_shares);
622 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
623 oplock_contention_count++;
625 /* Paranoia check that this is no longer an exlusive entry. */
626 for(i = 0; i < num_share_modes; i++) {
627 share_mode_entry *share_entry = &old_shares[i];
629 if (share_modes_identical(&broken_entry, share_entry) &&
630 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) {
633 * This should not happen. The target left this oplock
634 * as exlusive.... The process *must* be dead....
637 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
638 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry.pid, fname, (unsigned int)dev, (double)inode));
640 if (process_exists(broken_entry.pid)) {
641 DEBUG(0,("open_mode_check: Existent process %d left active oplock.\n",
645 if (del_share_entry(dev, inode, &broken_entry, NULL) == -1) {
647 unix_ERR_class = ERRDOS;
648 unix_ERR_code = ERRbadshare;
653 * We must reload the share modes after deleting the
654 * other process's entry.
657 SAFE_FREE(old_shares);
658 num_share_modes = get_share_modes(conn, dev, inode, &old_shares);
661 } /* end for paranoia... */
662 } /* end if broke_oplock */
664 } while(broke_oplock);
667 SAFE_FREE(old_shares);
670 * Refuse to grant an oplock in case the contention limit is
671 * reached when going through the lock list multiple times.
674 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) {
675 *p_oplock_request = 0;
676 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
677 oplock_contention_count ));
680 return num_share_modes;
683 /****************************************************************************
684 set a kernel flock on a file for NFS interoperability
685 this requires a patch to Linux
686 ****************************************************************************/
687 static void kernel_flock(files_struct *fsp, int deny_mode)
689 #if HAVE_KERNEL_SHARE_MODES
691 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE;
692 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ;
693 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND;
694 if (kernel_mode) flock(fsp->fd, kernel_mode);
700 static BOOL open_match_attributes(connection_struct *conn, char *path, mode_t existing_mode,
701 mode_t new_mode, mode_t *returned_mode)
703 uint32 old_dos_mode, new_dos_mode;
704 uint32 noarch_old_dos_mode, noarch_new_dos_mode;
705 SMB_STRUCT_STAT sbuf;
709 sbuf.st_mode = existing_mode;
710 old_dos_mode = dos_mode(conn, path, &sbuf);
712 sbuf.st_mode = new_mode;
713 new_dos_mode = dos_mode(conn, path, &sbuf);
715 noarch_old_dos_mode = (old_dos_mode & ~FILE_ATTRIBUTE_ARCHIVE);
716 noarch_new_dos_mode = (new_dos_mode & ~FILE_ATTRIBUTE_ARCHIVE);
718 if((noarch_old_dos_mode == 0 && noarch_new_dos_mode != 0) ||
719 (noarch_old_dos_mode != 0 && ((noarch_old_dos_mode & noarch_new_dos_mode) == noarch_old_dos_mode)))
720 *returned_mode = new_mode;
722 *returned_mode = (mode_t)0;
724 DEBUG(10,("open_match_attributes: file %s old_dos_mode = 0x%x, existing_mode = 0%o, new_dos_mode = 0x%x returned_mode = 0%o\n",
726 old_dos_mode, (unsigned int)existing_mode, new_dos_mode, (unsigned int)*returned_mode ));
728 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
729 if (lp_map_system(SNUM(conn))) {
730 if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) && !(new_dos_mode & FILE_ATTRIBUTE_SYSTEM))
733 if (lp_map_hidden(SNUM(conn))) {
734 if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) && !(new_dos_mode & FILE_ATTRIBUTE_HIDDEN))
740 /****************************************************************************
741 Open a file with a share mode.
742 ****************************************************************************/
744 files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
745 int share_mode,int ofun, mode_t mode,int oplock_request,
746 int *Access,int *action)
748 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, mode,
749 oplock_request, Access, action);
752 /****************************************************************************
753 Open a file with a share mode.
754 ****************************************************************************/
756 files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf,
757 uint32 desired_access,
758 int share_mode,int ofun, mode_t mode,int oplock_request,
759 int *Access,int *action)
763 int deny_mode = GET_DENY_MODE(share_mode);
764 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode);
765 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
766 BOOL file_existed = VALID_STAT(*psbuf);
767 BOOL fcbopen = False;
768 BOOL def_acl = False;
771 int num_share_modes = 0;
772 BOOL all_current_opens_are_level_II = False;
773 BOOL fsp_open = False;
774 files_struct *fsp = NULL;
777 mode_t new_mode = (mode_t)0;
780 /* printers are handled completely differently. Most of the passed parameters are
783 *Access = DOS_OPEN_WRONLY;
785 *action = FILE_WAS_CREATED;
786 return print_fsp_open(conn, fname);
789 fsp = file_new(conn);
793 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
794 fname, share_mode, ofun, (int)mode, oplock_request ));
796 if (!check_name(fname,conn)) {
801 /* ignore any oplock requests if oplocks are disabled */
802 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) {
806 /* this is for OS/2 EAs - try and say we don't support them */
807 if (strstr(fname,".+,;=[].")) {
808 unix_ERR_class = ERRDOS;
809 /* OS/2 Workplace shell fix may be main code stream in a later release. */
810 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
811 unix_ERR_code = ERRcannotopen;
812 #else /* OS2_WPS_FIX */
813 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
814 #endif /* OS2_WPS_FIX */
816 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
821 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) {
822 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
829 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST))
832 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE))
835 /* We only care about matching attributes on file exists and truncate. */
836 if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) {
837 if (!open_match_attributes(conn, fname, psbuf->st_mode, mode, &new_mode)) {
838 DEBUG(5,("open_file_shared: attributes missmatch for file %s (0%o, 0%o)\n",
839 fname, psbuf->st_mode, mode ));
846 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL)
849 /* note that we ignore the append flag as
850 append does not mean the same thing under dos and unix */
852 switch (GET_OPEN_MODE(share_mode)) {
853 case DOS_OPEN_WRONLY:
855 if (desired_access == 0)
856 desired_access = FILE_WRITE_DATA;
861 if (desired_access == 0)
862 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
866 if (desired_access == 0)
867 desired_access = FILE_READ_DATA|FILE_WRITE_DATA;
871 if (desired_access == 0)
872 desired_access = FILE_READ_DATA;
877 if (GET_FILE_SYNC_OPENMODE(share_mode)) {
882 if (flags != O_RDONLY && file_existed &&
883 (!CAN_WRITE(conn) || IS_DOS_READONLY(dos_mode(conn,fname,psbuf)))) {
885 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
886 fname, !CAN_WRITE(conn) ? "share" : "file" ));
894 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) {
895 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
904 inode = psbuf->st_ino;
906 lock_share_entry(conn, dev, inode);
908 num_share_modes = open_mode_check(conn, fname, dev, inode,
911 &flags, &oplock_request, &all_current_opens_are_level_II);
912 if(num_share_modes == -1) {
915 * This next line is a subtlety we need for MS-Access. If a file open will
916 * fail due to share permissions and also for security (access)
917 * reasons, we need to return the access failed error, not the
918 * share error. This means we must attempt to open the file anyway
919 * in order to get the UNIX access error - even if we're going to
920 * fail the open for share reasons. This is bad, as we're burning
921 * another fd if there are existing locks but there's nothing else
922 * we can do. We also ensure we're not going to create or tuncate
923 * the file as we only want an access decision at this stage. JRA.
925 fsp_open = open_file(fsp,conn,fname,psbuf,
926 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access);
928 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
929 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
930 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open ));
932 unlock_share_entry(conn, dev, inode);
940 * We exit this block with the share entry *locked*.....
945 * Ensure we pay attention to default ACLs on directories if required.
948 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
949 (def_acl = directory_has_default_acl(conn, parent_dirname(fname))))
952 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
953 flags,flags2,(int)mode));
956 * open_file strips any O_TRUNC flags itself.
959 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access);
961 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) {
962 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True)
968 unlock_share_entry(conn, dev, inode);
974 * Deal with the race condition where two smbd's detect the file doesn't
975 * exist and do the create at the same time. One of them will win and
976 * set a share mode, the other (ie. this one) should check if the
977 * requested share mode for this create is allowed.
982 lock_share_entry_fsp(fsp);
984 num_share_modes = open_mode_check(conn, fname, dev, inode,
987 &flags, &oplock_request, &all_current_opens_are_level_II);
989 if(num_share_modes == -1) {
990 unlock_share_entry_fsp(fsp);
997 * If there are any share modes set then the file *did*
998 * exist. Ensure we return the correct value for action.
1001 if (num_share_modes > 0)
1002 file_existed = True;
1005 * We exit this block with the share entry *locked*.....
1009 /* note that we ignore failure for the following. It is
1010 basically a hack for NFS, and NFS will never set one of
1011 these only read them. Nobody but Samba can ever set a deny
1012 mode and we have already checked our more authoritative
1013 locking database for permission to set this deny mode. If
1014 the kernel refuses the operations then the kernel is wrong */
1015 kernel_flock(fsp, deny_mode);
1018 * At this point onwards, we can guarentee that the share entry
1019 * is locked, whether we created the file or not, and that the
1020 * deny mode is compatible with all current opens.
1024 * If requested, truncate the file.
1027 if (flags2&O_TRUNC) {
1029 * We are modifing the file after open - update the stat struct..
1031 if ((truncate_unless_locked(conn,fsp) == -1) || (vfs_fstat(fsp,fsp->fd,psbuf)==-1)) {
1032 unlock_share_entry_fsp(fsp);
1041 open_mode = DOS_OPEN_RDONLY;
1044 open_mode = DOS_OPEN_RDWR;
1047 open_mode = DOS_OPEN_WRONLY;
1051 fsp->share_mode = SET_DENY_MODE(deny_mode) |
1052 SET_OPEN_MODE(open_mode) |
1053 SET_ALLOW_SHARE_DELETE(allow_share_delete);
1055 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode ));
1058 (*Access) = open_mode;
1061 if (file_existed && !(flags2 & O_TRUNC))
1062 *action = FILE_WAS_OPENED;
1064 *action = FILE_WAS_CREATED;
1065 if (file_existed && (flags2 & O_TRUNC))
1066 *action = FILE_WAS_OVERWRITTEN;
1070 * Setup the oplock info in both the shared memory and
1074 if(oplock_request && (num_share_modes == 0) &&
1075 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) {
1076 port = global_oplock_port;
1077 } else if (oplock_request && all_current_opens_are_level_II) {
1078 port = global_oplock_port;
1079 oplock_request = LEVEL_II_OPLOCK;
1080 set_file_oplock(fsp, oplock_request);
1086 set_share_mode(fsp, port, oplock_request);
1088 if (delete_on_close) {
1089 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1091 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1092 /* Remember to delete the mode we just added. */
1093 del_share_mode(fsp, NULL);
1094 unlock_share_entry_fsp(fsp);
1102 * Take care of inherited ACLs on created files - if default ACL not
1106 if (!file_existed && !def_acl && (conn->vfs_ops.fchmod_acl != NULL)) {
1108 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1110 if (conn->vfs_ops.fchmod_acl(fsp, fsp->fd, mode) == -1 && errno == ENOSYS)
1111 errno = saved_errno; /* Ignore ENOSYS */
1113 } else if (new_mode) {
1117 /* Attributes need changing. File already existed. */
1119 if (conn->vfs_ops.fchmod_acl != NULL) {
1120 int saved_errno = errno; /* We might get ENOSYS in the next call.. */
1121 ret = conn->vfs_ops.fchmod_acl(fsp, fsp->fd, new_mode);
1123 if (ret == -1 && errno == ENOSYS) {
1124 errno = saved_errno; /* Ignore ENOSYS */
1126 DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n",
1127 fname, (int)new_mode));
1128 ret = 0; /* Don't do the fchmod below. */
1132 if ((ret == -1) && (conn->vfs_ops.fchmod(fsp, fsp->fd, new_mode) == -1))
1133 DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n",
1134 fname, (int)new_mode));
1137 unlock_share_entry_fsp(fsp);
1139 conn->num_files_open++;
1144 /****************************************************************************
1145 Open a file for for write to ensure that we can fchmod it.
1146 ****************************************************************************/
1148 files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf)
1150 files_struct *fsp = NULL;
1153 if (!VALID_STAT(*psbuf))
1156 fsp = file_new(conn);
1160 /* note! we must use a non-zero desired access or we don't get
1161 a real file descriptor. Oh what a twisted web we weave. */
1162 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA);
1165 * This is not a user visible file open.
1166 * Don't set a share mode and don't increment
1167 * the conn->num_files_open.
1178 /****************************************************************************
1179 Close the fchmod file fd - ensure no locks are lost.
1180 ****************************************************************************/
1182 int close_file_fchmod(files_struct *fsp)
1184 int ret = fd_close(fsp->conn, fsp);
1189 /****************************************************************************
1190 Open a directory from an NT SMB call.
1191 ****************************************************************************/
1193 files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf,
1194 uint32 desired_access, int share_mode, int smb_ofun, mode_t unixmode, int *action)
1196 extern struct current_user current_user;
1197 BOOL got_stat = False;
1198 files_struct *fsp = file_new(conn);
1199 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode);
1204 if (VALID_STAT(*psbuf))
1207 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) {
1209 errno = EEXIST; /* Setup so correct error is returned to client. */
1213 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) {
1217 if(!S_ISDIR(psbuf->st_mode)) {
1218 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1223 *action = FILE_WAS_OPENED;
1228 * Try and create the directory.
1231 if(!CAN_WRITE(conn)) {
1232 DEBUG(2,("open_directory: failing create on read-only share\n"));
1238 if(vfs_mkdir(conn,fname, unix_mode(conn,aDIR, fname)) < 0) {
1239 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1240 fname, strerror(errno) ));
1245 if(vfs_stat(conn,fname, psbuf) != 0) {
1250 *action = FILE_WAS_CREATED;
1256 * Don't create - just check that it *was* a directory.
1260 DEBUG(3,("open_directory: unable to stat name = %s. Error was %s\n",
1261 fname, strerror(errno) ));
1266 if(!S_ISDIR(psbuf->st_mode)) {
1267 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1272 *action = FILE_WAS_OPENED;
1275 DEBUG(5,("open_directory: opening directory %s\n", fname));
1278 * Setup the files_struct for it.
1281 fsp->mode = psbuf->st_mode;
1282 fsp->inode = psbuf->st_ino;
1283 fsp->dev = psbuf->st_dev;
1284 fsp->size = psbuf->st_size;
1285 fsp->vuid = current_user.vuid;
1287 fsp->can_lock = True;
1288 fsp->can_read = False;
1289 fsp->can_write = False;
1290 fsp->share_mode = share_mode;
1291 fsp->desired_access = desired_access;
1292 fsp->print_file = False;
1293 fsp->modified = False;
1294 fsp->oplock_type = NO_OPLOCK;
1295 fsp->sent_oplock_break = NO_BREAK_SENT;
1296 fsp->is_directory = True;
1297 fsp->is_stat = False;
1298 fsp->directory_delete_on_close = False;
1299 string_set(&fsp->fsp_name,fname);
1301 if (delete_on_close) {
1302 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close);
1304 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) {
1309 conn->num_files_open++;
1314 /****************************************************************************
1315 Open a pseudo-file (no locking checks - a 'stat' open).
1316 ****************************************************************************/
1318 files_struct *open_file_stat(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf)
1320 extern struct current_user current_user;
1321 files_struct *fsp = NULL;
1323 if (!VALID_STAT(*psbuf))
1326 /* Can't 'stat' open directories. */
1327 if(S_ISDIR(psbuf->st_mode))
1330 fsp = file_new(conn);
1334 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
1337 * Setup the files_struct for it.
1340 fsp->mode = psbuf->st_mode;
1342 * Don't store dev or inode, we don't want any iterator
1345 fsp->inode = (SMB_INO_T)0;
1346 fsp->dev = (SMB_DEV_T)0;
1347 fsp->size = psbuf->st_size;
1348 fsp->vuid = current_user.vuid;
1350 fsp->can_lock = False;
1351 fsp->can_read = False;
1352 fsp->can_write = False;
1353 fsp->share_mode = 0;
1354 fsp->desired_access = 0;
1355 fsp->print_file = False;
1356 fsp->modified = False;
1357 fsp->oplock_type = NO_OPLOCK;
1358 fsp->sent_oplock_break = NO_BREAK_SENT;
1359 fsp->is_directory = False;
1360 fsp->is_stat = True;
1361 fsp->directory_delete_on_close = False;
1362 string_set(&fsp->fsp_name,fname);
1364 conn->num_files_open++;
git.samba.org / tprouty / samba.git / blob