2 Unix SMB/Netbios implementation.
4 file opening and share modes
5 Copyright (C) Andrew Tridgell 1992-1998
6 Copyright (C) Jeremy Allison 2001
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern userdom_struct current_user_info
;
26 extern uint16 global_oplock_port
;
27 extern BOOL global_client_failed_oplock_break
;
29 /****************************************************************************
30 fd support routines - attempt to do a dos_open.
31 ****************************************************************************/
33 static int fd_open(struct connection_struct
*conn
, char *fname
,
34 int flags
, mode_t mode
)
39 if (!lp_symlinks(SNUM(conn
)))
43 fd
= conn
->vfs_ops
.open(conn
,dos_to_unix_static(fname
),flags
,mode
);
45 /* Fix for files ending in '.' */
46 if((fd
== -1) && (errno
== ENOENT
) &&
47 (strchr(fname
,'.')==NULL
)) {
49 fd
= conn
->vfs_ops
.open(conn
,dos_to_unix_static(fname
),flags
,mode
);
52 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname
,
53 flags
, (int)mode
, fd
, (fd
== -1) ? strerror(errno
) : "" ));
58 /****************************************************************************
59 Close the file associated with a fsp.
60 ****************************************************************************/
62 int fd_close(struct connection_struct
*conn
, files_struct
*fsp
)
65 return 0; /* what we used to call a stat open. */
66 return fd_close_posix(conn
, fsp
);
70 /****************************************************************************
71 Check a filename for the pipe string.
72 ****************************************************************************/
74 static void check_for_pipe(char *fname
)
76 /* special case of pipe opens */
78 StrnCpy(s
,fname
,sizeof(s
)-1);
80 if (strstr(s
,"pipe/")) {
81 DEBUG(3,("Rejecting named pipe open for %s\n",fname
));
82 unix_ERR_class
= ERRSRV
;
83 unix_ERR_code
= ERRaccess
;
87 /****************************************************************************
89 ****************************************************************************/
91 static BOOL
open_file(files_struct
*fsp
,connection_struct
*conn
,
92 const char *fname1
,SMB_STRUCT_STAT
*psbuf
,int flags
,mode_t mode
, uint32 desired_access
)
94 extern struct current_user current_user
;
96 int accmode
= (flags
& O_ACCMODE
);
97 int local_flags
= flags
;
100 fsp
->oplock_type
= NO_OPLOCK
;
103 pstrcpy(fname
,fname1
);
105 /* Check permissions */
108 * This code was changed after seeing a client open request
109 * containing the open mode of (DENY_WRITE/read-only) with
110 * the 'create if not exist' bit set. The previous code
111 * would fail to open the file read only on a read-only share
112 * as it was checking the flags parameter directly against O_RDONLY,
113 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
117 if (!CAN_WRITE(conn
)) {
118 /* It's a read-only share - fail if we wanted to write. */
119 if(accmode
!= O_RDONLY
) {
120 DEBUG(3,("Permission denied opening %s\n",fname
));
121 check_for_pipe(fname
);
123 } else if(flags
& O_CREAT
) {
124 /* We don't want to write - but we must make sure that O_CREAT
125 doesn't create the file if we have write access into the
133 * This little piece of insanity is inspired by the
134 * fact that an NT client can open a file for O_RDONLY,
135 * but set the create disposition to FILE_EXISTS_TRUNCATE.
136 * If the client *can* write to the file, then it expects to
137 * truncate the file, even though it is opening for readonly.
138 * Quicken uses this stupid trick in backup file creation...
139 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
140 * for helping track this one down. It didn't bite us in 2.0.x
141 * as we always opened files read-write in that release. JRA.
144 if ((accmode
== O_RDONLY
) && ((flags
& O_TRUNC
) == O_TRUNC
))
145 local_flags
= (flags
& ~O_ACCMODE
)|O_RDWR
;
148 * We can't actually truncate here as the file may be locked.
149 * open_file_shared will take care of the truncate later. JRA.
152 local_flags
&= ~O_TRUNC
;
154 /* actually do the open */
156 if ((desired_access
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ||
157 (local_flags
& O_CREAT
)) {
159 fsp
->fd
= fd_open(conn
, fname
, local_flags
, mode
);
162 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n",
163 fname
,strerror(errno
),local_flags
,flags
));
164 check_for_pipe(fname
);
168 fsp
->fd
= -1; /* What we used to call a stat open. */
170 if (!VALID_STAT(*psbuf
)) {
174 ret
= vfs_stat(conn
, fname
, psbuf
);
176 ret
= vfs_fstat(fsp
,fsp
->fd
,psbuf
);
177 /* If we have an fd, this stat should succeed. */
179 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname
,strerror(errno
) ));
182 /* For a non-io open, this stat failing means file not found. JRA */
190 * POSIX allows read-only opens of directories. We don't
191 * want to do this (we use a different code path for this)
192 * so catch a directory open and return an EISDIR. JRA.
195 if(S_ISDIR(psbuf
->st_mode
)) {
201 fsp
->mode
= psbuf
->st_mode
;
202 fsp
->inode
= psbuf
->st_ino
;
203 fsp
->dev
= psbuf
->st_dev
;
204 fsp
->vuid
= current_user
.vuid
;
205 fsp
->size
= psbuf
->st_size
;
207 fsp
->can_lock
= True
;
208 fsp
->can_read
= ((flags
& O_WRONLY
)==0);
209 fsp
->can_write
= ((flags
& (O_WRONLY
|O_RDWR
))!=0);
211 fsp
->desired_access
= desired_access
;
212 fsp
->print_file
= False
;
213 fsp
->modified
= False
;
214 fsp
->oplock_type
= NO_OPLOCK
;
215 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
216 fsp
->is_directory
= False
;
217 fsp
->directory_delete_on_close
= False
;
220 * Note that the file name here is the *untranslated* name
221 * ie. it is still in the DOS codepage sent from the client.
222 * All use of this filename will pass though the sys_xxxx
223 * functions which will do the dos_to_unix translation before
224 * mapping into a UNIX filename. JRA.
226 string_set(&fsp
->fsp_name
,fname
);
227 fsp
->wbmpx_ptr
= NULL
;
228 fsp
->wcp
= NULL
; /* Write cache pointer. */
230 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
231 *current_user_info
.smb_name
? current_user_info
.smb_name
: conn
->user
,fsp
->fsp_name
,
232 BOOLSTR(fsp
->can_read
), BOOLSTR(fsp
->can_write
),
233 conn
->num_files_open
+ 1));
238 /****************************************************************************
240 Helper for open_file_shared.
241 Truncate a file after checking locking; close file if locked.
242 **************************************************************************/
244 static int truncate_unless_locked(struct connection_struct
*conn
, files_struct
*fsp
)
246 SMB_BIG_UINT mask
= (SMB_BIG_UINT
)-1;
248 if (is_locked(fsp
,fsp
->conn
,mask
,0,WRITE_LOCK
,True
)){
250 unix_ERR_class
= ERRDOS
;
251 unix_ERR_code
= ERRlock
;
254 return conn
->vfs_ops
.ftruncate(fsp
,fsp
->fd
,0);
258 /*******************************************************************
259 return True if the filename is one of the special executable types
260 ********************************************************************/
261 static BOOL
is_executable(const char *fname
)
263 if ((fname
= strrchr(fname
,'.'))) {
264 if (strequal(fname
,".com") ||
265 strequal(fname
,".dll") ||
266 strequal(fname
,".exe") ||
267 strequal(fname
,".sym")) {
274 enum {AFAIL
,AREAD
,AWRITE
,AALL
};
276 /*******************************************************************
277 reproduce the share mode access table
278 this is horrendoously complex, and really can't be justified on any
279 rational grounds except that this is _exactly_ what NT does. See
280 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of
282 ********************************************************************/
283 static int access_table(int new_deny
,int old_deny
,int old_mode
,
284 BOOL same_pid
, BOOL isexe
)
286 if (new_deny
== DENY_ALL
|| old_deny
== DENY_ALL
) return(AFAIL
);
289 if (isexe
&& old_mode
== DOS_OPEN_RDONLY
&&
290 old_deny
== DENY_DOS
&& new_deny
== DENY_READ
) {
293 if (!isexe
&& old_mode
== DOS_OPEN_RDONLY
&&
294 old_deny
== DENY_DOS
&& new_deny
== DENY_DOS
) {
297 if (new_deny
== DENY_FCB
&& old_deny
== DENY_DOS
) {
298 if (isexe
) return AFAIL
;
299 if (old_mode
== DOS_OPEN_RDONLY
) return AFAIL
;
302 if (old_mode
== DOS_OPEN_RDONLY
&& old_deny
== DENY_DOS
) {
303 if (new_deny
== DENY_FCB
|| new_deny
== DENY_READ
) {
304 if (isexe
) return AREAD
;
308 if (old_deny
== DENY_FCB
) {
309 if (new_deny
== DENY_DOS
|| new_deny
== DENY_FCB
) return AALL
;
314 if (old_deny
== DENY_DOS
|| new_deny
== DENY_DOS
||
315 old_deny
== DENY_FCB
|| new_deny
== DENY_FCB
) {
317 if (old_deny
== DENY_FCB
|| new_deny
== DENY_FCB
) {
320 if (old_deny
== DENY_DOS
) {
321 if (new_deny
== DENY_READ
&&
322 (old_mode
== DOS_OPEN_RDONLY
||
323 old_mode
== DOS_OPEN_RDWR
)) {
326 if (new_deny
== DENY_WRITE
&&
327 (old_mode
== DOS_OPEN_WRONLY
||
328 old_mode
== DOS_OPEN_RDWR
)) {
333 if (old_deny
== DENY_NONE
) return AALL
;
334 if (old_deny
== DENY_READ
) return AWRITE
;
335 if (old_deny
== DENY_WRITE
) return AREAD
;
337 /* it isn't a exe, dll, sym or com file */
338 if (old_deny
== new_deny
&& same_pid
)
341 if (old_deny
== DENY_READ
|| new_deny
== DENY_READ
) return AFAIL
;
342 if (old_mode
== DOS_OPEN_RDONLY
) return(AREAD
);
350 if (old_deny
==DENY_WRITE
&& old_mode
==DOS_OPEN_RDONLY
) return(AREAD
);
351 if (old_deny
==DENY_READ
&& old_mode
==DOS_OPEN_RDONLY
) return(AWRITE
);
352 if (old_deny
==DENY_NONE
&& old_mode
==DOS_OPEN_RDONLY
) return(AALL
);
355 if (old_deny
==DENY_WRITE
&& old_mode
==DOS_OPEN_WRONLY
) return(AREAD
);
356 if (old_deny
==DENY_READ
&& old_mode
==DOS_OPEN_WRONLY
) return(AWRITE
);
357 if (old_deny
==DENY_NONE
&& old_mode
==DOS_OPEN_WRONLY
) return(AALL
);
360 if (old_deny
==DENY_WRITE
) return(AREAD
);
361 if (old_deny
==DENY_READ
) return(AWRITE
);
362 if (old_deny
==DENY_NONE
) return(AALL
);
369 /****************************************************************************
370 check if we can open a file with a share mode
371 ****************************************************************************/
373 static BOOL
check_share_mode(connection_struct
*conn
, share_mode_entry
*share
, int share_mode
, uint32 desired_access
,
374 const char *fname
, BOOL fcbopen
, int *flags
)
376 int deny_mode
= GET_DENY_MODE(share_mode
);
377 int old_open_mode
= GET_OPEN_MODE(share
->share_mode
);
378 int old_deny_mode
= GET_DENY_MODE(share
->share_mode
);
381 * share modes = false means don't bother to check for
382 * DENY mode conflict. This is a *really* bad idea :-). JRA.
385 if(!lp_share_modes(SNUM(conn
)))
389 * Don't allow any opens once the delete on close flag has been
393 if (GET_DELETE_ON_CLOSE_FLAG(share
->share_mode
)) {
394 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n",
396 unix_ERR_class
= ERRDOS
;
397 unix_ERR_code
= ERRnoaccess
;
401 /* this is a nasty hack, but necessary until we rewrite our open
402 handling to use a NTCreateX call as the basic call.
403 NT may open a file with neither read nor write access, and in
404 this case it expects the open not to conflict with any
405 existing deny modes. This happens (for example) during a
406 "xcopy /o" where the second file descriptor is used for
412 * This is a bit wierd - the test for desired access not having the
413 * critical bits seems seems odd. Firstly, if both opens have no
414 * critical bits then always ignore. Then check the "allow delete"
415 * then check for either. This probably isn't quite right yet but
416 * gets us much closer. JRA.
420 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
421 * and the existing desired_acces then share modes don't conflict.
424 if ( !(desired_access
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) &&
425 !(share
->desired_access
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ) {
428 * Wrinkle discovered by smbtorture....
429 * If both are non-io open and requester is asking for delete and current open has delete access
430 * but neither open has allowed file share delete then deny.... this is very strange and
431 * seems to be the only case in which non-io opens conflict. JRA.
434 if ((desired_access
& DELETE_ACCESS
) && (share
->desired_access
& DELETE_ACCESS
) &&
435 (!GET_ALLOW_SHARE_DELETE(share
->share_mode
) || !GET_ALLOW_SHARE_DELETE(share_mode
))) {
436 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n",
438 unix_ERR_class
= ERRDOS
;
439 unix_ERR_code
= ERRbadshare
;
444 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \
445 and existing desired access (0x%x) are non-data opens\n",
446 fname
, (unsigned int)desired_access
, (unsigned int)share
->desired_access
));
451 * If delete access was requested and the existing share mode doesn't have
452 * ALLOW_SHARE_DELETE then deny.
455 if ((desired_access
& DELETE_ACCESS
) && !GET_ALLOW_SHARE_DELETE(share
->share_mode
)) {
456 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n",
458 unix_ERR_class
= ERRDOS
;
459 unix_ERR_code
= ERRbadshare
;
465 * The inverse of the above.
466 * If delete access was granted and the new share mode doesn't have
467 * ALLOW_SHARE_DELETE then deny.
470 if ((share
->desired_access
& DELETE_ACCESS
) && !GET_ALLOW_SHARE_DELETE(share_mode
)) {
471 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n",
473 unix_ERR_class
= ERRDOS
;
474 unix_ERR_code
= ERRbadshare
;
480 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE
481 * then share modes don't conflict. Likewise with existing desired access.
484 if ( !(desired_access
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ||
485 !(share
->desired_access
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ) {
486 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with\
487 existing desired access (0x%x).\n", fname
, (unsigned int)desired_access
, (unsigned int)share
->desired_access
));
492 int access_allowed
= access_table(deny_mode
,old_deny_mode
,old_open_mode
,
493 (share
->pid
== sys_getpid()),is_executable(fname
));
495 if ((access_allowed
== AFAIL
) ||
496 (!fcbopen
&& (access_allowed
== AREAD
&& *flags
== O_RDWR
)) ||
497 (access_allowed
== AREAD
&& *flags
!= O_RDONLY
) ||
498 (access_allowed
== AWRITE
&& *flags
!= O_WRONLY
)) {
500 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
501 deny_mode
,old_deny_mode
,old_open_mode
,
502 (int)share
->pid
,fname
, fcbopen
, *flags
, access_allowed
));
504 unix_ERR_class
= ERRDOS
;
505 unix_ERR_code
= ERRbadshare
;
510 if (access_allowed
== AREAD
)
513 if (access_allowed
== AWRITE
)
521 /****************************************************************************
522 Deal with open deny mode and oplock break processing.
523 Invarient: Share mode must be locked on entry and exit.
524 Returns -1 on error, or number of share modes on success (may be zero).
525 ****************************************************************************/
527 static int open_mode_check(connection_struct
*conn
, const char *fname
, SMB_DEV_T dev
,
529 uint32 desired_access
,
530 int share_mode
, int *p_flags
, int *p_oplock_request
,
531 BOOL
*p_all_current_opens_are_level_II
)
535 int oplock_contention_count
= 0;
536 share_mode_entry
*old_shares
= 0;
537 BOOL fcbopen
= False
;
540 if(GET_OPEN_MODE(share_mode
) == DOS_OPEN_FCB
)
543 num_share_modes
= get_share_modes(conn
, dev
, inode
, &old_shares
);
545 if(num_share_modes
== 0)
549 * Check if the share modes will give us access.
553 share_mode_entry broken_entry
;
555 broke_oplock
= False
;
556 *p_all_current_opens_are_level_II
= True
;
558 for(i
= 0; i
< num_share_modes
; i
++) {
559 share_mode_entry
*share_entry
= &old_shares
[i
];
562 * By observation of NetBench, oplocks are broken *before* share
563 * modes are checked. This allows a file to be closed by the client
564 * if the share mode would deny access and the client has an oplock.
565 * Check if someone has an oplock on this file. If so we must break
566 * it before continuing.
569 if((*p_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(share_entry
->op_type
)) ||
570 (!*p_oplock_request
&& (share_entry
->op_type
!= NO_OPLOCK
))) {
574 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \
575 dev = %x, inode = %.0f\n", *p_oplock_request
, share_entry
->op_type
, fname
, (unsigned int)dev
, (double)inode
));
577 /* Oplock break - unlock to request it. */
578 unlock_share_entry(conn
, dev
, inode
);
580 opb_ret
= request_oplock_break(share_entry
);
583 lock_share_entry(conn
, dev
, inode
);
585 if(opb_ret
== False
) {
586 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \
587 dev = %x, inode = %.0f\n", old_shares
[i
].op_type
, fname
, (unsigned int)dev
, (double)inode
));
588 SAFE_FREE(old_shares
);
590 unix_ERR_class
= ERRDOS
;
591 unix_ERR_code
= ERRbadshare
;
596 broken_entry
= *share_entry
;
599 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry
->op_type
)) {
600 *p_all_current_opens_are_level_II
= False
;
603 /* someone else has a share lock on it, check to see if we can too */
604 if (!check_share_mode(conn
, share_entry
, share_mode
, desired_access
,
605 fname
, fcbopen
, p_flags
)) {
606 SAFE_FREE(old_shares
);
614 SAFE_FREE(old_shares
);
615 num_share_modes
= get_share_modes(conn
, dev
, inode
, &old_shares
);
616 oplock_contention_count
++;
618 /* Paranoia check that this is no longer an exlusive entry. */
619 for(i
= 0; i
< num_share_modes
; i
++) {
620 share_mode_entry
*share_entry
= &old_shares
[i
];
622 if (share_modes_identical(&broken_entry
, share_entry
) &&
623 EXCLUSIVE_OPLOCK_TYPE(share_entry
->op_type
) ) {
626 * This should not happen. The target left this oplock
627 * as exlusive.... The process *must* be dead....
630 DEBUG(0,("open_mode_check: exlusive oplock left by process %d after break ! For file %s, \
631 dev = %x, inode = %.0f. Deleting it to continue...\n", (int)broken_entry
.pid
, fname
, (unsigned int)dev
, (double)inode
));
633 if (process_exists(broken_entry
.pid
)) {
634 DEBUG(0,("open_mode_check: Existent process %u left active oplock.\n",
635 (unsigned int)broken_entry
.pid
));
638 if (del_share_entry(dev
, inode
, &broken_entry
, NULL
) == -1) {
640 unix_ERR_class
= ERRDOS
;
641 unix_ERR_code
= ERRbadshare
;
646 * We must reload the share modes after deleting the
647 * other process's entry.
650 SAFE_FREE(old_shares
);
651 num_share_modes
= get_share_modes(conn
, dev
, inode
, &old_shares
);
654 } /* end for paranoia... */
655 } /* end if broke_oplock */
657 } while(broke_oplock
);
659 SAFE_FREE(old_shares
);
662 * Refuse to grant an oplock in case the contention limit is
663 * reached when going through the lock list multiple times.
666 if(oplock_contention_count
>= lp_oplock_contention_limit(SNUM(conn
))) {
667 *p_oplock_request
= 0;
668 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n",
669 oplock_contention_count
));
672 return num_share_modes
;
675 /****************************************************************************
676 set a kernel flock on a file for NFS interoperability
677 this requires a patch to Linux
678 ****************************************************************************/
679 static void kernel_flock(files_struct
*fsp
, int deny_mode
)
681 #if HAVE_KERNEL_SHARE_MODES
683 if (deny_mode
== DENY_READ
) kernel_mode
= LOCK_MAND
|LOCK_WRITE
;
684 else if (deny_mode
== DENY_WRITE
) kernel_mode
= LOCK_MAND
|LOCK_READ
;
685 else if (deny_mode
== DENY_ALL
) kernel_mode
= LOCK_MAND
;
686 if (kernel_mode
) flock(fsp
->fd
, kernel_mode
);
692 /****************************************************************************
693 Open a file with a share mode - old method.
694 ****************************************************************************/
696 files_struct
*open_file_shared(connection_struct
*conn
,char *fname
, SMB_STRUCT_STAT
*psbuf
,
697 int share_mode
,int ofun
, mode_t mode
,int oplock_request
, int *Access
,int *action
)
699 return open_file_shared1(conn
, fname
, psbuf
, 0, share_mode
, ofun
, mode
,
700 oplock_request
, Access
, action
);
703 /****************************************************************************
704 Open a file with a share mode - called from NTCreateAndX.
705 ****************************************************************************/
707 files_struct
*open_file_shared1(connection_struct
*conn
,char *fname
, SMB_STRUCT_STAT
*psbuf
,
708 uint32 desired_access
,
709 int share_mode
,int ofun
, mode_t mode
,int oplock_request
,
710 int *Access
,int *action
)
714 int deny_mode
= GET_DENY_MODE(share_mode
);
715 BOOL allow_share_delete
= GET_ALLOW_SHARE_DELETE(share_mode
);
716 BOOL delete_on_close
= GET_DELETE_ON_CLOSE_FLAG(share_mode
);
717 BOOL file_existed
= VALID_STAT(*psbuf
);
718 BOOL fcbopen
= False
;
719 BOOL def_acl
= False
;
722 int num_share_modes
= 0;
723 BOOL all_current_opens_are_level_II
= False
;
724 BOOL fsp_open
= False
;
725 files_struct
*fsp
= NULL
;
730 /* printers are handled completely differently. Most
731 of the passed parameters are ignored */
733 *Access
= DOS_OPEN_WRONLY
;
735 *action
= FILE_WAS_CREATED
;
736 return print_fsp_open(conn
, fname
);
739 fsp
= file_new(conn
);
743 DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n",
744 fname
, share_mode
, ofun
, (int)mode
, oplock_request
));
746 if (!check_name(fname
,conn
)) {
751 /* ignore any oplock requests if oplocks are disabled */
752 if (!lp_oplocks(SNUM(conn
)) || global_client_failed_oplock_break
) {
756 /* this is for OS/2 EAs - try and say we don't support them */
757 if (strstr(fname
,".+,;=[].")) {
758 unix_ERR_class
= ERRDOS
;
759 /* OS/2 Workplace shell fix may be main code stream in a later release. */
760 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
761 unix_ERR_code
= ERRcannotopen
;
762 #else /* OS2_WPS_FIX */
763 unix_ERR_code
= ERROR_EAS_NOT_SUPPORTED
;
764 #endif /* OS2_WPS_FIX */
766 DEBUG(5,("open_file_shared: OS/2 EA's are not supported.\n"));
771 if ((GET_FILE_OPEN_DISPOSITION(ofun
) == FILE_EXISTS_FAIL
) && file_existed
) {
772 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n",
779 if (CAN_WRITE(conn
) && (GET_FILE_CREATE_DISPOSITION(ofun
) == FILE_CREATE_IF_NOT_EXIST
))
782 if (CAN_WRITE(conn
) && (GET_FILE_OPEN_DISPOSITION(ofun
) == FILE_EXISTS_TRUNCATE
))
785 if (GET_FILE_OPEN_DISPOSITION(ofun
) == FILE_EXISTS_FAIL
)
788 /* note that we ignore the append flag as
789 append does not mean the same thing under dos and unix */
791 switch (GET_OPEN_MODE(share_mode
)) {
792 case DOS_OPEN_WRONLY
:
794 if (desired_access
== 0)
795 desired_access
= FILE_WRITE_DATA
;
800 if (desired_access
== 0)
801 desired_access
= FILE_READ_DATA
|FILE_WRITE_DATA
;
805 if (desired_access
== 0)
806 desired_access
= FILE_READ_DATA
|FILE_WRITE_DATA
;
810 if (desired_access
== 0)
811 desired_access
= FILE_READ_DATA
;
816 if (GET_FILE_SYNC_OPENMODE(share_mode
)) {
821 if (flags
!= O_RDONLY
&& file_existed
&&
822 (!CAN_WRITE(conn
) || IS_DOS_READONLY(dos_mode(conn
,fname
,psbuf
)))) {
824 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n",
825 fname
, !CAN_WRITE(conn
) ? "share" : "file" ));
833 if (deny_mode
> DENY_NONE
&& deny_mode
!=DENY_FCB
) {
834 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode
,fname
));
843 inode
= psbuf
->st_ino
;
845 lock_share_entry(conn
, dev
, inode
);
847 num_share_modes
= open_mode_check(conn
, fname
, dev
, inode
,
848 desired_access
, share_mode
,
849 &flags
, &oplock_request
, &all_current_opens_are_level_II
);
851 if(num_share_modes
== -1) {
854 * This next line is a subtlety we need for MS-Access. If a file open will
855 * fail due to share permissions and also for security (access)
856 * reasons, we need to return the access failed error, not the
857 * share error. This means we must attempt to open the file anyway
858 * in order to get the UNIX access error - even if we're going to
859 * fail the open for share reasons. This is bad, as we're burning
860 * another fd if there are existing locks but there's nothing else
861 * we can do. We also ensure we're not going to create or tuncate
862 * the file as we only want an access decision at this stage. JRA.
864 fsp_open
= open_file(fsp
,conn
,fname
,psbuf
,
865 flags
|(flags2
&~(O_TRUNC
|O_CREAT
)),mode
,desired_access
);
867 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \
868 flags=0x%X flags2=0x%X mode=0%o returned %d\n",
869 flags
,(flags2
&~(O_TRUNC
|O_CREAT
)),(int)mode
,(int)fsp_open
));
871 unlock_share_entry(conn
, dev
, inode
);
879 * We exit this block with the share entry *locked*.....
884 * Ensure we pay attention to default ACLs on directories if required.
887 if ((flags2
& O_CREAT
) && lp_inherit_acls(SNUM(conn
)) &&
888 (def_acl
= directory_has_default_acl(conn
, dos_to_unix_static(parent_dirname(fname
)))))
891 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
892 flags
,flags2
,(int)mode
));
895 * open_file strips any O_TRUNC flags itself.
898 fsp_open
= open_file(fsp
,conn
,fname
,psbuf
,flags
|flags2
,mode
,desired_access
);
900 if (!fsp_open
&& (flags
== O_RDWR
) && (errno
!= ENOENT
) && fcbopen
) {
901 if((fsp_open
= open_file(fsp
,conn
,fname
,psbuf
,O_RDONLY
,mode
,desired_access
)) == True
)
907 unlock_share_entry(conn
, dev
, inode
);
913 * Deal with the race condition where two smbd's detect the file doesn't
914 * exist and do the create at the same time. One of them will win and
915 * set a share mode, the other (ie. this one) should check if the
916 * requested share mode for this create is allowed.
921 lock_share_entry_fsp(fsp
);
923 num_share_modes
= open_mode_check(conn
, fname
, dev
, inode
,
924 desired_access
, share_mode
,
925 &flags
, &oplock_request
, &all_current_opens_are_level_II
);
927 if(num_share_modes
== -1) {
928 unlock_share_entry_fsp(fsp
);
935 * If there are any share modes set then the file *did*
936 * exist. Ensure we return the correct value for action.
939 if (num_share_modes
> 0)
943 * We exit this block with the share entry *locked*.....
947 /* note that we ignore failure for the following. It is
948 basically a hack for NFS, and NFS will never set one of
949 these only read them. Nobody but Samba can ever set a deny
950 mode and we have already checked our more authoritative
951 locking database for permission to set this deny mode. If
952 the kernel refuses the operations then the kernel is wrong */
953 kernel_flock(fsp
, deny_mode
);
956 * At this point onwards, we can guarentee that the share entry
957 * is locked, whether we created the file or not, and that the
958 * deny mode is compatible with all current opens.
962 * If requested, truncate the file.
965 if (flags2
&O_TRUNC
) {
967 * We are modifing the file after open - update the stat struct..
969 if ((truncate_unless_locked(conn
,fsp
) == -1) || (vfs_fstat(fsp
,fsp
->fd
,psbuf
)==-1)) {
970 unlock_share_entry_fsp(fsp
);
979 open_mode
= DOS_OPEN_RDONLY
;
982 open_mode
= DOS_OPEN_RDWR
;
985 open_mode
= DOS_OPEN_WRONLY
;
989 fsp
->share_mode
= SET_DENY_MODE(deny_mode
) |
990 SET_OPEN_MODE(open_mode
) |
991 SET_ALLOW_SHARE_DELETE(allow_share_delete
);
993 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp
->share_mode
));
996 (*Access
) = open_mode
;
999 if (file_existed
&& !(flags2
& O_TRUNC
))
1000 *action
= FILE_WAS_OPENED
;
1002 *action
= FILE_WAS_CREATED
;
1003 if (file_existed
&& (flags2
& O_TRUNC
))
1004 *action
= FILE_WAS_OVERWRITTEN
;
1008 * Setup the oplock info in both the shared memory and
1012 if(oplock_request
&& (num_share_modes
== 0) &&
1013 !IS_VETO_OPLOCK_PATH(conn
,fname
) && set_file_oplock(fsp
, oplock_request
) ) {
1014 port
= global_oplock_port
;
1015 } else if (oplock_request
&& all_current_opens_are_level_II
) {
1016 port
= global_oplock_port
;
1017 oplock_request
= LEVEL_II_OPLOCK
;
1018 set_file_oplock(fsp
, oplock_request
);
1024 set_share_mode(fsp
, port
, oplock_request
);
1026 if (delete_on_close
) {
1027 NTSTATUS result
= set_delete_on_close_internal(fsp
, delete_on_close
);
1029 if (NT_STATUS_V(result
) != NT_STATUS_V(NT_STATUS_OK
)) {
1030 /* Remember to delete the mode we just added. */
1031 del_share_mode(fsp
, NULL
);
1032 unlock_share_entry_fsp(fsp
);
1040 * Take care of inherited ACLs on created files - if default ACL not
1044 if (!file_existed
&& !def_acl
&& (conn
->vfs_ops
.fchmod_acl
!= NULL
)) {
1045 int saved_errno
= errno
; /* We might get ENOSYS in the next call.. */
1046 if (conn
->vfs_ops
.fchmod_acl(fsp
, fsp
->fd
, mode
) == -1 && errno
== ENOSYS
)
1047 errno
= saved_errno
; /* Ignore ENOSYS */
1050 unlock_share_entry_fsp(fsp
);
1052 conn
->num_files_open
++;
1057 /****************************************************************************
1058 Open a file for for write to ensure that we can fchmod it.
1059 ****************************************************************************/
1061 files_struct
*open_file_fchmod(connection_struct
*conn
, const char *fname
, SMB_STRUCT_STAT
*psbuf
)
1063 files_struct
*fsp
= NULL
;
1066 if (!VALID_STAT(*psbuf
))
1069 fsp
= file_new(conn
);
1073 /* note! we must use a non-zero desired access or we don't get
1074 a real file descriptor. Oh what a twisted web we weave. */
1075 fsp_open
= open_file(fsp
,conn
,fname
,psbuf
,O_WRONLY
,0,FILE_WRITE_DATA
);
1078 * This is not a user visible file open.
1079 * Don't set a share mode and don't increment
1080 * the conn->num_files_open.
1091 /****************************************************************************
1092 Close the fchmod file fd - ensure no locks are lost.
1093 ****************************************************************************/
1095 int close_file_fchmod(files_struct
*fsp
)
1097 int ret
= fd_close(fsp
->conn
, fsp
);
1102 /****************************************************************************
1103 Open a directory from an NT SMB call.
1104 ****************************************************************************/
1106 files_struct
*open_directory(connection_struct
*conn
, char *fname
, SMB_STRUCT_STAT
*psbuf
,
1107 uint32 desired_access
, int share_mode
, int smb_ofun
, mode_t unixmode
, int *action
)
1109 extern struct current_user current_user
;
1110 BOOL got_stat
= False
;
1111 files_struct
*fsp
= file_new(conn
);
1112 BOOL delete_on_close
= GET_DELETE_ON_CLOSE_FLAG(share_mode
);
1117 fsp
->conn
= conn
; /* The vfs_fXXX() macros need this. */
1119 if (VALID_STAT(*psbuf
))
1122 if (got_stat
&& (GET_FILE_OPEN_DISPOSITION(smb_ofun
) == FILE_EXISTS_FAIL
)) {
1124 errno
= EEXIST
; /* Setup so correct error is returned to client. */
1128 if (GET_FILE_CREATE_DISPOSITION(smb_ofun
) == FILE_CREATE_IF_NOT_EXIST
) {
1132 if(!S_ISDIR(psbuf
->st_mode
)) {
1133 DEBUG(0,("open_directory: %s is not a directory !\n", fname
));
1138 *action
= FILE_WAS_OPENED
;
1143 * Try and create the directory.
1146 if(!CAN_WRITE(conn
)) {
1147 DEBUG(2,("open_directory: failing create on read-only share\n"));
1153 if(vfs_mkdir(conn
,fname
, unix_mode(conn
,aDIR
, fname
)) < 0) {
1154 DEBUG(2,("open_directory: unable to create %s. Error was %s\n",
1155 fname
, strerror(errno
) ));
1160 if(vfs_stat(conn
,fname
, psbuf
) != 0) {
1165 *action
= FILE_WAS_CREATED
;
1171 * Don't create - just check that it *was* a directory.
1175 DEBUG(0,("open_directory: unable to stat name = %s. Error was %s\n",
1176 fname
, strerror(errno
) ));
1181 if(!S_ISDIR(psbuf
->st_mode
)) {
1182 DEBUG(0,("open_directory: %s is not a directory !\n", fname
));
1187 *action
= FILE_WAS_OPENED
;
1190 DEBUG(5,("open_directory: opening directory %s\n", fname
));
1193 * Setup the files_struct for it.
1196 fsp
->mode
= psbuf
->st_mode
;
1197 fsp
->inode
= psbuf
->st_ino
;
1198 fsp
->dev
= psbuf
->st_dev
;
1199 fsp
->size
= psbuf
->st_size
;
1200 fsp
->vuid
= current_user
.vuid
;
1202 fsp
->can_lock
= True
;
1203 fsp
->can_read
= False
;
1204 fsp
->can_write
= False
;
1205 fsp
->share_mode
= share_mode
;
1206 fsp
->desired_access
= desired_access
;
1207 fsp
->print_file
= False
;
1208 fsp
->modified
= False
;
1209 fsp
->oplock_type
= NO_OPLOCK
;
1210 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
1211 fsp
->is_directory
= True
;
1212 fsp
->directory_delete_on_close
= False
;
1215 if (delete_on_close
) {
1216 NTSTATUS result
= set_delete_on_close_internal(fsp
, delete_on_close
);
1218 if (NT_STATUS_V(result
) != NT_STATUS_V(NT_STATUS_OK
)) {
1225 * Note that the file name here is the *untranslated* name
1226 * ie. it is still in the DOS codepage sent from the client.
1227 * All use of this filename will pass though the sys_xxxx
1228 * functions which will do the dos_to_unix translation before
1229 * mapping into a UNIX filename. JRA.
1231 string_set(&fsp
->fsp_name
,fname
);
1232 fsp
->wbmpx_ptr
= NULL
;
1234 conn
->num_files_open
++;
1240 Old code
- I have replaced with correct desired_access checking
. JRA
.
1242 /*******************************************************************
1243 Check if the share mode on a file allows it to be deleted or unlinked.
1244 Return True if sharing doesn't prevent the operation.
1245 ********************************************************************/
1247 BOOL
check_file_sharing(connection_struct
*conn
,char *fname
, BOOL rename_op
)
1251 share_mode_entry
*old_shares
= 0;
1252 int num_share_modes
;
1253 SMB_STRUCT_STAT sbuf
;
1254 pid_t pid
= sys_getpid();
1258 if (vfs_stat(conn
,fname
,&sbuf
) == -1)
1262 inode
= sbuf
.st_ino
;
1264 lock_share_entry(conn
, dev
, inode
);
1265 num_share_modes
= get_share_modes(conn
, dev
, inode
, &old_shares
);
1268 * Check if the share modes will give us access.
1271 if(num_share_modes
!= 0) {
1276 broke_oplock
= False
;
1277 for(i
= 0; i
< num_share_modes
; i
++) {
1278 share_mode_entry
*share_entry
= &old_shares
[i
];
1281 * Break oplocks before checking share modes. See comment in
1282 * open_file_shared for details.
1283 * Check if someone has an oplock on this file. If so we must
1284 * break it before continuing.
1286 if(BATCH_OPLOCK_TYPE(share_entry
->op_type
)) {
1288 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1289 dev = %x, inode = %.0f\n", share_entry
->op_type
, fname
, (unsigned int)dev
, (double)inode
));
1291 /* Oplock break.... */
1292 unlock_share_entry(conn
, dev
, inode
);
1294 if(request_oplock_break(share_entry
) == False
) {
1295 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1296 dev = %x, inode = %.0f\n", old_shares
[i
].op_type
, fname
, (unsigned int)dev
, (double)inode
));
1298 SAFE_FREE(old_shares
);
1301 lock_share_entry(conn
, dev
, inode
);
1302 broke_oplock
= True
;
1307 * If this is a delete request and ALLOW_SHARE_DELETE is set then allow
1308 * this to proceed. This takes precedence over share modes.
1311 if(!rename_op
&& GET_ALLOW_SHARE_DELETE(share_entry
->share_mode
))
1315 * Someone else has a share lock on it, check to see
1318 if ((GET_DENY_MODE(share_entry
->share_mode
) != DENY_DOS
) ||
1319 (share_entry
->pid
!= pid
))
1325 SAFE_FREE(old_shares
);
1326 num_share_modes
= get_share_modes(conn
, dev
, inode
, &old_shares
);
1328 } while(broke_oplock
);
1332 * XXXX exactly what share mode combinations should be allowed for
1333 * deleting/renaming?
1337 * If we got here then either there were no share modes or
1338 * all share modes were DENY_DOS and the pid == getpid() or
1339 * delete access was requested and all share modes had the
1340 * ALLOW_SHARE_DELETE bit set (takes precedence over other
1348 unlock_share_entry(conn
, dev
, inode
);
1349 SAFE_FREE(old_shares
);