search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ensure set_ea cannot set invalid Windows EA names.
[Samba.git] / source3 / smbd / dosmode.c
blob3152631f65b607568b90048f09e98f44b8364a3b
1 /*
2 Unix SMB/CIFS implementation.
3 dos mode handling functions
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) James Peach 2006
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "system/filesys.h"
23 #include "librpc/gen_ndr/ndr_xattr.h"
24 #include "../libcli/security/security.h"
25 #include "smbd/smbd.h"
26 #include "lib/param/loadparm.h"
27
28 static uint32_t filter_mode_by_protocol(uint32_t mode)
29 {
30 if (get_Protocol() <= PROTOCOL_LANMAN2) {
31 DEBUG(10,("filter_mode_by_protocol: "
32 "filtering result 0x%x to 0x%x\n",
33 (unsigned int)mode,
34 (unsigned int)(mode & 0x3f) ));
35 mode &= 0x3f;
36 }
37 return mode;
38 }
39
40 static int set_link_read_only_flag(const SMB_STRUCT_STAT *const sbuf)
41 {
42 #ifdef S_ISLNK
43 #if LINKS_READ_ONLY
44 if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
45 return FILE_ATTRIBUTE_READONLY;
46 #endif
47 #endif
48 return 0;
49 }
50
51 /****************************************************************************
52 Change a dos mode to a unix mode.
53 Base permission for files:
54 if creating file and inheriting (i.e. parent_dir != NULL)
55 apply read/write bits from parent directory.
56 else
57 everybody gets read bit set
58 dos readonly is represented in unix by removing everyone's write bit
59 dos archive is represented in unix by the user's execute bit
60 dos system is represented in unix by the group's execute bit
61 dos hidden is represented in unix by the other's execute bit
62 if !inheriting {
63 Then apply create mask,
64 then add force bits.
65 }
66 Base permission for directories:
67 dos directory is represented in unix by unix's dir bit and the exec bit
68 if !inheriting {
69 Then apply create mask,
70 then add force bits.
71 }
72 ****************************************************************************/
73
74 mode_t unix_mode(connection_struct *conn, int dosmode,
75 const struct smb_filename *smb_fname,
76 const char *inherit_from_dir)
77 {
78 mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
79 mode_t dir_mode = 0; /* Mode of the inherit_from directory if
80 * inheriting. */
81
82 if (!lp_store_dos_attributes(SNUM(conn)) && IS_DOS_READONLY(dosmode)) {
83 result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
84 }
85
86 if ((inherit_from_dir != NULL) && lp_inherit_perms(SNUM(conn))) {
87 struct smb_filename *smb_fname_parent = NULL;
88 NTSTATUS status;
89
90 DEBUG(2, ("unix_mode(%s) inheriting from %s\n",
91 smb_fname_str_dbg(smb_fname),
92 inherit_from_dir));
93
94 status = create_synthetic_smb_fname(talloc_tos(),
95 inherit_from_dir, NULL,
96 NULL, &smb_fname_parent);
97 if (!NT_STATUS_IS_OK(status)) {
98 DEBUG(1,("unix_mode(%s) failed, [dir %s]: %s\n",
99 smb_fname_str_dbg(smb_fname),
100 inherit_from_dir, nt_errstr(status)));
101 return(0);
102 }
103
104 if (SMB_VFS_STAT(conn, smb_fname_parent) != 0) {
105 DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n",
106 smb_fname_str_dbg(smb_fname),
107 inherit_from_dir, strerror(errno)));
108 TALLOC_FREE(smb_fname_parent);
109 return(0); /* *** shouldn't happen! *** */
110 }
111
112 /* Save for later - but explicitly remove setuid bit for safety. */
113 dir_mode = smb_fname_parent->st.st_ex_mode & ~S_ISUID;
114 DEBUG(2,("unix_mode(%s) inherit mode %o\n",
115 smb_fname_str_dbg(smb_fname), (int)dir_mode));
116 /* Clear "result" */
117 result = 0;
118 TALLOC_FREE(smb_fname_parent);
119 }
120
121 if (IS_DOS_DIR(dosmode)) {
122 /* We never make directories read only for the owner as under DOS a user
123 can always create a file in a read-only directory. */
124 result |= (S_IFDIR | S_IWUSR);
125
126 if (dir_mode) {
127 /* Inherit mode of parent directory. */
128 result |= dir_mode;
129 } else {
130 /* Provisionally add all 'x' bits */
131 result |= (S_IXUSR | S_IXGRP | S_IXOTH);
132
133 /* Apply directory mask */
134 result &= lp_dir_mask(SNUM(conn));
135 /* Add in force bits */
136 result |= lp_force_dir_mode(SNUM(conn));
137 }
138 } else {
139 if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
140 result |= S_IXUSR;
141
142 if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
143 result |= S_IXGRP;
144
145 if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
146 result |= S_IXOTH;
147
148 if (dir_mode) {
149 /* Inherit 666 component of parent directory mode */
150 result |= dir_mode & (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
151 } else {
152 /* Apply mode mask */
153 result &= lp_create_mask(SNUM(conn));
154 /* Add in force bits */
155 result |= lp_force_create_mode(SNUM(conn));
156 }
157 }
158
159 DEBUG(3,("unix_mode(%s) returning 0%o\n", smb_fname_str_dbg(smb_fname),
160 (int)result));
161 return(result);
162 }
163
164 /****************************************************************************
165 Change a unix mode to a dos mode.
166 ****************************************************************************/
167
168 static uint32 dos_mode_from_sbuf(connection_struct *conn,
169 const struct smb_filename *smb_fname)
170 {
171 int result = 0;
172 enum mapreadonly_options ro_opts = (enum mapreadonly_options)lp_map_readonly(SNUM(conn));
173
174 #if defined(UF_IMMUTABLE) && defined(SF_IMMUTABLE)
175 /* if we can find out if a file is immutable we should report it r/o */
176 if (smb_fname->st.st_ex_flags & (UF_IMMUTABLE | SF_IMMUTABLE)) {
177 result |= FILE_ATTRIBUTE_READONLY;
178 }
179 #endif
180 if (ro_opts == MAP_READONLY_YES) {
181 /* Original Samba method - map inverse of user "w" bit. */
182 if ((smb_fname->st.st_ex_mode & S_IWUSR) == 0) {
183 result |= FILE_ATTRIBUTE_READONLY;
184 }
185 } else if (ro_opts == MAP_READONLY_PERMISSIONS) {
186 /* Check actual permissions for read-only. */
187 if (!can_write_to_file(conn, smb_fname)) {
188 result |= FILE_ATTRIBUTE_READONLY;
189 }
190 } /* Else never set the readonly bit. */
191
192 if (MAP_ARCHIVE(conn) && ((smb_fname->st.st_ex_mode & S_IXUSR) != 0))
193 result |= FILE_ATTRIBUTE_ARCHIVE;
194
195 if (MAP_SYSTEM(conn) && ((smb_fname->st.st_ex_mode & S_IXGRP) != 0))
196 result |= FILE_ATTRIBUTE_SYSTEM;
197
198 if (MAP_HIDDEN(conn) && ((smb_fname->st.st_ex_mode & S_IXOTH) != 0))
199 result |= FILE_ATTRIBUTE_HIDDEN;
200
201 if (S_ISDIR(smb_fname->st.st_ex_mode))
202 result = FILE_ATTRIBUTE_DIRECTORY | (result & FILE_ATTRIBUTE_READONLY);
203
204 result |= set_link_read_only_flag(&smb_fname->st);
205
206 DEBUG(8,("dos_mode_from_sbuf returning "));
207
208 if (result & FILE_ATTRIBUTE_HIDDEN) DEBUG(8, ("h"));
209 if (result & FILE_ATTRIBUTE_READONLY ) DEBUG(8, ("r"));
210 if (result & FILE_ATTRIBUTE_SYSTEM) DEBUG(8, ("s"));
211 if (result & FILE_ATTRIBUTE_DIRECTORY ) DEBUG(8, ("d"));
212 if (result & FILE_ATTRIBUTE_ARCHIVE ) DEBUG(8, ("a"));
213
214 DEBUG(8,("\n"));
215 return result;
216 }
217
218 /****************************************************************************
219 Get DOS attributes from an EA.
220 This can also pull the create time into the stat struct inside smb_fname.
221 ****************************************************************************/
222
223 static bool get_ea_dos_attribute(connection_struct *conn,
224 struct smb_filename *smb_fname,
225 uint32 *pattr)
226 {
227 struct xattr_DOSATTRIB dosattrib;
228 enum ndr_err_code ndr_err;
229 DATA_BLOB blob;
230 ssize_t sizeret;
231 fstring attrstr;
232 uint32_t dosattr;
233
234 if (!lp_store_dos_attributes(SNUM(conn))) {
235 return False;
236 }
237
238 /* Don't reset pattr to zero as we may already have filename-based attributes we
239 need to preserve. */
240
241 sizeret = SMB_VFS_GETXATTR(conn, smb_fname->base_name,
242 SAMBA_XATTR_DOS_ATTRIB, attrstr,
243 sizeof(attrstr));
244 if (sizeret == -1) {
245 if (errno == ENOSYS
246 #if defined(ENOTSUP)
247 || errno == ENOTSUP) {
248 #else
249 ) {
250 #endif
251 DEBUG(1,("get_ea_dos_attribute: Cannot get attribute "
252 "from EA on file %s: Error = %s\n",
253 smb_fname_str_dbg(smb_fname),
254 strerror(errno)));
255 set_store_dos_attributes(SNUM(conn), False);
256 }
257 return False;
258 }
259
260 blob.data = (uint8_t *)attrstr;
261 blob.length = sizeret;
262
263 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
264 (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
265
266 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
267 DEBUG(1,("get_ea_dos_attribute: bad ndr decode "
268 "from EA on file %s: Error = %s\n",
269 smb_fname_str_dbg(smb_fname),
270 ndr_errstr(ndr_err)));
271 return false;
272 }
273
274 DEBUG(10,("get_ea_dos_attribute: %s attr = %s\n",
275 smb_fname_str_dbg(smb_fname), dosattrib.attrib_hex));
276
277 switch (dosattrib.version) {
278 case 0xFFFF:
279 dosattr = dosattrib.info.compatinfoFFFF.attrib;
280 break;
281 case 1:
282 dosattr = dosattrib.info.info1.attrib;
283 if (!null_nttime(dosattrib.info.info1.create_time)) {
284 struct timespec create_time =
285 nt_time_to_unix_timespec(
286 &dosattrib.info.info1.create_time);
287
288 update_stat_ex_create_time(&smb_fname->st,
289 create_time);
290
291 DEBUG(10,("get_ea_dos_attribute: file %s case 1 "
292 "set btime %s\n",
293 smb_fname_str_dbg(smb_fname),
294 time_to_asc(convert_timespec_to_time_t(
295 create_time)) ));
296 }
297 break;
298 case 2:
299 dosattr = dosattrib.info.oldinfo2.attrib;
300 /* Don't know what flags to check for this case. */
301 break;
302 case 3:
303 dosattr = dosattrib.info.info3.attrib;
304 if ((dosattrib.info.info3.valid_flags & XATTR_DOSINFO_CREATE_TIME) &&
305 !null_nttime(dosattrib.info.info3.create_time)) {
306 struct timespec create_time =
307 nt_time_to_unix_timespec(
308 &dosattrib.info.info3.create_time);
309
310 update_stat_ex_create_time(&smb_fname->st,
311 create_time);
312
313 DEBUG(10,("get_ea_dos_attribute: file %s case 3 "
314 "set btime %s\n",
315 smb_fname_str_dbg(smb_fname),
316 time_to_asc(convert_timespec_to_time_t(
317 create_time)) ));
318 }
319 break;
320 default:
321 DEBUG(1,("get_ea_dos_attribute: Badly formed DOSATTRIB on "
322 "file %s - %s\n", smb_fname_str_dbg(smb_fname),
323 attrstr));
324 return false;
325 }
326
327 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
328 dosattr |= FILE_ATTRIBUTE_DIRECTORY;
329 }
330 /* FILE_ATTRIBUTE_SPARSE is valid on get but not on set. */
331 *pattr = (uint32)(dosattr & (SAMBA_ATTRIBUTES_MASK|FILE_ATTRIBUTE_SPARSE));
332
333 DEBUG(8,("get_ea_dos_attribute returning (0x%x)", dosattr));
334
335 if (dosattr & FILE_ATTRIBUTE_HIDDEN) DEBUG(8, ("h"));
336 if (dosattr & FILE_ATTRIBUTE_READONLY ) DEBUG(8, ("r"));
337 if (dosattr & FILE_ATTRIBUTE_SYSTEM) DEBUG(8, ("s"));
338 if (dosattr & FILE_ATTRIBUTE_DIRECTORY ) DEBUG(8, ("d"));
339 if (dosattr & FILE_ATTRIBUTE_ARCHIVE ) DEBUG(8, ("a"));
340
341 DEBUG(8,("\n"));
342
343 return True;
344 }
345
346 /****************************************************************************
347 Set DOS attributes in an EA.
348 Also sets the create time.
349 ****************************************************************************/
350
351 static bool set_ea_dos_attribute(connection_struct *conn,
352 struct smb_filename *smb_fname,
353 uint32 dosmode)
354 {
355 struct xattr_DOSATTRIB dosattrib;
356 enum ndr_err_code ndr_err;
357 DATA_BLOB blob;
358
359 if (!lp_store_dos_attributes(SNUM(conn))) {
360 return False;
361 }
362
363 ZERO_STRUCT(dosattrib);
364 ZERO_STRUCT(blob);
365
366 dosattrib.version = 3;
367 dosattrib.info.info3.valid_flags = XATTR_DOSINFO_ATTRIB|
368 XATTR_DOSINFO_CREATE_TIME;
369 dosattrib.info.info3.attrib = dosmode;
370 unix_timespec_to_nt_time(&dosattrib.info.info3.create_time,
371 smb_fname->st.st_ex_btime);
372
373 DEBUG(10,("set_ea_dos_attributes: set attribute 0x%x, btime = %s on file %s\n",
374 (unsigned int)dosmode,
375 time_to_asc(convert_timespec_to_time_t(smb_fname->st.st_ex_btime)),
376 smb_fname_str_dbg(smb_fname) ));
377
378 ndr_err = ndr_push_struct_blob(
379 &blob, talloc_tos(), &dosattrib,
380 (ndr_push_flags_fn_t)ndr_push_xattr_DOSATTRIB);
381
382 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
383 DEBUG(5, ("create_acl_blob: ndr_push_xattr_DOSATTRIB failed: %s\n",
384 ndr_errstr(ndr_err)));
385 return false;
386 }
387
388 if (blob.data == NULL || blob.length == 0) {
389 return false;
390 }
391
392 if (SMB_VFS_SETXATTR(conn, smb_fname->base_name,
393 SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length,
394 0) == -1) {
395 bool ret = false;
396 files_struct *fsp = NULL;
397
398 if((errno != EPERM) && (errno != EACCES)) {
399 if (errno == ENOSYS
400 #if defined(ENOTSUP)
401 || errno == ENOTSUP) {
402 #else
403 ) {
404 #endif
405 DEBUG(1,("set_ea_dos_attributes: Cannot set "
406 "attribute EA on file %s: Error = %s\n",
407 smb_fname_str_dbg(smb_fname),
408 strerror(errno) ));
409 set_store_dos_attributes(SNUM(conn), False);
410 }
411 return false;
412 }
413
414 /* We want DOS semantics, ie allow non owner with write permission to change the
415 bits on a file. Just like file_ntimes below.
416 */
417
418 /* Check if we have write access. */
419 if(!CAN_WRITE(conn) || !lp_dos_filemode(SNUM(conn)))
420 return false;
421
422 if (!can_write_to_file(conn, smb_fname)) {
423 return false;
424 }
425
426 /*
427 * We need to open the file with write access whilst
428 * still in our current user context. This ensures we
429 * are not violating security in doing the setxattr.
430 */
431
432 if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
433 &fsp)))
434 return false;
435 become_root();
436 if (SMB_VFS_FSETXATTR(fsp,
437 SAMBA_XATTR_DOS_ATTRIB, blob.data,
438 blob.length, 0) == 0) {
439 ret = true;
440 }
441 unbecome_root();
442 close_file(NULL, fsp, NORMAL_CLOSE);
443 return ret;
444 }
445 DEBUG(10,("set_ea_dos_attribute: set EA 0x%x on file %s\n",
446 (unsigned int)dosmode,
447 smb_fname_str_dbg(smb_fname)));
448 return true;
449 }
450
451 /****************************************************************************
452 Change a unix mode to a dos mode for an ms dfs link.
453 ****************************************************************************/
454
455 uint32 dos_mode_msdfs(connection_struct *conn,
456 const struct smb_filename *smb_fname)
457 {
458 uint32 result = 0;
459
460 DEBUG(8,("dos_mode_msdfs: %s\n", smb_fname_str_dbg(smb_fname)));
461
462 if (!VALID_STAT(smb_fname->st)) {
463 return 0;
464 }
465
466 /* First do any modifications that depend on the path name. */
467 /* hide files with a name starting with a . */
468 if (lp_hide_dot_files(SNUM(conn))) {
469 const char *p = strrchr_m(smb_fname->base_name, '/');
470 if (p) {
471 p++;
472 } else {
473 p = smb_fname->base_name;
474 }
475
476 /* Only . and .. are not hidden. */
477 if (p[0] == '.' && !((p[1] == '\0') ||
478 (p[1] == '.' && p[2] == '\0'))) {
479 result |= FILE_ATTRIBUTE_HIDDEN;
480 }
481 }
482
483 result |= dos_mode_from_sbuf(conn, smb_fname);
484
485 /* Optimization : Only call is_hidden_path if it's not already
486 hidden. */
487 if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
488 IS_HIDDEN_PATH(conn, smb_fname->base_name)) {
489 result |= FILE_ATTRIBUTE_HIDDEN;
490 }
491
492 if (result == 0) {
493 result = FILE_ATTRIBUTE_NORMAL;
494 }
495
496 result = filter_mode_by_protocol(result);
497
498 DEBUG(8,("dos_mode_msdfs returning "));
499
500 if (result & FILE_ATTRIBUTE_HIDDEN) DEBUG(8, ("h"));
501 if (result & FILE_ATTRIBUTE_READONLY ) DEBUG(8, ("r"));
502 if (result & FILE_ATTRIBUTE_SYSTEM) DEBUG(8, ("s"));
503 if (result & FILE_ATTRIBUTE_DIRECTORY ) DEBUG(8, ("d"));
504 if (result & FILE_ATTRIBUTE_ARCHIVE ) DEBUG(8, ("a"));
505 if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
506
507 DEBUG(8,("\n"));
508
509 return(result);
510 }
511
512 #ifdef HAVE_STAT_DOS_FLAGS
513 /****************************************************************************
514 Convert dos attributes (FILE_ATTRIBUTE_*) to dos stat flags (UF_*)
515 ****************************************************************************/
516
517 int dos_attributes_to_stat_dos_flags(uint32_t dosmode)
518 {
519 uint32_t dos_stat_flags = 0;
520
521 if (dosmode & FILE_ATTRIBUTE_ARCHIVE)
522 dos_stat_flags |= UF_DOS_ARCHIVE;
523 if (dosmode & FILE_ATTRIBUTE_HIDDEN)
524 dos_stat_flags |= UF_DOS_HIDDEN;
525 if (dosmode & FILE_ATTRIBUTE_READONLY)
526 dos_stat_flags |= UF_DOS_RO;
527 if (dosmode & FILE_ATTRIBUTE_SYSTEM)
528 dos_stat_flags |= UF_DOS_SYSTEM;
529 if (dosmode & FILE_ATTRIBUTE_NONINDEXED)
530 dos_stat_flags |= UF_DOS_NOINDEX;
531
532 return dos_stat_flags;
533 }
534
535 /****************************************************************************
536 Gets DOS attributes, accessed via st_ex_flags in the stat struct.
537 ****************************************************************************/
538
539 static bool get_stat_dos_flags(connection_struct *conn,
540 const struct smb_filename *smb_fname,
541 uint32_t *dosmode)
542 {
543 SMB_ASSERT(VALID_STAT(smb_fname->st));
544 SMB_ASSERT(dosmode);
545
546 if (!lp_store_dos_attributes(SNUM(conn))) {
547 return false;
548 }
549
550 DEBUG(5, ("Getting stat dos attributes for %s.\n",
551 smb_fname_str_dbg(smb_fname)));
552
553 if (smb_fname->st.st_ex_flags & UF_DOS_ARCHIVE)
554 *dosmode |= FILE_ATTRIBUTE_ARCHIVE;
555 if (smb_fname->st.st_ex_flags & UF_DOS_HIDDEN)
556 *dosmode |= FILE_ATTRIBUTE_HIDDEN;
557 if (smb_fname->st.st_ex_flags & UF_DOS_RO)
558 *dosmode |= FILE_ATTRIBUTE_READONLY;
559 if (smb_fname->st.st_ex_flags & UF_DOS_SYSTEM)
560 *dosmode |= FILE_ATTRIBUTE_SYSTEM;
561 if (smb_fname->st.st_ex_flags & UF_DOS_NOINDEX)
562 *dosmode |= FILE_ATTRIBUTE_NONINDEXED;
563 if (smb_fname->st.st_ex_flags & FILE_ATTRIBUTE_SPARSE)
564 *dosmode |= FILE_ATTRIBUTE_SPARSE;
565 if (S_ISDIR(smb_fname->st.st_ex_mode))
566 *dosmode |= FILE_ATTRIBUTE_DIRECTORY;
567
568 *dosmode |= set_link_read_only_flag(&smb_fname->st);
569
570 return true;
571 }
572
573 /****************************************************************************
574 Sets DOS attributes, stored in st_ex_flags of the inode.
575 ****************************************************************************/
576
577 static bool set_stat_dos_flags(connection_struct *conn,
578 const struct smb_filename *smb_fname,
579 uint32_t dosmode,
580 bool *attributes_changed)
581 {
582 uint32_t new_flags = 0;
583 int error = 0;
584
585 SMB_ASSERT(VALID_STAT(smb_fname->st));
586 SMB_ASSERT(attributes_changed);
587
588 *attributes_changed = false;
589
590 if (!lp_store_dos_attributes(SNUM(conn))) {
591 return false;
592 }
593
594 DEBUG(5, ("Setting stat dos attributes for %s.\n",
595 smb_fname_str_dbg(smb_fname)));
596
597 new_flags = (smb_fname->st.st_ex_flags & ~UF_DOS_FLAGS) |
598 dos_attributes_to_stat_dos_flags(dosmode);
599
600 /* Return early if no flags changed. */
601 if (new_flags == smb_fname->st.st_ex_flags)
602 return true;
603
604 DEBUG(5, ("Setting stat dos attributes=0x%x, prev=0x%x\n", new_flags,
605 smb_fname->st.st_ex_flags));
606
607 /* Set new flags with chflags. */
608 error = SMB_VFS_CHFLAGS(conn, smb_fname->base_name, new_flags);
609 if (error) {
610 DEBUG(0, ("Failed setting new stat dos attributes (0x%x) on "
611 "file %s! errno=%d\n", new_flags,
612 smb_fname_str_dbg(smb_fname), errno));
613 return false;
614 }
615
616 *attributes_changed = true;
617 return true;
618 }
619 #endif /* HAVE_STAT_DOS_FLAGS */
620
621 /****************************************************************************
622 Change a unix mode to a dos mode.
623 May also read the create timespec into the stat struct in smb_fname
624 if "store dos attributes" is true.
625 ****************************************************************************/
626
627 uint32 dos_mode(connection_struct *conn, struct smb_filename *smb_fname)
628 {
629 uint32 result = 0;
630 bool offline, used_stat_dos_flags = false;
631
632 DEBUG(8,("dos_mode: %s\n", smb_fname_str_dbg(smb_fname)));
633
634 if (!VALID_STAT(smb_fname->st)) {
635 return 0;
636 }
637
638 /* First do any modifications that depend on the path name. */
639 /* hide files with a name starting with a . */
640 if (lp_hide_dot_files(SNUM(conn))) {
641 const char *p = strrchr_m(smb_fname->base_name,'/');
642 if (p) {
643 p++;
644 } else {
645 p = smb_fname->base_name;
646 }
647
648 /* Only . and .. are not hidden. */
649 if (p[0] == '.' && !((p[1] == '\0') ||
650 (p[1] == '.' && p[2] == '\0'))) {
651 result |= FILE_ATTRIBUTE_HIDDEN;
652 }
653 }
654
655 #ifdef HAVE_STAT_DOS_FLAGS
656 used_stat_dos_flags = get_stat_dos_flags(conn, smb_fname, &result);
657 #endif
658 if (!used_stat_dos_flags) {
659 /* Get the DOS attributes from an EA by preference. */
660 if (!get_ea_dos_attribute(conn, smb_fname, &result)) {
661 result |= dos_mode_from_sbuf(conn, smb_fname);
662 }
663 }
664
665 offline = SMB_VFS_IS_OFFLINE(conn, smb_fname, &smb_fname->st);
666 if (S_ISREG(smb_fname->st.st_ex_mode) && offline) {
667 result |= FILE_ATTRIBUTE_OFFLINE;
668 }
669
670 /* Optimization : Only call is_hidden_path if it's not already
671 hidden. */
672 if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
673 IS_HIDDEN_PATH(conn, smb_fname->base_name)) {
674 result |= FILE_ATTRIBUTE_HIDDEN;
675 }
676
677 if (result == 0) {
678 result = FILE_ATTRIBUTE_NORMAL;
679 }
680
681 result = filter_mode_by_protocol(result);
682
683 DEBUG(8,("dos_mode returning "));
684
685 if (result & FILE_ATTRIBUTE_HIDDEN) DEBUG(8, ("h"));
686 if (result & FILE_ATTRIBUTE_READONLY ) DEBUG(8, ("r"));
687 if (result & FILE_ATTRIBUTE_SYSTEM) DEBUG(8, ("s"));
688 if (result & FILE_ATTRIBUTE_DIRECTORY ) DEBUG(8, ("d"));
689 if (result & FILE_ATTRIBUTE_ARCHIVE ) DEBUG(8, ("a"));
690 if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
691
692 DEBUG(8,("\n"));
693
694 return(result);
695 }
696
697 /*******************************************************************
698 chmod a file - but preserve some bits.
699 If "store dos attributes" is also set it will store the create time
700 from the stat struct in smb_fname (in NTTIME format) in the EA
701 attribute also.
702 ********************************************************************/
703
704 int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname,
705 uint32 dosmode, const char *parent_dir, bool newfile)
706 {
707 int mask=0;
708 mode_t tmp;
709 mode_t unixmode;
710 int ret = -1, lret = -1;
711 uint32_t old_mode;
712 struct timespec new_create_timespec;
713 files_struct *fsp = NULL;
714
715 if (!CAN_WRITE(conn)) {
716 errno = EROFS;
717 return -1;
718 }
719
720 /* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
721 dosmode &= (SAMBA_ATTRIBUTES_MASK | FILE_ATTRIBUTE_OFFLINE);
722
723 DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n",
724 dosmode, smb_fname_str_dbg(smb_fname)));
725
726 unixmode = smb_fname->st.st_ex_mode;
727
728 get_acl_group_bits(conn, smb_fname->base_name,
729 &smb_fname->st.st_ex_mode);
730
731 if (S_ISDIR(smb_fname->st.st_ex_mode))
732 dosmode |= FILE_ATTRIBUTE_DIRECTORY;
733 else
734 dosmode &= ~FILE_ATTRIBUTE_DIRECTORY;
735
736 new_create_timespec = smb_fname->st.st_ex_btime;
737
738 old_mode = dos_mode(conn, smb_fname);
739
740 if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
741 if (!(old_mode & FILE_ATTRIBUTE_OFFLINE)) {
742 lret = SMB_VFS_SET_OFFLINE(conn, smb_fname);
743 if (lret == -1) {
744 DEBUG(0, ("set_dos_mode: client has asked to "
745 "set FILE_ATTRIBUTE_OFFLINE to "
746 "%s/%s but there was an error while "
747 "setting it or it is not "
748 "supported.\n", parent_dir,
749 smb_fname_str_dbg(smb_fname)));
750 }
751 }
752 }
753
754 dosmode &= ~FILE_ATTRIBUTE_OFFLINE;
755 old_mode &= ~FILE_ATTRIBUTE_OFFLINE;
756
757 smb_fname->st.st_ex_btime = new_create_timespec;
758
759 #ifdef HAVE_STAT_DOS_FLAGS
760 {
761 bool attributes_changed;
762
763 if (set_stat_dos_flags(conn, smb_fname, dosmode,
764 &attributes_changed))
765 {
766 if (!newfile && attributes_changed) {
767 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
768 FILE_NOTIFY_CHANGE_ATTRIBUTES,
769 smb_fname->base_name);
770 }
771 smb_fname->st.st_ex_mode = unixmode;
772 return 0;
773 }
774 }
775 #endif
776 /* Store the DOS attributes in an EA by preference. */
777 if (set_ea_dos_attribute(conn, smb_fname, dosmode)) {
778 if (!newfile) {
779 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
780 FILE_NOTIFY_CHANGE_ATTRIBUTES,
781 smb_fname->base_name);
782 }
783 smb_fname->st.st_ex_mode = unixmode;
784 return 0;
785 }
786
787 unixmode = unix_mode(conn, dosmode, smb_fname, parent_dir);
788
789 /* preserve the s bits */
790 mask |= (S_ISUID | S_ISGID);
791
792 /* preserve the t bit */
793 #ifdef S_ISVTX
794 mask |= S_ISVTX;
795 #endif
796
797 /* possibly preserve the x bits */
798 if (!MAP_ARCHIVE(conn))
799 mask |= S_IXUSR;
800 if (!MAP_SYSTEM(conn))
801 mask |= S_IXGRP;
802 if (!MAP_HIDDEN(conn))
803 mask |= S_IXOTH;
804
805 unixmode |= (smb_fname->st.st_ex_mode & mask);
806
807 /* if we previously had any r bits set then leave them alone */
808 if ((tmp = smb_fname->st.st_ex_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
809 unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
810 unixmode |= tmp;
811 }
812
813 /* if we previously had any w bits set then leave them alone
814 whilst adding in the new w bits, if the new mode is not rdonly */
815 if (!IS_DOS_READONLY(dosmode)) {
816 unixmode |= (smb_fname->st.st_ex_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
817 }
818
819 /*
820 * From the chmod 2 man page:
821 *
822 * "If the calling process is not privileged, and the group of the file
823 * does not match the effective group ID of the process or one of its
824 * supplementary group IDs, the S_ISGID bit will be turned off, but
825 * this will not cause an error to be returned."
826 *
827 * Simply refuse to do the chmod in this case.
828 */
829
830 if (S_ISDIR(smb_fname->st.st_ex_mode) && (unixmode & S_ISGID) &&
831 geteuid() != sec_initial_uid() &&
832 !current_user_in_group(conn, smb_fname->st.st_ex_gid)) {
833 DEBUG(3,("file_set_dosmode: setgid bit cannot be "
834 "set for directory %s\n",
835 smb_fname_str_dbg(smb_fname)));
836 errno = EPERM;
837 return -1;
838 }
839
840 ret = SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode);
841 if (ret == 0) {
842 if(!newfile || (lret != -1)) {
843 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
844 FILE_NOTIFY_CHANGE_ATTRIBUTES,
845 smb_fname->base_name);
846 }
847 smb_fname->st.st_ex_mode = unixmode;
848 return 0;
849 }
850
851 if((errno != EPERM) && (errno != EACCES))
852 return -1;
853
854 if(!lp_dos_filemode(SNUM(conn)))
855 return -1;
856
857 /* We want DOS semantics, ie allow non owner with write permission to change the
858 bits on a file. Just like file_ntimes below.
859 */
860
861 if (!can_write_to_file(conn, smb_fname)) {
862 errno = EACCES;
863 return -1;
864 }
865
866 /*
867 * We need to open the file with write access whilst
868 * still in our current user context. This ensures we
869 * are not violating security in doing the fchmod.
870 */
871 if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname,
872 &fsp)))
873 return -1;
874 become_root();
875 ret = SMB_VFS_FCHMOD(fsp, unixmode);
876 unbecome_root();
877 close_file(NULL, fsp, NORMAL_CLOSE);
878 if (!newfile) {
879 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
880 FILE_NOTIFY_CHANGE_ATTRIBUTES,
881 smb_fname->base_name);
882 }
883 if (ret == 0) {
884 smb_fname->st.st_ex_mode = unixmode;
885 }
886
887 return( ret );
888 }
889
890
891 NTSTATUS file_set_sparse(connection_struct *conn,
892 files_struct *fsp,
893 bool sparse)
894 {
895 uint32_t old_dosmode;
896 uint32_t new_dosmode;
897 NTSTATUS status;
898
899 if (!CAN_WRITE(conn)) {
900 DEBUG(9,("file_set_sparse: fname[%s] set[%u] "
901 "on readonly share[%s]\n",
902 smb_fname_str_dbg(fsp->fsp_name),
903 sparse,
904 lp_servicename(talloc_tos(), SNUM(conn))));
905 return NT_STATUS_MEDIA_WRITE_PROTECTED;
906 }
907
908 if (!(fsp->access_mask & FILE_WRITE_DATA) &&
909 !(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) {
910 DEBUG(9,("file_set_sparse: fname[%s] set[%u] "
911 "access_mask[0x%08X] - access denied\n",
912 smb_fname_str_dbg(fsp->fsp_name),
913 sparse,
914 fsp->access_mask));
915 return NT_STATUS_ACCESS_DENIED;
916 }
917
918 DEBUG(10,("file_set_sparse: setting sparse bit %u on file %s\n",
919 sparse, smb_fname_str_dbg(fsp->fsp_name)));
920
921 if (!lp_store_dos_attributes(SNUM(conn))) {
922 return NT_STATUS_INVALID_DEVICE_REQUEST;
923 }
924
925 status = vfs_stat_fsp(fsp);
926 if (!NT_STATUS_IS_OK(status)) {
927 return status;
928 }
929
930 old_dosmode = dos_mode(conn, fsp->fsp_name);
931
932 if (sparse && !(old_dosmode & FILE_ATTRIBUTE_SPARSE)) {
933 new_dosmode = old_dosmode | FILE_ATTRIBUTE_SPARSE;
934 } else if (!sparse && (old_dosmode & FILE_ATTRIBUTE_SPARSE)) {
935 new_dosmode = old_dosmode & ~FILE_ATTRIBUTE_SPARSE;
936 } else {
937 return NT_STATUS_OK;
938 }
939
940 /* Store the DOS attributes in an EA. */
941 if (!set_ea_dos_attribute(conn, fsp->fsp_name,
942 new_dosmode)) {
943 if (errno == 0) {
944 errno = EIO;
945 }
946 return map_nt_error_from_unix(errno);
947 }
948
949 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
950 FILE_NOTIFY_CHANGE_ATTRIBUTES,
951 fsp->fsp_name->base_name);
952
953 fsp->is_sparse = sparse;
954
955 return NT_STATUS_OK;
956 }
957
958 /*******************************************************************
959 Wrapper around the VFS ntimes that possibly allows DOS semantics rather
960 than POSIX.
961 *******************************************************************/
962
963 int file_ntimes(connection_struct *conn, const struct smb_filename *smb_fname,
964 struct smb_file_time *ft)
965 {
966 int ret = -1;
967
968 errno = 0;
969
970 DEBUG(6, ("file_ntime: actime: %s",
971 time_to_asc(convert_timespec_to_time_t(ft->atime))));
972 DEBUG(6, ("file_ntime: modtime: %s",
973 time_to_asc(convert_timespec_to_time_t(ft->mtime))));
974 DEBUG(6, ("file_ntime: ctime: %s",
975 time_to_asc(convert_timespec_to_time_t(ft->ctime))));
976 DEBUG(6, ("file_ntime: createtime: %s",
977 time_to_asc(convert_timespec_to_time_t(ft->create_time))));
978
979 /* Don't update the time on read-only shares */
980 /* We need this as set_filetime (which can be called on
981 close and other paths) can end up calling this function
982 without the NEED_WRITE protection. Found by :
983 Leo Weppelman <leo@wau.mis.ah.nl>
984 */
985
986 if (!CAN_WRITE(conn)) {
987 return 0;
988 }
989
990 if(SMB_VFS_NTIMES(conn, smb_fname, ft) == 0) {
991 return 0;
992 }
993
994 if((errno != EPERM) && (errno != EACCES)) {
995 return -1;
996 }
997
998 if(!lp_dos_filetimes(SNUM(conn))) {
999 return -1;
1000 }
1001
1002 /* We have permission (given by the Samba admin) to
1003 break POSIX semantics and allow a user to change
1004 the time on a file they don't own but can write to
1005 (as DOS does).
1006 */
1007
1008 /* Check if we have write access. */
1009 if (can_write_to_file(conn, smb_fname)) {
1010 /* We are allowed to become root and change the filetime. */
1011 become_root();
1012 ret = SMB_VFS_NTIMES(conn, smb_fname, ft);
1013 unbecome_root();
1014 }
1015
1016 return ret;
1017 }
1018
1019 /******************************************************************
1020 Force a "sticky" write time on a pathname. This will always be
1021 returned on all future write time queries and set on close.
1022 ******************************************************************/
1023
1024 bool set_sticky_write_time_path(struct file_id fileid, struct timespec mtime)
1025 {
1026 if (null_timespec(mtime)) {
1027 return true;
1028 }
1029
1030 if (!set_sticky_write_time(fileid, mtime)) {
1031 return false;
1032 }
1033
1034 return true;
1035 }
1036
1037 /******************************************************************
1038 Force a "sticky" write time on an fsp. This will always be
1039 returned on all future write time queries and set on close.
1040 ******************************************************************/
1041
1042 bool set_sticky_write_time_fsp(struct files_struct *fsp, struct timespec mtime)
1043 {
1044 if (null_timespec(mtime)) {
1045 return true;
1046 }
1047
1048 fsp->write_time_forced = true;
1049 TALLOC_FREE(fsp->update_write_time_event);
1050
1051 return set_sticky_write_time_path(fsp->file_id, mtime);
1052 }
1053
1054 /******************************************************************
1055 Set a create time EA.
1056 ******************************************************************/
1057
1058 NTSTATUS set_create_timespec_ea(connection_struct *conn,
1059 const struct smb_filename *psmb_fname,
1060 struct timespec create_time)
1061 {
1062 NTSTATUS status;
1063 struct smb_filename *smb_fname = NULL;
1064 uint32_t dosmode;
1065 int ret;
1066
1067 if (!lp_store_dos_attributes(SNUM(conn))) {
1068 return NT_STATUS_OK;
1069 }
1070
1071 status = create_synthetic_smb_fname(talloc_tos(),
1072 psmb_fname->base_name,
1073 NULL, &psmb_fname->st,
1074 &smb_fname);
1075
1076 if (!NT_STATUS_IS_OK(status)) {
1077 return status;
1078 }
1079
1080 dosmode = dos_mode(conn, smb_fname);
1081
1082 smb_fname->st.st_ex_btime = create_time;
1083
1084 ret = file_set_dosmode(conn, smb_fname, dosmode, NULL, false);
1085 if (ret == -1) {
1086 map_nt_error_from_unix(errno);
1087 }
1088
1089 DEBUG(10,("set_create_timespec_ea: wrote create time EA for file %s\n",
1090 smb_fname_str_dbg(smb_fname)));
1091
1092 return NT_STATUS_OK;
1093 }
1094
1095 /******************************************************************
1096 Return a create time.
1097 ******************************************************************/
1098
1099 struct timespec get_create_timespec(connection_struct *conn,
1100 struct files_struct *fsp,
1101 const struct smb_filename *smb_fname)
1102 {
1103 return smb_fname->st.st_ex_btime;
1104 }
1105
1106 /******************************************************************
1107 Return a change time (may look at EA in future).
1108 ******************************************************************/
1109
1110 struct timespec get_change_timespec(connection_struct *conn,
1111 struct files_struct *fsp,
1112 const struct smb_filename *smb_fname)
1113 {
1114 return smb_fname->st.st_ex_mtime;
1115 }
Samba GIT mirror