search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
winbindd: remove unused single_domains array
[Samba.git] / source3 / smbd / service.c
blob0376a330e23ca2a7053e6155b7a02f7e79c58abc
1 /*
2 Unix SMB/CIFS implementation.
3 service (connection) opening and closing
4 Copyright (C) Andrew Tridgell 1992-1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "system/filesys.h"
22 #include "system/passwd.h" /* uid_wrapper */
23 #include "../lib/tsocket/tsocket.h"
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "../librpc/gen_ndr/netlogon.h"
27 #include "../libcli/security/security.h"
28 #include "printing/pcap.h"
29 #include "passdb/lookup_sid.h"
30 #include "auth.h"
31 #include "lib/param/loadparm.h"
32 #include "messages.h"
33 #include "lib/afs/afs_funcs.h"
34 #include "lib/util_path.h"
35
36 static bool canonicalize_connect_path(connection_struct *conn)
37 {
38 bool ret;
39 char *resolved_name = SMB_VFS_REALPATH(conn,conn->connectpath);
40 if (!resolved_name) {
41 return false;
42 }
43 ret = set_conn_connectpath(conn,resolved_name);
44 SAFE_FREE(resolved_name);
45 return ret;
46 }
47
48 /****************************************************************************
49 Ensure when setting connectpath it is a canonicalized (no ./ // or ../)
50 absolute path stating in / and not ending in /.
51 ****************************************************************************/
52
53 bool set_conn_connectpath(connection_struct *conn, const char *connectpath)
54 {
55 char *destname;
56
57 if (connectpath == NULL || connectpath[0] == '\0') {
58 return false;
59 }
60
61 destname = canonicalize_absolute_path(conn, connectpath);
62 if (destname == NULL) {
63 return false;
64 }
65
66 DEBUG(10,("set_conn_connectpath: service %s, connectpath = %s\n",
67 lp_servicename(talloc_tos(), SNUM(conn)), destname ));
68
69 talloc_free(conn->connectpath);
70 conn->connectpath = destname;
71 /* Ensure conn->cwd is initialized - start as conn->connectpath. */
72 TALLOC_FREE(conn->cwd);
73 conn->cwd = talloc_strdup(conn, conn->connectpath);
74 if (!conn->cwd) {
75 return false;
76 }
77 return true;
78 }
79
80 /****************************************************************************
81 Load parameters specific to a connection/service.
82 ****************************************************************************/
83
84 bool set_current_service(connection_struct *conn, uint16_t flags, bool do_chdir)
85 {
86 int snum;
87 enum remote_arch_types ra_type;
88
89 if (!conn) {
90 last_conn = NULL;
91 return(False);
92 }
93
94 conn->lastused_count++;
95
96 snum = SNUM(conn);
97
98 if (do_chdir &&
99 vfs_ChDir(conn,conn->connectpath) != 0 &&
100 vfs_ChDir(conn,conn->origpath) != 0) {
101 DEBUG(((errno!=EACCES)?0:3),("chdir (%s) failed, reason: %s\n",
102 conn->connectpath, strerror(errno)));
103 return(False);
104 }
105
106 if ((conn == last_conn) && (last_flags == flags)) {
107 return(True);
108 }
109
110 last_conn = conn;
111 last_flags = flags;
112
113 /*
114 * Obey the client case sensitivity requests - only for clients that
115 * support it. */
116 switch (lp_case_sensitive(snum)) {
117 case Auto:
118 /*
119 * We need this uglyness due to DOS/Win9x clients that lie
120 * about case insensitivity. */
121 ra_type = get_remote_arch();
122 if (conn->sconn->using_smb2) {
123 conn->case_sensitive = false;
124 } else if ((ra_type != RA_SAMBA) && (ra_type != RA_CIFSFS)) {
125 /*
126 * Client can't support per-packet case sensitive
127 * pathnames. */
128 conn->case_sensitive = false;
129 } else {
130 conn->case_sensitive =
131 !(flags & FLAG_CASELESS_PATHNAMES);
132 }
133 break;
134 case True:
135 conn->case_sensitive = true;
136 break;
137 default:
138 conn->case_sensitive = false;
139 break;
140 }
141 return true;
142 }
143
144 /****************************************************************************
145 do some basic sainity checks on the share.
146 This function modifies dev, ecode.
147 ****************************************************************************/
148
149 static NTSTATUS share_sanity_checks(const struct tsocket_address *remote_address,
150 const char *rhost,
151 int snum,
152 fstring dev)
153 {
154 char *raddr;
155
156 raddr = tsocket_address_inet_addr_string(remote_address,
157 talloc_tos());
158 if (raddr == NULL) {
159 return NT_STATUS_NO_MEMORY;
160 }
161
162 if (!lp_snum_ok(snum) ||
163 !allow_access(lp_hosts_deny(snum), lp_hosts_allow(snum),
164 rhost, raddr)) {
165 return NT_STATUS_ACCESS_DENIED;
166 }
167
168 if (dev[0] == '?' || !dev[0]) {
169 if (lp_printable(snum)) {
170 fstrcpy(dev,"LPT1:");
171 } else if (strequal(lp_fstype(snum), "IPC")) {
172 fstrcpy(dev, "IPC");
173 } else {
174 fstrcpy(dev,"A:");
175 }
176 }
177
178 if (!strupper_m(dev)) {
179 DEBUG(2,("strupper_m %s failed\n", dev));
180 return NT_STATUS_INVALID_PARAMETER;
181 }
182
183 if (lp_printable(snum)) {
184 if (!strequal(dev, "LPT1:")) {
185 return NT_STATUS_BAD_DEVICE_TYPE;
186 }
187 } else if (strequal(lp_fstype(snum), "IPC")) {
188 if (!strequal(dev, "IPC")) {
189 return NT_STATUS_BAD_DEVICE_TYPE;
190 }
191 } else if (!strequal(dev, "A:")) {
192 return NT_STATUS_BAD_DEVICE_TYPE;
193 }
194
195 /* Behave as a printer if we are supposed to */
196 if (lp_printable(snum) && (strcmp(dev, "A:") == 0)) {
197 fstrcpy(dev, "LPT1:");
198 }
199
200 return NT_STATUS_OK;
201 }
202
203 /*
204 * Go through lookup_name etc to find the force'd group.
205 *
206 * Create a new token from src_token, replacing the primary group sid with the
207 * one found.
208 */
209
210 static NTSTATUS find_forced_group(bool force_user,
211 int snum, const char *username,
212 struct dom_sid *pgroup_sid,
213 gid_t *pgid)
214 {
215 NTSTATUS result = NT_STATUS_NO_SUCH_GROUP;
216 TALLOC_CTX *frame = talloc_stackframe();
217 struct dom_sid group_sid;
218 enum lsa_SidType type;
219 char *groupname;
220 bool user_must_be_member = False;
221 gid_t gid;
222
223 groupname = lp_force_group(talloc_tos(), snum);
224 if (groupname == NULL) {
225 DEBUG(1, ("talloc_strdup failed\n"));
226 result = NT_STATUS_NO_MEMORY;
227 goto done;
228 }
229
230 if (groupname[0] == '+') {
231 user_must_be_member = True;
232 groupname += 1;
233 }
234
235 groupname = talloc_string_sub(talloc_tos(), groupname,
236 "%S", lp_servicename(talloc_tos(), snum));
237 if (groupname == NULL) {
238 DEBUG(1, ("talloc_string_sub failed\n"));
239 result = NT_STATUS_NO_MEMORY;
240 goto done;
241 }
242
243 if (!lookup_name_smbconf(talloc_tos(), groupname,
244 LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
245 NULL, NULL, &group_sid, &type)) {
246 DEBUG(10, ("lookup_name_smbconf(%s) failed\n",
247 groupname));
248 goto done;
249 }
250
251 if ((type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS) &&
252 (type != SID_NAME_WKN_GRP)) {
253 DEBUG(10, ("%s is a %s, not a group\n", groupname,
254 sid_type_lookup(type)));
255 goto done;
256 }
257
258 if (!sid_to_gid(&group_sid, &gid)) {
259 DEBUG(10, ("sid_to_gid(%s) for %s failed\n",
260 sid_string_dbg(&group_sid), groupname));
261 goto done;
262 }
263
264 /*
265 * If the user has been forced and the forced group starts with a '+',
266 * then we only set the group to be the forced group if the forced
267 * user is a member of that group. Otherwise, the meaning of the '+'
268 * would be ignored.
269 */
270
271 if (force_user && user_must_be_member) {
272 if (user_in_group_sid(username, &group_sid)) {
273 sid_copy(pgroup_sid, &group_sid);
274 *pgid = gid;
275 DEBUG(3,("Forced group %s for member %s\n",
276 groupname, username));
277 } else {
278 DEBUG(0,("find_forced_group: forced user %s is not a member "
279 "of forced group %s. Disallowing access.\n",
280 username, groupname ));
281 result = NT_STATUS_MEMBER_NOT_IN_GROUP;
282 goto done;
283 }
284 } else {
285 sid_copy(pgroup_sid, &group_sid);
286 *pgid = gid;
287 DEBUG(3,("Forced group %s\n", groupname));
288 }
289
290 result = NT_STATUS_OK;
291 done:
292 TALLOC_FREE(frame);
293 return result;
294 }
295
296 /****************************************************************************
297 Create an auth_session_info structure for a connection_struct
298 ****************************************************************************/
299
300 static NTSTATUS create_connection_session_info(struct smbd_server_connection *sconn,
301 TALLOC_CTX *mem_ctx, int snum,
302 struct auth_session_info *session_info,
303 struct auth_session_info **presult)
304 {
305 struct auth_session_info *result;
306
307 if (lp_guest_only(snum)) {
308 return make_session_info_guest(mem_ctx, presult);
309 }
310
311 /*
312 * This is the normal security != share case where we have a
313 * valid vuid from the session setup. */
314
315 if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
316 if (!lp_guest_ok(snum)) {
317 DEBUG(2, ("guest user (from session setup) "
318 "not permitted to access this share "
319 "(%s)\n", lp_servicename(talloc_tos(), snum)));
320 return NT_STATUS_ACCESS_DENIED;
321 }
322 } else {
323 if (!user_ok_token(session_info->unix_info->unix_name,
324 session_info->info->domain_name,
325 session_info->security_token, snum)) {
326 DEBUG(2, ("user '%s' (from session setup) not "
327 "permitted to access this share "
328 "(%s)\n",
329 session_info->unix_info->unix_name,
330 lp_servicename(talloc_tos(), snum)));
331 return NT_STATUS_ACCESS_DENIED;
332 }
333 }
334
335 result = copy_session_info(mem_ctx, session_info);
336 if (result == NULL) {
337 return NT_STATUS_NO_MEMORY;
338 }
339
340 *presult = result;
341 return NT_STATUS_OK;
342 }
343
344 /****************************************************************************
345 Set relevant user and group settings corresponding to force user/group
346 configuration for the given snum.
347 ****************************************************************************/
348
349 NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
350 {
351 NTSTATUS status;
352
353 if (*lp_force_user(talloc_tos(), snum)) {
354
355 /*
356 * Replace conn->session_info with a completely faked up one
357 * from the username we are forced into :-)
358 */
359
360 char *fuser;
361 char *sanitized_username;
362 struct auth_session_info *forced_serverinfo;
363 bool guest;
364
365 fuser = talloc_string_sub(conn, lp_force_user(talloc_tos(), snum), "%S",
366 lp_const_servicename(snum));
367 if (fuser == NULL) {
368 return NT_STATUS_NO_MEMORY;
369 }
370
371 guest = security_session_user_level(conn->session_info, NULL) < SECURITY_USER;
372
373 status = make_session_info_from_username(
374 conn, fuser,
375 guest,
376 &forced_serverinfo);
377 if (!NT_STATUS_IS_OK(status)) {
378 return status;
379 }
380
381 /* We don't want to replace the original sanitized_username
382 as it is the original user given in the connect attempt.
383 This is used in '%U' substitutions. */
384 sanitized_username = discard_const_p(char,
385 forced_serverinfo->unix_info->sanitized_username);
386 TALLOC_FREE(sanitized_username);
387 forced_serverinfo->unix_info->sanitized_username =
388 talloc_move(forced_serverinfo->unix_info,
389 &conn->session_info->unix_info->sanitized_username);
390
391 TALLOC_FREE(conn->session_info);
392 conn->session_info = forced_serverinfo;
393
394 conn->force_user = true;
395 DEBUG(3,("Forced user %s\n", fuser));
396 }
397
398 /*
399 * If force group is true, then override
400 * any groupid stored for the connecting user.
401 */
402
403 if (*lp_force_group(talloc_tos(), snum)) {
404
405 status = find_forced_group(
406 conn->force_user, snum, conn->session_info->unix_info->unix_name,
407 &conn->session_info->security_token->sids[1],
408 &conn->session_info->unix_token->gid);
409
410 if (!NT_STATUS_IS_OK(status)) {
411 return status;
412 }
413
414 /*
415 * We need to cache this gid, to use within
416 * change_to_user() separately from the conn->session_info
417 * struct. We only use conn->session_info directly if
418 * "force_user" was set.
419 */
420 conn->force_group_gid = conn->session_info->unix_token->gid;
421 }
422
423 return NT_STATUS_OK;
424 }
425
426 static NTSTATUS notify_init_sconn(struct smbd_server_connection *sconn)
427 {
428 NTSTATUS status;
429
430 if (sconn->notify_ctx != NULL) {
431 return NT_STATUS_OK;
432 }
433
434 sconn->notify_ctx = notify_init(sconn, sconn->msg_ctx, sconn->ev_ctx,
435 sconn, notify_callback);
436 if (sconn->notify_ctx == NULL) {
437 return NT_STATUS_NO_MEMORY;
438 }
439
440 status = messaging_register(sconn->msg_ctx, sconn,
441 MSG_SMB_NOTIFY_CANCEL_DELETED,
442 smbd_notify_cancel_deleted);
443 if (!NT_STATUS_IS_OK(status)) {
444 DBG_DEBUG("messaging_register failed: %s\n",
445 nt_errstr(status));
446 TALLOC_FREE(sconn->notify_ctx);
447 return status;
448 }
449
450 status = messaging_register(sconn->msg_ctx, sconn,
451 MSG_SMB_NOTIFY_STARTED,
452 smbd_notifyd_restarted);
453 if (!NT_STATUS_IS_OK(status)) {
454 DBG_DEBUG("messaging_register failed: %s\n",
455 nt_errstr(status));
456 messaging_deregister(sconn->msg_ctx,
457 MSG_SMB_NOTIFY_CANCEL_DELETED, sconn);
458 TALLOC_FREE(sconn->notify_ctx);
459 return status;
460 }
461
462 return NT_STATUS_OK;
463 }
464
465 /****************************************************************************
466 Make a connection, given the snum to connect to, and the vuser of the
467 connecting user if appropriate.
468 ****************************************************************************/
469
470 static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
471 connection_struct *conn,
472 int snum, struct user_struct *vuser,
473 const char *pdev)
474 {
475 struct smbd_server_connection *sconn = xconn->client->sconn;
476 struct smb_filename *smb_fname_cpath = NULL;
477 fstring dev;
478 int ret;
479 bool on_err_call_dis_hook = false;
480 uid_t effuid;
481 gid_t effgid;
482 NTSTATUS status;
483
484 fstrcpy(dev, pdev);
485
486 status = share_sanity_checks(sconn->remote_address,
487 sconn->remote_hostname,
488 snum,
489 dev);
490 if (NT_STATUS_IS_ERR(status)) {
491 goto err_root_exit;
492 }
493
494 conn->params->service = snum;
495
496 status = create_connection_session_info(sconn,
497 conn, snum, vuser->session_info,
498 &conn->session_info);
499
500 if (!NT_STATUS_IS_OK(status)) {
501 DEBUG(1, ("create_connection_session_info failed: %s\n",
502 nt_errstr(status)));
503 goto err_root_exit;
504 }
505
506 if (lp_guest_only(snum)) {
507 conn->force_user = true;
508 }
509
510 conn->num_files_open = 0;
511 conn->lastused = conn->lastused_count = time(NULL);
512 conn->printer = (strncmp(dev,"LPT",3) == 0);
513 conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
514 ( lp_enable_asu_support() && strequal(dev,"ADMIN$")) );
515
516 /* Case options for the share. */
517 if (lp_case_sensitive(snum) == Auto) {
518 /* We will be setting this per packet. Set to be case
519 * insensitive for now. */
520 conn->case_sensitive = False;
521 } else {
522 conn->case_sensitive = (bool)lp_case_sensitive(snum);
523 }
524
525 conn->case_preserve = lp_preserve_case(snum);
526 conn->short_case_preserve = lp_short_preserve_case(snum);
527
528 conn->encrypt_level = lp_smb_encrypt(snum);
529 if (conn->encrypt_level > SMB_SIGNING_OFF) {
530 if (lp_smb_encrypt(-1) == SMB_SIGNING_OFF) {
531 if (conn->encrypt_level == SMB_SIGNING_REQUIRED) {
532 DBG_ERR("Service [%s] requires encryption, but "
533 "it is disabled globally!\n",
534 lp_servicename(talloc_tos(), snum));
535 status = NT_STATUS_ACCESS_DENIED;
536 goto err_root_exit;
537 }
538 conn->encrypt_level = SMB_SIGNING_OFF;
539 }
540 }
541
542 conn->veto_list = NULL;
543 conn->hide_list = NULL;
544 conn->veto_oplock_list = NULL;
545 conn->aio_write_behind_list = NULL;
546
547 conn->read_only = lp_read_only(SNUM(conn));
548
549 status = set_conn_force_user_group(conn, snum);
550 if (!NT_STATUS_IS_OK(status)) {
551 goto err_root_exit;
552 }
553
554 conn->vuid = vuser->vuid;
555
556 {
557 char *s = talloc_sub_advanced(talloc_tos(),
558 lp_servicename(talloc_tos(), SNUM(conn)),
559 conn->session_info->unix_info->unix_name,
560 conn->connectpath,
561 conn->session_info->unix_token->gid,
562 conn->session_info->unix_info->sanitized_username,
563 conn->session_info->info->domain_name,
564 lp_path(talloc_tos(), snum));
565 if (!s) {
566 status = NT_STATUS_NO_MEMORY;
567 goto err_root_exit;
568 }
569
570 if (!set_conn_connectpath(conn,s)) {
571 TALLOC_FREE(s);
572 status = NT_STATUS_NO_MEMORY;
573 goto err_root_exit;
574 }
575 DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
576 lp_servicename(talloc_tos(), snum)));
577 TALLOC_FREE(s);
578 }
579
580 /*
581 * Set up the share security descriptor.
582 * NOTE - we use the *INCOMING USER* session_info
583 * here, as does (indirectly) change_to_user(),
584 * which can be called on any incoming packet.
585 * This way we set up the share access based
586 * on the authenticated user, not the forced
587 * user. See bug:
588 *
589 * https://bugzilla.samba.org/show_bug.cgi?id=9878
590 */
591
592 status = check_user_share_access(conn,
593 vuser->session_info,
594 &conn->share_access,
595 &conn->read_only);
596 if (!NT_STATUS_IS_OK(status)) {
597 goto err_root_exit;
598 }
599
600 /* Initialise VFS function pointers */
601
602 if (!smbd_vfs_init(conn)) {
603 DEBUG(0, ("vfs_init failed for service %s\n",
604 lp_servicename(talloc_tos(), snum)));
605 status = NT_STATUS_BAD_NETWORK_NAME;
606 goto err_root_exit;
607 }
608
609 /* ROOT Activities: */
610 /* explicitly check widelinks here so that we can correctly warn
611 * in the logs. */
612 widelinks_warning(snum);
613
614 /*
615 * Enforce the max connections parameter.
616 */
617
618 if ((lp_max_connections(snum) > 0)
619 && (count_current_connections(lp_servicename(talloc_tos(), SNUM(conn)), True) >=
620 lp_max_connections(snum))) {
621
622 DEBUG(1, ("Max connections (%d) exceeded for %s\n",
623 lp_max_connections(snum),
624 lp_servicename(talloc_tos(), snum)));
625 status = NT_STATUS_INSUFFICIENT_RESOURCES;
626 goto err_root_exit;
627 }
628
629 /* Invoke VFS make connection hook - this must be the first
630 filesystem operation that we do. */
631
632 if (SMB_VFS_CONNECT(conn, lp_servicename(talloc_tos(), snum),
633 conn->session_info->unix_info->unix_name) < 0) {
634 DBG_WARNING("SMB_VFS_CONNECT for service '%s' at '%s' failed: %s\n",
635 lp_servicename(talloc_tos(), snum), conn->connectpath,
636 strerror(errno));
637 status = NT_STATUS_UNSUCCESSFUL;
638 goto err_root_exit;
639 }
640
641 /* Any error exit after here needs to call the disconnect hook. */
642 on_err_call_dis_hook = true;
643
644 if ((!conn->printer) && (!conn->ipc) &&
645 lp_change_notify()) {
646
647 status = notify_init_sconn(sconn);
648 if (!NT_STATUS_IS_OK(status)) {
649 goto err_root_exit;
650 }
651 }
652
653 if (lp_kernel_oplocks(snum)) {
654 init_kernel_oplocks(conn->sconn);
655 }
656
657 /*
658 * Fix compatibility issue pointed out by Volker.
659 * We pass the conn->connectpath to the preexec
660 * scripts as a parameter, so attempt to canonicalize
661 * it here before calling the preexec scripts.
662 * We ignore errors here, as it is possible that
663 * the conn->connectpath doesn't exist yet and
664 * the preexec scripts will create them.
665 */
666
667 (void)canonicalize_connect_path(conn);
668
669 /* Preexecs are done here as they might make the dir we are to ChDir
670 * to below */
671 /* execute any "root preexec = " line */
672 if (*lp_root_preexec(talloc_tos(), snum)) {
673 char *cmd = talloc_sub_advanced(talloc_tos(),
674 lp_servicename(talloc_tos(), SNUM(conn)),
675 conn->session_info->unix_info->unix_name,
676 conn->connectpath,
677 conn->session_info->unix_token->gid,
678 conn->session_info->unix_info->sanitized_username,
679 conn->session_info->info->domain_name,
680 lp_root_preexec(talloc_tos(), snum));
681 DEBUG(5,("cmd=%s\n",cmd));
682 ret = smbrun(cmd, NULL, NULL);
683 TALLOC_FREE(cmd);
684 if (ret != 0 && lp_root_preexec_close(snum)) {
685 DEBUG(1,("root preexec gave %d - failing "
686 "connection\n", ret));
687 status = NT_STATUS_ACCESS_DENIED;
688 goto err_root_exit;
689 }
690 }
691
692 /* USER Activites: */
693 if (!change_to_user(conn, conn->vuid)) {
694 /* No point continuing if they fail the basic checks */
695 DEBUG(0,("Can't become connected user!\n"));
696 status = NT_STATUS_LOGON_FAILURE;
697 goto err_root_exit;
698 }
699
700 effuid = geteuid();
701 effgid = getegid();
702
703 /* Remember that a different vuid can connect later without these
704 * checks... */
705
706 /* Preexecs are done here as they might make the dir we are to ChDir
707 * to below */
708
709 /* execute any "preexec = " line */
710 if (*lp_preexec(talloc_tos(), snum)) {
711 char *cmd = talloc_sub_advanced(talloc_tos(),
712 lp_servicename(talloc_tos(), SNUM(conn)),
713 conn->session_info->unix_info->unix_name,
714 conn->connectpath,
715 conn->session_info->unix_token->gid,
716 conn->session_info->unix_info->sanitized_username,
717 conn->session_info->info->domain_name,
718 lp_preexec(talloc_tos(), snum));
719 ret = smbrun(cmd, NULL, NULL);
720 TALLOC_FREE(cmd);
721 if (ret != 0 && lp_preexec_close(snum)) {
722 DEBUG(1,("preexec gave %d - failing connection\n",
723 ret));
724 status = NT_STATUS_ACCESS_DENIED;
725 goto err_root_exit;
726 }
727 }
728
729 #ifdef WITH_FAKE_KASERVER
730 if (lp_afs_share(snum)) {
731 afs_login(conn);
732 }
733 #endif
734
735 /*
736 * we've finished with the user stuff - go back to root
737 * so the SMB_VFS_STAT call will only fail on path errors,
738 * not permission problems.
739 */
740 change_to_root_user();
741 /* ROOT Activites: */
742
743 /*
744 * If widelinks are disallowed we need to canonicalise the connect
745 * path here to ensure we don't have any symlinks in the
746 * connectpath. We will be checking all paths on this connection are
747 * below this directory. We must do this after the VFS init as we
748 * depend on the realpath() pointer in the vfs table. JRA.
749 */
750 if (!lp_widelinks(snum)) {
751 if (!canonicalize_connect_path(conn)) {
752 DEBUG(0, ("canonicalize_connect_path failed "
753 "for service %s, path %s\n",
754 lp_servicename(talloc_tos(), snum),
755 conn->connectpath));
756 status = NT_STATUS_BAD_NETWORK_NAME;
757 goto err_root_exit;
758 }
759 }
760
761 /* Add veto/hide lists */
762 if (!IS_IPC(conn) && !IS_PRINT(conn)) {
763 set_namearray( &conn->veto_list,
764 lp_veto_files(talloc_tos(), snum));
765 set_namearray( &conn->hide_list,
766 lp_hide_files(talloc_tos(), snum));
767 set_namearray( &conn->veto_oplock_list,
768 lp_veto_oplock_files(talloc_tos(), snum));
769 set_namearray( &conn->aio_write_behind_list,
770 lp_aio_write_behind(talloc_tos(), snum));
771 }
772 smb_fname_cpath = synthetic_smb_fname(talloc_tos(),
773 conn->connectpath,
774 NULL,
775 NULL,
776 0);
777 if (smb_fname_cpath == NULL) {
778 status = NT_STATUS_NO_MEMORY;
779 goto err_root_exit;
780 }
781
782 /* win2000 does not check the permissions on the directory
783 during the tree connect, instead relying on permission
784 check during individual operations. To match this behaviour
785 I have disabled this chdir check (tridge) */
786 /* the alternative is just to check the directory exists */
787
788 if ((ret = SMB_VFS_STAT(conn, smb_fname_cpath)) != 0 ||
789 !S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
790 if (ret == 0 && !S_ISDIR(smb_fname_cpath->st.st_ex_mode)) {
791 DEBUG(0,("'%s' is not a directory, when connecting to "
792 "[%s]\n", conn->connectpath,
793 lp_servicename(talloc_tos(), snum)));
794 } else {
795 DEBUG(0,("'%s' does not exist or permission denied "
796 "when connecting to [%s] Error was %s\n",
797 conn->connectpath,
798 lp_servicename(talloc_tos(), snum),
799 strerror(errno) ));
800 }
801 status = NT_STATUS_BAD_NETWORK_NAME;
802 goto err_root_exit;
803 }
804 conn->base_share_dev = smb_fname_cpath->st.st_ex_dev;
805
806 talloc_free(conn->origpath);
807 conn->origpath = talloc_strdup(conn, conn->connectpath);
808
809 /* Figure out the characteristics of the underlying filesystem. This
810 * assumes that all the filesystem mounted withing a share path have
811 * the same characteristics, which is likely but not guaranteed.
812 */
813
814 conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn, &conn->ts_res);
815
816 /*
817 * Print out the 'connected as' stuff here as we need
818 * to know the effective uid and gid we will be using
819 * (at least initially).
820 */
821
822 if( DEBUGLVL( IS_IPC(conn) ? 3 : 2 ) ) {
823 dbgtext( "%s (%s) ", get_remote_machine_name(),
824 tsocket_address_string(conn->sconn->remote_address,
825 talloc_tos()) );
826 dbgtext( "%s", srv_is_signing_active(xconn) ? "signed " : "");
827 dbgtext( "connect to service %s ",
828 lp_servicename(talloc_tos(), snum) );
829 dbgtext( "initially as user %s ",
830 conn->session_info->unix_info->unix_name );
831 dbgtext( "(uid=%d, gid=%d) ", (int)effuid, (int)effgid );
832 dbgtext( "(pid %d)\n", (int)getpid() );
833 }
834
835 return status;
836
837 err_root_exit:
838
839 TALLOC_FREE(smb_fname_cpath);
840 /* We must exit this function as root. */
841 if (geteuid() != 0) {
842 change_to_root_user();
843 }
844 if (on_err_call_dis_hook) {
845 /* Call VFS disconnect hook */
846 SMB_VFS_DISCONNECT(conn);
847 }
848 return status;
849 }
850
851 /****************************************************************************
852 Make a connection to a service from SMB1. Internal interface.
853 ****************************************************************************/
854
855 static connection_struct *make_connection_smb1(struct smb_request *req,
856 NTTIME now,
857 int snum, struct user_struct *vuser,
858 const char *pdev,
859 NTSTATUS *pstatus)
860 {
861 struct smbXsrv_tcon *tcon;
862 NTSTATUS status;
863 struct connection_struct *conn;
864
865 status = smb1srv_tcon_create(req->xconn, now, &tcon);
866 if (!NT_STATUS_IS_OK(status)) {
867 DEBUG(0,("make_connection_smb1: Couldn't find free tcon %s.\n",
868 nt_errstr(status)));
869 *pstatus = status;
870 return NULL;
871 }
872
873 conn = conn_new(req->sconn);
874 if (!conn) {
875 TALLOC_FREE(tcon);
876
877 DEBUG(0,("make_connection_smb1: Couldn't find free connection.\n"));
878 *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
879 return NULL;
880 }
881
882 conn->cnum = tcon->global->tcon_wire_id;
883 conn->tcon = tcon;
884
885 *pstatus = make_connection_snum(req->xconn,
886 conn,
887 snum,
888 vuser,
889 pdev);
890 if (!NT_STATUS_IS_OK(*pstatus)) {
891 conn_free(conn);
892 TALLOC_FREE(tcon);
893 return NULL;
894 }
895
896 tcon->global->share_name = lp_servicename(tcon->global, SNUM(conn));
897 if (tcon->global->share_name == NULL) {
898 conn_free(conn);
899 TALLOC_FREE(tcon);
900 *pstatus = NT_STATUS_NO_MEMORY;
901 return NULL;
902 }
903 tcon->global->session_global_id =
904 vuser->session->global->session_global_id;
905
906 tcon->compat = talloc_move(tcon, &conn);
907 tcon->status = NT_STATUS_OK;
908
909 *pstatus = smbXsrv_tcon_update(tcon);
910 if (!NT_STATUS_IS_OK(*pstatus)) {
911 TALLOC_FREE(tcon);
912 return NULL;
913 }
914
915 return tcon->compat;
916 }
917
918 /****************************************************************************
919 Make a connection to a service from SMB2. External SMB2 interface.
920 We must set cnum before claiming connection.
921 ****************************************************************************/
922
923 connection_struct *make_connection_smb2(struct smbd_smb2_request *req,
924 struct smbXsrv_tcon *tcon,
925 int snum,
926 struct user_struct *vuser,
927 const char *pdev,
928 NTSTATUS *pstatus)
929 {
930 struct smbd_server_connection *sconn = req->sconn;
931 connection_struct *conn = conn_new(sconn);
932 if (!conn) {
933 DEBUG(0,("make_connection_smb2: Couldn't find free connection.\n"));
934 *pstatus = NT_STATUS_INSUFFICIENT_RESOURCES;
935 return NULL;
936 }
937
938 conn->cnum = tcon->global->tcon_wire_id;
939 conn->tcon = tcon;
940
941 *pstatus = make_connection_snum(req->xconn,
942 conn,
943 snum,
944 vuser,
945 pdev);
946 if (!NT_STATUS_IS_OK(*pstatus)) {
947 conn_free(conn);
948 return NULL;
949 }
950 return conn;
951 }
952
953 /****************************************************************************
954 Make a connection to a service. External SMB1 interface.
955 *
956 * @param service
957 ****************************************************************************/
958
959 connection_struct *make_connection(struct smb_request *req,
960 NTTIME now,
961 const char *service_in,
962 const char *pdev, uint64_t vuid,
963 NTSTATUS *status)
964 {
965 struct smbd_server_connection *sconn = req->sconn;
966 uid_t euid;
967 struct user_struct *vuser = NULL;
968 char *service = NULL;
969 fstring dev;
970 int snum = -1;
971
972 fstrcpy(dev, pdev);
973
974 /* This must ONLY BE CALLED AS ROOT. As it exits this function as
975 * root. */
976 if (!non_root_mode() && (euid = geteuid()) != 0) {
977 DEBUG(0,("make_connection: PANIC ERROR. Called as nonroot "
978 "(%u)\n", (unsigned int)euid ));
979 smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
980 }
981
982 if (conn_num_open(sconn) > 2047) {
983 *status = NT_STATUS_INSUFF_SERVER_RESOURCES;
984 return NULL;
985 }
986
987 vuser = get_valid_user_struct(sconn, vuid);
988 if (!vuser) {
989 DEBUG(1,("make_connection: refusing to connect with "
990 "no session setup\n"));
991 *status = NT_STATUS_ACCESS_DENIED;
992 return NULL;
993 }
994
995 /* Logic to try and connect to the correct [homes] share, preferably
996 without too many getpwnam() lookups. This is particulary nasty for
997 winbind usernames, where the share name isn't the same as unix
998 username.
999
1000 The snum of the homes share is stored on the vuser at session setup
1001 time.
1002 */
1003
1004 if (strequal(service_in,HOMES_NAME)) {
1005 if (vuser->homes_snum == -1) {
1006 DEBUG(2, ("[homes] share not available for "
1007 "this user because it was not found "
1008 "or created at session setup "
1009 "time\n"));
1010 *status = NT_STATUS_BAD_NETWORK_NAME;
1011 return NULL;
1012 }
1013 DEBUG(5, ("making a connection to [homes] service "
1014 "created at session setup time\n"));
1015 return make_connection_smb1(req, now,
1016 vuser->homes_snum,
1017 vuser,
1018 dev, status);
1019 } else if ((vuser->homes_snum != -1)
1020 && strequal(service_in,
1021 lp_servicename(talloc_tos(), vuser->homes_snum))) {
1022 DEBUG(5, ("making a connection to 'homes' service [%s] "
1023 "created at session setup time\n", service_in));
1024 return make_connection_smb1(req, now,
1025 vuser->homes_snum,
1026 vuser,
1027 dev, status);
1028 }
1029
1030 service = talloc_strdup(talloc_tos(), service_in);
1031 if (!service) {
1032 *status = NT_STATUS_NO_MEMORY;
1033 return NULL;
1034 }
1035
1036 if (!strlower_m(service)) {
1037 DEBUG(2, ("strlower_m %s failed\n", service));
1038 *status = NT_STATUS_INVALID_PARAMETER;
1039 return NULL;
1040 }
1041
1042 snum = find_service(talloc_tos(), service, &service);
1043 if (!service) {
1044 *status = NT_STATUS_NO_MEMORY;
1045 return NULL;
1046 }
1047
1048 if (snum < 0) {
1049 if (strequal(service,"IPC$") ||
1050 (lp_enable_asu_support() && strequal(service,"ADMIN$"))) {
1051 DEBUG(3,("refusing IPC connection to %s\n", service));
1052 *status = NT_STATUS_ACCESS_DENIED;
1053 return NULL;
1054 }
1055
1056 DEBUG(3,("%s (%s) couldn't find service %s\n",
1057 get_remote_machine_name(),
1058 tsocket_address_string(
1059 sconn->remote_address, talloc_tos()),
1060 service));
1061 *status = NT_STATUS_BAD_NETWORK_NAME;
1062 return NULL;
1063 }
1064
1065 /* Handle non-Dfs clients attempting connections to msdfs proxy */
1066 if (lp_host_msdfs() && (*lp_msdfs_proxy(talloc_tos(), snum) != '\0')) {
1067 DEBUG(3, ("refusing connection to dfs proxy share '%s' "
1068 "(pointing to %s)\n",
1069 service, lp_msdfs_proxy(talloc_tos(), snum)));
1070 *status = NT_STATUS_BAD_NETWORK_NAME;
1071 return NULL;
1072 }
1073
1074 DEBUG(5, ("making a connection to 'normal' service %s\n", service));
1075
1076 return make_connection_smb1(req, now, snum, vuser,
1077 dev, status);
1078 }
1079
1080 /****************************************************************************
1081 Close a cnum.
1082 ****************************************************************************/
1083
1084 void close_cnum(connection_struct *conn, uint64_t vuid)
1085 {
1086 file_close_conn(conn);
1087
1088 if (!IS_IPC(conn)) {
1089 dptr_closecnum(conn);
1090 }
1091
1092 change_to_root_user();
1093
1094 DEBUG(IS_IPC(conn)?3:2, ("%s (%s) closed connection to service %s\n",
1095 get_remote_machine_name(),
1096 tsocket_address_string(conn->sconn->remote_address,
1097 talloc_tos()),
1098 lp_servicename(talloc_tos(), SNUM(conn))));
1099
1100 /* make sure we leave the directory available for unmount */
1101 vfs_ChDir(conn, "/");
1102
1103 /* Call VFS disconnect hook */
1104 SMB_VFS_DISCONNECT(conn);
1105
1106 /* execute any "postexec = " line */
1107 if (*lp_postexec(talloc_tos(), SNUM(conn)) &&
1108 change_to_user(conn, vuid)) {
1109 char *cmd = talloc_sub_advanced(talloc_tos(),
1110 lp_servicename(talloc_tos(), SNUM(conn)),
1111 conn->session_info->unix_info->unix_name,
1112 conn->connectpath,
1113 conn->session_info->unix_token->gid,
1114 conn->session_info->unix_info->sanitized_username,
1115 conn->session_info->info->domain_name,
1116 lp_postexec(talloc_tos(), SNUM(conn)));
1117 smbrun(cmd, NULL, NULL);
1118 TALLOC_FREE(cmd);
1119 change_to_root_user();
1120 }
1121
1122 change_to_root_user();
1123 /* execute any "root postexec = " line */
1124 if (*lp_root_postexec(talloc_tos(), SNUM(conn))) {
1125 char *cmd = talloc_sub_advanced(talloc_tos(),
1126 lp_servicename(talloc_tos(), SNUM(conn)),
1127 conn->session_info->unix_info->unix_name,
1128 conn->connectpath,
1129 conn->session_info->unix_token->gid,
1130 conn->session_info->unix_info->sanitized_username,
1131 conn->session_info->info->domain_name,
1132 lp_root_postexec(talloc_tos(), SNUM(conn)));
1133 smbrun(cmd, NULL, NULL);
1134 TALLOC_FREE(cmd);
1135 }
1136
1137 conn_free(conn);
1138 }
Samba GIT mirror