source3/modules/vfs_fake_perms.c

   1 /*
   2  * Fake Perms VFS module.  Implements passthrough operation of all VFS
   3  * calls to disk functions, except for file permissions, which are now
   4  * mode 0700 for the current uid/gid.
   5  *
   6  * Copyright (C) Tim Potter, 1999-2000
   7  * Copyright (C) Alexander Bokovoy, 2002
   8  * Copyright (C) Andrew Bartlett, 2002
   9  *
  10  * This program is free software; you can redistribute it and/or modify
  11  * it under the terms of the GNU General Public License as published by
  12  * the Free Software Foundation; either version 3 of the License, or
  13  * (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU General Public License
  21  * along with this program; if not, see <http://www.gnu.org/licenses/>.
  22  */
  23
  24 #include "includes.h"
  25 #include "smbd/smbd.h"
  26 #include "system/filesys.h"
  27 #include "auth.h"
  28
  29 #undef DBGC_CLASS
  30 #define DBGC_CLASS DBGC_VFS
  31
  32 static int fake_perms_stat(vfs_handle_struct *handle,
  33                            struct smb_filename *smb_fname)
  34 {
  35         int ret;
  36
  37         ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
  38         if (ret != 0) {
  39                 return ret;
  40         }
  41
  42         if (S_ISDIR(smb_fname->st.st_ex_mode)) {
  43                 smb_fname->st.st_ex_mode = S_IFDIR | S_IRWXU;
  44         } else {
  45                 smb_fname->st.st_ex_mode = S_IRWXU;
  46         }
  47
  48         if (handle->conn->session_info != NULL) {
  49                 struct security_unix_token *utok;
  50
  51                 utok = handle->conn->session_info->unix_token;
  52                 smb_fname->st.st_ex_uid = utok->uid;
  53                 smb_fname->st.st_ex_gid = utok->gid;
  54         } else {
  55                 /*
  56                  * We have an artificial connection for dfs for example. It
  57                  * sucks, but the current uid/gid is the best we have.
  58                  */
  59                 smb_fname->st.st_ex_uid = geteuid();
  60                 smb_fname->st.st_ex_gid = getegid();
  61         }
  62
  63         return ret;
  64 }
  65
  66 static int fake_perms_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STRUCT_STAT *sbuf)
  67 {
  68         int ret;
  69
  70         ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
  71         if (ret != 0) {
  72                 return ret;
  73         }
  74
  75         if (S_ISDIR(sbuf->st_ex_mode)) {
  76                 sbuf->st_ex_mode = S_IFDIR | S_IRWXU;
  77         } else {
  78                 sbuf->st_ex_mode = S_IRWXU;
  79         }
  80         if (handle->conn->session_info != NULL) {
  81                 struct security_unix_token *utok;
  82
  83                 utok = handle->conn->session_info->unix_token;
  84                 sbuf->st_ex_uid = utok->uid;
  85                 sbuf->st_ex_gid = utok->gid;
  86         } else {
  87                 /*
  88                  * We have an artificial connection for dfs for example. It
  89                  * sucks, but the current uid/gid is the best we have.
  90                  */
  91                 sbuf->st_ex_uid = geteuid();
  92                 sbuf->st_ex_gid = getegid();
  93         }
  94
  95         return ret;
  96 }
  97
  98 static struct vfs_fn_pointers vfs_fake_perms_fns = {
  99         .stat_fn = fake_perms_stat,
 100         .fstat_fn = fake_perms_fstat
 101 };
 102
 103 static_decl_vfs;
 104 NTSTATUS vfs_fake_perms_init(TALLOC_CTX *ctx)
 105 {
 106         return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "fake_perms",
 107                                 &vfs_fake_perms_fns);
 108 }