2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 extern const struct generic_mapping file_generic_mapping
;
25 extern struct current_user current_user
;
26 extern userdom_struct current_user_info
;
27 extern bool global_client_failed_oplock_break
;
29 struct deferred_open_record
{
30 bool delayed_for_oplocks
;
34 /****************************************************************************
35 fd support routines - attempt to do a dos_open.
36 ****************************************************************************/
38 static NTSTATUS
fd_open(struct connection_struct
*conn
,
44 NTSTATUS status
= NT_STATUS_OK
;
48 * Never follow symlinks on a POSIX client. The
49 * client should be doing this.
52 if (fsp
->posix_open
|| !lp_symlinks(SNUM(conn
))) {
57 fsp
->fh
->fd
= SMB_VFS_OPEN(conn
,fname
,fsp
,flags
,mode
);
58 if (fsp
->fh
->fd
== -1) {
59 status
= map_nt_error_from_unix(errno
);
62 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
63 fname
, flags
, (int)mode
, fsp
->fh
->fd
,
64 (fsp
->fh
->fd
== -1) ? strerror(errno
) : "" ));
69 /****************************************************************************
70 Close the file associated with a fsp.
71 ****************************************************************************/
73 NTSTATUS
fd_close(files_struct
*fsp
)
77 if (fsp
->fh
->fd
== -1) {
78 return NT_STATUS_OK
; /* What we used to call a stat open. */
80 if (fsp
->fh
->ref_count
> 1) {
81 return NT_STATUS_OK
; /* Shared handle. Only close last reference. */
84 ret
= SMB_VFS_CLOSE(fsp
);
87 return map_nt_error_from_unix(errno
);
92 /****************************************************************************
93 Change the ownership of a file to that of the parent directory.
94 Do this by fd if possible.
95 ****************************************************************************/
97 static void change_file_owner_to_parent(connection_struct
*conn
,
98 const char *inherit_from_dir
,
101 SMB_STRUCT_STAT parent_st
;
104 ret
= SMB_VFS_STAT(conn
, inherit_from_dir
, &parent_st
);
106 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
107 "directory %s. Error was %s\n",
108 inherit_from_dir
, strerror(errno
) ));
113 ret
= SMB_VFS_FCHOWN(fsp
, parent_st
.st_uid
, (gid_t
)-1);
116 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
117 "file %s to parent directory uid %u. Error "
118 "was %s\n", fsp
->fsp_name
,
119 (unsigned int)parent_st
.st_uid
,
123 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
124 "parent directory uid %u.\n", fsp
->fsp_name
,
125 (unsigned int)parent_st
.st_uid
));
128 static NTSTATUS
change_dir_owner_to_parent(connection_struct
*conn
,
129 const char *inherit_from_dir
,
131 SMB_STRUCT_STAT
*psbuf
)
133 char *saved_dir
= NULL
;
134 SMB_STRUCT_STAT sbuf
;
135 SMB_STRUCT_STAT parent_st
;
136 TALLOC_CTX
*ctx
= talloc_tos();
137 NTSTATUS status
= NT_STATUS_OK
;
140 ret
= SMB_VFS_STAT(conn
, inherit_from_dir
, &parent_st
);
142 status
= map_nt_error_from_unix(errno
);
143 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
144 "directory %s. Error was %s\n",
145 inherit_from_dir
, strerror(errno
) ));
149 /* We've already done an lstat into psbuf, and we know it's a
150 directory. If we can cd into the directory and the dev/ino
151 are the same then we can safely chown without races as
152 we're locking the directory in place by being in it. This
153 should work on any UNIX (thanks tridge :-). JRA.
156 saved_dir
= vfs_GetWd(ctx
,conn
);
158 status
= map_nt_error_from_unix(errno
);
159 DEBUG(0,("change_dir_owner_to_parent: failed to get "
160 "current working directory. Error was %s\n",
165 /* Chdir into the new path. */
166 if (vfs_ChDir(conn
, fname
) == -1) {
167 status
= map_nt_error_from_unix(errno
);
168 DEBUG(0,("change_dir_owner_to_parent: failed to change "
169 "current working directory to %s. Error "
170 "was %s\n", fname
, strerror(errno
) ));
174 if (SMB_VFS_STAT(conn
,".",&sbuf
) == -1) {
175 status
= map_nt_error_from_unix(errno
);
176 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
177 "directory '.' (%s) Error was %s\n",
178 fname
, strerror(errno
)));
182 /* Ensure we're pointing at the same place. */
183 if (sbuf
.st_dev
!= psbuf
->st_dev
||
184 sbuf
.st_ino
!= psbuf
->st_ino
||
185 sbuf
.st_mode
!= psbuf
->st_mode
) {
186 DEBUG(0,("change_dir_owner_to_parent: "
187 "device/inode/mode on directory %s changed. "
188 "Refusing to chown !\n", fname
));
189 status
= NT_STATUS_ACCESS_DENIED
;
194 ret
= SMB_VFS_CHOWN(conn
, ".", parent_st
.st_uid
, (gid_t
)-1);
197 status
= map_nt_error_from_unix(errno
);
198 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
199 "directory %s to parent directory uid %u. "
200 "Error was %s\n", fname
,
201 (unsigned int)parent_st
.st_uid
, strerror(errno
) ));
205 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
206 "directory %s to parent directory uid %u.\n",
207 fname
, (unsigned int)parent_st
.st_uid
));
211 vfs_ChDir(conn
,saved_dir
);
215 /****************************************************************************
217 ****************************************************************************/
219 static NTSTATUS
open_file(files_struct
*fsp
,
220 connection_struct
*conn
,
221 struct smb_request
*req
,
222 const char *parent_dir
,
225 SMB_STRUCT_STAT
*psbuf
,
228 uint32 access_mask
, /* client requested access mask. */
229 uint32 open_access_mask
) /* what we're actually using in the open. */
231 NTSTATUS status
= NT_STATUS_OK
;
232 int accmode
= (flags
& O_ACCMODE
);
233 int local_flags
= flags
;
234 bool file_existed
= VALID_STAT(*psbuf
);
239 /* Check permissions */
242 * This code was changed after seeing a client open request
243 * containing the open mode of (DENY_WRITE/read-only) with
244 * the 'create if not exist' bit set. The previous code
245 * would fail to open the file read only on a read-only share
246 * as it was checking the flags parameter directly against O_RDONLY,
247 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
251 if (!CAN_WRITE(conn
)) {
252 /* It's a read-only share - fail if we wanted to write. */
253 if(accmode
!= O_RDONLY
) {
254 DEBUG(3,("Permission denied opening %s\n", path
));
255 return NT_STATUS_ACCESS_DENIED
;
256 } else if(flags
& O_CREAT
) {
257 /* We don't want to write - but we must make sure that
258 O_CREAT doesn't create the file if we have write
259 access into the directory.
262 local_flags
&= ~O_CREAT
;
267 * This little piece of insanity is inspired by the
268 * fact that an NT client can open a file for O_RDONLY,
269 * but set the create disposition to FILE_EXISTS_TRUNCATE.
270 * If the client *can* write to the file, then it expects to
271 * truncate the file, even though it is opening for readonly.
272 * Quicken uses this stupid trick in backup file creation...
273 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
274 * for helping track this one down. It didn't bite us in 2.0.x
275 * as we always opened files read-write in that release. JRA.
278 if ((accmode
== O_RDONLY
) && ((flags
& O_TRUNC
) == O_TRUNC
)) {
279 DEBUG(10,("open_file: truncate requested on read-only open "
280 "for file %s\n", path
));
281 local_flags
= (flags
& ~O_ACCMODE
)|O_RDWR
;
284 if ((open_access_mask
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ||
285 (!file_existed
&& (local_flags
& O_CREAT
)) ||
286 ((local_flags
& O_TRUNC
) == O_TRUNC
) ) {
290 * We can't actually truncate here as the file may be locked.
291 * open_file_ntcreate will take care of the truncate later. JRA.
294 local_flags
&= ~O_TRUNC
;
296 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
298 * We would block on opening a FIFO with no one else on the
299 * other end. Do what we used to do and add O_NONBLOCK to the
303 if (file_existed
&& S_ISFIFO(psbuf
->st_mode
)) {
304 local_flags
|= O_NONBLOCK
;
308 /* Don't create files with Microsoft wildcard characters. */
311 * wildcard characters are allowed in stream names
312 * only test the basefilename
314 wild
= fsp
->base_fsp
->fsp_name
;
318 if ((local_flags
& O_CREAT
) && !file_existed
&&
320 return NT_STATUS_OBJECT_NAME_INVALID
;
323 /* Actually do the open */
324 status
= fd_open(conn
, path
, fsp
, local_flags
, unx_mode
);
325 if (!NT_STATUS_IS_OK(status
)) {
326 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
328 path
,nt_errstr(status
),local_flags
,flags
));
332 if ((local_flags
& O_CREAT
) && !file_existed
) {
334 /* Inherit the ACL if required */
335 if (lp_inherit_perms(SNUM(conn
))) {
336 inherit_access_acl(conn
, parent_dir
, path
,
340 /* Change the owner if required. */
341 if (lp_inherit_owner(SNUM(conn
))) {
342 change_file_owner_to_parent(conn
, parent_dir
,
346 notify_fname(conn
, NOTIFY_ACTION_ADDED
,
347 FILE_NOTIFY_CHANGE_FILE_NAME
, path
);
351 fsp
->fh
->fd
= -1; /* What we used to call a stat open. */
357 if (fsp
->fh
->fd
== -1) {
358 ret
= SMB_VFS_STAT(conn
, path
, psbuf
);
360 ret
= SMB_VFS_FSTAT(fsp
, psbuf
);
361 /* If we have an fd, this stat should succeed. */
363 DEBUG(0,("Error doing fstat on open file %s "
364 "(%s)\n", path
,strerror(errno
) ));
368 /* For a non-io open, this stat failing means file not found. JRA */
370 status
= map_nt_error_from_unix(errno
);
377 * POSIX allows read-only opens of directories. We don't
378 * want to do this (we use a different code path for this)
379 * so catch a directory open and return an EISDIR. JRA.
382 if(S_ISDIR(psbuf
->st_mode
)) {
385 return NT_STATUS_FILE_IS_A_DIRECTORY
;
388 fsp
->mode
= psbuf
->st_mode
;
389 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
390 fsp
->vuid
= req
? req
->vuid
: UID_FIELD_INVALID
;
391 fsp
->file_pid
= req
? req
->smbpid
: 0;
392 fsp
->can_lock
= True
;
393 fsp
->can_read
= (access_mask
& (FILE_READ_DATA
)) ? True
: False
;
394 if (!CAN_WRITE(conn
)) {
395 fsp
->can_write
= False
;
397 fsp
->can_write
= (access_mask
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) ?
400 fsp
->print_file
= False
;
401 fsp
->modified
= False
;
402 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
403 fsp
->is_directory
= False
;
404 fsp
->is_stat
= False
;
405 if (conn
->aio_write_behind_list
&&
406 is_in_path(path
, conn
->aio_write_behind_list
, conn
->case_sensitive
)) {
407 fsp
->aio_write_behind
= True
;
410 string_set(&fsp
->fsp_name
, path
);
411 fsp
->wcp
= NULL
; /* Write cache pointer. */
413 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
414 *current_user_info
.smb_name
?
415 current_user_info
.smb_name
: conn
->user
,fsp
->fsp_name
,
416 BOOLSTR(fsp
->can_read
), BOOLSTR(fsp
->can_write
),
417 conn
->num_files_open
));
423 /*******************************************************************
424 Return True if the filename is one of the special executable types.
425 ********************************************************************/
427 static bool is_executable(const char *fname
)
429 if ((fname
= strrchr_m(fname
,'.'))) {
430 if (strequal(fname
,".com") ||
431 strequal(fname
,".dll") ||
432 strequal(fname
,".exe") ||
433 strequal(fname
,".sym")) {
440 /****************************************************************************
441 Check if we can open a file with a share mode.
442 Returns True if conflict, False if not.
443 ****************************************************************************/
445 static bool share_conflict(struct share_mode_entry
*entry
,
449 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
450 "entry->share_access = 0x%x, "
451 "entry->private_options = 0x%x\n",
452 (unsigned int)entry
->access_mask
,
453 (unsigned int)entry
->share_access
,
454 (unsigned int)entry
->private_options
));
456 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
457 (unsigned int)access_mask
, (unsigned int)share_access
));
459 if ((entry
->access_mask
& (FILE_WRITE_DATA
|
463 DELETE_ACCESS
)) == 0) {
464 DEBUG(10,("share_conflict: No conflict due to "
465 "entry->access_mask = 0x%x\n",
466 (unsigned int)entry
->access_mask
));
470 if ((access_mask
& (FILE_WRITE_DATA
|
474 DELETE_ACCESS
)) == 0) {
475 DEBUG(10,("share_conflict: No conflict due to "
476 "access_mask = 0x%x\n",
477 (unsigned int)access_mask
));
481 #if 1 /* JRA TEST - Superdebug. */
482 #define CHECK_MASK(num, am, right, sa, share) \
483 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
484 (unsigned int)(num), (unsigned int)(am), \
485 (unsigned int)(right), (unsigned int)(am)&(right) )); \
486 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
487 (unsigned int)(num), (unsigned int)(sa), \
488 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
489 if (((am) & (right)) && !((sa) & (share))) { \
490 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
491 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
492 (unsigned int)(share) )); \
496 #define CHECK_MASK(num, am, right, sa, share) \
497 if (((am) & (right)) && !((sa) & (share))) { \
498 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
499 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
500 (unsigned int)(share) )); \
505 CHECK_MASK(1, entry
->access_mask
, FILE_WRITE_DATA
| FILE_APPEND_DATA
,
506 share_access
, FILE_SHARE_WRITE
);
507 CHECK_MASK(2, access_mask
, FILE_WRITE_DATA
| FILE_APPEND_DATA
,
508 entry
->share_access
, FILE_SHARE_WRITE
);
510 CHECK_MASK(3, entry
->access_mask
, FILE_READ_DATA
| FILE_EXECUTE
,
511 share_access
, FILE_SHARE_READ
);
512 CHECK_MASK(4, access_mask
, FILE_READ_DATA
| FILE_EXECUTE
,
513 entry
->share_access
, FILE_SHARE_READ
);
515 CHECK_MASK(5, entry
->access_mask
, DELETE_ACCESS
,
516 share_access
, FILE_SHARE_DELETE
);
517 CHECK_MASK(6, access_mask
, DELETE_ACCESS
,
518 entry
->share_access
, FILE_SHARE_DELETE
);
520 DEBUG(10,("share_conflict: No conflict.\n"));
524 #if defined(DEVELOPER)
525 static void validate_my_share_entries(int num
,
526 struct share_mode_entry
*share_entry
)
530 if (!procid_is_me(&share_entry
->pid
)) {
534 if (is_deferred_open_entry(share_entry
) &&
535 !open_was_deferred(share_entry
->op_mid
)) {
536 char *str
= talloc_asprintf(talloc_tos(),
537 "Got a deferred entry without a request: "
539 share_mode_str(talloc_tos(), num
, share_entry
));
543 if (!is_valid_share_mode_entry(share_entry
)) {
547 fsp
= file_find_dif(share_entry
->id
,
548 share_entry
->share_file_id
);
550 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
551 share_mode_str(talloc_tos(), num
, share_entry
) ));
552 smb_panic("validate_my_share_entries: Cannot match a "
553 "share entry with an open file\n");
556 if (is_deferred_open_entry(share_entry
) ||
557 is_unused_share_mode_entry(share_entry
)) {
561 if ((share_entry
->op_type
== NO_OPLOCK
) &&
562 (fsp
->oplock_type
== FAKE_LEVEL_II_OPLOCK
)) {
563 /* Someone has already written to it, but I haven't yet
568 if (((uint16
)fsp
->oplock_type
) != share_entry
->op_type
) {
577 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
578 share_mode_str(talloc_tos(), num
, share_entry
) ));
579 str
= talloc_asprintf(talloc_tos(),
580 "validate_my_share_entries: "
581 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
582 fsp
->fsp_name
, (unsigned int)fsp
->oplock_type
,
583 (unsigned int)share_entry
->op_type
);
589 static bool is_stat_open(uint32 access_mask
)
591 return (access_mask
&&
592 ((access_mask
& ~(SYNCHRONIZE_ACCESS
| FILE_READ_ATTRIBUTES
|
593 FILE_WRITE_ATTRIBUTES
))==0) &&
594 ((access_mask
& (SYNCHRONIZE_ACCESS
|FILE_READ_ATTRIBUTES
|
595 FILE_WRITE_ATTRIBUTES
)) != 0));
598 /****************************************************************************
599 Deal with share modes
600 Invarient: Share mode must be locked on entry and exit.
601 Returns -1 on error, or number of share modes on success (may be zero).
602 ****************************************************************************/
604 static NTSTATUS
open_mode_check(connection_struct
*conn
,
606 struct share_mode_lock
*lck
,
609 uint32 create_options
,
614 if(lck
->num_share_modes
== 0) {
618 *file_existed
= True
;
620 /* A delete on close prohibits everything */
622 if (lck
->delete_on_close
) {
623 return NT_STATUS_DELETE_PENDING
;
626 if (is_stat_open(access_mask
)) {
627 /* Stat open that doesn't trigger oplock breaks or share mode
628 * checks... ! JRA. */
633 * Check if the share modes will give us access.
636 #if defined(DEVELOPER)
637 for(i
= 0; i
< lck
->num_share_modes
; i
++) {
638 validate_my_share_entries(i
, &lck
->share_modes
[i
]);
642 if (!lp_share_modes(SNUM(conn
))) {
646 /* Now we check the share modes, after any oplock breaks. */
647 for(i
= 0; i
< lck
->num_share_modes
; i
++) {
649 if (!is_valid_share_mode_entry(&lck
->share_modes
[i
])) {
653 /* someone else has a share lock on it, check to see if we can
655 if (share_conflict(&lck
->share_modes
[i
],
656 access_mask
, share_access
)) {
657 return NT_STATUS_SHARING_VIOLATION
;
664 static bool is_delete_request(files_struct
*fsp
) {
665 return ((fsp
->access_mask
== DELETE_ACCESS
) &&
666 (fsp
->oplock_type
== NO_OPLOCK
));
670 * 1) No files open at all or internal open: Grant whatever the client wants.
672 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
673 * request, break if the oplock around is a batch oplock. If it's another
674 * requested access type, break.
676 * 3) Only level2 around: Grant level2 and do nothing else.
679 static bool delay_for_oplocks(struct share_mode_lock
*lck
,
686 struct share_mode_entry
*exclusive
= NULL
;
687 bool valid_entry
= False
;
688 bool delay_it
= False
;
689 bool have_level2
= False
;
691 char msg
[MSG_SMB_SHARE_MODE_ENTRY_SIZE
];
693 if (oplock_request
& INTERNAL_OPEN_ONLY
) {
694 fsp
->oplock_type
= NO_OPLOCK
;
697 if ((oplock_request
& INTERNAL_OPEN_ONLY
) || is_stat_open(fsp
->access_mask
)) {
701 for (i
=0; i
<lck
->num_share_modes
; i
++) {
703 if (!is_valid_share_mode_entry(&lck
->share_modes
[i
])) {
707 /* At least one entry is not an invalid or deferred entry. */
710 if (pass_number
== 1) {
711 if (BATCH_OPLOCK_TYPE(lck
->share_modes
[i
].op_type
)) {
712 SMB_ASSERT(exclusive
== NULL
);
713 exclusive
= &lck
->share_modes
[i
];
716 if (EXCLUSIVE_OPLOCK_TYPE(lck
->share_modes
[i
].op_type
)) {
717 SMB_ASSERT(exclusive
== NULL
);
718 exclusive
= &lck
->share_modes
[i
];
722 if (lck
->share_modes
[i
].op_type
== LEVEL_II_OPLOCK
) {
723 SMB_ASSERT(exclusive
== NULL
);
729 /* All entries are placeholders or deferred.
730 * Directly grant whatever the client wants. */
731 if (fsp
->oplock_type
== NO_OPLOCK
) {
732 /* Store a level2 oplock, but don't tell the client */
733 fsp
->oplock_type
= FAKE_LEVEL_II_OPLOCK
;
738 if (exclusive
!= NULL
) { /* Found an exclusive oplock */
739 SMB_ASSERT(!have_level2
);
740 delay_it
= is_delete_request(fsp
) ?
741 BATCH_OPLOCK_TYPE(exclusive
->op_type
) : True
;
744 if (EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
745 /* We can at most grant level2 as there are other
746 * level2 or NO_OPLOCK entries. */
747 fsp
->oplock_type
= LEVEL_II_OPLOCK
;
750 if ((fsp
->oplock_type
== NO_OPLOCK
) && have_level2
) {
751 /* Store a level2 oplock, but don't tell the client */
752 fsp
->oplock_type
= FAKE_LEVEL_II_OPLOCK
;
760 * Send a break message to the oplock holder and delay the open for
764 DEBUG(10, ("Sending break request to PID %s\n",
765 procid_str_static(&exclusive
->pid
)));
766 exclusive
->op_mid
= mid
;
768 /* Create the message. */
769 share_mode_entry_to_message(msg
, exclusive
);
771 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
772 don't want this set in the share mode struct pointed to by lck. */
774 if (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
) {
775 SSVAL(msg
,6,exclusive
->op_type
| FORCE_OPLOCK_BREAK_TO_NONE
);
778 status
= messaging_send_buf(smbd_messaging_context(), exclusive
->pid
,
779 MSG_SMB_BREAK_REQUEST
,
781 MSG_SMB_SHARE_MODE_ENTRY_SIZE
);
782 if (!NT_STATUS_IS_OK(status
)) {
783 DEBUG(3, ("Could not send oplock break message: %s\n",
790 static bool request_timed_out(struct timeval request_time
,
791 struct timeval timeout
)
793 struct timeval now
, end_time
;
795 end_time
= timeval_sum(&request_time
, &timeout
);
796 return (timeval_compare(&end_time
, &now
) < 0);
799 /****************************************************************************
800 Handle the 1 second delay in returning a SHARING_VIOLATION error.
801 ****************************************************************************/
803 static void defer_open(struct share_mode_lock
*lck
,
804 struct timeval request_time
,
805 struct timeval timeout
,
806 struct smb_request
*req
,
807 struct deferred_open_record
*state
)
813 for (i
=0; i
<lck
->num_share_modes
; i
++) {
814 struct share_mode_entry
*e
= &lck
->share_modes
[i
];
816 if (!is_deferred_open_entry(e
)) {
820 if (procid_is_me(&e
->pid
) && (e
->op_mid
== req
->mid
)) {
821 DEBUG(0, ("Trying to defer an already deferred "
822 "request: mid=%d, exiting\n", req
->mid
));
823 exit_server("attempt to defer a deferred request");
827 /* End paranoia check */
829 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
830 "open entry for mid %u\n",
831 (unsigned int)request_time
.tv_sec
,
832 (unsigned int)request_time
.tv_usec
,
833 (unsigned int)req
->mid
));
835 if (!push_deferred_smb_message(req
, request_time
, timeout
,
836 (char *)state
, sizeof(*state
))) {
837 exit_server("push_deferred_smb_message failed");
839 add_deferred_open(lck
, req
->mid
, request_time
, state
->id
);
842 * Push the MID of this packet on the signing queue.
843 * We only do this once, the first time we push the packet
844 * onto the deferred open queue, as this has a side effect
845 * of incrementing the response sequence number.
848 srv_defer_sign_response(req
->mid
);
852 /****************************************************************************
853 On overwrite open ensure that the attributes match.
854 ****************************************************************************/
856 static bool open_match_attributes(connection_struct
*conn
,
860 mode_t existing_unx_mode
,
862 mode_t
*returned_unx_mode
)
864 uint32 noarch_old_dos_attr
, noarch_new_dos_attr
;
866 noarch_old_dos_attr
= (old_dos_attr
& ~FILE_ATTRIBUTE_ARCHIVE
);
867 noarch_new_dos_attr
= (new_dos_attr
& ~FILE_ATTRIBUTE_ARCHIVE
);
869 if((noarch_old_dos_attr
== 0 && noarch_new_dos_attr
!= 0) ||
870 (noarch_old_dos_attr
!= 0 && ((noarch_old_dos_attr
& noarch_new_dos_attr
) == noarch_old_dos_attr
))) {
871 *returned_unx_mode
= new_unx_mode
;
873 *returned_unx_mode
= (mode_t
)0;
876 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
877 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
878 "returned_unx_mode = 0%o\n",
880 (unsigned int)old_dos_attr
,
881 (unsigned int)existing_unx_mode
,
882 (unsigned int)new_dos_attr
,
883 (unsigned int)*returned_unx_mode
));
885 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
886 if (lp_map_system(SNUM(conn
)) || lp_store_dos_attributes(SNUM(conn
))) {
887 if ((old_dos_attr
& FILE_ATTRIBUTE_SYSTEM
) &&
888 !(new_dos_attr
& FILE_ATTRIBUTE_SYSTEM
)) {
892 if (lp_map_hidden(SNUM(conn
)) || lp_store_dos_attributes(SNUM(conn
))) {
893 if ((old_dos_attr
& FILE_ATTRIBUTE_HIDDEN
) &&
894 !(new_dos_attr
& FILE_ATTRIBUTE_HIDDEN
)) {
901 /****************************************************************************
902 Special FCB or DOS processing in the case of a sharing violation.
903 Try and find a duplicated file handle.
904 ****************************************************************************/
906 static NTSTATUS
fcb_or_dos_open(connection_struct
*conn
,
907 files_struct
*fsp_to_dup_into
,
914 uint32 create_options
)
918 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
919 "file %s.\n", fname
));
921 for(fsp
= file_find_di_first(id
); fsp
;
922 fsp
= file_find_di_next(fsp
)) {
924 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
925 "vuid = %u, file_pid = %u, private_options = 0x%x "
926 "access_mask = 0x%x\n", fsp
->fsp_name
,
927 fsp
->fh
->fd
, (unsigned int)fsp
->vuid
,
928 (unsigned int)fsp
->file_pid
,
929 (unsigned int)fsp
->fh
->private_options
,
930 (unsigned int)fsp
->access_mask
));
932 if (fsp
->fh
->fd
!= -1 &&
934 fsp
->file_pid
== file_pid
&&
935 (fsp
->fh
->private_options
& (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
|
936 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
)) &&
937 (fsp
->access_mask
& FILE_WRITE_DATA
) &&
938 strequal(fsp
->fsp_name
, fname
)) {
939 DEBUG(10,("fcb_or_dos_open: file match\n"));
945 return NT_STATUS_NOT_FOUND
;
948 /* quite an insane set of semantics ... */
949 if (is_executable(fname
) &&
950 (fsp
->fh
->private_options
& NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
)) {
951 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
952 return NT_STATUS_INVALID_PARAMETER
;
955 /* We need to duplicate this fsp. */
956 dup_file_fsp(fsp
, access_mask
, share_access
,
957 create_options
, fsp_to_dup_into
);
962 /****************************************************************************
963 Open a file with a share mode - old openX method - map into NTCreate.
964 ****************************************************************************/
966 bool map_open_params_to_ntcreate(const char *fname
, int deny_mode
, int open_func
,
967 uint32
*paccess_mask
,
969 uint32
*pcreate_disposition
,
970 uint32
*pcreate_options
)
974 uint32 create_disposition
;
975 uint32 create_options
= 0;
977 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
978 "open_func = 0x%x\n",
979 fname
, (unsigned int)deny_mode
, (unsigned int)open_func
));
981 /* Create the NT compatible access_mask. */
982 switch (GET_OPENX_MODE(deny_mode
)) {
983 case DOS_OPEN_EXEC
: /* Implies read-only - used to be FILE_READ_DATA */
984 case DOS_OPEN_RDONLY
:
985 access_mask
= FILE_GENERIC_READ
;
987 case DOS_OPEN_WRONLY
:
988 access_mask
= FILE_GENERIC_WRITE
;
992 access_mask
= FILE_GENERIC_READ
|FILE_GENERIC_WRITE
;
995 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
996 (unsigned int)GET_OPENX_MODE(deny_mode
)));
1000 /* Create the NT compatible create_disposition. */
1001 switch (open_func
) {
1002 case OPENX_FILE_EXISTS_FAIL
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1003 create_disposition
= FILE_CREATE
;
1006 case OPENX_FILE_EXISTS_OPEN
:
1007 create_disposition
= FILE_OPEN
;
1010 case OPENX_FILE_EXISTS_OPEN
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1011 create_disposition
= FILE_OPEN_IF
;
1014 case OPENX_FILE_EXISTS_TRUNCATE
:
1015 create_disposition
= FILE_OVERWRITE
;
1018 case OPENX_FILE_EXISTS_TRUNCATE
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1019 create_disposition
= FILE_OVERWRITE_IF
;
1023 /* From samba4 - to be confirmed. */
1024 if (GET_OPENX_MODE(deny_mode
) == DOS_OPEN_EXEC
) {
1025 create_disposition
= FILE_CREATE
;
1028 DEBUG(10,("map_open_params_to_ntcreate: bad "
1029 "open_func 0x%x\n", (unsigned int)open_func
));
1033 /* Create the NT compatible share modes. */
1034 switch (GET_DENY_MODE(deny_mode
)) {
1036 share_mode
= FILE_SHARE_NONE
;
1040 share_mode
= FILE_SHARE_READ
;
1044 share_mode
= FILE_SHARE_WRITE
;
1048 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1052 create_options
|= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
;
1053 if (is_executable(fname
)) {
1054 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1056 if (GET_OPENX_MODE(deny_mode
) == DOS_OPEN_RDONLY
) {
1057 share_mode
= FILE_SHARE_READ
;
1059 share_mode
= FILE_SHARE_NONE
;
1065 create_options
|= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
;
1066 share_mode
= FILE_SHARE_NONE
;
1070 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1071 (unsigned int)GET_DENY_MODE(deny_mode
) ));
1075 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1076 "share_mode = 0x%x, create_disposition = 0x%x, "
1077 "create_options = 0x%x\n",
1079 (unsigned int)access_mask
,
1080 (unsigned int)share_mode
,
1081 (unsigned int)create_disposition
,
1082 (unsigned int)create_options
));
1085 *paccess_mask
= access_mask
;
1088 *pshare_mode
= share_mode
;
1090 if (pcreate_disposition
) {
1091 *pcreate_disposition
= create_disposition
;
1093 if (pcreate_options
) {
1094 *pcreate_options
= create_options
;
1101 static void schedule_defer_open(struct share_mode_lock
*lck
,
1102 struct timeval request_time
,
1103 struct smb_request
*req
)
1105 struct deferred_open_record state
;
1107 /* This is a relative time, added to the absolute
1108 request_time value to get the absolute timeout time.
1109 Note that if this is the second or greater time we enter
1110 this codepath for this particular request mid then
1111 request_time is left as the absolute time of the *first*
1112 time this request mid was processed. This is what allows
1113 the request to eventually time out. */
1115 struct timeval timeout
;
1117 /* Normally the smbd we asked should respond within
1118 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1119 * the client did, give twice the timeout as a safety
1120 * measure here in case the other smbd is stuck
1121 * somewhere else. */
1123 timeout
= timeval_set(OPLOCK_BREAK_TIMEOUT
*2, 0);
1125 /* Nothing actually uses state.delayed_for_oplocks
1126 but it's handy to differentiate in debug messages
1127 between a 30 second delay due to oplock break, and
1128 a 1 second delay for share mode conflicts. */
1130 state
.delayed_for_oplocks
= True
;
1133 if (!request_timed_out(request_time
, timeout
)) {
1134 defer_open(lck
, request_time
, timeout
, req
, &state
);
1138 /****************************************************************************
1139 Open a file with a share mode. Passed in an already created files_struct *.
1140 ****************************************************************************/
1142 static NTSTATUS
open_file_ntcreate_internal(connection_struct
*conn
,
1143 struct smb_request
*req
,
1145 SMB_STRUCT_STAT
*psbuf
,
1146 uint32 access_mask
, /* access bits (FILE_READ_DATA etc.) */
1147 uint32 share_access
, /* share constants (FILE_SHARE_READ etc) */
1148 uint32 create_disposition
, /* FILE_OPEN_IF etc. */
1149 uint32 create_options
, /* options such as delete on close. */
1150 uint32 new_dos_attributes
, /* attributes used for new file. */
1151 int oplock_request
, /* internal Samba oplock codes. */
1152 /* Information (FILE_EXISTS etc.) */
1158 bool file_existed
= VALID_STAT(*psbuf
);
1159 bool def_acl
= False
;
1160 bool posix_open
= False
;
1161 bool new_file_created
= False
;
1163 NTSTATUS fsp_open
= NT_STATUS_ACCESS_DENIED
;
1164 mode_t new_unx_mode
= (mode_t
)0;
1165 mode_t unx_mode
= (mode_t
)0;
1167 uint32 existing_dos_attributes
= 0;
1168 struct pending_message_list
*pml
= NULL
;
1169 struct timeval request_time
= timeval_zero();
1170 struct share_mode_lock
*lck
= NULL
;
1171 uint32 open_access_mask
= access_mask
;
1175 const char *newname
;
1179 if (conn
->printer
) {
1181 * Printers are handled completely differently.
1182 * Most of the passed parameters are ignored.
1186 *pinfo
= FILE_WAS_CREATED
;
1189 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname
));
1191 return print_fsp_open(conn
, fname
, fsp
);
1194 if (!parent_dirname_talloc(talloc_tos(), fname
, &parent_dir
,
1196 return NT_STATUS_NO_MEMORY
;
1199 if (new_dos_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
1201 unx_mode
= (mode_t
)(new_dos_attributes
& ~FILE_FLAG_POSIX_SEMANTICS
);
1202 new_dos_attributes
= 0;
1204 /* We add aARCH to this as this mode is only used if the file is
1206 unx_mode
= unix_mode(conn
, new_dos_attributes
| aARCH
, fname
,
1210 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1211 "access_mask=0x%x share_access=0x%x "
1212 "create_disposition = 0x%x create_options=0x%x "
1213 "unix mode=0%o oplock_request=%d\n",
1214 fname
, new_dos_attributes
, access_mask
, share_access
,
1215 create_disposition
, create_options
, unx_mode
,
1218 if ((req
== NULL
) && ((oplock_request
& INTERNAL_OPEN_ONLY
) == 0)) {
1219 DEBUG(0, ("No smb request but not an internal only open!\n"));
1220 return NT_STATUS_INTERNAL_ERROR
;
1224 * Only non-internal opens can be deferred at all
1228 && ((pml
= get_open_deferred_message(req
->mid
)) != NULL
)) {
1229 struct deferred_open_record
*state
=
1230 (struct deferred_open_record
*)pml
->private_data
.data
;
1232 /* Remember the absolute time of the original
1233 request with this mid. We'll use it later to
1234 see if this has timed out. */
1236 request_time
= pml
->request_time
;
1238 /* Remove the deferred open entry under lock. */
1239 lck
= get_share_mode_lock(talloc_tos(), state
->id
, NULL
, NULL
,
1242 DEBUG(0, ("could not get share mode lock\n"));
1244 del_deferred_open_entry(lck
, req
->mid
);
1248 /* Ensure we don't reprocess this message. */
1249 remove_deferred_open_smb_message(req
->mid
);
1252 status
= check_name(conn
, fname
);
1253 if (!NT_STATUS_IS_OK(status
)) {
1258 new_dos_attributes
&= SAMBA_ATTRIBUTES_MASK
;
1260 existing_dos_attributes
= dos_mode(conn
, fname
, psbuf
);
1264 /* ignore any oplock requests if oplocks are disabled */
1265 if (!lp_oplocks(SNUM(conn
)) || global_client_failed_oplock_break
||
1266 IS_VETO_OPLOCK_PATH(conn
, fname
)) {
1267 /* Mask off everything except the private Samba bits. */
1268 oplock_request
&= SAMBA_PRIVATE_OPLOCK_MASK
;
1271 /* this is for OS/2 long file names - say we don't support them */
1272 if (!lp_posix_pathnames() && strstr(fname
,".+,;=[].")) {
1273 /* OS/2 Workplace shell fix may be main code stream in a later
1275 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1277 if (use_nt_status()) {
1278 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1280 return NT_STATUS_DOS(ERRDOS
, ERRcannotopen
);
1283 switch( create_disposition
) {
1285 * Currently we're using FILE_SUPERSEDE as the same as
1286 * FILE_OVERWRITE_IF but they really are
1287 * different. FILE_SUPERSEDE deletes an existing file
1288 * (requiring delete access) then recreates it.
1290 case FILE_SUPERSEDE
:
1291 /* If file exists replace/overwrite. If file doesn't
1293 flags2
|= (O_CREAT
| O_TRUNC
);
1296 case FILE_OVERWRITE_IF
:
1297 /* If file exists replace/overwrite. If file doesn't
1299 flags2
|= (O_CREAT
| O_TRUNC
);
1303 /* If file exists open. If file doesn't exist error. */
1304 if (!file_existed
) {
1305 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1306 "requested for file %s and file "
1307 "doesn't exist.\n", fname
));
1309 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1313 case FILE_OVERWRITE
:
1314 /* If file exists overwrite. If file doesn't exist
1316 if (!file_existed
) {
1317 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1318 "requested for file %s and file "
1319 "doesn't exist.\n", fname
));
1321 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1327 /* If file exists error. If file doesn't exist
1330 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1331 "requested for file %s and file "
1332 "already exists.\n", fname
));
1333 if (S_ISDIR(psbuf
->st_mode
)) {
1338 return map_nt_error_from_unix(errno
);
1340 flags2
|= (O_CREAT
|O_EXCL
);
1344 /* If file exists open. If file doesn't exist
1350 return NT_STATUS_INVALID_PARAMETER
;
1353 /* We only care about matching attributes on file exists and
1356 if (!posix_open
&& file_existed
&& ((create_disposition
== FILE_OVERWRITE
) ||
1357 (create_disposition
== FILE_OVERWRITE_IF
))) {
1358 if (!open_match_attributes(conn
, fname
,
1359 existing_dos_attributes
,
1360 new_dos_attributes
, psbuf
->st_mode
,
1361 unx_mode
, &new_unx_mode
)) {
1362 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1363 "for file %s (%x %x) (0%o, 0%o)\n",
1364 fname
, existing_dos_attributes
,
1366 (unsigned int)psbuf
->st_mode
,
1367 (unsigned int)unx_mode
));
1369 return NT_STATUS_ACCESS_DENIED
;
1373 /* This is a nasty hack - must fix... JRA. */
1374 if (access_mask
== MAXIMUM_ALLOWED_ACCESS
) {
1375 open_access_mask
= access_mask
= FILE_GENERIC_ALL
;
1379 * Convert GENERIC bits to specific bits.
1382 se_map_generic(&access_mask
, &file_generic_mapping
);
1383 open_access_mask
= access_mask
;
1385 if ((flags2
& O_TRUNC
) || (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
)) {
1386 open_access_mask
|= FILE_WRITE_DATA
; /* This will cause oplock breaks. */
1389 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1390 "access_mask=0x%x\n", fname
, access_mask
));
1393 * Note that we ignore the append flag as append does not
1394 * mean the same thing under DOS and Unix.
1397 if ((access_mask
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) ||
1398 (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
)) {
1399 /* DENY_DOS opens are always underlying read-write on the
1400 file handle, no matter what the requested access mask
1402 if ((create_options
& NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
) ||
1403 access_mask
& (FILE_READ_ATTRIBUTES
|FILE_READ_DATA
|FILE_READ_EA
|FILE_EXECUTE
)) {
1413 * Currently we only look at FILE_WRITE_THROUGH for create options.
1417 if ((create_options
& FILE_WRITE_THROUGH
) && lp_strict_sync(SNUM(conn
))) {
1422 if (posix_open
&& (access_mask
& FILE_APPEND_DATA
)) {
1426 if (!posix_open
&& !CAN_WRITE(conn
)) {
1428 * We should really return a permission denied error if either
1429 * O_CREAT or O_TRUNC are set, but for compatibility with
1430 * older versions of Samba we just AND them out.
1432 flags2
&= ~(O_CREAT
|O_TRUNC
);
1436 * Ensure we can't write on a read-only share or file.
1439 if (flags
!= O_RDONLY
&& file_existed
&&
1440 (!CAN_WRITE(conn
) || IS_DOS_READONLY(existing_dos_attributes
))) {
1441 DEBUG(5,("open_file_ntcreate: write access requested for "
1442 "file %s on read only %s\n",
1443 fname
, !CAN_WRITE(conn
) ? "share" : "file" ));
1445 return NT_STATUS_ACCESS_DENIED
;
1448 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
1449 fsp
->share_access
= share_access
;
1450 fsp
->fh
->private_options
= create_options
;
1451 fsp
->access_mask
= open_access_mask
; /* We change this to the
1452 * requested access_mask after
1453 * the open is done. */
1454 fsp
->posix_open
= posix_open
;
1456 /* Ensure no SAMBA_PRIVATE bits can be set. */
1457 fsp
->oplock_type
= (oplock_request
& ~SAMBA_PRIVATE_OPLOCK_MASK
);
1459 if (timeval_is_zero(&request_time
)) {
1460 request_time
= fsp
->open_time
;
1464 struct timespec old_write_time
= get_mtimespec(psbuf
);
1465 id
= vfs_file_id_from_sbuf(conn
, psbuf
);
1467 lck
= get_share_mode_lock(talloc_tos(), id
,
1469 fname
, &old_write_time
);
1472 DEBUG(0, ("Could not get share mode lock\n"));
1473 return NT_STATUS_SHARING_VIOLATION
;
1476 /* First pass - send break only on batch oplocks. */
1478 && delay_for_oplocks(lck
, fsp
, req
->mid
, 1,
1480 schedule_defer_open(lck
, request_time
, req
);
1482 return NT_STATUS_SHARING_VIOLATION
;
1485 /* Use the client requested access mask here, not the one we
1487 status
= open_mode_check(conn
, fname
, lck
,
1488 access_mask
, share_access
,
1489 create_options
, &file_existed
);
1491 if (NT_STATUS_IS_OK(status
)) {
1492 /* We might be going to allow this open. Check oplock
1494 /* Second pass - send break for both batch or
1495 * exclusive oplocks. */
1497 && delay_for_oplocks(lck
, fsp
, req
->mid
, 2,
1499 schedule_defer_open(lck
, request_time
, req
);
1501 return NT_STATUS_SHARING_VIOLATION
;
1505 if (NT_STATUS_EQUAL(status
, NT_STATUS_DELETE_PENDING
)) {
1506 /* DELETE_PENDING is not deferred for a second */
1511 if (!NT_STATUS_IS_OK(status
)) {
1512 uint32 can_access_mask
;
1513 bool can_access
= True
;
1515 SMB_ASSERT(NT_STATUS_EQUAL(status
, NT_STATUS_SHARING_VIOLATION
));
1517 /* Check if this can be done with the deny_dos and fcb
1519 if (create_options
&
1520 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
|
1521 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
)) {
1523 DEBUG(0, ("DOS open without an SMB "
1526 return NT_STATUS_INTERNAL_ERROR
;
1529 /* Use the client requested access mask here,
1530 * not the one we open with. */
1531 status
= fcb_or_dos_open(conn
,
1541 if (NT_STATUS_IS_OK(status
)) {
1544 *pinfo
= FILE_WAS_OPENED
;
1546 return NT_STATUS_OK
;
1551 * This next line is a subtlety we need for
1552 * MS-Access. If a file open will fail due to share
1553 * permissions and also for security (access) reasons,
1554 * we need to return the access failed error, not the
1555 * share error. We can't open the file due to kernel
1556 * oplock deadlock (it's possible we failed above on
1557 * the open_mode_check()) so use a userspace check.
1560 if (flags
& O_RDWR
) {
1561 can_access_mask
= FILE_READ_DATA
|FILE_WRITE_DATA
;
1562 } else if (flags
& O_WRONLY
) {
1563 can_access_mask
= FILE_WRITE_DATA
;
1565 can_access_mask
= FILE_READ_DATA
;
1568 if (((can_access_mask
& FILE_WRITE_DATA
) && !CAN_WRITE(conn
)) ||
1569 !can_access_file(conn
,fname
,psbuf
,can_access_mask
)) {
1574 * If we're returning a share violation, ensure we
1575 * cope with the braindead 1 second delay.
1578 if (!(oplock_request
& INTERNAL_OPEN_ONLY
) &&
1579 lp_defer_sharing_violations()) {
1580 struct timeval timeout
;
1581 struct deferred_open_record state
;
1584 /* this is a hack to speed up torture tests
1586 timeout_usecs
= lp_parm_int(SNUM(conn
),
1587 "smbd","sharedelay",
1588 SHARING_VIOLATION_USEC_WAIT
);
1590 /* This is a relative time, added to the absolute
1591 request_time value to get the absolute timeout time.
1592 Note that if this is the second or greater time we enter
1593 this codepath for this particular request mid then
1594 request_time is left as the absolute time of the *first*
1595 time this request mid was processed. This is what allows
1596 the request to eventually time out. */
1598 timeout
= timeval_set(0, timeout_usecs
);
1600 /* Nothing actually uses state.delayed_for_oplocks
1601 but it's handy to differentiate in debug messages
1602 between a 30 second delay due to oplock break, and
1603 a 1 second delay for share mode conflicts. */
1605 state
.delayed_for_oplocks
= False
;
1609 && !request_timed_out(request_time
,
1611 defer_open(lck
, request_time
, timeout
,
1619 * We have detected a sharing violation here
1620 * so return the correct error code
1622 status
= NT_STATUS_SHARING_VIOLATION
;
1624 status
= NT_STATUS_ACCESS_DENIED
;
1630 * We exit this block with the share entry *locked*.....
1634 SMB_ASSERT(!file_existed
|| (lck
!= NULL
));
1637 * Ensure we pay attention to default ACLs on directories if required.
1640 if ((flags2
& O_CREAT
) && lp_inherit_acls(SNUM(conn
)) &&
1641 (def_acl
= directory_has_default_acl(conn
, parent_dir
))) {
1645 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1646 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1647 (unsigned int)flags
, (unsigned int)flags2
,
1648 (unsigned int)unx_mode
, (unsigned int)access_mask
,
1649 (unsigned int)open_access_mask
));
1652 * open_file strips any O_TRUNC flags itself.
1655 fsp_open
= open_file(fsp
, conn
, req
, parent_dir
, newname
, fname
, psbuf
,
1656 flags
|flags2
, unx_mode
, access_mask
,
1659 if (!NT_STATUS_IS_OK(fsp_open
)) {
1666 if (!file_existed
) {
1667 struct timespec old_write_time
= get_mtimespec(psbuf
);
1669 * Deal with the race condition where two smbd's detect the
1670 * file doesn't exist and do the create at the same time. One
1671 * of them will win and set a share mode, the other (ie. this
1672 * one) should check if the requested share mode for this
1673 * create is allowed.
1677 * Now the file exists and fsp is successfully opened,
1678 * fsp->dev and fsp->inode are valid and should replace the
1679 * dev=0,inode=0 from a non existent file. Spotted by
1680 * Nadav Danieli <nadavd@exanet.com>. JRA.
1685 lck
= get_share_mode_lock(talloc_tos(), id
,
1687 fname
, &old_write_time
);
1690 DEBUG(0, ("open_file_ntcreate: Could not get share "
1691 "mode lock for %s\n", fname
));
1693 return NT_STATUS_SHARING_VIOLATION
;
1696 /* First pass - send break only on batch oplocks. */
1698 && delay_for_oplocks(lck
, fsp
, req
->mid
, 1,
1700 schedule_defer_open(lck
, request_time
, req
);
1703 return NT_STATUS_SHARING_VIOLATION
;
1706 status
= open_mode_check(conn
, fname
, lck
,
1707 access_mask
, share_access
,
1708 create_options
, &file_existed
);
1710 if (NT_STATUS_IS_OK(status
)) {
1711 /* We might be going to allow this open. Check oplock
1713 /* Second pass - send break for both batch or
1714 * exclusive oplocks. */
1716 && delay_for_oplocks(lck
, fsp
, req
->mid
, 2,
1718 schedule_defer_open(lck
, request_time
, req
);
1721 return NT_STATUS_SHARING_VIOLATION
;
1725 if (!NT_STATUS_IS_OK(status
)) {
1726 struct deferred_open_record state
;
1730 state
.delayed_for_oplocks
= False
;
1733 /* Do it all over again immediately. In the second
1734 * round we will find that the file existed and handle
1735 * the DELETE_PENDING and FCB cases correctly. No need
1736 * to duplicate the code here. Essentially this is a
1737 * "goto top of this function", but don't tell
1741 defer_open(lck
, request_time
, timeval_zero(),
1749 * We exit this block with the share entry *locked*.....
1754 SMB_ASSERT(lck
!= NULL
);
1756 /* note that we ignore failure for the following. It is
1757 basically a hack for NFS, and NFS will never set one of
1758 these only read them. Nobody but Samba can ever set a deny
1759 mode and we have already checked our more authoritative
1760 locking database for permission to set this deny mode. If
1761 the kernel refuses the operations then the kernel is wrong.
1762 note that GPFS supports it as well - jmcd */
1764 if (fsp
->fh
->fd
!= -1) {
1765 ret_flock
= SMB_VFS_KERNEL_FLOCK(fsp
, share_access
);
1766 if(ret_flock
== -1 ){
1771 return NT_STATUS_SHARING_VIOLATION
;
1776 * At this point onwards, we can guarentee that the share entry
1777 * is locked, whether we created the file or not, and that the
1778 * deny mode is compatible with all current opens.
1782 * If requested, truncate the file.
1785 if (flags2
&O_TRUNC
) {
1787 * We are modifing the file after open - update the stat
1790 if ((SMB_VFS_FTRUNCATE(fsp
, 0) == -1) ||
1791 (SMB_VFS_FSTAT(fsp
, psbuf
)==-1)) {
1792 status
= map_nt_error_from_unix(errno
);
1799 /* Record the options we were opened with. */
1800 fsp
->share_access
= share_access
;
1801 fsp
->fh
->private_options
= create_options
;
1802 fsp
->access_mask
= access_mask
;
1805 /* stat opens on existing files don't get oplocks. */
1806 if (is_stat_open(open_access_mask
)) {
1807 fsp
->oplock_type
= NO_OPLOCK
;
1810 if (!(flags2
& O_TRUNC
)) {
1811 info
= FILE_WAS_OPENED
;
1813 info
= FILE_WAS_OVERWRITTEN
;
1816 info
= FILE_WAS_CREATED
;
1824 * Setup the oplock info in both the shared memory and
1828 if ((fsp
->oplock_type
!= NO_OPLOCK
) &&
1829 (fsp
->oplock_type
!= FAKE_LEVEL_II_OPLOCK
)) {
1830 if (!set_file_oplock(fsp
, fsp
->oplock_type
)) {
1831 /* Could not get the kernel oplock */
1832 fsp
->oplock_type
= NO_OPLOCK
;
1836 if (info
== FILE_WAS_OVERWRITTEN
|| info
== FILE_WAS_CREATED
|| info
== FILE_WAS_SUPERSEDED
) {
1837 new_file_created
= True
;
1840 set_share_mode(lck
, fsp
, current_user
.ut
.uid
, 0, fsp
->oplock_type
, new_file_created
);
1842 /* Handle strange delete on close create semantics. */
1843 if ((create_options
& FILE_DELETE_ON_CLOSE
)
1844 && (((conn
->fs_capabilities
& FILE_NAMED_STREAMS
)
1845 && is_ntfs_stream_name(fname
))
1846 || can_set_initial_delete_on_close(lck
))) {
1847 status
= can_set_delete_on_close(fsp
, True
, new_dos_attributes
);
1849 if (!NT_STATUS_IS_OK(status
)) {
1850 /* Remember to delete the mode we just added. */
1851 del_share_mode(lck
, fsp
);
1856 /* Note that here we set the *inital* delete on close flag,
1857 not the regular one. The magic gets handled in close. */
1858 fsp
->initial_delete_on_close
= True
;
1861 if (new_file_created
) {
1862 /* Files should be initially set as archive */
1863 if (lp_map_archive(SNUM(conn
)) ||
1864 lp_store_dos_attributes(SNUM(conn
))) {
1866 SMB_STRUCT_STAT tmp_sbuf
;
1867 SET_STAT_INVALID(tmp_sbuf
);
1868 if (file_set_dosmode(
1870 new_dos_attributes
| aARCH
,
1871 &tmp_sbuf
, parent_dir
,
1873 unx_mode
= tmp_sbuf
.st_mode
;
1880 * Take care of inherited ACLs on created files - if default ACL not
1884 if (!posix_open
&& !file_existed
&& !def_acl
) {
1886 int saved_errno
= errno
; /* We might get ENOSYS in the next
1889 if (SMB_VFS_FCHMOD_ACL(fsp
, unx_mode
) == -1 &&
1891 errno
= saved_errno
; /* Ignore ENOSYS */
1894 } else if (new_unx_mode
) {
1898 /* Attributes need changing. File already existed. */
1901 int saved_errno
= errno
; /* We might get ENOSYS in the
1903 ret
= SMB_VFS_FCHMOD_ACL(fsp
, new_unx_mode
);
1905 if (ret
== -1 && errno
== ENOSYS
) {
1906 errno
= saved_errno
; /* Ignore ENOSYS */
1908 DEBUG(5, ("open_file_ntcreate: reset "
1909 "attributes of file %s to 0%o\n",
1910 fname
, (unsigned int)new_unx_mode
));
1911 ret
= 0; /* Don't do the fchmod below. */
1916 (SMB_VFS_FCHMOD(fsp
, new_unx_mode
) == -1))
1917 DEBUG(5, ("open_file_ntcreate: failed to reset "
1918 "attributes of file %s to 0%o\n",
1919 fname
, (unsigned int)new_unx_mode
));
1922 /* If this is a successful open, we must remove any deferred open
1925 del_deferred_open_entry(lck
, req
->mid
);
1929 return NT_STATUS_OK
;
1932 /****************************************************************************
1933 Open a file with a share mode.
1934 ****************************************************************************/
1936 NTSTATUS
open_file_ntcreate(connection_struct
*conn
,
1937 struct smb_request
*req
,
1939 SMB_STRUCT_STAT
*psbuf
,
1940 uint32 access_mask
, /* access bits (FILE_READ_DATA etc.) */
1941 uint32 share_access
, /* share constants (FILE_SHARE_READ etc) */
1942 uint32 create_disposition
, /* FILE_OPEN_IF etc. */
1943 uint32 create_options
, /* options such as delete on close. */
1944 uint32 new_dos_attributes
, /* attributes used for new file. */
1945 int oplock_request
, /* internal Samba oplock codes. */
1946 /* Information (FILE_EXISTS etc.) */
1948 files_struct
**result
)
1951 files_struct
*fsp
= NULL
;
1955 status
= file_new(conn
, &fsp
);
1956 if(!NT_STATUS_IS_OK(status
)) {
1960 status
= open_file_ntcreate_internal(conn
,
1973 if(!NT_STATUS_IS_OK(status
)) {
1982 /****************************************************************************
1983 Open a file for for write to ensure that we can fchmod it.
1984 ****************************************************************************/
1986 NTSTATUS
open_file_fchmod(connection_struct
*conn
, const char *fname
,
1987 SMB_STRUCT_STAT
*psbuf
, files_struct
**result
)
1989 files_struct
*fsp
= NULL
;
1992 if (!VALID_STAT(*psbuf
)) {
1993 return NT_STATUS_INVALID_PARAMETER
;
1996 status
= file_new(conn
, &fsp
);
1997 if(!NT_STATUS_IS_OK(status
)) {
2001 /* note! we must use a non-zero desired access or we don't get
2002 a real file descriptor. Oh what a twisted web we weave. */
2003 status
= open_file(fsp
, conn
, NULL
, NULL
, NULL
, fname
, psbuf
, O_WRONLY
,
2004 0, FILE_WRITE_DATA
, FILE_WRITE_DATA
);
2007 * This is not a user visible file open.
2008 * Don't set a share mode.
2011 if (!NT_STATUS_IS_OK(status
)) {
2017 return NT_STATUS_OK
;
2020 /****************************************************************************
2021 Close the fchmod file fd - ensure no locks are lost.
2022 ****************************************************************************/
2024 NTSTATUS
close_file_fchmod(files_struct
*fsp
)
2026 NTSTATUS status
= fd_close(fsp
);
2031 static NTSTATUS
mkdir_internal(connection_struct
*conn
,
2033 uint32 file_attributes
,
2034 SMB_STRUCT_STAT
*psbuf
)
2038 const char *dirname
;
2040 bool posix_open
= false;
2042 if(!CAN_WRITE(conn
)) {
2043 DEBUG(5,("mkdir_internal: failing create on read-only share "
2044 "%s\n", lp_servicename(SNUM(conn
))));
2045 return NT_STATUS_ACCESS_DENIED
;
2048 status
= check_name(conn
, name
);
2049 if (!NT_STATUS_IS_OK(status
)) {
2053 if (!parent_dirname_talloc(talloc_tos(), name
, &parent_dir
,
2055 return NT_STATUS_NO_MEMORY
;
2058 if (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
2060 mode
= (mode_t
)(file_attributes
& ~FILE_FLAG_POSIX_SEMANTICS
);
2062 mode
= unix_mode(conn
, aDIR
, name
, parent_dir
);
2065 if (SMB_VFS_MKDIR(conn
, name
, mode
) != 0) {
2066 return map_nt_error_from_unix(errno
);
2069 /* Ensure we're checking for a symlink here.... */
2070 /* We don't want to get caught by a symlink racer. */
2072 if (SMB_VFS_LSTAT(conn
, name
, psbuf
) == -1) {
2073 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2074 name
, strerror(errno
)));
2075 return map_nt_error_from_unix(errno
);
2078 if (!S_ISDIR(psbuf
->st_mode
)) {
2079 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2081 return NT_STATUS_ACCESS_DENIED
;
2084 if (lp_store_dos_attributes(SNUM(conn
))) {
2086 file_set_dosmode(conn
, name
,
2087 file_attributes
| aDIR
, NULL
,
2093 if (lp_inherit_perms(SNUM(conn
))) {
2094 inherit_access_acl(conn
, parent_dir
, name
, mode
);
2097 if (!(file_attributes
& FILE_FLAG_POSIX_SEMANTICS
)) {
2099 * Check if high bits should have been set,
2100 * then (if bits are missing): add them.
2101 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2104 if (mode
& ~(S_IRWXU
|S_IRWXG
|S_IRWXO
) && (mode
& ~psbuf
->st_mode
)) {
2105 SMB_VFS_CHMOD(conn
, name
,
2106 psbuf
->st_mode
| (mode
& ~psbuf
->st_mode
));
2110 /* Change the owner if required. */
2111 if (lp_inherit_owner(SNUM(conn
))) {
2112 change_dir_owner_to_parent(conn
, parent_dir
, name
, psbuf
);
2115 notify_fname(conn
, NOTIFY_ACTION_ADDED
, FILE_NOTIFY_CHANGE_DIR_NAME
,
2118 return NT_STATUS_OK
;
2121 /****************************************************************************
2122 Open a directory from an NT SMB call.
2123 ****************************************************************************/
2125 NTSTATUS
open_directory(connection_struct
*conn
,
2126 struct smb_request
*req
,
2128 SMB_STRUCT_STAT
*psbuf
,
2130 uint32 share_access
,
2131 uint32 create_disposition
,
2132 uint32 create_options
,
2133 uint32 file_attributes
,
2135 files_struct
**result
)
2137 files_struct
*fsp
= NULL
;
2138 bool dir_existed
= VALID_STAT(*psbuf
) ? True
: False
;
2139 struct share_mode_lock
*lck
= NULL
;
2141 struct timespec mtimespec
;
2144 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2145 "share_access = 0x%x create_options = 0x%x, "
2146 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2148 (unsigned int)access_mask
,
2149 (unsigned int)share_access
,
2150 (unsigned int)create_options
,
2151 (unsigned int)create_disposition
,
2152 (unsigned int)file_attributes
));
2154 if (!(file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) &&
2155 (conn
->fs_capabilities
& FILE_NAMED_STREAMS
) &&
2156 is_ntfs_stream_name(fname
)) {
2157 DEBUG(2, ("open_directory: %s is a stream name!\n", fname
));
2158 return NT_STATUS_NOT_A_DIRECTORY
;
2161 switch( create_disposition
) {
2164 info
= FILE_WAS_OPENED
;
2167 * We want to follow symlinks here.
2170 if (SMB_VFS_STAT(conn
, fname
, psbuf
) != 0) {
2171 return map_nt_error_from_unix(errno
);
2178 /* If directory exists error. If directory doesn't
2181 status
= mkdir_internal(conn
,
2186 if (!NT_STATUS_IS_OK(status
)) {
2187 DEBUG(2, ("open_directory: unable to create "
2188 "%s. Error was %s\n", fname
,
2189 nt_errstr(status
)));
2193 info
= FILE_WAS_CREATED
;
2198 * If directory exists open. If directory doesn't
2202 status
= mkdir_internal(conn
,
2207 if (NT_STATUS_IS_OK(status
)) {
2208 info
= FILE_WAS_CREATED
;
2211 if (NT_STATUS_EQUAL(status
,
2212 NT_STATUS_OBJECT_NAME_COLLISION
)) {
2213 info
= FILE_WAS_OPENED
;
2214 status
= NT_STATUS_OK
;
2219 case FILE_SUPERSEDE
:
2220 case FILE_OVERWRITE
:
2221 case FILE_OVERWRITE_IF
:
2223 DEBUG(5,("open_directory: invalid create_disposition "
2224 "0x%x for directory %s\n",
2225 (unsigned int)create_disposition
, fname
));
2226 return NT_STATUS_INVALID_PARAMETER
;
2229 if(!S_ISDIR(psbuf
->st_mode
)) {
2230 DEBUG(5,("open_directory: %s is not a directory !\n",
2232 return NT_STATUS_NOT_A_DIRECTORY
;
2235 status
= file_new(conn
, &fsp
);
2236 if(!NT_STATUS_IS_OK(status
)) {
2241 * Setup the files_struct for it.
2244 fsp
->mode
= psbuf
->st_mode
;
2245 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
2246 fsp
->vuid
= req
? req
->vuid
: UID_FIELD_INVALID
;
2247 fsp
->file_pid
= req
? req
->smbpid
: 0;
2248 fsp
->can_lock
= False
;
2249 fsp
->can_read
= False
;
2250 fsp
->can_write
= False
;
2252 fsp
->share_access
= share_access
;
2253 fsp
->fh
->private_options
= create_options
;
2254 fsp
->access_mask
= access_mask
;
2256 fsp
->print_file
= False
;
2257 fsp
->modified
= False
;
2258 fsp
->oplock_type
= NO_OPLOCK
;
2259 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
2260 fsp
->is_directory
= True
;
2261 fsp
->is_stat
= False
;
2262 fsp
->posix_open
= (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) ? True
: False
;
2264 string_set(&fsp
->fsp_name
,fname
);
2266 mtimespec
= get_mtimespec(psbuf
);
2268 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
,
2273 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname
));
2275 return NT_STATUS_SHARING_VIOLATION
;
2278 status
= open_mode_check(conn
, fname
, lck
,
2279 access_mask
, share_access
,
2280 create_options
, &dir_existed
);
2282 if (!NT_STATUS_IS_OK(status
)) {
2288 set_share_mode(lck
, fsp
, current_user
.ut
.uid
, 0, NO_OPLOCK
, True
);
2290 /* For directories the delete on close bit at open time seems
2291 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2292 if (create_options
& FILE_DELETE_ON_CLOSE
) {
2293 status
= can_set_delete_on_close(fsp
, True
, 0);
2294 if (!NT_STATUS_IS_OK(status
) && !NT_STATUS_EQUAL(status
, NT_STATUS_DIRECTORY_NOT_EMPTY
)) {
2300 if (NT_STATUS_IS_OK(status
)) {
2301 /* Note that here we set the *inital* delete on close flag,
2302 not the regular one. The magic gets handled in close. */
2303 fsp
->initial_delete_on_close
= True
;
2314 return NT_STATUS_OK
;
2317 NTSTATUS
create_directory(connection_struct
*conn
, struct smb_request
*req
, const char *directory
)
2320 SMB_STRUCT_STAT sbuf
;
2323 SET_STAT_INVALID(sbuf
);
2325 status
= open_directory(conn
, req
, directory
, &sbuf
,
2326 FILE_READ_ATTRIBUTES
, /* Just a stat open */
2327 FILE_SHARE_NONE
, /* Ignored for stat opens */
2330 FILE_ATTRIBUTE_DIRECTORY
,
2334 if (NT_STATUS_IS_OK(status
)) {
2335 close_file(fsp
, NORMAL_CLOSE
);
2341 /****************************************************************************
2342 Open a pseudo-file (no locking checks - a 'stat' open).
2343 ****************************************************************************/
2345 NTSTATUS
open_file_stat(connection_struct
*conn
, struct smb_request
*req
,
2346 const char *fname
, SMB_STRUCT_STAT
*psbuf
,
2347 files_struct
**result
)
2349 files_struct
*fsp
= NULL
;
2352 if (!VALID_STAT(*psbuf
)) {
2353 return NT_STATUS_INVALID_PARAMETER
;
2356 /* Can't 'stat' open directories. */
2357 if(S_ISDIR(psbuf
->st_mode
)) {
2358 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2361 status
= file_new(conn
, &fsp
);
2362 if(!NT_STATUS_IS_OK(status
)) {
2366 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname
));
2369 * Setup the files_struct for it.
2372 fsp
->mode
= psbuf
->st_mode
;
2373 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
2374 fsp
->vuid
= req
? req
->vuid
: UID_FIELD_INVALID
;
2375 fsp
->file_pid
= req
? req
->smbpid
: 0;
2376 fsp
->can_lock
= False
;
2377 fsp
->can_read
= False
;
2378 fsp
->can_write
= False
;
2379 fsp
->print_file
= False
;
2380 fsp
->modified
= False
;
2381 fsp
->oplock_type
= NO_OPLOCK
;
2382 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
2383 fsp
->is_directory
= False
;
2384 fsp
->is_stat
= True
;
2385 string_set(&fsp
->fsp_name
,fname
);
2388 return NT_STATUS_OK
;
2391 /****************************************************************************
2392 Receive notification that one of our open files has been renamed by another
2394 ****************************************************************************/
2396 void msg_file_was_renamed(struct messaging_context
*msg
,
2399 struct server_id server_id
,
2403 char *frm
= (char *)data
->data
;
2405 const char *sharepath
;
2406 const char *newname
;
2409 if (data
->data
== NULL
2410 || data
->length
< MSG_FILE_RENAMED_MIN_SIZE
+ 2) {
2411 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2412 (int)data
->length
));
2416 /* Unpack the message. */
2417 pull_file_id_16(frm
, &id
);
2418 sharepath
= &frm
[16];
2419 newname
= sharepath
+ strlen(sharepath
) + 1;
2420 sp_len
= strlen(sharepath
);
2422 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2424 sharepath
, newname
, file_id_string_tos(&id
)));
2426 for(fsp
= file_find_di_first(id
); fsp
; fsp
= file_find_di_next(fsp
)) {
2427 if (memcmp(fsp
->conn
->connectpath
, sharepath
, sp_len
) == 0) {
2428 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2429 fsp
->fnum
, fsp
->fsp_name
, newname
));
2430 string_set(&fsp
->fsp_name
, newname
);
2433 /* Now we have the complete path we can work out if this is
2434 actually within this share and adjust newname accordingly. */
2435 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2436 "not sharepath %s) "
2437 "fnum %d from %s -> %s\n",
2438 fsp
->conn
->connectpath
,
2447 struct case_semantics_state
{
2448 connection_struct
*conn
;
2449 bool case_sensitive
;
2451 bool short_case_preserve
;
2454 /****************************************************************************
2455 Restore case semantics.
2456 ****************************************************************************/
2457 static int restore_case_semantics(struct case_semantics_state
*state
)
2459 state
->conn
->case_sensitive
= state
->case_sensitive
;
2460 state
->conn
->case_preserve
= state
->case_preserve
;
2461 state
->conn
->short_case_preserve
= state
->short_case_preserve
;
2465 /****************************************************************************
2466 Save case semantics.
2467 ****************************************************************************/
2468 static struct case_semantics_state
*set_posix_case_semantics(TALLOC_CTX
*mem_ctx
,
2469 connection_struct
*conn
)
2471 struct case_semantics_state
*result
;
2473 if (!(result
= talloc(mem_ctx
, struct case_semantics_state
))) {
2474 DEBUG(0, ("talloc failed\n"));
2478 result
->conn
= conn
;
2479 result
->case_sensitive
= conn
->case_sensitive
;
2480 result
->case_preserve
= conn
->case_preserve
;
2481 result
->short_case_preserve
= conn
->short_case_preserve
;
2484 conn
->case_sensitive
= True
;
2485 conn
->case_preserve
= True
;
2486 conn
->short_case_preserve
= True
;
2488 talloc_set_destructor(result
, restore_case_semantics
);
2494 * If a main file is opened for delete, all streams need to be checked for
2495 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2496 * If that works, delete them all by setting the delete on close and close.
2499 static NTSTATUS
open_streams_for_delete(connection_struct
*conn
,
2502 struct stream_struct
*stream_info
;
2503 files_struct
**streams
;
2505 unsigned int num_streams
;
2506 TALLOC_CTX
*frame
= talloc_stackframe();
2509 status
= SMB_VFS_STREAMINFO(conn
, NULL
, fname
, talloc_tos(),
2510 &num_streams
, &stream_info
);
2512 if (NT_STATUS_EQUAL(status
, NT_STATUS_NOT_IMPLEMENTED
)
2513 || NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
2514 DEBUG(10, ("no streams around\n"));
2516 return NT_STATUS_OK
;
2519 if (!NT_STATUS_IS_OK(status
)) {
2520 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2521 nt_errstr(status
)));
2525 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2528 if (num_streams
== 0) {
2530 return NT_STATUS_OK
;
2533 streams
= TALLOC_ARRAY(talloc_tos(), files_struct
*, num_streams
);
2534 if (streams
== NULL
) {
2535 DEBUG(0, ("talloc failed\n"));
2536 status
= NT_STATUS_NO_MEMORY
;
2540 for (i
=0; i
<num_streams
; i
++) {
2543 if (strequal(stream_info
[i
].name
, "::$DATA")) {
2548 streamname
= talloc_asprintf(talloc_tos(), "%s%s", fname
,
2549 stream_info
[i
].name
);
2551 if (streamname
== NULL
) {
2552 DEBUG(0, ("talloc_aprintf failed\n"));
2553 status
= NT_STATUS_NO_MEMORY
;
2557 status
= create_file_unixpath
2560 streamname
, /* fname */
2561 DELETE_ACCESS
, /* access_mask */
2562 FILE_SHARE_READ
| FILE_SHARE_WRITE
2563 | FILE_SHARE_DELETE
, /* share_access */
2564 FILE_OPEN
, /* create_disposition*/
2565 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
, /* create_options */
2566 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2567 0, /* oplock_request */
2568 0, /* allocation_size */
2571 &streams
[i
], /* result */
2575 TALLOC_FREE(streamname
);
2577 if (!NT_STATUS_IS_OK(status
)) {
2578 DEBUG(10, ("Could not open stream %s: %s\n",
2579 streamname
, nt_errstr(status
)));
2585 * don't touch the variable "status" beyond this point :-)
2588 for (i
-= 1 ; i
>= 0; i
--) {
2589 if (streams
[i
] == NULL
) {
2593 DEBUG(10, ("Closing stream # %d, %s\n", i
,
2594 streams
[i
]->fsp_name
));
2595 close_file(streams
[i
], NORMAL_CLOSE
);
2604 * Wrapper around open_file_ntcreate and open_directory
2607 NTSTATUS
create_file_unixpath(connection_struct
*conn
,
2608 struct smb_request
*req
,
2610 uint32_t access_mask
,
2611 uint32_t share_access
,
2612 uint32_t create_disposition
,
2613 uint32_t create_options
,
2614 uint32_t file_attributes
,
2615 uint32_t oplock_request
,
2616 SMB_BIG_UINT allocation_size
,
2617 struct security_descriptor
*sd
,
2618 struct ea_list
*ea_list
,
2620 files_struct
**result
,
2622 SMB_STRUCT_STAT
*psbuf
)
2624 SMB_STRUCT_STAT sbuf
;
2625 int info
= FILE_WAS_OPENED
;
2626 files_struct
*base_fsp
= NULL
;
2627 files_struct
*fsp
= NULL
;
2630 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2631 "file_attributes = 0x%x, share_access = 0x%x, "
2632 "create_disposition = 0x%x create_options = 0x%x "
2633 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2635 (unsigned int)access_mask
,
2636 (unsigned int)file_attributes
,
2637 (unsigned int)share_access
,
2638 (unsigned int)create_disposition
,
2639 (unsigned int)create_options
,
2640 (unsigned int)oplock_request
,
2641 ea_list
, sd
, fname
));
2643 if (create_options
& FILE_OPEN_BY_FILE_ID
) {
2644 status
= NT_STATUS_NOT_SUPPORTED
;
2648 if (create_options
& NTCREATEX_OPTIONS_INVALID_PARAM_MASK
) {
2649 status
= NT_STATUS_INVALID_PARAMETER
;
2654 oplock_request
|= INTERNAL_OPEN_ONLY
;
2657 if (psbuf
!= NULL
) {
2661 if (SMB_VFS_STAT(conn
, fname
, &sbuf
) == -1) {
2662 SET_STAT_INVALID(sbuf
);
2666 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
)
2667 && (access_mask
& DELETE_ACCESS
)
2668 && !is_ntfs_stream_name(fname
)) {
2670 * We can't open a file with DELETE access if any of the
2671 * streams is open without FILE_SHARE_DELETE
2673 status
= open_streams_for_delete(conn
, fname
);
2675 if (!NT_STATUS_IS_OK(status
)) {
2680 /* This is the correct thing to do (check every time) but can_delete
2681 * is expensive (it may have to read the parent directory
2682 * permissions). So for now we're not doing it unless we have a strong
2683 * hint the client is really going to delete this file. If the client
2684 * is forcing FILE_CREATE let the filesystem take care of the
2687 /* Setting FILE_SHARE_DELETE is the hint. */
2689 if (lp_acl_check_permissions(SNUM(conn
))
2690 && (create_disposition
!= FILE_CREATE
)
2691 && (share_access
& FILE_SHARE_DELETE
)
2692 && (access_mask
& DELETE_ACCESS
)
2693 && (!can_delete_file_in_directory(conn
, fname
))) {
2694 status
= NT_STATUS_ACCESS_DENIED
;
2699 /* We need to support SeSecurityPrivilege for this. */
2700 if ((access_mask
& SEC_RIGHT_SYSTEM_SECURITY
) &&
2701 !user_has_privileges(current_user
.nt_user_token
,
2703 status
= NT_STATUS_PRIVILEGE_NOT_HELD
;
2708 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
)
2709 && is_ntfs_stream_name(fname
)
2710 && (!(create_options
& NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
))) {
2712 uint32 base_create_disposition
;
2714 if (create_options
& FILE_DIRECTORY_FILE
) {
2715 status
= NT_STATUS_NOT_A_DIRECTORY
;
2719 status
= split_ntfs_stream_name(talloc_tos(), fname
,
2721 if (!NT_STATUS_IS_OK(status
)) {
2722 DEBUG(10, ("create_file_unixpath: "
2723 "split_ntfs_stream_name failed: %s\n",
2724 nt_errstr(status
)));
2728 SMB_ASSERT(!is_ntfs_stream_name(base
)); /* paranoia.. */
2730 switch (create_disposition
) {
2732 base_create_disposition
= FILE_OPEN
;
2735 base_create_disposition
= FILE_OPEN_IF
;
2739 DEBUG(10, ("Recursing into create_file_unixpath for "
2740 "base %s\n", base
));
2742 status
= create_file_unixpath(conn
, NULL
, base
, 0,
2745 | FILE_SHARE_DELETE
,
2746 base_create_disposition
,
2747 0, 0, 0, 0, NULL
, NULL
,
2748 &base_fsp
, NULL
, NULL
);
2749 if (!NT_STATUS_IS_OK(status
)) {
2750 DEBUG(10, ("create_file_unixpath for base %s failed: "
2751 "%s\n", base
, nt_errstr(status
)));
2757 * If it's a request for a directory open, deal with it separately.
2760 if (create_options
& FILE_DIRECTORY_FILE
) {
2762 if (create_options
& FILE_NON_DIRECTORY_FILE
) {
2763 status
= NT_STATUS_INVALID_PARAMETER
;
2767 /* Can't open a temp directory. IFS kit test. */
2768 if (file_attributes
& FILE_ATTRIBUTE_TEMPORARY
) {
2769 status
= NT_STATUS_INVALID_PARAMETER
;
2774 * We will get a create directory here if the Win32
2775 * app specified a security descriptor in the
2776 * CreateDirectory() call.
2780 status
= open_directory(
2781 conn
, req
, fname
, &sbuf
, access_mask
, share_access
,
2782 create_disposition
, create_options
, file_attributes
,
2787 * Ordinary file case.
2792 * We're opening the stream element of a base_fsp
2793 * we already opened. We need to initialize
2794 * the fsp first, and set up the base_fsp pointer.
2796 status
= file_new(conn
, &fsp
);
2797 if(!NT_STATUS_IS_OK(status
)) {
2801 fsp
->base_fsp
= base_fsp
;
2803 status
= open_file_ntcreate_internal(conn
,
2816 if(!NT_STATUS_IS_OK(status
)) {
2821 status
= open_file_ntcreate(
2822 conn
, req
, fname
, &sbuf
, access_mask
, share_access
,
2823 create_disposition
, create_options
, file_attributes
,
2824 oplock_request
, &info
, &fsp
);
2827 if (NT_STATUS_EQUAL(status
, NT_STATUS_FILE_IS_A_DIRECTORY
)) {
2829 /* A stream open never opens a directory */
2832 status
= NT_STATUS_FILE_IS_A_DIRECTORY
;
2837 * Fail the open if it was explicitly a non-directory
2841 if (create_options
& FILE_NON_DIRECTORY_FILE
) {
2842 status
= NT_STATUS_FILE_IS_A_DIRECTORY
;
2847 status
= open_directory(
2848 conn
, req
, fname
, &sbuf
, access_mask
,
2849 share_access
, create_disposition
,
2850 create_options
, file_attributes
,
2855 if (!NT_STATUS_IS_OK(status
)) {
2859 fsp
->base_fsp
= base_fsp
;
2862 * According to the MS documentation, the only time the security
2863 * descriptor is applied to the opened file is iff we *created* the
2864 * file; an existing file stays the same.
2866 * Also, it seems (from observation) that you can open the file with
2867 * any access mask but you can still write the sd. We need to override
2868 * the granted access before we call set_sd
2869 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
2872 if ((sd
!= NULL
) && (info
== FILE_WAS_CREATED
)
2873 && lp_nt_acl_support(SNUM(conn
))) {
2875 uint32_t sec_info_sent
= ALL_SECURITY_INFORMATION
;
2876 uint32_t saved_access_mask
= fsp
->access_mask
;
2878 if (sd
->owner_sid
== NULL
) {
2879 sec_info_sent
&= ~OWNER_SECURITY_INFORMATION
;
2881 if (sd
->group_sid
== NULL
) {
2882 sec_info_sent
&= ~GROUP_SECURITY_INFORMATION
;
2884 if (sd
->sacl
== NULL
) {
2885 sec_info_sent
&= ~SACL_SECURITY_INFORMATION
;
2887 if (sd
->dacl
== NULL
) {
2888 sec_info_sent
&= ~DACL_SECURITY_INFORMATION
;
2891 fsp
->access_mask
= FILE_GENERIC_ALL
;
2893 status
= SMB_VFS_FSET_NT_ACL(fsp
, sec_info_sent
, sd
);
2895 fsp
->access_mask
= saved_access_mask
;
2897 if (!NT_STATUS_IS_OK(status
)) {
2902 if ((ea_list
!= NULL
) && (info
== FILE_WAS_CREATED
)) {
2903 status
= set_ea(conn
, fsp
, fname
, ea_list
);
2904 if (!NT_STATUS_IS_OK(status
)) {
2909 if (!fsp
->is_directory
&& S_ISDIR(sbuf
.st_mode
)) {
2910 status
= NT_STATUS_ACCESS_DENIED
;
2914 /* Save the requested allocation size. */
2915 if ((info
== FILE_WAS_CREATED
) || (info
== FILE_WAS_OVERWRITTEN
)) {
2917 && (allocation_size
> sbuf
.st_size
)) {
2918 fsp
->initial_allocation_size
= smb_roundup(
2919 fsp
->conn
, allocation_size
);
2920 if (fsp
->is_directory
) {
2921 /* Can't set allocation size on a directory. */
2922 status
= NT_STATUS_ACCESS_DENIED
;
2925 if (vfs_allocate_file_space(
2926 fsp
, fsp
->initial_allocation_size
) == -1) {
2927 status
= NT_STATUS_DISK_FULL
;
2931 fsp
->initial_allocation_size
= smb_roundup(
2932 fsp
->conn
, (SMB_BIG_UINT
)sbuf
.st_size
);
2936 DEBUG(10, ("create_file_unixpath: info=%d\n", info
));
2939 if (pinfo
!= NULL
) {
2942 if (psbuf
!= NULL
) {
2943 if ((fsp
->fh
== NULL
) || (fsp
->fh
->fd
== -1)) {
2947 SMB_VFS_FSTAT(fsp
, psbuf
);
2950 return NT_STATUS_OK
;
2953 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status
)));
2956 if (base_fsp
&& fsp
->base_fsp
== base_fsp
) {
2958 * The close_file below will close
2963 close_file(fsp
, ERROR_CLOSE
);
2966 if (base_fsp
!= NULL
) {
2967 close_file(base_fsp
, ERROR_CLOSE
);
2973 NTSTATUS
create_file(connection_struct
*conn
,
2974 struct smb_request
*req
,
2975 uint16_t root_dir_fid
,
2977 uint32_t access_mask
,
2978 uint32_t share_access
,
2979 uint32_t create_disposition
,
2980 uint32_t create_options
,
2981 uint32_t file_attributes
,
2982 uint32_t oplock_request
,
2983 SMB_BIG_UINT allocation_size
,
2984 struct security_descriptor
*sd
,
2985 struct ea_list
*ea_list
,
2987 files_struct
**result
,
2989 SMB_STRUCT_STAT
*psbuf
)
2991 struct case_semantics_state
*case_state
= NULL
;
2992 SMB_STRUCT_STAT sbuf
;
2993 int info
= FILE_WAS_OPENED
;
2994 files_struct
*fsp
= NULL
;
2997 DEBUG(10,("create_file: access_mask = 0x%x "
2998 "file_attributes = 0x%x, share_access = 0x%x, "
2999 "create_disposition = 0x%x create_options = 0x%x "
3000 "oplock_request = 0x%x "
3001 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3003 (unsigned int)access_mask
,
3004 (unsigned int)file_attributes
,
3005 (unsigned int)share_access
,
3006 (unsigned int)create_disposition
,
3007 (unsigned int)create_options
,
3008 (unsigned int)oplock_request
,
3009 (unsigned int)root_dir_fid
,
3010 ea_list
, sd
, fname
));
3013 * Get the file name.
3016 if (root_dir_fid
!= 0) {
3018 * This filename is relative to a directory fid.
3020 char *parent_fname
= NULL
;
3021 files_struct
*dir_fsp
= file_fsp(root_dir_fid
);
3023 if (dir_fsp
== NULL
) {
3024 status
= NT_STATUS_INVALID_HANDLE
;
3028 if (!dir_fsp
->is_directory
) {
3031 * Check to see if this is a mac fork of some kind.
3034 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
) &&
3035 is_ntfs_stream_name(fname
)) {
3036 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
3041 we need to handle the case when we get a
3042 relative open relative to a file and the
3043 pathname is blank - this is a reopen!
3044 (hint from demyn plantenberg)
3047 status
= NT_STATUS_INVALID_HANDLE
;
3051 if (ISDOT(dir_fsp
->fsp_name
)) {
3053 * We're at the toplevel dir, the final file name
3054 * must not contain ./, as this is filtered out
3055 * normally by srvstr_get_path and unix_convert
3056 * explicitly rejects paths containing ./.
3058 parent_fname
= talloc_strdup(talloc_tos(), "");
3059 if (parent_fname
== NULL
) {
3060 status
= NT_STATUS_NO_MEMORY
;
3064 size_t dir_name_len
= strlen(dir_fsp
->fsp_name
);
3067 * Copy in the base directory name.
3070 parent_fname
= TALLOC_ARRAY(talloc_tos(), char,
3072 if (parent_fname
== NULL
) {
3073 status
= NT_STATUS_NO_MEMORY
;
3076 memcpy(parent_fname
, dir_fsp
->fsp_name
,
3080 * Ensure it ends in a '/'.
3081 * We used TALLOC_SIZE +2 to add space for the '/'.
3085 && (parent_fname
[dir_name_len
-1] != '\\')
3086 && (parent_fname
[dir_name_len
-1] != '/')) {
3087 parent_fname
[dir_name_len
] = '/';
3088 parent_fname
[dir_name_len
+1] = '\0';
3092 fname
= talloc_asprintf(talloc_tos(), "%s%s", parent_fname
,
3094 if (fname
== NULL
) {
3095 status
= NT_STATUS_NO_MEMORY
;
3101 * Check to see if this is a mac fork of some kind.
3104 if (is_ntfs_stream_name(fname
)) {
3105 enum FAKE_FILE_TYPE fake_file_type
;
3107 fake_file_type
= is_fake_file(fname
);
3109 if (fake_file_type
!= FAKE_FILE_TYPE_NONE
) {
3112 * Here we go! support for changing the disk quotas
3115 * We need to fake up to open this MAGIC QUOTA file
3116 * and return a valid FID.
3118 * w2k close this file directly after openening xp
3119 * also tries a QUERY_FILE_INFO on the file and then
3123 status
= open_fake_file(conn
, fake_file_type
, fname
,
3125 if (!NT_STATUS_IS_OK(status
)) {
3133 if (!(conn
->fs_capabilities
& FILE_NAMED_STREAMS
)) {
3134 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
3139 if ((req
!= NULL
) && (req
->flags2
& FLAGS2_DFS_PATHNAMES
)) {
3140 char *resolved_fname
;
3142 status
= resolve_dfspath(talloc_tos(), conn
, true, fname
,
3145 if (!NT_STATUS_IS_OK(status
)) {
3147 * For PATH_NOT_COVERED we had
3148 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3149 * ERRSRV, ERRbadpath);
3150 * Need to fix in callers
3154 fname
= resolved_fname
;
3158 * Check if POSIX semantics are wanted.
3161 if (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
3162 case_state
= set_posix_case_semantics(talloc_tos(), conn
);
3163 file_attributes
&= ~FILE_FLAG_POSIX_SEMANTICS
;
3167 char *converted_fname
;
3169 SET_STAT_INVALID(sbuf
);
3171 status
= unix_convert(talloc_tos(), conn
, fname
, False
,
3172 &converted_fname
, NULL
, &sbuf
);
3173 if (!NT_STATUS_IS_OK(status
)) {
3176 fname
= converted_fname
;
3179 TALLOC_FREE(case_state
);
3181 /* All file access must go through check_name() */
3183 status
= check_name(conn
, fname
);
3184 if (!NT_STATUS_IS_OK(status
)) {
3188 status
= create_file_unixpath(
3189 conn
, req
, fname
, access_mask
, share_access
,
3190 create_disposition
, create_options
, file_attributes
,
3191 oplock_request
, allocation_size
, sd
, ea_list
,
3192 &fsp
, &info
, &sbuf
);
3194 if (!NT_STATUS_IS_OK(status
)) {
3199 DEBUG(10, ("create_file: info=%d\n", info
));
3202 if (pinfo
!= NULL
) {
3205 if (psbuf
!= NULL
) {
3208 return NT_STATUS_OK
;
3211 DEBUG(10, ("create_file: %s\n", nt_errstr(status
)));
3214 close_file(fsp
, ERROR_CLOSE
);