s3-docs: overrided -> overridden
[Samba.git] / source3 / modules / vfs_tru64acl.c
blob3f91a4753a2f6eaa007bee143619021c71c58e26
1 /*
2 Unix SMB/Netbios implementation.
3 VFS module to get and set Tru64 acls
4 Copyright (C) Michael Adam 2006,2008
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "system/filesys.h"
22 #include "smbd/smbd.h"
23 #include "modules/vfs_tru64acl.h"
25 /* prototypes for private functions first - for clarity */
27 static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl);
28 static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
29 struct smb_acl_entry *smb_ace);
30 static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl);
31 static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag);
32 static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag);
33 static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset);
34 static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset);
37 /* public functions - the api */
39 SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
40 const char *path_p,
41 SMB_ACL_TYPE_T type)
43 struct smb_acl_t *result;
44 acl_type_t the_acl_type;
45 acl_t tru64_acl;
47 DEBUG(10, ("Hi! This is tru64acl_sys_acl_get_file.\n"));
49 switch(type) {
50 case SMB_ACL_TYPE_ACCESS:
51 the_acl_type = ACL_TYPE_ACCESS;
52 break;
53 case SMB_ACL_TYPE_DEFAULT:
54 the_acl_type = ACL_TYPE_DEFAULT;
55 break;
56 default:
57 errno = EINVAL;
58 return NULL;
61 tru64_acl = acl_get_file((char *)path_p, the_acl_type);
63 if (tru64_acl == NULL) {
64 return NULL;
67 result = tru64_acl_to_smb_acl(tru64_acl);
68 acl_free(tru64_acl);
69 return result;
72 SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
73 files_struct *fsp)
75 struct smb_acl_t *result;
76 acl_t tru64_acl = acl_get_fd(fsp->fh->fd, ACL_TYPE_ACCESS);
78 if (tru64_acl == NULL) {
79 return NULL;
82 result = tru64_acl_to_smb_acl(tru64_acl);
83 acl_free(tru64_acl);
84 return result;
87 int tru64acl_sys_acl_set_file(vfs_handle_struct *handle,
88 const char *name,
89 SMB_ACL_TYPE_T type,
90 SMB_ACL_T theacl)
92 int res;
93 acl_type_t the_acl_type;
94 acl_t tru64_acl;
96 DEBUG(10, ("tru64acl_sys_acl_set_file called with name %s, type %d\n",
97 name, type));
99 switch(type) {
100 case SMB_ACL_TYPE_ACCESS:
101 DEBUGADD(10, ("got acl type ACL_TYPE_ACCESS\n"));
102 the_acl_type = ACL_TYPE_ACCESS;
103 break;
104 case SMB_ACL_TYPE_DEFAULT:
105 DEBUGADD(10, ("got acl type ACL_TYPE_DEFAULT\n"));
106 the_acl_type = ACL_TYPE_DEFAULT;
107 break;
108 default:
109 DEBUGADD(10, ("invalid acl type\n"));
110 errno = EINVAL;
111 goto fail;
114 tru64_acl = smb_acl_to_tru64_acl(theacl);
115 if (tru64_acl == NULL) {
116 DEBUG(10, ("smb_acl_to_tru64_acl failed!\n"));
117 goto fail;
119 DEBUG(10, ("got tru64 acl...\n"));
120 res = acl_set_file((char *)name, the_acl_type, tru64_acl);
121 acl_free(tru64_acl);
122 if (res != 0) {
123 DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno)));
124 goto fail;
126 return res;
127 fail:
128 DEBUG(1, ("tru64acl_sys_acl_set_file failed!\n"));
129 return -1;
132 int tru64acl_sys_acl_set_fd(vfs_handle_struct *handle,
133 files_struct *fsp,
134 SMB_ACL_T theacl)
136 int res;
137 acl_t tru64_acl = smb_acl_to_tru64_acl(theacl);
138 if (tru64_acl == NULL) {
139 return -1;
141 res = acl_set_fd(fsp->fh->fd, ACL_TYPE_ACCESS, tru64_acl);
142 acl_free(tru64_acl);
143 return res;
147 int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle,
148 const char *path)
150 return acl_delete_def_file((char *)path);
154 /* private functions */
156 static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl)
158 struct smb_acl_t *result;
159 acl_entry_t entry;
161 DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n"));
163 if ((result = SMB_MALLOC_P(struct smb_acl_t)) == NULL) {
164 DEBUG(0, ("SMB_MALLOC_P failed in tru64_acl_to_smb_acl\n"));
165 errno = ENOMEM;
166 goto fail;
168 ZERO_STRUCTP(result);
169 if (acl_first_entry((struct acl *)tru64_acl) != 0) {
170 DEBUG(10, ("acl_first_entry failed: %s\n", strerror(errno)));
171 goto fail;
173 while ((entry = acl_get_entry((struct acl *)tru64_acl)) != NULL) {
174 result = SMB_REALLOC(result, sizeof(struct smb_acl_t) +
175 (sizeof(struct smb_acl_entry) *
176 (result->count + 1)));
177 if (result == NULL) {
178 DEBUG(0, ("SMB_REALLOC failed in tru64_acl_to_smb_acl\n"));
179 errno = ENOMEM;
180 goto fail;
182 /* XYZ */
183 if (!tru64_ace_to_smb_ace(entry, &result->acl[result->count])) {
184 SAFE_FREE(result);
185 goto fail;
187 result->count += 1;
189 return result;
191 fail:
192 if (result != NULL) {
193 SAFE_FREE(result);
195 DEBUG(1, ("tru64_acl_to_smb_acl failed!\n"));
196 return NULL;
199 static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
200 struct smb_acl_entry *smb_ace)
202 acl_tag_t tru64_tag;
203 acl_permset_t permset;
204 SMB_ACL_TAG_T smb_tag_type;
205 SMB_ACL_PERM_T smb_permset;
206 void *qualifier;
208 if (acl_get_tag_type(tru64_ace, &tru64_tag) != 0) {
209 DEBUG(0, ("acl_get_tag_type failed: %s\n", strerror(errno)));
210 return False;
213 /* On could set the tag type directly to save a function call,
214 * but I like this better... */
215 smb_tag_type = tru64_tag_to_smb(tru64_tag);
216 if (smb_tag_type == 0) {
217 DEBUG(3, ("invalid tag type given: %d\n", tru64_tag));
218 return False;
220 if (sys_acl_set_tag_type(smb_ace, smb_tag_type) != 0) {
221 DEBUG(3, ("sys_acl_set_tag_type failed: %s\n",
222 strerror(errno)));
223 return False;
225 qualifier = acl_get_qualifier(tru64_ace);
226 if (qualifier != NULL) {
227 if (sys_acl_set_qualifier(smb_ace, qualifier) != 0) {
228 DEBUG(3, ("sys_acl_set_qualifier failed\n"));
229 return False;
232 if (acl_get_permset(tru64_ace, &permset) != 0) {
233 DEBUG(3, ("acl_get_permset failed: %s\n", strerror(errno)));
234 return False;
236 smb_permset = tru64_permset_to_smb(*permset);
237 if (sys_acl_set_permset(smb_ace, &smb_permset) != 0) {
238 DEBUG(3, ("sys_acl_set_permset failed: %s\n", strerror(errno)));
239 return False;
241 return True;
244 static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl)
246 acl_t result;
247 acl_entry_t tru64_entry;
248 int i;
249 char *acl_text;
250 ssize_t acl_text_len;
252 /* The tru64 acl_init function takes a size_t value
253 * instead of a count of entries (as with posix).
254 * the size parameter "Specifies the size of the working
255 * storage in bytes" (according to the man page).
256 * But it is unclear to me, how this size is to be
257 * calculated.
259 * It should not matter, since acl_create_entry enlarges
260 * the working storage at need. ... */
262 DEBUG(10, ("Hi! This is smb_acl_to_tru64_acl.\n"));
264 result = acl_init(1);
266 if (result == NULL) {
267 DEBUG(3, ("acl_init failed!\n"));
268 goto fail;
271 DEBUGADD(10, ("parsing acl entries...\n"));
272 for (i = 0; i < smb_acl->count; i++) {
273 /* XYZ - maybe eliminate this direct access? */
274 const struct smb_acl_entry *smb_entry = &smb_acl->acl[i];
275 acl_tag_t tru64_tag;
276 acl_perm_t tru64_permset;
278 tru64_tag = smb_tag_to_tru64(smb_entry->a_type);
279 if (tru64_tag == -1) {
280 DEBUG(3, ("smb_tag_to_tru64 failed!\n"));
281 goto fail;
284 if (tru64_tag == ACL_MASK) {
285 DEBUGADD(10, (" - acl type ACL_MASK: not implemented on Tru64 ==> skipping\n"));
286 continue;
289 tru64_entry = acl_create_entry(&result);
290 if (tru64_entry == NULL) {
291 DEBUG(3, ("acl_create_entry failed: %s\n",
292 strerror(errno)));
293 goto fail;
296 if (acl_set_tag_type(tru64_entry, tru64_tag) != 0) {
297 DEBUG(3, ("acl_set_tag_type(%d) failed: %s\n",
298 strerror(errno)));
299 goto fail;
302 switch (smb_entry->a_type) {
303 case SMB_ACL_USER:
304 if (acl_set_qualifier(tru64_entry,
305 (int *)&smb_entry->uid) != 0)
307 DEBUG(3, ("acl_set_qualifier failed: %s\n",
308 strerror(errno)));
309 goto fail;
311 DEBUGADD(10, (" - setting uid to %d\n", smb_entry->uid));
312 break;
313 case SMB_ACL_GROUP:
314 if (acl_set_qualifier(tru64_entry,
315 (int *)&smb_entry->gid) != 0)
317 DEBUG(3, ("acl_set_qualifier failed: %s\n",
318 strerror(errno)));
319 goto fail;
321 DEBUGADD(10, (" - setting gid to %d\n", smb_entry->gid));
322 break;
323 default:
324 break;
327 tru64_permset = smb_permset_to_tru64(smb_entry->a_perm);
328 if (tru64_permset == -1) {
329 DEBUG(3, ("smb_permset_to_tru64 failed!\n"));
330 goto fail;
332 DEBUGADD(10, (" - setting perms to %0d\n", tru64_permset));
333 if (acl_set_permset(tru64_entry, &tru64_permset) != 0)
335 DEBUG(3, ("acl_set_permset failed: %s\n", strerror(errno)));
336 goto fail;
338 } /* for */
339 DEBUGADD(10, ("done parsing acl entries\n"));
341 tru64_entry = NULL;
342 if (acl_valid(result, &tru64_entry) != 0) {
343 DEBUG(1, ("smb_acl_to_tru64_acl: ACL is invalid (%s)\n",
344 strerror(errno)));
345 if (tru64_entry != NULL) {
346 DEBUGADD(1, ("the acl contains duplicate entries\n"));
348 goto fail;
350 DEBUGADD(10, ("acl is valid\n"));
352 acl_text = acl_to_text(result, &acl_text_len);
353 if (acl_text == NULL) {
354 DEBUG(3, ("acl_to_text failed: %s\n", strerror(errno)));
355 goto fail;
357 DEBUG(1, ("acl_text: %s\n", acl_text));
358 free(acl_text);
360 return result;
362 fail:
363 if (result != NULL) {
364 acl_free(result);
366 DEBUG(1, ("smb_acl_to_tru64_acl failed!\n"));
367 return NULL;
370 static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag)
372 acl_tag_t result;
373 switch (smb_tag) {
374 case SMB_ACL_USER:
375 result = ACL_USER;
376 DEBUGADD(10, ("got acl type ACL_USER\n"));
377 break;
378 case SMB_ACL_USER_OBJ:
379 result = ACL_USER_OBJ;
380 DEBUGADD(10, ("got acl type ACL_USER_OBJ\n"));
381 break;
382 case SMB_ACL_GROUP:
383 result = ACL_GROUP;
384 DEBUGADD(10, ("got acl type ACL_GROUP\n"));
385 break;
386 case SMB_ACL_GROUP_OBJ:
387 result = ACL_GROUP_OBJ;
388 DEBUGADD(10, ("got acl type ACL_GROUP_OBJ\n"));
389 break;
390 case SMB_ACL_OTHER:
391 result = ACL_OTHER;
392 DEBUGADD(10, ("got acl type ACL_OTHER\n"));
393 break;
394 case SMB_ACL_MASK:
395 result = ACL_MASK;
396 DEBUGADD(10, ("got acl type ACL_MASK\n"));
397 break;
398 default:
399 DEBUG(1, ("Unknown tag type %d\n", smb_tag));
400 result = -1;
402 return result;
406 static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag)
408 SMB_ACL_TAG_T smb_tag_type;
409 switch(tru64_tag) {
410 case ACL_USER:
411 smb_tag_type = SMB_ACL_USER;
412 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER\n"));
413 break;
414 case ACL_USER_OBJ:
415 smb_tag_type = SMB_ACL_USER_OBJ;
416 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER_OBJ\n"));
417 break;
418 case ACL_GROUP:
419 smb_tag_type = SMB_ACL_GROUP;
420 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP\n"));
421 break;
422 case ACL_GROUP_OBJ:
423 smb_tag_type = SMB_ACL_GROUP_OBJ;
424 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP_OBJ\n"));
425 break;
426 case ACL_OTHER:
427 smb_tag_type = SMB_ACL_OTHER;
428 DEBUGADD(10, ("got smb acl tag type SMB_ACL_OTHER\n"));
429 break;
430 case ACL_MASK:
431 smb_tag_type = SMB_ACL_MASK;
432 DEBUGADD(10, ("got smb acl tag type SMB_ACL_MASK\n"));
433 break;
434 default:
435 DEBUG(0, ("Unknown tag type %d\n", (unsigned int)tru64_tag));
436 smb_tag_type = 0;
438 return smb_tag_type;
441 static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset)
443 /* originally, I thought that acl_clear_perm was the
444 * proper way to reset the permset to 0. but without
445 * initializing it to 0, acl_clear_perm fails.
446 * so probably, acl_clear_perm is not necessary here... ?! */
447 acl_perm_t tru64_permset = 0;
448 if (acl_clear_perm(&tru64_permset) != 0) {
449 DEBUG(5, ("acl_clear_perm failed: %s\n", strerror(errno)));
450 return -1;
452 /* according to original lib/sysacls.c, acl_add_perm is
453 * broken on tru64 ... */
454 tru64_permset |= ((smb_permset & SMB_ACL_READ) ? ACL_READ : 0);
455 tru64_permset |= ((smb_permset & SMB_ACL_WRITE) ? ACL_WRITE : 0);
456 tru64_permset |= ((smb_permset & SMB_ACL_EXECUTE) ? ACL_EXECUTE : 0);
457 return tru64_permset;
460 static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset)
462 SMB_ACL_PERM_T smb_permset = 0;
463 smb_permset |= ((tru64_permset & ACL_READ) ? SMB_ACL_READ : 0);
464 smb_permset |= ((tru64_permset & ACL_WRITE) ? SMB_ACL_WRITE : 0);
465 smb_permset |= ((tru64_permset & ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0);
466 return smb_permset;
470 /* VFS operations structure */
472 static struct vfs_fn_pointers tru64acl_fns = {
473 .sys_acl_get_file_fn = tru64acl_sys_acl_get_file,
474 .sys_acl_get_fd_fn = tru64acl_sys_acl_get_fd,
475 .sys_acl_set_file_fn = tru64acl_sys_acl_set_file,
476 .sys_acl_set_fd_fn = tru64acl_sys_acl_set_fd,
477 .sys_acl_delete_def_file_fn = tru64acl_sys_acl_delete_def_file,
480 NTSTATUS vfs_tru64acl_init(void);
481 NTSTATUS vfs_tru64acl_init(void)
483 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "tru64acl",
484 &tru64acl_fns);
487 /* ENTE */