From e626cb70fd40ee5b5911d17a74dd8e6e7b0f183b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Jun 2019 14:55:37 -0700 Subject: [PATCH] s3: smbd: Cleanup - make remove_posix_acl() return NTSTATUS. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- source3/smbd/posix_acls.c | 30 +++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index fce4fa59ce5..5cf06a8e2b2 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4407,24 +4407,25 @@ bool set_unix_posix_default_acl(connection_struct *conn, FIXME ! How does the share mask/mode fit into this.... ? ****************************************************************************/ -static bool remove_posix_acl(connection_struct *conn, +static NTSTATUS remove_posix_acl(connection_struct *conn, files_struct *fsp, const struct smb_filename *smb_fname) { SMB_ACL_T file_acl = NULL; int entry_id = SMB_ACL_FIRST_ENTRY; SMB_ACL_ENTRY_T entry; - bool ok = false; const char *fname = smb_fname->base_name; /* Create a new ACL with only 3 entries, u/g/w. */ SMB_ACL_T new_file_acl = NULL; SMB_ACL_ENTRY_T user_ent = NULL; SMB_ACL_ENTRY_T group_ent = NULL; SMB_ACL_ENTRY_T other_ent = NULL; + NTSTATUS status; int ret; new_file_acl = sys_acl_init(talloc_tos()); if (new_file_acl == NULL) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to init new ACL with 3 entries " "for file %s %s.\n", fname, @@ -4435,6 +4436,7 @@ static bool remove_posix_acl(connection_struct *conn, /* Now create the u/g/w entries. */ ret = sys_acl_create_entry(&new_file_acl, &user_ent); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to create user entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4442,6 +4444,7 @@ static bool remove_posix_acl(connection_struct *conn, } ret = sys_acl_set_tag_type(user_ent, SMB_ACL_USER_OBJ); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to set user entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4450,6 +4453,7 @@ static bool remove_posix_acl(connection_struct *conn, ret = sys_acl_create_entry(&new_file_acl, &group_ent); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to create group entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4457,6 +4461,7 @@ static bool remove_posix_acl(connection_struct *conn, } ret = sys_acl_set_tag_type(group_ent, SMB_ACL_GROUP_OBJ); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to set group entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4465,6 +4470,7 @@ static bool remove_posix_acl(connection_struct *conn, ret = sys_acl_create_entry(&new_file_acl, &other_ent); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to create other entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4472,6 +4478,7 @@ static bool remove_posix_acl(connection_struct *conn, } ret = sys_acl_set_tag_type(other_ent, SMB_ACL_OTHER); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("Failed to set other entry for file %s. (%s)\n", fname, strerror(errno)); @@ -4488,6 +4495,7 @@ static bool remove_posix_acl(connection_struct *conn, } if (file_acl == NULL) { + status = map_nt_error_from_unix(errno); /* This is only returned if an error occurred. Even for a file with no acl a u/g/w acl should be returned. */ DBG_INFO("failed to get ACL from file %s (%s).\n", @@ -4504,6 +4512,7 @@ static bool remove_posix_acl(connection_struct *conn, ret = sys_acl_get_tag_type(entry, &tagtype); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to get tagtype from ACL " "on file %s (%s).\n", fname, @@ -4513,6 +4522,7 @@ static bool remove_posix_acl(connection_struct *conn, ret = sys_acl_get_permset(entry, &permset); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to get permset from ACL " "on file %s (%s).\n", fname, @@ -4523,6 +4533,7 @@ static bool remove_posix_acl(connection_struct *conn, if (tagtype == SMB_ACL_USER_OBJ) { ret = sys_acl_set_permset(user_ent, permset); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to set permset from ACL " "on file %s (%s).\n", fname, @@ -4532,6 +4543,7 @@ static bool remove_posix_acl(connection_struct *conn, } else if (tagtype == SMB_ACL_GROUP_OBJ) { ret = sys_acl_set_permset(group_ent, permset); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to set permset from ACL " "on file %s (%s).\n", fname, @@ -4541,6 +4553,7 @@ static bool remove_posix_acl(connection_struct *conn, } else if (tagtype == SMB_ACL_OTHER) { ret = sys_acl_set_permset(other_ent, permset); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("failed to set permset from ACL " "on file %s (%s).\n", fname, @@ -4554,6 +4567,7 @@ static bool remove_posix_acl(connection_struct *conn, if (fsp && fsp->fh->fd != -1) { ret = SMB_VFS_SYS_ACL_SET_FD(fsp, new_file_acl); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("acl_set_file failed on %s (%s)\n", fname, strerror(errno)); @@ -4565,6 +4579,7 @@ static bool remove_posix_acl(connection_struct *conn, SMB_ACL_TYPE_ACCESS, new_file_acl); if (ret == -1) { + status = map_nt_error_from_unix(errno); DBG_INFO("acl_set_file failed on %s (%s)\n", fname, strerror(errno)); @@ -4572,13 +4587,13 @@ static bool remove_posix_acl(connection_struct *conn, } } - ok = true; + status = NT_STATUS_OK; done: TALLOC_FREE(file_acl); TALLOC_FREE(new_file_acl); - return ok; + return status; } /**************************************************************************** @@ -4596,10 +4611,15 @@ bool set_unix_posix_acl(connection_struct *conn, SMB_ACL_T file_acl = NULL; const char *fname = smb_fname->base_name; int ret; + NTSTATUS status; if (!num_acls) { /* Remove the ACL from the file. */ - return remove_posix_acl(conn, fsp, smb_fname); + status = remove_posix_acl(conn, fsp, smb_fname); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + return true; } file_acl = create_posix_acl_from_wire(conn, -- 2.11.4.GIT