2 Unix SMB/CIFS implementation.
3 service (connection) opening and closing
4 Copyright (C) Andrew Tridgell 1992-1998
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "smbd/globals.h"
22 #include "../librpc/gen_ndr/netlogon.h"
23 #include "../libcli/security/security.h"
25 extern userdom_struct current_user_info
;
27 static bool canonicalize_connect_path(connection_struct
*conn
)
30 char *resolved_name
= SMB_VFS_REALPATH(conn
,conn
->connectpath
);
34 ret
= set_conn_connectpath(conn
,resolved_name
);
35 SAFE_FREE(resolved_name
);
39 /****************************************************************************
40 Ensure when setting connectpath it is a canonicalized (no ./ // or ../)
41 absolute path stating in / and not ending in /.
42 Observent people will notice a similarity between this and check_path_syntax :-).
43 ****************************************************************************/
45 bool set_conn_connectpath(connection_struct
*conn
, const char *connectpath
)
49 const char *s
= connectpath
;
50 bool start_of_name_component
= true;
52 if (connectpath
== NULL
|| connectpath
[0] == '\0') {
56 /* Allocate for strlen + '\0' + possible leading '/' */
57 destname
= (char *)SMB_MALLOC(strlen(connectpath
) + 2);
63 *d
++ = '/'; /* Always start with root. */
67 /* Eat multiple '/' */
71 if ((d
> destname
+ 1) && (*s
!= '\0')) {
74 start_of_name_component
= True
;
78 if (start_of_name_component
) {
79 if ((s
[0] == '.') && (s
[1] == '.') && (s
[2] == '/' || s
[2] == '\0')) {
80 /* Uh oh - "/../" or "/..\0" ! */
82 /* Go past the ../ or .. */
86 s
+= 2; /* Go past the .. */
89 /* If we just added a '/' - delete it */
90 if ((d
> destname
) && (*(d
-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 *d
++ = '/'; /* Can't delete root */
100 /* Go back one level... */
101 /* Decrement d first as d points to the *next* char to write into. */
102 for (d
--; d
> destname
; d
--) {
107 /* We're still at the start of a name component, just the previous one. */
109 } else if ((s
[0] == '.') && ((s
[1] == '\0') || s
[1] == '/')) {
110 /* Component of pathname can't be "." only - skip the '.' . */
124 /* Get the size of the next MB character. */
125 next_codepoint(s
,&siz
);
146 start_of_name_component
= false;
150 /* And must not end in '/' */
151 if (d
> destname
+ 1 && (*(d
-1) == '/')) {
155 DEBUG(10,("set_conn_connectpath: service %s, connectpath = %s\n",
156 lp_servicename(SNUM(conn
)), destname
));
158 string_set(&conn
->connectpath
, destname
);
163 /****************************************************************************
164 Load parameters specific to a connection/service.
165 ****************************************************************************/
167 bool set_current_service(connection_struct
*conn
, uint16 flags
, bool do_chdir
)
176 conn
->lastused_count
++;
181 vfs_ChDir(conn
,conn
->connectpath
) != 0 &&
182 vfs_ChDir(conn
,conn
->origpath
) != 0) {
183 DEBUG(((errno
!=EACCES
)?0:3),("chdir (%s) failed, reason: %s\n",
184 conn
->connectpath
, strerror(errno
)));
188 if ((conn
== last_conn
) && (last_flags
== flags
)) {
195 /* Obey the client case sensitivity requests - only for clients that support it. */
196 switch (lp_casesensitive(snum
)) {
199 /* We need this uglyness due to DOS/Win9x clients that lie about case insensitivity. */
200 enum remote_arch_types ra_type
= get_remote_arch();
201 if ((ra_type
!= RA_SAMBA
) && (ra_type
!= RA_CIFSFS
)) {
202 /* Client can't support per-packet case sensitive pathnames. */
203 conn
->case_sensitive
= False
;
205 conn
->case_sensitive
= !(flags
& FLAG_CASELESS_PATHNAMES
);
210 conn
->case_sensitive
= True
;
213 conn
->case_sensitive
= False
;
219 static int load_registry_service(const char *servicename
)
221 if (!lp_registry_shares()) {
225 if ((servicename
== NULL
) || (*servicename
== '\0')) {
229 if (strequal(servicename
, GLOBAL_NAME
)) {
233 if (!process_registry_service(servicename
)) {
237 return lp_servicenumber(servicename
);
240 void load_registry_shares(void)
242 DEBUG(8, ("load_registry_shares()\n"));
243 if (!lp_registry_shares()) {
247 process_registry_shares();
252 /****************************************************************************
253 Add a home service. Returns the new service number or -1 if fail.
254 ****************************************************************************/
256 int add_home_service(const char *service
, const char *username
, const char *homedir
)
260 if (!service
|| !homedir
|| homedir
[0] == '\0')
263 if ((iHomeService
= lp_servicenumber(HOMES_NAME
)) < 0) {
264 if ((iHomeService
= load_registry_service(HOMES_NAME
)) < 0) {
270 * If this is a winbindd provided username, remove
271 * the domain component before adding the service.
272 * Log a warning if the "path=" parameter does not
273 * include any macros.
277 const char *p
= strchr(service
,*lp_winbind_separator());
279 /* We only want the 'user' part of the string */
285 if (!lp_add_home(service
, iHomeService
, username
, homedir
)) {
289 return lp_servicenumber(service
);
294 * Find a service entry.
296 * @param service is modified (to canonical form??)
299 int find_service(TALLOC_CTX
*ctx
, const char *service_in
, char **p_service_out
)
307 /* First make a copy. */
308 *p_service_out
= talloc_strdup(ctx
, service_in
);
309 if (!*p_service_out
) {
313 all_string_sub(*p_service_out
,"\\","/",0);
315 iService
= lp_servicenumber(*p_service_out
);
317 /* now handle the special case of a home directory */
319 char *phome_dir
= get_user_home_dir(ctx
, *p_service_out
);
323 * Try mapping the servicename, it may
324 * be a Windows to unix mapped user name.
326 if(map_username(ctx
, *p_service_out
, p_service_out
)) {
327 if (*p_service_out
== NULL
) {
331 phome_dir
= get_user_home_dir(
332 ctx
, *p_service_out
);
336 DEBUG(3,("checking for home directory %s gave %s\n",*p_service_out
,
337 phome_dir
?phome_dir
:"(NULL)"));
339 iService
= add_home_service(*p_service_out
,*p_service_out
/* 'username' */, phome_dir
);
342 /* If we still don't have a service, attempt to add it as a printer. */
346 if ((iPrinterService
= lp_servicenumber(PRINTERS_NAME
)) < 0) {
347 iPrinterService
= load_registry_service(PRINTERS_NAME
);
349 if (iPrinterService
>= 0) {
350 DEBUG(3,("checking whether %s is a valid printer name...\n",
352 if (pcap_printername_ok(*p_service_out
)) {
353 DEBUG(3,("%s is a valid printer name\n",
355 DEBUG(3,("adding %s as a printer service\n",
357 lp_add_printer(*p_service_out
, iPrinterService
);
358 iService
= lp_servicenumber(*p_service_out
);
360 DEBUG(0,("failed to add %s as a printer service!\n",
364 DEBUG(3,("%s is not a valid printer name\n",
370 /* Check for default vfs service? Unsure whether to implement this */
375 iService
= load_registry_service(*p_service_out
);
378 /* Is it a usershare service ? */
379 if (iService
< 0 && *lp_usershare_path()) {
380 /* Ensure the name is canonicalized. */
381 strlower_m(*p_service_out
);
382 iService
= load_usershare_service(*p_service_out
);
385 /* just possibly it's a default service? */
387 char *pdefservice
= lp_defaultservice();
390 !strequal(pdefservice
, *p_service_out
)
391 && !strstr_m(*p_service_out
,"..")) {
393 * We need to do a local copy here as lp_defaultservice()
394 * returns one of the rotating lp_string buffers that
395 * could get overwritten by the recursive find_service() call
396 * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
398 char *defservice
= talloc_strdup(ctx
, pdefservice
);
404 /* Disallow anything except explicit share names. */
405 if (strequal(defservice
,HOMES_NAME
) ||
406 strequal(defservice
, PRINTERS_NAME
) ||
407 strequal(defservice
, "IPC$")) {
408 TALLOC_FREE(defservice
);
412 iService
= find_service(ctx
, defservice
, p_service_out
);
413 if (!*p_service_out
) {
414 TALLOC_FREE(defservice
);
419 all_string_sub(*p_service_out
, "_","/",0);
420 iService
= lp_add_service(*p_service_out
, iService
);
422 TALLOC_FREE(defservice
);
427 if (!VALID_SNUM(iService
)) {
428 DEBUG(0,("Invalid snum %d for %s\n",iService
,
437 DEBUG(3,("find_service() failed to find service %s\n",
445 /****************************************************************************
446 do some basic sainity checks on the share.
447 This function modifies dev, ecode.
448 ****************************************************************************/
450 static NTSTATUS
share_sanity_checks(struct client_address
*client_id
, int snum
,
453 if (!lp_snum_ok(snum
) ||
454 !allow_access(lp_hostsdeny(snum
), lp_hostsallow(snum
),
455 client_id
->name
, client_id
->addr
)) {
456 return NT_STATUS_ACCESS_DENIED
;
459 if (dev
[0] == '?' || !dev
[0]) {
460 if (lp_print_ok(snum
)) {
461 fstrcpy(dev
,"LPT1:");
462 } else if (strequal(lp_fstype(snum
), "IPC")) {
471 if (lp_print_ok(snum
)) {
472 if (!strequal(dev
, "LPT1:")) {
473 return NT_STATUS_BAD_DEVICE_TYPE
;
475 } else if (strequal(lp_fstype(snum
), "IPC")) {
476 if (!strequal(dev
, "IPC")) {
477 return NT_STATUS_BAD_DEVICE_TYPE
;
479 } else if (!strequal(dev
, "A:")) {
480 return NT_STATUS_BAD_DEVICE_TYPE
;
483 /* Behave as a printer if we are supposed to */
484 if (lp_print_ok(snum
) && (strcmp(dev
, "A:") == 0)) {
485 fstrcpy(dev
, "LPT1:");
492 * Go through lookup_name etc to find the force'd group.
494 * Create a new token from src_token, replacing the primary group sid with the
498 static NTSTATUS
find_forced_group(bool force_user
,
499 int snum
, const char *username
,
500 struct dom_sid
*pgroup_sid
,
503 NTSTATUS result
= NT_STATUS_NO_SUCH_GROUP
;
504 TALLOC_CTX
*frame
= talloc_stackframe();
505 struct dom_sid group_sid
;
506 enum lsa_SidType type
;
508 bool user_must_be_member
= False
;
511 groupname
= talloc_strdup(talloc_tos(), lp_force_group(snum
));
512 if (groupname
== NULL
) {
513 DEBUG(1, ("talloc_strdup failed\n"));
514 result
= NT_STATUS_NO_MEMORY
;
518 if (groupname
[0] == '+') {
519 user_must_be_member
= True
;
523 groupname
= talloc_string_sub(talloc_tos(), groupname
,
524 "%S", lp_servicename(snum
));
525 if (groupname
== NULL
) {
526 DEBUG(1, ("talloc_string_sub failed\n"));
527 result
= NT_STATUS_NO_MEMORY
;
531 if (!lookup_name_smbconf(talloc_tos(), groupname
,
532 LOOKUP_NAME_ALL
|LOOKUP_NAME_GROUP
,
533 NULL
, NULL
, &group_sid
, &type
)) {
534 DEBUG(10, ("lookup_name_smbconf(%s) failed\n",
539 if ((type
!= SID_NAME_DOM_GRP
) && (type
!= SID_NAME_ALIAS
) &&
540 (type
!= SID_NAME_WKN_GRP
)) {
541 DEBUG(10, ("%s is a %s, not a group\n", groupname
,
542 sid_type_lookup(type
)));
546 if (!sid_to_gid(&group_sid
, &gid
)) {
547 DEBUG(10, ("sid_to_gid(%s) for %s failed\n",
548 sid_string_dbg(&group_sid
), groupname
));
553 * If the user has been forced and the forced group starts with a '+',
554 * then we only set the group to be the forced group if the forced
555 * user is a member of that group. Otherwise, the meaning of the '+'
559 if (force_user
&& user_must_be_member
) {
560 if (user_in_group_sid(username
, &group_sid
)) {
561 sid_copy(pgroup_sid
, &group_sid
);
563 DEBUG(3,("Forced group %s for member %s\n",
564 groupname
, username
));
566 DEBUG(0,("find_forced_group: forced user %s is not a member "
567 "of forced group %s. Disallowing access.\n",
568 username
, groupname
));
569 result
= NT_STATUS_MEMBER_NOT_IN_GROUP
;
573 sid_copy(pgroup_sid
, &group_sid
);
575 DEBUG(3,("Forced group %s\n", groupname
));
578 result
= NT_STATUS_OK
;
584 /****************************************************************************
585 Create an auth_serversupplied_info structure for a connection_struct
586 ****************************************************************************/
588 static NTSTATUS
create_connection_server_info(struct smbd_server_connection
*sconn
,
589 TALLOC_CTX
*mem_ctx
, int snum
,
590 struct auth_serversupplied_info
*vuid_serverinfo
,
592 struct auth_serversupplied_info
**presult
)
594 if (lp_guest_only(snum
)) {
595 return make_server_info_guest(mem_ctx
, presult
);
598 if (vuid_serverinfo
!= NULL
) {
600 struct auth_serversupplied_info
*result
;
603 * This is the normal security != share case where we have a
604 * valid vuid from the session setup. */
606 if (vuid_serverinfo
->guest
) {
607 if (!lp_guest_ok(snum
)) {
608 DEBUG(2, ("guest user (from session setup) "
609 "not permitted to access this share "
610 "(%s)\n", lp_servicename(snum
)));
611 return NT_STATUS_ACCESS_DENIED
;
614 if (!user_ok_token(vuid_serverinfo
->unix_name
,
615 vuid_serverinfo
->info3
->base
.domain
.string
,
616 vuid_serverinfo
->ptok
, snum
)) {
617 DEBUG(2, ("user '%s' (from session setup) not "
618 "permitted to access this share "
620 vuid_serverinfo
->unix_name
,
621 lp_servicename(snum
)));
622 return NT_STATUS_ACCESS_DENIED
;
626 result
= copy_serverinfo(mem_ctx
, vuid_serverinfo
);
627 if (result
== NULL
) {
628 return NT_STATUS_NO_MEMORY
;
635 if (lp_security() == SEC_SHARE
) {
640 /* add the sharename as a possible user name if we
641 are in share mode security */
643 add_session_user(sconn
, lp_servicename(snum
));
645 /* shall we let them in? */
647 if (!authorise_login(sconn
, snum
,user
,password
,&guest
)) {
648 DEBUG( 2, ( "Invalid username/password for [%s]\n",
649 lp_servicename(snum
)) );
650 return NT_STATUS_WRONG_PASSWORD
;
653 return make_serverinfo_from_username(mem_ctx
, user
, guest
,
657 DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
658 return NT_STATUS_ACCESS_DENIED
;
662 /****************************************************************************
663 Make a connection, given the snum to connect to, and the vuser of the
664 connecting user if appropriate.
665 ****************************************************************************/
667 connection_struct
*make_connection_snum(struct smbd_server_connection
*sconn
,
668 int snum
, user_struct
*vuser
,
673 connection_struct
*conn
= NULL
;
674 struct smb_filename
*smb_fname_cpath
= NULL
;
677 bool on_err_call_dis_hook
= false;
678 bool claimed_connection
= false;
685 *pstatus
= share_sanity_checks(&sconn
->client_id
, snum
, dev
);
686 if (NT_STATUS_IS_ERR(*pstatus
)) {
690 conn
= conn_new(sconn
);
692 DEBUG(0,("Couldn't find free connection.\n"));
693 *pstatus
= NT_STATUS_INSUFFICIENT_RESOURCES
;
697 conn
->params
->service
= snum
;
699 status
= create_connection_server_info(sconn
,
700 conn
, snum
, vuser
? vuser
->server_info
: NULL
, password
,
703 if (!NT_STATUS_IS_OK(status
)) {
704 DEBUG(1, ("create_connection_server_info failed: %s\n",
710 if ((lp_guest_only(snum
)) || (lp_security() == SEC_SHARE
)) {
711 conn
->force_user
= true;
714 add_session_user(sconn
, conn
->server_info
->unix_name
);
716 conn
->num_files_open
= 0;
717 conn
->lastused
= conn
->lastused_count
= time(NULL
);
719 conn
->printer
= (strncmp(dev
,"LPT",3) == 0);
720 conn
->ipc
= ( (strncmp(dev
,"IPC",3) == 0) ||
721 ( lp_enable_asu_support() && strequal(dev
,"ADMIN$")) );
723 /* Case options for the share. */
724 if (lp_casesensitive(snum
) == Auto
) {
725 /* We will be setting this per packet. Set to be case
726 * insensitive for now. */
727 conn
->case_sensitive
= False
;
729 conn
->case_sensitive
= (bool)lp_casesensitive(snum
);
732 conn
->case_preserve
= lp_preservecase(snum
);
733 conn
->short_case_preserve
= lp_shortpreservecase(snum
);
735 conn
->encrypt_level
= lp_smb_encrypt(snum
);
737 conn
->veto_list
= NULL
;
738 conn
->hide_list
= NULL
;
739 conn
->veto_oplock_list
= NULL
;
740 conn
->aio_write_behind_list
= NULL
;
742 conn
->read_only
= lp_readonly(SNUM(conn
));
744 if (*lp_force_user(snum
)) {
747 * Replace conn->server_info with a completely faked up one
748 * from the username we are forced into :-)
752 struct auth_serversupplied_info
*forced_serverinfo
;
754 fuser
= talloc_string_sub(conn
, lp_force_user(snum
), "%S",
755 lp_servicename(snum
));
757 *pstatus
= NT_STATUS_NO_MEMORY
;
761 status
= make_serverinfo_from_username(
762 conn
, fuser
, conn
->server_info
->guest
,
764 if (!NT_STATUS_IS_OK(status
)) {
769 TALLOC_FREE(conn
->server_info
);
770 conn
->server_info
= forced_serverinfo
;
772 conn
->force_user
= True
;
773 DEBUG(3,("Forced user %s\n", fuser
));
777 * If force group is true, then override
778 * any groupid stored for the connecting user.
781 if (*lp_force_group(snum
)) {
783 status
= find_forced_group(
784 conn
->force_user
, snum
, conn
->server_info
->unix_name
,
785 &conn
->server_info
->ptok
->sids
[1],
786 &conn
->server_info
->utok
.gid
);
788 if (!NT_STATUS_IS_OK(status
)) {
794 * We need to cache this gid, to use within
795 * change_to_user() separately from the conn->server_info
796 * struct. We only use conn->server_info directly if
797 * "force_user" was set.
799 conn
->force_group_gid
= conn
->server_info
->utok
.gid
;
802 conn
->vuid
= (vuser
!= NULL
) ? vuser
->vuid
: UID_FIELD_INVALID
;
805 char *s
= talloc_sub_advanced(talloc_tos(),
806 lp_servicename(SNUM(conn
)),
807 conn
->server_info
->unix_name
,
809 conn
->server_info
->utok
.gid
,
810 conn
->server_info
->sanitized_username
,
811 conn
->server_info
->info3
->base
.domain
.string
,
814 *pstatus
= NT_STATUS_NO_MEMORY
;
818 if (!set_conn_connectpath(conn
,s
)) {
820 *pstatus
= NT_STATUS_NO_MEMORY
;
823 DEBUG(3,("Connect path is '%s' for service [%s]\n",s
,
824 lp_servicename(snum
)));
829 * New code to check if there's a share security descripter
830 * added from NT server manager. This is done after the
831 * smb.conf checks are done as we need a uid and token. JRA.
836 bool can_write
= False
;
838 can_write
= share_access_check(conn
->server_info
->ptok
,
839 lp_servicename(snum
),
843 if (!share_access_check(conn
->server_info
->ptok
,
844 lp_servicename(snum
),
846 /* No access, read or write. */
847 DEBUG(0,("make_connection: connection to %s "
848 "denied due to security "
850 lp_servicename(snum
)));
851 *pstatus
= NT_STATUS_ACCESS_DENIED
;
854 conn
->read_only
= True
;
858 /* Initialise VFS function pointers */
860 if (!smbd_vfs_init(conn
)) {
861 DEBUG(0, ("vfs_init failed for service %s\n",
862 lp_servicename(snum
)));
863 *pstatus
= NT_STATUS_BAD_NETWORK_NAME
;
867 /* ROOT Activities: */
868 /* explicitly check widelinks here so that we can correctly warn
870 widelinks_warning(snum
);
873 * Enforce the max connections parameter.
876 if ((lp_max_connections(snum
) > 0)
877 && (count_current_connections(lp_servicename(SNUM(conn
)), True
) >=
878 lp_max_connections(snum
))) {
880 DEBUG(1, ("Max connections (%d) exceeded for %s\n",
881 lp_max_connections(snum
), lp_servicename(snum
)));
882 *pstatus
= NT_STATUS_INSUFFICIENT_RESOURCES
;
887 * Get us an entry in the connections db
889 if (!claim_connection(conn
, lp_servicename(snum
))) {
890 DEBUG(1, ("Could not store connections entry\n"));
891 *pstatus
= NT_STATUS_INTERNAL_DB_ERROR
;
894 claimed_connection
= true;
896 /* Invoke VFS make connection hook - this must be the first
897 filesystem operation that we do. */
899 if (SMB_VFS_CONNECT(conn
, lp_servicename(snum
),
900 conn
->server_info
->unix_name
) < 0) {
901 DEBUG(0,("make_connection: VFS make connection failed!\n"));
902 *pstatus
= NT_STATUS_UNSUCCESSFUL
;
906 /* Any error exit after here needs to call the disconnect hook. */
907 on_err_call_dis_hook
= true;
909 if ((!conn
->printer
) && (!conn
->ipc
)) {
910 conn
->notify_ctx
= notify_init(conn
,
911 sconn_server_id(sconn
),
913 smbd_event_context(),
918 * Fix compatibility issue pointed out by Volker.
919 * We pass the conn->connectpath to the preexec
920 * scripts as a parameter, so attempt to canonicalize
921 * it here before calling the preexec scripts.
922 * We ignore errors here, as it is possible that
923 * the conn->connectpath doesn't exist yet and
924 * the preexec scripts will create them.
927 (void)canonicalize_connect_path(conn
);
929 /* Preexecs are done here as they might make the dir we are to ChDir
931 /* execute any "root preexec = " line */
932 if (*lp_rootpreexec(snum
)) {
933 char *cmd
= talloc_sub_advanced(talloc_tos(),
934 lp_servicename(SNUM(conn
)),
935 conn
->server_info
->unix_name
,
937 conn
->server_info
->utok
.gid
,
938 conn
->server_info
->sanitized_username
,
939 conn
->server_info
->info3
->base
.domain
.string
,
940 lp_rootpreexec(snum
));
941 DEBUG(5,("cmd=%s\n",cmd
));
942 ret
= smbrun(cmd
,NULL
);
944 if (ret
!= 0 && lp_rootpreexec_close(snum
)) {
945 DEBUG(1,("root preexec gave %d - failing "
946 "connection\n", ret
));
947 *pstatus
= NT_STATUS_ACCESS_DENIED
;
952 /* USER Activites: */
953 if (!change_to_user(conn
, conn
->vuid
)) {
954 /* No point continuing if they fail the basic checks */
955 DEBUG(0,("Can't become connected user!\n"));
956 *pstatus
= NT_STATUS_LOGON_FAILURE
;
963 /* Remember that a different vuid can connect later without these
966 /* Preexecs are done here as they might make the dir we are to ChDir
969 /* execute any "preexec = " line */
970 if (*lp_preexec(snum
)) {
971 char *cmd
= talloc_sub_advanced(talloc_tos(),
972 lp_servicename(SNUM(conn
)),
973 conn
->server_info
->unix_name
,
975 conn
->server_info
->utok
.gid
,
976 conn
->server_info
->sanitized_username
,
977 conn
->server_info
->info3
->base
.domain
.string
,
979 ret
= smbrun(cmd
,NULL
);
981 if (ret
!= 0 && lp_preexec_close(snum
)) {
982 DEBUG(1,("preexec gave %d - failing connection\n",
984 *pstatus
= NT_STATUS_ACCESS_DENIED
;
989 #ifdef WITH_FAKE_KASERVER
990 if (lp_afs_share(snum
)) {
996 * we've finished with the user stuff - go back to root
997 * so the SMB_VFS_STAT call will only fail on path errors,
998 * not permission problems.
1000 change_to_root_user();
1001 /* ROOT Activites: */
1004 * If widelinks are disallowed we need to canonicalise the connect
1005 * path here to ensure we don't have any symlinks in the
1006 * connectpath. We will be checking all paths on this connection are
1007 * below this directory. We must do this after the VFS init as we
1008 * depend on the realpath() pointer in the vfs table. JRA.
1010 if (!lp_widelinks(snum
)) {
1011 if (!canonicalize_connect_path(conn
)) {
1012 DEBUG(0, ("canonicalize_connect_path failed "
1013 "for service %s, path %s\n",
1014 lp_servicename(snum
),
1015 conn
->connectpath
));
1016 *pstatus
= NT_STATUS_BAD_NETWORK_NAME
;
1021 /* Add veto/hide lists */
1022 if (!IS_IPC(conn
) && !IS_PRINT(conn
)) {
1023 set_namearray( &conn
->veto_list
, lp_veto_files(snum
));
1024 set_namearray( &conn
->hide_list
, lp_hide_files(snum
));
1025 set_namearray( &conn
->veto_oplock_list
, lp_veto_oplocks(snum
));
1026 set_namearray( &conn
->aio_write_behind_list
,
1027 lp_aio_write_behind(snum
));
1029 status
= create_synthetic_smb_fname(talloc_tos(), conn
->connectpath
,
1030 NULL
, NULL
, &smb_fname_cpath
);
1031 if (!NT_STATUS_IS_OK(status
)) {
1036 /* win2000 does not check the permissions on the directory
1037 during the tree connect, instead relying on permission
1038 check during individual operations. To match this behaviour
1039 I have disabled this chdir check (tridge) */
1040 /* the alternative is just to check the directory exists */
1042 if ((ret
= SMB_VFS_STAT(conn
, smb_fname_cpath
)) != 0 ||
1043 !S_ISDIR(smb_fname_cpath
->st
.st_ex_mode
)) {
1044 if (ret
== 0 && !S_ISDIR(smb_fname_cpath
->st
.st_ex_mode
)) {
1045 DEBUG(0,("'%s' is not a directory, when connecting to "
1046 "[%s]\n", conn
->connectpath
,
1047 lp_servicename(snum
)));
1049 DEBUG(0,("'%s' does not exist or permission denied "
1050 "when connecting to [%s] Error was %s\n",
1051 conn
->connectpath
, lp_servicename(snum
),
1054 *pstatus
= NT_STATUS_BAD_NETWORK_NAME
;
1057 conn
->base_share_dev
= smb_fname_cpath
->st
.st_ex_dev
;
1059 string_set(&conn
->origpath
,conn
->connectpath
);
1061 /* Figure out the characteristics of the underlying filesystem. This
1062 * assumes that all the filesystem mounted withing a share path have
1063 * the same characteristics, which is likely but not guaranteed.
1066 conn
->fs_capabilities
= SMB_VFS_FS_CAPABILITIES(conn
, &conn
->ts_res
);
1069 * Print out the 'connected as' stuff here as we need
1070 * to know the effective uid and gid we will be using
1071 * (at least initially).
1074 if( DEBUGLVL( IS_IPC(conn
) ? 3 : 1 ) ) {
1075 dbgtext( "%s (%s) ", get_remote_machine_name(),
1076 conn
->sconn
->client_id
.addr
);
1077 dbgtext( "%s", srv_is_signing_active(sconn
) ? "signed " : "");
1078 dbgtext( "connect to service %s ", lp_servicename(snum
) );
1079 dbgtext( "initially as user %s ",
1080 conn
->server_info
->unix_name
);
1081 dbgtext( "(uid=%d, gid=%d) ", (int)effuid
, (int)effgid
);
1082 dbgtext( "(pid %d)\n", (int)sys_getpid() );
1088 TALLOC_FREE(smb_fname_cpath
);
1089 /* We must exit this function as root. */
1090 if (geteuid() != 0) {
1091 change_to_root_user();
1093 if (on_err_call_dis_hook
) {
1094 /* Call VFS disconnect hook */
1095 SMB_VFS_DISCONNECT(conn
);
1097 if (claimed_connection
) {
1098 yield_connection(conn
, lp_servicename(snum
));
1106 /****************************************************************************
1107 Make a connection to a service.
1110 ****************************************************************************/
1112 connection_struct
*make_connection(struct smbd_server_connection
*sconn
,
1113 const char *service_in
, DATA_BLOB password
,
1114 const char *pdev
, uint16 vuid
,
1118 user_struct
*vuser
= NULL
;
1119 char *service
= NULL
;
1125 /* This must ONLY BE CALLED AS ROOT. As it exits this function as
1127 if (!non_root_mode() && (euid
= geteuid()) != 0) {
1128 DEBUG(0,("make_connection: PANIC ERROR. Called as nonroot "
1129 "(%u)\n", (unsigned int)euid
));
1130 smb_panic("make_connection: PANIC ERROR. Called as nonroot\n");
1133 if (conn_num_open(sconn
) > 2047) {
1134 *status
= NT_STATUS_INSUFF_SERVER_RESOURCES
;
1138 if(lp_security() != SEC_SHARE
) {
1139 vuser
= get_valid_user_struct(sconn
, vuid
);
1141 DEBUG(1,("make_connection: refusing to connect with "
1142 "no session setup\n"));
1143 *status
= NT_STATUS_ACCESS_DENIED
;
1148 /* Logic to try and connect to the correct [homes] share, preferably
1149 without too many getpwnam() lookups. This is particulary nasty for
1150 winbind usernames, where the share name isn't the same as unix
1153 The snum of the homes share is stored on the vuser at session setup
1157 if (strequal(service_in
,HOMES_NAME
)) {
1158 if(lp_security() != SEC_SHARE
) {
1159 DATA_BLOB no_pw
= data_blob_null
;
1160 if (vuser
->homes_snum
== -1) {
1161 DEBUG(2, ("[homes] share not available for "
1162 "this user because it was not found "
1163 "or created at session setup "
1165 *status
= NT_STATUS_BAD_NETWORK_NAME
;
1168 DEBUG(5, ("making a connection to [homes] service "
1169 "created at session setup time\n"));
1170 return make_connection_snum(sconn
,
1175 /* Security = share. Try with
1176 * current_user_info.smb_name as the username. */
1177 if (*current_user_info
.smb_name
) {
1178 char *unix_username
= NULL
;
1179 (void)map_username(talloc_tos(),
1180 current_user_info
.smb_name
,
1182 snum
= find_service(talloc_tos(),
1185 if (!unix_username
) {
1186 *status
= NT_STATUS_NO_MEMORY
;
1191 DEBUG(5, ("making a connection to 'homes' "
1192 "service %s based on "
1193 "security=share\n", service_in
));
1194 return make_connection_snum(sconn
,
1200 } else if ((lp_security() != SEC_SHARE
) && (vuser
->homes_snum
!= -1)
1201 && strequal(service_in
,
1202 lp_servicename(vuser
->homes_snum
))) {
1203 DATA_BLOB no_pw
= data_blob_null
;
1204 DEBUG(5, ("making a connection to 'homes' service [%s] "
1205 "created at session setup time\n", service_in
));
1206 return make_connection_snum(sconn
,
1212 service
= talloc_strdup(talloc_tos(), service_in
);
1214 *status
= NT_STATUS_NO_MEMORY
;
1218 strlower_m(service
);
1220 snum
= find_service(talloc_tos(), service
, &service
);
1222 *status
= NT_STATUS_NO_MEMORY
;
1227 if (strequal(service
,"IPC$") ||
1228 (lp_enable_asu_support() && strequal(service
,"ADMIN$"))) {
1229 DEBUG(3,("refusing IPC connection to %s\n", service
));
1230 *status
= NT_STATUS_ACCESS_DENIED
;
1234 DEBUG(3,("%s (%s) couldn't find service %s\n",
1235 get_remote_machine_name(),
1236 tsocket_address_string(
1237 sconn
->remote_address
, talloc_tos()),
1239 *status
= NT_STATUS_BAD_NETWORK_NAME
;
1243 /* Handle non-Dfs clients attempting connections to msdfs proxy */
1244 if (lp_host_msdfs() && (*lp_msdfs_proxy(snum
) != '\0')) {
1245 DEBUG(3, ("refusing connection to dfs proxy share '%s' "
1246 "(pointing to %s)\n",
1247 service
, lp_msdfs_proxy(snum
)));
1248 *status
= NT_STATUS_BAD_NETWORK_NAME
;
1252 DEBUG(5, ("making a connection to 'normal' service %s\n", service
));
1254 return make_connection_snum(sconn
, snum
, vuser
,
1259 /****************************************************************************
1261 ****************************************************************************/
1263 void close_cnum(connection_struct
*conn
, uint16 vuid
)
1265 file_close_conn(conn
);
1267 if (!IS_IPC(conn
)) {
1268 dptr_closecnum(conn
);
1271 change_to_root_user();
1273 DEBUG(IS_IPC(conn
)?3:1, ("%s (%s) closed connection to service %s\n",
1274 get_remote_machine_name(),
1275 conn
->sconn
->client_id
.addr
,
1276 lp_servicename(SNUM(conn
))));
1278 /* Call VFS disconnect hook */
1279 SMB_VFS_DISCONNECT(conn
);
1281 yield_connection(conn
, lp_servicename(SNUM(conn
)));
1283 /* make sure we leave the directory available for unmount */
1284 vfs_ChDir(conn
, "/");
1286 /* execute any "postexec = " line */
1287 if (*lp_postexec(SNUM(conn
)) &&
1288 change_to_user(conn
, vuid
)) {
1289 char *cmd
= talloc_sub_advanced(talloc_tos(),
1290 lp_servicename(SNUM(conn
)),
1291 conn
->server_info
->unix_name
,
1293 conn
->server_info
->utok
.gid
,
1294 conn
->server_info
->sanitized_username
,
1295 conn
->server_info
->info3
->base
.domain
.string
,
1296 lp_postexec(SNUM(conn
)));
1299 change_to_root_user();
1302 change_to_root_user();
1303 /* execute any "root postexec = " line */
1304 if (*lp_rootpostexec(SNUM(conn
))) {
1305 char *cmd
= talloc_sub_advanced(talloc_tos(),
1306 lp_servicename(SNUM(conn
)),
1307 conn
->server_info
->unix_name
,
1309 conn
->server_info
->utok
.gid
,
1310 conn
->server_info
->sanitized_username
,
1311 conn
->server_info
->info3
->base
.domain
.string
,
1312 lp_rootpostexec(SNUM(conn
)));