2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/globals.h"
25 #include "fake_file.h"
26 #include "librpc/gen_ndr/messaging.h"
27 #include "../librpc/gen_ndr/ndr_security.h"
29 extern const struct generic_mapping file_generic_mapping;
31 struct deferred_open_record {
32 bool delayed_for_oplocks;
36 static NTSTATUS create_file_unixpath(connection_struct *conn,
37 struct smb_request *req,
38 struct smb_filename *smb_fname,
40 uint32_t share_access,
41 uint32_t create_disposition,
42 uint32_t create_options,
43 uint32_t file_attributes,
44 uint32_t oplock_request,
45 uint64_t allocation_size,
46 uint32_t private_flags,
47 struct security_descriptor *sd,
48 struct ea_list *ea_list,
50 files_struct **result,
53 /****************************************************************************
54 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
55 ****************************************************************************/
57 NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
58 const struct security_descriptor *sd,
59 const struct security_token *token,
60 uint32_t access_desired,
61 uint32_t *access_granted)
65 if (get_current_uid(conn) == (uid_t)0) {
66 /* I'm sorry sir, I didn't know you were root... */
67 *access_granted = access_desired;
68 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
69 *access_granted |= FILE_GENERIC_ALL;
74 return se_access_check(sd,
76 (access_desired & ~FILE_READ_ATTRIBUTES),
80 /****************************************************************************
81 Check if we have open rights.
82 ****************************************************************************/
84 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
85 const struct smb_filename *smb_fname,
87 uint32_t *access_granted)
89 /* Check if we have rights to open. */
91 struct security_descriptor *sd = NULL;
93 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
98 if (!NT_STATUS_IS_OK(status)) {
99 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
101 smb_fname_str_dbg(smb_fname),
106 status = smb1_file_se_access_check(conn,
108 get_current_nttok(conn),
112 DEBUG(10,("smbd_check_open_rights: file %s requesting "
113 "0x%x returning 0x%x (%s)\n",
114 smb_fname_str_dbg(smb_fname),
115 (unsigned int)access_mask,
116 (unsigned int)*access_granted,
117 nt_errstr(status) ));
119 if (!NT_STATUS_IS_OK(status)) {
120 if (DEBUGLEVEL >= 10) {
121 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
122 smb_fname_str_dbg(smb_fname) ));
123 NDR_PRINT_DEBUG(security_descriptor, sd);
132 /****************************************************************************
133 fd support routines - attempt to do a dos_open.
134 ****************************************************************************/
136 static NTSTATUS fd_open(struct connection_struct *conn,
141 struct smb_filename *smb_fname = fsp->fsp_name;
142 NTSTATUS status = NT_STATUS_OK;
146 * Never follow symlinks on a POSIX client. The
147 * client should be doing this.
150 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
155 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
156 if (fsp->fh->fd == -1) {
157 status = map_nt_error_from_unix(errno);
158 if (errno == EMFILE) {
159 static time_t last_warned = 0L;
161 if (time((time_t *) NULL) > last_warned) {
162 DEBUG(0,("Too many open files, unable "
163 "to open more! smbd's max "
165 lp_max_open_files()));
166 last_warned = time((time_t *) NULL);
172 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
173 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
174 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
179 /****************************************************************************
180 Close the file associated with a fsp.
181 ****************************************************************************/
183 NTSTATUS fd_close(files_struct *fsp)
187 if (fsp->fh->fd == -1) {
188 return NT_STATUS_OK; /* What we used to call a stat open. */
190 if (fsp->fh->ref_count > 1) {
191 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
194 ret = SMB_VFS_CLOSE(fsp);
197 return map_nt_error_from_unix(errno);
202 /****************************************************************************
203 Change the ownership of a file to that of the parent directory.
204 Do this by fd if possible.
205 ****************************************************************************/
207 void change_file_owner_to_parent(connection_struct *conn,
208 const char *inherit_from_dir,
211 struct smb_filename *smb_fname_parent = NULL;
215 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
216 NULL, NULL, &smb_fname_parent);
217 if (!NT_STATUS_IS_OK(status)) {
221 ret = SMB_VFS_STAT(conn, smb_fname_parent);
223 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
224 "directory %s. Error was %s\n",
225 smb_fname_str_dbg(smb_fname_parent),
231 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
234 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
235 "file %s to parent directory uid %u. Error "
236 "was %s\n", fsp_str_dbg(fsp),
237 (unsigned int)smb_fname_parent->st.st_ex_uid,
241 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
242 "parent directory uid %u.\n", fsp_str_dbg(fsp),
243 (unsigned int)smb_fname_parent->st.st_ex_uid));
245 TALLOC_FREE(smb_fname_parent);
248 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
249 const char *inherit_from_dir,
251 SMB_STRUCT_STAT *psbuf)
253 struct smb_filename *smb_fname_parent = NULL;
254 struct smb_filename *smb_fname_cwd = NULL;
255 char *saved_dir = NULL;
256 TALLOC_CTX *ctx = talloc_tos();
257 NTSTATUS status = NT_STATUS_OK;
260 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
262 if (!NT_STATUS_IS_OK(status)) {
266 ret = SMB_VFS_STAT(conn, smb_fname_parent);
268 status = map_nt_error_from_unix(errno);
269 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
270 "directory %s. Error was %s\n",
271 smb_fname_str_dbg(smb_fname_parent),
276 /* We've already done an lstat into psbuf, and we know it's a
277 directory. If we can cd into the directory and the dev/ino
278 are the same then we can safely chown without races as
279 we're locking the directory in place by being in it. This
280 should work on any UNIX (thanks tridge :-). JRA.
283 saved_dir = vfs_GetWd(ctx,conn);
285 status = map_nt_error_from_unix(errno);
286 DEBUG(0,("change_dir_owner_to_parent: failed to get "
287 "current working directory. Error was %s\n",
292 /* Chdir into the new path. */
293 if (vfs_ChDir(conn, fname) == -1) {
294 status = map_nt_error_from_unix(errno);
295 DEBUG(0,("change_dir_owner_to_parent: failed to change "
296 "current working directory to %s. Error "
297 "was %s\n", fname, strerror(errno) ));
301 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
303 if (!NT_STATUS_IS_OK(status)) {
307 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
309 status = map_nt_error_from_unix(errno);
310 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
311 "directory '.' (%s) Error was %s\n",
312 fname, strerror(errno)));
316 /* Ensure we're pointing at the same place. */
317 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
318 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
319 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
320 DEBUG(0,("change_dir_owner_to_parent: "
321 "device/inode/mode on directory %s changed. "
322 "Refusing to chown !\n", fname ));
323 status = NT_STATUS_ACCESS_DENIED;
328 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
332 status = map_nt_error_from_unix(errno);
333 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
334 "directory %s to parent directory uid %u. "
335 "Error was %s\n", fname,
336 (unsigned int)smb_fname_parent->st.st_ex_uid,
341 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
342 "directory %s to parent directory uid %u.\n",
343 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
346 vfs_ChDir(conn,saved_dir);
348 TALLOC_FREE(smb_fname_parent);
349 TALLOC_FREE(smb_fname_cwd);
353 /****************************************************************************
355 ****************************************************************************/
357 static NTSTATUS open_file(files_struct *fsp,
358 connection_struct *conn,
359 struct smb_request *req,
360 const char *parent_dir,
363 uint32 access_mask, /* client requested access mask. */
364 uint32 open_access_mask) /* what we're actually using in the open. */
366 struct smb_filename *smb_fname = fsp->fsp_name;
367 NTSTATUS status = NT_STATUS_OK;
368 int accmode = (flags & O_ACCMODE);
369 int local_flags = flags;
370 bool file_existed = VALID_STAT(fsp->fsp_name->st);
375 /* Check permissions */
378 * This code was changed after seeing a client open request
379 * containing the open mode of (DENY_WRITE/read-only) with
380 * the 'create if not exist' bit set. The previous code
381 * would fail to open the file read only on a read-only share
382 * as it was checking the flags parameter directly against O_RDONLY,
383 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
387 if (!CAN_WRITE(conn)) {
388 /* It's a read-only share - fail if we wanted to write. */
389 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
390 DEBUG(3,("Permission denied opening %s\n",
391 smb_fname_str_dbg(smb_fname)));
392 return NT_STATUS_ACCESS_DENIED;
393 } else if(flags & O_CREAT) {
394 /* We don't want to write - but we must make sure that
395 O_CREAT doesn't create the file if we have write
396 access into the directory.
398 flags &= ~(O_CREAT|O_EXCL);
399 local_flags &= ~(O_CREAT|O_EXCL);
404 * This little piece of insanity is inspired by the
405 * fact that an NT client can open a file for O_RDONLY,
406 * but set the create disposition to FILE_EXISTS_TRUNCATE.
407 * If the client *can* write to the file, then it expects to
408 * truncate the file, even though it is opening for readonly.
409 * Quicken uses this stupid trick in backup file creation...
410 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
411 * for helping track this one down. It didn't bite us in 2.0.x
412 * as we always opened files read-write in that release. JRA.
415 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
416 DEBUG(10,("open_file: truncate requested on read-only open "
417 "for file %s\n", smb_fname_str_dbg(smb_fname)));
418 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
421 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
422 (!file_existed && (local_flags & O_CREAT)) ||
423 ((local_flags & O_TRUNC) == O_TRUNC) ) {
427 * We can't actually truncate here as the file may be locked.
428 * open_file_ntcreate will take care of the truncate later. JRA.
431 local_flags &= ~O_TRUNC;
433 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
435 * We would block on opening a FIFO with no one else on the
436 * other end. Do what we used to do and add O_NONBLOCK to the
440 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
441 local_flags |= O_NONBLOCK;
445 /* Don't create files with Microsoft wildcard characters. */
448 * wildcard characters are allowed in stream names
449 * only test the basefilename
451 wild = fsp->base_fsp->fsp_name->base_name;
453 wild = smb_fname->base_name;
455 if ((local_flags & O_CREAT) && !file_existed &&
457 return NT_STATUS_OBJECT_NAME_INVALID;
460 /* Actually do the open */
461 status = fd_open(conn, fsp, local_flags, unx_mode);
462 if (!NT_STATUS_IS_OK(status)) {
463 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
464 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
465 nt_errstr(status),local_flags,flags));
469 if ((local_flags & O_CREAT) && !file_existed) {
471 /* Inherit the ACL if required */
472 if (lp_inherit_perms(SNUM(conn))) {
473 inherit_access_posix_acl(conn, parent_dir,
474 smb_fname->base_name,
478 /* Change the owner if required. */
479 if (lp_inherit_owner(SNUM(conn))) {
480 change_file_owner_to_parent(conn, parent_dir,
484 notify_fname(conn, NOTIFY_ACTION_ADDED,
485 FILE_NOTIFY_CHANGE_FILE_NAME,
486 smb_fname->base_name);
490 fsp->fh->fd = -1; /* What we used to call a stat open. */
492 uint32_t access_granted = 0;
494 status = smbd_check_open_rights(conn,
498 if (!NT_STATUS_IS_OK(status)) {
499 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
501 * On NT_STATUS_ACCESS_DENIED, access_granted
502 * contains the denied bits.
505 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
506 (access_granted & FILE_WRITE_ATTRIBUTES) &&
507 (lp_map_readonly(SNUM(conn)) ||
508 lp_map_archive(SNUM(conn)) ||
509 lp_map_hidden(SNUM(conn)) ||
510 lp_map_system(SNUM(conn)))) {
511 access_granted &= ~FILE_WRITE_ATTRIBUTES;
513 DEBUG(10,("open_file: "
522 if ((access_mask & DELETE_ACCESS) &&
523 (access_granted & DELETE_ACCESS) &&
524 can_delete_file_in_directory(conn,
526 /* Were we trying to do a stat open
527 * for delete and didn't get DELETE
528 * access (only) ? Check if the
529 * directory allows DELETE_CHILD.
531 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
534 access_granted &= ~DELETE_ACCESS;
536 DEBUG(10,("open_file: "
544 if (access_granted != 0) {
545 DEBUG(10,("open_file: Access "
552 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
554 S_ISLNK(smb_fname->st.st_ex_mode)) {
555 /* This is a POSIX stat open for delete
556 * or rename on a symlink that points
558 DEBUG(10,("open_file: allowing POSIX "
559 "open on bad symlink %s\n",
563 DEBUG(10,("open_file: "
564 "smbd_check_open_rights on file "
566 smb_fname_str_dbg(smb_fname),
567 nt_errstr(status) ));
577 if (fsp->fh->fd == -1) {
578 ret = SMB_VFS_STAT(conn, smb_fname);
580 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
581 /* If we have an fd, this stat should succeed. */
583 DEBUG(0,("Error doing fstat on open file %s "
585 smb_fname_str_dbg(smb_fname),
590 /* For a non-io open, this stat failing means file not found. JRA */
592 status = map_nt_error_from_unix(errno);
599 * POSIX allows read-only opens of directories. We don't
600 * want to do this (we use a different code path for this)
601 * so catch a directory open and return an EISDIR. JRA.
604 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
607 return NT_STATUS_FILE_IS_A_DIRECTORY;
610 fsp->mode = smb_fname->st.st_ex_mode;
611 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
612 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
613 fsp->file_pid = req ? req->smbpid : 0;
614 fsp->can_lock = True;
615 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
616 if (!CAN_WRITE(conn)) {
617 fsp->can_write = False;
619 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
622 fsp->print_file = NULL;
623 fsp->modified = False;
624 fsp->sent_oplock_break = NO_BREAK_SENT;
625 fsp->is_directory = False;
626 if (conn->aio_write_behind_list &&
627 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
628 conn->case_sensitive)) {
629 fsp->aio_write_behind = True;
632 fsp->wcp = NULL; /* Write cache pointer. */
634 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
635 conn->server_info->unix_name,
636 smb_fname_str_dbg(smb_fname),
637 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
638 conn->num_files_open));
644 /*******************************************************************
645 Return True if the filename is one of the special executable types.
646 ********************************************************************/
648 bool is_executable(const char *fname)
650 if ((fname = strrchr_m(fname,'.'))) {
651 if (strequal(fname,".com") ||
652 strequal(fname,".dll") ||
653 strequal(fname,".exe") ||
654 strequal(fname,".sym")) {
661 /****************************************************************************
662 Check if we can open a file with a share mode.
663 Returns True if conflict, False if not.
664 ****************************************************************************/
666 static bool share_conflict(struct share_mode_entry *entry,
670 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
671 "entry->share_access = 0x%x, "
672 "entry->private_options = 0x%x\n",
673 (unsigned int)entry->access_mask,
674 (unsigned int)entry->share_access,
675 (unsigned int)entry->private_options));
677 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
678 (unsigned int)access_mask, (unsigned int)share_access));
680 if ((entry->access_mask & (FILE_WRITE_DATA|
684 DELETE_ACCESS)) == 0) {
685 DEBUG(10,("share_conflict: No conflict due to "
686 "entry->access_mask = 0x%x\n",
687 (unsigned int)entry->access_mask ));
691 if ((access_mask & (FILE_WRITE_DATA|
695 DELETE_ACCESS)) == 0) {
696 DEBUG(10,("share_conflict: No conflict due to "
697 "access_mask = 0x%x\n",
698 (unsigned int)access_mask ));
702 #if 1 /* JRA TEST - Superdebug. */
703 #define CHECK_MASK(num, am, right, sa, share) \
704 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
705 (unsigned int)(num), (unsigned int)(am), \
706 (unsigned int)(right), (unsigned int)(am)&(right) )); \
707 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
708 (unsigned int)(num), (unsigned int)(sa), \
709 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
710 if (((am) & (right)) && !((sa) & (share))) { \
711 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
712 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
713 (unsigned int)(share) )); \
717 #define CHECK_MASK(num, am, right, sa, share) \
718 if (((am) & (right)) && !((sa) & (share))) { \
719 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
720 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
721 (unsigned int)(share) )); \
726 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
727 share_access, FILE_SHARE_WRITE);
728 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
729 entry->share_access, FILE_SHARE_WRITE);
731 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
732 share_access, FILE_SHARE_READ);
733 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
734 entry->share_access, FILE_SHARE_READ);
736 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
737 share_access, FILE_SHARE_DELETE);
738 CHECK_MASK(6, access_mask, DELETE_ACCESS,
739 entry->share_access, FILE_SHARE_DELETE);
741 DEBUG(10,("share_conflict: No conflict.\n"));
745 #if defined(DEVELOPER)
746 static void validate_my_share_entries(struct smbd_server_connection *sconn,
748 struct share_mode_entry *share_entry)
752 if (!procid_is_me(&share_entry->pid)) {
756 if (is_deferred_open_entry(share_entry) &&
757 !open_was_deferred(share_entry->op_mid)) {
758 char *str = talloc_asprintf(talloc_tos(),
759 "Got a deferred entry without a request: "
761 share_mode_str(talloc_tos(), num, share_entry));
765 if (!is_valid_share_mode_entry(share_entry)) {
769 fsp = file_find_dif(sconn, share_entry->id,
770 share_entry->share_file_id);
772 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
773 share_mode_str(talloc_tos(), num, share_entry) ));
774 smb_panic("validate_my_share_entries: Cannot match a "
775 "share entry with an open file\n");
778 if (is_deferred_open_entry(share_entry) ||
779 is_unused_share_mode_entry(share_entry)) {
783 if ((share_entry->op_type == NO_OPLOCK) &&
784 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
785 /* Someone has already written to it, but I haven't yet
790 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
799 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
800 share_mode_str(talloc_tos(), num, share_entry) ));
801 str = talloc_asprintf(talloc_tos(),
802 "validate_my_share_entries: "
803 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
804 fsp->fsp_name->base_name,
805 (unsigned int)fsp->oplock_type,
806 (unsigned int)share_entry->op_type );
812 bool is_stat_open(uint32 access_mask)
814 return (access_mask &&
815 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
816 FILE_WRITE_ATTRIBUTES))==0) &&
817 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
818 FILE_WRITE_ATTRIBUTES)) != 0));
821 /****************************************************************************
822 Deal with share modes
823 Invarient: Share mode must be locked on entry and exit.
824 Returns -1 on error, or number of share modes on success (may be zero).
825 ****************************************************************************/
827 static NTSTATUS open_mode_check(connection_struct *conn,
828 struct share_mode_lock *lck,
831 uint32 create_options,
836 if(lck->num_share_modes == 0) {
840 *file_existed = True;
842 /* A delete on close prohibits everything */
844 if (lck->delete_on_close) {
845 return NT_STATUS_DELETE_PENDING;
848 if (is_stat_open(access_mask)) {
849 /* Stat open that doesn't trigger oplock breaks or share mode
850 * checks... ! JRA. */
855 * Check if the share modes will give us access.
858 #if defined(DEVELOPER)
859 for(i = 0; i < lck->num_share_modes; i++) {
860 validate_my_share_entries(conn->sconn, i,
861 &lck->share_modes[i]);
865 if (!lp_share_modes(SNUM(conn))) {
869 /* Now we check the share modes, after any oplock breaks. */
870 for(i = 0; i < lck->num_share_modes; i++) {
872 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
876 /* someone else has a share lock on it, check to see if we can
878 if (share_conflict(&lck->share_modes[i],
879 access_mask, share_access)) {
880 return NT_STATUS_SHARING_VIOLATION;
887 static bool is_delete_request(files_struct *fsp) {
888 return ((fsp->access_mask == DELETE_ACCESS) &&
889 (fsp->oplock_type == NO_OPLOCK));
893 * Send a break message to the oplock holder and delay the open for
897 static NTSTATUS send_break_message(files_struct *fsp,
898 struct share_mode_entry *exclusive,
903 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
905 DEBUG(10, ("Sending break request to PID %s\n",
906 procid_str_static(&exclusive->pid)));
907 exclusive->op_mid = mid;
909 /* Create the message. */
910 share_mode_entry_to_message(msg, exclusive);
912 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
913 don't want this set in the share mode struct pointed to by lck. */
915 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
916 SSVAL(msg,OP_BREAK_MSG_OP_TYPE_OFFSET,
917 exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
920 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
921 MSG_SMB_BREAK_REQUEST,
923 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
924 if (!NT_STATUS_IS_OK(status)) {
925 DEBUG(3, ("Could not send oplock break message: %s\n",
933 * 1) No files open at all or internal open: Grant whatever the client wants.
935 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
936 * request, break if the oplock around is a batch oplock. If it's another
937 * requested access type, break.
939 * 3) Only level2 around: Grant level2 and do nothing else.
942 static bool delay_for_oplocks(struct share_mode_lock *lck,
949 struct share_mode_entry *exclusive = NULL;
950 bool valid_entry = false;
951 bool have_level2 = false;
952 bool have_a_none_oplock = false;
953 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
954 lp_level2_oplocks(SNUM(fsp->conn));
956 if (oplock_request & INTERNAL_OPEN_ONLY) {
957 fsp->oplock_type = NO_OPLOCK;
960 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
964 for (i=0; i<lck->num_share_modes; i++) {
966 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
970 /* At least one entry is not an invalid or deferred entry. */
973 if (pass_number == 1) {
974 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
975 SMB_ASSERT(exclusive == NULL);
976 exclusive = &lck->share_modes[i];
979 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
980 SMB_ASSERT(exclusive == NULL);
981 exclusive = &lck->share_modes[i];
985 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
986 SMB_ASSERT(exclusive == NULL);
990 if (lck->share_modes[i].op_type == NO_OPLOCK) {
991 have_a_none_oplock = true;
995 if (exclusive != NULL) { /* Found an exclusive oplock */
996 bool delay_it = is_delete_request(fsp) ?
997 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
998 SMB_ASSERT(!have_level2);
1000 send_break_message(fsp, exclusive, mid, oplock_request);
1006 * Match what was requested (fsp->oplock_type) with
1007 * what was found in the existing share modes.
1011 /* All entries are placeholders or deferred.
1012 * Directly grant whatever the client wants. */
1013 if (fsp->oplock_type == NO_OPLOCK) {
1014 /* Store a level2 oplock, but don't tell the client */
1015 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1017 } else if (have_a_none_oplock) {
1018 fsp->oplock_type = NO_OPLOCK;
1019 } else if (have_level2) {
1020 if (fsp->oplock_type == NO_OPLOCK ||
1021 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1022 /* Store a level2 oplock, but don't tell the client */
1023 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1025 fsp->oplock_type = LEVEL_II_OPLOCK;
1028 /* This case can never happen. */
1033 * Don't grant level2 to clients that don't want them
1034 * or if we've turned them off.
1036 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1037 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1040 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1041 fsp->oplock_type, fsp_str_dbg(fsp)));
1047 bool request_timed_out(struct timeval request_time,
1048 struct timeval timeout)
1050 struct timeval now, end_time;
1052 end_time = timeval_sum(&request_time, &timeout);
1053 return (timeval_compare(&end_time, &now) < 0);
1056 /****************************************************************************
1057 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1058 ****************************************************************************/
1060 static void defer_open(struct share_mode_lock *lck,
1061 struct timeval request_time,
1062 struct timeval timeout,
1063 struct smb_request *req,
1064 struct deferred_open_record *state)
1068 /* Paranoia check */
1070 for (i=0; i<lck->num_share_modes; i++) {
1071 struct share_mode_entry *e = &lck->share_modes[i];
1073 if (!is_deferred_open_entry(e)) {
1077 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1078 DEBUG(0, ("Trying to defer an already deferred "
1079 "request: mid=%llu, exiting\n",
1080 (unsigned long long)req->mid));
1081 exit_server("attempt to defer a deferred request");
1085 /* End paranoia check */
1087 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1088 "open entry for mid %llu\n",
1089 (unsigned int)request_time.tv_sec,
1090 (unsigned int)request_time.tv_usec,
1091 (unsigned long long)req->mid));
1093 if (!push_deferred_open_message_smb(req, request_time, timeout,
1094 state->id, (char *)state, sizeof(*state))) {
1095 exit_server("push_deferred_open_message_smb failed");
1097 add_deferred_open(lck, req->mid, request_time,
1098 sconn_server_id(req->sconn), state->id);
1102 /****************************************************************************
1103 On overwrite open ensure that the attributes match.
1104 ****************************************************************************/
1106 bool open_match_attributes(connection_struct *conn,
1107 uint32 old_dos_attr,
1108 uint32 new_dos_attr,
1109 mode_t existing_unx_mode,
1110 mode_t new_unx_mode,
1111 mode_t *returned_unx_mode)
1113 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1115 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1116 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1118 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1119 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1120 *returned_unx_mode = new_unx_mode;
1122 *returned_unx_mode = (mode_t)0;
1125 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1126 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1127 "returned_unx_mode = 0%o\n",
1128 (unsigned int)old_dos_attr,
1129 (unsigned int)existing_unx_mode,
1130 (unsigned int)new_dos_attr,
1131 (unsigned int)*returned_unx_mode ));
1133 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1134 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1135 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1136 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1140 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1141 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1142 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1149 /****************************************************************************
1150 Special FCB or DOS processing in the case of a sharing violation.
1151 Try and find a duplicated file handle.
1152 ****************************************************************************/
1154 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1155 connection_struct *conn,
1156 files_struct *fsp_to_dup_into,
1157 const struct smb_filename *smb_fname,
1162 uint32 share_access,
1163 uint32 create_options)
1167 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1168 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1170 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1171 fsp = file_find_di_next(fsp)) {
1173 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1174 "vuid = %u, file_pid = %u, private_options = 0x%x "
1175 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1176 fsp->fh->fd, (unsigned int)fsp->vuid,
1177 (unsigned int)fsp->file_pid,
1178 (unsigned int)fsp->fh->private_options,
1179 (unsigned int)fsp->access_mask ));
1181 if (fsp->fh->fd != -1 &&
1182 fsp->vuid == vuid &&
1183 fsp->file_pid == file_pid &&
1184 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1185 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1186 (fsp->access_mask & FILE_WRITE_DATA) &&
1187 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1188 strequal(fsp->fsp_name->stream_name,
1189 smb_fname->stream_name)) {
1190 DEBUG(10,("fcb_or_dos_open: file match\n"));
1196 return NT_STATUS_NOT_FOUND;
1199 /* quite an insane set of semantics ... */
1200 if (is_executable(smb_fname->base_name) &&
1201 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1202 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1203 return NT_STATUS_INVALID_PARAMETER;
1206 /* We need to duplicate this fsp. */
1207 return dup_file_fsp(req, fsp, access_mask, share_access,
1208 create_options, fsp_to_dup_into);
1211 /****************************************************************************
1212 Open a file with a share mode - old openX method - map into NTCreate.
1213 ****************************************************************************/
1215 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1216 int deny_mode, int open_func,
1217 uint32 *paccess_mask,
1218 uint32 *pshare_mode,
1219 uint32 *pcreate_disposition,
1220 uint32 *pcreate_options,
1221 uint32_t *pprivate_flags)
1225 uint32 create_disposition;
1226 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1227 uint32_t private_flags = 0;
1229 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1230 "open_func = 0x%x\n",
1231 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1232 (unsigned int)open_func ));
1234 /* Create the NT compatible access_mask. */
1235 switch (GET_OPENX_MODE(deny_mode)) {
1236 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1237 case DOS_OPEN_RDONLY:
1238 access_mask = FILE_GENERIC_READ;
1240 case DOS_OPEN_WRONLY:
1241 access_mask = FILE_GENERIC_WRITE;
1245 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1248 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1249 (unsigned int)GET_OPENX_MODE(deny_mode)));
1253 /* Create the NT compatible create_disposition. */
1254 switch (open_func) {
1255 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1256 create_disposition = FILE_CREATE;
1259 case OPENX_FILE_EXISTS_OPEN:
1260 create_disposition = FILE_OPEN;
1263 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1264 create_disposition = FILE_OPEN_IF;
1267 case OPENX_FILE_EXISTS_TRUNCATE:
1268 create_disposition = FILE_OVERWRITE;
1271 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1272 create_disposition = FILE_OVERWRITE_IF;
1276 /* From samba4 - to be confirmed. */
1277 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1278 create_disposition = FILE_CREATE;
1281 DEBUG(10,("map_open_params_to_ntcreate: bad "
1282 "open_func 0x%x\n", (unsigned int)open_func));
1286 /* Create the NT compatible share modes. */
1287 switch (GET_DENY_MODE(deny_mode)) {
1289 share_mode = FILE_SHARE_NONE;
1293 share_mode = FILE_SHARE_READ;
1297 share_mode = FILE_SHARE_WRITE;
1301 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1305 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1306 if (is_executable(smb_fname->base_name)) {
1307 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1309 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1310 share_mode = FILE_SHARE_READ;
1312 share_mode = FILE_SHARE_NONE;
1318 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1319 share_mode = FILE_SHARE_NONE;
1323 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1324 (unsigned int)GET_DENY_MODE(deny_mode) ));
1328 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1329 "share_mode = 0x%x, create_disposition = 0x%x, "
1330 "create_options = 0x%x private_flags = 0x%x\n",
1331 smb_fname_str_dbg(smb_fname),
1332 (unsigned int)access_mask,
1333 (unsigned int)share_mode,
1334 (unsigned int)create_disposition,
1335 (unsigned int)create_options,
1336 (unsigned int)private_flags));
1339 *paccess_mask = access_mask;
1342 *pshare_mode = share_mode;
1344 if (pcreate_disposition) {
1345 *pcreate_disposition = create_disposition;
1347 if (pcreate_options) {
1348 *pcreate_options = create_options;
1350 if (pprivate_flags) {
1351 *pprivate_flags = private_flags;
1358 static void schedule_defer_open(struct share_mode_lock *lck,
1359 struct timeval request_time,
1360 struct smb_request *req)
1362 struct deferred_open_record state;
1364 /* This is a relative time, added to the absolute
1365 request_time value to get the absolute timeout time.
1366 Note that if this is the second or greater time we enter
1367 this codepath for this particular request mid then
1368 request_time is left as the absolute time of the *first*
1369 time this request mid was processed. This is what allows
1370 the request to eventually time out. */
1372 struct timeval timeout;
1374 /* Normally the smbd we asked should respond within
1375 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1376 * the client did, give twice the timeout as a safety
1377 * measure here in case the other smbd is stuck
1378 * somewhere else. */
1380 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1382 /* Nothing actually uses state.delayed_for_oplocks
1383 but it's handy to differentiate in debug messages
1384 between a 30 second delay due to oplock break, and
1385 a 1 second delay for share mode conflicts. */
1387 state.delayed_for_oplocks = True;
1390 if (!request_timed_out(request_time, timeout)) {
1391 defer_open(lck, request_time, timeout, req, &state);
1395 /****************************************************************************
1396 Work out what access_mask to use from what the client sent us.
1397 ****************************************************************************/
1399 static NTSTATUS calculate_access_mask(connection_struct *conn,
1400 const struct smb_filename *smb_fname,
1402 uint32_t access_mask,
1403 uint32_t *access_mask_out)
1408 * Convert GENERIC bits to specific bits.
1411 se_map_generic(&access_mask, &file_generic_mapping);
1413 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1414 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1417 struct security_descriptor *sd;
1418 uint32_t access_granted = 0;
1420 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1425 if (!NT_STATUS_IS_OK(status)) {
1426 DEBUG(10, ("calculate_access_mask: Could not get acl "
1428 smb_fname_str_dbg(smb_fname),
1429 nt_errstr(status)));
1430 return NT_STATUS_ACCESS_DENIED;
1433 status = smb1_file_se_access_check(conn,
1435 get_current_nttok(conn),
1441 if (!NT_STATUS_IS_OK(status)) {
1442 DEBUG(10, ("calculate_access_mask: Access denied on "
1443 "file %s: when calculating maximum access\n",
1444 smb_fname_str_dbg(smb_fname)));
1445 return NT_STATUS_ACCESS_DENIED;
1448 access_mask = access_granted;
1450 access_mask = FILE_GENERIC_ALL;
1454 *access_mask_out = access_mask;
1455 return NT_STATUS_OK;
1458 /****************************************************************************
1459 Remove the deferred open entry under lock.
1460 ****************************************************************************/
1462 void remove_deferred_open_entry(struct file_id id, uint64_t mid,
1463 struct server_id pid)
1465 struct share_mode_lock *lck = get_share_mode_lock(talloc_tos(), id,
1468 DEBUG(0, ("could not get share mode lock\n"));
1470 del_deferred_open_entry(lck, mid, pid);
1475 /****************************************************************************
1476 Open a file with a share mode. Passed in an already created files_struct *.
1477 ****************************************************************************/
1479 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1480 struct smb_request *req,
1481 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1482 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1483 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1484 uint32 create_options, /* options such as delete on close. */
1485 uint32 new_dos_attributes, /* attributes used for new file. */
1486 int oplock_request, /* internal Samba oplock codes. */
1487 /* Information (FILE_EXISTS etc.) */
1488 uint32_t private_flags, /* Samba specific flags. */
1492 struct smb_filename *smb_fname = fsp->fsp_name;
1495 bool file_existed = VALID_STAT(smb_fname->st);
1496 bool def_acl = False;
1497 bool posix_open = False;
1498 bool new_file_created = False;
1499 bool clear_ads = false;
1501 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1502 mode_t new_unx_mode = (mode_t)0;
1503 mode_t unx_mode = (mode_t)0;
1505 uint32 existing_dos_attributes = 0;
1506 struct timeval request_time = timeval_zero();
1507 struct share_mode_lock *lck = NULL;
1508 uint32 open_access_mask = access_mask;
1514 if (conn->printer) {
1516 * Printers are handled completely differently.
1517 * Most of the passed parameters are ignored.
1521 *pinfo = FILE_WAS_CREATED;
1524 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1525 smb_fname_str_dbg(smb_fname)));
1528 DEBUG(0,("open_file_ntcreate: printer open without "
1529 "an SMB request!\n"));
1530 return NT_STATUS_INTERNAL_ERROR;
1533 return print_spool_open(fsp, smb_fname->base_name,
1537 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1539 return NT_STATUS_NO_MEMORY;
1542 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1544 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1545 new_dos_attributes = 0;
1547 /* We add aARCH to this as this mode is only used if the file is
1549 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1550 smb_fname, parent_dir);
1553 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1554 "access_mask=0x%x share_access=0x%x "
1555 "create_disposition = 0x%x create_options=0x%x "
1556 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
1557 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1558 access_mask, share_access, create_disposition,
1559 create_options, (unsigned int)unx_mode, oplock_request,
1560 (unsigned int)private_flags));
1562 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1563 DEBUG(0, ("No smb request but not an internal only open!\n"));
1564 return NT_STATUS_INTERNAL_ERROR;
1568 * Only non-internal opens can be deferred at all
1573 if (get_deferred_open_message_state(req,
1577 struct deferred_open_record *state = (struct deferred_open_record *)ptr;
1578 /* Remember the absolute time of the original
1579 request with this mid. We'll use it later to
1580 see if this has timed out. */
1582 /* Remove the deferred open entry under lock. */
1583 remove_deferred_open_entry(
1584 state->id, req->mid,
1585 sconn_server_id(req->sconn));
1587 /* Ensure we don't reprocess this message. */
1588 remove_deferred_open_message_smb(req->mid);
1592 status = check_name(conn, smb_fname->base_name);
1593 if (!NT_STATUS_IS_OK(status)) {
1598 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1600 existing_dos_attributes = dos_mode(conn, smb_fname);
1604 /* ignore any oplock requests if oplocks are disabled */
1605 if (!lp_oplocks(SNUM(conn)) ||
1606 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1607 /* Mask off everything except the private Samba bits. */
1608 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1611 /* this is for OS/2 long file names - say we don't support them */
1612 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1613 /* OS/2 Workplace shell fix may be main code stream in a later
1615 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1617 if (use_nt_status()) {
1618 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1620 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1623 switch( create_disposition ) {
1625 * Currently we're using FILE_SUPERSEDE as the same as
1626 * FILE_OVERWRITE_IF but they really are
1627 * different. FILE_SUPERSEDE deletes an existing file
1628 * (requiring delete access) then recreates it.
1630 case FILE_SUPERSEDE:
1631 /* If file exists replace/overwrite. If file doesn't
1633 flags2 |= (O_CREAT | O_TRUNC);
1637 case FILE_OVERWRITE_IF:
1638 /* If file exists replace/overwrite. If file doesn't
1640 flags2 |= (O_CREAT | O_TRUNC);
1645 /* If file exists open. If file doesn't exist error. */
1646 if (!file_existed) {
1647 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1648 "requested for file %s and file "
1650 smb_fname_str_dbg(smb_fname)));
1652 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1656 case FILE_OVERWRITE:
1657 /* If file exists overwrite. If file doesn't exist
1659 if (!file_existed) {
1660 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1661 "requested for file %s and file "
1663 smb_fname_str_dbg(smb_fname) ));
1665 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1672 /* If file exists error. If file doesn't exist
1675 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1676 "requested for file %s and file "
1677 "already exists.\n",
1678 smb_fname_str_dbg(smb_fname)));
1679 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1684 return map_nt_error_from_unix(errno);
1686 flags2 |= (O_CREAT|O_EXCL);
1690 /* If file exists open. If file doesn't exist
1696 return NT_STATUS_INVALID_PARAMETER;
1699 /* We only care about matching attributes on file exists and
1702 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1703 (create_disposition == FILE_OVERWRITE_IF))) {
1704 if (!open_match_attributes(conn, existing_dos_attributes,
1706 smb_fname->st.st_ex_mode,
1707 unx_mode, &new_unx_mode)) {
1708 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1709 "for file %s (%x %x) (0%o, 0%o)\n",
1710 smb_fname_str_dbg(smb_fname),
1711 existing_dos_attributes,
1713 (unsigned int)smb_fname->st.st_ex_mode,
1714 (unsigned int)unx_mode ));
1716 return NT_STATUS_ACCESS_DENIED;
1720 status = calculate_access_mask(conn, smb_fname, file_existed,
1723 if (!NT_STATUS_IS_OK(status)) {
1724 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1725 "on file %s returned %s\n",
1726 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1730 open_access_mask = access_mask;
1732 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1733 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1736 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1737 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1741 * Note that we ignore the append flag as append does not
1742 * mean the same thing under DOS and Unix.
1745 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1746 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1747 /* DENY_DOS opens are always underlying read-write on the
1748 file handle, no matter what the requested access mask
1750 if ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1751 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1761 * Currently we only look at FILE_WRITE_THROUGH for create options.
1765 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1770 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1774 if (!posix_open && !CAN_WRITE(conn)) {
1776 * We should really return a permission denied error if either
1777 * O_CREAT or O_TRUNC are set, but for compatibility with
1778 * older versions of Samba we just AND them out.
1780 flags2 &= ~(O_CREAT|O_TRUNC);
1784 * Ensure we can't write on a read-only share or file.
1787 if (flags != O_RDONLY && file_existed &&
1788 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1789 DEBUG(5,("open_file_ntcreate: write access requested for "
1790 "file %s on read only %s\n",
1791 smb_fname_str_dbg(smb_fname),
1792 !CAN_WRITE(conn) ? "share" : "file" ));
1794 return NT_STATUS_ACCESS_DENIED;
1797 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1798 fsp->share_access = share_access;
1799 fsp->fh->private_options = private_flags;
1800 fsp->access_mask = open_access_mask; /* We change this to the
1801 * requested access_mask after
1802 * the open is done. */
1803 fsp->posix_open = posix_open;
1805 /* Ensure no SAMBA_PRIVATE bits can be set. */
1806 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1808 if (timeval_is_zero(&request_time)) {
1809 request_time = fsp->open_time;
1813 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1814 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1816 lck = get_share_mode_lock(talloc_tos(), id,
1818 smb_fname, &old_write_time);
1821 DEBUG(0, ("Could not get share mode lock\n"));
1822 return NT_STATUS_SHARING_VIOLATION;
1825 /* First pass - send break only on batch oplocks. */
1827 && delay_for_oplocks(lck, fsp, req->mid, 1,
1829 schedule_defer_open(lck, request_time, req);
1831 return NT_STATUS_SHARING_VIOLATION;
1834 /* Use the client requested access mask here, not the one we
1836 status = open_mode_check(conn, lck, access_mask, share_access,
1837 create_options, &file_existed);
1839 if (NT_STATUS_IS_OK(status)) {
1840 /* We might be going to allow this open. Check oplock
1842 /* Second pass - send break for both batch or
1843 * exclusive oplocks. */
1845 && delay_for_oplocks(lck, fsp, req->mid, 2,
1847 schedule_defer_open(lck, request_time, req);
1849 return NT_STATUS_SHARING_VIOLATION;
1853 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1854 /* DELETE_PENDING is not deferred for a second */
1859 if (!NT_STATUS_IS_OK(status)) {
1860 uint32 can_access_mask;
1861 bool can_access = True;
1863 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1865 /* Check if this can be done with the deny_dos and fcb
1868 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1869 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1871 DEBUG(0, ("DOS open without an SMB "
1874 return NT_STATUS_INTERNAL_ERROR;
1877 /* Use the client requested access mask here,
1878 * not the one we open with. */
1879 status = fcb_or_dos_open(req,
1890 if (NT_STATUS_IS_OK(status)) {
1893 *pinfo = FILE_WAS_OPENED;
1895 return NT_STATUS_OK;
1900 * This next line is a subtlety we need for
1901 * MS-Access. If a file open will fail due to share
1902 * permissions and also for security (access) reasons,
1903 * we need to return the access failed error, not the
1904 * share error. We can't open the file due to kernel
1905 * oplock deadlock (it's possible we failed above on
1906 * the open_mode_check()) so use a userspace check.
1909 if (flags & O_RDWR) {
1910 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1911 } else if (flags & O_WRONLY) {
1912 can_access_mask = FILE_WRITE_DATA;
1914 can_access_mask = FILE_READ_DATA;
1917 if (((can_access_mask & FILE_WRITE_DATA) &&
1918 !CAN_WRITE(conn)) ||
1919 !can_access_file_data(conn, smb_fname,
1925 * If we're returning a share violation, ensure we
1926 * cope with the braindead 1 second delay.
1929 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1930 lp_defer_sharing_violations()) {
1931 struct timeval timeout;
1932 struct deferred_open_record state;
1935 /* this is a hack to speed up torture tests
1937 timeout_usecs = lp_parm_int(SNUM(conn),
1938 "smbd","sharedelay",
1939 SHARING_VIOLATION_USEC_WAIT);
1941 /* This is a relative time, added to the absolute
1942 request_time value to get the absolute timeout time.
1943 Note that if this is the second or greater time we enter
1944 this codepath for this particular request mid then
1945 request_time is left as the absolute time of the *first*
1946 time this request mid was processed. This is what allows
1947 the request to eventually time out. */
1949 timeout = timeval_set(0, timeout_usecs);
1951 /* Nothing actually uses state.delayed_for_oplocks
1952 but it's handy to differentiate in debug messages
1953 between a 30 second delay due to oplock break, and
1954 a 1 second delay for share mode conflicts. */
1956 state.delayed_for_oplocks = False;
1960 && !request_timed_out(request_time,
1962 defer_open(lck, request_time, timeout,
1970 * We have detected a sharing violation here
1971 * so return the correct error code
1973 status = NT_STATUS_SHARING_VIOLATION;
1975 status = NT_STATUS_ACCESS_DENIED;
1981 * We exit this block with the share entry *locked*.....
1985 SMB_ASSERT(!file_existed || (lck != NULL));
1988 * Ensure we pay attention to default ACLs on directories if required.
1991 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1992 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1996 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1997 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1998 (unsigned int)flags, (unsigned int)flags2,
1999 (unsigned int)unx_mode, (unsigned int)access_mask,
2000 (unsigned int)open_access_mask));
2003 * open_file strips any O_TRUNC flags itself.
2006 fsp_open = open_file(fsp, conn, req, parent_dir,
2007 flags|flags2, unx_mode, access_mask,
2010 if (!NT_STATUS_IS_OK(fsp_open)) {
2017 if (!file_existed) {
2018 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2020 * Deal with the race condition where two smbd's detect the
2021 * file doesn't exist and do the create at the same time. One
2022 * of them will win and set a share mode, the other (ie. this
2023 * one) should check if the requested share mode for this
2024 * create is allowed.
2028 * Now the file exists and fsp is successfully opened,
2029 * fsp->dev and fsp->inode are valid and should replace the
2030 * dev=0,inode=0 from a non existent file. Spotted by
2031 * Nadav Danieli <nadavd@exanet.com>. JRA.
2036 lck = get_share_mode_lock(talloc_tos(), id,
2038 smb_fname, &old_write_time);
2041 DEBUG(0, ("open_file_ntcreate: Could not get share "
2042 "mode lock for %s\n",
2043 smb_fname_str_dbg(smb_fname)));
2045 return NT_STATUS_SHARING_VIOLATION;
2048 /* First pass - send break only on batch oplocks. */
2050 && delay_for_oplocks(lck, fsp, req->mid, 1,
2052 schedule_defer_open(lck, request_time, req);
2055 return NT_STATUS_SHARING_VIOLATION;
2058 status = open_mode_check(conn, lck, access_mask, share_access,
2059 create_options, &file_existed);
2061 if (NT_STATUS_IS_OK(status)) {
2062 /* We might be going to allow this open. Check oplock
2064 /* Second pass - send break for both batch or
2065 * exclusive oplocks. */
2067 && delay_for_oplocks(lck, fsp, req->mid, 2,
2069 schedule_defer_open(lck, request_time, req);
2072 return NT_STATUS_SHARING_VIOLATION;
2076 if (!NT_STATUS_IS_OK(status)) {
2077 struct deferred_open_record state;
2081 state.delayed_for_oplocks = False;
2084 /* Do it all over again immediately. In the second
2085 * round we will find that the file existed and handle
2086 * the DELETE_PENDING and FCB cases correctly. No need
2087 * to duplicate the code here. Essentially this is a
2088 * "goto top of this function", but don't tell
2092 defer_open(lck, request_time, timeval_zero(),
2100 * We exit this block with the share entry *locked*.....
2105 SMB_ASSERT(lck != NULL);
2107 /* Delete streams if create_disposition requires it */
2108 if (file_existed && clear_ads &&
2109 !is_ntfs_stream_smb_fname(smb_fname)) {
2110 status = delete_all_streams(conn, smb_fname->base_name);
2111 if (!NT_STATUS_IS_OK(status)) {
2118 /* note that we ignore failure for the following. It is
2119 basically a hack for NFS, and NFS will never set one of
2120 these only read them. Nobody but Samba can ever set a deny
2121 mode and we have already checked our more authoritative
2122 locking database for permission to set this deny mode. If
2123 the kernel refuses the operations then the kernel is wrong.
2124 note that GPFS supports it as well - jmcd */
2126 if (fsp->fh->fd != -1) {
2128 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2129 if(ret_flock == -1 ){
2134 return NT_STATUS_SHARING_VIOLATION;
2139 * At this point onwards, we can guarentee that the share entry
2140 * is locked, whether we created the file or not, and that the
2141 * deny mode is compatible with all current opens.
2145 * If requested, truncate the file.
2148 if (file_existed && (flags2&O_TRUNC)) {
2150 * We are modifing the file after open - update the stat
2153 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2154 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2155 status = map_nt_error_from_unix(errno);
2163 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2165 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2168 /* stat opens on existing files don't get oplocks. */
2169 if (is_stat_open(open_access_mask)) {
2170 fsp->oplock_type = NO_OPLOCK;
2173 if (!(flags2 & O_TRUNC)) {
2174 info = FILE_WAS_OPENED;
2176 info = FILE_WAS_OVERWRITTEN;
2179 info = FILE_WAS_CREATED;
2187 * Setup the oplock info in both the shared memory and
2191 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2192 /* Could not get the kernel oplock */
2193 fsp->oplock_type = NO_OPLOCK;
2196 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2197 new_file_created = True;
2200 set_share_mode(lck, fsp, get_current_uid(conn), 0,
2203 /* Handle strange delete on close create semantics. */
2204 if (create_options & FILE_DELETE_ON_CLOSE) {
2206 status = can_set_delete_on_close(fsp, new_dos_attributes);
2208 if (!NT_STATUS_IS_OK(status)) {
2209 /* Remember to delete the mode we just added. */
2210 del_share_mode(lck, fsp);
2215 /* Note that here we set the *inital* delete on close flag,
2216 not the regular one. The magic gets handled in close. */
2217 fsp->initial_delete_on_close = True;
2220 if (new_file_created) {
2221 /* Files should be initially set as archive */
2222 if (lp_map_archive(SNUM(conn)) ||
2223 lp_store_dos_attributes(SNUM(conn))) {
2225 if (file_set_dosmode(conn, smb_fname,
2226 new_dos_attributes | aARCH,
2227 parent_dir, true) == 0) {
2228 unx_mode = smb_fname->st.st_ex_mode;
2235 * Take care of inherited ACLs on created files - if default ACL not
2239 if (!posix_open && !file_existed && !def_acl) {
2241 int saved_errno = errno; /* We might get ENOSYS in the next
2244 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2246 errno = saved_errno; /* Ignore ENOSYS */
2249 } else if (new_unx_mode) {
2253 /* Attributes need changing. File already existed. */
2256 int saved_errno = errno; /* We might get ENOSYS in the
2258 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2260 if (ret == -1 && errno == ENOSYS) {
2261 errno = saved_errno; /* Ignore ENOSYS */
2263 DEBUG(5, ("open_file_ntcreate: reset "
2264 "attributes of file %s to 0%o\n",
2265 smb_fname_str_dbg(smb_fname),
2266 (unsigned int)new_unx_mode));
2267 ret = 0; /* Don't do the fchmod below. */
2272 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2273 DEBUG(5, ("open_file_ntcreate: failed to reset "
2274 "attributes of file %s to 0%o\n",
2275 smb_fname_str_dbg(smb_fname),
2276 (unsigned int)new_unx_mode));
2279 /* If this is a successful open, we must remove any deferred open
2282 del_deferred_open_entry(lck, req->mid,
2283 sconn_server_id(req->sconn));
2287 return NT_STATUS_OK;
2291 /****************************************************************************
2292 Open a file for for write to ensure that we can fchmod it.
2293 ****************************************************************************/
2295 NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
2296 struct smb_filename *smb_fname,
2297 files_struct **result)
2299 files_struct *fsp = NULL;
2302 if (!VALID_STAT(smb_fname->st)) {
2303 return NT_STATUS_INVALID_PARAMETER;
2306 status = file_new(req, conn, &fsp);
2307 if(!NT_STATUS_IS_OK(status)) {
2311 status = SMB_VFS_CREATE_FILE(
2314 0, /* root_dir_fid */
2315 smb_fname, /* fname */
2316 FILE_WRITE_DATA, /* access_mask */
2317 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2319 FILE_OPEN, /* create_disposition*/
2320 0, /* create_options */
2321 0, /* file_attributes */
2322 0, /* oplock_request */
2323 0, /* allocation_size */
2324 0, /* private_flags */
2331 * This is not a user visible file open.
2332 * Don't set a share mode.
2335 if (!NT_STATUS_IS_OK(status)) {
2336 file_free(req, fsp);
2341 return NT_STATUS_OK;
2344 /****************************************************************************
2345 Close the fchmod file fd - ensure no locks are lost.
2346 ****************************************************************************/
2348 NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
2350 NTSTATUS status = fd_close(fsp);
2351 file_free(req, fsp);
2355 static NTSTATUS mkdir_internal(connection_struct *conn,
2356 struct smb_filename *smb_dname,
2357 uint32 file_attributes)
2362 bool posix_open = false;
2364 if(!CAN_WRITE(conn)) {
2365 DEBUG(5,("mkdir_internal: failing create on read-only share "
2366 "%s\n", lp_servicename(SNUM(conn))));
2367 return NT_STATUS_ACCESS_DENIED;
2370 status = check_name(conn, smb_dname->base_name);
2371 if (!NT_STATUS_IS_OK(status)) {
2375 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2377 return NT_STATUS_NO_MEMORY;
2380 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2382 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2384 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2387 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2388 return map_nt_error_from_unix(errno);
2391 /* Ensure we're checking for a symlink here.... */
2392 /* We don't want to get caught by a symlink racer. */
2394 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2395 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2396 smb_fname_str_dbg(smb_dname), strerror(errno)));
2397 return map_nt_error_from_unix(errno);
2400 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2401 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2402 smb_fname_str_dbg(smb_dname)));
2403 return NT_STATUS_ACCESS_DENIED;
2406 if (lp_store_dos_attributes(SNUM(conn))) {
2408 file_set_dosmode(conn, smb_dname,
2409 file_attributes | aDIR,
2414 if (lp_inherit_perms(SNUM(conn))) {
2415 inherit_access_posix_acl(conn, parent_dir,
2416 smb_dname->base_name, mode);
2421 * Check if high bits should have been set,
2422 * then (if bits are missing): add them.
2423 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2426 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2427 (mode & ~smb_dname->st.st_ex_mode)) {
2428 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2429 (smb_dname->st.st_ex_mode |
2430 (mode & ~smb_dname->st.st_ex_mode)));
2434 /* Change the owner if required. */
2435 if (lp_inherit_owner(SNUM(conn))) {
2436 change_dir_owner_to_parent(conn, parent_dir,
2437 smb_dname->base_name,
2441 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2442 smb_dname->base_name);
2444 return NT_STATUS_OK;
2447 /****************************************************************************
2448 Open a directory from an NT SMB call.
2449 ****************************************************************************/
2451 static NTSTATUS open_directory(connection_struct *conn,
2452 struct smb_request *req,
2453 struct smb_filename *smb_dname,
2455 uint32 share_access,
2456 uint32 create_disposition,
2457 uint32 create_options,
2458 uint32 file_attributes,
2460 files_struct **result)
2462 files_struct *fsp = NULL;
2463 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2464 struct share_mode_lock *lck = NULL;
2466 struct timespec mtimespec;
2469 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2471 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2472 "share_access = 0x%x create_options = 0x%x, "
2473 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2474 smb_fname_str_dbg(smb_dname),
2475 (unsigned int)access_mask,
2476 (unsigned int)share_access,
2477 (unsigned int)create_options,
2478 (unsigned int)create_disposition,
2479 (unsigned int)file_attributes));
2481 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2482 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2483 is_ntfs_stream_smb_fname(smb_dname)) {
2484 DEBUG(2, ("open_directory: %s is a stream name!\n",
2485 smb_fname_str_dbg(smb_dname)));
2486 return NT_STATUS_NOT_A_DIRECTORY;
2489 status = calculate_access_mask(conn, smb_dname, dir_existed,
2490 access_mask, &access_mask);
2491 if (!NT_STATUS_IS_OK(status)) {
2492 DEBUG(10, ("open_directory: calculate_access_mask "
2493 "on file %s returned %s\n",
2494 smb_fname_str_dbg(smb_dname),
2495 nt_errstr(status)));
2499 /* We need to support SeSecurityPrivilege for this. */
2500 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2501 DEBUG(10, ("open_directory: open on %s "
2502 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2503 smb_fname_str_dbg(smb_dname)));
2504 return NT_STATUS_PRIVILEGE_NOT_HELD;
2507 switch( create_disposition ) {
2510 info = FILE_WAS_OPENED;
2513 * We want to follow symlinks here.
2516 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2517 return map_nt_error_from_unix(errno);
2524 /* If directory exists error. If directory doesn't
2527 status = mkdir_internal(conn, smb_dname,
2530 if (!NT_STATUS_IS_OK(status)) {
2531 DEBUG(2, ("open_directory: unable to create "
2532 "%s. Error was %s\n",
2533 smb_fname_str_dbg(smb_dname),
2534 nt_errstr(status)));
2538 info = FILE_WAS_CREATED;
2543 * If directory exists open. If directory doesn't
2547 status = mkdir_internal(conn, smb_dname,
2550 if (NT_STATUS_IS_OK(status)) {
2551 info = FILE_WAS_CREATED;
2554 if (NT_STATUS_EQUAL(status,
2555 NT_STATUS_OBJECT_NAME_COLLISION)) {
2556 info = FILE_WAS_OPENED;
2557 status = NT_STATUS_OK;
2562 case FILE_SUPERSEDE:
2563 case FILE_OVERWRITE:
2564 case FILE_OVERWRITE_IF:
2566 DEBUG(5,("open_directory: invalid create_disposition "
2567 "0x%x for directory %s\n",
2568 (unsigned int)create_disposition,
2569 smb_fname_str_dbg(smb_dname)));
2570 return NT_STATUS_INVALID_PARAMETER;
2573 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2574 DEBUG(5,("open_directory: %s is not a directory !\n",
2575 smb_fname_str_dbg(smb_dname)));
2576 return NT_STATUS_NOT_A_DIRECTORY;
2579 if (info == FILE_WAS_OPENED) {
2580 uint32_t access_granted = 0;
2581 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2584 /* Were we trying to do a directory open
2585 * for delete and didn't get DELETE
2586 * access (only) ? Check if the
2587 * directory allows DELETE_CHILD.
2589 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2592 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2593 (access_mask & DELETE_ACCESS) &&
2594 (access_granted == DELETE_ACCESS) &&
2595 can_delete_file_in_directory(conn, smb_dname))) {
2596 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2597 "on directory %s\n",
2598 smb_fname_str_dbg(smb_dname)));
2599 status = NT_STATUS_OK;
2602 if (!NT_STATUS_IS_OK(status)) {
2603 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2604 "file %s failed with %s\n",
2605 smb_fname_str_dbg(smb_dname),
2606 nt_errstr(status)));
2611 status = file_new(req, conn, &fsp);
2612 if(!NT_STATUS_IS_OK(status)) {
2617 * Setup the files_struct for it.
2620 fsp->mode = smb_dname->st.st_ex_mode;
2621 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2622 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2623 fsp->file_pid = req ? req->smbpid : 0;
2624 fsp->can_lock = False;
2625 fsp->can_read = False;
2626 fsp->can_write = False;
2628 fsp->share_access = share_access;
2629 fsp->fh->private_options = 0;
2631 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2633 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2634 fsp->print_file = NULL;
2635 fsp->modified = False;
2636 fsp->oplock_type = NO_OPLOCK;
2637 fsp->sent_oplock_break = NO_BREAK_SENT;
2638 fsp->is_directory = True;
2639 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2640 status = fsp_set_smb_fname(fsp, smb_dname);
2641 if (!NT_STATUS_IS_OK(status)) {
2645 mtimespec = smb_dname->st.st_ex_mtime;
2647 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2648 conn->connectpath, smb_dname, &mtimespec);
2651 DEBUG(0, ("open_directory: Could not get share mode lock for "
2652 "%s\n", smb_fname_str_dbg(smb_dname)));
2653 file_free(req, fsp);
2654 return NT_STATUS_SHARING_VIOLATION;
2657 status = open_mode_check(conn, lck, access_mask, share_access,
2658 create_options, &dir_existed);
2660 if (!NT_STATUS_IS_OK(status)) {
2662 file_free(req, fsp);
2666 set_share_mode(lck, fsp, get_current_uid(conn), 0, NO_OPLOCK);
2668 /* For directories the delete on close bit at open time seems
2669 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2670 if (create_options & FILE_DELETE_ON_CLOSE) {
2671 status = can_set_delete_on_close(fsp, 0);
2672 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2674 file_free(req, fsp);
2678 if (NT_STATUS_IS_OK(status)) {
2679 /* Note that here we set the *inital* delete on close flag,
2680 not the regular one. The magic gets handled in close. */
2681 fsp->initial_delete_on_close = True;
2692 return NT_STATUS_OK;
2695 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2696 struct smb_filename *smb_dname)
2701 status = SMB_VFS_CREATE_FILE(
2704 0, /* root_dir_fid */
2705 smb_dname, /* fname */
2706 FILE_READ_ATTRIBUTES, /* access_mask */
2707 FILE_SHARE_NONE, /* share_access */
2708 FILE_CREATE, /* create_disposition*/
2709 FILE_DIRECTORY_FILE, /* create_options */
2710 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2711 0, /* oplock_request */
2712 0, /* allocation_size */
2713 0, /* private_flags */
2719 if (NT_STATUS_IS_OK(status)) {
2720 close_file(req, fsp, NORMAL_CLOSE);
2726 /****************************************************************************
2727 Receive notification that one of our open files has been renamed by another
2729 ****************************************************************************/
2731 void msg_file_was_renamed(struct messaging_context *msg,
2734 struct server_id server_id,
2738 char *frm = (char *)data->data;
2740 const char *sharepath;
2741 const char *base_name;
2742 const char *stream_name;
2743 struct smb_filename *smb_fname = NULL;
2744 size_t sp_len, bn_len;
2747 if (data->data == NULL
2748 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2749 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2750 (int)data->length));
2754 /* Unpack the message. */
2755 pull_file_id_24(frm, &id);
2756 sharepath = &frm[24];
2757 sp_len = strlen(sharepath);
2758 base_name = sharepath + sp_len + 1;
2759 bn_len = strlen(base_name);
2760 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2762 /* stream_name must always be NULL if there is no stream. */
2763 if (stream_name[0] == '\0') {
2767 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2768 stream_name, NULL, &smb_fname);
2769 if (!NT_STATUS_IS_OK(status)) {
2773 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2775 sharepath, smb_fname_str_dbg(smb_fname),
2776 file_id_string_tos(&id)));
2778 for(fsp = file_find_di_first(smbd_server_conn, id); fsp;
2779 fsp = file_find_di_next(fsp)) {
2780 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2782 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2783 fsp->fnum, fsp_str_dbg(fsp),
2784 smb_fname_str_dbg(smb_fname)));
2785 status = fsp_set_smb_fname(fsp, smb_fname);
2786 if (!NT_STATUS_IS_OK(status)) {
2791 /* Now we have the complete path we can work out if this is
2792 actually within this share and adjust newname accordingly. */
2793 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2794 "not sharepath %s) "
2795 "fnum %d from %s -> %s\n",
2796 fsp->conn->connectpath,
2800 smb_fname_str_dbg(smb_fname)));
2804 TALLOC_FREE(smb_fname);
2809 * If a main file is opened for delete, all streams need to be checked for
2810 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2811 * If that works, delete them all by setting the delete on close and close.
2814 NTSTATUS open_streams_for_delete(connection_struct *conn,
2817 struct stream_struct *stream_info;
2818 files_struct **streams;
2820 unsigned int num_streams;
2821 TALLOC_CTX *frame = talloc_stackframe();
2824 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2825 &num_streams, &stream_info);
2827 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2828 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2829 DEBUG(10, ("no streams around\n"));
2831 return NT_STATUS_OK;
2834 if (!NT_STATUS_IS_OK(status)) {
2835 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2836 nt_errstr(status)));
2840 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2843 if (num_streams == 0) {
2845 return NT_STATUS_OK;
2848 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2849 if (streams == NULL) {
2850 DEBUG(0, ("talloc failed\n"));
2851 status = NT_STATUS_NO_MEMORY;
2855 for (i=0; i<num_streams; i++) {
2856 struct smb_filename *smb_fname = NULL;
2858 if (strequal(stream_info[i].name, "::$DATA")) {
2863 status = create_synthetic_smb_fname(talloc_tos(), fname,
2864 stream_info[i].name,
2866 if (!NT_STATUS_IS_OK(status)) {
2870 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2871 DEBUG(10, ("Unable to stat stream: %s\n",
2872 smb_fname_str_dbg(smb_fname)));
2875 status = SMB_VFS_CREATE_FILE(
2878 0, /* root_dir_fid */
2879 smb_fname, /* fname */
2880 DELETE_ACCESS, /* access_mask */
2881 (FILE_SHARE_READ | /* share_access */
2882 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2883 FILE_OPEN, /* create_disposition*/
2884 0, /* create_options */
2885 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2886 0, /* oplock_request */
2887 0, /* allocation_size */
2888 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
2891 &streams[i], /* result */
2894 if (!NT_STATUS_IS_OK(status)) {
2895 DEBUG(10, ("Could not open stream %s: %s\n",
2896 smb_fname_str_dbg(smb_fname),
2897 nt_errstr(status)));
2899 TALLOC_FREE(smb_fname);
2902 TALLOC_FREE(smb_fname);
2906 * don't touch the variable "status" beyond this point :-)
2909 for (i -= 1 ; i >= 0; i--) {
2910 if (streams[i] == NULL) {
2914 DEBUG(10, ("Closing stream # %d, %s\n", i,
2915 fsp_str_dbg(streams[i])));
2916 close_file(NULL, streams[i], NORMAL_CLOSE);
2925 * Wrapper around open_file_ntcreate and open_directory
2928 static NTSTATUS create_file_unixpath(connection_struct *conn,
2929 struct smb_request *req,
2930 struct smb_filename *smb_fname,
2931 uint32_t access_mask,
2932 uint32_t share_access,
2933 uint32_t create_disposition,
2934 uint32_t create_options,
2935 uint32_t file_attributes,
2936 uint32_t oplock_request,
2937 uint64_t allocation_size,
2938 uint32_t private_flags,
2939 struct security_descriptor *sd,
2940 struct ea_list *ea_list,
2942 files_struct **result,
2945 int info = FILE_WAS_OPENED;
2946 files_struct *base_fsp = NULL;
2947 files_struct *fsp = NULL;
2950 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2951 "file_attributes = 0x%x, share_access = 0x%x, "
2952 "create_disposition = 0x%x create_options = 0x%x "
2953 "oplock_request = 0x%x private_flags = 0x%x "
2954 "ea_list = 0x%p, sd = 0x%p, "
2956 (unsigned int)access_mask,
2957 (unsigned int)file_attributes,
2958 (unsigned int)share_access,
2959 (unsigned int)create_disposition,
2960 (unsigned int)create_options,
2961 (unsigned int)oplock_request,
2962 (unsigned int)private_flags,
2963 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2965 if (create_options & FILE_OPEN_BY_FILE_ID) {
2966 status = NT_STATUS_NOT_SUPPORTED;
2970 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2971 status = NT_STATUS_INVALID_PARAMETER;
2976 oplock_request |= INTERNAL_OPEN_ONLY;
2979 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2980 && (access_mask & DELETE_ACCESS)
2981 && !is_ntfs_stream_smb_fname(smb_fname)) {
2983 * We can't open a file with DELETE access if any of the
2984 * streams is open without FILE_SHARE_DELETE
2986 status = open_streams_for_delete(conn, smb_fname->base_name);
2988 if (!NT_STATUS_IS_OK(status)) {
2993 /* This is the correct thing to do (check every time) but can_delete
2994 * is expensive (it may have to read the parent directory
2995 * permissions). So for now we're not doing it unless we have a strong
2996 * hint the client is really going to delete this file. If the client
2997 * is forcing FILE_CREATE let the filesystem take care of the
3000 /* Setting FILE_SHARE_DELETE is the hint. */
3002 if (lp_acl_check_permissions(SNUM(conn))
3003 && (create_disposition != FILE_CREATE)
3004 && (share_access & FILE_SHARE_DELETE)
3005 && (access_mask & DELETE_ACCESS)
3006 && (!(can_delete_file_in_directory(conn, smb_fname) ||
3007 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
3008 status = NT_STATUS_ACCESS_DENIED;
3009 DEBUG(10,("create_file_unixpath: open file %s "
3010 "for delete ACCESS_DENIED\n",
3011 smb_fname_str_dbg(smb_fname)));
3016 /* We need to support SeSecurityPrivilege for this. */
3017 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3018 !user_has_privileges(current_user.nt_user_token,
3020 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3024 /* We need to support SeSecurityPrivilege for this. */
3025 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
3026 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3029 /* Don't allow a SACL set from an NTtrans create until we
3030 * support SeSecurityPrivilege. */
3031 if (!VALID_STAT(smb_fname->st) &&
3032 lp_nt_acl_support(SNUM(conn)) &&
3033 sd && (sd->sacl != NULL)) {
3034 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3039 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3040 && is_ntfs_stream_smb_fname(smb_fname)
3041 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3042 uint32 base_create_disposition;
3043 struct smb_filename *smb_fname_base = NULL;
3045 if (create_options & FILE_DIRECTORY_FILE) {
3046 status = NT_STATUS_NOT_A_DIRECTORY;
3050 switch (create_disposition) {
3052 base_create_disposition = FILE_OPEN;
3055 base_create_disposition = FILE_OPEN_IF;
3059 /* Create an smb_filename with stream_name == NULL. */
3060 status = create_synthetic_smb_fname(talloc_tos(),
3061 smb_fname->base_name,
3064 if (!NT_STATUS_IS_OK(status)) {
3068 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3069 DEBUG(10, ("Unable to stat stream: %s\n",
3070 smb_fname_str_dbg(smb_fname_base)));
3073 /* Open the base file. */
3074 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3077 | FILE_SHARE_DELETE,
3078 base_create_disposition,
3079 0, 0, 0, 0, 0, NULL, NULL,
3081 TALLOC_FREE(smb_fname_base);
3083 if (!NT_STATUS_IS_OK(status)) {
3084 DEBUG(10, ("create_file_unixpath for base %s failed: "
3085 "%s\n", smb_fname->base_name,
3086 nt_errstr(status)));
3089 /* we don't need to low level fd */
3094 * If it's a request for a directory open, deal with it separately.
3097 if (create_options & FILE_DIRECTORY_FILE) {
3099 if (create_options & FILE_NON_DIRECTORY_FILE) {
3100 status = NT_STATUS_INVALID_PARAMETER;
3104 /* Can't open a temp directory. IFS kit test. */
3105 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3106 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3107 status = NT_STATUS_INVALID_PARAMETER;
3112 * We will get a create directory here if the Win32
3113 * app specified a security descriptor in the
3114 * CreateDirectory() call.
3118 status = open_directory(
3119 conn, req, smb_fname, access_mask, share_access,
3120 create_disposition, create_options, file_attributes,
3125 * Ordinary file case.
3128 status = file_new(req, conn, &fsp);
3129 if(!NT_STATUS_IS_OK(status)) {
3133 status = fsp_set_smb_fname(fsp, smb_fname);
3134 if (!NT_STATUS_IS_OK(status)) {
3139 * We're opening the stream element of a base_fsp
3140 * we already opened. Set up the base_fsp pointer.
3143 fsp->base_fsp = base_fsp;
3146 status = open_file_ntcreate(conn,
3158 if(!NT_STATUS_IS_OK(status)) {
3159 file_free(req, fsp);
3163 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3165 /* A stream open never opens a directory */
3168 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3173 * Fail the open if it was explicitly a non-directory
3177 if (create_options & FILE_NON_DIRECTORY_FILE) {
3178 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3183 status = open_directory(
3184 conn, req, smb_fname, access_mask,
3185 share_access, create_disposition,
3186 create_options, file_attributes,
3191 if (!NT_STATUS_IS_OK(status)) {
3195 fsp->base_fsp = base_fsp;
3198 * According to the MS documentation, the only time the security
3199 * descriptor is applied to the opened file is iff we *created* the
3200 * file; an existing file stays the same.
3202 * Also, it seems (from observation) that you can open the file with
3203 * any access mask but you can still write the sd. We need to override
3204 * the granted access before we call set_sd
3205 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3208 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3209 && lp_nt_acl_support(SNUM(conn))) {
3211 uint32_t sec_info_sent;
3212 uint32_t saved_access_mask = fsp->access_mask;
3214 sec_info_sent = get_sec_info(sd);
3216 fsp->access_mask = FILE_GENERIC_ALL;
3218 /* Convert all the generic bits. */
3219 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3220 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3222 if (sec_info_sent & (SECINFO_OWNER|
3226 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3229 fsp->access_mask = saved_access_mask;
3231 if (!NT_STATUS_IS_OK(status)) {
3236 if ((ea_list != NULL) &&
3237 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3238 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3239 if (!NT_STATUS_IS_OK(status)) {
3244 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3245 status = NT_STATUS_ACCESS_DENIED;
3249 /* Save the requested allocation size. */
3250 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3252 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3253 fsp->initial_allocation_size = smb_roundup(
3254 fsp->conn, allocation_size);
3255 if (fsp->is_directory) {
3256 /* Can't set allocation size on a directory. */
3257 status = NT_STATUS_ACCESS_DENIED;
3260 if (vfs_allocate_file_space(
3261 fsp, fsp->initial_allocation_size) == -1) {
3262 status = NT_STATUS_DISK_FULL;
3266 fsp->initial_allocation_size = smb_roundup(
3267 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3271 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3274 if (pinfo != NULL) {
3278 smb_fname->st = fsp->fsp_name->st;
3280 return NT_STATUS_OK;
3283 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3286 if (base_fsp && fsp->base_fsp == base_fsp) {
3288 * The close_file below will close
3293 close_file(req, fsp, ERROR_CLOSE);
3296 if (base_fsp != NULL) {
3297 close_file(req, base_fsp, ERROR_CLOSE);
3304 * Calculate the full path name given a relative fid.
3306 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3307 struct smb_request *req,
3308 uint16_t root_dir_fid,
3309 struct smb_filename *smb_fname)
3311 files_struct *dir_fsp;
3312 char *parent_fname = NULL;
3313 char *new_base_name = NULL;
3316 if (root_dir_fid == 0 || !smb_fname) {
3317 status = NT_STATUS_INTERNAL_ERROR;
3321 dir_fsp = file_fsp(req, root_dir_fid);
3323 if (dir_fsp == NULL) {
3324 status = NT_STATUS_INVALID_HANDLE;
3328 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3329 status = NT_STATUS_INVALID_HANDLE;
3333 if (!dir_fsp->is_directory) {
3336 * Check to see if this is a mac fork of some kind.
3339 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3340 is_ntfs_stream_smb_fname(smb_fname)) {
3341 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3346 we need to handle the case when we get a
3347 relative open relative to a file and the
3348 pathname is blank - this is a reopen!
3349 (hint from demyn plantenberg)
3352 status = NT_STATUS_INVALID_HANDLE;
3356 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3358 * We're at the toplevel dir, the final file name
3359 * must not contain ./, as this is filtered out
3360 * normally by srvstr_get_path and unix_convert
3361 * explicitly rejects paths containing ./.
3363 parent_fname = talloc_strdup(talloc_tos(), "");
3364 if (parent_fname == NULL) {
3365 status = NT_STATUS_NO_MEMORY;
3369 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3372 * Copy in the base directory name.
3375 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3377 if (parent_fname == NULL) {
3378 status = NT_STATUS_NO_MEMORY;
3381 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3385 * Ensure it ends in a '/'.
3386 * We used TALLOC_SIZE +2 to add space for the '/'.
3390 && (parent_fname[dir_name_len-1] != '\\')
3391 && (parent_fname[dir_name_len-1] != '/')) {
3392 parent_fname[dir_name_len] = '/';
3393 parent_fname[dir_name_len+1] = '\0';
3397 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3398 smb_fname->base_name);
3399 if (new_base_name == NULL) {
3400 status = NT_STATUS_NO_MEMORY;
3404 TALLOC_FREE(smb_fname->base_name);
3405 smb_fname->base_name = new_base_name;
3406 status = NT_STATUS_OK;
3409 TALLOC_FREE(parent_fname);
3413 NTSTATUS create_file_default(connection_struct *conn,
3414 struct smb_request *req,
3415 uint16_t root_dir_fid,
3416 struct smb_filename *smb_fname,
3417 uint32_t access_mask,
3418 uint32_t share_access,
3419 uint32_t create_disposition,
3420 uint32_t create_options,
3421 uint32_t file_attributes,
3422 uint32_t oplock_request,
3423 uint64_t allocation_size,
3424 uint32_t private_flags,
3425 struct security_descriptor *sd,
3426 struct ea_list *ea_list,
3427 files_struct **result,
3430 int info = FILE_WAS_OPENED;
3431 files_struct *fsp = NULL;
3433 bool stream_name = false;
3435 DEBUG(10,("create_file: access_mask = 0x%x "
3436 "file_attributes = 0x%x, share_access = 0x%x, "
3437 "create_disposition = 0x%x create_options = 0x%x "
3438 "oplock_request = 0x%x "
3439 "private_flags = 0x%x "
3440 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3442 (unsigned int)access_mask,
3443 (unsigned int)file_attributes,
3444 (unsigned int)share_access,
3445 (unsigned int)create_disposition,
3446 (unsigned int)create_options,
3447 (unsigned int)oplock_request,
3448 (unsigned int)private_flags,
3449 (unsigned int)root_dir_fid,
3450 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3453 * Calculate the filename from the root_dir_if if necessary.
3456 if (root_dir_fid != 0) {
3457 status = get_relative_fid_filename(conn, req, root_dir_fid,
3459 if (!NT_STATUS_IS_OK(status)) {
3465 * Check to see if this is a mac fork of some kind.
3468 stream_name = is_ntfs_stream_smb_fname(smb_fname);
3470 enum FAKE_FILE_TYPE fake_file_type;
3472 fake_file_type = is_fake_file(smb_fname);
3474 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3477 * Here we go! support for changing the disk quotas
3480 * We need to fake up to open this MAGIC QUOTA file
3481 * and return a valid FID.
3483 * w2k close this file directly after openening xp
3484 * also tries a QUERY_FILE_INFO on the file and then
3487 status = open_fake_file(req, conn, req->vuid,
3488 fake_file_type, smb_fname,
3490 if (!NT_STATUS_IS_OK(status)) {
3494 ZERO_STRUCT(smb_fname->st);
3498 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3499 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3504 /* All file access must go through check_name() */
3506 status = check_name(conn, smb_fname->base_name);
3507 if (!NT_STATUS_IS_OK(status)) {
3511 if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
3513 smb_fname->stream_name = NULL;
3514 /* We have to handle this error here. */
3515 if (create_options & FILE_DIRECTORY_FILE) {
3516 status = NT_STATUS_NOT_A_DIRECTORY;
3519 if (lp_posix_pathnames()) {
3520 ret = SMB_VFS_LSTAT(conn, smb_fname);
3522 ret = SMB_VFS_STAT(conn, smb_fname);
3525 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
3526 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3531 status = create_file_unixpath(
3532 conn, req, smb_fname, access_mask, share_access,
3533 create_disposition, create_options, file_attributes,
3534 oplock_request, allocation_size, private_flags,
3538 if (!NT_STATUS_IS_OK(status)) {
3543 DEBUG(10, ("create_file: info=%d\n", info));
3546 if (pinfo != NULL) {
3549 return NT_STATUS_OK;
3552 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3555 close_file(req, fsp, ERROR_CLOSE);