2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "smbd/globals.h"
25 extern const struct generic_mapping file_generic_mapping;
27 struct deferred_open_record {
28 bool delayed_for_oplocks;
32 static NTSTATUS create_file_unixpath(connection_struct *conn,
33 struct smb_request *req,
34 struct smb_filename *smb_fname,
36 uint32_t share_access,
37 uint32_t create_disposition,
38 uint32_t create_options,
39 uint32_t file_attributes,
40 uint32_t oplock_request,
41 uint64_t allocation_size,
42 struct security_descriptor *sd,
43 struct ea_list *ea_list,
45 files_struct **result,
48 /****************************************************************************
49 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
50 ****************************************************************************/
52 NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
53 const NT_USER_TOKEN *token,
54 uint32_t access_desired,
55 uint32_t *access_granted)
57 return se_access_check(sd,
59 (access_desired & ~FILE_READ_ATTRIBUTES),
63 /****************************************************************************
64 Check if we have open rights.
65 ****************************************************************************/
67 static NTSTATUS check_open_rights(struct connection_struct *conn,
68 const struct smb_filename *smb_fname,
70 uint32_t *access_granted)
72 /* Check if we have rights to open. */
74 struct security_descriptor *sd;
78 if (conn->server_info->utok.uid == 0 || conn->admin_user) {
79 /* I'm sorry sir, I didn't know you were root... */
80 *access_granted = access_mask;
81 if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
82 *access_granted |= FILE_GENERIC_ALL;
87 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
88 (OWNER_SECURITY_INFORMATION |
89 GROUP_SECURITY_INFORMATION |
90 DACL_SECURITY_INFORMATION),&sd);
92 if (!NT_STATUS_IS_OK(status)) {
93 DEBUG(10, ("check_open_rights: Could not get acl "
95 smb_fname_str_dbg(smb_fname),
101 status = smb1_file_se_access_check(sd,
102 conn->server_info->ptok,
108 DEBUG(10,("check_open_rights: file %s requesting "
109 "0x%x returning 0x%x (%s)\n",
110 smb_fname_str_dbg(smb_fname),
111 (unsigned int)access_mask,
112 (unsigned int)*access_granted,
113 nt_errstr(status) ));
118 /****************************************************************************
119 fd support routines - attempt to do a dos_open.
120 ****************************************************************************/
122 static NTSTATUS fd_open(struct connection_struct *conn,
123 struct smb_filename *smb_fname,
128 NTSTATUS status = NT_STATUS_OK;
132 * Never follow symlinks on a POSIX client. The
133 * client should be doing this.
136 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
141 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
142 if (fsp->fh->fd == -1) {
143 status = map_nt_error_from_unix(errno);
144 if (errno == EMFILE) {
145 static time_t last_warned = 0L;
147 if (time((time_t *) NULL) > last_warned) {
148 DEBUG(0,("Too many open files, unable "
149 "to open more! smbd's max "
151 lp_max_open_files()));
152 last_warned = time((time_t *) NULL);
158 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
159 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
160 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
165 /****************************************************************************
166 Close the file associated with a fsp.
167 ****************************************************************************/
169 NTSTATUS fd_close(files_struct *fsp)
173 if (fsp->fh->fd == -1) {
174 return NT_STATUS_OK; /* What we used to call a stat open. */
176 if (fsp->fh->ref_count > 1) {
177 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
180 ret = SMB_VFS_CLOSE(fsp);
183 return map_nt_error_from_unix(errno);
188 /****************************************************************************
189 Change the ownership of a file to that of the parent directory.
190 Do this by fd if possible.
191 ****************************************************************************/
193 void change_file_owner_to_parent(connection_struct *conn,
194 const char *inherit_from_dir,
197 struct smb_filename *smb_fname_parent = NULL;
201 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
202 NULL, NULL, &smb_fname_parent);
203 if (!NT_STATUS_IS_OK(status)) {
207 ret = SMB_VFS_STAT(conn, smb_fname_parent);
209 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
210 "directory %s. Error was %s\n",
211 smb_fname_str_dbg(smb_fname_parent),
217 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
220 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
221 "file %s to parent directory uid %u. Error "
222 "was %s\n", fsp_str_dbg(fsp),
223 (unsigned int)smb_fname_parent->st.st_ex_uid,
227 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
228 "parent directory uid %u.\n", fsp_str_dbg(fsp),
229 (unsigned int)smb_fname_parent->st.st_ex_uid));
231 TALLOC_FREE(smb_fname_parent);
234 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
235 const char *inherit_from_dir,
237 SMB_STRUCT_STAT *psbuf)
239 struct smb_filename *smb_fname_parent = NULL;
240 struct smb_filename *smb_fname_cwd = NULL;
241 char *saved_dir = NULL;
242 TALLOC_CTX *ctx = talloc_tos();
243 NTSTATUS status = NT_STATUS_OK;
246 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
248 if (!NT_STATUS_IS_OK(status)) {
252 ret = SMB_VFS_STAT(conn, smb_fname_parent);
254 status = map_nt_error_from_unix(errno);
255 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
256 "directory %s. Error was %s\n",
257 smb_fname_str_dbg(smb_fname_parent),
262 /* We've already done an lstat into psbuf, and we know it's a
263 directory. If we can cd into the directory and the dev/ino
264 are the same then we can safely chown without races as
265 we're locking the directory in place by being in it. This
266 should work on any UNIX (thanks tridge :-). JRA.
269 saved_dir = vfs_GetWd(ctx,conn);
271 status = map_nt_error_from_unix(errno);
272 DEBUG(0,("change_dir_owner_to_parent: failed to get "
273 "current working directory. Error was %s\n",
278 /* Chdir into the new path. */
279 if (vfs_ChDir(conn, fname) == -1) {
280 status = map_nt_error_from_unix(errno);
281 DEBUG(0,("change_dir_owner_to_parent: failed to change "
282 "current working directory to %s. Error "
283 "was %s\n", fname, strerror(errno) ));
287 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
289 if (!NT_STATUS_IS_OK(status)) {
293 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
295 status = map_nt_error_from_unix(errno);
296 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
297 "directory '.' (%s) Error was %s\n",
298 fname, strerror(errno)));
302 /* Ensure we're pointing at the same place. */
303 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
304 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
305 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
306 DEBUG(0,("change_dir_owner_to_parent: "
307 "device/inode/mode on directory %s changed. "
308 "Refusing to chown !\n", fname ));
309 status = NT_STATUS_ACCESS_DENIED;
314 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
318 status = map_nt_error_from_unix(errno);
319 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
320 "directory %s to parent directory uid %u. "
321 "Error was %s\n", fname,
322 (unsigned int)smb_fname_parent->st.st_ex_uid,
327 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
328 "directory %s to parent directory uid %u.\n",
329 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
332 vfs_ChDir(conn,saved_dir);
334 TALLOC_FREE(smb_fname_parent);
335 TALLOC_FREE(smb_fname_cwd);
339 /****************************************************************************
341 ****************************************************************************/
343 static NTSTATUS open_file(files_struct *fsp,
344 connection_struct *conn,
345 struct smb_request *req,
346 const char *parent_dir,
347 struct smb_filename *smb_fname,
350 uint32 access_mask, /* client requested access mask. */
351 uint32 open_access_mask) /* what we're actually using in the open. */
353 NTSTATUS status = NT_STATUS_OK;
354 int accmode = (flags & O_ACCMODE);
355 int local_flags = flags;
356 bool file_existed = VALID_STAT(smb_fname->st);
361 /* Check permissions */
364 * This code was changed after seeing a client open request
365 * containing the open mode of (DENY_WRITE/read-only) with
366 * the 'create if not exist' bit set. The previous code
367 * would fail to open the file read only on a read-only share
368 * as it was checking the flags parameter directly against O_RDONLY,
369 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
373 if (!CAN_WRITE(conn)) {
374 /* It's a read-only share - fail if we wanted to write. */
375 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
376 DEBUG(3,("Permission denied opening %s\n",
377 smb_fname_str_dbg(smb_fname)));
378 return NT_STATUS_ACCESS_DENIED;
379 } else if(flags & O_CREAT) {
380 /* We don't want to write - but we must make sure that
381 O_CREAT doesn't create the file if we have write
382 access into the directory.
384 flags &= ~(O_CREAT|O_EXCL);
385 local_flags &= ~(O_CREAT|O_EXCL);
390 * This little piece of insanity is inspired by the
391 * fact that an NT client can open a file for O_RDONLY,
392 * but set the create disposition to FILE_EXISTS_TRUNCATE.
393 * If the client *can* write to the file, then it expects to
394 * truncate the file, even though it is opening for readonly.
395 * Quicken uses this stupid trick in backup file creation...
396 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
397 * for helping track this one down. It didn't bite us in 2.0.x
398 * as we always opened files read-write in that release. JRA.
401 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
402 DEBUG(10,("open_file: truncate requested on read-only open "
403 "for file %s\n", smb_fname_str_dbg(smb_fname)));
404 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
407 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
408 (!file_existed && (local_flags & O_CREAT)) ||
409 ((local_flags & O_TRUNC) == O_TRUNC) ) {
413 * We can't actually truncate here as the file may be locked.
414 * open_file_ntcreate will take care of the truncate later. JRA.
417 local_flags &= ~O_TRUNC;
419 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
421 * We would block on opening a FIFO with no one else on the
422 * other end. Do what we used to do and add O_NONBLOCK to the
426 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
427 local_flags |= O_NONBLOCK;
431 /* Don't create files with Microsoft wildcard characters. */
434 * wildcard characters are allowed in stream names
435 * only test the basefilename
437 wild = fsp->base_fsp->fsp_name->base_name;
439 wild = smb_fname->base_name;
441 if ((local_flags & O_CREAT) && !file_existed &&
443 return NT_STATUS_OBJECT_NAME_INVALID;
446 /* Actually do the open */
447 status = fd_open(conn, smb_fname, fsp, local_flags, unx_mode);
448 if (!NT_STATUS_IS_OK(status)) {
449 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
450 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
451 nt_errstr(status),local_flags,flags));
455 if ((local_flags & O_CREAT) && !file_existed) {
457 /* Inherit the ACL if required */
458 if (lp_inherit_perms(SNUM(conn))) {
459 inherit_access_posix_acl(conn, parent_dir,
460 smb_fname->base_name,
464 /* Change the owner if required. */
465 if (lp_inherit_owner(SNUM(conn))) {
466 change_file_owner_to_parent(conn, parent_dir,
470 notify_fname(conn, NOTIFY_ACTION_ADDED,
471 FILE_NOTIFY_CHANGE_FILE_NAME,
472 smb_fname->base_name);
476 fsp->fh->fd = -1; /* What we used to call a stat open. */
478 uint32_t access_granted = 0;
480 status = check_open_rights(conn,
484 if (!NT_STATUS_IS_OK(status)) {
485 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
487 * On NT_STATUS_ACCESS_DENIED, access_granted
488 * contains the denied bits.
491 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
492 (access_granted & FILE_WRITE_ATTRIBUTES) &&
493 (lp_map_readonly(SNUM(conn)) ||
494 lp_map_archive(SNUM(conn)) ||
495 lp_map_hidden(SNUM(conn)) ||
496 lp_map_system(SNUM(conn)))) {
497 access_granted &= ~FILE_WRITE_ATTRIBUTES;
499 DEBUG(10,("open_file: "
508 if ((access_mask & DELETE_ACCESS) &&
509 (access_granted & DELETE_ACCESS) &&
510 can_delete_file_in_directory(conn,
512 /* Were we trying to do a stat open
513 * for delete and didn't get DELETE
514 * access (only) ? Check if the
515 * directory allows DELETE_CHILD.
517 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
520 access_granted &= ~DELETE_ACCESS;
522 DEBUG(10,("open_file: "
530 if (access_granted != 0) {
531 DEBUG(10,("open_file: Access "
538 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
540 S_ISLNK(smb_fname->st.st_ex_mode)) {
541 /* This is a POSIX stat open for delete
542 * or rename on a symlink that points
544 DEBUG(10,("open_file: allowing POSIX "
545 "open on bad symlink %s\n",
549 DEBUG(10,("open_file: "
550 "check_open_rights on file "
552 smb_fname_str_dbg(smb_fname),
553 nt_errstr(status) ));
563 if (fsp->fh->fd == -1) {
564 ret = SMB_VFS_STAT(conn, smb_fname);
566 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
567 /* If we have an fd, this stat should succeed. */
569 DEBUG(0,("Error doing fstat on open file %s "
571 smb_fname_str_dbg(smb_fname),
576 /* For a non-io open, this stat failing means file not found. JRA */
578 status = map_nt_error_from_unix(errno);
585 * POSIX allows read-only opens of directories. We don't
586 * want to do this (we use a different code path for this)
587 * so catch a directory open and return an EISDIR. JRA.
590 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
593 return NT_STATUS_FILE_IS_A_DIRECTORY;
596 fsp->mode = smb_fname->st.st_ex_mode;
597 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
598 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
599 fsp->file_pid = req ? req->smbpid : 0;
600 fsp->can_lock = True;
601 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
602 if (!CAN_WRITE(conn)) {
603 fsp->can_write = False;
605 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
608 fsp->print_file = False;
609 fsp->modified = False;
610 fsp->sent_oplock_break = NO_BREAK_SENT;
611 fsp->is_directory = False;
612 if (conn->aio_write_behind_list &&
613 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
614 conn->case_sensitive)) {
615 fsp->aio_write_behind = True;
617 status = fsp_set_smb_fname(fsp, smb_fname);
618 if (!NT_STATUS_IS_OK(status)) {
620 errno = map_errno_from_nt_status(status);
624 fsp->wcp = NULL; /* Write cache pointer. */
626 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
627 conn->server_info->unix_name,
628 smb_fname_str_dbg(smb_fname),
629 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
630 conn->num_files_open));
636 /*******************************************************************
637 Return True if the filename is one of the special executable types.
638 ********************************************************************/
640 bool is_executable(const char *fname)
642 if ((fname = strrchr_m(fname,'.'))) {
643 if (strequal(fname,".com") ||
644 strequal(fname,".dll") ||
645 strequal(fname,".exe") ||
646 strequal(fname,".sym")) {
653 /****************************************************************************
654 Check if we can open a file with a share mode.
655 Returns True if conflict, False if not.
656 ****************************************************************************/
658 static bool share_conflict(struct share_mode_entry *entry,
662 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
663 "entry->share_access = 0x%x, "
664 "entry->private_options = 0x%x\n",
665 (unsigned int)entry->access_mask,
666 (unsigned int)entry->share_access,
667 (unsigned int)entry->private_options));
669 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
670 (unsigned int)access_mask, (unsigned int)share_access));
672 if ((entry->access_mask & (FILE_WRITE_DATA|
676 DELETE_ACCESS)) == 0) {
677 DEBUG(10,("share_conflict: No conflict due to "
678 "entry->access_mask = 0x%x\n",
679 (unsigned int)entry->access_mask ));
683 if ((access_mask & (FILE_WRITE_DATA|
687 DELETE_ACCESS)) == 0) {
688 DEBUG(10,("share_conflict: No conflict due to "
689 "access_mask = 0x%x\n",
690 (unsigned int)access_mask ));
694 #if 1 /* JRA TEST - Superdebug. */
695 #define CHECK_MASK(num, am, right, sa, share) \
696 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
697 (unsigned int)(num), (unsigned int)(am), \
698 (unsigned int)(right), (unsigned int)(am)&(right) )); \
699 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
700 (unsigned int)(num), (unsigned int)(sa), \
701 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
702 if (((am) & (right)) && !((sa) & (share))) { \
703 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
704 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
705 (unsigned int)(share) )); \
709 #define CHECK_MASK(num, am, right, sa, share) \
710 if (((am) & (right)) && !((sa) & (share))) { \
711 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
712 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
713 (unsigned int)(share) )); \
718 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
719 share_access, FILE_SHARE_WRITE);
720 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
721 entry->share_access, FILE_SHARE_WRITE);
723 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
724 share_access, FILE_SHARE_READ);
725 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
726 entry->share_access, FILE_SHARE_READ);
728 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
729 share_access, FILE_SHARE_DELETE);
730 CHECK_MASK(6, access_mask, DELETE_ACCESS,
731 entry->share_access, FILE_SHARE_DELETE);
733 DEBUG(10,("share_conflict: No conflict.\n"));
737 #if defined(DEVELOPER)
738 static void validate_my_share_entries(int num,
739 struct share_mode_entry *share_entry)
743 if (!procid_is_me(&share_entry->pid)) {
747 if (is_deferred_open_entry(share_entry) &&
748 !open_was_deferred(share_entry->op_mid)) {
749 char *str = talloc_asprintf(talloc_tos(),
750 "Got a deferred entry without a request: "
752 share_mode_str(talloc_tos(), num, share_entry));
756 if (!is_valid_share_mode_entry(share_entry)) {
760 fsp = file_find_dif(share_entry->id,
761 share_entry->share_file_id);
763 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
764 share_mode_str(talloc_tos(), num, share_entry) ));
765 smb_panic("validate_my_share_entries: Cannot match a "
766 "share entry with an open file\n");
769 if (is_deferred_open_entry(share_entry) ||
770 is_unused_share_mode_entry(share_entry)) {
774 if ((share_entry->op_type == NO_OPLOCK) &&
775 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
776 /* Someone has already written to it, but I haven't yet
781 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
790 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
791 share_mode_str(talloc_tos(), num, share_entry) ));
792 str = talloc_asprintf(talloc_tos(),
793 "validate_my_share_entries: "
794 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
795 fsp->fsp_name->base_name,
796 (unsigned int)fsp->oplock_type,
797 (unsigned int)share_entry->op_type );
803 bool is_stat_open(uint32 access_mask)
805 return (access_mask &&
806 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
807 FILE_WRITE_ATTRIBUTES))==0) &&
808 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
809 FILE_WRITE_ATTRIBUTES)) != 0));
812 /****************************************************************************
813 Deal with share modes
814 Invarient: Share mode must be locked on entry and exit.
815 Returns -1 on error, or number of share modes on success (may be zero).
816 ****************************************************************************/
818 static NTSTATUS open_mode_check(connection_struct *conn,
819 struct share_mode_lock *lck,
822 uint32 create_options,
827 if(lck->num_share_modes == 0) {
831 *file_existed = True;
833 /* A delete on close prohibits everything */
835 if (lck->delete_on_close) {
836 return NT_STATUS_DELETE_PENDING;
839 if (is_stat_open(access_mask)) {
840 /* Stat open that doesn't trigger oplock breaks or share mode
841 * checks... ! JRA. */
846 * Check if the share modes will give us access.
849 #if defined(DEVELOPER)
850 for(i = 0; i < lck->num_share_modes; i++) {
851 validate_my_share_entries(i, &lck->share_modes[i]);
855 if (!lp_share_modes(SNUM(conn))) {
859 /* Now we check the share modes, after any oplock breaks. */
860 for(i = 0; i < lck->num_share_modes; i++) {
862 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
866 /* someone else has a share lock on it, check to see if we can
868 if (share_conflict(&lck->share_modes[i],
869 access_mask, share_access)) {
870 return NT_STATUS_SHARING_VIOLATION;
877 static bool is_delete_request(files_struct *fsp) {
878 return ((fsp->access_mask == DELETE_ACCESS) &&
879 (fsp->oplock_type == NO_OPLOCK));
883 * Send a break message to the oplock holder and delay the open for
887 static NTSTATUS send_break_message(files_struct *fsp,
888 struct share_mode_entry *exclusive,
893 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
895 DEBUG(10, ("Sending break request to PID %s\n",
896 procid_str_static(&exclusive->pid)));
897 exclusive->op_mid = mid;
899 /* Create the message. */
900 share_mode_entry_to_message(msg, exclusive);
902 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
903 don't want this set in the share mode struct pointed to by lck. */
905 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
906 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
909 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
910 MSG_SMB_BREAK_REQUEST,
912 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
913 if (!NT_STATUS_IS_OK(status)) {
914 DEBUG(3, ("Could not send oplock break message: %s\n",
922 * 1) No files open at all or internal open: Grant whatever the client wants.
924 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
925 * request, break if the oplock around is a batch oplock. If it's another
926 * requested access type, break.
928 * 3) Only level2 around: Grant level2 and do nothing else.
931 static bool delay_for_oplocks(struct share_mode_lock *lck,
938 struct share_mode_entry *exclusive = NULL;
939 bool valid_entry = false;
940 bool have_level2 = false;
941 bool have_a_none_oplock = false;
942 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
943 lp_level2_oplocks(SNUM(fsp->conn));
945 if (oplock_request & INTERNAL_OPEN_ONLY) {
946 fsp->oplock_type = NO_OPLOCK;
949 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
953 for (i=0; i<lck->num_share_modes; i++) {
955 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
959 /* At least one entry is not an invalid or deferred entry. */
962 if (pass_number == 1) {
963 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
964 SMB_ASSERT(exclusive == NULL);
965 exclusive = &lck->share_modes[i];
968 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
969 SMB_ASSERT(exclusive == NULL);
970 exclusive = &lck->share_modes[i];
974 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
975 SMB_ASSERT(exclusive == NULL);
979 if (lck->share_modes[i].op_type == NO_OPLOCK) {
980 have_a_none_oplock = true;
984 if (exclusive != NULL) { /* Found an exclusive oplock */
985 bool delay_it = is_delete_request(fsp) ?
986 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
987 SMB_ASSERT(!have_level2);
989 send_break_message(fsp, exclusive, mid, oplock_request);
995 * Match what was requested (fsp->oplock_type) with
996 * what was found in the existing share modes.
1000 /* All entries are placeholders or deferred.
1001 * Directly grant whatever the client wants. */
1002 if (fsp->oplock_type == NO_OPLOCK) {
1003 /* Store a level2 oplock, but don't tell the client */
1004 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1006 } else if (have_a_none_oplock) {
1007 fsp->oplock_type = NO_OPLOCK;
1008 } else if (have_level2) {
1009 if (fsp->oplock_type == NO_OPLOCK ||
1010 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1011 /* Store a level2 oplock, but don't tell the client */
1012 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1014 fsp->oplock_type = LEVEL_II_OPLOCK;
1017 /* This case can never happen. */
1022 * Don't grant level2 to clients that don't want them
1023 * or if we've turned them off.
1025 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1026 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1029 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1030 fsp->oplock_type, fsp_str_dbg(fsp)));
1036 bool request_timed_out(struct timeval request_time,
1037 struct timeval timeout)
1039 struct timeval now, end_time;
1041 end_time = timeval_sum(&request_time, &timeout);
1042 return (timeval_compare(&end_time, &now) < 0);
1045 /****************************************************************************
1046 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1047 ****************************************************************************/
1049 static void defer_open(struct share_mode_lock *lck,
1050 struct timeval request_time,
1051 struct timeval timeout,
1052 struct smb_request *req,
1053 struct deferred_open_record *state)
1057 /* Paranoia check */
1059 for (i=0; i<lck->num_share_modes; i++) {
1060 struct share_mode_entry *e = &lck->share_modes[i];
1062 if (!is_deferred_open_entry(e)) {
1066 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1067 DEBUG(0, ("Trying to defer an already deferred "
1068 "request: mid=%d, exiting\n", req->mid));
1069 exit_server("attempt to defer a deferred request");
1073 /* End paranoia check */
1075 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1076 "open entry for mid %u\n",
1077 (unsigned int)request_time.tv_sec,
1078 (unsigned int)request_time.tv_usec,
1079 (unsigned int)req->mid));
1081 if (!push_deferred_smb_message(req, request_time, timeout,
1082 (char *)state, sizeof(*state))) {
1083 exit_server("push_deferred_smb_message failed");
1085 add_deferred_open(lck, req->mid, request_time, state->id);
1089 /****************************************************************************
1090 On overwrite open ensure that the attributes match.
1091 ****************************************************************************/
1093 bool open_match_attributes(connection_struct *conn,
1094 uint32 old_dos_attr,
1095 uint32 new_dos_attr,
1096 mode_t existing_unx_mode,
1097 mode_t new_unx_mode,
1098 mode_t *returned_unx_mode)
1100 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1102 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1103 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1105 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1106 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1107 *returned_unx_mode = new_unx_mode;
1109 *returned_unx_mode = (mode_t)0;
1112 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1113 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1114 "returned_unx_mode = 0%o\n",
1115 (unsigned int)old_dos_attr,
1116 (unsigned int)existing_unx_mode,
1117 (unsigned int)new_dos_attr,
1118 (unsigned int)*returned_unx_mode ));
1120 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1121 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1122 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1123 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1127 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1128 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1129 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1136 /****************************************************************************
1137 Special FCB or DOS processing in the case of a sharing violation.
1138 Try and find a duplicated file handle.
1139 ****************************************************************************/
1141 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1142 connection_struct *conn,
1143 files_struct *fsp_to_dup_into,
1144 const struct smb_filename *smb_fname,
1149 uint32 share_access,
1150 uint32 create_options)
1154 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1155 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1157 for(fsp = file_find_di_first(id); fsp;
1158 fsp = file_find_di_next(fsp)) {
1160 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1161 "vuid = %u, file_pid = %u, private_options = 0x%x "
1162 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1163 fsp->fh->fd, (unsigned int)fsp->vuid,
1164 (unsigned int)fsp->file_pid,
1165 (unsigned int)fsp->fh->private_options,
1166 (unsigned int)fsp->access_mask ));
1168 if (fsp->fh->fd != -1 &&
1169 fsp->vuid == vuid &&
1170 fsp->file_pid == file_pid &&
1171 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1172 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1173 (fsp->access_mask & FILE_WRITE_DATA) &&
1174 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1175 strequal(fsp->fsp_name->stream_name,
1176 smb_fname->stream_name)) {
1177 DEBUG(10,("fcb_or_dos_open: file match\n"));
1183 return NT_STATUS_NOT_FOUND;
1186 /* quite an insane set of semantics ... */
1187 if (is_executable(smb_fname->base_name) &&
1188 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1189 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1190 return NT_STATUS_INVALID_PARAMETER;
1193 /* We need to duplicate this fsp. */
1194 return dup_file_fsp(req, fsp, access_mask, share_access,
1195 create_options, fsp_to_dup_into);
1198 /****************************************************************************
1199 Open a file with a share mode - old openX method - map into NTCreate.
1200 ****************************************************************************/
1202 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
1203 uint32 *paccess_mask,
1204 uint32 *pshare_mode,
1205 uint32 *pcreate_disposition,
1206 uint32 *pcreate_options)
1210 uint32 create_disposition;
1211 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1213 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1214 "open_func = 0x%x\n",
1215 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1217 /* Create the NT compatible access_mask. */
1218 switch (GET_OPENX_MODE(deny_mode)) {
1219 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1220 case DOS_OPEN_RDONLY:
1221 access_mask = FILE_GENERIC_READ;
1223 case DOS_OPEN_WRONLY:
1224 access_mask = FILE_GENERIC_WRITE;
1228 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1231 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1232 (unsigned int)GET_OPENX_MODE(deny_mode)));
1236 /* Create the NT compatible create_disposition. */
1237 switch (open_func) {
1238 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1239 create_disposition = FILE_CREATE;
1242 case OPENX_FILE_EXISTS_OPEN:
1243 create_disposition = FILE_OPEN;
1246 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1247 create_disposition = FILE_OPEN_IF;
1250 case OPENX_FILE_EXISTS_TRUNCATE:
1251 create_disposition = FILE_OVERWRITE;
1254 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1255 create_disposition = FILE_OVERWRITE_IF;
1259 /* From samba4 - to be confirmed. */
1260 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1261 create_disposition = FILE_CREATE;
1264 DEBUG(10,("map_open_params_to_ntcreate: bad "
1265 "open_func 0x%x\n", (unsigned int)open_func));
1269 /* Create the NT compatible share modes. */
1270 switch (GET_DENY_MODE(deny_mode)) {
1272 share_mode = FILE_SHARE_NONE;
1276 share_mode = FILE_SHARE_READ;
1280 share_mode = FILE_SHARE_WRITE;
1284 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1288 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1289 if (is_executable(fname)) {
1290 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1292 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1293 share_mode = FILE_SHARE_READ;
1295 share_mode = FILE_SHARE_NONE;
1301 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1302 share_mode = FILE_SHARE_NONE;
1306 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1307 (unsigned int)GET_DENY_MODE(deny_mode) ));
1311 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1312 "share_mode = 0x%x, create_disposition = 0x%x, "
1313 "create_options = 0x%x\n",
1315 (unsigned int)access_mask,
1316 (unsigned int)share_mode,
1317 (unsigned int)create_disposition,
1318 (unsigned int)create_options ));
1321 *paccess_mask = access_mask;
1324 *pshare_mode = share_mode;
1326 if (pcreate_disposition) {
1327 *pcreate_disposition = create_disposition;
1329 if (pcreate_options) {
1330 *pcreate_options = create_options;
1337 static void schedule_defer_open(struct share_mode_lock *lck,
1338 struct timeval request_time,
1339 struct smb_request *req)
1341 struct deferred_open_record state;
1343 /* This is a relative time, added to the absolute
1344 request_time value to get the absolute timeout time.
1345 Note that if this is the second or greater time we enter
1346 this codepath for this particular request mid then
1347 request_time is left as the absolute time of the *first*
1348 time this request mid was processed. This is what allows
1349 the request to eventually time out. */
1351 struct timeval timeout;
1353 /* Normally the smbd we asked should respond within
1354 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1355 * the client did, give twice the timeout as a safety
1356 * measure here in case the other smbd is stuck
1357 * somewhere else. */
1359 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1361 /* Nothing actually uses state.delayed_for_oplocks
1362 but it's handy to differentiate in debug messages
1363 between a 30 second delay due to oplock break, and
1364 a 1 second delay for share mode conflicts. */
1366 state.delayed_for_oplocks = True;
1369 if (!request_timed_out(request_time, timeout)) {
1370 defer_open(lck, request_time, timeout, req, &state);
1374 /****************************************************************************
1375 Work out what access_mask to use from what the client sent us.
1376 ****************************************************************************/
1378 static NTSTATUS calculate_access_mask(connection_struct *conn,
1379 const struct smb_filename *smb_fname,
1381 uint32_t access_mask,
1382 uint32_t *access_mask_out)
1387 * Convert GENERIC bits to specific bits.
1390 se_map_generic(&access_mask, &file_generic_mapping);
1392 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1393 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1396 struct security_descriptor *sd;
1397 uint32_t access_granted = 0;
1399 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1400 (OWNER_SECURITY_INFORMATION |
1401 GROUP_SECURITY_INFORMATION |
1402 DACL_SECURITY_INFORMATION),&sd);
1404 if (!NT_STATUS_IS_OK(status)) {
1405 DEBUG(10, ("calculate_access_mask: Could not get acl "
1407 smb_fname_str_dbg(smb_fname),
1408 nt_errstr(status)));
1409 return NT_STATUS_ACCESS_DENIED;
1412 status = smb1_file_se_access_check(sd,
1413 conn->server_info->ptok,
1419 if (!NT_STATUS_IS_OK(status)) {
1420 DEBUG(10, ("calculate_access_mask: Access denied on "
1421 "file %s: when calculating maximum access\n",
1422 smb_fname_str_dbg(smb_fname)));
1423 return NT_STATUS_ACCESS_DENIED;
1426 access_mask = access_granted;
1428 access_mask = FILE_GENERIC_ALL;
1432 *access_mask_out = access_mask;
1433 return NT_STATUS_OK;
1436 /****************************************************************************
1437 Open a file with a share mode. Passed in an already created files_struct *.
1438 ****************************************************************************/
1440 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1441 struct smb_request *req,
1442 struct smb_filename *smb_fname,
1443 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1444 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1445 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1446 uint32 create_options, /* options such as delete on close. */
1447 uint32 new_dos_attributes, /* attributes used for new file. */
1448 int oplock_request, /* internal Samba oplock codes. */
1449 /* Information (FILE_EXISTS etc.) */
1455 bool file_existed = VALID_STAT(smb_fname->st);
1456 bool def_acl = False;
1457 bool posix_open = False;
1458 bool new_file_created = False;
1459 bool clear_ads = false;
1461 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1462 mode_t new_unx_mode = (mode_t)0;
1463 mode_t unx_mode = (mode_t)0;
1465 uint32 existing_dos_attributes = 0;
1466 struct pending_message_list *pml = NULL;
1467 struct timeval request_time = timeval_zero();
1468 struct share_mode_lock *lck = NULL;
1469 uint32 open_access_mask = access_mask;
1476 if (conn->printer) {
1478 * Printers are handled completely differently.
1479 * Most of the passed parameters are ignored.
1483 *pinfo = FILE_WAS_CREATED;
1486 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1487 smb_fname_str_dbg(smb_fname)));
1490 DEBUG(0,("open_file_ntcreate: printer open without "
1491 "an SMB request!\n"));
1492 return NT_STATUS_INTERNAL_ERROR;
1495 return print_fsp_open(req, conn, smb_fname->base_name,
1496 req->vuid, fsp, &smb_fname->st);
1499 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1501 return NT_STATUS_NO_MEMORY;
1504 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1506 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1507 new_dos_attributes = 0;
1509 /* We add aARCH to this as this mode is only used if the file is
1511 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1512 smb_fname, parent_dir);
1515 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1516 "access_mask=0x%x share_access=0x%x "
1517 "create_disposition = 0x%x create_options=0x%x "
1518 "unix mode=0%o oplock_request=%d\n",
1519 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1520 access_mask, share_access, create_disposition,
1521 create_options, (unsigned int)unx_mode, oplock_request));
1523 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1524 DEBUG(0, ("No smb request but not an internal only open!\n"));
1525 return NT_STATUS_INTERNAL_ERROR;
1529 * Only non-internal opens can be deferred at all
1533 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1534 struct deferred_open_record *state =
1535 (struct deferred_open_record *)pml->private_data.data;
1537 /* Remember the absolute time of the original
1538 request with this mid. We'll use it later to
1539 see if this has timed out. */
1541 request_time = pml->request_time;
1543 /* Remove the deferred open entry under lock. */
1544 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1547 DEBUG(0, ("could not get share mode lock\n"));
1549 del_deferred_open_entry(lck, req->mid);
1553 /* Ensure we don't reprocess this message. */
1554 remove_deferred_open_smb_message(req->mid);
1557 status = check_name(conn, smb_fname->base_name);
1558 if (!NT_STATUS_IS_OK(status)) {
1563 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1565 existing_dos_attributes = dos_mode(conn, smb_fname);
1569 /* ignore any oplock requests if oplocks are disabled */
1570 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1571 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1572 /* Mask off everything except the private Samba bits. */
1573 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1576 /* this is for OS/2 long file names - say we don't support them */
1577 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1578 /* OS/2 Workplace shell fix may be main code stream in a later
1580 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1582 if (use_nt_status()) {
1583 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1585 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1588 switch( create_disposition ) {
1590 * Currently we're using FILE_SUPERSEDE as the same as
1591 * FILE_OVERWRITE_IF but they really are
1592 * different. FILE_SUPERSEDE deletes an existing file
1593 * (requiring delete access) then recreates it.
1595 case FILE_SUPERSEDE:
1596 /* If file exists replace/overwrite. If file doesn't
1598 flags2 |= (O_CREAT | O_TRUNC);
1602 case FILE_OVERWRITE_IF:
1603 /* If file exists replace/overwrite. If file doesn't
1605 flags2 |= (O_CREAT | O_TRUNC);
1610 /* If file exists open. If file doesn't exist error. */
1611 if (!file_existed) {
1612 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1613 "requested for file %s and file "
1615 smb_fname_str_dbg(smb_fname)));
1617 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1621 case FILE_OVERWRITE:
1622 /* If file exists overwrite. If file doesn't exist
1624 if (!file_existed) {
1625 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1626 "requested for file %s and file "
1628 smb_fname_str_dbg(smb_fname) ));
1630 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1637 /* If file exists error. If file doesn't exist
1640 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1641 "requested for file %s and file "
1642 "already exists.\n",
1643 smb_fname_str_dbg(smb_fname)));
1644 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1649 return map_nt_error_from_unix(errno);
1651 flags2 |= (O_CREAT|O_EXCL);
1655 /* If file exists open. If file doesn't exist
1661 return NT_STATUS_INVALID_PARAMETER;
1664 /* We only care about matching attributes on file exists and
1667 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1668 (create_disposition == FILE_OVERWRITE_IF))) {
1669 if (!open_match_attributes(conn, existing_dos_attributes,
1671 smb_fname->st.st_ex_mode,
1672 unx_mode, &new_unx_mode)) {
1673 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1674 "for file %s (%x %x) (0%o, 0%o)\n",
1675 smb_fname_str_dbg(smb_fname),
1676 existing_dos_attributes,
1678 (unsigned int)smb_fname->st.st_ex_mode,
1679 (unsigned int)unx_mode ));
1681 return NT_STATUS_ACCESS_DENIED;
1685 status = calculate_access_mask(conn, smb_fname, file_existed,
1688 if (!NT_STATUS_IS_OK(status)) {
1689 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1690 "on file %s returned %s\n",
1691 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1695 open_access_mask = access_mask;
1697 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1698 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1701 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1702 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1706 * Note that we ignore the append flag as append does not
1707 * mean the same thing under DOS and Unix.
1710 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1711 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1712 /* DENY_DOS opens are always underlying read-write on the
1713 file handle, no matter what the requested access mask
1715 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1716 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1726 * Currently we only look at FILE_WRITE_THROUGH for create options.
1730 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1735 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1739 if (!posix_open && !CAN_WRITE(conn)) {
1741 * We should really return a permission denied error if either
1742 * O_CREAT or O_TRUNC are set, but for compatibility with
1743 * older versions of Samba we just AND them out.
1745 flags2 &= ~(O_CREAT|O_TRUNC);
1749 * Ensure we can't write on a read-only share or file.
1752 if (flags != O_RDONLY && file_existed &&
1753 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1754 DEBUG(5,("open_file_ntcreate: write access requested for "
1755 "file %s on read only %s\n",
1756 smb_fname_str_dbg(smb_fname),
1757 !CAN_WRITE(conn) ? "share" : "file" ));
1759 return NT_STATUS_ACCESS_DENIED;
1762 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1763 fsp->share_access = share_access;
1764 fsp->fh->private_options = create_options;
1765 fsp->access_mask = open_access_mask; /* We change this to the
1766 * requested access_mask after
1767 * the open is done. */
1768 fsp->posix_open = posix_open;
1770 /* Ensure no SAMBA_PRIVATE bits can be set. */
1771 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1773 if (timeval_is_zero(&request_time)) {
1774 request_time = fsp->open_time;
1778 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1779 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1781 lck = get_share_mode_lock(talloc_tos(), id,
1783 smb_fname, &old_write_time);
1786 DEBUG(0, ("Could not get share mode lock\n"));
1787 return NT_STATUS_SHARING_VIOLATION;
1790 /* First pass - send break only on batch oplocks. */
1792 && delay_for_oplocks(lck, fsp, req->mid, 1,
1794 schedule_defer_open(lck, request_time, req);
1796 return NT_STATUS_SHARING_VIOLATION;
1799 /* Use the client requested access mask here, not the one we
1801 status = open_mode_check(conn, lck, access_mask, share_access,
1802 create_options, &file_existed);
1804 if (NT_STATUS_IS_OK(status)) {
1805 /* We might be going to allow this open. Check oplock
1807 /* Second pass - send break for both batch or
1808 * exclusive oplocks. */
1810 && delay_for_oplocks(lck, fsp, req->mid, 2,
1812 schedule_defer_open(lck, request_time, req);
1814 return NT_STATUS_SHARING_VIOLATION;
1818 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1819 /* DELETE_PENDING is not deferred for a second */
1824 if (!NT_STATUS_IS_OK(status)) {
1825 uint32 can_access_mask;
1826 bool can_access = True;
1828 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1830 /* Check if this can be done with the deny_dos and fcb
1832 if (create_options &
1833 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1834 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1836 DEBUG(0, ("DOS open without an SMB "
1839 return NT_STATUS_INTERNAL_ERROR;
1842 /* Use the client requested access mask here,
1843 * not the one we open with. */
1844 status = fcb_or_dos_open(req,
1855 if (NT_STATUS_IS_OK(status)) {
1858 *pinfo = FILE_WAS_OPENED;
1860 return NT_STATUS_OK;
1865 * This next line is a subtlety we need for
1866 * MS-Access. If a file open will fail due to share
1867 * permissions and also for security (access) reasons,
1868 * we need to return the access failed error, not the
1869 * share error. We can't open the file due to kernel
1870 * oplock deadlock (it's possible we failed above on
1871 * the open_mode_check()) so use a userspace check.
1874 if (flags & O_RDWR) {
1875 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1876 } else if (flags & O_WRONLY) {
1877 can_access_mask = FILE_WRITE_DATA;
1879 can_access_mask = FILE_READ_DATA;
1882 if (((can_access_mask & FILE_WRITE_DATA) &&
1883 !CAN_WRITE(conn)) ||
1884 !can_access_file_data(conn, smb_fname,
1890 * If we're returning a share violation, ensure we
1891 * cope with the braindead 1 second delay.
1894 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1895 lp_defer_sharing_violations()) {
1896 struct timeval timeout;
1897 struct deferred_open_record state;
1900 /* this is a hack to speed up torture tests
1902 timeout_usecs = lp_parm_int(SNUM(conn),
1903 "smbd","sharedelay",
1904 SHARING_VIOLATION_USEC_WAIT);
1906 /* This is a relative time, added to the absolute
1907 request_time value to get the absolute timeout time.
1908 Note that if this is the second or greater time we enter
1909 this codepath for this particular request mid then
1910 request_time is left as the absolute time of the *first*
1911 time this request mid was processed. This is what allows
1912 the request to eventually time out. */
1914 timeout = timeval_set(0, timeout_usecs);
1916 /* Nothing actually uses state.delayed_for_oplocks
1917 but it's handy to differentiate in debug messages
1918 between a 30 second delay due to oplock break, and
1919 a 1 second delay for share mode conflicts. */
1921 state.delayed_for_oplocks = False;
1925 && !request_timed_out(request_time,
1927 defer_open(lck, request_time, timeout,
1935 * We have detected a sharing violation here
1936 * so return the correct error code
1938 status = NT_STATUS_SHARING_VIOLATION;
1940 status = NT_STATUS_ACCESS_DENIED;
1946 * We exit this block with the share entry *locked*.....
1950 SMB_ASSERT(!file_existed || (lck != NULL));
1953 * Ensure we pay attention to default ACLs on directories if required.
1956 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1957 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1961 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1962 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1963 (unsigned int)flags, (unsigned int)flags2,
1964 (unsigned int)unx_mode, (unsigned int)access_mask,
1965 (unsigned int)open_access_mask));
1968 * open_file strips any O_TRUNC flags itself.
1971 fsp_open = open_file(fsp, conn, req, parent_dir, smb_fname,
1972 flags|flags2, unx_mode, access_mask,
1975 if (!NT_STATUS_IS_OK(fsp_open)) {
1982 if (!file_existed) {
1983 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1985 * Deal with the race condition where two smbd's detect the
1986 * file doesn't exist and do the create at the same time. One
1987 * of them will win and set a share mode, the other (ie. this
1988 * one) should check if the requested share mode for this
1989 * create is allowed.
1993 * Now the file exists and fsp is successfully opened,
1994 * fsp->dev and fsp->inode are valid and should replace the
1995 * dev=0,inode=0 from a non existent file. Spotted by
1996 * Nadav Danieli <nadavd@exanet.com>. JRA.
2001 lck = get_share_mode_lock(talloc_tos(), id,
2003 smb_fname, &old_write_time);
2006 DEBUG(0, ("open_file_ntcreate: Could not get share "
2007 "mode lock for %s\n",
2008 smb_fname_str_dbg(smb_fname)));
2010 return NT_STATUS_SHARING_VIOLATION;
2013 /* First pass - send break only on batch oplocks. */
2015 && delay_for_oplocks(lck, fsp, req->mid, 1,
2017 schedule_defer_open(lck, request_time, req);
2020 return NT_STATUS_SHARING_VIOLATION;
2023 status = open_mode_check(conn, lck, access_mask, share_access,
2024 create_options, &file_existed);
2026 if (NT_STATUS_IS_OK(status)) {
2027 /* We might be going to allow this open. Check oplock
2029 /* Second pass - send break for both batch or
2030 * exclusive oplocks. */
2032 && delay_for_oplocks(lck, fsp, req->mid, 2,
2034 schedule_defer_open(lck, request_time, req);
2037 return NT_STATUS_SHARING_VIOLATION;
2041 if (!NT_STATUS_IS_OK(status)) {
2042 struct deferred_open_record state;
2046 state.delayed_for_oplocks = False;
2049 /* Do it all over again immediately. In the second
2050 * round we will find that the file existed and handle
2051 * the DELETE_PENDING and FCB cases correctly. No need
2052 * to duplicate the code here. Essentially this is a
2053 * "goto top of this function", but don't tell
2057 defer_open(lck, request_time, timeval_zero(),
2065 * We exit this block with the share entry *locked*.....
2070 SMB_ASSERT(lck != NULL);
2072 /* Delete streams if create_disposition requires it */
2073 if (file_existed && clear_ads &&
2074 !is_ntfs_stream_smb_fname(smb_fname)) {
2075 status = delete_all_streams(conn, smb_fname->base_name);
2076 if (!NT_STATUS_IS_OK(status)) {
2083 /* note that we ignore failure for the following. It is
2084 basically a hack for NFS, and NFS will never set one of
2085 these only read them. Nobody but Samba can ever set a deny
2086 mode and we have already checked our more authoritative
2087 locking database for permission to set this deny mode. If
2088 the kernel refuses the operations then the kernel is wrong.
2089 note that GPFS supports it as well - jmcd */
2091 if (fsp->fh->fd != -1) {
2092 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
2093 if(ret_flock == -1 ){
2098 return NT_STATUS_SHARING_VIOLATION;
2103 * At this point onwards, we can guarentee that the share entry
2104 * is locked, whether we created the file or not, and that the
2105 * deny mode is compatible with all current opens.
2109 * If requested, truncate the file.
2112 if (flags2&O_TRUNC) {
2114 * We are modifing the file after open - update the stat
2117 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2118 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2119 status = map_nt_error_from_unix(errno);
2126 /* Record the options we were opened with. */
2127 fsp->share_access = share_access;
2128 fsp->fh->private_options = create_options;
2130 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2132 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2135 /* stat opens on existing files don't get oplocks. */
2136 if (is_stat_open(open_access_mask)) {
2137 fsp->oplock_type = NO_OPLOCK;
2140 if (!(flags2 & O_TRUNC)) {
2141 info = FILE_WAS_OPENED;
2143 info = FILE_WAS_OVERWRITTEN;
2146 info = FILE_WAS_CREATED;
2154 * Setup the oplock info in both the shared memory and
2158 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2159 /* Could not get the kernel oplock */
2160 fsp->oplock_type = NO_OPLOCK;
2163 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2164 new_file_created = True;
2167 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2170 /* Handle strange delete on close create semantics. */
2171 if (create_options & FILE_DELETE_ON_CLOSE) {
2173 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2175 if (!NT_STATUS_IS_OK(status)) {
2176 /* Remember to delete the mode we just added. */
2177 del_share_mode(lck, fsp);
2182 /* Note that here we set the *inital* delete on close flag,
2183 not the regular one. The magic gets handled in close. */
2184 fsp->initial_delete_on_close = True;
2187 if (new_file_created) {
2188 /* Files should be initially set as archive */
2189 if (lp_map_archive(SNUM(conn)) ||
2190 lp_store_dos_attributes(SNUM(conn))) {
2192 if (file_set_dosmode(conn, smb_fname,
2193 new_dos_attributes | aARCH,
2194 parent_dir, true) == 0) {
2195 unx_mode = smb_fname->st.st_ex_mode;
2202 * Take care of inherited ACLs on created files - if default ACL not
2206 if (!posix_open && !file_existed && !def_acl) {
2208 int saved_errno = errno; /* We might get ENOSYS in the next
2211 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2213 errno = saved_errno; /* Ignore ENOSYS */
2216 } else if (new_unx_mode) {
2220 /* Attributes need changing. File already existed. */
2223 int saved_errno = errno; /* We might get ENOSYS in the
2225 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2227 if (ret == -1 && errno == ENOSYS) {
2228 errno = saved_errno; /* Ignore ENOSYS */
2230 DEBUG(5, ("open_file_ntcreate: reset "
2231 "attributes of file %s to 0%o\n",
2232 smb_fname_str_dbg(smb_fname),
2233 (unsigned int)new_unx_mode));
2234 ret = 0; /* Don't do the fchmod below. */
2239 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2240 DEBUG(5, ("open_file_ntcreate: failed to reset "
2241 "attributes of file %s to 0%o\n",
2242 smb_fname_str_dbg(smb_fname),
2243 (unsigned int)new_unx_mode));
2246 /* If this is a successful open, we must remove any deferred open
2249 del_deferred_open_entry(lck, req->mid);
2253 return NT_STATUS_OK;
2257 /****************************************************************************
2258 Open a file for for write to ensure that we can fchmod it.
2259 ****************************************************************************/
2261 NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
2262 struct smb_filename *smb_fname,
2263 files_struct **result)
2265 files_struct *fsp = NULL;
2268 if (!VALID_STAT(smb_fname->st)) {
2269 return NT_STATUS_INVALID_PARAMETER;
2272 status = file_new(req, conn, &fsp);
2273 if(!NT_STATUS_IS_OK(status)) {
2277 status = SMB_VFS_CREATE_FILE(
2280 0, /* root_dir_fid */
2281 smb_fname, /* fname */
2282 FILE_WRITE_DATA, /* access_mask */
2283 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2285 FILE_OPEN, /* create_disposition*/
2286 0, /* create_options */
2287 0, /* file_attributes */
2288 0, /* oplock_request */
2289 0, /* allocation_size */
2296 * This is not a user visible file open.
2297 * Don't set a share mode.
2300 if (!NT_STATUS_IS_OK(status)) {
2301 file_free(req, fsp);
2306 return NT_STATUS_OK;
2309 /****************************************************************************
2310 Close the fchmod file fd - ensure no locks are lost.
2311 ****************************************************************************/
2313 NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
2315 NTSTATUS status = fd_close(fsp);
2316 file_free(req, fsp);
2320 static NTSTATUS mkdir_internal(connection_struct *conn,
2321 struct smb_filename *smb_dname,
2322 uint32 file_attributes)
2327 bool posix_open = false;
2329 if(!CAN_WRITE(conn)) {
2330 DEBUG(5,("mkdir_internal: failing create on read-only share "
2331 "%s\n", lp_servicename(SNUM(conn))));
2332 return NT_STATUS_ACCESS_DENIED;
2335 status = check_name(conn, smb_dname->base_name);
2336 if (!NT_STATUS_IS_OK(status)) {
2340 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2342 return NT_STATUS_NO_MEMORY;
2345 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2347 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2349 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2352 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2353 return map_nt_error_from_unix(errno);
2356 /* Ensure we're checking for a symlink here.... */
2357 /* We don't want to get caught by a symlink racer. */
2359 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2360 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2361 smb_fname_str_dbg(smb_dname), strerror(errno)));
2362 return map_nt_error_from_unix(errno);
2365 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2366 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2367 smb_fname_str_dbg(smb_dname)));
2368 return NT_STATUS_ACCESS_DENIED;
2371 if (lp_store_dos_attributes(SNUM(conn))) {
2373 file_set_dosmode(conn, smb_dname,
2374 file_attributes | aDIR,
2379 if (lp_inherit_perms(SNUM(conn))) {
2380 inherit_access_posix_acl(conn, parent_dir,
2381 smb_dname->base_name, mode);
2384 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2386 * Check if high bits should have been set,
2387 * then (if bits are missing): add them.
2388 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2391 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2392 (mode & ~smb_dname->st.st_ex_mode)) {
2393 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2394 (smb_dname->st.st_ex_mode |
2395 (mode & ~smb_dname->st.st_ex_mode)));
2399 /* Change the owner if required. */
2400 if (lp_inherit_owner(SNUM(conn))) {
2401 change_dir_owner_to_parent(conn, parent_dir,
2402 smb_dname->base_name,
2406 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2407 smb_dname->base_name);
2409 return NT_STATUS_OK;
2412 /****************************************************************************
2413 Open a directory from an NT SMB call.
2414 ****************************************************************************/
2416 static NTSTATUS open_directory(connection_struct *conn,
2417 struct smb_request *req,
2418 struct smb_filename *smb_dname,
2420 uint32 share_access,
2421 uint32 create_disposition,
2422 uint32 create_options,
2423 uint32 file_attributes,
2425 files_struct **result)
2427 files_struct *fsp = NULL;
2428 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2429 struct share_mode_lock *lck = NULL;
2431 struct timespec mtimespec;
2434 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2436 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2437 "share_access = 0x%x create_options = 0x%x, "
2438 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2439 smb_fname_str_dbg(smb_dname),
2440 (unsigned int)access_mask,
2441 (unsigned int)share_access,
2442 (unsigned int)create_options,
2443 (unsigned int)create_disposition,
2444 (unsigned int)file_attributes));
2446 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2447 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2448 is_ntfs_stream_smb_fname(smb_dname)) {
2449 DEBUG(2, ("open_directory: %s is a stream name!\n",
2450 smb_fname_str_dbg(smb_dname)));
2451 return NT_STATUS_NOT_A_DIRECTORY;
2454 status = calculate_access_mask(conn, smb_dname, dir_existed,
2455 access_mask, &access_mask);
2456 if (!NT_STATUS_IS_OK(status)) {
2457 DEBUG(10, ("open_directory: calculate_access_mask "
2458 "on file %s returned %s\n",
2459 smb_fname_str_dbg(smb_dname),
2460 nt_errstr(status)));
2464 /* We need to support SeSecurityPrivilege for this. */
2465 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2466 DEBUG(10, ("open_directory: open on %s "
2467 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2468 smb_fname_str_dbg(smb_dname)));
2469 return NT_STATUS_PRIVILEGE_NOT_HELD;
2472 switch( create_disposition ) {
2475 info = FILE_WAS_OPENED;
2478 * We want to follow symlinks here.
2481 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2482 return map_nt_error_from_unix(errno);
2489 /* If directory exists error. If directory doesn't
2492 status = mkdir_internal(conn, smb_dname,
2495 if (!NT_STATUS_IS_OK(status)) {
2496 DEBUG(2, ("open_directory: unable to create "
2497 "%s. Error was %s\n",
2498 smb_fname_str_dbg(smb_dname),
2499 nt_errstr(status)));
2503 info = FILE_WAS_CREATED;
2508 * If directory exists open. If directory doesn't
2512 status = mkdir_internal(conn, smb_dname,
2515 if (NT_STATUS_IS_OK(status)) {
2516 info = FILE_WAS_CREATED;
2519 if (NT_STATUS_EQUAL(status,
2520 NT_STATUS_OBJECT_NAME_COLLISION)) {
2521 info = FILE_WAS_OPENED;
2522 status = NT_STATUS_OK;
2527 case FILE_SUPERSEDE:
2528 case FILE_OVERWRITE:
2529 case FILE_OVERWRITE_IF:
2531 DEBUG(5,("open_directory: invalid create_disposition "
2532 "0x%x for directory %s\n",
2533 (unsigned int)create_disposition,
2534 smb_fname_str_dbg(smb_dname)));
2535 return NT_STATUS_INVALID_PARAMETER;
2538 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2539 DEBUG(5,("open_directory: %s is not a directory !\n",
2540 smb_fname_str_dbg(smb_dname)));
2541 return NT_STATUS_NOT_A_DIRECTORY;
2544 if (info == FILE_WAS_OPENED) {
2545 uint32_t access_granted = 0;
2546 status = check_open_rights(conn, smb_dname, access_mask,
2549 /* Were we trying to do a directory open
2550 * for delete and didn't get DELETE
2551 * access (only) ? Check if the
2552 * directory allows DELETE_CHILD.
2554 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2557 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2558 (access_mask & DELETE_ACCESS) &&
2559 (access_granted == DELETE_ACCESS) &&
2560 can_delete_file_in_directory(conn, smb_dname))) {
2561 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2562 "on directory %s\n",
2563 smb_fname_str_dbg(smb_dname)));
2564 status = NT_STATUS_OK;
2567 if (!NT_STATUS_IS_OK(status)) {
2568 DEBUG(10, ("open_directory: check_open_rights on "
2569 "file %s failed with %s\n",
2570 smb_fname_str_dbg(smb_dname),
2571 nt_errstr(status)));
2576 status = file_new(req, conn, &fsp);
2577 if(!NT_STATUS_IS_OK(status)) {
2582 * Setup the files_struct for it.
2585 fsp->mode = smb_dname->st.st_ex_mode;
2586 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2587 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2588 fsp->file_pid = req ? req->smbpid : 0;
2589 fsp->can_lock = False;
2590 fsp->can_read = False;
2591 fsp->can_write = False;
2593 fsp->share_access = share_access;
2594 fsp->fh->private_options = create_options;
2596 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2598 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2599 fsp->print_file = False;
2600 fsp->modified = False;
2601 fsp->oplock_type = NO_OPLOCK;
2602 fsp->sent_oplock_break = NO_BREAK_SENT;
2603 fsp->is_directory = True;
2604 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2605 status = fsp_set_smb_fname(fsp, smb_dname);
2606 if (!NT_STATUS_IS_OK(status)) {
2610 mtimespec = smb_dname->st.st_ex_mtime;
2612 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2613 conn->connectpath, smb_dname, &mtimespec);
2616 DEBUG(0, ("open_directory: Could not get share mode lock for "
2617 "%s\n", smb_fname_str_dbg(smb_dname)));
2618 file_free(req, fsp);
2619 return NT_STATUS_SHARING_VIOLATION;
2622 status = open_mode_check(conn, lck, access_mask, share_access,
2623 create_options, &dir_existed);
2625 if (!NT_STATUS_IS_OK(status)) {
2627 file_free(req, fsp);
2631 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2633 /* For directories the delete on close bit at open time seems
2634 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2635 if (create_options & FILE_DELETE_ON_CLOSE) {
2636 status = can_set_delete_on_close(fsp, True, 0);
2637 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2639 file_free(req, fsp);
2643 if (NT_STATUS_IS_OK(status)) {
2644 /* Note that here we set the *inital* delete on close flag,
2645 not the regular one. The magic gets handled in close. */
2646 fsp->initial_delete_on_close = True;
2657 return NT_STATUS_OK;
2660 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2661 struct smb_filename *smb_dname)
2666 status = SMB_VFS_CREATE_FILE(
2669 0, /* root_dir_fid */
2670 smb_dname, /* fname */
2671 FILE_READ_ATTRIBUTES, /* access_mask */
2672 FILE_SHARE_NONE, /* share_access */
2673 FILE_CREATE, /* create_disposition*/
2674 FILE_DIRECTORY_FILE, /* create_options */
2675 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2676 0, /* oplock_request */
2677 0, /* allocation_size */
2683 if (NT_STATUS_IS_OK(status)) {
2684 close_file(req, fsp, NORMAL_CLOSE);
2690 /****************************************************************************
2691 Receive notification that one of our open files has been renamed by another
2693 ****************************************************************************/
2695 void msg_file_was_renamed(struct messaging_context *msg,
2698 struct server_id server_id,
2702 char *frm = (char *)data->data;
2704 const char *sharepath;
2705 const char *base_name;
2706 const char *stream_name;
2707 struct smb_filename *smb_fname = NULL;
2708 size_t sp_len, bn_len;
2711 if (data->data == NULL
2712 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2713 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2714 (int)data->length));
2718 /* Unpack the message. */
2719 pull_file_id_24(frm, &id);
2720 sharepath = &frm[24];
2721 sp_len = strlen(sharepath);
2722 base_name = sharepath + sp_len + 1;
2723 bn_len = strlen(base_name);
2724 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2726 /* stream_name must always be NULL if there is no stream. */
2727 if (stream_name[0] == '\0') {
2731 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2732 stream_name, NULL, &smb_fname);
2733 if (!NT_STATUS_IS_OK(status)) {
2737 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2739 sharepath, smb_fname_str_dbg(smb_fname),
2740 file_id_string_tos(&id)));
2742 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2743 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2745 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2746 fsp->fnum, fsp_str_dbg(fsp),
2747 smb_fname_str_dbg(smb_fname)));
2748 status = fsp_set_smb_fname(fsp, smb_fname);
2749 if (!NT_STATUS_IS_OK(status)) {
2754 /* Now we have the complete path we can work out if this is
2755 actually within this share and adjust newname accordingly. */
2756 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2757 "not sharepath %s) "
2758 "fnum %d from %s -> %s\n",
2759 fsp->conn->connectpath,
2763 smb_fname_str_dbg(smb_fname)));
2767 TALLOC_FREE(smb_fname);
2771 struct case_semantics_state {
2772 connection_struct *conn;
2773 bool case_sensitive;
2775 bool short_case_preserve;
2778 /****************************************************************************
2779 Restore case semantics.
2780 ****************************************************************************/
2781 static int restore_case_semantics(struct case_semantics_state *state)
2783 state->conn->case_sensitive = state->case_sensitive;
2784 state->conn->case_preserve = state->case_preserve;
2785 state->conn->short_case_preserve = state->short_case_preserve;
2789 /****************************************************************************
2790 Save case semantics.
2791 ****************************************************************************/
2792 struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
2793 connection_struct *conn)
2795 struct case_semantics_state *result;
2797 if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2798 DEBUG(0, ("talloc failed\n"));
2802 result->conn = conn;
2803 result->case_sensitive = conn->case_sensitive;
2804 result->case_preserve = conn->case_preserve;
2805 result->short_case_preserve = conn->short_case_preserve;
2808 conn->case_sensitive = True;
2809 conn->case_preserve = True;
2810 conn->short_case_preserve = True;
2812 talloc_set_destructor(result, restore_case_semantics);
2818 * If a main file is opened for delete, all streams need to be checked for
2819 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2820 * If that works, delete them all by setting the delete on close and close.
2823 NTSTATUS open_streams_for_delete(connection_struct *conn,
2826 struct stream_struct *stream_info;
2827 files_struct **streams;
2829 unsigned int num_streams;
2830 TALLOC_CTX *frame = talloc_stackframe();
2833 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2834 &num_streams, &stream_info);
2836 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2837 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2838 DEBUG(10, ("no streams around\n"));
2840 return NT_STATUS_OK;
2843 if (!NT_STATUS_IS_OK(status)) {
2844 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2845 nt_errstr(status)));
2849 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2852 if (num_streams == 0) {
2854 return NT_STATUS_OK;
2857 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2858 if (streams == NULL) {
2859 DEBUG(0, ("talloc failed\n"));
2860 status = NT_STATUS_NO_MEMORY;
2864 for (i=0; i<num_streams; i++) {
2865 struct smb_filename *smb_fname = NULL;
2867 if (strequal(stream_info[i].name, "::$DATA")) {
2872 status = create_synthetic_smb_fname(talloc_tos(), fname,
2873 stream_info[i].name,
2875 if (!NT_STATUS_IS_OK(status)) {
2879 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2880 DEBUG(10, ("Unable to stat stream: %s\n",
2881 smb_fname_str_dbg(smb_fname)));
2884 status = SMB_VFS_CREATE_FILE(
2887 0, /* root_dir_fid */
2888 smb_fname, /* fname */
2889 DELETE_ACCESS, /* access_mask */
2890 (FILE_SHARE_READ | /* share_access */
2891 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2892 FILE_OPEN, /* create_disposition*/
2893 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2894 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2895 0, /* oplock_request */
2896 0, /* allocation_size */
2899 &streams[i], /* result */
2902 if (!NT_STATUS_IS_OK(status)) {
2903 DEBUG(10, ("Could not open stream %s: %s\n",
2904 smb_fname_str_dbg(smb_fname),
2905 nt_errstr(status)));
2907 TALLOC_FREE(smb_fname);
2910 TALLOC_FREE(smb_fname);
2914 * don't touch the variable "status" beyond this point :-)
2917 for (i -= 1 ; i >= 0; i--) {
2918 if (streams[i] == NULL) {
2922 DEBUG(10, ("Closing stream # %d, %s\n", i,
2923 fsp_str_dbg(streams[i])));
2924 close_file(NULL, streams[i], NORMAL_CLOSE);
2933 * Wrapper around open_file_ntcreate and open_directory
2936 static NTSTATUS create_file_unixpath(connection_struct *conn,
2937 struct smb_request *req,
2938 struct smb_filename *smb_fname,
2939 uint32_t access_mask,
2940 uint32_t share_access,
2941 uint32_t create_disposition,
2942 uint32_t create_options,
2943 uint32_t file_attributes,
2944 uint32_t oplock_request,
2945 uint64_t allocation_size,
2946 struct security_descriptor *sd,
2947 struct ea_list *ea_list,
2949 files_struct **result,
2952 int info = FILE_WAS_OPENED;
2953 files_struct *base_fsp = NULL;
2954 files_struct *fsp = NULL;
2957 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2958 "file_attributes = 0x%x, share_access = 0x%x, "
2959 "create_disposition = 0x%x create_options = 0x%x "
2960 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2962 (unsigned int)access_mask,
2963 (unsigned int)file_attributes,
2964 (unsigned int)share_access,
2965 (unsigned int)create_disposition,
2966 (unsigned int)create_options,
2967 (unsigned int)oplock_request,
2968 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2970 if (create_options & FILE_OPEN_BY_FILE_ID) {
2971 status = NT_STATUS_NOT_SUPPORTED;
2975 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2976 status = NT_STATUS_INVALID_PARAMETER;
2981 oplock_request |= INTERNAL_OPEN_ONLY;
2984 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2985 && (access_mask & DELETE_ACCESS)
2986 && !is_ntfs_stream_smb_fname(smb_fname)) {
2988 * We can't open a file with DELETE access if any of the
2989 * streams is open without FILE_SHARE_DELETE
2991 status = open_streams_for_delete(conn, smb_fname->base_name);
2993 if (!NT_STATUS_IS_OK(status)) {
2998 /* This is the correct thing to do (check every time) but can_delete
2999 * is expensive (it may have to read the parent directory
3000 * permissions). So for now we're not doing it unless we have a strong
3001 * hint the client is really going to delete this file. If the client
3002 * is forcing FILE_CREATE let the filesystem take care of the
3005 /* Setting FILE_SHARE_DELETE is the hint. */
3007 if (lp_acl_check_permissions(SNUM(conn))
3008 && (create_disposition != FILE_CREATE)
3009 && (share_access & FILE_SHARE_DELETE)
3010 && (access_mask & DELETE_ACCESS)
3011 && (!(can_delete_file_in_directory(conn, smb_fname) ||
3012 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
3013 status = NT_STATUS_ACCESS_DENIED;
3014 DEBUG(10,("create_file_unixpath: open file %s "
3015 "for delete ACCESS_DENIED\n",
3016 smb_fname_str_dbg(smb_fname)));
3021 /* We need to support SeSecurityPrivilege for this. */
3022 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3023 !user_has_privileges(current_user.nt_user_token,
3025 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3029 /* We need to support SeSecurityPrivilege for this. */
3030 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
3031 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3034 /* Don't allow a SACL set from an NTtrans create until we
3035 * support SeSecurityPrivilege. */
3036 if (!VALID_STAT(smb_fname->st) &&
3037 lp_nt_acl_support(SNUM(conn)) &&
3038 sd && (sd->sacl != NULL)) {
3039 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3044 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3045 && is_ntfs_stream_smb_fname(smb_fname)
3046 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3047 uint32 base_create_disposition;
3048 struct smb_filename *smb_fname_base = NULL;
3050 if (create_options & FILE_DIRECTORY_FILE) {
3051 status = NT_STATUS_NOT_A_DIRECTORY;
3055 switch (create_disposition) {
3057 base_create_disposition = FILE_OPEN;
3060 base_create_disposition = FILE_OPEN_IF;
3064 /* Create an smb_filename with stream_name == NULL. */
3065 status = create_synthetic_smb_fname(talloc_tos(),
3066 smb_fname->base_name,
3069 if (!NT_STATUS_IS_OK(status)) {
3073 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3074 DEBUG(10, ("Unable to stat stream: %s\n",
3075 smb_fname_str_dbg(smb_fname_base)));
3078 /* Open the base file. */
3079 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3082 | FILE_SHARE_DELETE,
3083 base_create_disposition,
3084 0, 0, 0, 0, NULL, NULL,
3086 TALLOC_FREE(smb_fname_base);
3088 if (!NT_STATUS_IS_OK(status)) {
3089 DEBUG(10, ("create_file_unixpath for base %s failed: "
3090 "%s\n", smb_fname->base_name,
3091 nt_errstr(status)));
3094 /* we don't need to low level fd */
3099 * If it's a request for a directory open, deal with it separately.
3102 if (create_options & FILE_DIRECTORY_FILE) {
3104 if (create_options & FILE_NON_DIRECTORY_FILE) {
3105 status = NT_STATUS_INVALID_PARAMETER;
3109 /* Can't open a temp directory. IFS kit test. */
3110 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3111 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3112 status = NT_STATUS_INVALID_PARAMETER;
3117 * We will get a create directory here if the Win32
3118 * app specified a security descriptor in the
3119 * CreateDirectory() call.
3123 status = open_directory(
3124 conn, req, smb_fname, access_mask, share_access,
3125 create_disposition, create_options, file_attributes,
3130 * Ordinary file case.
3133 status = file_new(req, conn, &fsp);
3134 if(!NT_STATUS_IS_OK(status)) {
3139 * We're opening the stream element of a base_fsp
3140 * we already opened. Set up the base_fsp pointer.
3143 fsp->base_fsp = base_fsp;
3146 status = open_file_ntcreate(conn,
3158 if(!NT_STATUS_IS_OK(status)) {
3159 file_free(req, fsp);
3163 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3165 /* A stream open never opens a directory */
3168 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3173 * Fail the open if it was explicitly a non-directory
3177 if (create_options & FILE_NON_DIRECTORY_FILE) {
3178 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3183 status = open_directory(
3184 conn, req, smb_fname, access_mask,
3185 share_access, create_disposition,
3186 create_options, file_attributes,
3191 if (!NT_STATUS_IS_OK(status)) {
3195 fsp->base_fsp = base_fsp;
3198 * According to the MS documentation, the only time the security
3199 * descriptor is applied to the opened file is iff we *created* the
3200 * file; an existing file stays the same.
3202 * Also, it seems (from observation) that you can open the file with
3203 * any access mask but you can still write the sd. We need to override
3204 * the granted access before we call set_sd
3205 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3208 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3209 && lp_nt_acl_support(SNUM(conn))) {
3211 uint32_t sec_info_sent;
3212 uint32_t saved_access_mask = fsp->access_mask;
3214 sec_info_sent = get_sec_info(sd);
3216 fsp->access_mask = FILE_GENERIC_ALL;
3218 /* Convert all the generic bits. */
3219 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3220 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3222 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3223 GROUP_SECURITY_INFORMATION|
3224 DACL_SECURITY_INFORMATION|
3225 SACL_SECURITY_INFORMATION)) {
3226 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3229 fsp->access_mask = saved_access_mask;
3231 if (!NT_STATUS_IS_OK(status)) {
3236 if ((ea_list != NULL) &&
3237 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3238 status = set_ea(conn, fsp, smb_fname, ea_list);
3239 if (!NT_STATUS_IS_OK(status)) {
3244 if (!fsp->is_directory && S_ISDIR(smb_fname->st.st_ex_mode)) {
3245 status = NT_STATUS_ACCESS_DENIED;
3249 /* Save the requested allocation size. */
3250 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3252 && (allocation_size > smb_fname->st.st_ex_size)) {
3253 fsp->initial_allocation_size = smb_roundup(
3254 fsp->conn, allocation_size);
3255 if (fsp->is_directory) {
3256 /* Can't set allocation size on a directory. */
3257 status = NT_STATUS_ACCESS_DENIED;
3260 if (vfs_allocate_file_space(
3261 fsp, fsp->initial_allocation_size) == -1) {
3262 status = NT_STATUS_DISK_FULL;
3266 fsp->initial_allocation_size = smb_roundup(
3267 fsp->conn, (uint64_t)smb_fname->st.st_ex_size);
3271 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3274 if (pinfo != NULL) {
3277 if ((fsp->fh != NULL) && (fsp->fh->fd != -1)) {
3278 SMB_VFS_FSTAT(fsp, &smb_fname->st);
3280 return NT_STATUS_OK;
3283 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3286 if (base_fsp && fsp->base_fsp == base_fsp) {
3288 * The close_file below will close
3293 close_file(req, fsp, ERROR_CLOSE);
3296 if (base_fsp != NULL) {
3297 close_file(req, base_fsp, ERROR_CLOSE);
3304 * Calculate the full path name given a relative fid.
3306 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3307 struct smb_request *req,
3308 uint16_t root_dir_fid,
3309 struct smb_filename *smb_fname)
3311 files_struct *dir_fsp;
3312 char *parent_fname = NULL;
3313 char *new_base_name = NULL;
3316 if (root_dir_fid == 0 || !smb_fname) {
3317 status = NT_STATUS_INTERNAL_ERROR;
3321 dir_fsp = file_fsp(req, root_dir_fid);
3323 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3324 status = NT_STATUS_INVALID_HANDLE;
3328 if (dir_fsp == NULL) {
3329 status = NT_STATUS_INVALID_HANDLE;
3333 if (!dir_fsp->is_directory) {
3336 * Check to see if this is a mac fork of some kind.
3339 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3340 is_ntfs_stream_smb_fname(smb_fname)) {
3341 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3346 we need to handle the case when we get a
3347 relative open relative to a file and the
3348 pathname is blank - this is a reopen!
3349 (hint from demyn plantenberg)
3352 status = NT_STATUS_INVALID_HANDLE;
3356 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3358 * We're at the toplevel dir, the final file name
3359 * must not contain ./, as this is filtered out
3360 * normally by srvstr_get_path and unix_convert
3361 * explicitly rejects paths containing ./.
3363 parent_fname = talloc_strdup(talloc_tos(), "");
3364 if (parent_fname == NULL) {
3365 status = NT_STATUS_NO_MEMORY;
3369 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3372 * Copy in the base directory name.
3375 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3377 if (parent_fname == NULL) {
3378 status = NT_STATUS_NO_MEMORY;
3381 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3385 * Ensure it ends in a '/'.
3386 * We used TALLOC_SIZE +2 to add space for the '/'.
3390 && (parent_fname[dir_name_len-1] != '\\')
3391 && (parent_fname[dir_name_len-1] != '/')) {
3392 parent_fname[dir_name_len] = '/';
3393 parent_fname[dir_name_len+1] = '\0';
3397 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3398 smb_fname->base_name);
3399 if (new_base_name == NULL) {
3400 status = NT_STATUS_NO_MEMORY;
3404 TALLOC_FREE(smb_fname->base_name);
3405 smb_fname->base_name = new_base_name;
3406 status = NT_STATUS_OK;
3409 TALLOC_FREE(parent_fname);
3413 NTSTATUS create_file_default(connection_struct *conn,
3414 struct smb_request *req,
3415 uint16_t root_dir_fid,
3416 struct smb_filename *smb_fname,
3417 uint32_t access_mask,
3418 uint32_t share_access,
3419 uint32_t create_disposition,
3420 uint32_t create_options,
3421 uint32_t file_attributes,
3422 uint32_t oplock_request,
3423 uint64_t allocation_size,
3424 struct security_descriptor *sd,
3425 struct ea_list *ea_list,
3426 files_struct **result,
3429 int info = FILE_WAS_OPENED;
3430 files_struct *fsp = NULL;
3433 DEBUG(10,("create_file: access_mask = 0x%x "
3434 "file_attributes = 0x%x, share_access = 0x%x, "
3435 "create_disposition = 0x%x create_options = 0x%x "
3436 "oplock_request = 0x%x "
3437 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3439 (unsigned int)access_mask,
3440 (unsigned int)file_attributes,
3441 (unsigned int)share_access,
3442 (unsigned int)create_disposition,
3443 (unsigned int)create_options,
3444 (unsigned int)oplock_request,
3445 (unsigned int)root_dir_fid,
3446 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3449 * Calculate the filename from the root_dir_if if necessary.
3452 if (root_dir_fid != 0) {
3453 status = get_relative_fid_filename(conn, req, root_dir_fid,
3455 if (!NT_STATUS_IS_OK(status)) {
3461 * Check to see if this is a mac fork of some kind.
3464 if (is_ntfs_stream_smb_fname(smb_fname)) {
3465 enum FAKE_FILE_TYPE fake_file_type;
3467 fake_file_type = is_fake_file(smb_fname);
3469 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3472 * Here we go! support for changing the disk quotas
3475 * We need to fake up to open this MAGIC QUOTA file
3476 * and return a valid FID.
3478 * w2k close this file directly after openening xp
3479 * also tries a QUERY_FILE_INFO on the file and then
3482 status = open_fake_file(req, conn, req->vuid,
3483 fake_file_type, smb_fname,
3485 if (!NT_STATUS_IS_OK(status)) {
3489 ZERO_STRUCT(smb_fname->st);
3493 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3494 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3499 /* All file access must go through check_name() */
3501 status = check_name(conn, smb_fname->base_name);
3502 if (!NT_STATUS_IS_OK(status)) {
3506 status = create_file_unixpath(
3507 conn, req, smb_fname, access_mask, share_access,
3508 create_disposition, create_options, file_attributes,
3509 oplock_request, allocation_size, sd, ea_list,
3512 if (!NT_STATUS_IS_OK(status)) {
3517 DEBUG(10, ("create_file: info=%d\n", info));
3520 if (pinfo != NULL) {
3523 return NT_STATUS_OK;
3526 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3529 close_file(req, fsp, ERROR_CLOSE);