*/
#include "includes.h"
+#include "smbd/smbd.h"
#include "system/filesys.h"
#include "include/ntioctl.h"
-#include <ccan/hash/hash.h>
#include "util_tdb.h"
struct shadow_copy2_config {
bool fixinodes;
char *sort_order;
bool snapdir_absolute;
- char *basedir;
char *mount_point;
- char *rel_connectpath; /* share root, relative to the basedir */
+ char *rel_connectpath; /* share root, relative to a snapshot root */
char *snapshot_basepath; /* the absolute version of snapdir */
};
* Convert from a name as handed in via the SMB layer
* and a timestamp into the local path of the snapshot
* of the provided file at the provided time.
+ * Also return the path in the snapshot corresponding
+ * to the file's share root.
*/
-static char *shadow_copy2_convert(TALLOC_CTX *mem_ctx,
- struct vfs_handle_struct *handle,
- const char *name, time_t timestamp)
+static char *shadow_copy2_do_convert(TALLOC_CTX *mem_ctx,
+ struct vfs_handle_struct *handle,
+ const char *name, time_t timestamp,
+ size_t *snaproot_len)
{
struct smb_filename converted_fname;
char *result = NULL;
size_t pathlen;
char *insert = NULL;
char *converted = NULL;
- size_t insertlen;
+ size_t insertlen, connectlen = 0;
int i, saved_errno;
size_t min_offset;
struct shadow_copy2_config *config;
+ size_t in_share_offset = 0;
SMB_VFS_HANDLE_GET_DATA(handle, config, struct shadow_copy2_config,
return NULL);
DEBUG(10, ("Found %s\n", converted));
result = converted;
converted = NULL;
+ if (snaproot_len != NULL) {
+ *snaproot_len = strlen(snapshot_path);
+ if (config->rel_connectpath != NULL) {
+ *snaproot_len +=
+ strlen(config->rel_connectpath) + 1;
+ }
+ }
goto fail;
} else {
errno = ENOENT;
/* never reached ... */
}
+ connectlen = strlen(handle->conn->connectpath);
if (name[0] == 0) {
path = talloc_strdup(mem_ctx, handle->conn->connectpath);
} else {
goto fail;
}
+ if (offset >= connectlen) {
+ in_share_offset = offset;
+ }
+
memcpy(converted+offset, insert, insertlen);
offset += insertlen;
ret, ret == 0 ? "ok" : strerror(errno)));
if (ret == 0) {
/* success */
+ if (snaproot_len != NULL) {
+ *snaproot_len = in_share_offset + insertlen;
+ }
break;
}
if (errno == ENOTDIR) {
return result;
}
+/**
+ * Convert from a name as handed in via the SMB layer
+ * and a timestamp into the local path of the snapshot
+ * of the provided file at the provided time.
+ */
+static char *shadow_copy2_convert(TALLOC_CTX *mem_ctx,
+ struct vfs_handle_struct *handle,
+ const char *name, time_t timestamp)
+{
+ return shadow_copy2_do_convert(mem_ctx, handle, name, timestamp, NULL);
+}
+
/*
modify a sbuf return to ensure that inodes in the shadow directory
are different from those in the main directory
number collision, but I can't see a better approach
without significant VFS changes
*/
+ TDB_DATA key = { .dptr = discard_const_p(uint8_t, fname),
+ .dsize = strlen(fname) };
uint32_t shash;
- shash = hash(fname, strlen(fname), 0) & 0xFF000000;
+ shash = tdb_jenkins_hash(&key) & 0xFF000000;
if (shash == 0) {
shash = 1;
}
static DIR *shadow_copy2_opendir(vfs_handle_struct *handle,
const char *fname,
const char *mask,
- uint32 attr)
+ uint32_t attr)
{
time_t timestamp;
char *stripped;
char *stripped = NULL;
char *tmp = NULL;
char *result = NULL;
- char *inserted = NULL;
- char *inserted_to, *inserted_end;
int saved_errno;
if (!shadow_copy2_strip_snapshot(talloc_tos(), handle, fname,
}
result = SMB_VFS_NEXT_REALPATH(handle, tmp);
- if (result == NULL) {
- goto done;
- }
-
- /*
- * Take away what we've inserted. This removes the @GMT-thingy
- * completely, but will give a path under the share root.
- */
- inserted = shadow_copy2_insert_string(talloc_tos(), handle, timestamp);
- if (inserted == NULL) {
- goto done;
- }
- inserted_to = strstr_m(result, inserted);
- if (inserted_to == NULL) {
- DEBUG(2, ("SMB_VFS_NEXT_REALPATH removed %s\n", inserted));
- goto done;
- }
- inserted_end = inserted_to + talloc_get_size(inserted) - 1;
- memmove(inserted_to, inserted_end, strlen(inserted_end)+1);
done:
saved_errno = errno;
- TALLOC_FREE(inserted);
TALLOC_FREE(tmp);
TALLOC_FREE(stripped);
errno = saved_errno;
return NULL;
}
+static bool check_access_snapdir(struct vfs_handle_struct *handle,
+ const char *path)
+{
+ struct smb_filename smb_fname;
+ int ret;
+ NTSTATUS status;
+
+ ZERO_STRUCT(smb_fname);
+ smb_fname.base_name = talloc_asprintf(talloc_tos(),
+ "%s",
+ path);
+ if (smb_fname.base_name == NULL) {
+ return false;
+ }
+
+ ret = SMB_VFS_NEXT_STAT(handle, &smb_fname);
+ if (ret != 0 || !S_ISDIR(smb_fname.st.st_ex_mode)) {
+ TALLOC_FREE(smb_fname.base_name);
+ return false;
+ }
+
+ status = smbd_check_access_rights(handle->conn,
+ &smb_fname,
+ false,
+ SEC_DIR_LIST);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("user does not have list permission "
+ "on snapdir %s\n",
+ smb_fname.base_name));
+ TALLOC_FREE(smb_fname.base_name);
+ return false;
+ }
+ TALLOC_FREE(smb_fname.base_name);
+ return true;
+}
+
/**
* Find the snapshot directory (if any) for the given
* filename (which is relative to the share).
const char *snapdir;
struct dirent *d;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
+ bool ret;
snapdir = shadow_copy2_find_snapdir(tmp_ctx, handle, fsp->fsp_name);
if (snapdir == NULL) {
talloc_free(tmp_ctx);
return -1;
}
+ ret = check_access_snapdir(handle, snapdir);
+ if (!ret) {
+ DEBUG(0,("access denied on listing snapdir %s\n", snapdir));
+ errno = EACCES;
+ talloc_free(tmp_ctx);
+ return -1;
+ }
p = SMB_VFS_NEXT_OPENDIR(handle, snapdir, NULL, 0);
static NTSTATUS shadow_copy2_fget_nt_acl(vfs_handle_struct *handle,
struct files_struct *fsp,
- uint32 security_info,
+ uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
static NTSTATUS shadow_copy2_get_nt_acl(vfs_handle_struct *handle,
const char *fname,
- uint32 security_info,
+ uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
return ret;
}
+static const char *shadow_copy2_connectpath(struct vfs_handle_struct *handle,
+ const char *fname)
+{
+ time_t timestamp;
+ char *stripped = NULL;
+ char *tmp = NULL;
+ char *result = NULL;
+ int saved_errno;
+ size_t rootpath_len = 0;
+
+ DBG_DEBUG("Calc connect path for [%s]\n", fname);
+
+ if (!shadow_copy2_strip_snapshot(talloc_tos(), handle, fname,
+ ×tamp, &stripped)) {
+ goto done;
+ }
+ if (timestamp == 0) {
+ return SMB_VFS_NEXT_CONNECTPATH(handle, fname);
+ }
+
+ tmp = shadow_copy2_do_convert(talloc_tos(), handle, stripped, timestamp,
+ &rootpath_len);
+ if (tmp == NULL) {
+ goto done;
+ }
+
+ DBG_DEBUG("converted path is [%s] root path is [%.*s]\n", tmp,
+ (int)rootpath_len, tmp);
+
+ tmp[rootpath_len] = '\0';
+ result = SMB_VFS_NEXT_REALPATH(handle, tmp);
+ if (result == NULL) {
+ goto done;
+ }
+
+ DBG_DEBUG("connect path is [%s]\n", result);
+
+done:
+ saved_errno = errno;
+ TALLOC_FREE(tmp);
+ TALLOC_FREE(stripped);
+ errno = saved_errno;
+ return result;
+}
+
static uint64_t shadow_copy2_disk_free(vfs_handle_struct *handle,
- const char *path, bool small_query,
- uint64_t *bsize, uint64_t *dfree,
- uint64_t *dsize)
+ const char *path, uint64_t *bsize,
+ uint64_t *dfree, uint64_t *dsize)
{
time_t timestamp;
char *stripped;
return -1;
}
if (timestamp == 0) {
- return SMB_VFS_NEXT_DISK_FREE(handle, path, small_query,
+ return SMB_VFS_NEXT_DISK_FREE(handle, path,
bsize, dfree, dsize);
}
return -1;
}
- ret = SMB_VFS_NEXT_DISK_FREE(handle, conv, small_query, bsize, dfree,
- dsize);
+ ret = SMB_VFS_NEXT_DISK_FREE(handle, conv, bsize, dfree, dsize);
saved_errno = errno;
TALLOC_FREE(conv);
const char *snapdir;
const char *gmt_format;
const char *sort_order;
- const char *basedir;
+ const char *basedir = NULL;
const char *mount_point;
DEBUG(10, (__location__ ": cnum[%u], connectpath[%s]\n",
"shadow", "crossmountpoints",
false);
+ if (config->crossmountpoints && !config->snapdirseverywhere) {
+ DBG_WARNING("Warning: 'crossmountpoints' depends on "
+ "'snapdirseverywhere'. Disabling crossmountpoints.\n");
+ }
+
config->fixinodes = lp_parm_bool(SNUM(handle->conn),
"shadow", "fixinodes",
false);
char *p;
p = strstr(handle->conn->connectpath, mount_point);
if (p != handle->conn->connectpath) {
- DEBUG(1, ("Warning: mount_point (%s) is not a "
- "subdirectory of the share root "
- "(%s). Ignoring provided value.\n",
- mount_point,
- handle->conn->connectpath));
+ DBG_WARNING("Warning: the share root (%s) is "
+ "not a subdirectory of the "
+ "specified mountpoint (%s). "
+ "Ignoring provided value.\n",
+ handle->conn->connectpath,
+ mount_point);
mount_point = NULL;
}
}
config->mount_point = shadow_copy2_find_mount_point(config,
handle);
if (config->mount_point == NULL) {
- DEBUG(0, (__location__ ": shadow_copy2_find_mount_point"
- " failed: %s\n", strerror(errno)));
+ DBG_WARNING("shadow_copy2_find_mount_point "
+ "of the share root '%s' failed: %s\n",
+ handle->conn->connectpath, strerror(errno));
return -1;
}
}
"relative ('%s'), but it has to be an "
"absolute path. Disabling basedir.\n",
basedir));
+ basedir = NULL;
} else {
char *p;
p = strstr(basedir, config->mount_point);
"mount point (%s). "
"Disabling basedir\n",
basedir, config->mount_point));
- } else {
- config->basedir = talloc_strdup(config,
- basedir);
- if (config->basedir == NULL) {
- DEBUG(0, ("talloc_strdup() failed\n"));
- errno = ENOMEM;
- return -1;
- }
+ basedir = NULL;
}
}
}
- if (config->snapdirseverywhere && config->basedir != NULL) {
+ if (config->snapdirseverywhere && basedir != NULL) {
DEBUG(1, (__location__ " Warning: 'basedir' is incompatible "
"with 'snapdirseverywhere'. Disabling basedir.\n"));
- TALLOC_FREE(config->basedir);
- }
-
- if (config->crossmountpoints && config->basedir != NULL) {
- DEBUG(1, (__location__ " Warning: 'basedir' is incompatible "
- "with 'crossmountpoints'. Disabling basedir.\n"));
- TALLOC_FREE(config->basedir);
+ basedir = NULL;
}
- if (config->basedir == NULL) {
- config->basedir = config->mount_point;
+ if (basedir == NULL) {
+ basedir = config->mount_point;
}
- if (strlen(config->basedir) != strlen(handle->conn->connectpath)) {
+ if (strlen(basedir) != strlen(handle->conn->connectpath)) {
config->rel_connectpath = talloc_strdup(config,
- handle->conn->connectpath + strlen(config->basedir));
+ handle->conn->connectpath + strlen(basedir));
if (config->rel_connectpath == NULL) {
DEBUG(0, ("talloc_strdup() failed\n"));
errno = ENOMEM;
DEBUG(10, ("shadow_copy2_connect: configuration:\n"
" share root: '%s'\n"
- " basedir: '%s'\n"
" mountpoint: '%s'\n"
" rel share root: '%s'\n"
" snapdir: '%s'\n"
" sort order: %s\n"
"",
handle->conn->connectpath,
- config->basedir,
config->mount_point,
config->rel_connectpath,
config->snapdir,
.chmod_acl_fn = shadow_copy2_chmod_acl,
.chflags_fn = shadow_copy2_chflags,
.get_real_filename_fn = shadow_copy2_get_real_filename,
+ .connectpath_fn = shadow_copy2_connectpath,
};
NTSTATUS vfs_shadow_copy2_init(void);
git.samba.org / obnox / samba / samba-obnox.git / blobdiff