2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_file_owner_to_parent(connection_struct *conn,
88 const char *inherit_from_dir,
91 SMB_STRUCT_STAT parent_st;
94 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
96 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
97 "directory %s. Error was %s\n",
98 inherit_from_dir, strerror(errno) ));
103 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
107 "file %s to parent directory uid %u. Error "
108 "was %s\n", fsp->fsp_name,
109 (unsigned int)parent_st.st_uid,
113 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
114 "parent directory uid %u.\n", fsp->fsp_name,
115 (unsigned int)parent_st.st_uid ));
118 static void change_dir_owner_to_parent(connection_struct *conn,
119 const char *inherit_from_dir,
121 SMB_STRUCT_STAT *psbuf)
124 SMB_STRUCT_STAT sbuf;
125 SMB_STRUCT_STAT parent_st;
128 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
130 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
131 "directory %s. Error was %s\n",
132 inherit_from_dir, strerror(errno) ));
136 /* We've already done an lstat into psbuf, and we know it's a
137 directory. If we can cd into the directory and the dev/ino
138 are the same then we can safely chown without races as
139 we're locking the directory in place by being in it. This
140 should work on any UNIX (thanks tridge :-). JRA.
143 if (!vfs_GetWd(conn,saved_dir)) {
144 DEBUG(0,("change_dir_owner_to_parent: failed to get "
145 "current working directory\n"));
149 /* Chdir into the new path. */
150 if (vfs_ChDir(conn, fname) == -1) {
151 DEBUG(0,("change_dir_owner_to_parent: failed to change "
152 "current working directory to %s. Error "
153 "was %s\n", fname, strerror(errno) ));
157 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
158 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
159 "directory '.' (%s) Error was %s\n",
160 fname, strerror(errno)));
164 /* Ensure we're pointing at the same place. */
165 if (sbuf.st_dev != psbuf->st_dev ||
166 sbuf.st_ino != psbuf->st_ino ||
167 sbuf.st_mode != psbuf->st_mode ) {
168 DEBUG(0,("change_dir_owner_to_parent: "
169 "device/inode/mode on directory %s changed. "
170 "Refusing to chown !\n", fname ));
175 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
178 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
179 "directory %s to parent directory uid %u. "
180 "Error was %s\n", fname,
181 (unsigned int)parent_st.st_uid, strerror(errno) ));
185 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
186 "directory %s to parent directory uid %u.\n",
187 fname, (unsigned int)parent_st.st_uid ));
191 vfs_ChDir(conn,saved_dir);
194 /****************************************************************************
196 ****************************************************************************/
198 static NTSTATUS open_file(files_struct *fsp,
199 connection_struct *conn,
200 const char *parent_dir,
203 SMB_STRUCT_STAT *psbuf,
206 uint32 access_mask, /* client requested access mask. */
207 uint32 open_access_mask) /* what we're actually using in the open. */
209 int accmode = (flags & O_ACCMODE);
210 int local_flags = flags;
211 BOOL file_existed = VALID_STAT(*psbuf);
216 /* Check permissions */
219 * This code was changed after seeing a client open request
220 * containing the open mode of (DENY_WRITE/read-only) with
221 * the 'create if not exist' bit set. The previous code
222 * would fail to open the file read only on a read-only share
223 * as it was checking the flags parameter directly against O_RDONLY,
224 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
228 if (!CAN_WRITE(conn)) {
229 /* It's a read-only share - fail if we wanted to write. */
230 if(accmode != O_RDONLY) {
231 DEBUG(3,("Permission denied opening %s\n", path));
232 return NT_STATUS_ACCESS_DENIED;
233 } else if(flags & O_CREAT) {
234 /* We don't want to write - but we must make sure that
235 O_CREAT doesn't create the file if we have write
236 access into the directory.
239 local_flags &= ~O_CREAT;
244 * This little piece of insanity is inspired by the
245 * fact that an NT client can open a file for O_RDONLY,
246 * but set the create disposition to FILE_EXISTS_TRUNCATE.
247 * If the client *can* write to the file, then it expects to
248 * truncate the file, even though it is opening for readonly.
249 * Quicken uses this stupid trick in backup file creation...
250 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
251 * for helping track this one down. It didn't bite us in 2.0.x
252 * as we always opened files read-write in that release. JRA.
255 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
256 DEBUG(10,("open_file: truncate requested on read-only open "
257 "for file %s\n", path));
258 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
261 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
262 (!file_existed && (local_flags & O_CREAT)) ||
263 ((local_flags & O_TRUNC) == O_TRUNC) ) {
266 * We can't actually truncate here as the file may be locked.
267 * open_file_ntcreate will take care of the truncate later. JRA.
270 local_flags &= ~O_TRUNC;
272 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
274 * We would block on opening a FIFO with no one else on the
275 * other end. Do what we used to do and add O_NONBLOCK to the
279 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
280 local_flags |= O_NONBLOCK;
284 /* Don't create files with Microsoft wildcard characters. */
285 if ((local_flags & O_CREAT) && !file_existed &&
287 return NT_STATUS_OBJECT_NAME_INVALID;
290 /* Actually do the open */
291 if (!fd_open(conn, path, fsp, local_flags, unx_mode)) {
292 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
294 path,strerror(errno),local_flags,flags));
295 return map_nt_error_from_unix(errno);
298 if ((local_flags & O_CREAT) && !file_existed) {
300 /* Inherit the ACL if required */
301 if (lp_inherit_perms(SNUM(conn))) {
302 inherit_access_acl(conn, parent_dir, path,
306 /* Change the owner if required. */
307 if (lp_inherit_owner(SNUM(conn))) {
308 change_file_owner_to_parent(conn, parent_dir,
312 notify_fname(conn, NOTIFY_ACTION_ADDED,
313 FILE_NOTIFY_CHANGE_FILE_NAME, path);
317 fsp->fh->fd = -1; /* What we used to call a stat open. */
323 if (fsp->fh->fd == -1) {
324 ret = SMB_VFS_STAT(conn, path, psbuf);
326 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
327 /* If we have an fd, this stat should succeed. */
329 DEBUG(0,("Error doing fstat on open file %s "
330 "(%s)\n", path,strerror(errno) ));
334 /* For a non-io open, this stat failing means file not found. JRA */
336 NTSTATUS status = map_nt_error_from_unix(errno);
343 * POSIX allows read-only opens of directories. We don't
344 * want to do this (we use a different code path for this)
345 * so catch a directory open and return an EISDIR. JRA.
348 if(S_ISDIR(psbuf->st_mode)) {
351 return NT_STATUS_FILE_IS_A_DIRECTORY;
354 fsp->mode = psbuf->st_mode;
355 fsp->inode = psbuf->st_ino;
356 fsp->dev = psbuf->st_dev;
357 fsp->vuid = current_user.vuid;
358 fsp->file_pid = global_smbpid;
359 fsp->can_lock = True;
360 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
361 if (!CAN_WRITE(conn)) {
362 fsp->can_write = False;
364 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
367 fsp->print_file = False;
368 fsp->modified = False;
369 fsp->sent_oplock_break = NO_BREAK_SENT;
370 fsp->is_directory = False;
371 fsp->is_stat = False;
372 if (conn->aio_write_behind_list
373 && is_in_path(path, conn->aio_write_behind_list,
374 conn->case_sensitive)) {
375 fsp->aio_write_behind = True;
378 string_set(&fsp->fsp_name, path);
379 fsp->wcp = NULL; /* Write cache pointer. */
381 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
382 *current_user_info.smb_name ?
383 current_user_info.smb_name : conn->user,fsp->fsp_name,
384 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
385 conn->num_files_open + 1));
391 /*******************************************************************
392 Return True if the filename is one of the special executable types.
393 ********************************************************************/
395 static BOOL is_executable(const char *fname)
397 if ((fname = strrchr_m(fname,'.'))) {
398 if (strequal(fname,".com") ||
399 strequal(fname,".dll") ||
400 strequal(fname,".exe") ||
401 strequal(fname,".sym")) {
408 /****************************************************************************
409 Check if we can open a file with a share mode.
410 Returns True if conflict, False if not.
411 ****************************************************************************/
413 static BOOL share_conflict(struct share_mode_entry *entry,
417 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
418 "entry->share_access = 0x%x, "
419 "entry->private_options = 0x%x\n",
420 (unsigned int)entry->access_mask,
421 (unsigned int)entry->share_access,
422 (unsigned int)entry->private_options));
424 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
425 (unsigned int)access_mask, (unsigned int)share_access));
427 if ((entry->access_mask & (FILE_WRITE_DATA|
431 DELETE_ACCESS)) == 0) {
432 DEBUG(10,("share_conflict: No conflict due to "
433 "entry->access_mask = 0x%x\n",
434 (unsigned int)entry->access_mask ));
438 if ((access_mask & (FILE_WRITE_DATA|
442 DELETE_ACCESS)) == 0) {
443 DEBUG(10,("share_conflict: No conflict due to "
444 "access_mask = 0x%x\n",
445 (unsigned int)access_mask ));
449 #if 1 /* JRA TEST - Superdebug. */
450 #define CHECK_MASK(num, am, right, sa, share) \
451 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
452 (unsigned int)(num), (unsigned int)(am), \
453 (unsigned int)(right), (unsigned int)(am)&(right) )); \
454 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
455 (unsigned int)(num), (unsigned int)(sa), \
456 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
457 if (((am) & (right)) && !((sa) & (share))) { \
458 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
459 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
460 (unsigned int)(share) )); \
464 #define CHECK_MASK(num, am, right, sa, share) \
465 if (((am) & (right)) && !((sa) & (share))) { \
466 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
467 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
468 (unsigned int)(share) )); \
473 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
474 share_access, FILE_SHARE_WRITE);
475 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
476 entry->share_access, FILE_SHARE_WRITE);
478 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
479 share_access, FILE_SHARE_READ);
480 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
481 entry->share_access, FILE_SHARE_READ);
483 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
484 share_access, FILE_SHARE_DELETE);
485 CHECK_MASK(6, access_mask, DELETE_ACCESS,
486 entry->share_access, FILE_SHARE_DELETE);
488 DEBUG(10,("share_conflict: No conflict.\n"));
492 #if defined(DEVELOPER)
493 static void validate_my_share_entries(int num,
494 struct share_mode_entry *share_entry)
498 if (!procid_is_me(&share_entry->pid)) {
502 if (is_deferred_open_entry(share_entry) &&
503 !open_was_deferred(share_entry->op_mid)) {
505 pstr_sprintf(str, "Got a deferred entry without a request: "
506 "PANIC: %s\n", share_mode_str(num, share_entry));
510 if (!is_valid_share_mode_entry(share_entry)) {
514 fsp = file_find_dif(share_entry->dev, share_entry->inode,
515 share_entry->share_file_id);
517 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
518 share_mode_str(num, share_entry) ));
519 smb_panic("validate_my_share_entries: Cannot match a "
520 "share entry with an open file\n");
523 if (is_deferred_open_entry(share_entry) ||
524 is_unused_share_mode_entry(share_entry)) {
528 if ((share_entry->op_type == NO_OPLOCK) &&
529 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
530 /* Someone has already written to it, but I haven't yet
535 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
544 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
545 share_mode_str(num, share_entry) ));
546 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
547 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
548 fsp->fsp_name, (unsigned int)fsp->oplock_type,
549 (unsigned int)share_entry->op_type );
555 static BOOL is_stat_open(uint32 access_mask)
557 return (access_mask &&
558 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
559 FILE_WRITE_ATTRIBUTES))==0) &&
560 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
561 FILE_WRITE_ATTRIBUTES)) != 0));
564 /****************************************************************************
565 Deal with share modes
566 Invarient: Share mode must be locked on entry and exit.
567 Returns -1 on error, or number of share modes on success (may be zero).
568 ****************************************************************************/
570 static NTSTATUS open_mode_check(connection_struct *conn,
572 struct share_mode_lock *lck,
575 uint32 create_options,
580 if(lck->num_share_modes == 0) {
584 *file_existed = True;
586 if (is_stat_open(access_mask)) {
587 /* Stat open that doesn't trigger oplock breaks or share mode
588 * checks... ! JRA. */
592 /* A delete on close prohibits everything */
594 if (lck->delete_on_close) {
595 return NT_STATUS_DELETE_PENDING;
599 * Check if the share modes will give us access.
602 #if defined(DEVELOPER)
603 for(i = 0; i < lck->num_share_modes; i++) {
604 validate_my_share_entries(i, &lck->share_modes[i]);
608 if (!lp_share_modes(SNUM(conn))) {
612 /* Now we check the share modes, after any oplock breaks. */
613 for(i = 0; i < lck->num_share_modes; i++) {
615 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
619 /* someone else has a share lock on it, check to see if we can
621 if (share_conflict(&lck->share_modes[i],
622 access_mask, share_access)) {
623 return NT_STATUS_SHARING_VIOLATION;
630 static BOOL is_delete_request(files_struct *fsp) {
631 return ((fsp->access_mask == DELETE_ACCESS) &&
632 (fsp->oplock_type == NO_OPLOCK));
636 * 1) No files open at all or internal open: Grant whatever the client wants.
638 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
639 * request, break if the oplock around is a batch oplock. If it's another
640 * requested access type, break.
642 * 3) Only level2 around: Grant level2 and do nothing else.
645 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
651 struct share_mode_entry *exclusive = NULL;
652 BOOL valid_entry = False;
653 BOOL delay_it = False;
654 BOOL have_level2 = False;
656 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
658 if (oplock_request & INTERNAL_OPEN_ONLY) {
659 fsp->oplock_type = NO_OPLOCK;
662 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
666 for (i=0; i<lck->num_share_modes; i++) {
668 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
672 /* At least one entry is not an invalid or deferred entry. */
675 if (pass_number == 1) {
676 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
677 SMB_ASSERT(exclusive == NULL);
678 exclusive = &lck->share_modes[i];
681 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
682 SMB_ASSERT(exclusive == NULL);
683 exclusive = &lck->share_modes[i];
687 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
688 SMB_ASSERT(exclusive == NULL);
694 /* All entries are placeholders or deferred.
695 * Directly grant whatever the client wants. */
696 if (fsp->oplock_type == NO_OPLOCK) {
697 /* Store a level2 oplock, but don't tell the client */
698 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
703 if (exclusive != NULL) { /* Found an exclusive oplock */
704 SMB_ASSERT(!have_level2);
705 delay_it = is_delete_request(fsp) ?
706 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
709 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
710 /* We can at most grant level2 as there are other
711 * level2 or NO_OPLOCK entries. */
712 fsp->oplock_type = LEVEL_II_OPLOCK;
715 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
716 /* Store a level2 oplock, but don't tell the client */
717 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
725 * Send a break message to the oplock holder and delay the open for
729 DEBUG(10, ("Sending break request to PID %s\n",
730 procid_str_static(&exclusive->pid)));
731 exclusive->op_mid = get_current_mid();
733 /* Create the message. */
734 share_mode_entry_to_message(msg, exclusive);
736 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
737 don't want this set in the share mode struct pointed to by lck. */
739 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
740 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
743 status = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
744 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
745 if (!NT_STATUS_IS_OK(status)) {
746 DEBUG(3, ("Could not send oplock break message: %s\n",
753 static BOOL request_timed_out(struct timeval request_time,
754 struct timeval timeout)
756 struct timeval now, end_time;
758 end_time = timeval_sum(&request_time, &timeout);
759 return (timeval_compare(&end_time, &now) < 0);
762 /****************************************************************************
763 Handle the 1 second delay in returning a SHARING_VIOLATION error.
764 ****************************************************************************/
766 static void defer_open(struct share_mode_lock *lck,
767 struct timeval request_time,
768 struct timeval timeout,
769 struct deferred_open_record *state)
771 uint16 mid = get_current_mid();
776 for (i=0; i<lck->num_share_modes; i++) {
777 struct share_mode_entry *e = &lck->share_modes[i];
779 if (!is_deferred_open_entry(e)) {
783 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
784 DEBUG(0, ("Trying to defer an already deferred "
785 "request: mid=%d, exiting\n", mid));
786 exit_server("attempt to defer a deferred request");
790 /* End paranoia check */
792 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
793 "open entry for mid %u\n",
794 (unsigned int)request_time.tv_sec,
795 (unsigned int)request_time.tv_usec,
798 if (!push_deferred_smb_message(mid, request_time, timeout,
799 (char *)state, sizeof(*state))) {
800 exit_server("push_deferred_smb_message failed");
802 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
805 * Push the MID of this packet on the signing queue.
806 * We only do this once, the first time we push the packet
807 * onto the deferred open queue, as this has a side effect
808 * of incrementing the response sequence number.
811 srv_defer_sign_response(mid);
815 /****************************************************************************
816 On overwrite open ensure that the attributes match.
817 ****************************************************************************/
819 static BOOL open_match_attributes(connection_struct *conn,
823 mode_t existing_unx_mode,
825 mode_t *returned_unx_mode)
827 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
829 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
830 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
832 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
833 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
834 *returned_unx_mode = new_unx_mode;
836 *returned_unx_mode = (mode_t)0;
839 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
840 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
841 "returned_unx_mode = 0%o\n",
843 (unsigned int)old_dos_attr,
844 (unsigned int)existing_unx_mode,
845 (unsigned int)new_dos_attr,
846 (unsigned int)*returned_unx_mode ));
848 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
849 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
850 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
851 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
855 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
856 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
857 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
864 /****************************************************************************
865 Special FCB or DOS processing in the case of a sharing violation.
866 Try and find a duplicated file handle.
867 ****************************************************************************/
869 static files_struct *fcb_or_dos_open(connection_struct *conn,
870 const char *fname, SMB_DEV_T dev,
874 uint32 create_options)
877 files_struct *dup_fsp;
879 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
880 "file %s.\n", fname ));
882 for(fsp = file_find_di_first(dev, inode); fsp;
883 fsp = file_find_di_next(fsp)) {
885 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
886 "vuid = %u, file_pid = %u, private_options = 0x%x "
887 "access_mask = 0x%x\n", fsp->fsp_name,
888 fsp->fh->fd, (unsigned int)fsp->vuid,
889 (unsigned int)fsp->file_pid,
890 (unsigned int)fsp->fh->private_options,
891 (unsigned int)fsp->access_mask ));
893 if (fsp->fh->fd != -1 &&
894 fsp->vuid == current_user.vuid &&
895 fsp->file_pid == global_smbpid &&
896 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
897 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
898 (fsp->access_mask & FILE_WRITE_DATA) &&
899 strequal(fsp->fsp_name, fname)) {
900 DEBUG(10,("fcb_or_dos_open: file match\n"));
909 /* quite an insane set of semantics ... */
910 if (is_executable(fname) &&
911 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
912 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
916 /* We need to duplicate this fsp. */
917 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
918 create_options, &dup_fsp))) {
925 /****************************************************************************
926 Open a file with a share mode - old openX method - map into NTCreate.
927 ****************************************************************************/
929 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
930 uint32 *paccess_mask,
932 uint32 *pcreate_disposition,
933 uint32 *pcreate_options)
937 uint32 create_disposition;
938 uint32 create_options = 0;
940 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
941 "open_func = 0x%x\n",
942 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
944 /* Create the NT compatible access_mask. */
945 switch (GET_OPENX_MODE(deny_mode)) {
946 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
947 case DOS_OPEN_RDONLY:
948 access_mask = FILE_GENERIC_READ;
950 case DOS_OPEN_WRONLY:
951 access_mask = FILE_GENERIC_WRITE;
955 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
958 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
959 (unsigned int)GET_OPENX_MODE(deny_mode)));
963 /* Create the NT compatible create_disposition. */
965 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
966 create_disposition = FILE_CREATE;
969 case OPENX_FILE_EXISTS_OPEN:
970 create_disposition = FILE_OPEN;
973 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
974 create_disposition = FILE_OPEN_IF;
977 case OPENX_FILE_EXISTS_TRUNCATE:
978 create_disposition = FILE_OVERWRITE;
981 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
982 create_disposition = FILE_OVERWRITE_IF;
986 /* From samba4 - to be confirmed. */
987 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
988 create_disposition = FILE_CREATE;
991 DEBUG(10,("map_open_params_to_ntcreate: bad "
992 "open_func 0x%x\n", (unsigned int)open_func));
996 /* Create the NT compatible share modes. */
997 switch (GET_DENY_MODE(deny_mode)) {
999 share_mode = FILE_SHARE_NONE;
1003 share_mode = FILE_SHARE_READ;
1007 share_mode = FILE_SHARE_WRITE;
1011 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1015 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1016 if (is_executable(fname)) {
1017 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1019 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1020 share_mode = FILE_SHARE_READ;
1022 share_mode = FILE_SHARE_NONE;
1028 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1029 share_mode = FILE_SHARE_NONE;
1033 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1034 (unsigned int)GET_DENY_MODE(deny_mode) ));
1038 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1039 "share_mode = 0x%x, create_disposition = 0x%x, "
1040 "create_options = 0x%x\n",
1042 (unsigned int)access_mask,
1043 (unsigned int)share_mode,
1044 (unsigned int)create_disposition,
1045 (unsigned int)create_options ));
1048 *paccess_mask = access_mask;
1051 *pshare_mode = share_mode;
1053 if (pcreate_disposition) {
1054 *pcreate_disposition = create_disposition;
1056 if (pcreate_options) {
1057 *pcreate_options = create_options;
1064 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1066 struct deferred_open_record state;
1068 /* This is a relative time, added to the absolute
1069 request_time value to get the absolute timeout time.
1070 Note that if this is the second or greater time we enter
1071 this codepath for this particular request mid then
1072 request_time is left as the absolute time of the *first*
1073 time this request mid was processed. This is what allows
1074 the request to eventually time out. */
1076 struct timeval timeout;
1078 /* Normally the smbd we asked should respond within
1079 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1080 * the client did, give twice the timeout as a safety
1081 * measure here in case the other smbd is stuck
1082 * somewhere else. */
1084 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1086 /* Nothing actually uses state.delayed_for_oplocks
1087 but it's handy to differentiate in debug messages
1088 between a 30 second delay due to oplock break, and
1089 a 1 second delay for share mode conflicts. */
1091 state.delayed_for_oplocks = True;
1092 state.dev = lck->dev;
1093 state.inode = lck->ino;
1095 if (!request_timed_out(request_time, timeout)) {
1096 defer_open(lck, request_time, timeout, &state);
1100 /****************************************************************************
1101 Open a file with a share mode.
1102 ****************************************************************************/
1104 NTSTATUS open_file_ntcreate(connection_struct *conn,
1106 SMB_STRUCT_STAT *psbuf,
1107 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1108 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1109 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1110 uint32 create_options, /* options such as delete on close. */
1111 uint32 new_dos_attributes, /* attributes used for new file. */
1112 int oplock_request, /* internal Samba oplock codes. */
1113 /* Information (FILE_EXISTS etc.) */
1115 files_struct **result)
1119 BOOL file_existed = VALID_STAT(*psbuf);
1120 BOOL def_acl = False;
1122 SMB_INO_T inode = 0;
1123 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1124 files_struct *fsp = NULL;
1125 mode_t new_unx_mode = (mode_t)0;
1126 mode_t unx_mode = (mode_t)0;
1128 uint32 existing_dos_attributes = 0;
1129 struct pending_message_list *pml = NULL;
1130 uint16 mid = get_current_mid();
1131 struct timeval request_time = timeval_zero();
1132 struct share_mode_lock *lck = NULL;
1133 uint32 open_access_mask = access_mask;
1137 const char *newname;
1139 if (conn->printer) {
1141 * Printers are handled completely differently.
1142 * Most of the passed parameters are ignored.
1146 *pinfo = FILE_WAS_CREATED;
1149 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1151 return print_fsp_open(conn, fname, result);
1154 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1156 return NT_STATUS_NO_MEMORY;
1159 /* We add aARCH to this as this mode is only used if the file is
1161 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1164 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1165 "access_mask=0x%x share_access=0x%x "
1166 "create_disposition = 0x%x create_options=0x%x "
1167 "unix mode=0%o oplock_request=%d\n",
1168 fname, new_dos_attributes, access_mask, share_access,
1169 create_disposition, create_options, unx_mode,
1172 if ((pml = get_open_deferred_message(mid)) != NULL) {
1173 struct deferred_open_record *state =
1174 (struct deferred_open_record *)pml->private_data.data;
1176 /* Remember the absolute time of the original
1177 request with this mid. We'll use it later to
1178 see if this has timed out. */
1180 request_time = pml->request_time;
1182 /* Remove the deferred open entry under lock. */
1183 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1185 DEBUG(0, ("could not get share mode lock\n"));
1187 del_deferred_open_entry(lck, mid);
1191 /* Ensure we don't reprocess this message. */
1192 remove_deferred_open_smb_message(mid);
1195 status = check_name(conn, fname);
1196 if (!NT_STATUS_IS_OK(status)) {
1200 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1202 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1205 /* ignore any oplock requests if oplocks are disabled */
1206 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1207 IS_VETO_OPLOCK_PATH(conn, fname)) {
1208 /* Mask off everything except the private Samba bits. */
1209 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1212 /* this is for OS/2 long file names - say we don't support them */
1213 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1214 /* OS/2 Workplace shell fix may be main code stream in a later
1216 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1218 if (use_nt_status()) {
1219 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1221 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1224 switch( create_disposition ) {
1226 * Currently we're using FILE_SUPERSEDE as the same as
1227 * FILE_OVERWRITE_IF but they really are
1228 * different. FILE_SUPERSEDE deletes an existing file
1229 * (requiring delete access) then recreates it.
1231 case FILE_SUPERSEDE:
1232 /* If file exists replace/overwrite. If file doesn't
1234 flags2 |= (O_CREAT | O_TRUNC);
1237 case FILE_OVERWRITE_IF:
1238 /* If file exists replace/overwrite. If file doesn't
1240 flags2 |= (O_CREAT | O_TRUNC);
1244 /* If file exists open. If file doesn't exist error. */
1245 if (!file_existed) {
1246 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1247 "requested for file %s and file "
1248 "doesn't exist.\n", fname ));
1250 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1254 case FILE_OVERWRITE:
1255 /* If file exists overwrite. If file doesn't exist
1257 if (!file_existed) {
1258 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1259 "requested for file %s and file "
1260 "doesn't exist.\n", fname ));
1262 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1268 /* If file exists error. If file doesn't exist
1271 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1272 "requested for file %s and file "
1273 "already exists.\n", fname ));
1274 if (S_ISDIR(psbuf->st_mode)) {
1279 return map_nt_error_from_unix(errno);
1281 flags2 |= (O_CREAT|O_EXCL);
1285 /* If file exists open. If file doesn't exist
1291 return NT_STATUS_INVALID_PARAMETER;
1294 /* We only care about matching attributes on file exists and
1297 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1298 (create_disposition == FILE_OVERWRITE_IF))) {
1299 if (!open_match_attributes(conn, fname,
1300 existing_dos_attributes,
1301 new_dos_attributes, psbuf->st_mode,
1302 unx_mode, &new_unx_mode)) {
1303 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1304 "for file %s (%x %x) (0%o, 0%o)\n",
1305 fname, existing_dos_attributes,
1307 (unsigned int)psbuf->st_mode,
1308 (unsigned int)unx_mode ));
1310 return NT_STATUS_ACCESS_DENIED;
1314 /* This is a nasty hack - must fix... JRA. */
1315 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1316 open_access_mask = access_mask = FILE_GENERIC_ALL;
1320 * Convert GENERIC bits to specific bits.
1323 se_map_generic(&access_mask, &file_generic_mapping);
1324 open_access_mask = access_mask;
1326 if (flags2 & O_TRUNC) {
1327 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1330 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1331 "access_mask=0x%x\n", fname, access_mask ));
1334 * Note that we ignore the append flag as append does not
1335 * mean the same thing under DOS and Unix.
1338 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1339 /* DENY_DOS opens are always underlying read-write on the
1340 file handle, no matter what the requested access mask
1342 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1343 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1353 * Currently we only look at FILE_WRITE_THROUGH for create options.
1357 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1362 if (!CAN_WRITE(conn)) {
1364 * We should really return a permission denied error if either
1365 * O_CREAT or O_TRUNC are set, but for compatibility with
1366 * older versions of Samba we just AND them out.
1368 flags2 &= ~(O_CREAT|O_TRUNC);
1372 * Ensure we can't write on a read-only share or file.
1375 if (flags != O_RDONLY && file_existed &&
1376 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1377 DEBUG(5,("open_file_ntcreate: write access requested for "
1378 "file %s on read only %s\n",
1379 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1381 return NT_STATUS_ACCESS_DENIED;
1384 status = file_new(conn, &fsp);
1385 if(!NT_STATUS_IS_OK(status)) {
1389 fsp->dev = psbuf->st_dev;
1390 fsp->inode = psbuf->st_ino;
1391 fsp->share_access = share_access;
1392 fsp->fh->private_options = create_options;
1393 fsp->access_mask = open_access_mask; /* We change this to the
1394 * requested access_mask after
1395 * the open is done. */
1396 /* Ensure no SAMBA_PRIVATE bits can be set. */
1397 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1399 if (timeval_is_zero(&request_time)) {
1400 request_time = fsp->open_time;
1404 dev = psbuf->st_dev;
1405 inode = psbuf->st_ino;
1407 lck = get_share_mode_lock(NULL, dev, inode,
1413 DEBUG(0, ("Could not get share mode lock\n"));
1414 return NT_STATUS_SHARING_VIOLATION;
1417 /* First pass - send break only on batch oplocks. */
1418 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1419 schedule_defer_open(lck, request_time);
1422 return NT_STATUS_SHARING_VIOLATION;
1425 /* Use the client requested access mask here, not the one we
1427 status = open_mode_check(conn, fname, lck,
1428 access_mask, share_access,
1429 create_options, &file_existed);
1431 if (NT_STATUS_IS_OK(status)) {
1432 /* We might be going to allow this open. Check oplock
1434 /* Second pass - send break for both batch or
1435 * exclusive oplocks. */
1436 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1437 schedule_defer_open(lck, request_time);
1440 return NT_STATUS_SHARING_VIOLATION;
1444 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1445 /* DELETE_PENDING is not deferred for a second */
1451 if (!NT_STATUS_IS_OK(status)) {
1452 uint32 can_access_mask;
1453 BOOL can_access = True;
1455 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1457 /* Check if this can be done with the deny_dos and fcb
1459 if (create_options &
1460 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1461 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1462 files_struct *fsp_dup;
1464 /* Use the client requested access mask here,
1465 * not the one we open with. */
1466 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1475 *pinfo = FILE_WAS_OPENED;
1477 conn->num_files_open++;
1479 return NT_STATUS_OK;
1484 * This next line is a subtlety we need for
1485 * MS-Access. If a file open will fail due to share
1486 * permissions and also for security (access) reasons,
1487 * we need to return the access failed error, not the
1488 * share error. We can't open the file due to kernel
1489 * oplock deadlock (it's possible we failed above on
1490 * the open_mode_check()) so use a userspace check.
1493 if (flags & O_RDWR) {
1494 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1495 } else if (flags & O_WRONLY) {
1496 can_access_mask = FILE_WRITE_DATA;
1498 can_access_mask = FILE_READ_DATA;
1501 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1502 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1507 * If we're returning a share violation, ensure we
1508 * cope with the braindead 1 second delay.
1511 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1512 lp_defer_sharing_violations()) {
1513 struct timeval timeout;
1514 struct deferred_open_record state;
1517 /* this is a hack to speed up torture tests
1519 timeout_usecs = lp_parm_int(SNUM(conn),
1520 "smbd","sharedelay",
1521 SHARING_VIOLATION_USEC_WAIT);
1523 /* This is a relative time, added to the absolute
1524 request_time value to get the absolute timeout time.
1525 Note that if this is the second or greater time we enter
1526 this codepath for this particular request mid then
1527 request_time is left as the absolute time of the *first*
1528 time this request mid was processed. This is what allows
1529 the request to eventually time out. */
1531 timeout = timeval_set(0, timeout_usecs);
1533 /* Nothing actually uses state.delayed_for_oplocks
1534 but it's handy to differentiate in debug messages
1535 between a 30 second delay due to oplock break, and
1536 a 1 second delay for share mode conflicts. */
1538 state.delayed_for_oplocks = False;
1540 state.inode = inode;
1542 if (!request_timed_out(request_time,
1544 defer_open(lck, request_time, timeout,
1552 * We have detected a sharing violation here
1553 * so return the correct error code
1555 status = NT_STATUS_SHARING_VIOLATION;
1557 status = NT_STATUS_ACCESS_DENIED;
1564 * We exit this block with the share entry *locked*.....
1568 SMB_ASSERT(!file_existed || (lck != NULL));
1571 * Ensure we pay attention to default ACLs on directories if required.
1574 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1575 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1579 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1580 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1581 (unsigned int)flags, (unsigned int)flags2,
1582 (unsigned int)unx_mode, (unsigned int)access_mask,
1583 (unsigned int)open_access_mask));
1586 * open_file strips any O_TRUNC flags itself.
1589 fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1590 flags|flags2, unx_mode, access_mask,
1593 if (!NT_STATUS_IS_OK(fsp_open)) {
1601 if (!file_existed) {
1604 * Deal with the race condition where two smbd's detect the
1605 * file doesn't exist and do the create at the same time. One
1606 * of them will win and set a share mode, the other (ie. this
1607 * one) should check if the requested share mode for this
1608 * create is allowed.
1612 * Now the file exists and fsp is successfully opened,
1613 * fsp->dev and fsp->inode are valid and should replace the
1614 * dev=0,inode=0 from a non existent file. Spotted by
1615 * Nadav Danieli <nadavd@exanet.com>. JRA.
1621 lck = get_share_mode_lock(NULL, dev, inode,
1626 DEBUG(0, ("open_file_ntcreate: Could not get share "
1627 "mode lock for %s\n", fname));
1628 fd_close(conn, fsp);
1630 return NT_STATUS_SHARING_VIOLATION;
1633 status = open_mode_check(conn, fname, lck,
1634 access_mask, share_access,
1635 create_options, &file_existed);
1637 if (!NT_STATUS_IS_OK(status)) {
1638 struct deferred_open_record state;
1640 fd_close(conn, fsp);
1643 state.delayed_for_oplocks = False;
1645 state.inode = inode;
1647 /* Do it all over again immediately. In the second
1648 * round we will find that the file existed and handle
1649 * the DELETE_PENDING and FCB cases correctly. No need
1650 * to duplicate the code here. Essentially this is a
1651 * "goto top of this function", but don't tell
1654 defer_open(lck, request_time, timeval_zero(),
1661 * We exit this block with the share entry *locked*.....
1666 SMB_ASSERT(lck != NULL);
1668 /* note that we ignore failure for the following. It is
1669 basically a hack for NFS, and NFS will never set one of
1670 these only read them. Nobody but Samba can ever set a deny
1671 mode and we have already checked our more authoritative
1672 locking database for permission to set this deny mode. If
1673 the kernel refuses the operations then the kernel is wrong.
1674 note that GPFS supports it as well - jmcd */
1676 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1677 if(ret_flock == -1 ){
1680 fd_close(conn, fsp);
1683 return NT_STATUS_SHARING_VIOLATION;
1687 * At this point onwards, we can guarentee that the share entry
1688 * is locked, whether we created the file or not, and that the
1689 * deny mode is compatible with all current opens.
1693 * If requested, truncate the file.
1696 if (flags2&O_TRUNC) {
1698 * We are modifing the file after open - update the stat
1701 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1702 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1703 status = map_nt_error_from_unix(errno);
1711 /* Record the options we were opened with. */
1712 fsp->share_access = share_access;
1713 fsp->fh->private_options = create_options;
1714 fsp->access_mask = access_mask;
1717 /* stat opens on existing files don't get oplocks. */
1718 if (is_stat_open(open_access_mask)) {
1719 fsp->oplock_type = NO_OPLOCK;
1722 if (!(flags2 & O_TRUNC)) {
1723 info = FILE_WAS_OPENED;
1725 info = FILE_WAS_OVERWRITTEN;
1728 info = FILE_WAS_CREATED;
1736 * Setup the oplock info in both the shared memory and
1740 if ((fsp->oplock_type != NO_OPLOCK) &&
1741 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1742 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1743 /* Could not get the kernel oplock */
1744 fsp->oplock_type = NO_OPLOCK;
1747 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1749 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1750 info == FILE_WAS_SUPERSEDED) {
1752 /* Handle strange delete on close create semantics. */
1753 if (create_options & FILE_DELETE_ON_CLOSE) {
1754 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1756 if (!NT_STATUS_IS_OK(status)) {
1757 /* Remember to delete the mode we just added. */
1758 del_share_mode(lck, fsp);
1764 /* Note that here we set the *inital* delete on close flag,
1765 not the regular one. The magic gets handled in close. */
1766 fsp->initial_delete_on_close = True;
1769 /* Files should be initially set as archive */
1770 if (lp_map_archive(SNUM(conn)) ||
1771 lp_store_dos_attributes(SNUM(conn))) {
1772 file_set_dosmode(conn, fname,
1773 new_dos_attributes | aARCH, NULL,
1779 * Take care of inherited ACLs on created files - if default ACL not
1783 if (!file_existed && !def_acl) {
1785 int saved_errno = errno; /* We might get ENOSYS in the next
1788 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1790 errno = saved_errno; /* Ignore ENOSYS */
1793 } else if (new_unx_mode) {
1797 /* Attributes need changing. File already existed. */
1800 int saved_errno = errno; /* We might get ENOSYS in the
1802 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1805 if (ret == -1 && errno == ENOSYS) {
1806 errno = saved_errno; /* Ignore ENOSYS */
1808 DEBUG(5, ("open_file_ntcreate: reset "
1809 "attributes of file %s to 0%o\n",
1810 fname, (unsigned int)new_unx_mode));
1811 ret = 0; /* Don't do the fchmod below. */
1816 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1817 DEBUG(5, ("open_file_ntcreate: failed to reset "
1818 "attributes of file %s to 0%o\n",
1819 fname, (unsigned int)new_unx_mode));
1822 /* If this is a successful open, we must remove any deferred open
1824 del_deferred_open_entry(lck, mid);
1827 conn->num_files_open++;
1830 return NT_STATUS_OK;
1833 /****************************************************************************
1834 Open a file for for write to ensure that we can fchmod it.
1835 ****************************************************************************/
1837 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1838 SMB_STRUCT_STAT *psbuf, files_struct **result)
1840 files_struct *fsp = NULL;
1843 if (!VALID_STAT(*psbuf)) {
1844 return NT_STATUS_INVALID_PARAMETER;
1847 status = file_new(conn, &fsp);
1848 if(!NT_STATUS_IS_OK(status)) {
1852 /* note! we must use a non-zero desired access or we don't get
1853 a real file descriptor. Oh what a twisted web we weave. */
1854 status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1855 FILE_WRITE_DATA, FILE_WRITE_DATA);
1858 * This is not a user visible file open.
1859 * Don't set a share mode and don't increment
1860 * the conn->num_files_open.
1863 if (!NT_STATUS_IS_OK(status)) {
1869 return NT_STATUS_OK;
1872 /****************************************************************************
1873 Close the fchmod file fd - ensure no locks are lost.
1874 ****************************************************************************/
1876 int close_file_fchmod(files_struct *fsp)
1878 int ret = fd_close(fsp->conn, fsp);
1883 static NTSTATUS mkdir_internal(connection_struct *conn, const char *name,
1884 SMB_STRUCT_STAT *psbuf)
1889 const char *dirname;
1892 if(!CAN_WRITE(conn)) {
1893 DEBUG(5,("mkdir_internal: failing create on read-only share "
1894 "%s\n", lp_servicename(SNUM(conn))));
1895 return NT_STATUS_ACCESS_DENIED;
1898 status = check_name(conn, name);
1899 if (!NT_STATUS_IS_OK(status)) {
1903 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1905 return NT_STATUS_NO_MEMORY;
1908 mode = unix_mode(conn, aDIR, name, parent_dir);
1910 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1911 return map_nt_error_from_unix(errno);
1914 /* Ensure we're checking for a symlink here.... */
1915 /* We don't want to get caught by a symlink racer. */
1917 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1918 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1919 name, strerror(errno)));
1920 return map_nt_error_from_unix(errno);
1923 if (!S_ISDIR(psbuf->st_mode)) {
1924 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1926 return NT_STATUS_ACCESS_DENIED;
1929 if (lp_inherit_perms(SNUM(conn))) {
1930 inherit_access_acl(conn, parent_dir, name, mode);
1934 * Check if high bits should have been set,
1935 * then (if bits are missing): add them.
1936 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1939 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1940 SMB_VFS_CHMOD(conn, name,
1941 psbuf->st_mode | (mode & ~psbuf->st_mode));
1944 /* Change the owner if required. */
1945 if (lp_inherit_owner(SNUM(conn))) {
1946 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1949 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
1952 return NT_STATUS_OK;
1955 /****************************************************************************
1956 Open a directory from an NT SMB call.
1957 ****************************************************************************/
1959 NTSTATUS open_directory(connection_struct *conn,
1961 SMB_STRUCT_STAT *psbuf,
1963 uint32 share_access,
1964 uint32 create_disposition,
1965 uint32 create_options,
1967 files_struct **result)
1969 files_struct *fsp = NULL;
1970 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1971 struct share_mode_lock *lck = NULL;
1975 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1976 "share_access = 0x%x create_options = 0x%x, "
1977 "create_disposition = 0x%x\n",
1979 (unsigned int)access_mask,
1980 (unsigned int)share_access,
1981 (unsigned int)create_options,
1982 (unsigned int)create_disposition));
1984 if (is_ntfs_stream_name(fname)) {
1985 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1986 return NT_STATUS_NOT_A_DIRECTORY;
1989 switch( create_disposition ) {
1992 info = FILE_WAS_OPENED;
1995 * We want to follow symlinks here.
1998 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
1999 return map_nt_error_from_unix(errno);
2006 /* If directory exists error. If directory doesn't
2009 status = mkdir_internal(conn, fname, psbuf);
2010 if (!NT_STATUS_IS_OK(status)) {
2011 DEBUG(2, ("open_directory: unable to create "
2012 "%s. Error was %s\n", fname,
2013 nt_errstr(status)));
2017 info = FILE_WAS_CREATED;
2022 * If directory exists open. If directory doesn't
2026 status = mkdir_internal(conn, fname, psbuf);
2028 if (NT_STATUS_IS_OK(status)) {
2029 info = FILE_WAS_CREATED;
2032 if (NT_STATUS_EQUAL(status,
2033 NT_STATUS_OBJECT_NAME_COLLISION)) {
2034 info = FILE_WAS_OPENED;
2035 status = NT_STATUS_OK;
2040 case FILE_SUPERSEDE:
2041 case FILE_OVERWRITE:
2042 case FILE_OVERWRITE_IF:
2044 DEBUG(5,("open_directory: invalid create_disposition "
2045 "0x%x for directory %s\n",
2046 (unsigned int)create_disposition, fname));
2047 return NT_STATUS_INVALID_PARAMETER;
2050 if(!S_ISDIR(psbuf->st_mode)) {
2051 DEBUG(5,("open_directory: %s is not a directory !\n",
2053 return NT_STATUS_NOT_A_DIRECTORY;
2056 status = file_new(conn, &fsp);
2057 if(!NT_STATUS_IS_OK(status)) {
2062 * Setup the files_struct for it.
2065 fsp->mode = psbuf->st_mode;
2066 fsp->inode = psbuf->st_ino;
2067 fsp->dev = psbuf->st_dev;
2068 fsp->vuid = current_user.vuid;
2069 fsp->file_pid = global_smbpid;
2070 fsp->can_lock = False;
2071 fsp->can_read = False;
2072 fsp->can_write = False;
2074 fsp->share_access = share_access;
2075 fsp->fh->private_options = create_options;
2076 fsp->access_mask = access_mask;
2078 fsp->print_file = False;
2079 fsp->modified = False;
2080 fsp->oplock_type = NO_OPLOCK;
2081 fsp->sent_oplock_break = NO_BREAK_SENT;
2082 fsp->is_directory = True;
2083 fsp->is_stat = False;
2084 string_set(&fsp->fsp_name,fname);
2086 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2091 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2093 return NT_STATUS_SHARING_VIOLATION;
2096 status = open_mode_check(conn, fname, lck,
2097 access_mask, share_access,
2098 create_options, &dir_existed);
2100 if (!NT_STATUS_IS_OK(status)) {
2106 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2108 /* For directories the delete on close bit at open time seems
2109 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2110 if (create_options & FILE_DELETE_ON_CLOSE) {
2111 status = can_set_delete_on_close(fsp, True, 0);
2112 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2118 if (NT_STATUS_IS_OK(status)) {
2119 /* Note that here we set the *inital* delete on close flag,
2120 not the regular one. The magic gets handled in close. */
2121 fsp->initial_delete_on_close = True;
2131 conn->num_files_open++;
2134 return NT_STATUS_OK;
2137 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2140 SMB_STRUCT_STAT sbuf;
2143 SET_STAT_INVALID(sbuf);
2145 status = open_directory(conn, directory, &sbuf,
2146 FILE_READ_ATTRIBUTES, /* Just a stat open */
2147 FILE_SHARE_NONE, /* Ignored for stat opens */
2148 FILE_CREATE, 0, NULL, &fsp);
2150 if (NT_STATUS_IS_OK(status)) {
2151 close_file(fsp, NORMAL_CLOSE);
2157 /****************************************************************************
2158 Open a pseudo-file (no locking checks - a 'stat' open).
2159 ****************************************************************************/
2161 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2162 SMB_STRUCT_STAT *psbuf, files_struct **result)
2164 files_struct *fsp = NULL;
2167 if (!VALID_STAT(*psbuf)) {
2168 return NT_STATUS_INVALID_PARAMETER;
2171 /* Can't 'stat' open directories. */
2172 if(S_ISDIR(psbuf->st_mode)) {
2173 return NT_STATUS_FILE_IS_A_DIRECTORY;
2176 status = file_new(conn, &fsp);
2177 if(!NT_STATUS_IS_OK(status)) {
2181 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2184 * Setup the files_struct for it.
2187 fsp->mode = psbuf->st_mode;
2188 fsp->inode = psbuf->st_ino;
2189 fsp->dev = psbuf->st_dev;
2190 fsp->vuid = current_user.vuid;
2191 fsp->file_pid = global_smbpid;
2192 fsp->can_lock = False;
2193 fsp->can_read = False;
2194 fsp->can_write = False;
2195 fsp->print_file = False;
2196 fsp->modified = False;
2197 fsp->oplock_type = NO_OPLOCK;
2198 fsp->sent_oplock_break = NO_BREAK_SENT;
2199 fsp->is_directory = False;
2200 fsp->is_stat = True;
2201 string_set(&fsp->fsp_name,fname);
2203 conn->num_files_open++;
2206 return NT_STATUS_OK;
2209 /****************************************************************************
2210 Receive notification that one of our open files has been renamed by another
2212 ****************************************************************************/
2214 void msg_file_was_renamed(int msg_type, struct process_id src,
2215 void *buf, size_t len, void *private_data)
2218 char *frm = (char *)buf;
2221 const char *sharepath;
2222 const char *newname;
2225 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2226 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2230 /* Unpack the message. */
2231 dev = DEV_T_VAL(frm,0);
2232 inode = INO_T_VAL(frm,8);
2233 sharepath = &frm[16];
2234 newname = sharepath + strlen(sharepath) + 1;
2235 sp_len = strlen(sharepath);
2237 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2238 "dev %x, inode %.0f\n",
2239 sharepath, newname, (unsigned int)dev, (double)inode ));
2241 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2242 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2243 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2244 fsp->fnum, fsp->fsp_name, newname ));
2245 string_set(&fsp->fsp_name, newname);
2248 /* Now we have the complete path we can work out if this is
2249 actually within this share and adjust newname accordingly. */
2250 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2251 "not sharepath %s) "
2252 "fnum %d from %s -> %s\n",
2253 fsp->conn->connectpath,