2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_fd_owner_to_parent(connection_struct *conn,
90 const char *parent_path = parent_dirname(fsp->fsp_name);
91 SMB_STRUCT_STAT parent_st;
94 ret = SMB_VFS_STAT(conn, parent_path, &parent_st);
96 DEBUG(0,("change_fd_owner_to_parent: failed to stat parent "
97 "directory %s. Error was %s\n",
98 parent_path, strerror(errno) ));
103 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 DEBUG(0,("change_fd_owner_to_parent: failed to fchown "
107 "file %s to parent directory uid %u. Error "
108 "was %s\n", fsp->fsp_name,
109 (unsigned int)parent_st.st_uid,
113 DEBUG(10,("change_fd_owner_to_parent: changed new file %s to "
114 "parent directory uid %u.\n", fsp->fsp_name,
115 (unsigned int)parent_st.st_uid ));
118 static void change_owner_to_parent(connection_struct *conn,
120 SMB_STRUCT_STAT *psbuf)
123 SMB_STRUCT_STAT sbuf;
124 const char *parent_path = parent_dirname(fname);
125 SMB_STRUCT_STAT parent_st;
128 ret = SMB_VFS_STAT(conn, parent_path, &parent_st);
130 DEBUG(0,("change_owner_to_parent: failed to stat parent "
131 "directory %s. Error was %s\n",
132 parent_path, strerror(errno) ));
136 /* We've already done an lstat into psbuf, and we know it's a
137 directory. If we can cd into the directory and the dev/ino
138 are the same then we can safely chown without races as
139 we're locking the directory in place by being in it. This
140 should work on any UNIX (thanks tridge :-). JRA.
143 if (!vfs_GetWd(conn,saved_dir)) {
144 DEBUG(0,("change_owner_to_parent: failed to get "
145 "current working directory\n"));
149 /* Chdir into the new path. */
150 if (vfs_ChDir(conn, fname) == -1) {
151 DEBUG(0,("change_owner_to_parent: failed to change "
152 "current working directory to %s. Error "
153 "was %s\n", fname, strerror(errno) ));
157 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
158 DEBUG(0,("change_owner_to_parent: failed to stat "
159 "directory '.' (%s) Error was %s\n",
160 fname, strerror(errno)));
164 /* Ensure we're pointing at the same place. */
165 if (sbuf.st_dev != psbuf->st_dev ||
166 sbuf.st_ino != psbuf->st_ino ||
167 sbuf.st_mode != psbuf->st_mode ) {
168 DEBUG(0,("change_owner_to_parent: "
169 "device/inode/mode on directory %s changed. "
170 "Refusing to chown !\n", fname ));
175 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
178 DEBUG(10,("change_owner_to_parent: failed to chown "
179 "directory %s to parent directory uid %u. "
180 "Error was %s\n", fname,
181 (unsigned int)parent_st.st_uid, strerror(errno) ));
185 DEBUG(10,("change_owner_to_parent: changed ownership of new "
186 "directory %s to parent directory uid %u.\n",
187 fname, (unsigned int)parent_st.st_uid ));
191 vfs_ChDir(conn,saved_dir);
194 /****************************************************************************
196 ****************************************************************************/
198 static NTSTATUS open_file(files_struct *fsp,
199 connection_struct *conn,
201 SMB_STRUCT_STAT *psbuf,
204 uint32 access_mask, /* client requested access mask. */
205 uint32 open_access_mask) /* what we're actually using in the open. */
207 int accmode = (flags & O_ACCMODE);
208 int local_flags = flags;
209 BOOL file_existed = VALID_STAT(*psbuf);
214 /* Check permissions */
217 * This code was changed after seeing a client open request
218 * containing the open mode of (DENY_WRITE/read-only) with
219 * the 'create if not exist' bit set. The previous code
220 * would fail to open the file read only on a read-only share
221 * as it was checking the flags parameter directly against O_RDONLY,
222 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
226 if (!CAN_WRITE(conn)) {
227 /* It's a read-only share - fail if we wanted to write. */
228 if(accmode != O_RDONLY) {
229 DEBUG(3,("Permission denied opening %s\n",fname));
230 return NT_STATUS_ACCESS_DENIED;
231 } else if(flags & O_CREAT) {
232 /* We don't want to write - but we must make sure that
233 O_CREAT doesn't create the file if we have write
234 access into the directory.
237 local_flags &= ~O_CREAT;
242 * This little piece of insanity is inspired by the
243 * fact that an NT client can open a file for O_RDONLY,
244 * but set the create disposition to FILE_EXISTS_TRUNCATE.
245 * If the client *can* write to the file, then it expects to
246 * truncate the file, even though it is opening for readonly.
247 * Quicken uses this stupid trick in backup file creation...
248 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
249 * for helping track this one down. It didn't bite us in 2.0.x
250 * as we always opened files read-write in that release. JRA.
253 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
254 DEBUG(10,("open_file: truncate requested on read-only open "
255 "for file %s\n",fname ));
256 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
259 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
260 (!file_existed && (local_flags & O_CREAT)) ||
261 ((local_flags & O_TRUNC) == O_TRUNC) ) {
264 * We can't actually truncate here as the file may be locked.
265 * open_file_ntcreate will take care of the truncate later. JRA.
268 local_flags &= ~O_TRUNC;
270 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
272 * We would block on opening a FIFO with no one else on the
273 * other end. Do what we used to do and add O_NONBLOCK to the
277 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
278 local_flags |= O_NONBLOCK;
282 /* Don't create files with Microsoft wildcard characters. */
283 if ((local_flags & O_CREAT) && !file_existed &&
284 ms_has_wild(fname)) {
285 return NT_STATUS_OBJECT_NAME_INVALID;
288 /* Actually do the open */
289 if (!fd_open(conn, fname, fsp, local_flags, unx_mode)) {
290 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
292 fname,strerror(errno),local_flags,flags));
293 return map_nt_error_from_unix(errno);
296 /* Inherit the ACL if the file was created. */
297 if ((local_flags & O_CREAT)
299 && lp_inherit_perms(SNUM(conn))) {
300 inherit_access_acl(conn, fname, unx_mode);
304 fsp->fh->fd = -1; /* What we used to call a stat open. */
310 if (fsp->fh->fd == -1) {
311 ret = SMB_VFS_STAT(conn, fname, psbuf);
313 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
314 /* If we have an fd, this stat should succeed. */
316 DEBUG(0,("Error doing fstat on open file %s "
317 "(%s)\n", fname,strerror(errno) ));
321 /* For a non-io open, this stat failing means file not found. JRA */
323 NTSTATUS status = map_nt_error_from_unix(errno);
330 * POSIX allows read-only opens of directories. We don't
331 * want to do this (we use a different code path for this)
332 * so catch a directory open and return an EISDIR. JRA.
335 if(S_ISDIR(psbuf->st_mode)) {
338 return NT_STATUS_FILE_IS_A_DIRECTORY;
341 fsp->mode = psbuf->st_mode;
342 fsp->inode = psbuf->st_ino;
343 fsp->dev = psbuf->st_dev;
344 fsp->vuid = current_user.vuid;
345 fsp->file_pid = global_smbpid;
346 fsp->can_lock = True;
347 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
348 if (!CAN_WRITE(conn)) {
349 fsp->can_write = False;
351 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
354 fsp->print_file = False;
355 fsp->modified = False;
356 fsp->sent_oplock_break = NO_BREAK_SENT;
357 fsp->is_directory = False;
358 fsp->is_stat = False;
359 if (conn->aio_write_behind_list &&
360 is_in_path(fname, conn->aio_write_behind_list, conn->case_sensitive)) {
361 fsp->aio_write_behind = True;
364 string_set(&fsp->fsp_name,fname);
365 fsp->wcp = NULL; /* Write cache pointer. */
367 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
368 *current_user_info.smb_name ?
369 current_user_info.smb_name : conn->user,fsp->fsp_name,
370 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
371 conn->num_files_open + 1));
377 /*******************************************************************
378 Return True if the filename is one of the special executable types.
379 ********************************************************************/
381 static BOOL is_executable(const char *fname)
383 if ((fname = strrchr_m(fname,'.'))) {
384 if (strequal(fname,".com") ||
385 strequal(fname,".dll") ||
386 strequal(fname,".exe") ||
387 strequal(fname,".sym")) {
394 /****************************************************************************
395 Check if we can open a file with a share mode.
396 Returns True if conflict, False if not.
397 ****************************************************************************/
399 static BOOL share_conflict(struct share_mode_entry *entry,
403 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
404 "entry->share_access = 0x%x, "
405 "entry->private_options = 0x%x\n",
406 (unsigned int)entry->access_mask,
407 (unsigned int)entry->share_access,
408 (unsigned int)entry->private_options));
410 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
411 (unsigned int)access_mask, (unsigned int)share_access));
413 if ((entry->access_mask & (FILE_WRITE_DATA|
417 DELETE_ACCESS)) == 0) {
418 DEBUG(10,("share_conflict: No conflict due to "
419 "entry->access_mask = 0x%x\n",
420 (unsigned int)entry->access_mask ));
424 if ((access_mask & (FILE_WRITE_DATA|
428 DELETE_ACCESS)) == 0) {
429 DEBUG(10,("share_conflict: No conflict due to "
430 "access_mask = 0x%x\n",
431 (unsigned int)access_mask ));
435 #if 1 /* JRA TEST - Superdebug. */
436 #define CHECK_MASK(num, am, right, sa, share) \
437 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
438 (unsigned int)(num), (unsigned int)(am), \
439 (unsigned int)(right), (unsigned int)(am)&(right) )); \
440 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
441 (unsigned int)(num), (unsigned int)(sa), \
442 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
443 if (((am) & (right)) && !((sa) & (share))) { \
444 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
445 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
446 (unsigned int)(share) )); \
450 #define CHECK_MASK(num, am, right, sa, share) \
451 if (((am) & (right)) && !((sa) & (share))) { \
452 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
453 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
454 (unsigned int)(share) )); \
459 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
460 share_access, FILE_SHARE_WRITE);
461 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
462 entry->share_access, FILE_SHARE_WRITE);
464 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
465 share_access, FILE_SHARE_READ);
466 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
467 entry->share_access, FILE_SHARE_READ);
469 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
470 share_access, FILE_SHARE_DELETE);
471 CHECK_MASK(6, access_mask, DELETE_ACCESS,
472 entry->share_access, FILE_SHARE_DELETE);
474 DEBUG(10,("share_conflict: No conflict.\n"));
478 #if defined(DEVELOPER)
479 static void validate_my_share_entries(int num,
480 struct share_mode_entry *share_entry)
484 if (!procid_is_me(&share_entry->pid)) {
488 if (is_deferred_open_entry(share_entry) &&
489 !open_was_deferred(share_entry->op_mid)) {
491 pstr_sprintf(str, "Got a deferred entry without a request: "
492 "PANIC: %s\n", share_mode_str(num, share_entry));
496 if (!is_valid_share_mode_entry(share_entry)) {
500 fsp = file_find_dif(share_entry->dev, share_entry->inode,
501 share_entry->share_file_id);
503 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
504 share_mode_str(num, share_entry) ));
505 smb_panic("validate_my_share_entries: Cannot match a "
506 "share entry with an open file\n");
509 if (is_deferred_open_entry(share_entry) ||
510 is_unused_share_mode_entry(share_entry)) {
514 if ((share_entry->op_type == NO_OPLOCK) &&
515 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
516 /* Someone has already written to it, but I haven't yet
521 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
530 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
531 share_mode_str(num, share_entry) ));
532 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
533 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
534 fsp->fsp_name, (unsigned int)fsp->oplock_type,
535 (unsigned int)share_entry->op_type );
541 static BOOL is_stat_open(uint32 access_mask)
543 return (access_mask &&
544 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
545 FILE_WRITE_ATTRIBUTES))==0) &&
546 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
547 FILE_WRITE_ATTRIBUTES)) != 0));
550 /****************************************************************************
551 Deal with share modes
552 Invarient: Share mode must be locked on entry and exit.
553 Returns -1 on error, or number of share modes on success (may be zero).
554 ****************************************************************************/
556 static NTSTATUS open_mode_check(connection_struct *conn,
558 struct share_mode_lock *lck,
561 uint32 create_options,
566 if(lck->num_share_modes == 0) {
570 *file_existed = True;
572 if (is_stat_open(access_mask)) {
573 /* Stat open that doesn't trigger oplock breaks or share mode
574 * checks... ! JRA. */
578 /* A delete on close prohibits everything */
580 if (lck->delete_on_close) {
581 return NT_STATUS_DELETE_PENDING;
585 * Check if the share modes will give us access.
588 #if defined(DEVELOPER)
589 for(i = 0; i < lck->num_share_modes; i++) {
590 validate_my_share_entries(i, &lck->share_modes[i]);
594 if (!lp_share_modes(SNUM(conn))) {
598 /* Now we check the share modes, after any oplock breaks. */
599 for(i = 0; i < lck->num_share_modes; i++) {
601 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
605 /* someone else has a share lock on it, check to see if we can
607 if (share_conflict(&lck->share_modes[i],
608 access_mask, share_access)) {
609 return NT_STATUS_SHARING_VIOLATION;
616 static BOOL is_delete_request(files_struct *fsp) {
617 return ((fsp->access_mask == DELETE_ACCESS) &&
618 (fsp->oplock_type == NO_OPLOCK));
622 * 1) No files open at all or internal open: Grant whatever the client wants.
624 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
625 * request, break if the oplock around is a batch oplock. If it's another
626 * requested access type, break.
628 * 3) Only level2 around: Grant level2 and do nothing else.
631 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
637 struct share_mode_entry *exclusive = NULL;
638 BOOL valid_entry = False;
639 BOOL delay_it = False;
640 BOOL have_level2 = False;
642 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
644 if (oplock_request & INTERNAL_OPEN_ONLY) {
645 fsp->oplock_type = NO_OPLOCK;
648 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
652 for (i=0; i<lck->num_share_modes; i++) {
654 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
658 /* At least one entry is not an invalid or deferred entry. */
661 if (pass_number == 1) {
662 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
663 SMB_ASSERT(exclusive == NULL);
664 exclusive = &lck->share_modes[i];
667 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
668 SMB_ASSERT(exclusive == NULL);
669 exclusive = &lck->share_modes[i];
673 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
674 SMB_ASSERT(exclusive == NULL);
680 /* All entries are placeholders or deferred.
681 * Directly grant whatever the client wants. */
682 if (fsp->oplock_type == NO_OPLOCK) {
683 /* Store a level2 oplock, but don't tell the client */
684 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
689 if (exclusive != NULL) { /* Found an exclusive oplock */
690 SMB_ASSERT(!have_level2);
691 delay_it = is_delete_request(fsp) ?
692 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
695 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
696 /* We can at most grant level2 as there are other
697 * level2 or NO_OPLOCK entries. */
698 fsp->oplock_type = LEVEL_II_OPLOCK;
701 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
702 /* Store a level2 oplock, but don't tell the client */
703 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
711 * Send a break message to the oplock holder and delay the open for
715 DEBUG(10, ("Sending break request to PID %s\n",
716 procid_str_static(&exclusive->pid)));
717 exclusive->op_mid = get_current_mid();
719 /* Create the message. */
720 share_mode_entry_to_message(msg, exclusive);
722 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
723 don't want this set in the share mode struct pointed to by lck. */
725 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
726 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
729 ret = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
730 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
732 DEBUG(3, ("Could not send oplock break message\n"));
738 static BOOL request_timed_out(struct timeval request_time,
739 struct timeval timeout)
741 struct timeval now, end_time;
743 end_time = timeval_sum(&request_time, &timeout);
744 return (timeval_compare(&end_time, &now) < 0);
747 /****************************************************************************
748 Handle the 1 second delay in returning a SHARING_VIOLATION error.
749 ****************************************************************************/
751 static void defer_open(struct share_mode_lock *lck,
752 struct timeval request_time,
753 struct timeval timeout,
754 struct deferred_open_record *state)
756 uint16 mid = get_current_mid();
761 for (i=0; i<lck->num_share_modes; i++) {
762 struct share_mode_entry *e = &lck->share_modes[i];
764 if (!is_deferred_open_entry(e)) {
768 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
769 DEBUG(0, ("Trying to defer an already deferred "
770 "request: mid=%d, exiting\n", mid));
771 exit_server("attempt to defer a deferred request");
775 /* End paranoia check */
777 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
778 "open entry for mid %u\n",
779 (unsigned int)request_time.tv_sec,
780 (unsigned int)request_time.tv_usec,
783 if (!push_deferred_smb_message(mid, request_time, timeout,
784 (char *)state, sizeof(*state))) {
785 exit_server("push_deferred_smb_message failed");
787 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
790 * Push the MID of this packet on the signing queue.
791 * We only do this once, the first time we push the packet
792 * onto the deferred open queue, as this has a side effect
793 * of incrementing the response sequence number.
796 srv_defer_sign_response(mid);
800 /****************************************************************************
801 On overwrite open ensure that the attributes match.
802 ****************************************************************************/
804 static BOOL open_match_attributes(connection_struct *conn,
808 mode_t existing_unx_mode,
810 mode_t *returned_unx_mode)
812 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
814 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
815 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
817 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
818 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
819 *returned_unx_mode = new_unx_mode;
821 *returned_unx_mode = (mode_t)0;
824 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
825 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
826 "returned_unx_mode = 0%o\n",
828 (unsigned int)old_dos_attr,
829 (unsigned int)existing_unx_mode,
830 (unsigned int)new_dos_attr,
831 (unsigned int)*returned_unx_mode ));
833 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
834 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
835 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
836 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
840 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
841 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
842 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
849 /****************************************************************************
850 Special FCB or DOS processing in the case of a sharing violation.
851 Try and find a duplicated file handle.
852 ****************************************************************************/
854 static files_struct *fcb_or_dos_open(connection_struct *conn,
855 const char *fname, SMB_DEV_T dev,
859 uint32 create_options)
862 files_struct *dup_fsp;
864 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
865 "file %s.\n", fname ));
867 for(fsp = file_find_di_first(dev, inode); fsp;
868 fsp = file_find_di_next(fsp)) {
870 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
871 "vuid = %u, file_pid = %u, private_options = 0x%x "
872 "access_mask = 0x%x\n", fsp->fsp_name,
873 fsp->fh->fd, (unsigned int)fsp->vuid,
874 (unsigned int)fsp->file_pid,
875 (unsigned int)fsp->fh->private_options,
876 (unsigned int)fsp->access_mask ));
878 if (fsp->fh->fd != -1 &&
879 fsp->vuid == current_user.vuid &&
880 fsp->file_pid == global_smbpid &&
881 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
882 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
883 (fsp->access_mask & FILE_WRITE_DATA) &&
884 strequal(fsp->fsp_name, fname)) {
885 DEBUG(10,("fcb_or_dos_open: file match\n"));
894 /* quite an insane set of semantics ... */
895 if (is_executable(fname) &&
896 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
897 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
901 /* We need to duplicate this fsp. */
902 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
903 create_options, &dup_fsp))) {
910 /****************************************************************************
911 Open a file with a share mode - old openX method - map into NTCreate.
912 ****************************************************************************/
914 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
915 uint32 *paccess_mask,
917 uint32 *pcreate_disposition,
918 uint32 *pcreate_options)
922 uint32 create_disposition;
923 uint32 create_options = 0;
925 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
926 "open_func = 0x%x\n",
927 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
929 /* Create the NT compatible access_mask. */
930 switch (GET_OPENX_MODE(deny_mode)) {
931 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
932 case DOS_OPEN_RDONLY:
933 access_mask = FILE_GENERIC_READ;
935 case DOS_OPEN_WRONLY:
936 access_mask = FILE_GENERIC_WRITE;
940 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
943 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
944 (unsigned int)GET_OPENX_MODE(deny_mode)));
948 /* Create the NT compatible create_disposition. */
950 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
951 create_disposition = FILE_CREATE;
954 case OPENX_FILE_EXISTS_OPEN:
955 create_disposition = FILE_OPEN;
958 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
959 create_disposition = FILE_OPEN_IF;
962 case OPENX_FILE_EXISTS_TRUNCATE:
963 create_disposition = FILE_OVERWRITE;
966 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
967 create_disposition = FILE_OVERWRITE_IF;
971 /* From samba4 - to be confirmed. */
972 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
973 create_disposition = FILE_CREATE;
976 DEBUG(10,("map_open_params_to_ntcreate: bad "
977 "open_func 0x%x\n", (unsigned int)open_func));
981 /* Create the NT compatible share modes. */
982 switch (GET_DENY_MODE(deny_mode)) {
984 share_mode = FILE_SHARE_NONE;
988 share_mode = FILE_SHARE_READ;
992 share_mode = FILE_SHARE_WRITE;
996 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1000 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1001 if (is_executable(fname)) {
1002 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1004 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1005 share_mode = FILE_SHARE_READ;
1007 share_mode = FILE_SHARE_NONE;
1013 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1014 share_mode = FILE_SHARE_NONE;
1018 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1019 (unsigned int)GET_DENY_MODE(deny_mode) ));
1023 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1024 "share_mode = 0x%x, create_disposition = 0x%x, "
1025 "create_options = 0x%x\n",
1027 (unsigned int)access_mask,
1028 (unsigned int)share_mode,
1029 (unsigned int)create_disposition,
1030 (unsigned int)create_options ));
1033 *paccess_mask = access_mask;
1036 *pshare_mode = share_mode;
1038 if (pcreate_disposition) {
1039 *pcreate_disposition = create_disposition;
1041 if (pcreate_options) {
1042 *pcreate_options = create_options;
1049 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1051 struct deferred_open_record state;
1053 /* This is a relative time, added to the absolute
1054 request_time value to get the absolute timeout time.
1055 Note that if this is the second or greater time we enter
1056 this codepath for this particular request mid then
1057 request_time is left as the absolute time of the *first*
1058 time this request mid was processed. This is what allows
1059 the request to eventually time out. */
1061 struct timeval timeout;
1063 /* Normally the smbd we asked should respond within
1064 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1065 * the client did, give twice the timeout as a safety
1066 * measure here in case the other smbd is stuck
1067 * somewhere else. */
1069 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1071 /* Nothing actually uses state.delayed_for_oplocks
1072 but it's handy to differentiate in debug messages
1073 between a 30 second delay due to oplock break, and
1074 a 1 second delay for share mode conflicts. */
1076 state.delayed_for_oplocks = True;
1077 state.dev = lck->dev;
1078 state.inode = lck->ino;
1080 if (!request_timed_out(request_time, timeout)) {
1081 defer_open(lck, request_time, timeout, &state);
1085 /****************************************************************************
1086 Open a file with a share mode.
1087 ****************************************************************************/
1089 NTSTATUS open_file_ntcreate(connection_struct *conn,
1091 SMB_STRUCT_STAT *psbuf,
1092 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1093 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1094 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1095 uint32 create_options, /* options such as delete on close. */
1096 uint32 new_dos_attributes, /* attributes used for new file. */
1097 int oplock_request, /* internal Samba oplock codes. */
1098 /* Information (FILE_EXISTS etc.) */
1100 files_struct **result)
1104 BOOL file_existed = VALID_STAT(*psbuf);
1105 BOOL def_acl = False;
1107 SMB_INO_T inode = 0;
1108 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1109 files_struct *fsp = NULL;
1110 mode_t new_unx_mode = (mode_t)0;
1111 mode_t unx_mode = (mode_t)0;
1113 uint32 existing_dos_attributes = 0;
1114 struct pending_message_list *pml = NULL;
1115 uint16 mid = get_current_mid();
1116 struct timeval request_time = timeval_zero();
1117 struct share_mode_lock *lck = NULL;
1118 uint32 open_access_mask = access_mask;
1122 if (conn->printer) {
1124 * Printers are handled completely differently.
1125 * Most of the passed parameters are ignored.
1129 *pinfo = FILE_WAS_CREATED;
1132 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1134 return print_fsp_open(conn, fname, result);
1137 /* We add aARCH to this as this mode is only used if the file is
1139 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,fname, True);
1141 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1142 "access_mask=0x%x share_access=0x%x "
1143 "create_disposition = 0x%x create_options=0x%x "
1144 "unix mode=0%o oplock_request=%d\n",
1145 fname, new_dos_attributes, access_mask, share_access,
1146 create_disposition, create_options, unx_mode,
1149 if ((pml = get_open_deferred_message(mid)) != NULL) {
1150 struct deferred_open_record *state =
1151 (struct deferred_open_record *)pml->private_data.data;
1153 /* Remember the absolute time of the original
1154 request with this mid. We'll use it later to
1155 see if this has timed out. */
1157 request_time = pml->request_time;
1159 /* Remove the deferred open entry under lock. */
1160 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1162 DEBUG(0, ("could not get share mode lock\n"));
1164 del_deferred_open_entry(lck, mid);
1168 /* Ensure we don't reprocess this message. */
1169 remove_deferred_open_smb_message(mid);
1172 if (!check_name(fname,conn)) {
1173 return map_nt_error_from_unix(errno);
1176 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1178 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1181 /* ignore any oplock requests if oplocks are disabled */
1182 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1183 IS_VETO_OPLOCK_PATH(conn, fname)) {
1184 /* Mask off everything except the private Samba bits. */
1185 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1188 /* this is for OS/2 long file names - say we don't support them */
1189 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1190 /* OS/2 Workplace shell fix may be main code stream in a later
1192 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1194 if (use_nt_status()) {
1195 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1197 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1200 switch( create_disposition ) {
1202 * Currently we're using FILE_SUPERSEDE as the same as
1203 * FILE_OVERWRITE_IF but they really are
1204 * different. FILE_SUPERSEDE deletes an existing file
1205 * (requiring delete access) then recreates it.
1207 case FILE_SUPERSEDE:
1208 /* If file exists replace/overwrite. If file doesn't
1210 flags2 |= (O_CREAT | O_TRUNC);
1213 case FILE_OVERWRITE_IF:
1214 /* If file exists replace/overwrite. If file doesn't
1216 flags2 |= (O_CREAT | O_TRUNC);
1220 /* If file exists open. If file doesn't exist error. */
1221 if (!file_existed) {
1222 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1223 "requested for file %s and file "
1224 "doesn't exist.\n", fname ));
1226 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1230 case FILE_OVERWRITE:
1231 /* If file exists overwrite. If file doesn't exist
1233 if (!file_existed) {
1234 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1235 "requested for file %s and file "
1236 "doesn't exist.\n", fname ));
1238 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1244 /* If file exists error. If file doesn't exist
1247 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1248 "requested for file %s and file "
1249 "already exists.\n", fname ));
1250 if (S_ISDIR(psbuf->st_mode)) {
1255 return map_nt_error_from_unix(errno);
1257 flags2 |= (O_CREAT|O_EXCL);
1261 /* If file exists open. If file doesn't exist
1267 return NT_STATUS_INVALID_PARAMETER;
1270 /* We only care about matching attributes on file exists and
1273 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1274 (create_disposition == FILE_OVERWRITE_IF))) {
1275 if (!open_match_attributes(conn, fname,
1276 existing_dos_attributes,
1277 new_dos_attributes, psbuf->st_mode,
1278 unx_mode, &new_unx_mode)) {
1279 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1280 "for file %s (%x %x) (0%o, 0%o)\n",
1281 fname, existing_dos_attributes,
1283 (unsigned int)psbuf->st_mode,
1284 (unsigned int)unx_mode ));
1286 return NT_STATUS_ACCESS_DENIED;
1290 /* This is a nasty hack - must fix... JRA. */
1291 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1292 open_access_mask = access_mask = FILE_GENERIC_ALL;
1296 * Convert GENERIC bits to specific bits.
1299 se_map_generic(&access_mask, &file_generic_mapping);
1300 open_access_mask = access_mask;
1302 if (flags2 & O_TRUNC) {
1303 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1306 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1307 "access_mask=0x%x\n", fname, access_mask ));
1310 * Note that we ignore the append flag as append does not
1311 * mean the same thing under DOS and Unix.
1314 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1315 /* DENY_DOS opens are always underlying read-write on the
1316 file handle, no matter what the requested access mask
1318 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1319 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1329 * Currently we only look at FILE_WRITE_THROUGH for create options.
1333 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1338 if (!CAN_WRITE(conn)) {
1340 * We should really return a permission denied error if either
1341 * O_CREAT or O_TRUNC are set, but for compatibility with
1342 * older versions of Samba we just AND them out.
1344 flags2 &= ~(O_CREAT|O_TRUNC);
1348 * Ensure we can't write on a read-only share or file.
1351 if (flags != O_RDONLY && file_existed &&
1352 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1353 DEBUG(5,("open_file_ntcreate: write access requested for "
1354 "file %s on read only %s\n",
1355 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1357 return NT_STATUS_ACCESS_DENIED;
1360 status = file_new(conn, &fsp);
1361 if(!NT_STATUS_IS_OK(status)) {
1365 fsp->dev = psbuf->st_dev;
1366 fsp->inode = psbuf->st_ino;
1367 fsp->share_access = share_access;
1368 fsp->fh->private_options = create_options;
1369 fsp->access_mask = open_access_mask; /* We change this to the
1370 * requested access_mask after
1371 * the open is done. */
1372 /* Ensure no SAMBA_PRIVATE bits can be set. */
1373 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1375 if (timeval_is_zero(&request_time)) {
1376 request_time = fsp->open_time;
1380 dev = psbuf->st_dev;
1381 inode = psbuf->st_ino;
1383 lck = get_share_mode_lock(NULL, dev, inode,
1389 DEBUG(0, ("Could not get share mode lock\n"));
1390 return NT_STATUS_SHARING_VIOLATION;
1393 /* First pass - send break only on batch oplocks. */
1394 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1395 schedule_defer_open(lck, request_time);
1398 return NT_STATUS_SHARING_VIOLATION;
1401 /* Use the client requested access mask here, not the one we
1403 status = open_mode_check(conn, fname, lck,
1404 access_mask, share_access,
1405 create_options, &file_existed);
1407 if (NT_STATUS_IS_OK(status)) {
1408 /* We might be going to allow this open. Check oplock
1410 /* Second pass - send break for both batch or
1411 * exclusive oplocks. */
1412 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1413 schedule_defer_open(lck, request_time);
1416 return NT_STATUS_SHARING_VIOLATION;
1420 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1421 /* DELETE_PENDING is not deferred for a second */
1427 if (!NT_STATUS_IS_OK(status)) {
1428 uint32 can_access_mask;
1429 BOOL can_access = True;
1431 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1433 /* Check if this can be done with the deny_dos and fcb
1435 if (create_options &
1436 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1437 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1438 files_struct *fsp_dup;
1440 /* Use the client requested access mask here,
1441 * not the one we open with. */
1442 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1451 *pinfo = FILE_WAS_OPENED;
1453 conn->num_files_open++;
1455 return NT_STATUS_OK;
1460 * This next line is a subtlety we need for
1461 * MS-Access. If a file open will fail due to share
1462 * permissions and also for security (access) reasons,
1463 * we need to return the access failed error, not the
1464 * share error. We can't open the file due to kernel
1465 * oplock deadlock (it's possible we failed above on
1466 * the open_mode_check()) so use a userspace check.
1469 if (flags & O_RDWR) {
1470 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1471 } else if (flags & O_WRONLY) {
1472 can_access_mask = FILE_WRITE_DATA;
1474 can_access_mask = FILE_READ_DATA;
1477 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1478 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1483 * If we're returning a share violation, ensure we
1484 * cope with the braindead 1 second delay.
1487 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1488 lp_defer_sharing_violations()) {
1489 struct timeval timeout;
1490 struct deferred_open_record state;
1493 /* this is a hack to speed up torture tests
1495 timeout_usecs = lp_parm_int(SNUM(conn),
1496 "smbd","sharedelay",
1497 SHARING_VIOLATION_USEC_WAIT);
1499 /* This is a relative time, added to the absolute
1500 request_time value to get the absolute timeout time.
1501 Note that if this is the second or greater time we enter
1502 this codepath for this particular request mid then
1503 request_time is left as the absolute time of the *first*
1504 time this request mid was processed. This is what allows
1505 the request to eventually time out. */
1507 timeout = timeval_set(0, timeout_usecs);
1509 /* Nothing actually uses state.delayed_for_oplocks
1510 but it's handy to differentiate in debug messages
1511 between a 30 second delay due to oplock break, and
1512 a 1 second delay for share mode conflicts. */
1514 state.delayed_for_oplocks = False;
1516 state.inode = inode;
1518 if (!request_timed_out(request_time,
1520 defer_open(lck, request_time, timeout,
1528 * We have detected a sharing violation here
1529 * so return the correct error code
1531 status = NT_STATUS_SHARING_VIOLATION;
1533 status = NT_STATUS_ACCESS_DENIED;
1540 * We exit this block with the share entry *locked*.....
1544 SMB_ASSERT(!file_existed || (lck != NULL));
1547 * Ensure we pay attention to default ACLs on directories if required.
1550 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1551 (def_acl = directory_has_default_acl(conn,
1552 parent_dirname(fname)))) {
1556 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1557 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1558 (unsigned int)flags, (unsigned int)flags2,
1559 (unsigned int)unx_mode, (unsigned int)access_mask,
1560 (unsigned int)open_access_mask));
1563 * open_file strips any O_TRUNC flags itself.
1566 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,
1567 access_mask, open_access_mask);
1569 if (!NT_STATUS_IS_OK(fsp_open)) {
1577 if (!file_existed) {
1580 * Deal with the race condition where two smbd's detect the
1581 * file doesn't exist and do the create at the same time. One
1582 * of them will win and set a share mode, the other (ie. this
1583 * one) should check if the requested share mode for this
1584 * create is allowed.
1588 * Now the file exists and fsp is successfully opened,
1589 * fsp->dev and fsp->inode are valid and should replace the
1590 * dev=0,inode=0 from a non existent file. Spotted by
1591 * Nadav Danieli <nadavd@exanet.com>. JRA.
1597 lck = get_share_mode_lock(NULL, dev, inode,
1602 DEBUG(0, ("open_file_ntcreate: Could not get share "
1603 "mode lock for %s\n", fname));
1604 fd_close(conn, fsp);
1606 return NT_STATUS_SHARING_VIOLATION;
1609 status = open_mode_check(conn, fname, lck,
1610 access_mask, share_access,
1611 create_options, &file_existed);
1613 if (!NT_STATUS_IS_OK(status)) {
1614 struct deferred_open_record state;
1616 fd_close(conn, fsp);
1619 state.delayed_for_oplocks = False;
1621 state.inode = inode;
1623 /* Do it all over again immediately. In the second
1624 * round we will find that the file existed and handle
1625 * the DELETE_PENDING and FCB cases correctly. No need
1626 * to duplicate the code here. Essentially this is a
1627 * "goto top of this function", but don't tell
1630 defer_open(lck, request_time, timeval_zero(),
1637 * We exit this block with the share entry *locked*.....
1642 SMB_ASSERT(lck != NULL);
1644 /* note that we ignore failure for the following. It is
1645 basically a hack for NFS, and NFS will never set one of
1646 these only read them. Nobody but Samba can ever set a deny
1647 mode and we have already checked our more authoritative
1648 locking database for permission to set this deny mode. If
1649 the kernel refuses the operations then the kernel is wrong.
1650 note that GPFS supports it as well - jmcd */
1652 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1653 if(ret_flock == -1 ){
1656 fd_close(conn, fsp);
1659 return NT_STATUS_SHARING_VIOLATION;
1663 * At this point onwards, we can guarentee that the share entry
1664 * is locked, whether we created the file or not, and that the
1665 * deny mode is compatible with all current opens.
1669 * If requested, truncate the file.
1672 if (flags2&O_TRUNC) {
1674 * We are modifing the file after open - update the stat
1677 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1678 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1679 status = map_nt_error_from_unix(errno);
1687 /* Record the options we were opened with. */
1688 fsp->share_access = share_access;
1689 fsp->fh->private_options = create_options;
1690 fsp->access_mask = access_mask;
1693 /* stat opens on existing files don't get oplocks. */
1694 if (is_stat_open(open_access_mask)) {
1695 fsp->oplock_type = NO_OPLOCK;
1698 if (!(flags2 & O_TRUNC)) {
1699 info = FILE_WAS_OPENED;
1701 info = FILE_WAS_OVERWRITTEN;
1704 info = FILE_WAS_CREATED;
1705 /* Change the owner if required. */
1706 if (lp_inherit_owner(SNUM(conn))) {
1707 change_fd_owner_to_parent(conn, fsp);
1716 * Setup the oplock info in both the shared memory and
1720 if ((fsp->oplock_type != NO_OPLOCK) &&
1721 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1722 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1723 /* Could not get the kernel oplock */
1724 fsp->oplock_type = NO_OPLOCK;
1727 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1729 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1730 info == FILE_WAS_SUPERSEDED) {
1732 /* Handle strange delete on close create semantics. */
1733 if (create_options & FILE_DELETE_ON_CLOSE) {
1734 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1736 if (!NT_STATUS_IS_OK(status)) {
1737 /* Remember to delete the mode we just added. */
1738 del_share_mode(lck, fsp);
1744 /* Note that here we set the *inital* delete on close flag,
1745 not the regular one. */
1746 set_delete_on_close_token(lck, ¤t_user.ut);
1747 lck->initial_delete_on_close = True;
1748 lck->modified = True;
1751 /* Files should be initially set as archive */
1752 if (lp_map_archive(SNUM(conn)) ||
1753 lp_store_dos_attributes(SNUM(conn))) {
1754 file_set_dosmode(conn, fname,
1755 new_dos_attributes | aARCH, NULL,
1761 * Take care of inherited ACLs on created files - if default ACL not
1765 if (!file_existed && !def_acl) {
1767 int saved_errno = errno; /* We might get ENOSYS in the next
1770 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1772 errno = saved_errno; /* Ignore ENOSYS */
1775 } else if (new_unx_mode) {
1779 /* Attributes need changing. File already existed. */
1782 int saved_errno = errno; /* We might get ENOSYS in the
1784 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1787 if (ret == -1 && errno == ENOSYS) {
1788 errno = saved_errno; /* Ignore ENOSYS */
1790 DEBUG(5, ("open_file_ntcreate: reset "
1791 "attributes of file %s to 0%o\n",
1792 fname, (unsigned int)new_unx_mode));
1793 ret = 0; /* Don't do the fchmod below. */
1798 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1799 DEBUG(5, ("open_file_ntcreate: failed to reset "
1800 "attributes of file %s to 0%o\n",
1801 fname, (unsigned int)new_unx_mode));
1804 /* If this is a successful open, we must remove any deferred open
1806 del_deferred_open_entry(lck, mid);
1809 conn->num_files_open++;
1812 return NT_STATUS_OK;
1815 /****************************************************************************
1816 Open a file for for write to ensure that we can fchmod it.
1817 ****************************************************************************/
1819 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1820 SMB_STRUCT_STAT *psbuf, files_struct **result)
1822 files_struct *fsp = NULL;
1825 if (!VALID_STAT(*psbuf)) {
1826 return NT_STATUS_INVALID_PARAMETER;
1829 status = file_new(conn, &fsp);
1830 if(!NT_STATUS_IS_OK(status)) {
1834 /* note! we must use a non-zero desired access or we don't get
1835 a real file descriptor. Oh what a twisted web we weave. */
1836 status = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA,FILE_WRITE_DATA);
1839 * This is not a user visible file open.
1840 * Don't set a share mode and don't increment
1841 * the conn->num_files_open.
1844 if (!NT_STATUS_IS_OK(status)) {
1850 return NT_STATUS_OK;
1853 /****************************************************************************
1854 Close the fchmod file fd - ensure no locks are lost.
1855 ****************************************************************************/
1857 int close_file_fchmod(files_struct *fsp)
1859 int ret = fd_close(fsp->conn, fsp);
1864 static NTSTATUS mkdir_internal(connection_struct *conn, const char *name,
1865 SMB_STRUCT_STAT *psbuf)
1870 if(!CAN_WRITE(conn)) {
1871 DEBUG(5,("mkdir_internal: failing create on read-only share "
1872 "%s\n", lp_servicename(SNUM(conn))));
1873 return NT_STATUS_ACCESS_DENIED;
1876 if (!check_name(name, conn)) {
1877 return map_nt_error_from_unix(errno);
1880 mode = unix_mode(conn, aDIR, name, True);
1882 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1883 return map_nt_error_from_unix(errno);
1886 /* Ensure we're checking for a symlink here.... */
1887 /* We don't want to get caught by a symlink racer. */
1889 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1890 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1891 name, strerror(errno)));
1892 return map_nt_error_from_unix(errno);
1895 if (!S_ISDIR(psbuf->st_mode)) {
1896 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1898 return NT_STATUS_ACCESS_DENIED;
1901 if (lp_inherit_perms(SNUM(conn))) {
1902 inherit_access_acl(conn, name, mode);
1906 * Check if high bits should have been set,
1907 * then (if bits are missing): add them.
1908 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1911 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1912 SMB_VFS_CHMOD(conn, name,
1913 psbuf->st_mode | (mode & ~psbuf->st_mode));
1916 return NT_STATUS_OK;
1919 /****************************************************************************
1920 Open a directory from an NT SMB call.
1921 ****************************************************************************/
1923 NTSTATUS open_directory(connection_struct *conn,
1925 SMB_STRUCT_STAT *psbuf,
1927 uint32 share_access,
1928 uint32 create_disposition,
1929 uint32 create_options,
1931 files_struct **result)
1933 files_struct *fsp = NULL;
1934 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1935 struct share_mode_lock *lck = NULL;
1939 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1940 "share_access = 0x%x create_options = 0x%x, "
1941 "create_disposition = 0x%x\n",
1943 (unsigned int)access_mask,
1944 (unsigned int)share_access,
1945 (unsigned int)create_options,
1946 (unsigned int)create_disposition));
1948 if (is_ntfs_stream_name(fname)) {
1949 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1950 return NT_STATUS_NOT_A_DIRECTORY;
1953 switch( create_disposition ) {
1956 info = FILE_WAS_OPENED;
1959 * We want to follow symlinks here.
1962 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
1963 return map_nt_error_from_unix(errno);
1970 /* If directory exists error. If directory doesn't
1973 status = mkdir_internal(conn, fname, psbuf);
1974 if (!NT_STATUS_IS_OK(status)) {
1975 DEBUG(2, ("open_directory: unable to create "
1976 "%s. Error was %s\n", fname,
1977 nt_errstr(status)));
1981 info = FILE_WAS_CREATED;
1986 * If directory exists open. If directory doesn't
1990 status = mkdir_internal(conn, fname, psbuf);
1992 if (NT_STATUS_IS_OK(status)) {
1993 info = FILE_WAS_CREATED;
1996 if (NT_STATUS_EQUAL(status,
1997 NT_STATUS_OBJECT_NAME_COLLISION)) {
1998 info = FILE_WAS_OPENED;
1999 status = NT_STATUS_OK;
2004 case FILE_SUPERSEDE:
2005 case FILE_OVERWRITE:
2006 case FILE_OVERWRITE_IF:
2008 DEBUG(5,("open_directory: invalid create_disposition "
2009 "0x%x for directory %s\n",
2010 (unsigned int)create_disposition, fname));
2011 return NT_STATUS_INVALID_PARAMETER;
2014 if(!S_ISDIR(psbuf->st_mode)) {
2015 DEBUG(5,("open_directory: %s is not a directory !\n",
2017 return NT_STATUS_NOT_A_DIRECTORY;
2020 status = file_new(conn, &fsp);
2021 if(!NT_STATUS_IS_OK(status)) {
2026 * Setup the files_struct for it.
2029 fsp->mode = psbuf->st_mode;
2030 fsp->inode = psbuf->st_ino;
2031 fsp->dev = psbuf->st_dev;
2032 fsp->vuid = current_user.vuid;
2033 fsp->file_pid = global_smbpid;
2034 fsp->can_lock = False;
2035 fsp->can_read = False;
2036 fsp->can_write = False;
2038 fsp->share_access = share_access;
2039 fsp->fh->private_options = create_options;
2040 fsp->access_mask = access_mask;
2042 fsp->print_file = False;
2043 fsp->modified = False;
2044 fsp->oplock_type = NO_OPLOCK;
2045 fsp->sent_oplock_break = NO_BREAK_SENT;
2046 fsp->is_directory = True;
2047 fsp->is_stat = False;
2048 string_set(&fsp->fsp_name,fname);
2050 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2055 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2057 return NT_STATUS_SHARING_VIOLATION;
2060 status = open_mode_check(conn, fname, lck,
2061 access_mask, share_access,
2062 create_options, &dir_existed);
2064 if (!NT_STATUS_IS_OK(status)) {
2070 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2072 /* For directories the delete on close bit at open time seems
2073 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2074 if (create_options & FILE_DELETE_ON_CLOSE) {
2075 status = can_set_delete_on_close(fsp, True, 0);
2076 if (!NT_STATUS_IS_OK(status)) {
2082 set_delete_on_close_token(lck, ¤t_user.ut);
2083 lck->initial_delete_on_close = True;
2084 lck->modified = True;
2089 /* Change the owner if required. */
2090 if ((info == FILE_WAS_CREATED) && lp_inherit_owner(SNUM(conn))) {
2091 change_owner_to_parent(conn, fsp->fsp_name, psbuf);
2098 conn->num_files_open++;
2101 return NT_STATUS_OK;
2104 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2107 SMB_STRUCT_STAT sbuf;
2110 SET_STAT_INVALID(sbuf);
2112 status = open_directory(conn, directory, &sbuf,
2113 FILE_READ_ATTRIBUTES, /* Just a stat open */
2114 FILE_SHARE_NONE, /* Ignored for stat opens */
2115 FILE_CREATE, 0, NULL, &fsp);
2117 if (NT_STATUS_IS_OK(status)) {
2118 close_file(fsp, NORMAL_CLOSE);
2124 /****************************************************************************
2125 Open a pseudo-file (no locking checks - a 'stat' open).
2126 ****************************************************************************/
2128 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2129 SMB_STRUCT_STAT *psbuf, files_struct **result)
2131 files_struct *fsp = NULL;
2134 if (!VALID_STAT(*psbuf)) {
2135 return NT_STATUS_INVALID_PARAMETER;
2138 /* Can't 'stat' open directories. */
2139 if(S_ISDIR(psbuf->st_mode)) {
2140 return NT_STATUS_FILE_IS_A_DIRECTORY;
2143 status = file_new(conn, &fsp);
2144 if(!NT_STATUS_IS_OK(status)) {
2148 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2151 * Setup the files_struct for it.
2154 fsp->mode = psbuf->st_mode;
2155 fsp->inode = psbuf->st_ino;
2156 fsp->dev = psbuf->st_dev;
2157 fsp->vuid = current_user.vuid;
2158 fsp->file_pid = global_smbpid;
2159 fsp->can_lock = False;
2160 fsp->can_read = False;
2161 fsp->can_write = False;
2162 fsp->print_file = False;
2163 fsp->modified = False;
2164 fsp->oplock_type = NO_OPLOCK;
2165 fsp->sent_oplock_break = NO_BREAK_SENT;
2166 fsp->is_directory = False;
2167 fsp->is_stat = True;
2168 string_set(&fsp->fsp_name,fname);
2170 conn->num_files_open++;
2173 return NT_STATUS_OK;
2176 /****************************************************************************
2177 Receive notification that one of our open files has been renamed by another
2179 ****************************************************************************/
2181 void msg_file_was_renamed(int msg_type, struct process_id src, void *buf, size_t len)
2184 char *frm = (char *)buf;
2187 const char *sharepath;
2188 const char *newname;
2191 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2192 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2196 /* Unpack the message. */
2197 dev = DEV_T_VAL(frm,0);
2198 inode = INO_T_VAL(frm,8);
2199 sharepath = &frm[16];
2200 newname = sharepath + strlen(sharepath) + 1;
2201 sp_len = strlen(sharepath);
2203 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2204 "dev %x, inode %.0f\n",
2205 sharepath, newname, (unsigned int)dev, (double)inode ));
2207 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2208 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2209 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2210 fsp->fnum, fsp->fsp_name, newname ));
2211 string_set(&fsp->fsp_name, newname);
2214 /* Now we have the complete path we can work out if this is
2215 actually within this share and adjust newname accordingly. */
2216 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2217 "not sharepath %s) "
2218 "fnum %d from %s -> %s\n",
2219 fsp->conn->connectpath,