2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_file_owner_to_parent(connection_struct *conn,
88 const char *inherit_from_dir,
91 SMB_STRUCT_STAT parent_st;
94 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
96 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
97 "directory %s. Error was %s\n",
98 inherit_from_dir, strerror(errno) ));
103 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
107 "file %s to parent directory uid %u. Error "
108 "was %s\n", fsp->fsp_name,
109 (unsigned int)parent_st.st_uid,
113 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
114 "parent directory uid %u.\n", fsp->fsp_name,
115 (unsigned int)parent_st.st_uid ));
118 static void change_dir_owner_to_parent(connection_struct *conn,
119 const char *inherit_from_dir,
121 SMB_STRUCT_STAT *psbuf)
124 SMB_STRUCT_STAT sbuf;
125 SMB_STRUCT_STAT parent_st;
128 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
130 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
131 "directory %s. Error was %s\n",
132 inherit_from_dir, strerror(errno) ));
136 /* We've already done an lstat into psbuf, and we know it's a
137 directory. If we can cd into the directory and the dev/ino
138 are the same then we can safely chown without races as
139 we're locking the directory in place by being in it. This
140 should work on any UNIX (thanks tridge :-). JRA.
143 if (!vfs_GetWd(conn,saved_dir)) {
144 DEBUG(0,("change_dir_owner_to_parent: failed to get "
145 "current working directory\n"));
149 /* Chdir into the new path. */
150 if (vfs_ChDir(conn, fname) == -1) {
151 DEBUG(0,("change_dir_owner_to_parent: failed to change "
152 "current working directory to %s. Error "
153 "was %s\n", fname, strerror(errno) ));
157 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
158 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
159 "directory '.' (%s) Error was %s\n",
160 fname, strerror(errno)));
164 /* Ensure we're pointing at the same place. */
165 if (sbuf.st_dev != psbuf->st_dev ||
166 sbuf.st_ino != psbuf->st_ino ||
167 sbuf.st_mode != psbuf->st_mode ) {
168 DEBUG(0,("change_dir_owner_to_parent: "
169 "device/inode/mode on directory %s changed. "
170 "Refusing to chown !\n", fname ));
175 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
178 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
179 "directory %s to parent directory uid %u. "
180 "Error was %s\n", fname,
181 (unsigned int)parent_st.st_uid, strerror(errno) ));
185 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
186 "directory %s to parent directory uid %u.\n",
187 fname, (unsigned int)parent_st.st_uid ));
191 vfs_ChDir(conn,saved_dir);
194 /****************************************************************************
196 ****************************************************************************/
198 static NTSTATUS open_file(files_struct *fsp,
199 connection_struct *conn,
200 const char *parent_dir,
202 SMB_STRUCT_STAT *psbuf,
205 uint32 access_mask, /* client requested access mask. */
206 uint32 open_access_mask) /* what we're actually using in the open. */
208 int accmode = (flags & O_ACCMODE);
209 int local_flags = flags;
210 BOOL file_existed = VALID_STAT(*psbuf);
215 /* Check permissions */
218 * This code was changed after seeing a client open request
219 * containing the open mode of (DENY_WRITE/read-only) with
220 * the 'create if not exist' bit set. The previous code
221 * would fail to open the file read only on a read-only share
222 * as it was checking the flags parameter directly against O_RDONLY,
223 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
227 if (!CAN_WRITE(conn)) {
228 /* It's a read-only share - fail if we wanted to write. */
229 if(accmode != O_RDONLY) {
230 DEBUG(3,("Permission denied opening %s\n",fname));
231 return NT_STATUS_ACCESS_DENIED;
232 } else if(flags & O_CREAT) {
233 /* We don't want to write - but we must make sure that
234 O_CREAT doesn't create the file if we have write
235 access into the directory.
238 local_flags &= ~O_CREAT;
243 * This little piece of insanity is inspired by the
244 * fact that an NT client can open a file for O_RDONLY,
245 * but set the create disposition to FILE_EXISTS_TRUNCATE.
246 * If the client *can* write to the file, then it expects to
247 * truncate the file, even though it is opening for readonly.
248 * Quicken uses this stupid trick in backup file creation...
249 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
250 * for helping track this one down. It didn't bite us in 2.0.x
251 * as we always opened files read-write in that release. JRA.
254 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
255 DEBUG(10,("open_file: truncate requested on read-only open "
256 "for file %s\n",fname ));
257 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
260 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
261 (!file_existed && (local_flags & O_CREAT)) ||
262 ((local_flags & O_TRUNC) == O_TRUNC) ) {
265 * We can't actually truncate here as the file may be locked.
266 * open_file_ntcreate will take care of the truncate later. JRA.
269 local_flags &= ~O_TRUNC;
271 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
273 * We would block on opening a FIFO with no one else on the
274 * other end. Do what we used to do and add O_NONBLOCK to the
278 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
279 local_flags |= O_NONBLOCK;
283 /* Don't create files with Microsoft wildcard characters. */
284 if ((local_flags & O_CREAT) && !file_existed &&
285 ms_has_wild(fname)) {
286 return NT_STATUS_OBJECT_NAME_INVALID;
289 /* Actually do the open */
290 if (!fd_open(conn, fname, fsp, local_flags, unx_mode)) {
291 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
293 fname,strerror(errno),local_flags,flags));
294 return map_nt_error_from_unix(errno);
297 if ((local_flags & O_CREAT) && !file_existed) {
299 /* Inherit the ACL if required */
300 if (lp_inherit_perms(SNUM(conn))) {
301 inherit_access_acl(conn, parent_dir, fname,
305 /* Change the owner if required. */
306 if (lp_inherit_owner(SNUM(conn))) {
307 change_file_owner_to_parent(conn, parent_dir,
313 fsp->fh->fd = -1; /* What we used to call a stat open. */
319 if (fsp->fh->fd == -1) {
320 ret = SMB_VFS_STAT(conn, fname, psbuf);
322 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
323 /* If we have an fd, this stat should succeed. */
325 DEBUG(0,("Error doing fstat on open file %s "
326 "(%s)\n", fname,strerror(errno) ));
330 /* For a non-io open, this stat failing means file not found. JRA */
332 NTSTATUS status = map_nt_error_from_unix(errno);
339 * POSIX allows read-only opens of directories. We don't
340 * want to do this (we use a different code path for this)
341 * so catch a directory open and return an EISDIR. JRA.
344 if(S_ISDIR(psbuf->st_mode)) {
347 return NT_STATUS_FILE_IS_A_DIRECTORY;
350 fsp->mode = psbuf->st_mode;
351 fsp->inode = psbuf->st_ino;
352 fsp->dev = psbuf->st_dev;
353 fsp->vuid = current_user.vuid;
354 fsp->file_pid = global_smbpid;
355 fsp->can_lock = True;
356 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
357 if (!CAN_WRITE(conn)) {
358 fsp->can_write = False;
360 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
363 fsp->print_file = False;
364 fsp->modified = False;
365 fsp->sent_oplock_break = NO_BREAK_SENT;
366 fsp->is_directory = False;
367 fsp->is_stat = False;
368 if (conn->aio_write_behind_list &&
369 is_in_path(fname, conn->aio_write_behind_list, conn->case_sensitive)) {
370 fsp->aio_write_behind = True;
373 string_set(&fsp->fsp_name,fname);
374 fsp->wcp = NULL; /* Write cache pointer. */
376 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
377 *current_user_info.smb_name ?
378 current_user_info.smb_name : conn->user,fsp->fsp_name,
379 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
380 conn->num_files_open + 1));
386 /*******************************************************************
387 Return True if the filename is one of the special executable types.
388 ********************************************************************/
390 static BOOL is_executable(const char *fname)
392 if ((fname = strrchr_m(fname,'.'))) {
393 if (strequal(fname,".com") ||
394 strequal(fname,".dll") ||
395 strequal(fname,".exe") ||
396 strequal(fname,".sym")) {
403 /****************************************************************************
404 Check if we can open a file with a share mode.
405 Returns True if conflict, False if not.
406 ****************************************************************************/
408 static BOOL share_conflict(struct share_mode_entry *entry,
412 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
413 "entry->share_access = 0x%x, "
414 "entry->private_options = 0x%x\n",
415 (unsigned int)entry->access_mask,
416 (unsigned int)entry->share_access,
417 (unsigned int)entry->private_options));
419 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
420 (unsigned int)access_mask, (unsigned int)share_access));
422 if ((entry->access_mask & (FILE_WRITE_DATA|
426 DELETE_ACCESS)) == 0) {
427 DEBUG(10,("share_conflict: No conflict due to "
428 "entry->access_mask = 0x%x\n",
429 (unsigned int)entry->access_mask ));
433 if ((access_mask & (FILE_WRITE_DATA|
437 DELETE_ACCESS)) == 0) {
438 DEBUG(10,("share_conflict: No conflict due to "
439 "access_mask = 0x%x\n",
440 (unsigned int)access_mask ));
444 #if 1 /* JRA TEST - Superdebug. */
445 #define CHECK_MASK(num, am, right, sa, share) \
446 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
447 (unsigned int)(num), (unsigned int)(am), \
448 (unsigned int)(right), (unsigned int)(am)&(right) )); \
449 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
450 (unsigned int)(num), (unsigned int)(sa), \
451 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
452 if (((am) & (right)) && !((sa) & (share))) { \
453 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
454 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
455 (unsigned int)(share) )); \
459 #define CHECK_MASK(num, am, right, sa, share) \
460 if (((am) & (right)) && !((sa) & (share))) { \
461 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
462 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
463 (unsigned int)(share) )); \
468 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
469 share_access, FILE_SHARE_WRITE);
470 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
471 entry->share_access, FILE_SHARE_WRITE);
473 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
474 share_access, FILE_SHARE_READ);
475 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
476 entry->share_access, FILE_SHARE_READ);
478 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
479 share_access, FILE_SHARE_DELETE);
480 CHECK_MASK(6, access_mask, DELETE_ACCESS,
481 entry->share_access, FILE_SHARE_DELETE);
483 DEBUG(10,("share_conflict: No conflict.\n"));
487 #if defined(DEVELOPER)
488 static void validate_my_share_entries(int num,
489 struct share_mode_entry *share_entry)
493 if (!procid_is_me(&share_entry->pid)) {
497 if (is_deferred_open_entry(share_entry) &&
498 !open_was_deferred(share_entry->op_mid)) {
500 pstr_sprintf(str, "Got a deferred entry without a request: "
501 "PANIC: %s\n", share_mode_str(num, share_entry));
505 if (!is_valid_share_mode_entry(share_entry)) {
509 fsp = file_find_dif(share_entry->dev, share_entry->inode,
510 share_entry->share_file_id);
512 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
513 share_mode_str(num, share_entry) ));
514 smb_panic("validate_my_share_entries: Cannot match a "
515 "share entry with an open file\n");
518 if (is_deferred_open_entry(share_entry) ||
519 is_unused_share_mode_entry(share_entry)) {
523 if ((share_entry->op_type == NO_OPLOCK) &&
524 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
525 /* Someone has already written to it, but I haven't yet
530 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
539 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
540 share_mode_str(num, share_entry) ));
541 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
542 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
543 fsp->fsp_name, (unsigned int)fsp->oplock_type,
544 (unsigned int)share_entry->op_type );
550 static BOOL is_stat_open(uint32 access_mask)
552 return (access_mask &&
553 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
554 FILE_WRITE_ATTRIBUTES))==0) &&
555 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
556 FILE_WRITE_ATTRIBUTES)) != 0));
559 /****************************************************************************
560 Deal with share modes
561 Invarient: Share mode must be locked on entry and exit.
562 Returns -1 on error, or number of share modes on success (may be zero).
563 ****************************************************************************/
565 static NTSTATUS open_mode_check(connection_struct *conn,
567 struct share_mode_lock *lck,
570 uint32 create_options,
575 if(lck->num_share_modes == 0) {
579 *file_existed = True;
581 if (is_stat_open(access_mask)) {
582 /* Stat open that doesn't trigger oplock breaks or share mode
583 * checks... ! JRA. */
587 /* A delete on close prohibits everything */
589 if (lck->delete_on_close) {
590 return NT_STATUS_DELETE_PENDING;
594 * Check if the share modes will give us access.
597 #if defined(DEVELOPER)
598 for(i = 0; i < lck->num_share_modes; i++) {
599 validate_my_share_entries(i, &lck->share_modes[i]);
603 if (!lp_share_modes(SNUM(conn))) {
607 /* Now we check the share modes, after any oplock breaks. */
608 for(i = 0; i < lck->num_share_modes; i++) {
610 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
614 /* someone else has a share lock on it, check to see if we can
616 if (share_conflict(&lck->share_modes[i],
617 access_mask, share_access)) {
618 return NT_STATUS_SHARING_VIOLATION;
625 static BOOL is_delete_request(files_struct *fsp) {
626 return ((fsp->access_mask == DELETE_ACCESS) &&
627 (fsp->oplock_type == NO_OPLOCK));
631 * 1) No files open at all or internal open: Grant whatever the client wants.
633 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
634 * request, break if the oplock around is a batch oplock. If it's another
635 * requested access type, break.
637 * 3) Only level2 around: Grant level2 and do nothing else.
640 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
646 struct share_mode_entry *exclusive = NULL;
647 BOOL valid_entry = False;
648 BOOL delay_it = False;
649 BOOL have_level2 = False;
651 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
653 if (oplock_request & INTERNAL_OPEN_ONLY) {
654 fsp->oplock_type = NO_OPLOCK;
657 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
661 for (i=0; i<lck->num_share_modes; i++) {
663 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
667 /* At least one entry is not an invalid or deferred entry. */
670 if (pass_number == 1) {
671 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
672 SMB_ASSERT(exclusive == NULL);
673 exclusive = &lck->share_modes[i];
676 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
677 SMB_ASSERT(exclusive == NULL);
678 exclusive = &lck->share_modes[i];
682 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
683 SMB_ASSERT(exclusive == NULL);
689 /* All entries are placeholders or deferred.
690 * Directly grant whatever the client wants. */
691 if (fsp->oplock_type == NO_OPLOCK) {
692 /* Store a level2 oplock, but don't tell the client */
693 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
698 if (exclusive != NULL) { /* Found an exclusive oplock */
699 SMB_ASSERT(!have_level2);
700 delay_it = is_delete_request(fsp) ?
701 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
704 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
705 /* We can at most grant level2 as there are other
706 * level2 or NO_OPLOCK entries. */
707 fsp->oplock_type = LEVEL_II_OPLOCK;
710 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
711 /* Store a level2 oplock, but don't tell the client */
712 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
720 * Send a break message to the oplock holder and delay the open for
724 DEBUG(10, ("Sending break request to PID %s\n",
725 procid_str_static(&exclusive->pid)));
726 exclusive->op_mid = get_current_mid();
728 /* Create the message. */
729 share_mode_entry_to_message(msg, exclusive);
731 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
732 don't want this set in the share mode struct pointed to by lck. */
734 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
735 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
738 ret = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
739 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
741 DEBUG(3, ("Could not send oplock break message\n"));
747 static BOOL request_timed_out(struct timeval request_time,
748 struct timeval timeout)
750 struct timeval now, end_time;
752 end_time = timeval_sum(&request_time, &timeout);
753 return (timeval_compare(&end_time, &now) < 0);
756 /****************************************************************************
757 Handle the 1 second delay in returning a SHARING_VIOLATION error.
758 ****************************************************************************/
760 static void defer_open(struct share_mode_lock *lck,
761 struct timeval request_time,
762 struct timeval timeout,
763 struct deferred_open_record *state)
765 uint16 mid = get_current_mid();
770 for (i=0; i<lck->num_share_modes; i++) {
771 struct share_mode_entry *e = &lck->share_modes[i];
773 if (!is_deferred_open_entry(e)) {
777 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
778 DEBUG(0, ("Trying to defer an already deferred "
779 "request: mid=%d, exiting\n", mid));
780 exit_server("attempt to defer a deferred request");
784 /* End paranoia check */
786 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
787 "open entry for mid %u\n",
788 (unsigned int)request_time.tv_sec,
789 (unsigned int)request_time.tv_usec,
792 if (!push_deferred_smb_message(mid, request_time, timeout,
793 (char *)state, sizeof(*state))) {
794 exit_server("push_deferred_smb_message failed");
796 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
799 * Push the MID of this packet on the signing queue.
800 * We only do this once, the first time we push the packet
801 * onto the deferred open queue, as this has a side effect
802 * of incrementing the response sequence number.
805 srv_defer_sign_response(mid);
809 /****************************************************************************
810 On overwrite open ensure that the attributes match.
811 ****************************************************************************/
813 static BOOL open_match_attributes(connection_struct *conn,
817 mode_t existing_unx_mode,
819 mode_t *returned_unx_mode)
821 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
823 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
824 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
826 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
827 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
828 *returned_unx_mode = new_unx_mode;
830 *returned_unx_mode = (mode_t)0;
833 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
834 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
835 "returned_unx_mode = 0%o\n",
837 (unsigned int)old_dos_attr,
838 (unsigned int)existing_unx_mode,
839 (unsigned int)new_dos_attr,
840 (unsigned int)*returned_unx_mode ));
842 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
843 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
844 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
845 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
849 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
850 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
851 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
858 /****************************************************************************
859 Special FCB or DOS processing in the case of a sharing violation.
860 Try and find a duplicated file handle.
861 ****************************************************************************/
863 static files_struct *fcb_or_dos_open(connection_struct *conn,
864 const char *fname, SMB_DEV_T dev,
868 uint32 create_options)
871 files_struct *dup_fsp;
873 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
874 "file %s.\n", fname ));
876 for(fsp = file_find_di_first(dev, inode); fsp;
877 fsp = file_find_di_next(fsp)) {
879 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
880 "vuid = %u, file_pid = %u, private_options = 0x%x "
881 "access_mask = 0x%x\n", fsp->fsp_name,
882 fsp->fh->fd, (unsigned int)fsp->vuid,
883 (unsigned int)fsp->file_pid,
884 (unsigned int)fsp->fh->private_options,
885 (unsigned int)fsp->access_mask ));
887 if (fsp->fh->fd != -1 &&
888 fsp->vuid == current_user.vuid &&
889 fsp->file_pid == global_smbpid &&
890 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
891 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
892 (fsp->access_mask & FILE_WRITE_DATA) &&
893 strequal(fsp->fsp_name, fname)) {
894 DEBUG(10,("fcb_or_dos_open: file match\n"));
903 /* quite an insane set of semantics ... */
904 if (is_executable(fname) &&
905 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
906 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
910 /* We need to duplicate this fsp. */
911 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
912 create_options, &dup_fsp))) {
919 /****************************************************************************
920 Open a file with a share mode - old openX method - map into NTCreate.
921 ****************************************************************************/
923 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
924 uint32 *paccess_mask,
926 uint32 *pcreate_disposition,
927 uint32 *pcreate_options)
931 uint32 create_disposition;
932 uint32 create_options = 0;
934 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
935 "open_func = 0x%x\n",
936 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
938 /* Create the NT compatible access_mask. */
939 switch (GET_OPENX_MODE(deny_mode)) {
940 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
941 case DOS_OPEN_RDONLY:
942 access_mask = FILE_GENERIC_READ;
944 case DOS_OPEN_WRONLY:
945 access_mask = FILE_GENERIC_WRITE;
949 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
952 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
953 (unsigned int)GET_OPENX_MODE(deny_mode)));
957 /* Create the NT compatible create_disposition. */
959 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
960 create_disposition = FILE_CREATE;
963 case OPENX_FILE_EXISTS_OPEN:
964 create_disposition = FILE_OPEN;
967 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
968 create_disposition = FILE_OPEN_IF;
971 case OPENX_FILE_EXISTS_TRUNCATE:
972 create_disposition = FILE_OVERWRITE;
975 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
976 create_disposition = FILE_OVERWRITE_IF;
980 /* From samba4 - to be confirmed. */
981 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
982 create_disposition = FILE_CREATE;
985 DEBUG(10,("map_open_params_to_ntcreate: bad "
986 "open_func 0x%x\n", (unsigned int)open_func));
990 /* Create the NT compatible share modes. */
991 switch (GET_DENY_MODE(deny_mode)) {
993 share_mode = FILE_SHARE_NONE;
997 share_mode = FILE_SHARE_READ;
1001 share_mode = FILE_SHARE_WRITE;
1005 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1009 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1010 if (is_executable(fname)) {
1011 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1013 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1014 share_mode = FILE_SHARE_READ;
1016 share_mode = FILE_SHARE_NONE;
1022 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1023 share_mode = FILE_SHARE_NONE;
1027 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1028 (unsigned int)GET_DENY_MODE(deny_mode) ));
1032 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1033 "share_mode = 0x%x, create_disposition = 0x%x, "
1034 "create_options = 0x%x\n",
1036 (unsigned int)access_mask,
1037 (unsigned int)share_mode,
1038 (unsigned int)create_disposition,
1039 (unsigned int)create_options ));
1042 *paccess_mask = access_mask;
1045 *pshare_mode = share_mode;
1047 if (pcreate_disposition) {
1048 *pcreate_disposition = create_disposition;
1050 if (pcreate_options) {
1051 *pcreate_options = create_options;
1058 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1060 struct deferred_open_record state;
1062 /* This is a relative time, added to the absolute
1063 request_time value to get the absolute timeout time.
1064 Note that if this is the second or greater time we enter
1065 this codepath for this particular request mid then
1066 request_time is left as the absolute time of the *first*
1067 time this request mid was processed. This is what allows
1068 the request to eventually time out. */
1070 struct timeval timeout;
1072 /* Normally the smbd we asked should respond within
1073 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1074 * the client did, give twice the timeout as a safety
1075 * measure here in case the other smbd is stuck
1076 * somewhere else. */
1078 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1080 /* Nothing actually uses state.delayed_for_oplocks
1081 but it's handy to differentiate in debug messages
1082 between a 30 second delay due to oplock break, and
1083 a 1 second delay for share mode conflicts. */
1085 state.delayed_for_oplocks = True;
1086 state.dev = lck->dev;
1087 state.inode = lck->ino;
1089 if (!request_timed_out(request_time, timeout)) {
1090 defer_open(lck, request_time, timeout, &state);
1094 /****************************************************************************
1095 Open a file with a share mode.
1096 ****************************************************************************/
1098 NTSTATUS open_file_ntcreate(connection_struct *conn,
1100 SMB_STRUCT_STAT *psbuf,
1101 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1102 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1103 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1104 uint32 create_options, /* options such as delete on close. */
1105 uint32 new_dos_attributes, /* attributes used for new file. */
1106 int oplock_request, /* internal Samba oplock codes. */
1107 /* Information (FILE_EXISTS etc.) */
1109 files_struct **result)
1113 BOOL file_existed = VALID_STAT(*psbuf);
1114 BOOL def_acl = False;
1116 SMB_INO_T inode = 0;
1117 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1118 files_struct *fsp = NULL;
1119 mode_t new_unx_mode = (mode_t)0;
1120 mode_t unx_mode = (mode_t)0;
1122 uint32 existing_dos_attributes = 0;
1123 struct pending_message_list *pml = NULL;
1124 uint16 mid = get_current_mid();
1125 struct timeval request_time = timeval_zero();
1126 struct share_mode_lock *lck = NULL;
1127 uint32 open_access_mask = access_mask;
1131 const char *newname;
1133 if (conn->printer) {
1135 * Printers are handled completely differently.
1136 * Most of the passed parameters are ignored.
1140 *pinfo = FILE_WAS_CREATED;
1143 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1145 return print_fsp_open(conn, fname, result);
1148 if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1150 return NT_STATUS_NO_MEMORY;
1153 /* We add aARCH to this as this mode is only used if the file is
1155 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1158 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1159 "access_mask=0x%x share_access=0x%x "
1160 "create_disposition = 0x%x create_options=0x%x "
1161 "unix mode=0%o oplock_request=%d\n",
1162 fname, new_dos_attributes, access_mask, share_access,
1163 create_disposition, create_options, unx_mode,
1166 if ((pml = get_open_deferred_message(mid)) != NULL) {
1167 struct deferred_open_record *state =
1168 (struct deferred_open_record *)pml->private_data.data;
1170 /* Remember the absolute time of the original
1171 request with this mid. We'll use it later to
1172 see if this has timed out. */
1174 request_time = pml->request_time;
1176 /* Remove the deferred open entry under lock. */
1177 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1179 DEBUG(0, ("could not get share mode lock\n"));
1181 del_deferred_open_entry(lck, mid);
1185 /* Ensure we don't reprocess this message. */
1186 remove_deferred_open_smb_message(mid);
1189 if (!check_name(fname,conn)) {
1190 return map_nt_error_from_unix(errno);
1193 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1195 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1198 /* ignore any oplock requests if oplocks are disabled */
1199 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1200 IS_VETO_OPLOCK_PATH(conn, fname)) {
1201 /* Mask off everything except the private Samba bits. */
1202 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1205 /* this is for OS/2 long file names - say we don't support them */
1206 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1207 /* OS/2 Workplace shell fix may be main code stream in a later
1209 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1211 if (use_nt_status()) {
1212 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1214 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1217 switch( create_disposition ) {
1219 * Currently we're using FILE_SUPERSEDE as the same as
1220 * FILE_OVERWRITE_IF but they really are
1221 * different. FILE_SUPERSEDE deletes an existing file
1222 * (requiring delete access) then recreates it.
1224 case FILE_SUPERSEDE:
1225 /* If file exists replace/overwrite. If file doesn't
1227 flags2 |= (O_CREAT | O_TRUNC);
1230 case FILE_OVERWRITE_IF:
1231 /* If file exists replace/overwrite. If file doesn't
1233 flags2 |= (O_CREAT | O_TRUNC);
1237 /* If file exists open. If file doesn't exist error. */
1238 if (!file_existed) {
1239 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1240 "requested for file %s and file "
1241 "doesn't exist.\n", fname ));
1243 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1247 case FILE_OVERWRITE:
1248 /* If file exists overwrite. If file doesn't exist
1250 if (!file_existed) {
1251 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1252 "requested for file %s and file "
1253 "doesn't exist.\n", fname ));
1255 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1261 /* If file exists error. If file doesn't exist
1264 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1265 "requested for file %s and file "
1266 "already exists.\n", fname ));
1267 if (S_ISDIR(psbuf->st_mode)) {
1272 return map_nt_error_from_unix(errno);
1274 flags2 |= (O_CREAT|O_EXCL);
1278 /* If file exists open. If file doesn't exist
1284 return NT_STATUS_INVALID_PARAMETER;
1287 /* We only care about matching attributes on file exists and
1290 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1291 (create_disposition == FILE_OVERWRITE_IF))) {
1292 if (!open_match_attributes(conn, fname,
1293 existing_dos_attributes,
1294 new_dos_attributes, psbuf->st_mode,
1295 unx_mode, &new_unx_mode)) {
1296 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1297 "for file %s (%x %x) (0%o, 0%o)\n",
1298 fname, existing_dos_attributes,
1300 (unsigned int)psbuf->st_mode,
1301 (unsigned int)unx_mode ));
1303 return NT_STATUS_ACCESS_DENIED;
1307 /* This is a nasty hack - must fix... JRA. */
1308 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1309 open_access_mask = access_mask = FILE_GENERIC_ALL;
1313 * Convert GENERIC bits to specific bits.
1316 se_map_generic(&access_mask, &file_generic_mapping);
1317 open_access_mask = access_mask;
1319 if (flags2 & O_TRUNC) {
1320 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1323 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1324 "access_mask=0x%x\n", fname, access_mask ));
1327 * Note that we ignore the append flag as append does not
1328 * mean the same thing under DOS and Unix.
1331 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1332 /* DENY_DOS opens are always underlying read-write on the
1333 file handle, no matter what the requested access mask
1335 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1336 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1346 * Currently we only look at FILE_WRITE_THROUGH for create options.
1350 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1355 if (!CAN_WRITE(conn)) {
1357 * We should really return a permission denied error if either
1358 * O_CREAT or O_TRUNC are set, but for compatibility with
1359 * older versions of Samba we just AND them out.
1361 flags2 &= ~(O_CREAT|O_TRUNC);
1365 * Ensure we can't write on a read-only share or file.
1368 if (flags != O_RDONLY && file_existed &&
1369 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1370 DEBUG(5,("open_file_ntcreate: write access requested for "
1371 "file %s on read only %s\n",
1372 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1374 return NT_STATUS_ACCESS_DENIED;
1377 status = file_new(conn, &fsp);
1378 if(!NT_STATUS_IS_OK(status)) {
1382 fsp->dev = psbuf->st_dev;
1383 fsp->inode = psbuf->st_ino;
1384 fsp->share_access = share_access;
1385 fsp->fh->private_options = create_options;
1386 fsp->access_mask = open_access_mask; /* We change this to the
1387 * requested access_mask after
1388 * the open is done. */
1389 /* Ensure no SAMBA_PRIVATE bits can be set. */
1390 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1392 if (timeval_is_zero(&request_time)) {
1393 request_time = fsp->open_time;
1397 dev = psbuf->st_dev;
1398 inode = psbuf->st_ino;
1400 lck = get_share_mode_lock(NULL, dev, inode,
1406 DEBUG(0, ("Could not get share mode lock\n"));
1407 return NT_STATUS_SHARING_VIOLATION;
1410 /* First pass - send break only on batch oplocks. */
1411 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1412 schedule_defer_open(lck, request_time);
1415 return NT_STATUS_SHARING_VIOLATION;
1418 /* Use the client requested access mask here, not the one we
1420 status = open_mode_check(conn, fname, lck,
1421 access_mask, share_access,
1422 create_options, &file_existed);
1424 if (NT_STATUS_IS_OK(status)) {
1425 /* We might be going to allow this open. Check oplock
1427 /* Second pass - send break for both batch or
1428 * exclusive oplocks. */
1429 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1430 schedule_defer_open(lck, request_time);
1433 return NT_STATUS_SHARING_VIOLATION;
1437 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1438 /* DELETE_PENDING is not deferred for a second */
1444 if (!NT_STATUS_IS_OK(status)) {
1445 uint32 can_access_mask;
1446 BOOL can_access = True;
1448 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1450 /* Check if this can be done with the deny_dos and fcb
1452 if (create_options &
1453 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1454 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1455 files_struct *fsp_dup;
1457 /* Use the client requested access mask here,
1458 * not the one we open with. */
1459 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1468 *pinfo = FILE_WAS_OPENED;
1470 conn->num_files_open++;
1472 return NT_STATUS_OK;
1477 * This next line is a subtlety we need for
1478 * MS-Access. If a file open will fail due to share
1479 * permissions and also for security (access) reasons,
1480 * we need to return the access failed error, not the
1481 * share error. We can't open the file due to kernel
1482 * oplock deadlock (it's possible we failed above on
1483 * the open_mode_check()) so use a userspace check.
1486 if (flags & O_RDWR) {
1487 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1488 } else if (flags & O_WRONLY) {
1489 can_access_mask = FILE_WRITE_DATA;
1491 can_access_mask = FILE_READ_DATA;
1494 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1495 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1500 * If we're returning a share violation, ensure we
1501 * cope with the braindead 1 second delay.
1504 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1505 lp_defer_sharing_violations()) {
1506 struct timeval timeout;
1507 struct deferred_open_record state;
1510 /* this is a hack to speed up torture tests
1512 timeout_usecs = lp_parm_int(SNUM(conn),
1513 "smbd","sharedelay",
1514 SHARING_VIOLATION_USEC_WAIT);
1516 /* This is a relative time, added to the absolute
1517 request_time value to get the absolute timeout time.
1518 Note that if this is the second or greater time we enter
1519 this codepath for this particular request mid then
1520 request_time is left as the absolute time of the *first*
1521 time this request mid was processed. This is what allows
1522 the request to eventually time out. */
1524 timeout = timeval_set(0, timeout_usecs);
1526 /* Nothing actually uses state.delayed_for_oplocks
1527 but it's handy to differentiate in debug messages
1528 between a 30 second delay due to oplock break, and
1529 a 1 second delay for share mode conflicts. */
1531 state.delayed_for_oplocks = False;
1533 state.inode = inode;
1535 if (!request_timed_out(request_time,
1537 defer_open(lck, request_time, timeout,
1545 * We have detected a sharing violation here
1546 * so return the correct error code
1548 status = NT_STATUS_SHARING_VIOLATION;
1550 status = NT_STATUS_ACCESS_DENIED;
1557 * We exit this block with the share entry *locked*.....
1561 SMB_ASSERT(!file_existed || (lck != NULL));
1564 * Ensure we pay attention to default ACLs on directories if required.
1567 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1568 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1572 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1573 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1574 (unsigned int)flags, (unsigned int)flags2,
1575 (unsigned int)unx_mode, (unsigned int)access_mask,
1576 (unsigned int)open_access_mask));
1579 * open_file strips any O_TRUNC flags itself.
1582 fsp_open = open_file(fsp, conn, parent_dir, fname, psbuf, flags|flags2,
1583 unx_mode, access_mask, open_access_mask);
1585 if (!NT_STATUS_IS_OK(fsp_open)) {
1593 if (!file_existed) {
1596 * Deal with the race condition where two smbd's detect the
1597 * file doesn't exist and do the create at the same time. One
1598 * of them will win and set a share mode, the other (ie. this
1599 * one) should check if the requested share mode for this
1600 * create is allowed.
1604 * Now the file exists and fsp is successfully opened,
1605 * fsp->dev and fsp->inode are valid and should replace the
1606 * dev=0,inode=0 from a non existent file. Spotted by
1607 * Nadav Danieli <nadavd@exanet.com>. JRA.
1613 lck = get_share_mode_lock(NULL, dev, inode,
1618 DEBUG(0, ("open_file_ntcreate: Could not get share "
1619 "mode lock for %s\n", fname));
1620 fd_close(conn, fsp);
1622 return NT_STATUS_SHARING_VIOLATION;
1625 status = open_mode_check(conn, fname, lck,
1626 access_mask, share_access,
1627 create_options, &file_existed);
1629 if (!NT_STATUS_IS_OK(status)) {
1630 struct deferred_open_record state;
1632 fd_close(conn, fsp);
1635 state.delayed_for_oplocks = False;
1637 state.inode = inode;
1639 /* Do it all over again immediately. In the second
1640 * round we will find that the file existed and handle
1641 * the DELETE_PENDING and FCB cases correctly. No need
1642 * to duplicate the code here. Essentially this is a
1643 * "goto top of this function", but don't tell
1646 defer_open(lck, request_time, timeval_zero(),
1653 * We exit this block with the share entry *locked*.....
1658 SMB_ASSERT(lck != NULL);
1660 /* note that we ignore failure for the following. It is
1661 basically a hack for NFS, and NFS will never set one of
1662 these only read them. Nobody but Samba can ever set a deny
1663 mode and we have already checked our more authoritative
1664 locking database for permission to set this deny mode. If
1665 the kernel refuses the operations then the kernel is wrong.
1666 note that GPFS supports it as well - jmcd */
1668 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1669 if(ret_flock == -1 ){
1672 fd_close(conn, fsp);
1675 return NT_STATUS_SHARING_VIOLATION;
1679 * At this point onwards, we can guarentee that the share entry
1680 * is locked, whether we created the file or not, and that the
1681 * deny mode is compatible with all current opens.
1685 * If requested, truncate the file.
1688 if (flags2&O_TRUNC) {
1690 * We are modifing the file after open - update the stat
1693 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1694 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1695 status = map_nt_error_from_unix(errno);
1703 /* Record the options we were opened with. */
1704 fsp->share_access = share_access;
1705 fsp->fh->private_options = create_options;
1706 fsp->access_mask = access_mask;
1709 /* stat opens on existing files don't get oplocks. */
1710 if (is_stat_open(open_access_mask)) {
1711 fsp->oplock_type = NO_OPLOCK;
1714 if (!(flags2 & O_TRUNC)) {
1715 info = FILE_WAS_OPENED;
1717 info = FILE_WAS_OVERWRITTEN;
1720 info = FILE_WAS_CREATED;
1728 * Setup the oplock info in both the shared memory and
1732 if ((fsp->oplock_type != NO_OPLOCK) &&
1733 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1734 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1735 /* Could not get the kernel oplock */
1736 fsp->oplock_type = NO_OPLOCK;
1739 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1741 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1742 info == FILE_WAS_SUPERSEDED) {
1744 /* Handle strange delete on close create semantics. */
1745 if (create_options & FILE_DELETE_ON_CLOSE) {
1746 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1748 if (!NT_STATUS_IS_OK(status)) {
1749 /* Remember to delete the mode we just added. */
1750 del_share_mode(lck, fsp);
1756 /* Note that here we set the *inital* delete on close flag,
1757 not the regular one. */
1758 set_delete_on_close_token(lck, ¤t_user.ut);
1759 lck->initial_delete_on_close = True;
1760 lck->modified = True;
1763 /* Files should be initially set as archive */
1764 if (lp_map_archive(SNUM(conn)) ||
1765 lp_store_dos_attributes(SNUM(conn))) {
1766 file_set_dosmode(conn, fname,
1767 new_dos_attributes | aARCH, NULL,
1773 * Take care of inherited ACLs on created files - if default ACL not
1777 if (!file_existed && !def_acl) {
1779 int saved_errno = errno; /* We might get ENOSYS in the next
1782 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1784 errno = saved_errno; /* Ignore ENOSYS */
1787 } else if (new_unx_mode) {
1791 /* Attributes need changing. File already existed. */
1794 int saved_errno = errno; /* We might get ENOSYS in the
1796 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1799 if (ret == -1 && errno == ENOSYS) {
1800 errno = saved_errno; /* Ignore ENOSYS */
1802 DEBUG(5, ("open_file_ntcreate: reset "
1803 "attributes of file %s to 0%o\n",
1804 fname, (unsigned int)new_unx_mode));
1805 ret = 0; /* Don't do the fchmod below. */
1810 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1811 DEBUG(5, ("open_file_ntcreate: failed to reset "
1812 "attributes of file %s to 0%o\n",
1813 fname, (unsigned int)new_unx_mode));
1816 /* If this is a successful open, we must remove any deferred open
1818 del_deferred_open_entry(lck, mid);
1821 conn->num_files_open++;
1824 return NT_STATUS_OK;
1827 /****************************************************************************
1828 Open a file for for write to ensure that we can fchmod it.
1829 ****************************************************************************/
1831 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1832 SMB_STRUCT_STAT *psbuf, files_struct **result)
1834 files_struct *fsp = NULL;
1837 if (!VALID_STAT(*psbuf)) {
1838 return NT_STATUS_INVALID_PARAMETER;
1841 status = file_new(conn, &fsp);
1842 if(!NT_STATUS_IS_OK(status)) {
1846 /* note! we must use a non-zero desired access or we don't get
1847 a real file descriptor. Oh what a twisted web we weave. */
1848 status = open_file(fsp, conn, NULL, fname, psbuf, O_WRONLY, 0,
1849 FILE_WRITE_DATA, FILE_WRITE_DATA);
1852 * This is not a user visible file open.
1853 * Don't set a share mode and don't increment
1854 * the conn->num_files_open.
1857 if (!NT_STATUS_IS_OK(status)) {
1863 return NT_STATUS_OK;
1866 /****************************************************************************
1867 Close the fchmod file fd - ensure no locks are lost.
1868 ****************************************************************************/
1870 int close_file_fchmod(files_struct *fsp)
1872 int ret = fd_close(fsp->conn, fsp);
1877 static NTSTATUS mkdir_internal(connection_struct *conn, const char *name,
1878 SMB_STRUCT_STAT *psbuf)
1883 const char *dirname;
1885 if(!CAN_WRITE(conn)) {
1886 DEBUG(5,("mkdir_internal: failing create on read-only share "
1887 "%s\n", lp_servicename(SNUM(conn))));
1888 return NT_STATUS_ACCESS_DENIED;
1891 if (!check_name(name, conn)) {
1892 return map_nt_error_from_unix(errno);
1895 if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1897 return NT_STATUS_NO_MEMORY;
1900 mode = unix_mode(conn, aDIR, name, parent_dir);
1902 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1903 return map_nt_error_from_unix(errno);
1906 /* Ensure we're checking for a symlink here.... */
1907 /* We don't want to get caught by a symlink racer. */
1909 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1910 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1911 name, strerror(errno)));
1912 return map_nt_error_from_unix(errno);
1915 if (!S_ISDIR(psbuf->st_mode)) {
1916 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1918 return NT_STATUS_ACCESS_DENIED;
1921 if (lp_inherit_perms(SNUM(conn))) {
1922 inherit_access_acl(conn, parent_dir, name, mode);
1926 * Check if high bits should have been set,
1927 * then (if bits are missing): add them.
1928 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1931 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1932 SMB_VFS_CHMOD(conn, name,
1933 psbuf->st_mode | (mode & ~psbuf->st_mode));
1936 /* Change the owner if required. */
1937 if (lp_inherit_owner(SNUM(conn))) {
1938 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1941 notify_action(conn, parent_dir, dirname, NOTIFY_ACTION_ADDED);
1943 return NT_STATUS_OK;
1946 /****************************************************************************
1947 Open a directory from an NT SMB call.
1948 ****************************************************************************/
1950 NTSTATUS open_directory(connection_struct *conn,
1952 SMB_STRUCT_STAT *psbuf,
1954 uint32 share_access,
1955 uint32 create_disposition,
1956 uint32 create_options,
1958 files_struct **result)
1960 files_struct *fsp = NULL;
1961 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1962 struct share_mode_lock *lck = NULL;
1966 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1967 "share_access = 0x%x create_options = 0x%x, "
1968 "create_disposition = 0x%x\n",
1970 (unsigned int)access_mask,
1971 (unsigned int)share_access,
1972 (unsigned int)create_options,
1973 (unsigned int)create_disposition));
1975 if (is_ntfs_stream_name(fname)) {
1976 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1977 return NT_STATUS_NOT_A_DIRECTORY;
1980 switch( create_disposition ) {
1983 info = FILE_WAS_OPENED;
1986 * We want to follow symlinks here.
1989 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
1990 return map_nt_error_from_unix(errno);
1997 /* If directory exists error. If directory doesn't
2000 status = mkdir_internal(conn, fname, psbuf);
2001 if (!NT_STATUS_IS_OK(status)) {
2002 DEBUG(2, ("open_directory: unable to create "
2003 "%s. Error was %s\n", fname,
2004 nt_errstr(status)));
2008 info = FILE_WAS_CREATED;
2013 * If directory exists open. If directory doesn't
2017 status = mkdir_internal(conn, fname, psbuf);
2019 if (NT_STATUS_IS_OK(status)) {
2020 info = FILE_WAS_CREATED;
2023 if (NT_STATUS_EQUAL(status,
2024 NT_STATUS_OBJECT_NAME_COLLISION)) {
2025 info = FILE_WAS_OPENED;
2026 status = NT_STATUS_OK;
2031 case FILE_SUPERSEDE:
2032 case FILE_OVERWRITE:
2033 case FILE_OVERWRITE_IF:
2035 DEBUG(5,("open_directory: invalid create_disposition "
2036 "0x%x for directory %s\n",
2037 (unsigned int)create_disposition, fname));
2038 return NT_STATUS_INVALID_PARAMETER;
2041 if(!S_ISDIR(psbuf->st_mode)) {
2042 DEBUG(5,("open_directory: %s is not a directory !\n",
2044 return NT_STATUS_NOT_A_DIRECTORY;
2047 status = file_new(conn, &fsp);
2048 if(!NT_STATUS_IS_OK(status)) {
2053 * Setup the files_struct for it.
2056 fsp->mode = psbuf->st_mode;
2057 fsp->inode = psbuf->st_ino;
2058 fsp->dev = psbuf->st_dev;
2059 fsp->vuid = current_user.vuid;
2060 fsp->file_pid = global_smbpid;
2061 fsp->can_lock = False;
2062 fsp->can_read = False;
2063 fsp->can_write = False;
2065 fsp->share_access = share_access;
2066 fsp->fh->private_options = create_options;
2067 fsp->access_mask = access_mask;
2069 fsp->print_file = False;
2070 fsp->modified = False;
2071 fsp->oplock_type = NO_OPLOCK;
2072 fsp->sent_oplock_break = NO_BREAK_SENT;
2073 fsp->is_directory = True;
2074 fsp->is_stat = False;
2075 string_set(&fsp->fsp_name,fname);
2077 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2082 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2084 return NT_STATUS_SHARING_VIOLATION;
2087 status = open_mode_check(conn, fname, lck,
2088 access_mask, share_access,
2089 create_options, &dir_existed);
2091 if (!NT_STATUS_IS_OK(status)) {
2097 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2099 /* For directories the delete on close bit at open time seems
2100 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2101 if (create_options & FILE_DELETE_ON_CLOSE) {
2102 status = can_set_delete_on_close(fsp, True, 0);
2103 if (!NT_STATUS_IS_OK(status)) {
2109 set_delete_on_close_token(lck, ¤t_user.ut);
2110 lck->initial_delete_on_close = True;
2111 lck->modified = True;
2120 conn->num_files_open++;
2123 return NT_STATUS_OK;
2126 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2129 SMB_STRUCT_STAT sbuf;
2132 SET_STAT_INVALID(sbuf);
2134 status = open_directory(conn, directory, &sbuf,
2135 FILE_READ_ATTRIBUTES, /* Just a stat open */
2136 FILE_SHARE_NONE, /* Ignored for stat opens */
2137 FILE_CREATE, 0, NULL, &fsp);
2139 if (NT_STATUS_IS_OK(status)) {
2140 close_file(fsp, NORMAL_CLOSE);
2146 /****************************************************************************
2147 Open a pseudo-file (no locking checks - a 'stat' open).
2148 ****************************************************************************/
2150 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2151 SMB_STRUCT_STAT *psbuf, files_struct **result)
2153 files_struct *fsp = NULL;
2156 if (!VALID_STAT(*psbuf)) {
2157 return NT_STATUS_INVALID_PARAMETER;
2160 /* Can't 'stat' open directories. */
2161 if(S_ISDIR(psbuf->st_mode)) {
2162 return NT_STATUS_FILE_IS_A_DIRECTORY;
2165 status = file_new(conn, &fsp);
2166 if(!NT_STATUS_IS_OK(status)) {
2170 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2173 * Setup the files_struct for it.
2176 fsp->mode = psbuf->st_mode;
2177 fsp->inode = psbuf->st_ino;
2178 fsp->dev = psbuf->st_dev;
2179 fsp->vuid = current_user.vuid;
2180 fsp->file_pid = global_smbpid;
2181 fsp->can_lock = False;
2182 fsp->can_read = False;
2183 fsp->can_write = False;
2184 fsp->print_file = False;
2185 fsp->modified = False;
2186 fsp->oplock_type = NO_OPLOCK;
2187 fsp->sent_oplock_break = NO_BREAK_SENT;
2188 fsp->is_directory = False;
2189 fsp->is_stat = True;
2190 string_set(&fsp->fsp_name,fname);
2192 conn->num_files_open++;
2195 return NT_STATUS_OK;
2198 /****************************************************************************
2199 Receive notification that one of our open files has been renamed by another
2201 ****************************************************************************/
2203 void msg_file_was_renamed(int msg_type, struct process_id src, void *buf, size_t len)
2206 char *frm = (char *)buf;
2209 const char *sharepath;
2210 const char *newname;
2213 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2214 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2218 /* Unpack the message. */
2219 dev = DEV_T_VAL(frm,0);
2220 inode = INO_T_VAL(frm,8);
2221 sharepath = &frm[16];
2222 newname = sharepath + strlen(sharepath) + 1;
2223 sp_len = strlen(sharepath);
2225 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2226 "dev %x, inode %.0f\n",
2227 sharepath, newname, (unsigned int)dev, (double)inode ));
2229 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2230 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2231 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2232 fsp->fnum, fsp->fsp_name, newname ));
2233 string_set(&fsp->fsp_name, newname);
2236 /* Now we have the complete path we can work out if this is
2237 actually within this share and adjust newname accordingly. */
2238 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2239 "not sharepath %s) "
2240 "fnum %d from %s -> %s\n",
2241 fsp->conn->connectpath,