2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
31 struct deferred_open_record {
32 BOOL delayed_for_oplocks;
37 /****************************************************************************
38 fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
41 static BOOL fd_open(struct connection_struct *conn,
50 if (!lp_symlinks(SNUM(conn))) {
55 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
59 fname, flags, (int)mode, fsp->fh->fd,
60 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
63 return fsp->fh->fd != -1;
66 /****************************************************************************
67 Close the file associated with a fsp.
68 ****************************************************************************/
70 int fd_close(struct connection_struct *conn,
73 if (fsp->fh->fd == -1) {
74 return 0; /* What we used to call a stat open. */
76 if (fsp->fh->ref_count > 1) {
77 return 0; /* Shared handle. Only close last reference. */
79 return fd_close_posix(conn, fsp);
82 /****************************************************************************
83 Change the ownership of a file to that of the parent directory.
84 Do this by fd if possible.
85 ****************************************************************************/
87 static void change_owner_to_parent(connection_struct *conn,
90 SMB_STRUCT_STAT *psbuf)
92 const char *parent_path = parent_dirname(fname);
93 SMB_STRUCT_STAT parent_st;
96 ret = SMB_VFS_STAT(conn, parent_path, &parent_st);
98 DEBUG(0,("change_owner_to_parent: failed to stat parent "
99 "directory %s. Error was %s\n",
100 parent_path, strerror(errno) ));
104 if (fsp && fsp->fh->fd != -1) {
106 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
109 DEBUG(0,("change_owner_to_parent: failed to fchown "
110 "file %s to parent directory uid %u. Error "
112 (unsigned int)parent_st.st_uid,
116 DEBUG(10,("change_owner_to_parent: changed new file %s to "
117 "parent directory uid %u.\n", fname,
118 (unsigned int)parent_st.st_uid ));
121 /* We've already done an lstat into psbuf, and we know it's a
122 directory. If we can cd into the directory and the dev/ino
123 are the same then we can safely chown without races as
124 we're locking the directory in place by being in it. This
125 should work on any UNIX (thanks tridge :-). JRA.
129 SMB_STRUCT_STAT sbuf;
131 if (!vfs_GetWd(conn,saved_dir)) {
132 DEBUG(0,("change_owner_to_parent: failed to get "
133 "current working directory\n"));
137 /* Chdir into the new path. */
138 if (vfs_ChDir(conn, fname) == -1) {
139 DEBUG(0,("change_owner_to_parent: failed to change "
140 "current working directory to %s. Error "
141 "was %s\n", fname, strerror(errno) ));
145 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
146 DEBUG(0,("change_owner_to_parent: failed to stat "
147 "directory '.' (%s) Error was %s\n",
148 fname, strerror(errno)));
152 /* Ensure we're pointing at the same place. */
153 if (sbuf.st_dev != psbuf->st_dev ||
154 sbuf.st_ino != psbuf->st_ino ||
155 sbuf.st_mode != psbuf->st_mode ) {
156 DEBUG(0,("change_owner_to_parent: "
157 "device/inode/mode on directory %s changed. "
158 "Refusing to chown !\n", fname ));
163 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
166 DEBUG(10,("change_owner_to_parent: failed to chown "
167 "directory %s to parent directory uid %u. "
168 "Error was %s\n", fname,
169 (unsigned int)parent_st.st_uid, strerror(errno) ));
173 DEBUG(10,("change_owner_to_parent: changed ownership of new "
174 "directory %s to parent directory uid %u.\n",
175 fname, (unsigned int)parent_st.st_uid ));
179 vfs_ChDir(conn,saved_dir);
183 /****************************************************************************
185 ****************************************************************************/
187 static NTSTATUS open_file(files_struct *fsp,
188 connection_struct *conn,
190 SMB_STRUCT_STAT *psbuf,
193 uint32 access_mask, /* client requested access mask. */
194 uint32 open_access_mask) /* what we're actually using in the open. */
196 int accmode = (flags & O_ACCMODE);
197 int local_flags = flags;
198 BOOL file_existed = VALID_STAT(*psbuf);
203 /* Check permissions */
206 * This code was changed after seeing a client open request
207 * containing the open mode of (DENY_WRITE/read-only) with
208 * the 'create if not exist' bit set. The previous code
209 * would fail to open the file read only on a read-only share
210 * as it was checking the flags parameter directly against O_RDONLY,
211 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
215 if (!CAN_WRITE(conn)) {
216 /* It's a read-only share - fail if we wanted to write. */
217 if(accmode != O_RDONLY) {
218 DEBUG(3,("Permission denied opening %s\n",fname));
219 return NT_STATUS_ACCESS_DENIED;
220 } else if(flags & O_CREAT) {
221 /* We don't want to write - but we must make sure that
222 O_CREAT doesn't create the file if we have write
223 access into the directory.
226 local_flags &= ~O_CREAT;
231 * This little piece of insanity is inspired by the
232 * fact that an NT client can open a file for O_RDONLY,
233 * but set the create disposition to FILE_EXISTS_TRUNCATE.
234 * If the client *can* write to the file, then it expects to
235 * truncate the file, even though it is opening for readonly.
236 * Quicken uses this stupid trick in backup file creation...
237 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
238 * for helping track this one down. It didn't bite us in 2.0.x
239 * as we always opened files read-write in that release. JRA.
242 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
243 DEBUG(10,("open_file: truncate requested on read-only open "
244 "for file %s\n",fname ));
245 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
248 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
249 (!file_existed && (local_flags & O_CREAT)) ||
250 ((local_flags & O_TRUNC) == O_TRUNC) ) {
253 * We can't actually truncate here as the file may be locked.
254 * open_file_ntcreate will take care of the truncate later. JRA.
257 local_flags &= ~O_TRUNC;
259 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
261 * We would block on opening a FIFO with no one else on the
262 * other end. Do what we used to do and add O_NONBLOCK to the
266 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
267 local_flags |= O_NONBLOCK;
271 /* Don't create files with Microsoft wildcard characters. */
272 if ((local_flags & O_CREAT) && !file_existed &&
273 ms_has_wild(fname)) {
274 return NT_STATUS_OBJECT_NAME_INVALID;
277 /* Actually do the open */
278 if (!fd_open(conn, fname, fsp, local_flags, unx_mode)) {
279 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
281 fname,strerror(errno),local_flags,flags));
282 return map_nt_error_from_unix(errno);
285 /* Inherit the ACL if the file was created. */
286 if ((local_flags & O_CREAT)
288 && lp_inherit_perms(SNUM(conn))) {
289 inherit_access_acl(conn, fname, unx_mode);
293 fsp->fh->fd = -1; /* What we used to call a stat open. */
299 if (fsp->fh->fd == -1) {
300 ret = SMB_VFS_STAT(conn, fname, psbuf);
302 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
303 /* If we have an fd, this stat should succeed. */
305 DEBUG(0,("Error doing fstat on open file %s "
306 "(%s)\n", fname,strerror(errno) ));
310 /* For a non-io open, this stat failing means file not found. JRA */
312 NTSTATUS status = map_nt_error_from_unix(errno);
319 * POSIX allows read-only opens of directories. We don't
320 * want to do this (we use a different code path for this)
321 * so catch a directory open and return an EISDIR. JRA.
324 if(S_ISDIR(psbuf->st_mode)) {
327 return NT_STATUS_FILE_IS_A_DIRECTORY;
330 fsp->mode = psbuf->st_mode;
331 fsp->inode = psbuf->st_ino;
332 fsp->dev = psbuf->st_dev;
333 fsp->vuid = current_user.vuid;
334 fsp->file_pid = global_smbpid;
335 fsp->can_lock = True;
336 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
337 if (!CAN_WRITE(conn)) {
338 fsp->can_write = False;
340 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
343 fsp->print_file = False;
344 fsp->modified = False;
345 fsp->sent_oplock_break = NO_BREAK_SENT;
346 fsp->is_directory = False;
347 fsp->is_stat = False;
348 if (conn->aio_write_behind_list &&
349 is_in_path(fname, conn->aio_write_behind_list, conn->case_sensitive)) {
350 fsp->aio_write_behind = True;
353 string_set(&fsp->fsp_name,fname);
354 fsp->wcp = NULL; /* Write cache pointer. */
356 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
357 *current_user_info.smb_name ?
358 current_user_info.smb_name : conn->user,fsp->fsp_name,
359 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
360 conn->num_files_open + 1));
366 /*******************************************************************
367 Return True if the filename is one of the special executable types.
368 ********************************************************************/
370 static BOOL is_executable(const char *fname)
372 if ((fname = strrchr_m(fname,'.'))) {
373 if (strequal(fname,".com") ||
374 strequal(fname,".dll") ||
375 strequal(fname,".exe") ||
376 strequal(fname,".sym")) {
383 /****************************************************************************
384 Check if we can open a file with a share mode.
385 Returns True if conflict, False if not.
386 ****************************************************************************/
388 static BOOL share_conflict(struct share_mode_entry *entry,
392 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
393 "entry->share_access = 0x%x, "
394 "entry->private_options = 0x%x\n",
395 (unsigned int)entry->access_mask,
396 (unsigned int)entry->share_access,
397 (unsigned int)entry->private_options));
399 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
400 (unsigned int)access_mask, (unsigned int)share_access));
402 if ((entry->access_mask & (FILE_WRITE_DATA|
406 DELETE_ACCESS)) == 0) {
407 DEBUG(10,("share_conflict: No conflict due to "
408 "entry->access_mask = 0x%x\n",
409 (unsigned int)entry->access_mask ));
413 if ((access_mask & (FILE_WRITE_DATA|
417 DELETE_ACCESS)) == 0) {
418 DEBUG(10,("share_conflict: No conflict due to "
419 "access_mask = 0x%x\n",
420 (unsigned int)access_mask ));
424 #if 1 /* JRA TEST - Superdebug. */
425 #define CHECK_MASK(num, am, right, sa, share) \
426 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
427 (unsigned int)(num), (unsigned int)(am), \
428 (unsigned int)(right), (unsigned int)(am)&(right) )); \
429 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
430 (unsigned int)(num), (unsigned int)(sa), \
431 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
432 if (((am) & (right)) && !((sa) & (share))) { \
433 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
434 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
435 (unsigned int)(share) )); \
439 #define CHECK_MASK(num, am, right, sa, share) \
440 if (((am) & (right)) && !((sa) & (share))) { \
441 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
442 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
443 (unsigned int)(share) )); \
448 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
449 share_access, FILE_SHARE_WRITE);
450 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
451 entry->share_access, FILE_SHARE_WRITE);
453 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
454 share_access, FILE_SHARE_READ);
455 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
456 entry->share_access, FILE_SHARE_READ);
458 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
459 share_access, FILE_SHARE_DELETE);
460 CHECK_MASK(6, access_mask, DELETE_ACCESS,
461 entry->share_access, FILE_SHARE_DELETE);
463 DEBUG(10,("share_conflict: No conflict.\n"));
467 #if defined(DEVELOPER)
468 static void validate_my_share_entries(int num,
469 struct share_mode_entry *share_entry)
473 if (!procid_is_me(&share_entry->pid)) {
477 if (is_deferred_open_entry(share_entry) &&
478 !open_was_deferred(share_entry->op_mid)) {
480 pstr_sprintf(str, "Got a deferred entry without a request: "
481 "PANIC: %s\n", share_mode_str(num, share_entry));
485 if (!is_valid_share_mode_entry(share_entry)) {
489 fsp = file_find_dif(share_entry->dev, share_entry->inode,
490 share_entry->share_file_id);
492 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
493 share_mode_str(num, share_entry) ));
494 smb_panic("validate_my_share_entries: Cannot match a "
495 "share entry with an open file\n");
498 if (is_deferred_open_entry(share_entry) ||
499 is_unused_share_mode_entry(share_entry)) {
503 if ((share_entry->op_type == NO_OPLOCK) &&
504 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
505 /* Someone has already written to it, but I haven't yet
510 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
519 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
520 share_mode_str(num, share_entry) ));
521 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
522 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
523 fsp->fsp_name, (unsigned int)fsp->oplock_type,
524 (unsigned int)share_entry->op_type );
530 static BOOL is_stat_open(uint32 access_mask)
532 return (access_mask &&
533 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
534 FILE_WRITE_ATTRIBUTES))==0) &&
535 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
536 FILE_WRITE_ATTRIBUTES)) != 0));
539 /****************************************************************************
540 Deal with share modes
541 Invarient: Share mode must be locked on entry and exit.
542 Returns -1 on error, or number of share modes on success (may be zero).
543 ****************************************************************************/
545 static NTSTATUS open_mode_check(connection_struct *conn,
547 struct share_mode_lock *lck,
550 uint32 create_options,
555 if(lck->num_share_modes == 0) {
559 *file_existed = True;
561 if (is_stat_open(access_mask)) {
562 /* Stat open that doesn't trigger oplock breaks or share mode
563 * checks... ! JRA. */
567 /* A delete on close prohibits everything */
569 if (lck->delete_on_close) {
570 return NT_STATUS_DELETE_PENDING;
574 * Check if the share modes will give us access.
577 #if defined(DEVELOPER)
578 for(i = 0; i < lck->num_share_modes; i++) {
579 validate_my_share_entries(i, &lck->share_modes[i]);
583 if (!lp_share_modes(SNUM(conn))) {
587 /* Now we check the share modes, after any oplock breaks. */
588 for(i = 0; i < lck->num_share_modes; i++) {
590 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
594 /* someone else has a share lock on it, check to see if we can
596 if (share_conflict(&lck->share_modes[i],
597 access_mask, share_access)) {
598 return NT_STATUS_SHARING_VIOLATION;
605 static BOOL is_delete_request(files_struct *fsp) {
606 return ((fsp->access_mask == DELETE_ACCESS) &&
607 (fsp->oplock_type == NO_OPLOCK));
611 * 1) No files open at all or internal open: Grant whatever the client wants.
613 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
614 * request, break if the oplock around is a batch oplock. If it's another
615 * requested access type, break.
617 * 3) Only level2 around: Grant level2 and do nothing else.
620 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
626 struct share_mode_entry *exclusive = NULL;
627 BOOL valid_entry = False;
628 BOOL delay_it = False;
629 BOOL have_level2 = False;
631 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
633 if (oplock_request & INTERNAL_OPEN_ONLY) {
634 fsp->oplock_type = NO_OPLOCK;
637 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
641 for (i=0; i<lck->num_share_modes; i++) {
643 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
647 /* At least one entry is not an invalid or deferred entry. */
650 if (pass_number == 1) {
651 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
652 SMB_ASSERT(exclusive == NULL);
653 exclusive = &lck->share_modes[i];
656 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
657 SMB_ASSERT(exclusive == NULL);
658 exclusive = &lck->share_modes[i];
662 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
663 SMB_ASSERT(exclusive == NULL);
669 /* All entries are placeholders or deferred.
670 * Directly grant whatever the client wants. */
671 if (fsp->oplock_type == NO_OPLOCK) {
672 /* Store a level2 oplock, but don't tell the client */
673 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
678 if (exclusive != NULL) { /* Found an exclusive oplock */
679 SMB_ASSERT(!have_level2);
680 delay_it = is_delete_request(fsp) ?
681 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
684 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
685 /* We can at most grant level2 as there are other
686 * level2 or NO_OPLOCK entries. */
687 fsp->oplock_type = LEVEL_II_OPLOCK;
690 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
691 /* Store a level2 oplock, but don't tell the client */
692 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
700 * Send a break message to the oplock holder and delay the open for
704 DEBUG(10, ("Sending break request to PID %s\n",
705 procid_str_static(&exclusive->pid)));
706 exclusive->op_mid = get_current_mid();
708 /* Create the message. */
709 share_mode_entry_to_message(msg, exclusive);
711 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
712 don't want this set in the share mode struct pointed to by lck. */
714 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
715 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
718 ret = message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
719 msg, MSG_SMB_SHARE_MODE_ENTRY_SIZE, True);
721 DEBUG(3, ("Could not send oplock break message\n"));
727 static BOOL request_timed_out(struct timeval request_time,
728 struct timeval timeout)
730 struct timeval now, end_time;
732 end_time = timeval_sum(&request_time, &timeout);
733 return (timeval_compare(&end_time, &now) < 0);
736 /****************************************************************************
737 Handle the 1 second delay in returning a SHARING_VIOLATION error.
738 ****************************************************************************/
740 static void defer_open(struct share_mode_lock *lck,
741 struct timeval request_time,
742 struct timeval timeout,
743 struct deferred_open_record *state)
745 uint16 mid = get_current_mid();
750 for (i=0; i<lck->num_share_modes; i++) {
751 struct share_mode_entry *e = &lck->share_modes[i];
753 if (!is_deferred_open_entry(e)) {
757 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
758 DEBUG(0, ("Trying to defer an already deferred "
759 "request: mid=%d, exiting\n", mid));
760 exit_server("attempt to defer a deferred request");
764 /* End paranoia check */
766 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
767 "open entry for mid %u\n",
768 (unsigned int)request_time.tv_sec,
769 (unsigned int)request_time.tv_usec,
772 if (!push_deferred_smb_message(mid, request_time, timeout,
773 (char *)state, sizeof(*state))) {
774 exit_server("push_deferred_smb_message failed");
776 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
779 * Push the MID of this packet on the signing queue.
780 * We only do this once, the first time we push the packet
781 * onto the deferred open queue, as this has a side effect
782 * of incrementing the response sequence number.
785 srv_defer_sign_response(mid);
789 /****************************************************************************
790 On overwrite open ensure that the attributes match.
791 ****************************************************************************/
793 static BOOL open_match_attributes(connection_struct *conn,
797 mode_t existing_unx_mode,
799 mode_t *returned_unx_mode)
801 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
803 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
804 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
806 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
807 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
808 *returned_unx_mode = new_unx_mode;
810 *returned_unx_mode = (mode_t)0;
813 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
814 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
815 "returned_unx_mode = 0%o\n",
817 (unsigned int)old_dos_attr,
818 (unsigned int)existing_unx_mode,
819 (unsigned int)new_dos_attr,
820 (unsigned int)*returned_unx_mode ));
822 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
823 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
824 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
825 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
829 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
830 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
831 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
838 /****************************************************************************
839 Special FCB or DOS processing in the case of a sharing violation.
840 Try and find a duplicated file handle.
841 ****************************************************************************/
843 static files_struct *fcb_or_dos_open(connection_struct *conn,
844 const char *fname, SMB_DEV_T dev,
848 uint32 create_options)
851 files_struct *dup_fsp;
853 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
854 "file %s.\n", fname ));
856 for(fsp = file_find_di_first(dev, inode); fsp;
857 fsp = file_find_di_next(fsp)) {
859 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
860 "vuid = %u, file_pid = %u, private_options = 0x%x "
861 "access_mask = 0x%x\n", fsp->fsp_name,
862 fsp->fh->fd, (unsigned int)fsp->vuid,
863 (unsigned int)fsp->file_pid,
864 (unsigned int)fsp->fh->private_options,
865 (unsigned int)fsp->access_mask ));
867 if (fsp->fh->fd != -1 &&
868 fsp->vuid == current_user.vuid &&
869 fsp->file_pid == global_smbpid &&
870 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
871 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
872 (fsp->access_mask & FILE_WRITE_DATA) &&
873 strequal(fsp->fsp_name, fname)) {
874 DEBUG(10,("fcb_or_dos_open: file match\n"));
883 /* quite an insane set of semantics ... */
884 if (is_executable(fname) &&
885 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
886 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
890 /* We need to duplicate this fsp. */
891 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
892 create_options, &dup_fsp))) {
899 /****************************************************************************
900 Open a file with a share mode - old openX method - map into NTCreate.
901 ****************************************************************************/
903 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
904 uint32 *paccess_mask,
906 uint32 *pcreate_disposition,
907 uint32 *pcreate_options)
911 uint32 create_disposition;
912 uint32 create_options = 0;
914 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
915 "open_func = 0x%x\n",
916 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
918 /* Create the NT compatible access_mask. */
919 switch (GET_OPENX_MODE(deny_mode)) {
920 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
921 case DOS_OPEN_RDONLY:
922 access_mask = FILE_GENERIC_READ;
924 case DOS_OPEN_WRONLY:
925 access_mask = FILE_GENERIC_WRITE;
929 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
932 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
933 (unsigned int)GET_OPENX_MODE(deny_mode)));
937 /* Create the NT compatible create_disposition. */
939 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
940 create_disposition = FILE_CREATE;
943 case OPENX_FILE_EXISTS_OPEN:
944 create_disposition = FILE_OPEN;
947 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
948 create_disposition = FILE_OPEN_IF;
951 case OPENX_FILE_EXISTS_TRUNCATE:
952 create_disposition = FILE_OVERWRITE;
955 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
956 create_disposition = FILE_OVERWRITE_IF;
960 /* From samba4 - to be confirmed. */
961 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
962 create_disposition = FILE_CREATE;
965 DEBUG(10,("map_open_params_to_ntcreate: bad "
966 "open_func 0x%x\n", (unsigned int)open_func));
970 /* Create the NT compatible share modes. */
971 switch (GET_DENY_MODE(deny_mode)) {
973 share_mode = FILE_SHARE_NONE;
977 share_mode = FILE_SHARE_READ;
981 share_mode = FILE_SHARE_WRITE;
985 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
989 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
990 if (is_executable(fname)) {
991 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
993 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
994 share_mode = FILE_SHARE_READ;
996 share_mode = FILE_SHARE_NONE;
1002 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1003 share_mode = FILE_SHARE_NONE;
1007 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1008 (unsigned int)GET_DENY_MODE(deny_mode) ));
1012 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1013 "share_mode = 0x%x, create_disposition = 0x%x, "
1014 "create_options = 0x%x\n",
1016 (unsigned int)access_mask,
1017 (unsigned int)share_mode,
1018 (unsigned int)create_disposition,
1019 (unsigned int)create_options ));
1022 *paccess_mask = access_mask;
1025 *pshare_mode = share_mode;
1027 if (pcreate_disposition) {
1028 *pcreate_disposition = create_disposition;
1030 if (pcreate_options) {
1031 *pcreate_options = create_options;
1038 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1040 struct deferred_open_record state;
1042 /* This is a relative time, added to the absolute
1043 request_time value to get the absolute timeout time.
1044 Note that if this is the second or greater time we enter
1045 this codepath for this particular request mid then
1046 request_time is left as the absolute time of the *first*
1047 time this request mid was processed. This is what allows
1048 the request to eventually time out. */
1050 struct timeval timeout;
1052 /* Normally the smbd we asked should respond within
1053 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1054 * the client did, give twice the timeout as a safety
1055 * measure here in case the other smbd is stuck
1056 * somewhere else. */
1058 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1060 /* Nothing actually uses state.delayed_for_oplocks
1061 but it's handy to differentiate in debug messages
1062 between a 30 second delay due to oplock break, and
1063 a 1 second delay for share mode conflicts. */
1065 state.delayed_for_oplocks = True;
1066 state.dev = lck->dev;
1067 state.inode = lck->ino;
1069 if (!request_timed_out(request_time, timeout)) {
1070 defer_open(lck, request_time, timeout, &state);
1074 /****************************************************************************
1075 Open a file with a share mode.
1076 ****************************************************************************/
1078 NTSTATUS open_file_ntcreate(connection_struct *conn,
1080 SMB_STRUCT_STAT *psbuf,
1081 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1082 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1083 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1084 uint32 create_options, /* options such as delete on close. */
1085 uint32 new_dos_attributes, /* attributes used for new file. */
1086 int oplock_request, /* internal Samba oplock codes. */
1087 /* Information (FILE_EXISTS etc.) */
1089 files_struct **result)
1093 BOOL file_existed = VALID_STAT(*psbuf);
1094 BOOL def_acl = False;
1096 SMB_INO_T inode = 0;
1097 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1098 files_struct *fsp = NULL;
1099 mode_t new_unx_mode = (mode_t)0;
1100 mode_t unx_mode = (mode_t)0;
1102 uint32 existing_dos_attributes = 0;
1103 struct pending_message_list *pml = NULL;
1104 uint16 mid = get_current_mid();
1105 struct timeval request_time = timeval_zero();
1106 struct share_mode_lock *lck = NULL;
1107 uint32 open_access_mask = access_mask;
1111 if (conn->printer) {
1113 * Printers are handled completely differently.
1114 * Most of the passed parameters are ignored.
1118 *pinfo = FILE_WAS_CREATED;
1121 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1123 return print_fsp_open(conn, fname, result);
1126 /* We add aARCH to this as this mode is only used if the file is
1128 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,fname, True);
1130 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1131 "access_mask=0x%x share_access=0x%x "
1132 "create_disposition = 0x%x create_options=0x%x "
1133 "unix mode=0%o oplock_request=%d\n",
1134 fname, new_dos_attributes, access_mask, share_access,
1135 create_disposition, create_options, unx_mode,
1138 if ((pml = get_open_deferred_message(mid)) != NULL) {
1139 struct deferred_open_record *state =
1140 (struct deferred_open_record *)pml->private_data.data;
1142 /* Remember the absolute time of the original
1143 request with this mid. We'll use it later to
1144 see if this has timed out. */
1146 request_time = pml->request_time;
1148 /* Remove the deferred open entry under lock. */
1149 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1151 DEBUG(0, ("could not get share mode lock\n"));
1153 del_deferred_open_entry(lck, mid);
1157 /* Ensure we don't reprocess this message. */
1158 remove_deferred_open_smb_message(mid);
1161 if (!check_name(fname,conn)) {
1162 return map_nt_error_from_unix(errno);
1165 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1167 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1170 /* ignore any oplock requests if oplocks are disabled */
1171 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1172 IS_VETO_OPLOCK_PATH(conn, fname)) {
1173 /* Mask off everything except the private Samba bits. */
1174 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1177 /* this is for OS/2 long file names - say we don't support them */
1178 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1179 /* OS/2 Workplace shell fix may be main code stream in a later
1181 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1183 if (use_nt_status()) {
1184 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1186 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1189 switch( create_disposition ) {
1191 * Currently we're using FILE_SUPERSEDE as the same as
1192 * FILE_OVERWRITE_IF but they really are
1193 * different. FILE_SUPERSEDE deletes an existing file
1194 * (requiring delete access) then recreates it.
1196 case FILE_SUPERSEDE:
1197 /* If file exists replace/overwrite. If file doesn't
1199 flags2 |= (O_CREAT | O_TRUNC);
1202 case FILE_OVERWRITE_IF:
1203 /* If file exists replace/overwrite. If file doesn't
1205 flags2 |= (O_CREAT | O_TRUNC);
1209 /* If file exists open. If file doesn't exist error. */
1210 if (!file_existed) {
1211 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1212 "requested for file %s and file "
1213 "doesn't exist.\n", fname ));
1215 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1219 case FILE_OVERWRITE:
1220 /* If file exists overwrite. If file doesn't exist
1222 if (!file_existed) {
1223 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1224 "requested for file %s and file "
1225 "doesn't exist.\n", fname ));
1227 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1233 /* If file exists error. If file doesn't exist
1236 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1237 "requested for file %s and file "
1238 "already exists.\n", fname ));
1239 if (S_ISDIR(psbuf->st_mode)) {
1244 return map_nt_error_from_unix(errno);
1246 flags2 |= (O_CREAT|O_EXCL);
1250 /* If file exists open. If file doesn't exist
1256 return NT_STATUS_INVALID_PARAMETER;
1259 /* We only care about matching attributes on file exists and
1262 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1263 (create_disposition == FILE_OVERWRITE_IF))) {
1264 if (!open_match_attributes(conn, fname,
1265 existing_dos_attributes,
1266 new_dos_attributes, psbuf->st_mode,
1267 unx_mode, &new_unx_mode)) {
1268 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1269 "for file %s (%x %x) (0%o, 0%o)\n",
1270 fname, existing_dos_attributes,
1272 (unsigned int)psbuf->st_mode,
1273 (unsigned int)unx_mode ));
1275 return NT_STATUS_ACCESS_DENIED;
1279 /* This is a nasty hack - must fix... JRA. */
1280 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1281 open_access_mask = access_mask = FILE_GENERIC_ALL;
1285 * Convert GENERIC bits to specific bits.
1288 se_map_generic(&access_mask, &file_generic_mapping);
1289 open_access_mask = access_mask;
1291 if (flags2 & O_TRUNC) {
1292 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1295 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1296 "access_mask=0x%x\n", fname, access_mask ));
1299 * Note that we ignore the append flag as append does not
1300 * mean the same thing under DOS and Unix.
1303 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1304 /* DENY_DOS opens are always underlying read-write on the
1305 file handle, no matter what the requested access mask
1307 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1308 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1318 * Currently we only look at FILE_WRITE_THROUGH for create options.
1322 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1327 if (!CAN_WRITE(conn)) {
1329 * We should really return a permission denied error if either
1330 * O_CREAT or O_TRUNC are set, but for compatibility with
1331 * older versions of Samba we just AND them out.
1333 flags2 &= ~(O_CREAT|O_TRUNC);
1337 * Ensure we can't write on a read-only share or file.
1340 if (flags != O_RDONLY && file_existed &&
1341 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1342 DEBUG(5,("open_file_ntcreate: write access requested for "
1343 "file %s on read only %s\n",
1344 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1346 return NT_STATUS_ACCESS_DENIED;
1349 status = file_new(conn, &fsp);
1350 if(!NT_STATUS_IS_OK(status)) {
1354 fsp->dev = psbuf->st_dev;
1355 fsp->inode = psbuf->st_ino;
1356 fsp->share_access = share_access;
1357 fsp->fh->private_options = create_options;
1358 fsp->access_mask = open_access_mask; /* We change this to the
1359 * requested access_mask after
1360 * the open is done. */
1361 /* Ensure no SAMBA_PRIVATE bits can be set. */
1362 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1364 if (timeval_is_zero(&request_time)) {
1365 request_time = fsp->open_time;
1369 dev = psbuf->st_dev;
1370 inode = psbuf->st_ino;
1372 lck = get_share_mode_lock(NULL, dev, inode,
1378 DEBUG(0, ("Could not get share mode lock\n"));
1379 return NT_STATUS_SHARING_VIOLATION;
1382 /* First pass - send break only on batch oplocks. */
1383 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1384 schedule_defer_open(lck, request_time);
1387 return NT_STATUS_SHARING_VIOLATION;
1390 /* Use the client requested access mask here, not the one we
1392 status = open_mode_check(conn, fname, lck,
1393 access_mask, share_access,
1394 create_options, &file_existed);
1396 if (NT_STATUS_IS_OK(status)) {
1397 /* We might be going to allow this open. Check oplock
1399 /* Second pass - send break for both batch or
1400 * exclusive oplocks. */
1401 if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1402 schedule_defer_open(lck, request_time);
1405 return NT_STATUS_SHARING_VIOLATION;
1409 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1410 /* DELETE_PENDING is not deferred for a second */
1416 if (!NT_STATUS_IS_OK(status)) {
1417 uint32 can_access_mask;
1418 BOOL can_access = True;
1420 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1422 /* Check if this can be done with the deny_dos and fcb
1424 if (create_options &
1425 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1426 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1427 files_struct *fsp_dup;
1429 /* Use the client requested access mask here,
1430 * not the one we open with. */
1431 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1440 *pinfo = FILE_WAS_OPENED;
1442 conn->num_files_open++;
1444 return NT_STATUS_OK;
1449 * This next line is a subtlety we need for
1450 * MS-Access. If a file open will fail due to share
1451 * permissions and also for security (access) reasons,
1452 * we need to return the access failed error, not the
1453 * share error. We can't open the file due to kernel
1454 * oplock deadlock (it's possible we failed above on
1455 * the open_mode_check()) so use a userspace check.
1458 if (flags & O_RDWR) {
1459 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1460 } else if (flags & O_WRONLY) {
1461 can_access_mask = FILE_WRITE_DATA;
1463 can_access_mask = FILE_READ_DATA;
1466 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1467 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1472 * If we're returning a share violation, ensure we
1473 * cope with the braindead 1 second delay.
1476 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1477 lp_defer_sharing_violations()) {
1478 struct timeval timeout;
1479 struct deferred_open_record state;
1482 /* this is a hack to speed up torture tests
1484 timeout_usecs = lp_parm_int(SNUM(conn),
1485 "smbd","sharedelay",
1486 SHARING_VIOLATION_USEC_WAIT);
1488 /* This is a relative time, added to the absolute
1489 request_time value to get the absolute timeout time.
1490 Note that if this is the second or greater time we enter
1491 this codepath for this particular request mid then
1492 request_time is left as the absolute time of the *first*
1493 time this request mid was processed. This is what allows
1494 the request to eventually time out. */
1496 timeout = timeval_set(0, timeout_usecs);
1498 /* Nothing actually uses state.delayed_for_oplocks
1499 but it's handy to differentiate in debug messages
1500 between a 30 second delay due to oplock break, and
1501 a 1 second delay for share mode conflicts. */
1503 state.delayed_for_oplocks = False;
1505 state.inode = inode;
1507 if (!request_timed_out(request_time,
1509 defer_open(lck, request_time, timeout,
1517 * We have detected a sharing violation here
1518 * so return the correct error code
1520 status = NT_STATUS_SHARING_VIOLATION;
1522 status = NT_STATUS_ACCESS_DENIED;
1529 * We exit this block with the share entry *locked*.....
1533 SMB_ASSERT(!file_existed || (lck != NULL));
1536 * Ensure we pay attention to default ACLs on directories if required.
1539 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1540 (def_acl = directory_has_default_acl(conn,
1541 parent_dirname(fname)))) {
1545 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1546 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1547 (unsigned int)flags, (unsigned int)flags2,
1548 (unsigned int)unx_mode, (unsigned int)access_mask,
1549 (unsigned int)open_access_mask));
1552 * open_file strips any O_TRUNC flags itself.
1555 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,
1556 access_mask, open_access_mask);
1558 if (!NT_STATUS_IS_OK(fsp_open)) {
1566 if (!file_existed) {
1569 * Deal with the race condition where two smbd's detect the
1570 * file doesn't exist and do the create at the same time. One
1571 * of them will win and set a share mode, the other (ie. this
1572 * one) should check if the requested share mode for this
1573 * create is allowed.
1577 * Now the file exists and fsp is successfully opened,
1578 * fsp->dev and fsp->inode are valid and should replace the
1579 * dev=0,inode=0 from a non existent file. Spotted by
1580 * Nadav Danieli <nadavd@exanet.com>. JRA.
1586 lck = get_share_mode_lock(NULL, dev, inode,
1591 DEBUG(0, ("open_file_ntcreate: Could not get share "
1592 "mode lock for %s\n", fname));
1593 fd_close(conn, fsp);
1595 return NT_STATUS_SHARING_VIOLATION;
1598 status = open_mode_check(conn, fname, lck,
1599 access_mask, share_access,
1600 create_options, &file_existed);
1602 if (!NT_STATUS_IS_OK(status)) {
1603 struct deferred_open_record state;
1605 fd_close(conn, fsp);
1608 state.delayed_for_oplocks = False;
1610 state.inode = inode;
1612 /* Do it all over again immediately. In the second
1613 * round we will find that the file existed and handle
1614 * the DELETE_PENDING and FCB cases correctly. No need
1615 * to duplicate the code here. Essentially this is a
1616 * "goto top of this function", but don't tell
1619 defer_open(lck, request_time, timeval_zero(),
1626 * We exit this block with the share entry *locked*.....
1631 SMB_ASSERT(lck != NULL);
1633 /* note that we ignore failure for the following. It is
1634 basically a hack for NFS, and NFS will never set one of
1635 these only read them. Nobody but Samba can ever set a deny
1636 mode and we have already checked our more authoritative
1637 locking database for permission to set this deny mode. If
1638 the kernel refuses the operations then the kernel is wrong.
1639 note that GPFS supports it as well - jmcd */
1641 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1642 if(ret_flock == -1 ){
1645 fd_close(conn, fsp);
1648 return NT_STATUS_SHARING_VIOLATION;
1652 * At this point onwards, we can guarentee that the share entry
1653 * is locked, whether we created the file or not, and that the
1654 * deny mode is compatible with all current opens.
1658 * If requested, truncate the file.
1661 if (flags2&O_TRUNC) {
1663 * We are modifing the file after open - update the stat
1666 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1667 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1668 status = map_nt_error_from_unix(errno);
1676 /* Record the options we were opened with. */
1677 fsp->share_access = share_access;
1678 fsp->fh->private_options = create_options;
1679 fsp->access_mask = access_mask;
1682 /* stat opens on existing files don't get oplocks. */
1683 if (is_stat_open(open_access_mask)) {
1684 fsp->oplock_type = NO_OPLOCK;
1687 if (!(flags2 & O_TRUNC)) {
1688 info = FILE_WAS_OPENED;
1690 info = FILE_WAS_OVERWRITTEN;
1693 info = FILE_WAS_CREATED;
1694 /* Change the owner if required. */
1695 if (lp_inherit_owner(SNUM(conn))) {
1696 change_owner_to_parent(conn, fsp, fsp->fsp_name,
1706 * Setup the oplock info in both the shared memory and
1710 if ((fsp->oplock_type != NO_OPLOCK) &&
1711 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1712 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1713 /* Could not get the kernel oplock */
1714 fsp->oplock_type = NO_OPLOCK;
1717 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type);
1719 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1720 info == FILE_WAS_SUPERSEDED) {
1722 /* Handle strange delete on close create semantics. */
1723 if (create_options & FILE_DELETE_ON_CLOSE) {
1724 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1726 if (!NT_STATUS_IS_OK(status)) {
1727 /* Remember to delete the mode we just added. */
1728 del_share_mode(lck, fsp);
1734 /* Note that here we set the *inital* delete on close flag,
1735 not the regular one. */
1736 set_delete_on_close_token(lck, ¤t_user.ut);
1737 lck->initial_delete_on_close = True;
1738 lck->modified = True;
1741 /* Files should be initially set as archive */
1742 if (lp_map_archive(SNUM(conn)) ||
1743 lp_store_dos_attributes(SNUM(conn))) {
1744 file_set_dosmode(conn, fname,
1745 new_dos_attributes | aARCH, NULL,
1751 * Take care of inherited ACLs on created files - if default ACL not
1755 if (!file_existed && !def_acl) {
1757 int saved_errno = errno; /* We might get ENOSYS in the next
1760 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1762 errno = saved_errno; /* Ignore ENOSYS */
1765 } else if (new_unx_mode) {
1769 /* Attributes need changing. File already existed. */
1772 int saved_errno = errno; /* We might get ENOSYS in the
1774 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1777 if (ret == -1 && errno == ENOSYS) {
1778 errno = saved_errno; /* Ignore ENOSYS */
1780 DEBUG(5, ("open_file_ntcreate: reset "
1781 "attributes of file %s to 0%o\n",
1782 fname, (unsigned int)new_unx_mode));
1783 ret = 0; /* Don't do the fchmod below. */
1788 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1789 DEBUG(5, ("open_file_ntcreate: failed to reset "
1790 "attributes of file %s to 0%o\n",
1791 fname, (unsigned int)new_unx_mode));
1794 /* If this is a successful open, we must remove any deferred open
1796 del_deferred_open_entry(lck, mid);
1799 conn->num_files_open++;
1802 return NT_STATUS_OK;
1805 /****************************************************************************
1806 Open a file for for write to ensure that we can fchmod it.
1807 ****************************************************************************/
1809 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1810 SMB_STRUCT_STAT *psbuf, files_struct **result)
1812 files_struct *fsp = NULL;
1815 if (!VALID_STAT(*psbuf)) {
1816 return NT_STATUS_INVALID_PARAMETER;
1819 status = file_new(conn, &fsp);
1820 if(!NT_STATUS_IS_OK(status)) {
1824 /* note! we must use a non-zero desired access or we don't get
1825 a real file descriptor. Oh what a twisted web we weave. */
1826 status = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA,FILE_WRITE_DATA);
1829 * This is not a user visible file open.
1830 * Don't set a share mode and don't increment
1831 * the conn->num_files_open.
1834 if (!NT_STATUS_IS_OK(status)) {
1840 return NT_STATUS_OK;
1843 /****************************************************************************
1844 Close the fchmod file fd - ensure no locks are lost.
1845 ****************************************************************************/
1847 int close_file_fchmod(files_struct *fsp)
1849 int ret = fd_close(fsp->conn, fsp);
1854 static NTSTATUS mkdir_internal(connection_struct *conn, const char *name)
1856 SMB_STRUCT_STAT sbuf;
1860 if(!CAN_WRITE(conn)) {
1861 DEBUG(5,("mkdir_internal: failing create on read-only share "
1862 "%s\n", lp_servicename(SNUM(conn))));
1863 return NT_STATUS_ACCESS_DENIED;
1866 if (!check_name(name, conn)) {
1867 return map_nt_error_from_unix(errno);
1870 mode = unix_mode(conn, aDIR, name, True);
1872 if ((ret=SMB_VFS_MKDIR(conn, name, mode)) != 0) {
1873 return map_nt_error_from_unix(errno);
1876 if (lp_inherit_perms(SNUM(conn))) {
1877 inherit_access_acl(conn, name, mode);
1881 * Check if high bits should have been set,
1882 * then (if bits are missing): add them.
1883 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1886 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)
1887 && (SMB_VFS_STAT(conn, name, &sbuf) == 0)
1888 && (mode & ~sbuf.st_mode)) {
1889 SMB_VFS_CHMOD(conn, name,
1890 sbuf.st_mode | (mode & ~sbuf.st_mode));
1893 return NT_STATUS_OK;
1896 /****************************************************************************
1897 Open a directory from an NT SMB call.
1898 ****************************************************************************/
1900 NTSTATUS open_directory(connection_struct *conn,
1902 SMB_STRUCT_STAT *psbuf,
1904 uint32 share_access,
1905 uint32 create_disposition,
1906 uint32 create_options,
1908 files_struct **result)
1910 files_struct *fsp = NULL;
1911 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1912 struct share_mode_lock *lck = NULL;
1916 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1917 "share_access = 0x%x create_options = 0x%x, "
1918 "create_disposition = 0x%x\n",
1920 (unsigned int)access_mask,
1921 (unsigned int)share_access,
1922 (unsigned int)create_options,
1923 (unsigned int)create_disposition));
1925 if (is_ntfs_stream_name(fname)) {
1926 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1927 return NT_STATUS_NOT_A_DIRECTORY;
1930 switch( create_disposition ) {
1933 * Don't do anything. The check for existence is done
1936 info = FILE_WAS_OPENED;
1941 /* If directory exists error. If directory doesn't
1944 status = mkdir_internal(conn, fname);
1945 if (!NT_STATUS_IS_OK(status)) {
1946 DEBUG(2, ("open_directory: unable to create "
1947 "%s. Error was %s\n", fname,
1948 nt_errstr(status)));
1952 info = FILE_WAS_CREATED;
1957 * If directory exists open. If directory doesn't
1961 status = mkdir_internal(conn, fname);
1963 if (NT_STATUS_IS_OK(status)) {
1964 info = FILE_WAS_CREATED;
1967 if (NT_STATUS_EQUAL(status,
1968 NT_STATUS_OBJECT_NAME_COLLISION)) {
1969 info = FILE_WAS_OPENED;
1970 status = NT_STATUS_OK;
1975 case FILE_SUPERSEDE:
1976 case FILE_OVERWRITE:
1977 case FILE_OVERWRITE_IF:
1979 DEBUG(5,("open_directory: invalid create_disposition "
1980 "0x%x for directory %s\n",
1981 (unsigned int)create_disposition, fname));
1982 return NT_STATUS_INVALID_PARAMETER;
1985 /* Ensure we're checking for a symlink here.... */
1986 /* We don't want to get caught by a symlink racer. */
1988 if(SMB_VFS_LSTAT(conn,fname, psbuf) != 0) {
1989 return map_nt_error_from_unix(errno);
1992 if(!S_ISDIR(psbuf->st_mode)) {
1993 DEBUG(5,("open_directory: %s is not a directory !\n",
1995 return NT_STATUS_NOT_A_DIRECTORY;
1998 status = file_new(conn, &fsp);
1999 if(!NT_STATUS_IS_OK(status)) {
2004 * Setup the files_struct for it.
2007 fsp->mode = psbuf->st_mode;
2008 fsp->inode = psbuf->st_ino;
2009 fsp->dev = psbuf->st_dev;
2010 fsp->vuid = current_user.vuid;
2011 fsp->file_pid = global_smbpid;
2012 fsp->can_lock = False;
2013 fsp->can_read = False;
2014 fsp->can_write = False;
2016 fsp->share_access = share_access;
2017 fsp->fh->private_options = create_options;
2018 fsp->access_mask = access_mask;
2020 fsp->print_file = False;
2021 fsp->modified = False;
2022 fsp->oplock_type = NO_OPLOCK;
2023 fsp->sent_oplock_break = NO_BREAK_SENT;
2024 fsp->is_directory = True;
2025 fsp->is_stat = False;
2026 string_set(&fsp->fsp_name,fname);
2028 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2033 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2035 return NT_STATUS_SHARING_VIOLATION;
2038 status = open_mode_check(conn, fname, lck,
2039 access_mask, share_access,
2040 create_options, &dir_existed);
2042 if (!NT_STATUS_IS_OK(status)) {
2048 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK);
2050 /* For directories the delete on close bit at open time seems
2051 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2052 if (create_options & FILE_DELETE_ON_CLOSE) {
2053 status = can_set_delete_on_close(fsp, True, 0);
2054 if (!NT_STATUS_IS_OK(status)) {
2060 set_delete_on_close_token(lck, ¤t_user.ut);
2061 lck->initial_delete_on_close = True;
2062 lck->modified = True;
2067 /* Change the owner if required. */
2068 if ((info == FILE_WAS_CREATED) && lp_inherit_owner(SNUM(conn))) {
2069 change_owner_to_parent(conn, fsp, fsp->fsp_name, psbuf);
2076 conn->num_files_open++;
2079 return NT_STATUS_OK;
2082 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2085 SMB_STRUCT_STAT sbuf;
2088 SET_STAT_INVALID(sbuf);
2090 status = open_directory(conn, directory, &sbuf,
2091 FILE_READ_ATTRIBUTES, /* Just a stat open */
2092 FILE_SHARE_NONE, /* Ignored for stat opens */
2093 FILE_CREATE, 0, NULL, &fsp);
2095 if (NT_STATUS_IS_OK(status)) {
2096 close_file(fsp, NORMAL_CLOSE);
2102 /****************************************************************************
2103 Open a pseudo-file (no locking checks - a 'stat' open).
2104 ****************************************************************************/
2106 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2107 SMB_STRUCT_STAT *psbuf, files_struct **result)
2109 files_struct *fsp = NULL;
2112 if (!VALID_STAT(*psbuf)) {
2113 return NT_STATUS_INVALID_PARAMETER;
2116 /* Can't 'stat' open directories. */
2117 if(S_ISDIR(psbuf->st_mode)) {
2118 return NT_STATUS_FILE_IS_A_DIRECTORY;
2121 status = file_new(conn, &fsp);
2122 if(!NT_STATUS_IS_OK(status)) {
2126 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2129 * Setup the files_struct for it.
2132 fsp->mode = psbuf->st_mode;
2133 fsp->inode = psbuf->st_ino;
2134 fsp->dev = psbuf->st_dev;
2135 fsp->vuid = current_user.vuid;
2136 fsp->file_pid = global_smbpid;
2137 fsp->can_lock = False;
2138 fsp->can_read = False;
2139 fsp->can_write = False;
2140 fsp->print_file = False;
2141 fsp->modified = False;
2142 fsp->oplock_type = NO_OPLOCK;
2143 fsp->sent_oplock_break = NO_BREAK_SENT;
2144 fsp->is_directory = False;
2145 fsp->is_stat = True;
2146 string_set(&fsp->fsp_name,fname);
2148 conn->num_files_open++;
2151 return NT_STATUS_OK;
2154 /****************************************************************************
2155 Receive notification that one of our open files has been renamed by another
2157 ****************************************************************************/
2159 void msg_file_was_renamed(int msg_type, struct process_id src, void *buf, size_t len)
2162 char *frm = (char *)buf;
2165 const char *sharepath;
2166 const char *newname;
2169 if (buf == NULL || len < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2170 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n", (int)len));
2174 /* Unpack the message. */
2175 dev = DEV_T_VAL(frm,0);
2176 inode = INO_T_VAL(frm,8);
2177 sharepath = &frm[16];
2178 newname = sharepath + strlen(sharepath) + 1;
2179 sp_len = strlen(sharepath);
2181 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2182 "dev %x, inode %.0f\n",
2183 sharepath, newname, (unsigned int)dev, (double)inode ));
2185 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2186 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2187 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2188 fsp->fnum, fsp->fsp_name, newname ));
2189 string_set(&fsp->fsp_name, newname);
2192 /* Now we have the complete path we can work out if this is
2193 actually within this share and adjust newname accordingly. */
2194 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2195 "not sharepath %s) "
2196 "fnum %d from %s -> %s\n",
2197 fsp->conn->connectpath,