2 Unix SMB/Netbios implementation.
3 VFS module to get and set Tru64 acls
4 Copyright (C) Michael Adam 2006,2008
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "system/filesys.h"
22 #include "smbd/smbd.h"
23 #include "modules/vfs_tru64acl.h"
25 /* prototypes for private functions first - for clarity */
27 static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl,
29 static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
30 struct smb_acl_entry *smb_ace);
31 static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl);
32 static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag);
33 static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag);
34 static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset);
35 static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset);
38 /* public functions - the api */
40 SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
41 const struct smb_filename *smb_fname,
45 struct smb_acl_t *result;
46 acl_type_t the_acl_type;
49 DEBUG(10, ("Hi! This is tru64acl_sys_acl_get_file.\n"));
52 case SMB_ACL_TYPE_ACCESS:
53 the_acl_type = ACL_TYPE_ACCESS;
55 case SMB_ACL_TYPE_DEFAULT:
56 the_acl_type = ACL_TYPE_DEFAULT;
63 tru64_acl = acl_get_file((char *)smb_fname->base_name, the_acl_type);
65 if (tru64_acl == NULL) {
69 result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx);
74 SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
78 struct smb_acl_t *result;
79 acl_t tru64_acl = acl_get_fd(fsp_get_io_fd(fsp), ACL_TYPE_ACCESS);
81 if (tru64_acl == NULL) {
85 result = tru64_acl_to_smb_acl(tru64_acl, mem_ctx);
90 int tru64acl_sys_acl_set_file(vfs_handle_struct *handle,
91 const struct smb_filename *smb_fname,
96 acl_type_t the_acl_type;
99 DEBUG(10, ("tru64acl_sys_acl_set_file called with name %s, type %d\n",
100 smb_fname->base_name, type));
103 case SMB_ACL_TYPE_ACCESS:
104 DEBUGADD(10, ("got acl type ACL_TYPE_ACCESS\n"));
105 the_acl_type = ACL_TYPE_ACCESS;
107 case SMB_ACL_TYPE_DEFAULT:
108 DEBUGADD(10, ("got acl type ACL_TYPE_DEFAULT\n"));
109 the_acl_type = ACL_TYPE_DEFAULT;
112 DEBUGADD(10, ("invalid acl type\n"));
117 tru64_acl = smb_acl_to_tru64_acl(theacl);
118 if (tru64_acl == NULL) {
119 DEBUG(10, ("smb_acl_to_tru64_acl failed!\n"));
122 DEBUG(10, ("got tru64 acl...\n"));
123 res = acl_set_file((char *)smb_fname->base_name,
124 the_acl_type, tru64_acl);
127 DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno)));
132 DEBUG(1, ("tru64acl_sys_acl_set_file failed!\n"));
136 int tru64acl_sys_acl_set_fd(vfs_handle_struct *handle,
142 acl_t tru64_acl = smb_acl_to_tru64_acl(theacl);
143 acl_type_t the_acl_type;
146 case SMB_ACL_TYPE_ACCESS:
147 the_acl_type = ACL_TYPE_ACCESS;
149 case SMB_ACL_TYPE_DEFAULT:
150 the_acl_type = ACL_TYPE_DEFAULT;
157 if (tru64_acl == NULL) {
160 res = acl_set_fd(fsp_get_io_fd(fsp), the_acl_type, tru64_acl);
166 int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle,
167 const struct smb_filename *smb_fname)
169 return acl_delete_def_file((char *)smb_fname->base_name);
173 /* private functions */
175 static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl,
178 struct smb_acl_t *result;
181 DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n"));
183 if ((result = sys_acl_init(mem_ctx)) == NULL) {
184 DEBUG(0, ("sys_acl_init() failed in tru64_acl_to_smb_acl\n"));
188 if (acl_first_entry((struct acl *)tru64_acl) != 0) {
189 DEBUG(10, ("acl_first_entry failed: %s\n", strerror(errno)));
192 while ((entry = acl_get_entry((struct acl *)tru64_acl)) != NULL) {
193 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
195 if (result->acl == NULL) {
197 DEBUG(0, ("talloc_realloc failed in tru64_acl_to_smb_acl\n"));
202 if (!tru64_ace_to_smb_ace(entry, &result->acl[result->count])) {
212 DEBUG(1, ("tru64_acl_to_smb_acl failed!\n"));
216 static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
217 struct smb_acl_entry *smb_ace)
220 acl_permset_t permset;
221 SMB_ACL_TAG_T smb_tag_type;
222 SMB_ACL_PERM_T smb_permset;
225 if (acl_get_tag_type(tru64_ace, &tru64_tag) != 0) {
226 DEBUG(0, ("acl_get_tag_type failed: %s\n", strerror(errno)));
230 /* On could set the tag type directly to save a function call,
231 * but I like this better... */
232 smb_tag_type = tru64_tag_to_smb(tru64_tag);
233 if (smb_tag_type == 0) {
234 DEBUG(3, ("invalid tag type given: %d\n", tru64_tag));
237 if (sys_acl_set_tag_type(smb_ace, smb_tag_type) != 0) {
238 DEBUG(3, ("sys_acl_set_tag_type failed: %s\n",
242 qualifier = acl_get_qualifier(tru64_ace);
243 if (qualifier != NULL) {
244 if (sys_acl_set_qualifier(smb_ace, qualifier) != 0) {
245 DEBUG(3, ("sys_acl_set_qualifier failed\n"));
249 if (acl_get_permset(tru64_ace, &permset) != 0) {
250 DEBUG(3, ("acl_get_permset failed: %s\n", strerror(errno)));
253 smb_permset = tru64_permset_to_smb(*permset);
254 if (sys_acl_set_permset(smb_ace, &smb_permset) != 0) {
255 DEBUG(3, ("sys_acl_set_permset failed: %s\n", strerror(errno)));
261 static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl)
264 acl_entry_t tru64_entry;
267 ssize_t acl_text_len;
269 /* The tru64 acl_init function takes a size_t value
270 * instead of a count of entries (as with posix).
271 * the size parameter "Specifies the size of the working
272 * storage in bytes" (according to the man page).
273 * But it is unclear to me, how this size is to be
276 * It should not matter, since acl_create_entry enlarges
277 * the working storage at need. ... */
279 DEBUG(10, ("Hi! This is smb_acl_to_tru64_acl.\n"));
281 result = acl_init(1);
283 if (result == NULL) {
284 DEBUG(3, ("acl_init failed!\n"));
288 DEBUGADD(10, ("parsing acl entries...\n"));
289 for (i = 0; i < smb_acl->count; i++) {
290 /* XYZ - maybe eliminate this direct access? */
291 const struct smb_acl_entry *smb_entry = &smb_acl->acl[i];
293 acl_perm_t tru64_permset;
295 tru64_tag = smb_tag_to_tru64(smb_entry->a_type);
296 if (tru64_tag == -1) {
297 DEBUG(3, ("smb_tag_to_tru64 failed!\n"));
301 if (tru64_tag == ACL_MASK) {
302 DEBUGADD(10, (" - acl type ACL_MASK: not implemented on Tru64 ==> skipping\n"));
306 tru64_entry = acl_create_entry(&result);
307 if (tru64_entry == NULL) {
308 DEBUG(3, ("acl_create_entry failed: %s\n",
313 if (acl_set_tag_type(tru64_entry, tru64_tag) != 0) {
314 DEBUG(3, ("acl_set_tag_type(%d) failed: %s\n",
319 switch (smb_entry->a_type) {
321 if (acl_set_qualifier(tru64_entry,
322 (int *)&smb_entry->info.user.uid) != 0)
324 DEBUG(3, ("acl_set_qualifier failed: %s\n",
328 DEBUGADD(10, (" - setting uid to %d\n", smb_entry->info.user.uid));
331 if (acl_set_qualifier(tru64_entry,
332 (int *)&smb_entry->info.group.gid) != 0)
334 DEBUG(3, ("acl_set_qualifier failed: %s\n",
338 DEBUGADD(10, (" - setting gid to %d\n", smb_entry->info.group.gid));
344 tru64_permset = smb_permset_to_tru64(smb_entry->a_perm);
345 if (tru64_permset == -1) {
346 DEBUG(3, ("smb_permset_to_tru64 failed!\n"));
349 DEBUGADD(10, (" - setting perms to %0d\n", tru64_permset));
350 if (acl_set_permset(tru64_entry, &tru64_permset) != 0)
352 DEBUG(3, ("acl_set_permset failed: %s\n", strerror(errno)));
356 DEBUGADD(10, ("done parsing acl entries\n"));
359 if (acl_valid(result, &tru64_entry) != 0) {
360 DEBUG(1, ("smb_acl_to_tru64_acl: ACL is invalid (%s)\n",
362 if (tru64_entry != NULL) {
363 DEBUGADD(1, ("the acl contains duplicate entries\n"));
367 DEBUGADD(10, ("acl is valid\n"));
369 acl_text = acl_to_text(result, &acl_text_len);
370 if (acl_text == NULL) {
371 DEBUG(3, ("acl_to_text failed: %s\n", strerror(errno)));
374 DEBUG(1, ("acl_text: %s\n", acl_text));
380 if (result != NULL) {
383 DEBUG(1, ("smb_acl_to_tru64_acl failed!\n"));
387 static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag)
393 DEBUGADD(10, ("got acl type ACL_USER\n"));
395 case SMB_ACL_USER_OBJ:
396 result = ACL_USER_OBJ;
397 DEBUGADD(10, ("got acl type ACL_USER_OBJ\n"));
401 DEBUGADD(10, ("got acl type ACL_GROUP\n"));
403 case SMB_ACL_GROUP_OBJ:
404 result = ACL_GROUP_OBJ;
405 DEBUGADD(10, ("got acl type ACL_GROUP_OBJ\n"));
409 DEBUGADD(10, ("got acl type ACL_OTHER\n"));
413 DEBUGADD(10, ("got acl type ACL_MASK\n"));
416 DEBUG(1, ("Unknown tag type %d\n", smb_tag));
423 static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag)
425 SMB_ACL_TAG_T smb_tag_type;
428 smb_tag_type = SMB_ACL_USER;
429 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER\n"));
432 smb_tag_type = SMB_ACL_USER_OBJ;
433 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER_OBJ\n"));
436 smb_tag_type = SMB_ACL_GROUP;
437 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP\n"));
440 smb_tag_type = SMB_ACL_GROUP_OBJ;
441 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP_OBJ\n"));
444 smb_tag_type = SMB_ACL_OTHER;
445 DEBUGADD(10, ("got smb acl tag type SMB_ACL_OTHER\n"));
448 smb_tag_type = SMB_ACL_MASK;
449 DEBUGADD(10, ("got smb acl tag type SMB_ACL_MASK\n"));
452 DEBUG(0, ("Unknown tag type %d\n", (unsigned int)tru64_tag));
458 static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset)
460 /* originally, I thought that acl_clear_perm was the
461 * proper way to reset the permset to 0. but without
462 * initializing it to 0, acl_clear_perm fails.
463 * so probably, acl_clear_perm is not necessary here... ?! */
464 acl_perm_t tru64_permset = 0;
465 if (acl_clear_perm(&tru64_permset) != 0) {
466 DEBUG(5, ("acl_clear_perm failed: %s\n", strerror(errno)));
469 /* according to original lib/sysacls.c, acl_add_perm is
470 * broken on tru64 ... */
471 tru64_permset |= ((smb_permset & SMB_ACL_READ) ? ACL_READ : 0);
472 tru64_permset |= ((smb_permset & SMB_ACL_WRITE) ? ACL_WRITE : 0);
473 tru64_permset |= ((smb_permset & SMB_ACL_EXECUTE) ? ACL_EXECUTE : 0);
474 return tru64_permset;
477 static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset)
479 SMB_ACL_PERM_T smb_permset = 0;
480 smb_permset |= ((tru64_permset & ACL_READ) ? SMB_ACL_READ : 0);
481 smb_permset |= ((tru64_permset & ACL_WRITE) ? SMB_ACL_WRITE : 0);
482 smb_permset |= ((tru64_permset & ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0);
487 /* VFS operations structure */
489 static struct vfs_fn_pointers tru64acl_fns = {
490 .sys_acl_get_file_fn = tru64acl_sys_acl_get_file,
491 .sys_acl_get_fd_fn = tru64acl_sys_acl_get_fd,
492 .sys_acl_blob_get_file_fn = posix_sys_acl_blob_get_file,
493 .sys_acl_blob_get_fd_fn = posix_sys_acl_blob_get_fd,
494 .sys_acl_set_file_fn = tru64acl_sys_acl_set_file,
495 .sys_acl_set_fd_fn = tru64acl_sys_acl_set_fd,
496 .sys_acl_delete_def_file_fn = tru64acl_sys_acl_delete_def_file,
500 NTSTATUS vfs_tru64acl_init(TALLOC_CTX *ctx)
502 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "tru64acl",
git.samba.org / samba.git / blob