git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b55072c)
smbd: Simplify dropbox special case in unix_convert
authorVolker Lendecke <Volker.Lendecke@SerNet.DE>
Wed, 28 Aug 2013 22:42:22 +0000 (15:42 -0700)
committerKarolin Seeger <kseeger@samba.org>
Fri, 30 Aug 2013 08:07:24 +0000 (10:07 +0200)
EACCESS needs special treatment: If we want to create a fresh file,
return OBJECT_PATH_NOT_FOUND, so that the client will continue creating
the file. If the client wants us to open a potentially existing file,
we need to correctly return ACCESS_DENIED.

This patch makes this behaviour hopefully a bit clearer than the code
before did.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The last 2 patches address bug #10114 - Dropbox (write-only-directory) case
isn't handled correctly in pathname lookup.

source3/smbd/filename.c patch | blob | history

diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 934634a5b6c6420d31b2da869c85cd2a1c1ffdeb..8ef0c0a9579a8921cfe6ce81f55689176efd2733 100644 (file)
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -713,13 +713,29 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx,
 
                                /*
                                 * ENOENT/EACCESS are the only valid errors
-                                * here. EACCESS needs handling here for
-                                * "dropboxes", i.e. directories where users
-                                * can only put stuff with permission -wx.
+                                * here.
                                 */
-                               if ((errno != 0) && (errno != ENOENT)
-                                   && ((ucf_flags & UCF_CREATING_FILE) &&
-                                   (errno != EACCES))) {
+                               if (errno == EACCES) {
+                                       if (ucf_flags & UCF_CREATING_FILE) {
+                                               /*
+                                                * This is the dropbox
+                                                * behaviour. A dropbox is a
+                                                * directory with only -wx
+                                                * permissions, so
+                                                * get_real_filename fails
+                                                * with EACCESS, it needs to
+                                                * list the directory. We
+                                                * nevertheless want to allow
+                                                * users creating a file.
+                                                */
+                                               status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
+                                       } else {
+                                               status = NT_STATUS_ACCESS_DENIED;
+                                       }
+                                       goto fail;
+                               }
+
+                               if ((errno != 0) && (errno != ENOENT)) {
                                        /*
                                         * ENOTDIR and ELOOP both map to
                                         * NT_STATUS_OBJECT_PATH_NOT_FOUND
Samba Shared Repository