vfs_acl_tdb|xattr: use a config handle

Better for performance and a subsequent commit will add one more option
where this will pay off.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index ae92fc1a45c97fcaea4883bc549432dd9c7a4984..5e0b1bf5aca8153ab416b44987bc7ec38da03c85 100644 (file)
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -46,6 +46,34 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
                                SECINFO_DACL | \
                                SECINFO_SACL)
 
+struct acl_common_config {
+       bool ignore_system_acls;
+};
+
+static bool init_acl_common_config(vfs_handle_struct *handle)
+{
+       struct acl_common_config *config = NULL;
+
+       config = talloc_zero(handle->conn, struct acl_common_config);
+       if (config == NULL) {
+               DBG_ERR("talloc_zero() failed\n");
+               errno = ENOMEM;
+               return false;
+       }
+
+       config->ignore_system_acls = lp_parm_bool(SNUM(handle->conn),
+                                                 ACL_MODULE_NAME,
+                                                 "ignore system acls",
+                                                 false);
+
+       SMB_VFS_HANDLE_SET_DATA(handle, config, NULL,
+                               struct acl_common_config,
+                               return false);
+
+       return true;
+}
+
+
 /*******************************************************************
  Hash a security descriptor.
 *******************************************************************/
@@ -505,14 +533,15 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
        struct security_descriptor *psd_fs = NULL;
        char *sys_acl_blob_description = NULL;
        DATA_BLOB sys_acl_blob = { 0 };
-       bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
-                                               ACL_MODULE_NAME,
-                                               "ignore system acls",
-                                               false);
+       struct acl_common_config *config = NULL;
 
        *ppsd = NULL;
        *psd_is_from_fs = false;
 
+       SMB_VFS_HANDLE_GET_DATA(handle, config,
+                               struct acl_common_config,
+                               return NT_STATUS_UNSUCCESSFUL);
+
        status = parse_acl_blob(blob,
                                mem_ctx,
                                &psd_blob,
@@ -537,7 +566,7 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
                return NT_STATUS_OK;
        case 3:
        case 4:
-               if (ignore_file_system_acl) {
+               if (config->ignore_system_acls) {
                        *ppsd = psd_blob;
                        return NT_STATUS_OK;
                }
@@ -685,11 +714,12 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
        NTSTATUS status;
        struct security_descriptor *psd = NULL;
        const struct smb_filename *smb_fname = NULL;
-       bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
-                                               ACL_MODULE_NAME,
-                                               "ignore system acls",
-                                               false);
        bool psd_is_from_fs = false;
+       struct acl_common_config *config = NULL;
+
+       SMB_VFS_HANDLE_GET_DATA(handle, config,
+                               struct acl_common_config,
+                               return NT_STATUS_UNSUCCESSFUL);
 
        if (fsp && smb_fname_in == NULL) {
                smb_fname = fsp->fsp_name;
@@ -788,7 +818,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
                }
                is_directory = S_ISDIR(psbuf->st_ex_mode);
 
-               if (ignore_file_system_acl) {
+               if (config->ignore_system_acls) {
                        TALLOC_FREE(psd);
                        status = make_default_filesystem_acl(mem_ctx,
                                                smb_fname->base_name,

diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index e4c84623801c36ac03b74e10036362016241e112..0c92b729b3ba4deaf7942beded37c04dba34c037 100644 (file)
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -308,6 +308,7 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle,
                                const char *user)
 {
        int ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
+       bool ok;
 
        if (ret < 0) {
                return ret;
@@ -318,6 +319,12 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle,
                return -1;
        }
 
+       ok = init_acl_common_config(handle);
+       if (!ok) {
+               DBG_ERR("init_acl_common_config failed\n");
+               return -1;
+       }
+
        /* Ensure we have the parameters correct if we're
         * using this module. */
        DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' "

diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index d311c578ea1146c76e638ecc148065504423c256..307ab6af7967897472f29494de7a0c4ae29cfe1a 100644 (file)
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -180,11 +180,18 @@ static int connect_acl_xattr(struct vfs_handle_struct *handle,
                                const char *user)
 {
        int ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
+       bool ok;
 
        if (ret < 0) {
                return ret;
        }
 
+       ok = init_acl_common_config(handle);
+       if (!ok) {
+               DBG_ERR("init_acl_common_config failed\n");
+               return -1;
+       }
+
        /* Ensure we have the parameters correct if we're
         * using this module. */
        DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' "