diff options
| author | Jeremy Allison <jra@samba.org> | 2001-04-14 00:19:12 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2001-04-14 00:19:12 +0000 |
| commit | 53850c51caf1c4d53ff285b2e5505e0615beeeee (patch) | |
| tree | 03e7d594efd340da6909e0efa2cf3dd05b6a610b /source3/smbd | |
| parent | 9444e9d9f350961b594a1acbe7a7652d97faec0a (diff) | |
| download | samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.tar.gz samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.tar.bz2 samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.zip | |
configure:
configure.in:
include/config.h.in:
include/profile.h:
smbd/vfs-wrap.c:
smbd/vfs.c:
Added fchmod and fchown to VFS (sorry Gerald - but we needed them anyway).
smbd/dosmode.c:
smbd/files.c:
printing/printfsp.c:
smbd/close.c:
smbd/open.c:
Fixed "dos filemode" correctly so there are no race conditions. Forces test
of open of file O_WRONLY before allowing fchmod as root. Afterwards, calls
standard close function that preserves POSIX locks due to POSIX-me-harder
braindamage. :-). Andrew please review this code.
Also - in removing the tmpdir param in smbrun an extra NULL parameter
was missed in each print_run_command() call (which is a varargs fn.).
Now fixed.
Jeremy.
(This used to be commit 32397e5bc6d995ce7ca37c82d6aedc1e5b1b6fbd)
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/close.c | 2 | ||||
| -rw-r--r-- | source3/smbd/dosmode.c | 26 | ||||
| -rw-r--r-- | source3/smbd/files.c | 5 | ||||
| -rw-r--r-- | source3/smbd/open.c | 54 | ||||
| -rw-r--r-- | source3/smbd/vfs-wrap.c | 41 | ||||
| -rw-r--r-- | source3/smbd/vfs.c | 10 |
6 files changed, 116 insertions, 22 deletions
diff --git a/source3/smbd/close.c b/source3/smbd/close.c index 45df9b2e0d..217c81228f 100644 --- a/source3/smbd/close.c +++ b/source3/smbd/close.c @@ -111,7 +111,7 @@ static int close_filestruct(files_struct *fsp) } /**************************************************************************** - Close a file - possibly invalidating the read prediction. + Close a file. If normal_close is 1 then this came from a normal SMBclose (or equivalent) operation otherwise it came as the result of some other operation such as diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 8b2c482b0a..9ec1fa2606 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -184,7 +184,6 @@ chmod a file - but preserve some bits ********************************************************************/ int file_chmod(connection_struct *conn,char *fname,int dosmode,SMB_STRUCT_STAT *st) { - extern struct current_user current_user; SMB_STRUCT_STAT st1; int mask=0; mode_t tmp; @@ -250,16 +249,21 @@ int file_chmod(connection_struct *conn,char *fname,int dosmode,SMB_STRUCT_STAT * /* Check if we have write access. */ if (CAN_WRITE(conn)) { - if (((st->st_mode & S_IWOTH) || - conn->admin_user || - ((st->st_mode & S_IWUSR) && current_user.uid==st->st_uid) || - ((st->st_mode & S_IWGRP) && - in_group(st->st_gid,current_user.gid, current_user.ngroups,current_user.groups)))) { - /* We are allowed to become root and change the file mode. */ - become_root(); - ret = vfs_chmod(conn,fname,unixmode); - unbecome_root(); - } + /* + * We need to open the file with write access whilst + * still in our current user context. This ensures we + * are not violating security in doing the fchmod. + * This file open does *not* break any oplocks we are + * holding. We need to review this.... may need to + * break batch oplocks open by others. JRA. + */ + files_struct *fsp = open_file_fchmod(conn,fname,st); + if (!fsp) + return -1; + become_root(); + ret = conn->vfs_ops.fchmod(fsp, fsp->fd, unixmode); + unbecome_root(); + close_file_fchmod(fsp); } return( ret ); diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 33243e1e94..27dfad7c48 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -43,7 +43,7 @@ static int files_used; /**************************************************************************** find first available file slot ****************************************************************************/ -files_struct *file_new(void ) +files_struct *file_new(connection_struct *conn) { int i; static int first_file; @@ -72,7 +72,7 @@ files_struct *file_new(void ) for (fsp=Files;fsp;fsp=next) { next=fsp->next; if (attempt_close_oplocked_file(fsp)) { - return file_new(); + return file_new(conn); } } @@ -91,6 +91,7 @@ files_struct *file_new(void ) ZERO_STRUCTP(fsp); fsp->fd = -1; + fsp->conn = conn; first_file = (i+1) % real_max_open_files; diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 007a169f9e..f450e74e58 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -583,13 +583,10 @@ files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_S return print_fsp_open(conn, fname); } - fsp = file_new(); + fsp = file_new(conn); if(!fsp) return NULL; - fsp->fd = -1; - fsp->conn = conn; /* The vfs_fXXX() macros need this. */ - DEBUG(10,("open_file_shared: fname = %s, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n", fname, share_mode, ofun, (int)mode, oplock_request )); @@ -870,7 +867,7 @@ files_struct *open_file_stat(connection_struct *conn, char *fname, return NULL; } - fsp = file_new(); + fsp = file_new(conn); if(!fsp) return NULL; @@ -919,6 +916,49 @@ files_struct *open_file_stat(connection_struct *conn, char *fname, } /**************************************************************************** + Open a file for for write to ensure that we can fchmod it. +****************************************************************************/ + +files_struct *open_file_fchmod(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf) +{ + files_struct *fsp = NULL; + BOOL fsp_open; + + if (!VALID_STAT(*psbuf)) + return NULL; + + fsp = file_new(conn); + if(!fsp) + return NULL; + + fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0); + + /* + * This is not a user visible file open. + * Don't set a share mode and don't increment + * the conn->num_files_open. + */ + + if (!fsp_open) { + file_free(fsp); + return NULL; + } + + return fsp; +} + +/**************************************************************************** + Close the fchmod file fd - ensure no locks are lost. +****************************************************************************/ + +int close_file_fchmod(files_struct *fsp) +{ + int ret = fd_close(fsp->conn, fsp); + file_free(fsp); + return ret; +} + +/**************************************************************************** Open a directory from an NT SMB call. ****************************************************************************/ @@ -927,12 +967,12 @@ files_struct *open_directory(connection_struct *conn, char *fname, { extern struct current_user current_user; BOOL got_stat = False; - files_struct *fsp = file_new(); + files_struct *fsp = file_new(conn); if(!fsp) return NULL; - fsp->conn = conn; /* THe vfs_fXXX() macros need this. */ + fsp->conn = conn; /* The vfs_fXXX() macros need this. */ if (VALID_STAT(*psbuf)) got_stat = True; diff --git a/source3/smbd/vfs-wrap.c b/source3/smbd/vfs-wrap.c index a4057eb7ce..da8484e14e 100644 --- a/source3/smbd/vfs-wrap.c +++ b/source3/smbd/vfs-wrap.c @@ -369,6 +369,34 @@ int vfswrap_chmod(connection_struct *conn, char *path, mode_t mode) return result; } +int vfswrap_fchmod(files_struct *fsp, int fd, mode_t mode) +{ + int result; + struct vfs_ops *vfs_ops = &fsp->conn->vfs_ops; + + START_PROFILE(syscall_fchmod); + + /* + * We need to do this due to the fact that the default POSIX ACL + * chmod modifies the ACL *mask* for the group owner, not the + * group owner bits directly. JRA. + */ + + if (vfs_ops->fchmod_acl != NULL) { + int saved_errno = errno; /* We might get ENOSYS */ + if ((result = vfs_ops->fchmod_acl(fsp, fd, mode)) == 0) { + END_PROFILE(syscall_chmod); + return result; + } + /* Error - return the old errno. */ + errno = saved_errno; + } + + result = fchmod(fd, mode); + END_PROFILE(syscall_fchmod); + return result; +} + int vfswrap_chown(connection_struct *conn, char *path, uid_t uid, gid_t gid) { int result; @@ -386,6 +414,17 @@ int vfswrap_chown(connection_struct *conn, char *path, uid_t uid, gid_t gid) return result; } +int vfswrap_fchown(files_struct *fsp, int fd, uid_t uid, gid_t gid) +{ + int result; + + START_PROFILE(syscall_fchown); + + result = fchown(fd, uid, gid); + END_PROFILE(syscall_fchown); + return result; +} + int vfswrap_chdir(connection_struct *conn, char *path) { int result; @@ -452,7 +491,7 @@ int vfswrap_ftruncate(files_struct *fsp, int fd, SMB_OFF_T len) extend a file with ftruncate. Provide alternate implementation for this */ - struct vfs_ops *vfs_ops = fsp->conn->vfs_ops; + struct vfs_ops *vfs_ops = &fsp->conn->vfs_ops; SMB_STRUCT_STAT st; char c = 0; SMB_OFF_T currpos; diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index f5bd057ca6..713d58cdc8 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -64,7 +64,9 @@ struct vfs_ops default_vfs_ops = { vfswrap_lstat, vfswrap_unlink, vfswrap_chmod, + vfswrap_fchmod, vfswrap_chown, + vfswrap_fchown, vfswrap_chdir, vfswrap_getwd, vfswrap_utime, @@ -224,10 +226,18 @@ BOOL vfs_init_custom(connection_struct *conn) conn->vfs_ops.chmod = default_vfs_ops.chmod; } + if (conn->vfs_ops.fchmod == NULL) { + conn->vfs_ops.fchmod = default_vfs_ops.fchmod; + } + if (conn->vfs_ops.chown == NULL) { conn->vfs_ops.chown = default_vfs_ops.chown; } + if (conn->vfs_ops.fchown == NULL) { + conn->vfs_ops.fchown = default_vfs_ops.fchown; + } + if (conn->vfs_ops.chdir == NULL) { conn->vfs_ops.chdir = default_vfs_ops.chdir; } |