diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2008-10-30 23:29:14 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2008-10-30 23:29:14 +0100 |
commit | 6acd90998803c28fa12ff0d1f47056c64b7d8d8d (patch) | |
tree | 11d0df3327f71e02cecafd79ec98af0fd2409438 /source3 | |
parent | 0ab0373a97114b2911ed5f38e3548676f196a2c0 (diff) | |
parent | 782f309df35cba41c9e5b65db242b961bacbbf87 (diff) | |
download | samba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.tar.gz samba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.tar.bz2 samba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.zip |
Merge branch 'master' of git://git.samba.org/samba
Diffstat (limited to 'source3')
-rw-r--r-- | source3/configure.in | 2 | ||||
-rw-r--r-- | source3/lib/secdesc.c | 6 | ||||
-rw-r--r-- | source3/modules/vfs_acl_xattr.c | 68 | ||||
-rw-r--r-- | source3/smbd/notify_inotify.c | 6 |
4 files changed, 64 insertions, 18 deletions
diff --git a/source3/configure.in b/source3/configure.in index a37e97c9da..a59fe32aff 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -2489,7 +2489,7 @@ if test x"$samba_cv_HAVE_KERNEL_CHANGE_NOTIFY" = x"yes"; then fi AC_CACHE_CHECK([for inotify support],samba_cv_HAVE_INOTIFY,[ -AC_CHECK_HEADERS(linux/inotify.h asm/unistd.h) +AC_CHECK_HEADERS(linux/inotify.h asm/unistd.h sys/inotify.h) AC_CHECK_FUNCS(inotify_init) AC_HAVE_DECL(__NR_inotify_init, [#include <asm/unistd.h>]) ], diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 6afc165c0f..1da2b3ec93 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -527,9 +527,9 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, if (creator && container && (new_flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) { - /* First add the regular ACE entry with flags = 0. */ + /* First add the regular ACE entry. */ init_sec_ace(new_ace, ptrustee, ace->type, - ace->access_mask, 0); + ace->access_mask, SEC_ACE_FLAG_INHERITED_ACE); DEBUG(5,("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x" " inherited as %s:%d/0x%02x/0x%08x\n", @@ -549,7 +549,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx, } init_sec_ace(new_ace, ptrustee, ace->type, - ace->access_mask, new_flags); + ace->access_mask, new_flags | SEC_ACE_FLAG_INHERITED_ACE); DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x " " inherited as %s:%d/0x%02x/0x%08x\n", diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c index a802dac554..0baa990ad6 100644 --- a/source3/modules/vfs_acl_xattr.c +++ b/source3/modules/vfs_acl_xattr.c @@ -182,13 +182,13 @@ static NTSTATUS create_acl_blob(const SEC_DESC *psd, DATA_BLOB *pblob) return NT_STATUS_OK; } -static NTSTATUS store_acl_blob(files_struct *fsp, +static NTSTATUS store_acl_blob_fsp(files_struct *fsp, DATA_BLOB *pblob) { int ret; int saved_errno = 0; - DEBUG(10,("store_acl_blob: storing blob length %u on file %s\n", + DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n", (unsigned int)pblob->length, fsp->fsp_name)); become_root(); @@ -206,7 +206,7 @@ static NTSTATUS store_acl_blob(files_struct *fsp, unbecome_root(); if (ret) { errno = saved_errno; - DEBUG(5, ("store_acl_blob: setting attr failed for file %s" + DEBUG(5, ("store_acl_blob_fsp: setting attr failed for file %s" "with error %s\n", fsp->fsp_name, strerror(errno) )); @@ -215,6 +215,36 @@ static NTSTATUS store_acl_blob(files_struct *fsp, return NT_STATUS_OK; } +static NTSTATUS store_acl_blob_pathname(connection_struct *conn, + const char *fname, + DATA_BLOB *pblob) +{ + int ret; + int saved_errno = 0; + + DEBUG(10,("store_acl_blob_pathname: storing blob " + "length %u on file %s\n", + (unsigned int)pblob->length, fname)); + + become_root(); + ret = SMB_VFS_SETXATTR(conn, fname, + XATTR_NTACL_NAME, + pblob->data, pblob->length, 0); + if (ret) { + saved_errno = errno; + } + unbecome_root(); + if (ret) { + errno = saved_errno; + DEBUG(5, ("store_acl_blob_pathname: setting attr failed " + "for file %s with error %s\n", + fname, + strerror(errno) )); + return map_nt_error_from_unix(errno); + } + return NT_STATUS_OK; +} + static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle, files_struct *fsp, @@ -261,11 +291,6 @@ static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle, return status; } -static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode) -{ - return SMB_VFS_NEXT_MKDIR(handle, path, mode); -} - /********************************************************************* * Currently this only works for existing files. Need to work on * inheritance for new files. @@ -273,7 +298,8 @@ static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, const char *fname, - files_struct *fsp) + files_struct *fsp, + bool container) { TALLOC_CTX *ctx = talloc_tos(); NTSTATUS status; @@ -313,7 +339,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, parent_desc, &handle->conn->server_info->ptok->user_sids[PRIMARY_USER_SID_INDEX], &handle->conn->server_info->ptok->user_sids[PRIMARY_GROUP_SID_INDEX], - false); + container); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -321,7 +347,11 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle, if (!NT_STATUS_IS_OK(status)) { return status; } - return store_acl_blob(fsp, &blob); + if (fsp) { + return store_acl_blob_fsp(fsp, &blob); + } else { + return store_acl_blob_pathname(handle->conn, fname, &blob); + } } /********************************************************************* @@ -368,12 +398,24 @@ static int open_acl_xattr(vfs_handle_struct *handle, if (!file_existed && fsp->fh->fd != -1) { /* File was created. Inherit from parent directory. */ string_set(&fsp->fsp_name, fname); - inherit_new_acl(handle, fname, fsp); + inherit_new_acl(handle, fname, fsp, false); } return fsp->fh->fd; } +static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode) +{ + int ret = SMB_VFS_NEXT_MKDIR(handle, path, mode); + + if (ret == -1) { + return ret; + } + /* New directory - inherit from parent. */ + inherit_new_acl(handle, path, NULL, true); + return ret; +} + static NTSTATUS fget_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) { @@ -426,7 +468,7 @@ static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp, } create_acl_blob(psd, &blob); - store_acl_blob(fsp, &blob); + store_acl_blob_fsp(fsp, &blob); return NT_STATUS_OK; } diff --git a/source3/smbd/notify_inotify.c b/source3/smbd/notify_inotify.c index c6c12a9cd2..8237e4ab0b 100644 --- a/source3/smbd/notify_inotify.c +++ b/source3/smbd/notify_inotify.c @@ -25,6 +25,10 @@ #ifdef HAVE_INOTIFY +#if HAVE_SYS_INOTIFY_H +#include <sys/inotify.h> +#else + #ifdef HAVE_ASM_TYPES_H #include <asm/types.h> #endif @@ -57,7 +61,7 @@ static int inotify_rm_watch(int fd, int wd) #include <sys/inotify.h> #endif - +#endif /* older glibc headers don't have these defines either */ #ifndef IN_ONLYDIR |