diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-03-05 17:51:12 +1100 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-03-05 23:07:31 +1100 |
commit | 034bcaf14d1bc651c8b51b489aebcfa392158f2c (patch) | |
tree | 1af70e06b081a7a5eeaa6a2e0a5f54eaa213f682 /source4 | |
parent | edd5a572d8f5d94511013e55744fcde48b16a3eb (diff) | |
download | samba-034bcaf14d1bc651c8b51b489aebcfa392158f2c.tar.gz samba-034bcaf14d1bc651c8b51b489aebcfa392158f2c.tar.bz2 samba-034bcaf14d1bc651c8b51b489aebcfa392158f2c.zip |
s4-pvfs: new pvfs_sys module
The pvfs_sys_*() calls provide wrapper functions for posix file
functions which use root privileges to override EACCES failures if
PVFS_FLAG_PERM_OVERRIDE is set
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/ntvfs/posix/config.mk | 1 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_sys.c | 300 |
2 files changed, 301 insertions, 0 deletions
diff --git a/source4/ntvfs/posix/config.mk b/source4/ntvfs/posix/config.mk index bf8b573b08..cf4398b91d 100644 --- a/source4/ntvfs/posix/config.mk +++ b/source4/ntvfs/posix/config.mk @@ -72,6 +72,7 @@ ntvfs_posix_OBJ_FILES = $(addprefix $(ntvfssrcdir)/posix/, \ pvfs_xattr.o \ pvfs_streams.o \ pvfs_notify.o \ + pvfs_sys.o \ xattr_system.o \ xattr_tdb.o) diff --git a/source4/ntvfs/posix/pvfs_sys.c b/source4/ntvfs/posix/pvfs_sys.c new file mode 100644 index 0000000000..9dfe6eef1a --- /dev/null +++ b/source4/ntvfs/posix/pvfs_sys.c @@ -0,0 +1,300 @@ +/* + Unix SMB/CIFS implementation. + + POSIX NTVFS backend - pvfs_sys wrappers + + Copyright (C) Andrew Tridgell 2010 + Copyright (C) Andrew Bartlett 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "vfs_posix.h" +#include "../lib/util/unix_privs.h" + +/* + these wrapper functions must only be called when the appropriate ACL + has already been checked. The wrappers will override a EACCES result + by gaining root privileges if the 'pvfs:perm override' is set on the + share (it is enabled by default) + */ + + +/* + chown a file that we created with a root privileges override + */ +static int pvfs_sys_fchown(struct pvfs_state *pvfs, void *privs, int fd) +{ + return fchown(fd, root_privileges_original_uid(privs), -1); +} + +/* + chown a directory that we created with a root privileges override + */ +static int pvfs_sys_chown(struct pvfs_state *pvfs, void *privs, const char *name) +{ + return chown(name, root_privileges_original_uid(privs), -1); +} + + +/* + wrap open for system override +*/ +int pvfs_sys_open(struct pvfs_state *pvfs, const char *filename, int flags, mode_t mode) +{ + int fd, ret; + void *privs; + int saved_errno, orig_errno; + int retries = 5; + + orig_errno = errno; + + fd = open(filename, flags, mode); + if (fd != -1 || + !(pvfs->flags & PVFS_FLAG_PERM_OVERRIDE) || + errno != EACCES) { + return fd; + } + + saved_errno = errno; + privs = root_privileges(); + + /* don't allow permission overrides to follow links */ +#ifdef O_NOFOLLOW + flags |= O_NOFOLLOW; +#endif + + /* + if O_CREAT was specified and O_EXCL was not specified + then initially do the open without O_CREAT, as in that case + we know that we did not create the file, so we don't have + to fchown it + */ + if ((flags & O_CREAT) && !(flags & O_EXCL)) { + try_again: + fd = open(filename, flags & ~O_CREAT, mode); + /* if this open succeeded, or if it failed + with anything other than ENOENT, then we return the + open result, with the original errno */ + if (fd == -1 && errno != ENOENT) { + talloc_free(privs); + errno = saved_errno; + return -1; + } + if (fd != -1) { + /* the file already existed and we opened it */ + talloc_free(privs); + errno = orig_errno; + return fd; + } + + fd = open(filename, flags | O_EXCL, mode); + if (fd == -1 && errno != EEXIST) { + talloc_free(privs); + errno = saved_errno; + return -1; + } + if (fd != -1) { + /* we created the file, we need to set the + right ownership on it */ + ret = pvfs_sys_fchown(pvfs, privs, fd); + if (ret == -1) { + close(fd); + unlink(filename); + talloc_free(privs); + errno = saved_errno; + return -1; + } + talloc_free(privs); + errno = orig_errno; + return fd; + } + + /* the file got created between the two times + we tried to open it! Try again */ + if (retries-- > 0) { + goto try_again; + } + + talloc_free(privs); + errno = saved_errno; + return -1; + } + + fd = open(filename, flags, mode); + if (fd == -1) { + talloc_free(privs); + errno = saved_errno; + return -1; + } + + /* if we have created a file then fchown it */ + if (flags & O_CREAT) { + ret = pvfs_sys_fchown(pvfs, privs, fd); + if (ret == -1) { + close(fd); + unlink(filename); + talloc_free(privs); + errno = saved_errno; + return -1; + } + } + + talloc_free(privs); + return fd; +} + + +/* + wrap unlink for system override +*/ +int pvfs_sys_unlink(struct pvfs_state *pvfs, const char *filename) +{ + int ret; + void *privs; + int saved_errno, orig_errno; + + orig_errno = errno; + + ret = unlink(filename); + if (ret != -1 || + !(pvfs->flags & PVFS_FLAG_PERM_OVERRIDE) || + errno != EACCES) { + return ret; + } + + saved_errno = errno; + + privs = root_privileges(); + ret = unlink(filename); + if (ret == -1) { + errno = saved_errno; + talloc_free(privs); + return -1; + } + + errno = orig_errno; + talloc_free(privs); + return ret; +} + + +/* + wrap rename for system override +*/ +int pvfs_sys_rename(struct pvfs_state *pvfs, const char *name1, const char *name2) +{ + int ret; + void *privs; + int saved_errno, orig_errno; + + orig_errno = errno; + + ret = rename(name1, name2); + if (ret != -1 || + !(pvfs->flags & PVFS_FLAG_PERM_OVERRIDE) || + errno != EACCES) { + return ret; + } + + saved_errno = errno; + + privs = root_privileges(); + ret = rename(name1, name2); + if (ret == -1) { + errno = saved_errno; + talloc_free(privs); + return -1; + } + + errno = orig_errno; + talloc_free(privs); + return ret; +} + + +/* + wrap mkdir for system override +*/ +int pvfs_sys_mkdir(struct pvfs_state *pvfs, const char *dirname, mode_t mode) +{ + int ret; + void *privs; + int saved_errno, orig_errno; + + orig_errno = errno; + + ret = mkdir(dirname, mode); + if (ret != -1 || + !(pvfs->flags & PVFS_FLAG_PERM_OVERRIDE) || + errno != EACCES) { + return ret; + } + + saved_errno = errno; + privs = root_privileges(); + + ret = mkdir(dirname, mode); + if (ret == -1) { + talloc_free(privs); + errno = saved_errno; + return -1; + } + + ret = pvfs_sys_chown(pvfs, privs, dirname); + if (ret == -1) { + rmdir(dirname); + talloc_free(privs); + errno = saved_errno; + return -1; + } + + talloc_free(privs); + return ret; +} + + +/* + wrap rmdir for system override +*/ +int pvfs_sys_rmdir(struct pvfs_state *pvfs, const char *dirname) +{ + int ret; + void *privs; + int saved_errno, orig_errno; + + orig_errno = errno; + + ret = rmdir(dirname); + if (ret != -1 || + !(pvfs->flags & PVFS_FLAG_PERM_OVERRIDE) || + errno != EACCES) { + return ret; + } + + saved_errno = errno; + + privs = root_privileges(); + ret = rmdir(dirname); + if (ret == -1) { + errno = saved_errno; + talloc_free(privs); + return -1; + } + + errno = orig_errno; + talloc_free(privs); + return ret; +} |