summaryrefslogtreecommitdiff
path: root/examples/VFS/block
diff options
context:
space:
mode:
Diffstat (limited to 'examples/VFS/block')
-rw-r--r--examples/VFS/block/Makefile37
-rw-r--r--examples/VFS/block/block.c502
-rw-r--r--examples/VFS/block/samba-block.conf6
-rw-r--r--examples/VFS/block/smb.conf13
4 files changed, 558 insertions, 0 deletions
diff --git a/examples/VFS/block/Makefile b/examples/VFS/block/Makefile
new file mode 100644
index 0000000000..dcc7c07793
--- /dev/null
+++ b/examples/VFS/block/Makefile
@@ -0,0 +1,37 @@
+#
+# Makefile for samba-vfs examples
+#
+#
+
+# Variables
+
+CC = gcc
+LIBTOOL = libtool
+
+SAMBA_SRC = /usr/local/src/samba/samba-2.2.0-ron/source
+SAMBA_INCL = ${SAMBA_SRC}/include
+UBIQX_SRC = ${SAMBA_SRC}/ubiqx
+SMBWR_SRC = ${SAMBA_SRC}/smbwrapper
+CFLAGS = -I$(SAMBA_SRC) -I$(SAMBA_INCL) -I$(UBIQX_SRC) -I$(SMBWR_SRC) -Wall -g -D_LARGEFILE63_SOURCE -D_GNU_SOURCE -fno-builtin
+
+
+VFS_OBJS = block.so
+
+# Default target
+
+default: $(VFS_OBJS)
+
+# Pattern rules
+
+%.so: %.lo
+ $(LIBTOOL) $(CC) -shared -o $@ $< $(LDFLAGS)
+
+%.lo: %.c
+ $(LIBTOOL) $(CC) $(CPPFLAGS) $(CFLAGS) -c $<
+
+# Misc targets
+
+clean:
+ rm -rf .libs
+ rm -f core *~ *% *.bak \
+ $(VFS_OBJS) $(VFS_OBJS:.so=.o) $(VFS_OBJS:.so=.lo)
diff --git a/examples/VFS/block/block.c b/examples/VFS/block/block.c
new file mode 100644
index 0000000000..f83ab6e07e
--- /dev/null
+++ b/examples/VFS/block/block.c
@@ -0,0 +1,502 @@
+/*
+ *
+ * Block access from links to dev mount points specified in PARAMCONF file
+ *
+ * Copyright (C) Ronald Kuetemeier, 2001
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "config.h"
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <string.h>
+#include <stdlib.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+
+
+#ifdef HAVE_UTIME_H
+#include <utime.h>
+#endif
+#ifdef HAVE_DIRENT_H
+#include <dirent.h>
+#endif
+#include <syslog.h>
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
+
+#include <includes.h>
+#include <vfs.h>
+
+
+
+DIR *block_opendir(struct connection_struct *conn, char *fname);
+int block_connect(struct connection_struct *conn, const char *service, const char *user);
+void block_disconnect(struct connection_struct *conn);
+
+
+/* VFS operations */
+
+
+extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
+
+struct vfs_ops execute_vfs_ops = {
+
+ /* Disk operations */
+
+ block_connect,
+ block_disconnect,
+ NULL, /* disk free */
+
+ /* Directory operations */
+
+ block_opendir,
+ NULL, /* readdir */
+ NULL, /* mkdir */
+ NULL, /* rmdir */
+ NULL, /* closedir */
+
+ /* File operations */
+
+ NULL, /* open */
+ NULL, /* close */
+ NULL, /* read */
+ NULL, /* write */
+ NULL, /* lseek */
+ NULL, /* rename */
+ NULL, /* fsync */
+ NULL, /* stat */
+ NULL, /* fstat */
+ NULL, /* lstat */
+ NULL, /* unlink */
+ NULL, /* chmod */
+ NULL, /* fchmod */
+ NULL, /* chown */
+ NULL, /* fchown */
+ NULL, /* chdir */
+ NULL, /* getwd */
+ NULL, /* utime */
+ NULL, /* ftruncate */
+ NULL, /* lock */
+ NULL, /* symlink */
+ NULL, /* readlink */
+ NULL, /* link */
+ NULL, /* mknod */
+ NULL, /* realpath */
+
+ /* NT ACL operations */
+
+ NULL, /* fget_nt_acl */
+ NULL, /* get_nt_acl */
+ NULL, /* fset_nt_acl */
+ NULL, /* set_nt_acl */
+
+ /* POSIX ACL operations. */
+
+ NULL, /* chmod_acl */
+ NULL, /* fchmod_acl */
+ NULL, /* sys_acl_get_entry */
+ NULL, /* sys_acl_get_tag_type */
+ NULL, /* sys_acl_get_permset */
+ NULL, /* sys_acl_get_qualifier */
+ NULL, /* sys_acl_get_file */
+ NULL, /* sys_acl_get_fd */
+ NULL, /* sys_acl_clear_perms */
+ NULL, /* sys_acl_add_perm */
+ NULL, /* sys_acl_to_text */
+ NULL, /* sys_acl_init */
+ NULL, /* sys_acl_create_entry */
+ NULL, /* sys_acl_set_tag_type */
+ NULL, /* sys_acl_set_qualifier */
+ NULL, /* sys_acl_set_permset */
+ NULL, /* sys_acl_valid */
+ NULL, /* sys_acl_set_file */
+ NULL, /* sys_acl_set_fd */
+ NULL, /* sys_acl_delete_def_file */
+ NULL, /* sys_acl_get_perm */
+ NULL, /* sys_acl_free_text */
+ NULL, /* sys_acl_free_acl */
+ NULL /* sys_acl_free_qualifier */
+};
+
+
+#ifndef PARAMCONF
+#define PARAMCONF "/etc/samba-block.conf"
+#endif
+
+extern BOOL pm_process(char *FileName, BOOL (*sfunc)(char *), BOOL(*pfunc)(char * , char *));
+
+//functions
+
+BOOL enter_pblock_mount(char *dir);
+BOOL get_section(char *sect);
+BOOL get_parameter_value(char *param, char *value);
+BOOL load_param(void);
+BOOL search(struct stat *stat_buf);
+BOOL dir_search(char *link, char *dir);
+BOOL enter_pblock_dir(char *dir);
+
+
+
+typedef struct block_dir
+{
+ dev_t st_dev;
+ int str_len;
+ char *dir_name;
+ struct block_dir *next;
+} block_dir;
+
+
+static char *params[] = {"mount_point","dir_name"};
+enum { MOUNT_POINT , DIR_NAME };
+
+static struct block_dir *pblock_mountp = NULL;
+static struct block_dir *pblock_dir = NULL;
+
+
+
+/*
+ * Load the conf file into a table
+ */
+
+BOOL load_param(void)
+{
+
+ if ((pm_process(PARAMCONF,&get_section,&get_parameter_value)) == TRUE)
+ {
+ return TRUE;
+
+ }
+ return FALSE;
+}
+
+
+
+/*
+ * Enter the key and data into the list
+ *
+ */
+
+BOOL enter_pblock_mount(char *dir)
+{
+ struct stat stat_buf;
+ static struct block_dir *tmp_pblock;
+
+
+ if((stat(dir,&stat_buf)) != 0)
+ {
+ return FALSE;
+ }
+
+ if(pblock_mountp == NULL)
+ {
+ pblock_mountp = calloc(1, sizeof(block_dir));
+ if( pblock_mountp == NULL)
+ {
+ return FALSE;
+ }
+ tmp_pblock = pblock_mountp;
+ tmp_pblock->next = NULL;
+
+ }else
+ {
+ tmp_pblock->next = calloc(1, sizeof(block_dir));
+ if(tmp_pblock->next == NULL)
+ {
+ return FALSE;
+ }
+ tmp_pblock = tmp_pblock->next;
+ tmp_pblock->next = NULL;
+
+ }
+
+
+ tmp_pblock->st_dev = stat_buf.st_dev;
+ tmp_pblock->dir_name = strdup(dir);
+
+
+ return TRUE;
+
+}
+
+
+/*
+ * Enter the key and data into the list
+ *
+ */
+
+BOOL enter_pblock_dir(char *dir)
+{
+ static struct block_dir *tmp_pblock;
+
+
+ if(pblock_dir == NULL)
+ {
+ pblock_dir = calloc(1, sizeof(block_dir));
+ if( pblock_dir == NULL)
+ {
+ return FALSE;
+ }
+ tmp_pblock = pblock_dir;
+ tmp_pblock->next = NULL;
+
+ }else
+ {
+ tmp_pblock->next = calloc(1, sizeof(block_dir));
+ if(tmp_pblock->next == NULL)
+ {
+ return FALSE;
+ }
+ tmp_pblock = tmp_pblock->next;
+ tmp_pblock->next = NULL;
+
+ }
+
+
+ tmp_pblock->dir_name = strdup(dir);
+ tmp_pblock->str_len = strlen(dir);
+
+
+ return TRUE;
+
+}
+
+
+
+
+/*
+ * Function callback for config section names
+ */
+
+BOOL get_section(char *sect)
+{
+ return TRUE;
+}
+
+
+
+/*
+ * Function callback for config parameter value pairs
+ *
+ */
+
+BOOL get_parameter_value(char *param, char *value)
+{
+ int i = 0, maxargs = sizeof(params) / sizeof(char *);
+
+
+ for( i= 0; i < maxargs; i++)
+ {
+ if (strcmp(param,params[i]) == 0)
+ {
+ switch(i)
+ {
+ case MOUNT_POINT :
+ enter_pblock_mount(value);
+ break;
+ case DIR_NAME :
+ enter_pblock_dir(value);
+ break;
+ default :
+ break;
+ }
+ }
+ }
+
+ return TRUE;
+
+}
+
+
+
+
+/* VFS initialisation function. Return initialised vfs_ops structure
+ back to SAMBA. */
+
+struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
+{
+ struct vfs_ops tmp_ops;
+
+ *vfs_version = SMB_VFS_INTERFACE_VERSION;
+
+ memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
+
+ /* Override the ones we want. */
+ tmp_ops.connect = block_connect;
+ tmp_ops.disconnect = block_disconnect;
+ tmp_ops.opendir = block_opendir;
+
+ memcpy(&execute_vfs_ops, &tmp_ops, sizeof(struct vfs_ops));
+ return(&execute_vfs_ops);
+}
+
+
+/*
+ * VFS connect and param file loading
+ */
+
+int block_connect(struct connection_struct *conn, char *service, char *user)
+{
+ if((load_param()) == FALSE)
+ {
+
+ return -1;
+
+ }
+
+ DEBUG(0,("%s connecting \n",conn->user));
+
+ return (default_vfs_ops.connect(conn, service,user));
+}
+
+/*
+ * Free allocated structures and disconnect
+ *
+ */
+
+
+void block_disconnect(struct connection_struct *conn)
+{
+
+ struct block_dir *tmp_pblock = (pblock_mountp == NULL ? pblock_dir : pblock_mountp);
+ struct block_dir *free_pblock = NULL;
+
+ while(tmp_pblock != NULL)
+ {
+ free(tmp_pblock->dir_name);
+ free_pblock = tmp_pblock;
+ tmp_pblock = tmp_pblock->next;
+ free(free_pblock);
+
+ if(tmp_pblock == NULL && pblock_dir != NULL)
+ {
+ tmp_pblock = (pblock_mountp == NULL ? pblock_dir : NULL);
+ pblock_dir = NULL;
+
+ }
+
+ }
+
+
+
+ default_vfs_ops.disconnect(conn);
+}
+
+/*
+ * VFS opendir
+ */
+
+DIR *block_opendir(struct connection_struct *conn, char *fname)
+{
+
+ char *dir_name = NULL;
+ struct stat stat_buf;
+
+ dir_name = alloca((strlen(conn->origpath) + strlen(fname) + 2) * sizeof(char));
+
+ pstrcpy(dir_name,conn->origpath);
+ pstrcat(dir_name, "/");
+ strncat(dir_name, fname, strcspn(fname,"/"));
+
+ if((lstat(dir_name,&stat_buf)) == 0)
+ {
+ if((S_ISLNK(stat_buf.st_mode)) == 1)
+ {
+ stat(dir_name,&stat_buf);
+ if((search(&stat_buf) || dir_search(dir_name, fname) ) == TRUE)
+ {
+ DEBUG(0,("%s used link to blocked dir: %s \n", conn->user, dir_name));
+ errno = EACCES;
+ return NULL;
+ }
+ }
+ }
+
+ return (default_vfs_ops.opendir(conn, fname));
+}
+
+
+/*
+ * Find mount point to block in list
+ */
+
+BOOL search(struct stat *stat_buf)
+{
+ struct block_dir *tmp_pblock = pblock_mountp;
+
+ while(tmp_pblock != NULL)
+ {
+
+ if(tmp_pblock->st_dev == stat_buf->st_dev)
+ {
+ return TRUE;
+ }
+ tmp_pblock = tmp_pblock->next;
+ }
+
+ return FALSE;
+
+}
+
+/*
+ * Find dir in list to block id the starting point is link from a share
+ */
+
+BOOL dir_search(char *link, char *dir)
+{
+ char buf[PATH_MAX +1], *ext_path;
+ int len = 0;
+ struct block_dir *tmp_pblock = pblock_dir;
+
+ if((len = readlink(link,buf,sizeof(buf))) == -1)
+ {
+ return TRUE;
+
+ }else
+ {
+ buf[len] = '\0';
+ }
+
+
+ if((ext_path = strchr(dir,'/')) != NULL)
+ {
+ pstrcat(buf,&ext_path[1]);
+ len = strlen(buf);
+ }
+
+ while(tmp_pblock != NULL)
+ {
+ if(len < tmp_pblock->str_len)
+ {
+ tmp_pblock = tmp_pblock->next;
+ continue;
+ }
+
+ if((strstr(buf,tmp_pblock->dir_name)) != NULL)
+ {
+ return TRUE;
+ }
+ tmp_pblock = tmp_pblock->next;
+ }
+
+
+ return FALSE;
+
+}
diff --git a/examples/VFS/block/samba-block.conf b/examples/VFS/block/samba-block.conf
new file mode 100644
index 0000000000..7a137980b7
--- /dev/null
+++ b/examples/VFS/block/samba-block.conf
@@ -0,0 +1,6 @@
+[ blocked ]
+mount_point = /
+mount_point = /boot
+mount_point = /proc
+dir_name = /usr/local/src/samba
+dir_name = /usr/bin
diff --git a/examples/VFS/block/smb.conf b/examples/VFS/block/smb.conf
new file mode 100644
index 0000000000..368155f1f8
--- /dev/null
+++ b/examples/VFS/block/smb.conf
@@ -0,0 +1,13 @@
+[homes]
+ comment = Home Directories
+ vfs object = /usr/local/samba/lib/block.so
+ browseable = yes
+ writable = yes
+
+
+
+
+
+
+
+