summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/locking/locking.c59
-rw-r--r--source3/locking/proto.h1
-rw-r--r--source3/smbd/file_access.c59
-rw-r--r--source3/smbd/proto.h1
4 files changed, 60 insertions, 60 deletions
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
index c1f99430ed..b0f719bb48 100644
--- a/source3/locking/locking.c
+++ b/source3/locking/locking.c
@@ -1182,65 +1182,6 @@ bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp)
return True;
}
-/****************************************************************************
- Check if setting delete on close is allowed on this fsp.
-****************************************************************************/
-
-NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode)
-{
- /*
- * Only allow delete on close for writable files.
- */
-
- if ((dosmode & FILE_ATTRIBUTE_READONLY) &&
- !lp_delete_readonly(SNUM(fsp->conn))) {
- DEBUG(10,("can_set_delete_on_close: file %s delete on close "
- "flag set but file attribute is readonly.\n",
- fsp_str_dbg(fsp)));
- return NT_STATUS_CANNOT_DELETE;
- }
-
- /*
- * Only allow delete on close for writable shares.
- */
-
- if (!CAN_WRITE(fsp->conn)) {
- DEBUG(10,("can_set_delete_on_close: file %s delete on "
- "close flag set but write access denied on share.\n",
- fsp_str_dbg(fsp)));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- /*
- * Only allow delete on close for files/directories opened with delete
- * intent.
- */
-
- if (!(fsp->access_mask & DELETE_ACCESS)) {
- DEBUG(10,("can_set_delete_on_close: file %s delete on "
- "close flag set but delete access denied.\n",
- fsp_str_dbg(fsp)));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- /* Don't allow delete on close for non-empty directories. */
- if (fsp->is_directory) {
- SMB_ASSERT(!is_ntfs_stream_smb_fname(fsp->fsp_name));
-
- /* Or the root of a share. */
- if (ISDOT(fsp->fsp_name->base_name)) {
- DEBUG(10,("can_set_delete_on_close: can't set delete on "
- "close for the root of a share.\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- return can_delete_directory(fsp->conn,
- fsp->fsp_name->base_name);
- }
-
- return NT_STATUS_OK;
-}
-
/*************************************************************************
Return a talloced copy of a struct security_unix_token. NULL on fail.
(Should this be in locking.c.... ?).
diff --git a/source3/locking/proto.h b/source3/locking/proto.h
index b7c8990b1a..5be8acc920 100644
--- a/source3/locking/proto.h
+++ b/source3/locking/proto.h
@@ -172,7 +172,6 @@ void del_deferred_open_entry(struct share_mode_lock *lck, uint64_t mid,
struct server_id pid);
bool remove_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
bool downgrade_share_oplock(struct share_mode_lock *lck, files_struct *fsp);
-NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode);
const struct security_unix_token *get_delete_on_close_token(struct share_mode_lock *lck, uint32_t name_hash);
void set_delete_on_close_lck(files_struct *fsp,
struct share_mode_lock *lck,
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 4a473d76a6..9fff8e3051 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -170,3 +170,62 @@ bool directory_has_default_acl(connection_struct *conn, const char *fname)
TALLOC_FREE(secdesc);
return false;
}
+
+/****************************************************************************
+ Check if setting delete on close is allowed on this fsp.
+****************************************************************************/
+
+NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode)
+{
+ /*
+ * Only allow delete on close for writable files.
+ */
+
+ if ((dosmode & FILE_ATTRIBUTE_READONLY) &&
+ !lp_delete_readonly(SNUM(fsp->conn))) {
+ DEBUG(10,("can_set_delete_on_close: file %s delete on close "
+ "flag set but file attribute is readonly.\n",
+ fsp_str_dbg(fsp)));
+ return NT_STATUS_CANNOT_DELETE;
+ }
+
+ /*
+ * Only allow delete on close for writable shares.
+ */
+
+ if (!CAN_WRITE(fsp->conn)) {
+ DEBUG(10,("can_set_delete_on_close: file %s delete on "
+ "close flag set but write access denied on share.\n",
+ fsp_str_dbg(fsp)));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ /*
+ * Only allow delete on close for files/directories opened with delete
+ * intent.
+ */
+
+ if (!(fsp->access_mask & DELETE_ACCESS)) {
+ DEBUG(10,("can_set_delete_on_close: file %s delete on "
+ "close flag set but delete access denied.\n",
+ fsp_str_dbg(fsp)));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ /* Don't allow delete on close for non-empty directories. */
+ if (fsp->is_directory) {
+ SMB_ASSERT(!is_ntfs_stream_smb_fname(fsp->fsp_name));
+
+ /* Or the root of a share. */
+ if (ISDOT(fsp->fsp_name->base_name)) {
+ DEBUG(10,("can_set_delete_on_close: can't set delete on "
+ "close for the root of a share.\n"));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ return can_delete_directory(fsp->conn,
+ fsp->fsp_name->base_name);
+ }
+
+ return NT_STATUS_OK;
+}
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index e0f48b7bcb..34b252006b 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -310,6 +310,7 @@ bool can_delete_file_in_directory(connection_struct *conn,
bool can_write_to_file(connection_struct *conn,
const struct smb_filename *smb_fname);
bool directory_has_default_acl(connection_struct *conn, const char *fname);
+NTSTATUS can_set_delete_on_close(files_struct *fsp, uint32 dosmode);
/* The following definitions come from smbd/fileio.c */