diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/include/smb.h | 1 | ||||
-rw-r--r-- | source3/param/loadparm.c | 8 | ||||
-rw-r--r-- | source3/smbd/server.c | 12 |
4 files changed, 21 insertions, 2 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 92feccf384..3929348da6 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -246,7 +246,9 @@ BOOL lp_map_system(int ); BOOL lp_delete_readonly(int ); BOOL lp_fake_oplocks(int ); int lp_create_mode(int ); +int lp_force_create_mode(int ); int lp_dir_mode(int ); +int lp_force_dir_mode(int ); int lp_max_connections(int ); int lp_defaultcase(int ); int lp_minprintspace(int ); diff --git a/source3/include/smb.h b/source3/include/smb.h index 9af653220a..2dc2624566 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -511,7 +511,6 @@ struct connect_record #define MAP_HIDDEN(cnum) (OPEN_CNUM(cnum) && lp_map_hidden(SNUM(cnum))) #define MAP_SYSTEM(cnum) (OPEN_CNUM(cnum) && lp_map_system(SNUM(cnum))) #define MAP_ARCHIVE(cnum) (OPEN_CNUM(cnum) && lp_map_archive(SNUM(cnum))) -#define CREATE_MODE(cnum) (lp_create_mode(SNUM(cnum)) | 0700) #ifdef SMB_PASSWD #define SMBENCRYPT() (lp_encrypted_passwords()) #else diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 8f0108cc12..8c2dd2776c 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -221,7 +221,9 @@ typedef struct char *volume; int iMinPrintSpace; int iCreate_mode; + int iCreate_force_mode; int iDir_mode; + int iDir_force_mode; int iMaxConnections; int iDefaultCase; BOOL bAlternatePerm; @@ -296,7 +298,9 @@ static service sDefault = NULL, /* volume */ 0, /* iMinPrintSpace */ 0644, /* iCreate_mode */ + 0700, /* iCreate_force_mode */ 0755, /* iDir_mode */ + 0000, /* iDir_force_mode */ 0, /* iMaxConnections */ CASE_LOWER, /* iDefaultCase */ False, /* bAlternatePerm */ @@ -496,8 +500,10 @@ struct parm_struct {"min print space", P_INTEGER, P_LOCAL, &sDefault.iMinPrintSpace, NULL}, {"create mask", P_OCTAL, P_LOCAL, &sDefault.iCreate_mode, NULL}, {"create mode", P_OCTAL, P_LOCAL, &sDefault.iCreate_mode, NULL}, + {"force create mode",P_OCTAL, P_LOCAL, &sDefault.iCreate_force_mode, NULL}, {"directory mask", P_OCTAL, P_LOCAL, &sDefault.iDir_mode, NULL}, {"directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_mode, NULL}, + {"force directory mode", P_OCTAL, P_LOCAL, &sDefault.iDir_force_mode, NULL}, {"set directory", P_BOOLREV, P_LOCAL, &sDefault.bNo_set_dir, NULL}, {"status", P_BOOL, P_LOCAL, &sDefault.status, NULL}, {"hide dot files", P_BOOL, P_LOCAL, &sDefault.bHideDotFiles, NULL}, @@ -899,7 +905,9 @@ FN_LOCAL_BOOL(lp_delete_readonly,bDeleteReadonly) FN_LOCAL_BOOL(lp_fake_oplocks,bFakeOplocks) FN_LOCAL_INTEGER(lp_create_mode,iCreate_mode) +FN_LOCAL_INTEGER(lp_force_create_mode,iCreate_force_mode) FN_LOCAL_INTEGER(lp_dir_mode,iDir_mode) +FN_LOCAL_INTEGER(lp_force_dir_mode,iDir_force_mode) FN_LOCAL_INTEGER(lp_max_connections,iMaxConnections) FN_LOCAL_INTEGER(lp_defaultcase,iDefaultCase) FN_LOCAL_INTEGER(lp_minprintspace,iMinPrintSpace) diff --git a/source3/smbd/server.c b/source3/smbd/server.c index c808eac06a..203bdb8da8 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -130,8 +130,12 @@ void killkids(void) dos archive is represented in unix by the user's execute bit dos system is represented in unix by the group's execute bit dos hidden is represented in unix by the other's execute bit + Then apply create mask, + then add force bits. base permission for directories: dos directory is represented in unix by unix's dir bit and the exec bit + Then apply create mask, + then add force bits. ****************************************************************************/ mode_t unix_mode(int cnum,int dosmode) { @@ -144,7 +148,10 @@ mode_t unix_mode(int cnum,int dosmode) /* We never make directories read only for the owner as under DOS a user can always create a file in a read-only directory. */ result |= (S_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH | S_IWUSR); + /* Apply directory mask */ result &= lp_dir_mode(SNUM(cnum)); + /* Add in force bits */ + result |= lp_force_dir_mode(SNUM(cnum)); } else { if (MAP_ARCHIVE(cnum) && IS_DOS_ARCHIVE(dosmode)) result |= S_IXUSR; @@ -155,7 +162,10 @@ mode_t unix_mode(int cnum,int dosmode) if (MAP_HIDDEN(cnum) && IS_DOS_HIDDEN(dosmode)) result |= S_IXOTH; - result &= CREATE_MODE(cnum); + /* Apply mode mask */ + result &= lp_create_mode(SNUM(cnum)); + /* Add in force bits */ + result |= lp_force_create_mode(SNUM(cnum)); } return(result); } |