From 1be85de5884d107f89eaf4221f225c9ec468365e Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 25 Oct 2004 05:27:49 +0000
Subject: r3193: improved the initial permissions choice for file create, based
 upon dos attribute (This used to be commit
 f6fb1e3493a2a0734747f769cd1013215d967cde)

---
 source4/ntvfs/posix/pvfs_fileinfo.c | 86 +++++++++++++++----------------------
 source4/ntvfs/posix/pvfs_open.c     | 36 ++++++++++++----
 2 files changed, 61 insertions(+), 61 deletions(-)

(limited to 'source4/ntvfs/posix')

diff --git a/source4/ntvfs/posix/pvfs_fileinfo.c b/source4/ntvfs/posix/pvfs_fileinfo.c
index 77eb10422d..4fa2c1601b 100644
--- a/source4/ntvfs/posix/pvfs_fileinfo.c
+++ b/source4/ntvfs/posix/pvfs_fileinfo.c
@@ -35,58 +35,6 @@
 #define UNIX_TYPE_UNKNOWN 0xFFFFFFFF
 
 
-/*
- Return the major devicenumber for UNIX extensions.
-*/
-static uint32_t unix_dev_major(dev_t dev)
-{
-#if defined(HAVE_DEVICE_MAJOR_FN)
-	return (uint32)major(dev);
-#else
-	return (uint32)(dev >> 8);
-#endif
-}
-
-/*
- Return the minor devicenumber for UNIX extensions.
-*/
-static uint32_t unix_dev_minor(dev_t dev)
-{
-#if defined(HAVE_DEVICE_MINOR_FN)
-	return (uint32)minor(dev);
-#else
-	return (uint32)(dev & 0xff);
-#endif
-}
-
-/*
- Return the filetype for UNIX extensions
-*/
-static uint32_t unix_filetype(mode_t mode)
-{
-	if (S_ISREG(mode)) return UNIX_TYPE_FILE;
-	if (S_ISDIR(mode)) return UNIX_TYPE_DIR;
-#ifdef S_ISLNK
-	if (S_ISLNK(mode)) return UNIX_TYPE_SYMLINK;
-#endif
-#ifdef S_ISCHR
-	if (S_ISCHR(mode)) return UNIX_TYPE_CHARDEV;
-#endif
-#ifdef S_ISBLK
-	if (S_ISBLK(mode)) return UNIX_TYPE_BLKDEV;
-#endif
-#ifdef S_ISFIFO
-	if (S_ISFIFO(mode)) return UNIX_TYPE_FIFO;
-#endif
-#ifdef S_ISSOCK
-	if (S_ISSOCK(mode)) return UNIX_TYPE_SOCKET;
-#endif
-
-	DEBUG(0,("unix_filetype: unknown filetype %u", (unsigned)mode));
-	return UNIX_TYPE_UNKNOWN;
-}
-
-
 /****************************************************************************
  Change a unix mode to a dos mode.
 ****************************************************************************/
@@ -153,3 +101,37 @@ NTSTATUS pvfs_fill_dos_info(struct pvfs_state *pvfs, struct pvfs_filename *name)
 
 	return NT_STATUS_OK;
 }
+
+
+/*
+  return a set of unix file permissions for a new file or directory
+*/
+mode_t pvfs_fileperms(struct pvfs_state *pvfs, uint32 attrib)
+{
+	mode_t mode = S_IRUSR | S_IRGRP | S_IROTH;
+
+	if (attrib & FILE_ATTRIBUTE_DIRECTORY) {
+		mode |= S_IXUSR | S_IXGRP | S_IXOTH;
+	}
+
+	if (!(attrib & FILE_ATTRIBUTE_READONLY)) {
+		mode |= S_IWUSR;
+	}
+
+	if ((attrib & FILE_ATTRIBUTE_ARCHIVE) &&
+	    (pvfs->flags & PVFS_FLAG_MAP_ARCHIVE)) {
+		mode |= S_IXUSR;
+	}
+
+	if ((attrib & FILE_ATTRIBUTE_SYSTEM) &&
+	    (pvfs->flags & PVFS_FLAG_MAP_SYSTEM)) {
+		mode |= S_IXGRP;
+	}
+
+	if ((attrib & FILE_ATTRIBUTE_HIDDEN) &&
+	    (pvfs->flags & PVFS_FLAG_MAP_HIDDEN)) {
+		mode |= S_IXOTH;
+	}
+
+	return mode;
+}
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index b66b3725db..4844521c45 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -150,7 +150,9 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs,
 	talloc_set_destructor(f, pvfs_dir_fd_destructor);
 
 	if (!name->exists) {
-		if (mkdir(name->full_name, 0755) == -1) {
+		uint32_t attrib = io->generic.in.file_attr | FILE_ATTRIBUTE_DIRECTORY;
+		mode_t mode = pvfs_fileperms(pvfs, attrib);
+		if (mkdir(name->full_name, mode) == -1) {
 			return pvfs_map_errno(pvfs,errno);
 		}
 		status = pvfs_resolve_name(pvfs, req, io->ntcreatex.in.fname,
@@ -287,7 +289,17 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
 		access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE;
 	}
 
-	flags = O_RDWR;
+	switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) {
+	case SA_RIGHT_FILE_READ_DATA:
+		flags = O_RDONLY;
+		break;
+	case SA_RIGHT_FILE_WRITE_DATA:
+		flags = O_WRONLY;
+		break;
+	case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA:
+		flags = O_RDWR;
+		break;
+	}
 
 	f = talloc_p(req, struct pvfs_file);
 	if (f == NULL) {
@@ -299,11 +311,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
 		return NT_STATUS_TOO_MANY_OPENED_FILES;
 	}
 
-	if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) {
-		mode = 0444;
-	} else {
-		mode = 0644;
-	}
+	mode = pvfs_fileperms(pvfs, io->ntcreatex.in.file_attr);
 
 	/* create the file */
 	fd = open(name->full_name, flags | O_CREAT | O_EXCL, mode);
@@ -434,7 +442,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
 	access_mask    = io->generic.in.access_mask;
 
 	if (access_mask & SEC_RIGHT_MAXIMUM_ALLOWED) {
-		if (name->dos.attrib & FILE_ATTRIBUTE_READONLY) {
+		if (name->exists && (name->dos.attrib & FILE_ATTRIBUTE_READONLY)) {
 			access_mask = GENERIC_RIGHTS_FILE_READ;
 		} else {
 			access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE;
@@ -488,7 +496,17 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	flags |= O_RDWR;
+	switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) {
+	case SA_RIGHT_FILE_READ_DATA:
+		flags |= O_RDONLY;
+		break;
+	case SA_RIGHT_FILE_WRITE_DATA:
+		flags |= O_WRONLY;
+		break;
+	case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA:
+		flags |= O_RDWR;
+		break;
+	}
 
 	/* handle creating a new file separately */
 	if (!name->exists) {
-- 
cgit