From 1be85de5884d107f89eaf4221f225c9ec468365e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 25 Oct 2004 05:27:49 +0000 Subject: r3193: improved the initial permissions choice for file create, based upon dos attribute (This used to be commit f6fb1e3493a2a0734747f769cd1013215d967cde) --- source4/ntvfs/posix/pvfs_fileinfo.c | 86 +++++++++++++++---------------------- source4/ntvfs/posix/pvfs_open.c | 36 ++++++++++++---- 2 files changed, 61 insertions(+), 61 deletions(-) (limited to 'source4/ntvfs/posix') diff --git a/source4/ntvfs/posix/pvfs_fileinfo.c b/source4/ntvfs/posix/pvfs_fileinfo.c index 77eb10422d..4fa2c1601b 100644 --- a/source4/ntvfs/posix/pvfs_fileinfo.c +++ b/source4/ntvfs/posix/pvfs_fileinfo.c @@ -35,58 +35,6 @@ #define UNIX_TYPE_UNKNOWN 0xFFFFFFFF -/* - Return the major devicenumber for UNIX extensions. -*/ -static uint32_t unix_dev_major(dev_t dev) -{ -#if defined(HAVE_DEVICE_MAJOR_FN) - return (uint32)major(dev); -#else - return (uint32)(dev >> 8); -#endif -} - -/* - Return the minor devicenumber for UNIX extensions. -*/ -static uint32_t unix_dev_minor(dev_t dev) -{ -#if defined(HAVE_DEVICE_MINOR_FN) - return (uint32)minor(dev); -#else - return (uint32)(dev & 0xff); -#endif -} - -/* - Return the filetype for UNIX extensions -*/ -static uint32_t unix_filetype(mode_t mode) -{ - if (S_ISREG(mode)) return UNIX_TYPE_FILE; - if (S_ISDIR(mode)) return UNIX_TYPE_DIR; -#ifdef S_ISLNK - if (S_ISLNK(mode)) return UNIX_TYPE_SYMLINK; -#endif -#ifdef S_ISCHR - if (S_ISCHR(mode)) return UNIX_TYPE_CHARDEV; -#endif -#ifdef S_ISBLK - if (S_ISBLK(mode)) return UNIX_TYPE_BLKDEV; -#endif -#ifdef S_ISFIFO - if (S_ISFIFO(mode)) return UNIX_TYPE_FIFO; -#endif -#ifdef S_ISSOCK - if (S_ISSOCK(mode)) return UNIX_TYPE_SOCKET; -#endif - - DEBUG(0,("unix_filetype: unknown filetype %u", (unsigned)mode)); - return UNIX_TYPE_UNKNOWN; -} - - /**************************************************************************** Change a unix mode to a dos mode. ****************************************************************************/ @@ -153,3 +101,37 @@ NTSTATUS pvfs_fill_dos_info(struct pvfs_state *pvfs, struct pvfs_filename *name) return NT_STATUS_OK; } + + +/* + return a set of unix file permissions for a new file or directory +*/ +mode_t pvfs_fileperms(struct pvfs_state *pvfs, uint32 attrib) +{ + mode_t mode = S_IRUSR | S_IRGRP | S_IROTH; + + if (attrib & FILE_ATTRIBUTE_DIRECTORY) { + mode |= S_IXUSR | S_IXGRP | S_IXOTH; + } + + if (!(attrib & FILE_ATTRIBUTE_READONLY)) { + mode |= S_IWUSR; + } + + if ((attrib & FILE_ATTRIBUTE_ARCHIVE) && + (pvfs->flags & PVFS_FLAG_MAP_ARCHIVE)) { + mode |= S_IXUSR; + } + + if ((attrib & FILE_ATTRIBUTE_SYSTEM) && + (pvfs->flags & PVFS_FLAG_MAP_SYSTEM)) { + mode |= S_IXGRP; + } + + if ((attrib & FILE_ATTRIBUTE_HIDDEN) && + (pvfs->flags & PVFS_FLAG_MAP_HIDDEN)) { + mode |= S_IXOTH; + } + + return mode; +} diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c index b66b3725db..4844521c45 100644 --- a/source4/ntvfs/posix/pvfs_open.c +++ b/source4/ntvfs/posix/pvfs_open.c @@ -150,7 +150,9 @@ static NTSTATUS pvfs_open_directory(struct pvfs_state *pvfs, talloc_set_destructor(f, pvfs_dir_fd_destructor); if (!name->exists) { - if (mkdir(name->full_name, 0755) == -1) { + uint32_t attrib = io->generic.in.file_attr | FILE_ATTRIBUTE_DIRECTORY; + mode_t mode = pvfs_fileperms(pvfs, attrib); + if (mkdir(name->full_name, mode) == -1) { return pvfs_map_errno(pvfs,errno); } status = pvfs_resolve_name(pvfs, req, io->ntcreatex.in.fname, @@ -287,7 +289,17 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs, access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE; } - flags = O_RDWR; + switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) { + case SA_RIGHT_FILE_READ_DATA: + flags = O_RDONLY; + break; + case SA_RIGHT_FILE_WRITE_DATA: + flags = O_WRONLY; + break; + case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA: + flags = O_RDWR; + break; + } f = talloc_p(req, struct pvfs_file); if (f == NULL) { @@ -299,11 +311,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs, return NT_STATUS_TOO_MANY_OPENED_FILES; } - if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) { - mode = 0444; - } else { - mode = 0644; - } + mode = pvfs_fileperms(pvfs, io->ntcreatex.in.file_attr); /* create the file */ fd = open(name->full_name, flags | O_CREAT | O_EXCL, mode); @@ -434,7 +442,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs, access_mask = io->generic.in.access_mask; if (access_mask & SEC_RIGHT_MAXIMUM_ALLOWED) { - if (name->dos.attrib & FILE_ATTRIBUTE_READONLY) { + if (name->exists && (name->dos.attrib & FILE_ATTRIBUTE_READONLY)) { access_mask = GENERIC_RIGHTS_FILE_READ; } else { access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE; @@ -488,7 +496,17 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs, return NT_STATUS_INVALID_PARAMETER; } - flags |= O_RDWR; + switch (access_mask & (SA_RIGHT_FILE_READ_DATA | SA_RIGHT_FILE_WRITE_DATA)) { + case SA_RIGHT_FILE_READ_DATA: + flags |= O_RDONLY; + break; + case SA_RIGHT_FILE_WRITE_DATA: + flags |= O_WRONLY; + break; + case SA_RIGHT_FILE_WRITE_DATA|SA_RIGHT_FILE_READ_DATA: + flags |= O_RDWR; + break; + } /* handle creating a new file separately */ if (!name->exists) { -- cgit