sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

s3: VFS: Add SMB_VFS_GET_NT_ACL_AT().

Browse Source 
Currently identical to SMB_VFS_GET_NT_ACL().

Next, add to all VFS modules that implement
get_nt_acl and eventually remove get_nt_acl.

NB. Modules that use smb_vfs_assert_all_fns()
have SMB_VFS_GET_NT_ACL_AT() will not build
until they have this function added.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Jeremy Allison 2020-04-09 17:35:49 -07:00
parent 2437dcc5ac
commit 773b6e1740
8 changed files with 102 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
examples/VFS/skel_opaque.c
View File

@ -800,6 +800,16 @@ static NTSTATUS skel_get_nt_acl(vfs_handle_struct *handle,
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS skel_get_nt_acl_at(vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd)
@ -1133,6 +1143,7 @@ static struct vfs_fn_pointers skel_opaque_fns = {
.fget_nt_acl_fn = skel_fget_nt_acl,
.get_nt_acl_fn = skel_get_nt_acl,
.get_nt_acl_at_fn = skel_get_nt_acl_at,
.fset_nt_acl_fn = skel_fset_nt_acl,
/* POSIX ACL operations. */

16
examples/VFS/skel_transparent.c
View File

@ -1068,6 +1068,21 @@ static NTSTATUS skel_get_nt_acl(vfs_handle_struct *handle,
ppdesc);
}
static NTSTATUS skel_get_nt_acl_at(vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
return SMB_VFS_NEXT_GET_NT_ACL_AT(handle,
dirfsp,
smb_fname,
security_info,
mem_ctx,
ppdesc);
}
static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd)
@ -1440,6 +1455,7 @@ static struct vfs_fn_pointers skel_transparent_fns = {
.fget_nt_acl_fn = skel_fget_nt_acl,
.get_nt_acl_fn = skel_get_nt_acl,
.get_nt_acl_at_fn = skel_get_nt_acl_at,
.fset_nt_acl_fn = skel_fset_nt_acl,
/* POSIX ACL operations. */

1
source3/include/smbprofile.h
View File

@ -98,6 +98,7 @@ struct tevent_context;
\
SMBPROFILE_STATS_SECTION_START(acl, "ACL Calls") \
SMBPROFILE_STATS_BASIC(get_nt_acl) \
SMBPROFILE_STATS_BASIC(get_nt_acl_at) \
SMBPROFILE_STATS_BASIC(fget_nt_acl) \
SMBPROFILE_STATS_BASIC(fset_nt_acl) \
SMBPROFILE_STATS_SECTION_END \

19
source3/include/vfs.h
View File

@ -318,6 +318,7 @@
* to be a struct smb_filename
* Version 43 - convert link_contents arg of SMB_VFS_SYMLINKAT()
* to struct smb_filename
* Version 43 - Add SMB_VFS_GET_NT_ACL_AT().
*/
#define SMB_VFS_INTERFACE_VERSION 43
@ -1008,6 +1009,12 @@ struct vfs_fn_pointers {
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS (*get_nt_acl_at_fn)(struct vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS (*fset_nt_acl_fn)(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,
@ -1533,6 +1540,12 @@ NTSTATUS smb_vfs_call_get_nt_acl(struct vfs_handle_struct *handle,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS smb_vfs_call_get_nt_acl_at(struct vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS smb_vfs_call_fset_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,
@ -1960,6 +1973,12 @@ NTSTATUS vfs_not_implemented_get_nt_acl(vfs_handle_struct *handle,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS vfs_not_implemented_get_nt_acl_at(vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc);
NTSTATUS vfs_not_implemented_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd);

5
source3/include/vfs_macros.h
View File

@ -482,6 +482,11 @@
#define SMB_VFS_NEXT_GET_NT_ACL(handle, smb_fname, security_info, mem_ctx, ppdesc) \
smb_vfs_call_get_nt_acl((handle)->next, (smb_fname), (security_info), (mem_ctx), (ppdesc))
#define SMB_VFS_GET_NT_ACL_AT(conn, dirfsp, smb_fname, security_info, mem_ctx, ppdesc) \
smb_vfs_call_get_nt_acl_at((conn)->vfs_handles, (dirfsp), (smb_fname), (security_info), (mem_ctx), (ppdesc))
#define SMB_VFS_NEXT_GET_NT_ACL_AT(handle, dirfsp, smb_fname, security_info, mem_ctx, ppdesc) \
smb_vfs_call_get_nt_acl_at((handle)->next, (dirfsp), (smb_fname), (security_info), (mem_ctx), (ppdesc))
#define SMB_VFS_AUDIT_FILE(conn, name, sacl, access_requested, access_denied) \
smb_vfs_call_audit_file((conn)->vfs_handles, (name), (sacl), (access_requested), (access_denied))
#define SMB_VFS_NEXT_AUDIT_FILE(handle, name, sacl, access_requested, access_denied) \

23
source3/modules/vfs_default.c
View File

@ -3139,6 +3139,28 @@ static NTSTATUS vfswrap_get_nt_acl(vfs_handle_struct *handle,
return result;
}
static NTSTATUS vfswrap_get_nt_acl_at(vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
NTSTATUS result;
START_PROFILE(get_nt_acl_at);
SMB_ASSERT(dirfsp == dirfsp->conn->cwd_fsp);
result = posix_get_nt_acl(handle->conn,
smb_fname,
security_info,
mem_ctx,
ppdesc);
END_PROFILE(get_nt_acl_at);
return result;
}
static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
{
NTSTATUS result;
@ -3734,6 +3756,7 @@ static struct vfs_fn_pointers vfs_default_fns = {
.fget_nt_acl_fn = vfswrap_fget_nt_acl,
.get_nt_acl_fn = vfswrap_get_nt_acl,
.get_nt_acl_at_fn = vfswrap_get_nt_acl_at,
.fset_nt_acl_fn = vfswrap_fset_nt_acl,
.audit_file_fn = vfswrap_audit_file,

11
source3/modules/vfs_not_implemented.c
View File

@ -805,6 +805,16 @@ NTSTATUS vfs_not_implemented_get_nt_acl(vfs_handle_struct *handle,
return NT_STATUS_NOT_IMPLEMENTED;
}
NTSTATUS vfs_not_implemented_get_nt_acl_at(vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
NTSTATUS vfs_not_implemented_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
uint32_t security_info_sent,
const struct security_descriptor *psd)
@ -1138,6 +1148,7 @@ static struct vfs_fn_pointers vfs_not_implemented_fns = {
.fget_nt_acl_fn = vfs_not_implemented_fget_nt_acl,
.get_nt_acl_fn = vfs_not_implemented_get_nt_acl,
.get_nt_acl_at_fn = vfs_not_implemented_get_nt_acl_at,
.fset_nt_acl_fn = vfs_not_implemented_fset_nt_acl,
/* POSIX ACL operations. */

16
source3/smbd/vfs.c
View File

@ -2547,6 +2547,22 @@ NTSTATUS smb_vfs_call_get_nt_acl(struct vfs_handle_struct *handle,
ppdesc);
}
NTSTATUS smb_vfs_call_get_nt_acl_at(struct vfs_handle_struct *handle,
struct files_struct *dirfsp,
const struct smb_filename *smb_fname,
uint32_t security_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **ppdesc)
{
VFS_FIND(get_nt_acl_at);
return handle->fns->get_nt_acl_at_fn(handle,
dirfsp,
smb_fname,
security_info,
mem_ctx,
ppdesc);
}
NTSTATUS smb_vfs_call_fset_nt_acl(struct vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t security_info_sent,