typedef union aixjfs2_acl_t AIXJFS2_ACL_T |
int try_chown | ( | connection_struct * | conn, | |
const char * | fname, | |||
uid_t | uid, | |||
gid_t | gid | |||
) |
posix_acls.c の 3056 行で定義されています。
参照先 become_root()・close_file_fchmod()・current_user・errno・fd_handle::fd・files_struct::fh・current_user::nt_user_token・open_file_fchmod()・se_restore・se_take_ownership・_unix_token::uid・unbecome_root()・user_has_privileges()・current_user::ut.
03057 { 03058 int ret; 03059 files_struct *fsp; 03060 SMB_STRUCT_STAT st; 03061 03062 if(!CAN_WRITE(conn)) { 03063 return -1; 03064 } 03065 03066 /* Case (1). */ 03067 /* try the direct way first */ 03068 ret = SMB_VFS_CHOWN(conn, fname, uid, gid); 03069 if (ret == 0) 03070 return 0; 03071 03072 /* Case (2) / (3) */ 03073 if (lp_enable_privileges()) { 03074 03075 BOOL has_take_ownership_priv = user_has_privileges(current_user.nt_user_token, 03076 &se_take_ownership); 03077 BOOL has_restore_priv = user_has_privileges(current_user.nt_user_token, 03078 &se_restore); 03079 03080 /* Case (2) */ 03081 if ( ( has_take_ownership_priv && ( uid == current_user.ut.uid ) ) || 03082 /* Case (3) */ 03083 ( has_restore_priv ) ) { 03084 03085 become_root(); 03086 /* Keep the current file gid the same - take ownership doesn't imply group change. */ 03087 ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1); 03088 unbecome_root(); 03089 return ret; 03090 } 03091 } 03092 03093 /* Case (4). */ 03094 if (!lp_dos_filemode(SNUM(conn))) { 03095 return -1; 03096 } 03097 03098 /* only allow chown to the current user. This is more secure, 03099 and also copes with the case where the SID in a take ownership ACL is 03100 a local SID on the users workstation 03101 */ 03102 if (uid != current_user.ut.uid) { 03103 errno = EPERM; 03104 return -1; 03105 } 03106 03107 if (SMB_VFS_STAT(conn,fname,&st)) { 03108 return -1; 03109 } 03110 03111 if (!NT_STATUS_IS_OK(open_file_fchmod(conn,fname,&st,&fsp))) { 03112 return -1; 03113 } 03114 03115 become_root(); 03116 /* Keep the current file gid the same. */ 03117 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, uid, (gid_t)-1); 03118 unbecome_root(); 03119 03120 close_file_fchmod(fsp); 03121 03122 return ret; 03123 }
BOOL unpack_nt_owners | ( | int | snum, | |
uid_t * | puser, | |||
gid_t * | pgrp, | |||
uint32 | security_info_sent, | |||
SEC_DESC * | psd | |||
) |
posix_acls.c の 929 行で定義されています。
参照先 current_user・_unix_token::gid・security_descriptor_info::group_sid・security_descriptor_info::owner_sid・sid_copy()・sid_string_static()・sid_to_gid()・sid_to_uid()・_unix_token::uid・current_user::ut.
00930 { 00931 DOM_SID owner_sid; 00932 DOM_SID grp_sid; 00933 00934 *puser = (uid_t)-1; 00935 *pgrp = (gid_t)-1; 00936 00937 if(security_info_sent == 0) { 00938 DEBUG(0,("unpack_nt_owners: no security info sent !\n")); 00939 return True; 00940 } 00941 00942 /* 00943 * Validate the owner and group SID's. 00944 */ 00945 00946 memset(&owner_sid, '\0', sizeof(owner_sid)); 00947 memset(&grp_sid, '\0', sizeof(grp_sid)); 00948 00949 DEBUG(5,("unpack_nt_owners: validating owner_sids.\n")); 00950 00951 /* 00952 * Don't immediately fail if the owner sid cannot be validated. 00953 * This may be a group chown only set. 00954 */ 00955 00956 if (security_info_sent & OWNER_SECURITY_INFORMATION) { 00957 sid_copy(&owner_sid, psd->owner_sid); 00958 if (!sid_to_uid(&owner_sid, puser)) { 00959 if (lp_force_unknown_acl_user(snum)) { 00960 /* this allows take ownership to work 00961 * reasonably */ 00962 *puser = current_user.ut.uid; 00963 } else { 00964 DEBUG(3,("unpack_nt_owners: unable to validate" 00965 " owner sid for %s\n", 00966 sid_string_static(&owner_sid))); 00967 return False; 00968 } 00969 } 00970 } 00971 00972 /* 00973 * Don't immediately fail if the group sid cannot be validated. 00974 * This may be an owner chown only set. 00975 */ 00976 00977 if (security_info_sent & GROUP_SECURITY_INFORMATION) { 00978 sid_copy(&grp_sid, psd->group_sid); 00979 if (!sid_to_gid( &grp_sid, pgrp)) { 00980 if (lp_force_unknown_acl_user(snum)) { 00981 /* this allows take group ownership to work 00982 * reasonably */ 00983 *pgrp = current_user.ut.gid; 00984 } else { 00985 DEBUG(3,("unpack_nt_owners: unable to validate" 00986 " group sid.\n")); 00987 return False; 00988 } 00989 } 00990 } 00991 00992 DEBUG(5,("unpack_nt_owners: owner_sids validated.\n")); 00993 00994 return True; 00995 }
SMB_ACL_T aixacl_to_smbacl | ( | struct acl * | file_acl | ) |
vfs_aixacl_util.c の 23 行で定義されています。
参照先 smb_acl_entry::a_perm・smb_acl_entry::a_type・errno・smb_acl_entry::gid・result・SMB_ACL_GROUP・SMB_ACL_GROUP_OBJ・SMB_ACL_OTHER・SMB_ACL_USER・SMB_ACL_USER_OBJ・smb_acl_entry::uid.
00024 { 00025 struct acl_entry *acl_entry; 00026 struct ace_id *idp; 00027 00028 struct smb_acl_t *result = SMB_MALLOC_P(struct smb_acl_t); 00029 struct smb_acl_entry *ace; 00030 int i; 00031 00032 if (result == NULL) { 00033 return NULL; 00034 } 00035 ZERO_STRUCTP(result); 00036 00037 /* Point to the first acl entry in the acl */ 00038 acl_entry = file_acl->acl_ext; 00039 00040 00041 00042 DEBUG(10,("acl_entry is %d\n",acl_entry)); 00043 DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl))); 00044 00045 /* Check if the extended acl bit is on. * 00046 * If it isn't, do not show the * 00047 * contents of the acl since AIX intends * 00048 * the extended info to remain unused */ 00049 00050 if(file_acl->acl_mode & S_IXACL){ 00051 /* while we are not pointing to the very end */ 00052 while(acl_entry < acl_last(file_acl)) { 00053 /* before we malloc anything, make sure this is */ 00054 /* a valid acl entry and one that we want to map */ 00055 idp = id_nxt(acl_entry->ace_id); 00056 if((acl_entry->ace_type == ACC_SPECIFY || 00057 (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) { 00058 acl_entry = acl_nxt(acl_entry); 00059 continue; 00060 } 00061 00062 idp = acl_entry->ace_id; 00063 DEBUG(10,("idp->id_data is %d\n",idp->id_data[0])); 00064 00065 result = SMB_REALLOC(result, sizeof(struct smb_acl_t) + 00066 (sizeof(struct smb_acl_entry) * 00067 (result->count+1))); 00068 if (result == NULL) { 00069 DEBUG(0, ("SMB_REALLOC failed\n")); 00070 errno = ENOMEM; 00071 return NULL; 00072 } 00073 00074 00075 DEBUG(10,("idp->id_type is %d\n",idp->id_type)); 00076 ace = &result->acl[result->count]; 00077 00078 ace->a_type = idp->id_type; 00079 00080 switch(ace->a_type) { 00081 case ACEID_USER: { 00082 ace->uid = idp->id_data[0]; 00083 DEBUG(10,("case ACEID_USER ace->uid is %d\n",ace->uid)); 00084 ace->a_type = SMB_ACL_USER; 00085 break; 00086 } 00087 00088 case ACEID_GROUP: { 00089 ace->gid = idp->id_data[0]; 00090 DEBUG(10,("case ACEID_GROUP ace->gid is %d\n",ace->gid)); 00091 ace->a_type = SMB_ACL_GROUP; 00092 break; 00093 } 00094 default: 00095 break; 00096 } 00097 /* The access in the acl entries must be left shifted by * 00098 * three bites, because they will ultimately be compared * 00099 * to S_IRUSR, S_IWUSR, and S_IXUSR. */ 00100 00101 switch(acl_entry->ace_type){ 00102 case ACC_PERMIT: 00103 case ACC_SPECIFY: 00104 ace->a_perm = acl_entry->ace_access; 00105 ace->a_perm <<= 6; 00106 DEBUG(10,("ace->a_perm is %d\n",ace->a_perm)); 00107 break; 00108 case ACC_DENY: 00109 /* Since there is no way to return a DENY acl entry * 00110 * change to PERMIT and then shift. */ 00111 DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access)); 00112 ace->a_perm = ~acl_entry->ace_access & 7; 00113 DEBUG(10,("ace->a_perm is %d\n",ace->a_perm)); 00114 ace->a_perm <<= 6; 00115 break; 00116 default: 00117 DEBUG(0, ("unknown ace->type\n")); 00118 SAFE_FREE(result); 00119 return(0); 00120 } 00121 00122 result->count++; 00123 ace->a_perm |= (ace->a_perm & S_IRUSR) ? SMB_ACL_READ : 0; 00124 ace->a_perm |= (ace->a_perm & S_IWUSR) ? SMB_ACL_WRITE : 0; 00125 ace->a_perm |= (ace->a_perm & S_IXUSR) ? SMB_ACL_EXECUTE : 0; 00126 DEBUG(10,("ace->a_perm is %d\n",ace->a_perm)); 00127 00128 DEBUG(10,("acl_entry = %d\n",acl_entry)); 00129 DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type)); 00130 00131 acl_entry = acl_nxt(acl_entry); 00132 } 00133 } /* end of if enabled */ 00134 00135 /* Since owner, group, other acl entries are not * 00136 * part of the acl entries in an acl, they must * 00137 * be dummied up to become part of the list. */ 00138 00139 for( i = 1; i < 4; i++) { 00140 DEBUG(10,("i is %d\n",i)); 00141 00142 result = SMB_REALLOC(result, sizeof(struct smb_acl_t) + 00143 (sizeof(struct smb_acl_entry) * 00144 (result->count+1))); 00145 if (result == NULL) { 00146 DEBUG(0, ("SMB_REALLOC failed\n")); 00147 errno = ENOMEM; 00148 DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); 00149 return NULL; 00150 } 00151 00152 ace = &result->acl[result->count]; 00153 00154 ace->uid = 0; 00155 ace->gid = 0; 00156 DEBUG(10,("ace->uid = %d\n",ace->uid)); 00157 00158 switch(i) { 00159 case 2: 00160 ace->a_perm = file_acl->g_access << 6; 00161 ace->a_type = SMB_ACL_GROUP_OBJ; 00162 break; 00163 00164 case 3: 00165 ace->a_perm = file_acl->o_access << 6; 00166 ace->a_type = SMB_ACL_OTHER; 00167 break; 00168 00169 case 1: 00170 ace->a_perm = file_acl->u_access << 6; 00171 ace->a_type = SMB_ACL_USER_OBJ; 00172 break; 00173 00174 default: 00175 return(NULL); 00176 00177 } 00178 ace->a_perm |= ((ace->a_perm & S_IRUSR) ? SMB_ACL_READ : 0); 00179 ace->a_perm |= ((ace->a_perm & S_IWUSR) ? SMB_ACL_WRITE : 0); 00180 ace->a_perm |= ((ace->a_perm & S_IXUSR) ? SMB_ACL_EXECUTE : 0); 00181 00182 memcpy(&result->acl[result->count],ace,sizeof(struct smb_acl_entry)); 00183 result->count++; 00184 DEBUG(10,("ace->a_perm = %d\n",ace->a_perm)); 00185 DEBUG(10,("ace->a_type = %d\n",ace->a_type)); 00186 } 00187 00188 00189 return result; 00190 00191 00192 }
struct acl* aixacl_smb_to_aixacl | ( | SMB_ACL_TYPE_T | acltype, | |
SMB_ACL_T | theacl | |||
) |
vfs_aixacl_util.c の 206 行で定義されています。
参照先 smb_acl_entry::a_perm・smb_acl_entry::a_type・smb_acl_t::acl・aixacl_smb_to_aixperm()・smb_acl_t::count・errno・smb_acl_entry::gid・SMB_ACL_GROUP・SMB_ACL_GROUP_OBJ・SMB_ACL_MASK・SMB_ACL_OTHER・SMB_ACL_USER・SMB_ACL_USER_OBJ・smb_acl_entry::uid.
00207 { 00208 struct smb_acl_entry *smb_entry = NULL; 00209 struct acl *file_acl = NULL; 00210 struct acl *file_acl_temp = NULL; 00211 struct acl_entry *acl_entry = NULL; 00212 struct ace_id *ace_id = NULL; 00213 uint id_type; 00214 uint user_id; 00215 uint acl_length; 00216 int i; 00217 00218 DEBUG(10,("Entering aixacl_smb_to_aixacl\n")); 00219 /* AIX has no default ACL */ 00220 if(acltype == SMB_ACL_TYPE_DEFAULT) 00221 return NULL; 00222 00223 acl_length = BUFSIZ; 00224 file_acl = (struct acl *)SMB_MALLOC(BUFSIZ); 00225 if(file_acl == NULL) { 00226 errno = ENOMEM; 00227 DEBUG(0,("Error in aixacl_smb_to_aixacl is %d\n",errno)); 00228 return NULL; 00229 } 00230 00231 memset(file_acl,0,BUFSIZ); 00232 00233 file_acl->acl_len = ACL_SIZ; 00234 file_acl->acl_mode = S_IXACL; 00235 00236 for(i=0; i<theacl->count; i++ ) { 00237 smb_entry = &(theacl->acl[i]); 00238 id_type = smb_entry->a_type; 00239 DEBUG(10,("The id_type is %d\n",id_type)); 00240 00241 switch(id_type) { 00242 case SMB_ACL_USER_OBJ: 00243 file_acl->u_access = aixacl_smb_to_aixperm(smb_entry->a_perm); 00244 continue; 00245 case SMB_ACL_GROUP_OBJ: 00246 file_acl->g_access = aixacl_smb_to_aixperm(smb_entry->a_perm); 00247 continue; 00248 case SMB_ACL_OTHER: 00249 file_acl->o_access = aixacl_smb_to_aixperm(smb_entry->a_perm); 00250 continue; 00251 case SMB_ACL_MASK: 00252 continue; 00253 case SMB_ACL_GROUP: 00254 break; /* process this */ 00255 case SMB_ACL_USER: 00256 break; /* process this */ 00257 default: /* abnormal case */ 00258 DEBUG(10,("The id_type is unknown !\n")); 00259 continue; 00260 } 00261 00262 if((file_acl->acl_len + sizeof(struct acl_entry)) > acl_length) { 00263 acl_length += sizeof(struct acl_entry); 00264 file_acl_temp = (struct acl *)SMB_MALLOC(acl_length); 00265 if(file_acl_temp == NULL) { 00266 SAFE_FREE(file_acl); 00267 errno = ENOMEM; 00268 DEBUG(0,("Error in aixacl_smb_to_aixacl is %d\n",errno)); 00269 return NULL; 00270 } 00271 00272 memcpy(file_acl_temp,file_acl,file_acl->acl_len); 00273 SAFE_FREE(file_acl); 00274 file_acl = file_acl_temp; 00275 } 00276 00277 acl_entry = (struct acl_entry *)((char *)file_acl + file_acl->acl_len); 00278 file_acl->acl_len += sizeof(struct acl_entry); 00279 acl_entry->ace_len = sizeof(struct acl_entry); /* contains 1 ace_id */ 00280 acl_entry->ace_access = aixacl_smb_to_aixperm(smb_entry->a_perm); 00281 00282 /* In order to use this, we'll need to wait until we can get denies */ 00283 /* if(!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT) 00284 acl_entry->ace_type = ACC_SPECIFY; */ 00285 00286 acl_entry->ace_type = ACC_SPECIFY; 00287 00288 ace_id = acl_entry->ace_id; 00289 00290 ace_id->id_type = (smb_entry->a_type==SMB_ACL_GROUP) ? ACEID_GROUP : ACEID_USER; 00291 DEBUG(10,("The id type is %d\n",ace_id->id_type)); 00292 ace_id->id_len = sizeof(struct ace_id); /* contains 1 id_data */ 00293 ace_id->id_data[0] = (smb_entry->a_type==SMB_ACL_GROUP) ? smb_entry->gid : smb_entry->uid; 00294 } 00295 00296 return file_acl; 00297 }
static int32_t aixacl2_getlen | ( | AIXJFS2_ACL_T * | acl, | |
acl_type_t * | type | |||
) | [static] |
vfs_aixacl2.c の 42 行で定義されています。
参照先 aixjfs2_acl_t::aixc_acl・aixjfs2_acl_t::jfs2_acl・len.
00043 { 00044 int32_t len; 00045 00046 if(type->u64 == ACL_NFS4) { 00047 len = acl->jfs2_acl[0].aclLength; 00048 } 00049 else { 00050 if(type->u64 == ACL_AIXC) { 00051 len = acl->aixc_acl[0].acl_len; 00052 } else { 00053 DEBUG(0,("aixacl2_getlen:unknown type:%d\n",type->u64)); 00054 return False; 00055 } 00056 } 00057 DEBUG(10,("aixacl2_getlen:%d\n",len)); 00058 return len; 00059 }
static AIXJFS2_ACL_T* aixjfs2_getacl_alloc | ( | const char * | fname, | |
acl_type_t * | type | |||
) | [static] |
vfs_aixacl2.c の 61 行で定義されています。
参照先 aixacl2_getlen()・errno・len・main_loop_talloc_get()・mode・strerror().
参照元 aixjfs2_get_nfs4_acl()・aixjfs2_get_posix_acl().
00062 { 00063 AIXJFS2_ACL_T *acl; 00064 size_t len = 200; 00065 mode_t mode; 00066 int ret; 00067 uint64_t ctl_flag=0; 00068 TALLOC_CTX *mem_ctx; 00069 00070 mem_ctx = main_loop_talloc_get(); 00071 acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len); 00072 if (acl == NULL) { 00073 errno = ENOMEM; 00074 return NULL; 00075 } 00076 00077 if(type->u64 == ACL_ANY) { 00078 ctl_flag = ctl_flag | GET_ACLINFO_ONLY; 00079 } 00080 00081 ret = aclx_get((char *)fname, ctl_flag, type, acl, &len, &mode); 00082 if ((ret != 0) && (errno == ENOSPC)) { 00083 len = aixacl2_getlen(acl, type) + sizeof(AIXJFS2_ACL_T); 00084 DEBUG(10,("aixjfs2_getacl_alloc - acl_len:%d\n",len)); 00085 00086 acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len); 00087 if (acl == NULL) { 00088 errno = ENOMEM; 00089 return NULL; 00090 } 00091 00092 ret = aclx_get((char *)fname, ctl_flag, type, acl, &len, &mode); 00093 } 00094 if (ret != 0) { 00095 DEBUG(8, ("aclx_get failed with %s\n", strerror(errno))); 00096 return NULL; 00097 } 00098 00099 return acl; 00100 }
static BOOL aixjfs2_get_nfs4_acl | ( | files_struct * | fsp, | |
SMB4ACL_T ** | ppacl, | |||
BOOL * | pretryPosix | |||
) | [static] |
vfs_aixacl2.c の 102 行で定義されています。
参照先 _SMB_ACE4PROP_T::aceFlags・_SMB_ACE4PROP_T::aceMask・_SMB_ACE4PROP_T::aceType・aixjfs2_getacl_alloc()・errno・_SMB_ACE4PROP_T::flags・files_struct::fsp_name・_SMB_NFS4_ACEWHOID_T::id・aixjfs2_acl_t::jfs2_acl・smb_add_ace4()・smb_create_smb4acl()・strerror()・type・_SMB_ACE4PROP_T::who.
参照元 aixjfs2_get_nt_acl_common().
00104 { 00105 int32_t i; 00106 00107 AIXJFS2_ACL_T *pacl = NULL; 00108 nfs4_acl_int_t *jfs2_acl = NULL; 00109 nfs4_ace_int_t *jfs2_ace = NULL; 00110 acl_type_t type; 00111 00112 DEBUG(10,("jfs2 get_nt_acl invoked for %s\n", fsp->fsp_name)); 00113 00114 memset(&type, 0, sizeof(acl_type_t)); 00115 type.u64 = ACL_NFS4; 00116 00117 pacl = aixjfs2_getacl_alloc(fsp->fsp_name, &type); 00118 if (pacl == NULL) { 00119 DEBUG(9, ("aixjfs2_getacl_alloc failed for %s with %s\n", 00120 fsp->fsp_name, strerror(errno))); 00121 if (errno==ENOSYS) 00122 *pretryPosix = True; 00123 return False; 00124 } 00125 00126 jfs2_acl = &pacl->jfs2_acl[0]; 00127 DEBUG(10, ("len: %d, version: %d, nace: %d, type: 0x%x\n", 00128 jfs2_acl->aclLength, jfs2_acl->aclVersion, jfs2_acl->aclEntryN, type.u64)); 00129 00130 *ppacl = smb_create_smb4acl(); 00131 if (*ppacl==NULL) 00132 return False; 00133 00134 jfs2_ace = &jfs2_acl->aclEntry[0]; 00135 for (i=0; i<jfs2_acl->aclEntryN; i++) { 00136 SMB_ACE4PROP_T aceprop; 00137 00138 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, " 00139 "who: %d, aclLen: %d\n", jfs2_ace->aceType, jfs2_ace->flags, 00140 jfs2_ace->aceFlags, jfs2_ace->aceMask, jfs2_ace->aceWho.id, jfs2_ace->entryLen)); 00141 00142 aceprop.aceType = jfs2_ace->aceType; 00143 aceprop.aceFlags = jfs2_ace->aceFlags; 00144 aceprop.aceMask = jfs2_ace->aceMask; 00145 aceprop.flags = (jfs2_ace->flags&ACE4_ID_SPECIAL) ? SMB_ACE4_ID_SPECIAL : 0; 00146 00147 /* don't care it's real content is only 16 or 32 bit */ 00148 aceprop.who.id = jfs2_ace->aceWho.id; 00149 00150 if (smb_add_ace4(*ppacl, &aceprop)==NULL) 00151 return False; 00152 00153 /* iterate to the next jfs2 ace */ 00154 jfs2_ace = (nfs4_ace_int_t *)(((char *)jfs2_ace) + jfs2_ace->entryLen); 00155 } 00156 00157 DEBUG(10,("jfs2 get_nt_acl finished successfully\n")); 00158 00159 return True; 00160 }
static size_t aixjfs2_get_nt_acl_common | ( | files_struct * | fsp, | |
uint32 | security_info, | |||
SEC_DESC ** | ppdesc | |||
) | [static] |
vfs_aixacl2.c の 162 行で定義されています。
参照先 aixjfs2_get_nfs4_acl()・get_nt_acl()・result・smb_get_nt_acl_nfs4().
参照元 aixjfs2_fget_nt_acl()・aixjfs2_get_nt_acl().
00164 { 00165 SMB4ACL_T *pacl = NULL; 00166 BOOL result; 00167 BOOL retryPosix = False; 00168 00169 *ppdesc = NULL; 00170 result = aixjfs2_get_nfs4_acl(fsp, &pacl, &retryPosix); 00171 if (retryPosix) 00172 { 00173 DEBUG(10, ("retrying with posix acl...\n")); 00174 return get_nt_acl(fsp, security_info, ppdesc); 00175 } 00176 if (result==False) 00177 return 0; 00178 00179 return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl); 00180 }
size_t aixjfs2_fget_nt_acl | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
int | fd, | |||
uint32 | security_info, | |||
SEC_DESC ** | ppdesc | |||
) |
vfs_aixacl2.c の 182 行で定義されています。
参照先 aixjfs2_get_nt_acl_common().
00185 { 00186 return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc); 00187 }
size_t aixjfs2_get_nt_acl | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
const char * | name, | |||
uint32 | security_info, | |||
SEC_DESC ** | ppdesc | |||
) |
vfs_aixacl2.c の 189 行で定義されています。
参照先 aixjfs2_get_nt_acl_common().
00192 { 00193 return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc); 00194 }
static SMB_ACL_T aixjfs2_get_posix_acl | ( | const char * | path, | |
acl_type_t | type | |||
) | [static] |
vfs_aixacl2.c の 196 行で定義されています。
参照先 aixacl_to_smbacl()・aixjfs2_acl_t::aixc_acl・aixjfs2_getacl_alloc()・errno・result・strerror().
参照元 aixjfs2_sys_acl_get_fd()・aixjfs2_sys_acl_get_file().
00197 { 00198 aixc_acl_t *pacl; 00199 AIXJFS2_ACL_T *acl; 00200 SMB_ACL_T result = NULL; 00201 int ret; 00202 00203 acl = aixjfs2_getacl_alloc(path, &type); 00204 00205 if (acl == NULL) { 00206 DEBUG(10, ("aixjfs2_getacl failed for %s with %s\n", 00207 path, strerror(errno))); 00208 if (errno == 0) { 00209 errno = EINVAL; 00210 } 00211 goto done; 00212 } 00213 00214 pacl = &acl->aixc_acl[0]; 00215 DEBUG(10, ("len: %d, mode: %d\n", 00216 pacl->acl_len, pacl->acl_mode)); 00217 00218 result = aixacl_to_smbacl(pacl); 00219 if (result == NULL) { 00220 goto done; 00221 } 00222 00223 done: 00224 if (errno != 0) { 00225 SAFE_FREE(result); 00226 } 00227 return result; 00228 }
SMB_ACL_T aixjfs2_sys_acl_get_file | ( | vfs_handle_struct * | handle, | |
const char * | path_p, | |||
SMB_ACL_TYPE_T | type | |||
) |
vfs_aixacl2.c の 230 行で定義されています。
参照先 aixjfs2_get_posix_acl()・smb_panic().
00233 { 00234 acl_type_t aixjfs2_type; 00235 00236 switch(type) { 00237 case SMB_ACL_TYPE_ACCESS: 00238 aixjfs2_type.u64 = ACL_AIXC; 00239 break; 00240 case SMB_ACL_TYPE_DEFAULT: 00241 DEBUG(0, ("Got AIX JFS2 unsupported type: %d\n", type)); 00242 return NULL; 00243 default: 00244 DEBUG(0, ("Got invalid type: %d\n", type)); 00245 smb_panic("exiting"); 00246 } 00247 00248 return aixjfs2_get_posix_acl(path_p, aixjfs2_type); 00249 }
SMB_ACL_T aixjfs2_sys_acl_get_fd | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
int | fd | |||
) |
vfs_aixacl2.c の 251 行で定義されています。
参照先 aixjfs2_get_posix_acl()・files_struct::fsp_name.
00254 { 00255 acl_type_t aixjfs2_type; 00256 aixjfs2_type.u64 = ACL_AIXC; 00257 00258 return aixjfs2_get_posix_acl(fsp->fsp_name, aixjfs2_type); 00259 }
static int aixjfs2_query_acl_support | ( | char * | filepath, | |
uint64_t | aclType, | |||
acl_type_t * | pacl_type_info | |||
) | [static] |
vfs_aixacl2.c の 264 行で定義されています。
参照先 errno・strerror().
参照元 aixjfs2_set_nt_acl_common()・aixjfs2_sys_acl_set_fd()・aixjfs2_sys_acl_set_file().
00269 { 00270 acl_types_list_t acl_type_list; 00271 size_t acl_type_list_len = sizeof(acl_types_list_t); 00272 uint32_t i; 00273 00274 memset(&acl_type_list, 0, sizeof(acl_type_list)); 00275 00276 if (aclx_gettypes(filepath, &acl_type_list, &acl_type_list_len)) { 00277 DEBUG(2, ("aclx_gettypes failed with error %s for %s\n", 00278 strerror(errno), filepath)); 00279 return -1; 00280 } 00281 00282 for(i=0; i<acl_type_list.num_entries; i++) { 00283 if (acl_type_list.entries[i].u64==aclType) { 00284 memcpy(pacl_type_info, acl_type_list.entries + i, sizeof(acl_type_t)); 00285 DEBUG(10, ("found %s ACL support for %s\n", 00286 pacl_type_info->acl_type, filepath)); 00287 return 0; 00288 } 00289 } 00290 00291 return 1; /* haven't found that ACL type. */ 00292 }
static BOOL aixjfs2_process_smbacl | ( | files_struct * | fsp, | |
SMB4ACL_T * | smbacl | |||
) | [static] |
vfs_aixacl2.c の 294 行で定義されています。
参照先 errno・files_struct::fsp_name・main_loop_talloc_get()・smb_first_ace4()・smb_get_ace4()・smb_get_naces()・smb_next_ace4()・strerror().
参照元 aixjfs2_set_nt_acl_common().
00295 { 00296 SMB4ACE_T *smbace; 00297 TALLOC_CTX *mem_ctx; 00298 nfs4_acl_int_t *jfs2acl; 00299 int32_t entryLen; 00300 uint32 aclLen, naces; 00301 int rc; 00302 acl_type_t acltype; 00303 00304 DEBUG(10, ("jfs2_process_smbacl invoked on %s\n", fsp->fsp_name)); 00305 00306 /* no need to be freed which is alloced with mem_ctx */ 00307 mem_ctx = main_loop_talloc_get(); 00308 00309 entryLen = sizeof(nfs4_ace_int_t); 00310 if (entryLen & 0x03) 00311 entryLen = entryLen + 4 - (entryLen%4); 00312 00313 naces = smb_get_naces(smbacl); 00314 aclLen = ACL_V4_SIZ + naces * entryLen; 00315 jfs2acl = (nfs4_acl_int_t *)TALLOC_SIZE(mem_ctx, aclLen); 00316 if (jfs2acl==NULL) { 00317 DEBUG(0, ("TALLOC_SIZE failed\n")); 00318 errno = ENOMEM; 00319 return False; 00320 } 00321 00322 jfs2acl->aclLength = ACL_V4_SIZ; 00323 jfs2acl->aclVersion = NFS4_ACL_INT_STRUCT_VERSION; 00324 jfs2acl->aclEntryN = 0; 00325 00326 for(smbace = smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) 00327 { 00328 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace); 00329 nfs4_ace_int_t *jfs2_ace = (nfs4_ace_int_t *)(((char *)jfs2acl) + jfs2acl->aclLength); 00330 00331 memset(jfs2_ace, 0, entryLen); 00332 jfs2_ace->entryLen = entryLen; /* won't store textual "who" */ 00333 jfs2_ace->aceType = aceprop->aceType; /* only ACCES|DENY supported by jfs2 */ 00334 jfs2_ace->aceFlags = aceprop->aceFlags; 00335 jfs2_ace->aceMask = aceprop->aceMask; 00336 jfs2_ace->flags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_ID_SPECIAL : 0; 00337 00338 /* don't care it's real content is only 16 or 32 bit */ 00339 jfs2_ace->aceWho.id = aceprop->who.id; 00340 00341 /* iterate to the next jfs2 ace */ 00342 jfs2acl->aclLength += jfs2_ace->entryLen; 00343 jfs2acl->aclEntryN++; 00344 } 00345 SMB_ASSERT(jfs2acl->aclEntryN==naces); 00346 00347 /* Don't query it (again) */ 00348 memset(&acltype, 0, sizeof(acl_type_t)); 00349 acltype.u64 = ACL_NFS4; 00350 00351 /* won't set S_ISUID - the only one JFS2/NFS4 accepts */ 00352 rc = aclx_put( 00353 fsp->fsp_name, 00354 SET_ACL, /* set only the ACL, not mode bits */ 00355 acltype, /* not a pointer !!! */ 00356 jfs2acl, 00357 jfs2acl->aclLength, 00358 0 /* don't set here mode bits */ 00359 ); 00360 if (rc) { 00361 DEBUG(8, ("aclx_put failed with %s\n", strerror(errno))); 00362 return False; 00363 } 00364 00365 DEBUG(10, ("jfs2_process_smbacl succeeded.\n")); 00366 return True; 00367 }
static BOOL aixjfs2_set_nt_acl_common | ( | files_struct * | fsp, | |
uint32 | security_info_sent, | |||
SEC_DESC * | psd | |||
) | [static] |
vfs_aixacl2.c の 369 行で定義されています。
参照先 aixjfs2_process_smbacl()・aixjfs2_query_acl_support()・files_struct::fsp_name・result・set_nt_acl()・smb_set_nt_acl_nfs4().
参照元 aixjfs2_fset_nt_acl()・aixjfs2_set_nt_acl().
00370 { 00371 acl_type_t acl_type_info; 00372 BOOL result = False; 00373 int rc; 00374 00375 rc = aixjfs2_query_acl_support( 00376 fsp->fsp_name, 00377 ACL_NFS4, 00378 &acl_type_info); 00379 00380 if (rc==0) 00381 { 00382 result = smb_set_nt_acl_nfs4( 00383 fsp, security_info_sent, psd, 00384 aixjfs2_process_smbacl); 00385 } else if (rc==1) { /* assume POSIX ACL - by default... */ 00386 result = set_nt_acl(fsp, security_info_sent, psd); 00387 } else 00388 result = False; /* query failed */ 00389 00390 return result; 00391 }
BOOL aixjfs2_fset_nt_acl | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
int | fd, | |||
uint32 | security_info_sent, | |||
SEC_DESC * | psd | |||
) |
vfs_aixacl2.c の 393 行で定義されています。
参照先 aixjfs2_set_nt_acl_common().
00394 { 00395 return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); 00396 }
BOOL aixjfs2_set_nt_acl | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
const char * | name, | |||
uint32 | security_info_sent, | |||
SEC_DESC * | psd | |||
) |
vfs_aixacl2.c の 398 行で定義されています。
参照先 aixjfs2_set_nt_acl_common().
00399 { 00400 return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); 00401 }
int aixjfs2_sys_acl_set_file | ( | vfs_handle_struct * | handle, | |
const char * | name, | |||
SMB_ACL_TYPE_T | type, | |||
SMB_ACL_T | theacl | |||
) |
vfs_aixacl2.c の 403 行で定義されています。
参照先 aixacl_smb_to_aixacl()・aixjfs2_query_acl_support()・errno・strerror().
00407 { 00408 struct acl *acl_aixc; 00409 acl_type_t acl_type_info; 00410 int rc; 00411 00412 DEBUG(10, ("aixjfs2_sys_acl_set_file invoked for %s", name)); 00413 00414 rc = aixjfs2_query_acl_support((char *)name, ACL_AIXC, &acl_type_info); 00415 if (rc) { 00416 DEBUG(8, ("jfs2_set_nt_acl: AIXC support not found\n")); 00417 return -1; 00418 } 00419 00420 acl_aixc = aixacl_smb_to_aixacl(type, theacl); 00421 if (!acl_aixc) 00422 return -1; 00423 00424 rc = aclx_put( 00425 (char *)name, 00426 SET_ACL, /* set only the ACL, not mode bits */ 00427 acl_type_info, 00428 acl_aixc, 00429 acl_aixc->acl_len, 00430 0 00431 ); 00432 if (rc) { 00433 DEBUG(2, ("aclx_put failed with %s for %s\n", 00434 strerror(errno), name)); 00435 return -1; 00436 } 00437 00438 return 0; 00439 }
int aixjfs2_sys_acl_set_fd | ( | vfs_handle_struct * | handle, | |
files_struct * | fsp, | |||
int | fd, | |||
SMB_ACL_T | theacl | |||
) |
vfs_aixacl2.c の 441 行で定義されています。
参照先 aixacl_smb_to_aixacl()・aixjfs2_query_acl_support()・errno・files_struct::fsp_name・strerror().
00444 { 00445 struct acl *acl_aixc; 00446 acl_type_t acl_type_info; 00447 int rc; 00448 00449 DEBUG(10, ("aixjfs2_sys_acl_set_fd invoked for %s", fsp->fsp_name)); 00450 00451 rc = aixjfs2_query_acl_support(fsp->fsp_name, ACL_AIXC, &acl_type_info); 00452 if (rc) { 00453 DEBUG(8, ("jfs2_set_nt_acl: AIXC support not found\n")); 00454 return -1; 00455 } 00456 00457 acl_aixc = aixacl_smb_to_aixacl(SMB_ACL_TYPE_ACCESS, theacl); 00458 if (!acl_aixc) 00459 return -1; 00460 00461 rc = aclx_fput( 00462 fd, 00463 SET_ACL, /* set only the ACL, not mode bits */ 00464 acl_type_info, 00465 acl_aixc, 00466 acl_aixc->acl_len, 00467 0 00468 ); 00469 if (rc) { 00470 DEBUG(2, ("aclx_fput failed with %s for %s\n", 00471 strerror(errno), fsp->fsp_name)); 00472 return -1; 00473 } 00474 00475 return 0; 00476 }
int aixjfs2_sys_acl_delete_def_file | ( | vfs_handle_struct * | handle, | |
const char * | path | |||
) |
vfs_aixacl2.c の 478 行で定義されています。
00480 { 00481 /* Not available under AIXC ACL */ 00482 /* Don't report here any error otherwise */ 00483 /* upper layer will break the normal execution */ 00484 return 0; 00485 }
NTSTATUS vfs_aixacl2_init | ( | void | ) |
vfs_aixacl2.c の 534 行で定義されています。
参照先 aixjfs2_ops・smb_register_vfs().
00535 { 00536 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, AIXACL2_MODULE_NAME, 00537 aixjfs2_ops); 00538 }
struct current_user current_user |
vfs_op_tuple aixjfs2_ops[] [static] |