modules/vfs_aixacl2.c

ソースコードを見る。

データ構造

union  aixjfs2_acl_t

型定義

typedef aixjfs2_acl_t AIXJFS2_ACL_T

関数

int try_chown (connection_struct *conn, const char *fname, uid_t uid, gid_t gid)
BOOL unpack_nt_owners (int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd)
SMB_ACL_T aixacl_to_smbacl (struct acl *file_acl)
acl * aixacl_smb_to_aixacl (SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
static int32_t aixacl2_getlen (AIXJFS2_ACL_T *acl, acl_type_t *type)
static AIXJFS2_ACL_Taixjfs2_getacl_alloc (const char *fname, acl_type_t *type)
static BOOL aixjfs2_get_nfs4_acl (files_struct *fsp, SMB4ACL_T **ppacl, BOOL *pretryPosix)
static size_t aixjfs2_get_nt_acl_common (files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc)
size_t aixjfs2_fget_nt_acl (vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info, SEC_DESC **ppdesc)
size_t aixjfs2_get_nt_acl (vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info, SEC_DESC **ppdesc)
static SMB_ACL_T aixjfs2_get_posix_acl (const char *path, acl_type_t type)
SMB_ACL_T aixjfs2_sys_acl_get_file (vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type)
SMB_ACL_T aixjfs2_sys_acl_get_fd (vfs_handle_struct *handle, files_struct *fsp, int fd)
static int aixjfs2_query_acl_support (char *filepath, uint64_t aclType, acl_type_t *pacl_type_info)
static BOOL aixjfs2_process_smbacl (files_struct *fsp, SMB4ACL_T *smbacl)
static BOOL aixjfs2_set_nt_acl_common (files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
BOOL aixjfs2_fset_nt_acl (vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd)
BOOL aixjfs2_set_nt_acl (vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd)
int aixjfs2_sys_acl_set_file (vfs_handle_struct *handle, const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T theacl)
int aixjfs2_sys_acl_set_fd (vfs_handle_struct *handle, files_struct *fsp, int fd, SMB_ACL_T theacl)
int aixjfs2_sys_acl_delete_def_file (vfs_handle_struct *handle, const char *path)
NTSTATUS vfs_aixacl2_init (void)

変数

current_user current_user
static vfs_op_tuple aixjfs2_ops []


型定義

typedef union aixjfs2_acl_t AIXJFS2_ACL_T


関数

int try_chown ( connection_struct conn,
const char *  fname,
uid_t  uid,
gid_t  gid 
)

posix_acls.c3056 行で定義されています。

参照先 become_root()close_file_fchmod()current_usererrnofd_handle::fdfiles_struct::fhcurrent_user::nt_user_tokenopen_file_fchmod()se_restorese_take_ownership_unix_token::uidunbecome_root()user_has_privileges()current_user::ut.

03057 {
03058         int ret;
03059         files_struct *fsp;
03060         SMB_STRUCT_STAT st;
03061 
03062         if(!CAN_WRITE(conn)) {
03063                 return -1;
03064         }
03065 
03066         /* Case (1). */
03067         /* try the direct way first */
03068         ret = SMB_VFS_CHOWN(conn, fname, uid, gid);
03069         if (ret == 0)
03070                 return 0;
03071 
03072         /* Case (2) / (3) */
03073         if (lp_enable_privileges()) {
03074 
03075                 BOOL has_take_ownership_priv = user_has_privileges(current_user.nt_user_token,
03076                                                               &se_take_ownership);
03077                 BOOL has_restore_priv = user_has_privileges(current_user.nt_user_token,
03078                                                        &se_restore);
03079 
03080                 /* Case (2) */
03081                 if ( ( has_take_ownership_priv && ( uid == current_user.ut.uid ) ) ||
03082                 /* Case (3) */
03083                      ( has_restore_priv ) ) {
03084 
03085                         become_root();
03086                         /* Keep the current file gid the same - take ownership doesn't imply group change. */
03087                         ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1);
03088                         unbecome_root();
03089                         return ret;
03090                 }
03091         }
03092 
03093         /* Case (4). */
03094         if (!lp_dos_filemode(SNUM(conn))) {
03095                 return -1;
03096         }
03097 
03098         /* only allow chown to the current user. This is more secure,
03099            and also copes with the case where the SID in a take ownership ACL is
03100            a local SID on the users workstation
03101         */
03102         if (uid != current_user.ut.uid) {
03103                 errno = EPERM;
03104                 return -1;
03105         }
03106 
03107         if (SMB_VFS_STAT(conn,fname,&st)) {
03108                 return -1;
03109         }
03110 
03111         if (!NT_STATUS_IS_OK(open_file_fchmod(conn,fname,&st,&fsp))) {
03112                 return -1;
03113         }
03114 
03115         become_root();
03116         /* Keep the current file gid the same. */
03117         ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, uid, (gid_t)-1);
03118         unbecome_root();
03119 
03120         close_file_fchmod(fsp);
03121 
03122         return ret;
03123 }

BOOL unpack_nt_owners ( int  snum,
uid_t *  puser,
gid_t *  pgrp,
uint32  security_info_sent,
SEC_DESC psd 
)

posix_acls.c929 行で定義されています。

参照先 current_user_unix_token::gidsecurity_descriptor_info::group_sidsecurity_descriptor_info::owner_sidsid_copy()sid_string_static()sid_to_gid()sid_to_uid()_unix_token::uidcurrent_user::ut.

00930 {
00931         DOM_SID owner_sid;
00932         DOM_SID grp_sid;
00933 
00934         *puser = (uid_t)-1;
00935         *pgrp = (gid_t)-1;
00936 
00937         if(security_info_sent == 0) {
00938                 DEBUG(0,("unpack_nt_owners: no security info sent !\n"));
00939                 return True;
00940         }
00941 
00942         /*
00943          * Validate the owner and group SID's.
00944          */
00945 
00946         memset(&owner_sid, '\0', sizeof(owner_sid));
00947         memset(&grp_sid, '\0', sizeof(grp_sid));
00948 
00949         DEBUG(5,("unpack_nt_owners: validating owner_sids.\n"));
00950 
00951         /*
00952          * Don't immediately fail if the owner sid cannot be validated.
00953          * This may be a group chown only set.
00954          */
00955 
00956         if (security_info_sent & OWNER_SECURITY_INFORMATION) {
00957                 sid_copy(&owner_sid, psd->owner_sid);
00958                 if (!sid_to_uid(&owner_sid, puser)) {
00959                         if (lp_force_unknown_acl_user(snum)) {
00960                                 /* this allows take ownership to work
00961                                  * reasonably */
00962                                 *puser = current_user.ut.uid;
00963                         } else {
00964                                 DEBUG(3,("unpack_nt_owners: unable to validate"
00965                                          " owner sid for %s\n",
00966                                          sid_string_static(&owner_sid)));
00967                                 return False;
00968                         }
00969                 }
00970         }
00971 
00972         /*
00973          * Don't immediately fail if the group sid cannot be validated.
00974          * This may be an owner chown only set.
00975          */
00976 
00977         if (security_info_sent & GROUP_SECURITY_INFORMATION) {
00978                 sid_copy(&grp_sid, psd->group_sid);
00979                 if (!sid_to_gid( &grp_sid, pgrp)) {
00980                         if (lp_force_unknown_acl_user(snum)) {
00981                                 /* this allows take group ownership to work
00982                                  * reasonably */
00983                                 *pgrp = current_user.ut.gid;
00984                         } else {
00985                                 DEBUG(3,("unpack_nt_owners: unable to validate"
00986                                          " group sid.\n"));
00987                                 return False;
00988                         }
00989                 }
00990         }
00991 
00992         DEBUG(5,("unpack_nt_owners: owner_sids validated.\n"));
00993 
00994         return True;
00995 }

SMB_ACL_T aixacl_to_smbacl ( struct acl *  file_acl  ) 

vfs_aixacl_util.c23 行で定義されています。

参照先 smb_acl_entry::a_permsmb_acl_entry::a_typeerrnosmb_acl_entry::gidresultSMB_ACL_GROUPSMB_ACL_GROUP_OBJSMB_ACL_OTHERSMB_ACL_USERSMB_ACL_USER_OBJsmb_acl_entry::uid.

00024 {
00025         struct acl_entry *acl_entry;
00026         struct ace_id *idp;
00027         
00028         struct smb_acl_t *result = SMB_MALLOC_P(struct smb_acl_t);
00029         struct smb_acl_entry *ace;
00030         int i;
00031         
00032         if (result == NULL) {
00033                 return NULL;
00034         }
00035         ZERO_STRUCTP(result);
00036         
00037         /* Point to the first acl entry in the acl */
00038         acl_entry =  file_acl->acl_ext;
00039 
00040 
00041         
00042         DEBUG(10,("acl_entry is %d\n",acl_entry));
00043         DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl)));
00044 
00045         /* Check if the extended acl bit is on.   *
00046          * If it isn't, do not show the           *
00047          * contents of the acl since AIX intends *
00048          * the extended info to remain unused     */
00049 
00050         if(file_acl->acl_mode & S_IXACL){
00051                 /* while we are not pointing to the very end */
00052                 while(acl_entry < acl_last(file_acl)) {
00053                         /* before we malloc anything, make sure this is  */
00054                         /* a valid acl entry and one that we want to map */
00055                         idp = id_nxt(acl_entry->ace_id);
00056                         if((acl_entry->ace_type == ACC_SPECIFY ||
00057                                 (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) {
00058                                         acl_entry = acl_nxt(acl_entry);
00059                                         continue;
00060                         }
00061 
00062                         idp = acl_entry->ace_id;
00063                         DEBUG(10,("idp->id_data is %d\n",idp->id_data[0]));
00064                         
00065                         result = SMB_REALLOC(result, sizeof(struct smb_acl_t) +
00066                                      (sizeof(struct smb_acl_entry) *
00067                                       (result->count+1)));
00068                         if (result == NULL) {
00069                                 DEBUG(0, ("SMB_REALLOC failed\n"));
00070                                 errno = ENOMEM;
00071                                 return NULL;
00072                         }
00073                         
00074 
00075                         DEBUG(10,("idp->id_type is %d\n",idp->id_type));
00076                         ace = &result->acl[result->count];
00077                         
00078                         ace->a_type = idp->id_type;
00079                                                         
00080                         switch(ace->a_type) {
00081                         case ACEID_USER: {
00082                         ace->uid = idp->id_data[0];
00083                         DEBUG(10,("case ACEID_USER ace->uid is %d\n",ace->uid));
00084                         ace->a_type = SMB_ACL_USER;
00085                         break;
00086                         }
00087                 
00088                         case ACEID_GROUP: {
00089                         ace->gid = idp->id_data[0];
00090                         DEBUG(10,("case ACEID_GROUP ace->gid is %d\n",ace->gid));
00091                         ace->a_type = SMB_ACL_GROUP;
00092                         break;
00093                         }
00094                         default:
00095                                 break;
00096                         }
00097                         /* The access in the acl entries must be left shifted by *
00098                          * three bites, because they will ultimately be compared *
00099                          * to S_IRUSR, S_IWUSR, and S_IXUSR.                  */
00100 
00101                         switch(acl_entry->ace_type){
00102                         case ACC_PERMIT:
00103                         case ACC_SPECIFY:
00104                                 ace->a_perm = acl_entry->ace_access;
00105                                 ace->a_perm <<= 6;
00106                                 DEBUG(10,("ace->a_perm is %d\n",ace->a_perm));
00107                                 break;
00108                         case ACC_DENY:
00109                                 /* Since there is no way to return a DENY acl entry *
00110                                  * change to PERMIT and then shift.                 */
00111                                 DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access));
00112                                 ace->a_perm = ~acl_entry->ace_access & 7;
00113                                 DEBUG(10,("ace->a_perm is %d\n",ace->a_perm));
00114                                 ace->a_perm <<= 6;
00115                                 break;
00116                         default:
00117                                 DEBUG(0, ("unknown ace->type\n"));
00118                                 SAFE_FREE(result);
00119                                 return(0);
00120                         }
00121                 
00122                         result->count++;
00123                         ace->a_perm |= (ace->a_perm & S_IRUSR) ? SMB_ACL_READ : 0;
00124                         ace->a_perm |= (ace->a_perm & S_IWUSR) ? SMB_ACL_WRITE : 0;
00125                         ace->a_perm |= (ace->a_perm & S_IXUSR) ? SMB_ACL_EXECUTE : 0;
00126                         DEBUG(10,("ace->a_perm is %d\n",ace->a_perm));
00127                         
00128                         DEBUG(10,("acl_entry = %d\n",acl_entry));
00129                         DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type));
00130  
00131                         acl_entry = acl_nxt(acl_entry);
00132                 }
00133         } /* end of if enabled */
00134 
00135         /* Since owner, group, other acl entries are not *
00136          * part of the acl entries in an acl, they must  *
00137          * be dummied up to become part of the list.     */
00138 
00139         for( i = 1; i < 4; i++) {
00140                 DEBUG(10,("i is %d\n",i));
00141 
00142                         result = SMB_REALLOC(result, sizeof(struct smb_acl_t) +
00143                                      (sizeof(struct smb_acl_entry) *
00144                                       (result->count+1)));
00145                         if (result == NULL) {
00146                                 DEBUG(0, ("SMB_REALLOC failed\n"));
00147                                 errno = ENOMEM;
00148                                 DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
00149                                 return NULL;
00150                         }
00151                         
00152                 ace = &result->acl[result->count];
00153                 
00154                 ace->uid = 0;
00155                 ace->gid = 0;
00156                 DEBUG(10,("ace->uid = %d\n",ace->uid));
00157                 
00158                 switch(i) {
00159                 case 2:
00160                         ace->a_perm = file_acl->g_access << 6;
00161                         ace->a_type = SMB_ACL_GROUP_OBJ;
00162                         break;
00163 
00164                 case 3:
00165                         ace->a_perm = file_acl->o_access << 6;
00166                         ace->a_type = SMB_ACL_OTHER;
00167                         break;
00168  
00169                 case 1:
00170                         ace->a_perm = file_acl->u_access << 6;
00171                         ace->a_type = SMB_ACL_USER_OBJ;
00172                         break;
00173  
00174                 default:
00175                         return(NULL);
00176 
00177                 }
00178                 ace->a_perm |= ((ace->a_perm & S_IRUSR) ? SMB_ACL_READ : 0);
00179                 ace->a_perm |= ((ace->a_perm & S_IWUSR) ? SMB_ACL_WRITE : 0);
00180                 ace->a_perm |= ((ace->a_perm & S_IXUSR) ? SMB_ACL_EXECUTE : 0);
00181                 
00182                 memcpy(&result->acl[result->count],ace,sizeof(struct smb_acl_entry));
00183                 result->count++;
00184                 DEBUG(10,("ace->a_perm = %d\n",ace->a_perm));
00185                 DEBUG(10,("ace->a_type = %d\n",ace->a_type));
00186         }
00187 
00188 
00189         return result;
00190 
00191 
00192 }

struct acl* aixacl_smb_to_aixacl ( SMB_ACL_TYPE_T  acltype,
SMB_ACL_T  theacl 
)

vfs_aixacl_util.c206 行で定義されています。

参照先 smb_acl_entry::a_permsmb_acl_entry::a_typesmb_acl_t::aclaixacl_smb_to_aixperm()smb_acl_t::counterrnosmb_acl_entry::gidSMB_ACL_GROUPSMB_ACL_GROUP_OBJSMB_ACL_MASKSMB_ACL_OTHERSMB_ACL_USERSMB_ACL_USER_OBJsmb_acl_entry::uid.

00207 {
00208         struct smb_acl_entry *smb_entry = NULL;
00209         struct acl *file_acl = NULL;
00210         struct acl *file_acl_temp = NULL;
00211         struct acl_entry *acl_entry = NULL;
00212         struct ace_id *ace_id = NULL;
00213         uint id_type;
00214         uint user_id;
00215         uint acl_length;
00216         int     i;
00217  
00218         DEBUG(10,("Entering aixacl_smb_to_aixacl\n"));
00219         /* AIX has no default ACL */
00220         if(acltype == SMB_ACL_TYPE_DEFAULT)
00221                 return NULL;
00222 
00223         acl_length = BUFSIZ;
00224         file_acl = (struct acl *)SMB_MALLOC(BUFSIZ);
00225         if(file_acl == NULL) {
00226                 errno = ENOMEM;
00227                 DEBUG(0,("Error in aixacl_smb_to_aixacl is %d\n",errno));
00228                 return NULL;
00229         }
00230 
00231         memset(file_acl,0,BUFSIZ);
00232  
00233         file_acl->acl_len = ACL_SIZ;
00234         file_acl->acl_mode = S_IXACL;
00235 
00236         for(i=0; i<theacl->count; i++ ) {
00237                 smb_entry = &(theacl->acl[i]);
00238                 id_type = smb_entry->a_type;
00239                 DEBUG(10,("The id_type is %d\n",id_type));
00240 
00241                 switch(id_type) {
00242                         case SMB_ACL_USER_OBJ:
00243                                 file_acl->u_access = aixacl_smb_to_aixperm(smb_entry->a_perm);
00244                                 continue;
00245                         case SMB_ACL_GROUP_OBJ:
00246                                 file_acl->g_access = aixacl_smb_to_aixperm(smb_entry->a_perm);
00247                                 continue;
00248                         case SMB_ACL_OTHER:
00249                                 file_acl->o_access = aixacl_smb_to_aixperm(smb_entry->a_perm);
00250                                 continue;
00251                         case SMB_ACL_MASK:
00252                                 continue;
00253                         case SMB_ACL_GROUP:
00254                                 break; /* process this */
00255                         case SMB_ACL_USER:
00256                                 break; /* process this */
00257                         default: /* abnormal case */
00258                                 DEBUG(10,("The id_type is unknown !\n"));
00259                                 continue;
00260                 }
00261 
00262                 if((file_acl->acl_len + sizeof(struct acl_entry)) > acl_length) {
00263                         acl_length += sizeof(struct acl_entry);
00264                         file_acl_temp = (struct acl *)SMB_MALLOC(acl_length);
00265                         if(file_acl_temp == NULL) {
00266                                 SAFE_FREE(file_acl);
00267                                 errno = ENOMEM;
00268                                 DEBUG(0,("Error in aixacl_smb_to_aixacl is %d\n",errno));
00269                                 return NULL;
00270                         }
00271 
00272                         memcpy(file_acl_temp,file_acl,file_acl->acl_len);
00273                         SAFE_FREE(file_acl);
00274                         file_acl = file_acl_temp;
00275                 }
00276 
00277                 acl_entry = (struct acl_entry *)((char *)file_acl + file_acl->acl_len);
00278                 file_acl->acl_len += sizeof(struct acl_entry);
00279                 acl_entry->ace_len = sizeof(struct acl_entry); /* contains 1 ace_id */
00280                 acl_entry->ace_access = aixacl_smb_to_aixperm(smb_entry->a_perm);
00281 
00282                 /* In order to use this, we'll need to wait until we can get denies */
00283                 /* if(!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT)
00284                 acl_entry->ace_type = ACC_SPECIFY; */
00285 
00286                 acl_entry->ace_type = ACC_SPECIFY;
00287 
00288                 ace_id = acl_entry->ace_id;
00289 
00290                 ace_id->id_type = (smb_entry->a_type==SMB_ACL_GROUP) ? ACEID_GROUP : ACEID_USER;
00291                 DEBUG(10,("The id type is %d\n",ace_id->id_type));
00292                 ace_id->id_len = sizeof(struct ace_id); /* contains 1 id_data */
00293                 ace_id->id_data[0] = (smb_entry->a_type==SMB_ACL_GROUP) ? smb_entry->gid : smb_entry->uid;
00294         }
00295 
00296         return file_acl;
00297 }

static int32_t aixacl2_getlen ( AIXJFS2_ACL_T acl,
acl_type_t *  type 
) [static]

vfs_aixacl2.c42 行で定義されています。

参照先 aixjfs2_acl_t::aixc_aclaixjfs2_acl_t::jfs2_acllen.

参照元 aixjfs2_getacl_alloc().

00043 {
00044         int32_t len;
00045  
00046                 if(type->u64 == ACL_NFS4) {
00047                         len = acl->jfs2_acl[0].aclLength;
00048                 }       
00049                 else {
00050                         if(type->u64 == ACL_AIXC) {
00051                                 len = acl->aixc_acl[0].acl_len;
00052                         } else {
00053                                 DEBUG(0,("aixacl2_getlen:unknown type:%d\n",type->u64));
00054                                 return False;
00055                         }       
00056                 }               
00057                 DEBUG(10,("aixacl2_getlen:%d\n",len));
00058         return len;
00059 }

static AIXJFS2_ACL_T* aixjfs2_getacl_alloc ( const char *  fname,
acl_type_t *  type 
) [static]

vfs_aixacl2.c61 行で定義されています。

参照先 aixacl2_getlen()errnolenmain_loop_talloc_get()modestrerror().

参照元 aixjfs2_get_nfs4_acl()aixjfs2_get_posix_acl().

00062 {
00063         AIXJFS2_ACL_T *acl;
00064         size_t len = 200;
00065         mode_t mode;
00066         int ret;
00067         uint64_t ctl_flag=0;
00068         TALLOC_CTX      *mem_ctx;
00069 
00070         mem_ctx = main_loop_talloc_get();
00071         acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len);
00072         if (acl == NULL) {
00073                 errno = ENOMEM;
00074                 return NULL;
00075         }
00076 
00077         if(type->u64 == ACL_ANY) {
00078                 ctl_flag = ctl_flag | GET_ACLINFO_ONLY;
00079         }
00080 
00081         ret = aclx_get((char *)fname, ctl_flag, type, acl, &len, &mode);
00082         if ((ret != 0) && (errno == ENOSPC)) {
00083                 len = aixacl2_getlen(acl, type) + sizeof(AIXJFS2_ACL_T);
00084                 DEBUG(10,("aixjfs2_getacl_alloc - acl_len:%d\n",len));
00085 
00086                 acl = (AIXJFS2_ACL_T *)TALLOC_SIZE(mem_ctx, len);
00087                 if (acl == NULL) {
00088                         errno = ENOMEM;
00089                         return NULL;
00090                 }
00091 
00092                 ret = aclx_get((char *)fname, ctl_flag, type, acl, &len, &mode);
00093         }
00094         if (ret != 0) {
00095                 DEBUG(8, ("aclx_get failed with %s\n", strerror(errno)));
00096                 return NULL;
00097         }
00098 
00099         return acl;
00100 }

static BOOL aixjfs2_get_nfs4_acl ( files_struct fsp,
SMB4ACL_T **  ppacl,
BOOL pretryPosix 
) [static]

vfs_aixacl2.c102 行で定義されています。

参照先 _SMB_ACE4PROP_T::aceFlags_SMB_ACE4PROP_T::aceMask_SMB_ACE4PROP_T::aceTypeaixjfs2_getacl_alloc()errno_SMB_ACE4PROP_T::flagsfiles_struct::fsp_name_SMB_NFS4_ACEWHOID_T::idaixjfs2_acl_t::jfs2_aclsmb_add_ace4()smb_create_smb4acl()strerror()type_SMB_ACE4PROP_T::who.

参照元 aixjfs2_get_nt_acl_common().

00104 {
00105         int32_t i;
00106         
00107         AIXJFS2_ACL_T *pacl = NULL;
00108         nfs4_acl_int_t *jfs2_acl = NULL;
00109         nfs4_ace_int_t *jfs2_ace = NULL;
00110         acl_type_t type;
00111 
00112         DEBUG(10,("jfs2 get_nt_acl invoked for %s\n", fsp->fsp_name));
00113 
00114         memset(&type, 0, sizeof(acl_type_t));
00115         type.u64 = ACL_NFS4;
00116 
00117         pacl = aixjfs2_getacl_alloc(fsp->fsp_name, &type);
00118         if (pacl == NULL) {
00119                 DEBUG(9, ("aixjfs2_getacl_alloc failed for %s with %s\n",
00120                                 fsp->fsp_name, strerror(errno)));
00121                 if (errno==ENOSYS)
00122                         *pretryPosix = True;
00123                 return False;
00124         }
00125 
00126         jfs2_acl = &pacl->jfs2_acl[0];
00127         DEBUG(10, ("len: %d, version: %d, nace: %d, type: 0x%x\n",
00128                         jfs2_acl->aclLength, jfs2_acl->aclVersion, jfs2_acl->aclEntryN, type.u64));
00129 
00130         *ppacl = smb_create_smb4acl();
00131         if (*ppacl==NULL)
00132                 return False;
00133 
00134         jfs2_ace = &jfs2_acl->aclEntry[0];
00135         for (i=0; i<jfs2_acl->aclEntryN; i++) {
00136                 SMB_ACE4PROP_T aceprop;
00137 
00138                 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
00139                                 "who: %d, aclLen: %d\n", jfs2_ace->aceType, jfs2_ace->flags,
00140                                 jfs2_ace->aceFlags, jfs2_ace->aceMask, jfs2_ace->aceWho.id, jfs2_ace->entryLen));
00141 
00142                 aceprop.aceType = jfs2_ace->aceType;
00143                 aceprop.aceFlags = jfs2_ace->aceFlags;
00144                 aceprop.aceMask = jfs2_ace->aceMask;
00145                 aceprop.flags = (jfs2_ace->flags&ACE4_ID_SPECIAL) ? SMB_ACE4_ID_SPECIAL : 0;
00146 
00147                 /* don't care it's real content is only 16 or 32 bit */
00148                 aceprop.who.id = jfs2_ace->aceWho.id;
00149 
00150                 if (smb_add_ace4(*ppacl, &aceprop)==NULL)
00151                         return False;
00152 
00153                 /* iterate to the next jfs2 ace */
00154                 jfs2_ace = (nfs4_ace_int_t *)(((char *)jfs2_ace) + jfs2_ace->entryLen);
00155         }
00156 
00157         DEBUG(10,("jfs2 get_nt_acl finished successfully\n"));
00158 
00159         return True;
00160 }

static size_t aixjfs2_get_nt_acl_common ( files_struct fsp,
uint32  security_info,
SEC_DESC **  ppdesc 
) [static]

vfs_aixacl2.c162 行で定義されています。

参照先 aixjfs2_get_nfs4_acl()get_nt_acl()resultsmb_get_nt_acl_nfs4().

参照元 aixjfs2_fget_nt_acl()aixjfs2_get_nt_acl().

00164 {
00165         SMB4ACL_T *pacl = NULL;
00166         BOOL    result;
00167         BOOL    retryPosix = False;
00168 
00169         *ppdesc = NULL;
00170         result = aixjfs2_get_nfs4_acl(fsp, &pacl, &retryPosix);
00171         if (retryPosix)
00172         {
00173                 DEBUG(10, ("retrying with posix acl...\n"));
00174                 return get_nt_acl(fsp, security_info, ppdesc);
00175         }
00176         if (result==False)
00177                 return 0;
00178 
00179         return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
00180 }

size_t aixjfs2_fget_nt_acl ( vfs_handle_struct handle,
files_struct fsp,
int  fd,
uint32  security_info,
SEC_DESC **  ppdesc 
)

vfs_aixacl2.c182 行で定義されています。

参照先 aixjfs2_get_nt_acl_common().

00185 {
00186         return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc);
00187 }

size_t aixjfs2_get_nt_acl ( vfs_handle_struct handle,
files_struct fsp,
const char *  name,
uint32  security_info,
SEC_DESC **  ppdesc 
)

vfs_aixacl2.c189 行で定義されています。

参照先 aixjfs2_get_nt_acl_common().

00192 {
00193         return aixjfs2_get_nt_acl_common(fsp, security_info, ppdesc);
00194 }

static SMB_ACL_T aixjfs2_get_posix_acl ( const char *  path,
acl_type_t  type 
) [static]

vfs_aixacl2.c196 行で定義されています。

参照先 aixacl_to_smbacl()aixjfs2_acl_t::aixc_aclaixjfs2_getacl_alloc()errnoresultstrerror().

参照元 aixjfs2_sys_acl_get_fd()aixjfs2_sys_acl_get_file().

00197 {
00198         aixc_acl_t *pacl;
00199         AIXJFS2_ACL_T *acl;
00200         SMB_ACL_T result = NULL;
00201         int ret;
00202 
00203         acl = aixjfs2_getacl_alloc(path, &type);
00204 
00205         if (acl == NULL) {
00206                 DEBUG(10, ("aixjfs2_getacl failed for %s with %s\n",
00207                            path, strerror(errno)));
00208                 if (errno == 0) {
00209                         errno = EINVAL;
00210                 }
00211                 goto done;
00212         }
00213 
00214         pacl = &acl->aixc_acl[0];
00215         DEBUG(10, ("len: %d, mode: %d\n",
00216                    pacl->acl_len, pacl->acl_mode));
00217 
00218         result = aixacl_to_smbacl(pacl);
00219         if (result == NULL) {
00220                 goto done;
00221         }
00222 
00223  done:
00224         if (errno != 0) {
00225                 SAFE_FREE(result);
00226         }
00227         return result;
00228 }

SMB_ACL_T aixjfs2_sys_acl_get_file ( vfs_handle_struct handle,
const char *  path_p,
SMB_ACL_TYPE_T  type 
)

vfs_aixacl2.c230 行で定義されています。

参照先 aixjfs2_get_posix_acl()smb_panic().

00233 {
00234         acl_type_t aixjfs2_type;
00235 
00236         switch(type) {
00237         case SMB_ACL_TYPE_ACCESS:
00238                 aixjfs2_type.u64 = ACL_AIXC;
00239                 break;
00240         case SMB_ACL_TYPE_DEFAULT:
00241                 DEBUG(0, ("Got AIX JFS2 unsupported type: %d\n", type));
00242                 return NULL;
00243         default:
00244                 DEBUG(0, ("Got invalid type: %d\n", type));
00245                 smb_panic("exiting");
00246         }
00247 
00248         return aixjfs2_get_posix_acl(path_p, aixjfs2_type);
00249 }

SMB_ACL_T aixjfs2_sys_acl_get_fd ( vfs_handle_struct handle,
files_struct fsp,
int  fd 
)

vfs_aixacl2.c251 行で定義されています。

参照先 aixjfs2_get_posix_acl()files_struct::fsp_name.

00254 {
00255         acl_type_t aixjfs2_type;
00256         aixjfs2_type.u64 = ACL_AIXC;
00257 
00258         return aixjfs2_get_posix_acl(fsp->fsp_name, aixjfs2_type);
00259 }

static int aixjfs2_query_acl_support ( char *  filepath,
uint64_t  aclType,
acl_type_t *  pacl_type_info 
) [static]

vfs_aixacl2.c264 行で定義されています。

参照先 errnostrerror().

参照元 aixjfs2_set_nt_acl_common()aixjfs2_sys_acl_set_fd()aixjfs2_sys_acl_set_file().

00269 {
00270         acl_types_list_t        acl_type_list;
00271         size_t  acl_type_list_len = sizeof(acl_types_list_t);
00272         uint32_t        i;
00273 
00274         memset(&acl_type_list, 0, sizeof(acl_type_list));
00275 
00276         if (aclx_gettypes(filepath, &acl_type_list, &acl_type_list_len)) {
00277                 DEBUG(2, ("aclx_gettypes failed with error %s for %s\n",
00278                         strerror(errno), filepath));
00279                 return -1;
00280         }
00281 
00282         for(i=0; i<acl_type_list.num_entries; i++) {
00283                 if (acl_type_list.entries[i].u64==aclType) {
00284                         memcpy(pacl_type_info, acl_type_list.entries + i, sizeof(acl_type_t));
00285                         DEBUG(10, ("found %s ACL support for %s\n",
00286                                 pacl_type_info->acl_type, filepath));
00287                         return 0;
00288                 }
00289         }
00290 
00291         return 1; /* haven't found that ACL type. */
00292 }

static BOOL aixjfs2_process_smbacl ( files_struct fsp,
SMB4ACL_T smbacl 
) [static]

vfs_aixacl2.c294 行で定義されています。

参照先 errnofiles_struct::fsp_namemain_loop_talloc_get()smb_first_ace4()smb_get_ace4()smb_get_naces()smb_next_ace4()strerror().

参照元 aixjfs2_set_nt_acl_common().

00295 {
00296         SMB4ACE_T       *smbace;
00297         TALLOC_CTX      *mem_ctx;
00298         nfs4_acl_int_t  *jfs2acl;
00299         int32_t entryLen;
00300         uint32  aclLen, naces;
00301         int     rc;
00302         acl_type_t      acltype;
00303 
00304         DEBUG(10, ("jfs2_process_smbacl invoked on %s\n", fsp->fsp_name));
00305 
00306         /* no need to be freed which is alloced with mem_ctx */
00307         mem_ctx = main_loop_talloc_get();
00308 
00309         entryLen = sizeof(nfs4_ace_int_t);
00310         if (entryLen & 0x03)
00311                 entryLen = entryLen + 4 - (entryLen%4);
00312 
00313         naces = smb_get_naces(smbacl);
00314         aclLen = ACL_V4_SIZ + naces * entryLen;
00315         jfs2acl = (nfs4_acl_int_t *)TALLOC_SIZE(mem_ctx, aclLen);
00316         if (jfs2acl==NULL) {
00317                 DEBUG(0, ("TALLOC_SIZE failed\n"));
00318                 errno = ENOMEM;
00319                 return False;
00320         }
00321 
00322         jfs2acl->aclLength = ACL_V4_SIZ;
00323         jfs2acl->aclVersion = NFS4_ACL_INT_STRUCT_VERSION;
00324         jfs2acl->aclEntryN = 0;
00325 
00326         for(smbace = smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace))
00327         {
00328                 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
00329                 nfs4_ace_int_t *jfs2_ace = (nfs4_ace_int_t *)(((char *)jfs2acl) + jfs2acl->aclLength);
00330 
00331                 memset(jfs2_ace, 0, entryLen);
00332                 jfs2_ace->entryLen = entryLen; /* won't store textual "who" */
00333                 jfs2_ace->aceType = aceprop->aceType; /* only ACCES|DENY supported by jfs2 */
00334                 jfs2_ace->aceFlags = aceprop->aceFlags;
00335                 jfs2_ace->aceMask = aceprop->aceMask;
00336                 jfs2_ace->flags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_ID_SPECIAL : 0;
00337 
00338                 /* don't care it's real content is only 16 or 32 bit */
00339                 jfs2_ace->aceWho.id = aceprop->who.id;
00340 
00341                 /* iterate to the next jfs2 ace */
00342                 jfs2acl->aclLength += jfs2_ace->entryLen;
00343                 jfs2acl->aclEntryN++;
00344         }
00345         SMB_ASSERT(jfs2acl->aclEntryN==naces);
00346 
00347         /* Don't query it (again) */
00348         memset(&acltype, 0, sizeof(acl_type_t));
00349         acltype.u64 = ACL_NFS4;
00350 
00351         /* won't set S_ISUID - the only one JFS2/NFS4 accepts */
00352         rc = aclx_put(
00353                 fsp->fsp_name,
00354                 SET_ACL, /* set only the ACL, not mode bits */
00355                 acltype, /* not a pointer !!! */
00356                 jfs2acl,
00357                 jfs2acl->aclLength,
00358                 0 /* don't set here mode bits */
00359         );
00360         if (rc) {
00361                 DEBUG(8, ("aclx_put failed with %s\n", strerror(errno)));
00362                 return False;
00363         }
00364 
00365         DEBUG(10, ("jfs2_process_smbacl succeeded.\n"));
00366         return True;
00367 }

static BOOL aixjfs2_set_nt_acl_common ( files_struct fsp,
uint32  security_info_sent,
SEC_DESC psd 
) [static]

vfs_aixacl2.c369 行で定義されています。

参照先 aixjfs2_process_smbacl()aixjfs2_query_acl_support()files_struct::fsp_nameresultset_nt_acl()smb_set_nt_acl_nfs4().

参照元 aixjfs2_fset_nt_acl()aixjfs2_set_nt_acl().

00370 {
00371         acl_type_t      acl_type_info;
00372         BOOL    result = False;
00373         int     rc;
00374 
00375         rc = aixjfs2_query_acl_support(
00376                 fsp->fsp_name,
00377                 ACL_NFS4,
00378                 &acl_type_info);
00379 
00380         if (rc==0)
00381         {
00382                 result = smb_set_nt_acl_nfs4(
00383                         fsp, security_info_sent, psd,
00384                         aixjfs2_process_smbacl);
00385         } else if (rc==1) { /* assume POSIX ACL - by default... */
00386                 result = set_nt_acl(fsp, security_info_sent, psd);
00387         } else
00388                 result = False; /* query failed */
00389         
00390         return result;
00391 }

BOOL aixjfs2_fset_nt_acl ( vfs_handle_struct handle,
files_struct fsp,
int  fd,
uint32  security_info_sent,
SEC_DESC psd 
)

vfs_aixacl2.c393 行で定義されています。

参照先 aixjfs2_set_nt_acl_common().

00394 {
00395         return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
00396 }

BOOL aixjfs2_set_nt_acl ( vfs_handle_struct handle,
files_struct fsp,
const char *  name,
uint32  security_info_sent,
SEC_DESC psd 
)

vfs_aixacl2.c398 行で定義されています。

参照先 aixjfs2_set_nt_acl_common().

00399 {
00400         return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd);
00401 }

int aixjfs2_sys_acl_set_file ( vfs_handle_struct handle,
const char *  name,
SMB_ACL_TYPE_T  type,
SMB_ACL_T  theacl 
)

vfs_aixacl2.c403 行で定義されています。

参照先 aixacl_smb_to_aixacl()aixjfs2_query_acl_support()errnostrerror().

00407 {
00408         struct acl      *acl_aixc;
00409         acl_type_t      acl_type_info;
00410         int     rc;
00411 
00412         DEBUG(10, ("aixjfs2_sys_acl_set_file invoked for %s", name));
00413 
00414         rc = aixjfs2_query_acl_support((char *)name, ACL_AIXC, &acl_type_info);
00415         if (rc) {
00416                 DEBUG(8, ("jfs2_set_nt_acl: AIXC support not found\n"));
00417                 return -1;
00418         }
00419 
00420         acl_aixc = aixacl_smb_to_aixacl(type, theacl);
00421         if (!acl_aixc)
00422                 return -1;
00423 
00424         rc = aclx_put(
00425                 (char *)name,
00426                 SET_ACL, /* set only the ACL, not mode bits */
00427                 acl_type_info,
00428                 acl_aixc,
00429                 acl_aixc->acl_len,
00430                 0
00431         );
00432         if (rc) {
00433                 DEBUG(2, ("aclx_put failed with %s for %s\n",
00434                         strerror(errno), name));
00435                 return -1;
00436         }
00437 
00438         return 0;
00439 }

int aixjfs2_sys_acl_set_fd ( vfs_handle_struct handle,
files_struct fsp,
int  fd,
SMB_ACL_T  theacl 
)

vfs_aixacl2.c441 行で定義されています。

参照先 aixacl_smb_to_aixacl()aixjfs2_query_acl_support()errnofiles_struct::fsp_namestrerror().

00444 {
00445         struct acl      *acl_aixc;
00446         acl_type_t      acl_type_info;
00447         int     rc;
00448 
00449         DEBUG(10, ("aixjfs2_sys_acl_set_fd invoked for %s", fsp->fsp_name));
00450 
00451         rc = aixjfs2_query_acl_support(fsp->fsp_name, ACL_AIXC, &acl_type_info);
00452         if (rc) {
00453                 DEBUG(8, ("jfs2_set_nt_acl: AIXC support not found\n"));
00454                 return -1;
00455         }
00456 
00457         acl_aixc = aixacl_smb_to_aixacl(SMB_ACL_TYPE_ACCESS, theacl);
00458         if (!acl_aixc)
00459                 return -1;
00460 
00461         rc = aclx_fput(
00462                 fd,
00463                 SET_ACL, /* set only the ACL, not mode bits */
00464                 acl_type_info,
00465                 acl_aixc,
00466                 acl_aixc->acl_len,
00467                 0
00468         );
00469         if (rc) {
00470                 DEBUG(2, ("aclx_fput failed with %s for %s\n",
00471                         strerror(errno), fsp->fsp_name));
00472                 return -1;
00473         }
00474 
00475         return 0;
00476 }

int aixjfs2_sys_acl_delete_def_file ( vfs_handle_struct handle,
const char *  path 
)

vfs_aixacl2.c478 行で定義されています。

00480 {
00481         /* Not available under AIXC ACL */
00482         /* Don't report here any error otherwise */
00483         /* upper layer will break the normal execution */
00484         return 0;
00485 }

NTSTATUS vfs_aixacl2_init ( void   ) 

vfs_aixacl2.c534 行で定義されています。

参照先 aixjfs2_opssmb_register_vfs().

00535 {
00536         return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, AIXACL2_MODULE_NAME,
00537                                 aixjfs2_ops);
00538 }


変数

struct current_user current_user

smbrun.c24 行で定義されています。

vfs_op_tuple aixjfs2_ops[] [static]

vfs_aixacl2.c490 行で定義されています。

参照元 vfs_aixacl2_init().


Sambaに対してSat Aug 29 21:23:51 2009に生成されました。  doxygen 1.4.7