Context Navigation

source: branches/samba-3.3.x/source/modules/vfs_acl_xattr.c

Visit:

Last change on this file was 222, checked in by Herwig Bauernfeind, 16 years ago
Update Samba 3.3 branch to 3.3.2
File size: 19.3 KB

Line
1	/*
2	* Store Windows ACLs in xattrs.
3	*
4	* Copyright (C) Volker Lendecke, 2008
5	* Copyright (C) Jeremy Allison, 2008
6	*
7	* This program is free software; you can redistribute it and/or modify
8	* it under the terms of the GNU General Public License as published by
9	* the Free Software Foundation; either version 3 of the License, or
10	* (at your option) any later version.
11	*
12	* This program is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	* GNU General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with this program; if not, see <http://www.gnu.org/licenses/>.
19	*/
20
21	/* NOTE: This is an experimental module, not yet finished. JRA. */
22
23	#include "includes.h"
24	#include "librpc/gen_ndr/xattr.h"
25	#include "librpc/gen_ndr/ndr_xattr.h"
26
27	#undef DBGC_CLASS
28	#define DBGC_CLASS DBGC_VFS
29
30	/*******************************************************************
31	Parse out a struct security_descriptor from a DATA_BLOB.
32	*******************************************************************/
33
34	static NTSTATUS parse_acl_blob(const DATA_BLOB *pblob,
35	uint32 security_info,
36	struct security_descriptor **ppdesc)
37	{
38	TALLOC_CTX *ctx = talloc_tos();
39	struct xattr_NTACL xacl;
40	enum ndr_err_code ndr_err;
41	size_t sd_size;
42
43	ndr_err = ndr_pull_struct_blob(pblob, ctx, &xacl,
44	(ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL);
45
46	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
47	DEBUG(5, ("parse_acl_blob: ndr_pull_xattr_NTACL failed: %s\n",
48	ndr_errstr(ndr_err)));
49	return ndr_map_error2ntstatus(ndr_err);;
50	}
51
52	if (xacl.version != 2) {
53	return NT_STATUS_REVISION_MISMATCH;
54	}
55
56	*ppdesc = make_sec_desc(ctx, SEC_DESC_REVISION, xacl.info.sd_hs->sd->type \| SEC_DESC_SELF_RELATIVE,
57	(security_info & OWNER_SECURITY_INFORMATION)
58	? xacl.info.sd_hs->sd->owner_sid : NULL,
59	(security_info & GROUP_SECURITY_INFORMATION)
60	? xacl.info.sd_hs->sd->group_sid : NULL,
61	(security_info & SACL_SECURITY_INFORMATION)
62	? xacl.info.sd_hs->sd->sacl : NULL,
63	(security_info & DACL_SECURITY_INFORMATION)
64	? xacl.info.sd_hs->sd->dacl : NULL,
65	&sd_size);
66
67	TALLOC_FREE(xacl.info.sd);
68
69	return (*ppdesc != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
70	}
71
72	/*******************************************************************
73	Pull a security descriptor into a DATA_BLOB from a xattr.
74	*******************************************************************/
75
76	static NTSTATUS get_acl_blob(TALLOC_CTX *ctx,
77	vfs_handle_struct *handle,
78	files_struct *fsp,
79	const char *name,
80	DATA_BLOB *pblob)
81	{
82	size_t size = 1024;
83	uint8_t *val = NULL;
84	uint8_t *tmp;
85	ssize_t sizeret;
86	int saved_errno = 0;
87
88	ZERO_STRUCTP(pblob);
89
90	again:
91
92	tmp = TALLOC_REALLOC_ARRAY(ctx, val, uint8_t, size);
93	if (tmp == NULL) {
94	TALLOC_FREE(val);
95	return NT_STATUS_NO_MEMORY;
96	}
97	val = tmp;
98
99	become_root();
100	if (fsp && fsp->fh->fd != -1) {
101	sizeret = SMB_VFS_FGETXATTR(fsp, XATTR_NTACL_NAME, val, size);
102	} else {
103	sizeret = SMB_VFS_GETXATTR(handle->conn, name,
104	XATTR_NTACL_NAME, val, size);
105	}
106	if (sizeret == -1) {
107	saved_errno = errno;
108	}
109	unbecome_root();
110
111	/* Max ACL size is 65536 bytes. */
112	if (sizeret == -1) {
113	errno = saved_errno;
114	if ((errno == ERANGE) && (size != 65536)) {
115	/* Too small, try again. */
116	size = 65536;
117	goto again;
118	}
119
120	/* Real error - exit here. */
121	TALLOC_FREE(val);
122	return map_nt_error_from_unix(errno);
123	}
124
125	pblob->data = val;
126	pblob->length = sizeret;
127	return NT_STATUS_OK;
128	}
129
130	/*******************************************************************
131	Create a DATA_BLOB from a security descriptor.
132	*******************************************************************/
133
134	static NTSTATUS create_acl_blob(const struct security_descriptor psd, DATA_BLOB pblob)
135	{
136	struct xattr_NTACL xacl;
137	struct security_descriptor_hash sd_hs;
138	enum ndr_err_code ndr_err;
139	TALLOC_CTX *ctx = talloc_tos();
140
141	ZERO_STRUCT(xacl);
142	ZERO_STRUCT(sd_hs);
143
144	xacl.version = 2;
145	xacl.info.sd_hs = &sd_hs;
146	xacl.info.sd_hs->sd = CONST_DISCARD(struct security_descriptor *, psd);
147	memset(&xacl.info.sd_hs->hash[0], '\0', 16);
148
149	ndr_err = ndr_push_struct_blob(
150	pblob, ctx, &xacl,
151	(ndr_push_flags_fn_t)ndr_push_xattr_NTACL);
152
153	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
154	DEBUG(5, ("create_acl_blob: ndr_push_xattr_NTACL failed: %s\n",
155	ndr_errstr(ndr_err)));
156	return ndr_map_error2ntstatus(ndr_err);;
157	}
158
159	return NT_STATUS_OK;
160	}
161
162	/*******************************************************************
163	Store a DATA_BLOB into an xattr given an fsp pointer.
164	*******************************************************************/
165
166	static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
167	files_struct *fsp,
168	DATA_BLOB *pblob)
169	{
170	int ret;
171	int saved_errno = 0;
172
173	DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n",
174	(unsigned int)pblob->length, fsp->fsp_name));
175
176	become_root();
177	if (fsp->fh->fd != -1) {
178	ret = SMB_VFS_FSETXATTR(fsp, XATTR_NTACL_NAME,
179	pblob->data, pblob->length, 0);
180	} else {
181	ret = SMB_VFS_SETXATTR(fsp->conn, fsp->fsp_name,
182	XATTR_NTACL_NAME,
183	pblob->data, pblob->length, 0);
184	}
185	if (ret) {
186	saved_errno = errno;
187	}
188	unbecome_root();
189	if (ret) {
190	errno = saved_errno;
191	DEBUG(5, ("store_acl_blob_fsp: setting attr failed for file %s"
192	"with error %s\n",
193	fsp->fsp_name,
194	strerror(errno) ));
195	return map_nt_error_from_unix(errno);
196	}
197	return NT_STATUS_OK;
198	}
199
200	/*******************************************************************
201	Store a DATA_BLOB into an xattr given a pathname.
202	*******************************************************************/
203
204	static NTSTATUS store_acl_blob_pathname(vfs_handle_struct *handle,
205	const char *fname,
206	DATA_BLOB *pblob)
207	{
208	connection_struct *conn = handle->conn;
209	int ret;
210	int saved_errno = 0;
211
212	DEBUG(10,("store_acl_blob_pathname: storing blob "
213	"length %u on file %s\n",
214	(unsigned int)pblob->length, fname));
215
216	become_root();
217	ret = SMB_VFS_SETXATTR(conn, fname,
218	XATTR_NTACL_NAME,
219	pblob->data, pblob->length, 0);
220	if (ret) {
221	saved_errno = errno;
222	}
223	unbecome_root();
224	if (ret) {
225	errno = saved_errno;
226	DEBUG(5, ("store_acl_blob_pathname: setting attr failed "
227	"for file %s with error %s\n",
228	fname,
229	strerror(errno) ));
230	return map_nt_error_from_unix(errno);
231	}
232	return NT_STATUS_OK;
233	}
234
235	/*******************************************************************
236	Store a DATA_BLOB into an xattr given a pathname.
237	*******************************************************************/
238
239	static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle,
240	files_struct *fsp,
241	const char *name,
242	uint32 security_info,
243	struct security_descriptor **ppdesc)
244	{
245	TALLOC_CTX *ctx = talloc_tos();
246	DATA_BLOB blob;
247	NTSTATUS status;
248
249	if (fsp && name == NULL) {
250	name = fsp->fsp_name;
251	}
252
253	DEBUG(10, ("get_nt_acl_xattr_internal: name=%s\n", name));
254
255	status = get_acl_blob(ctx, handle, fsp, name, &blob);
256	if (!NT_STATUS_IS_OK(status)) {
257	DEBUG(10, ("get_acl_blob returned %s\n", nt_errstr(status)));
258	return status;
259	}
260
261	status = parse_acl_blob(&blob, security_info, ppdesc);
262	if (!NT_STATUS_IS_OK(status)) {
263	DEBUG(10, ("parse_acl_blob returned %s\n",
264	nt_errstr(status)));
265	return status;
266	}
267
268	TALLOC_FREE(blob.data);
269	return status;
270	}
271
272	/*********************************************************************
273	Create a default security descriptor for a file in case no inheritance
274	exists. All permissions to the owner and SYSTEM.
275	*********************************************************************/
276
277	static struct security_descriptor default_file_sd(TALLOC_CTX mem_ctx,
278	SMB_STRUCT_STAT *psbuf)
279	{
280	struct dom_sid owner_sid, group_sid;
281	size_t sd_size;
282	struct security_ace *pace = NULL;
283	struct security_acl *pacl = NULL;
284
285	uid_to_sid(&owner_sid, psbuf->st_uid);
286	gid_to_sid(&group_sid, psbuf->st_gid);
287
288	pace = TALLOC_ARRAY(mem_ctx, struct security_ace, 2);
289	if (!pace) {
290	return NULL;
291	}
292
293	init_sec_ace(&pace[0], &owner_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
294	SEC_RIGHTS_FILE_ALL, 0);
295	init_sec_ace(&pace[1], &global_sid_System, SEC_ACE_TYPE_ACCESS_ALLOWED,
296	SEC_RIGHTS_FILE_ALL, 0);
297
298	pacl = make_sec_acl(mem_ctx,
299	NT4_ACL_REVISION,
300	2,
301	pace);
302	if (!pacl) {
303	return NULL;
304	}
305	return make_sec_desc(mem_ctx,
306	SECURITY_DESCRIPTOR_REVISION_1,
307	SEC_DESC_SELF_RELATIVE\|SEC_DESC_DACL_PRESENT,
308	&owner_sid,
309	&group_sid,
310	NULL,
311	pacl,
312	&sd_size);
313	}
314
315	/*********************************************************************
316	*********************************************************************/
317
318	static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
319	const char *fname,
320	files_struct *fsp,
321	bool container)
322	{
323	TALLOC_CTX *ctx = talloc_tos();
324	NTSTATUS status;
325	struct security_descriptor *parent_desc = NULL;
326	struct security_descriptor *psd = NULL;
327	DATA_BLOB blob;
328	size_t size;
329	char *parent_name;
330
331	if (!parent_dirname_talloc(ctx,
332	fname,
333	&parent_name,
334	NULL)) {
335	return NT_STATUS_NO_MEMORY;
336	}
337
338	DEBUG(10,("inherit_new_acl: check directory %s\n",
339	parent_name));
340
341	status = get_nt_acl_xattr_internal(handle,
342	NULL,
343	parent_name,
344	(OWNER_SECURITY_INFORMATION \|
345	GROUP_SECURITY_INFORMATION \|
346	DACL_SECURITY_INFORMATION),
347	&parent_desc);
348	if (NT_STATUS_IS_OK(status)) {
349	/* Create an inherited descriptor from the parent. */
350
351	if (DEBUGLEVEL >= 10) {
352	DEBUG(10,("inherit_new_acl: parent acl is:\n"));
353	NDR_PRINT_DEBUG(security_descriptor, parent_desc);
354	}
355
356	status = se_create_child_secdesc(ctx,
357	&psd,
358	&size,
359	parent_desc,
360	&handle->conn->server_info->ptok->user_sids[PRIMARY_USER_SID_INDEX],
361	&handle->conn->server_info->ptok->user_sids[PRIMARY_GROUP_SID_INDEX],
362	container);
363	if (!NT_STATUS_IS_OK(status)) {
364	return status;
365	}
366
367	if (DEBUGLEVEL >= 10) {
368	DEBUG(10,("inherit_new_acl: child acl is:\n"));
369	NDR_PRINT_DEBUG(security_descriptor, psd);
370	}
371
372	} else {
373	DEBUG(10,("inherit_new_acl: directory %s failed "
374	"to get acl %s\n",
375	parent_name,
376	nt_errstr(status) ));
377	}
378
379	if (!psd \|\| psd->dacl == NULL) {
380	SMB_STRUCT_STAT sbuf;
381	int ret;
382
383	TALLOC_FREE(psd);
384	if (fsp && !fsp->is_directory && fsp->fh->fd != -1) {
385	ret = SMB_VFS_FSTAT(fsp, &sbuf);
386	} else {
387	if (fsp && fsp->posix_open) {
388	ret = SMB_VFS_LSTAT(handle->conn,fname, &sbuf);
389	} else {
390	ret = SMB_VFS_STAT(handle->conn,fname, &sbuf);
391	}
392	}
393	if (ret == -1) {
394	return map_nt_error_from_unix(errno);
395	}
396	psd = default_file_sd(ctx, &sbuf);
397	if (!psd) {
398	return NT_STATUS_NO_MEMORY;
399	}
400
401	if (DEBUGLEVEL >= 10) {
402	DEBUG(10,("inherit_new_acl: default acl is:\n"));
403	NDR_PRINT_DEBUG(security_descriptor, psd);
404	}
405	}
406
407	status = create_acl_blob(psd, &blob);
408	if (!NT_STATUS_IS_OK(status)) {
409	return status;
410	}
411	if (fsp) {
412	return store_acl_blob_fsp(handle, fsp, &blob);
413	} else {
414	return store_acl_blob_pathname(handle, fname, &blob);
415	}
416	}
417
418	/*********************************************************************
419	Check ACL on open. For new files inherit from parent directory.
420	*********************************************************************/
421
422	static int open_acl_xattr(vfs_handle_struct *handle,
423	const char *fname,
424	files_struct *fsp,
425	int flags,
426	mode_t mode)
427	{
428	uint32_t access_granted = 0;
429	struct security_descriptor *pdesc = NULL;
430	bool file_existed = true;
431	NTSTATUS status = get_nt_acl_xattr_internal(handle,
432	NULL,
433	fname,
434	(OWNER_SECURITY_INFORMATION \|
435	GROUP_SECURITY_INFORMATION \|
436	DACL_SECURITY_INFORMATION),
437	&pdesc);
438	if (NT_STATUS_IS_OK(status)) {
439	/* See if we can access it. */
440	status = smb1_file_se_access_check(pdesc,
441	handle->conn->server_info->ptok,
442	fsp->access_mask,
443	&access_granted);
444	if (!NT_STATUS_IS_OK(status)) {
445	DEBUG(10,("open_acl_xattr: file %s open "
446	"refused with error %s\n",
447	fname,
448	nt_errstr(status) ));
449	errno = map_errno_from_nt_status(status);
450	return -1;
451	}
452	} else if (NT_STATUS_EQUAL(status,NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
453	file_existed = false;
454	}
455
456	DEBUG(10,("open_acl_xattr: get_nt_acl_attr_internal for "
457	"file %s returned %s\n",
458	fname,
459	nt_errstr(status) ));
460
461	fsp->fh->fd = SMB_VFS_NEXT_OPEN(handle, fname, fsp, flags, mode);
462
463	if (!file_existed && fsp->fh->fd != -1) {
464	/* File was created. Inherit from parent directory. */
465	string_set(&fsp->fsp_name, fname);
466	inherit_new_acl(handle, fname, fsp, false);
467	}
468
469	return fsp->fh->fd;
470	}
471
472	static int mkdir_acl_xattr(vfs_handle_struct handle, const char path, mode_t mode)
473	{
474	int ret = SMB_VFS_NEXT_MKDIR(handle, path, mode);
475
476	if (ret == -1) {
477	return ret;
478	}
479	/* New directory - inherit from parent. */
480	inherit_new_acl(handle, path, NULL, true);
481	return ret;
482	}
483
484	/*********************************************************************
485	Fetch a security descriptor given an fsp.
486	*********************************************************************/
487
488	static NTSTATUS fget_nt_acl_xattr(vfs_handle_struct handle, files_struct fsp,
489	uint32 security_info, struct security_descriptor **ppdesc)
490	{
491	NTSTATUS status = get_nt_acl_xattr_internal(handle, fsp,
492	NULL, security_info, ppdesc);
493	if (NT_STATUS_IS_OK(status)) {
494	if (DEBUGLEVEL >= 10) {
495	DEBUG(10,("fget_nt_acl_xattr: returning xattr sd for file %s\n",
496	fsp->fsp_name));
497	NDR_PRINT_DEBUG(security_descriptor, *ppdesc);
498	}
499	return NT_STATUS_OK;
500	}
501
502	DEBUG(10,("fget_nt_acl_xattr: failed to get xattr sd for file %s, Error %s\n",
503	fsp->fsp_name,
504	nt_errstr(status) ));
505
506	return SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp,
507	security_info, ppdesc);
508	}
509
510	/*********************************************************************
511	Fetch a security descriptor given a pathname.
512	*********************************************************************/
513
514	static NTSTATUS get_nt_acl_xattr(vfs_handle_struct *handle,
515	const char name, uint32 security_info, struct security_descriptor *ppdesc)
516	{
517	NTSTATUS status = get_nt_acl_xattr_internal(handle, NULL,
518	name, security_info, ppdesc);
519	if (NT_STATUS_IS_OK(status)) {
520	if (DEBUGLEVEL >= 10) {
521	DEBUG(10,("get_nt_acl_xattr: returning xattr sd for file %s\n",
522	name));
523	NDR_PRINT_DEBUG(security_descriptor, *ppdesc);
524	}
525	return NT_STATUS_OK;
526	}
527
528	DEBUG(10,("get_nt_acl_xattr: failed to get xattr sd for file %s, Error %s\n",
529	name,
530	nt_errstr(status) ));
531
532	return SMB_VFS_NEXT_GET_NT_ACL(handle, name,
533	security_info, ppdesc);
534	}
535
536	/*********************************************************************
537	Store a security descriptor given an fsp.
538	*********************************************************************/
539
540	static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct handle, files_struct fsp,
541	uint32 security_info_sent, const struct security_descriptor *psd)
542	{
543	NTSTATUS status;
544	DATA_BLOB blob;
545
546	if (DEBUGLEVEL >= 10) {
547	DEBUG(10,("fset_nt_acl_xattr: incoming sd for file %s\n",
548	fsp->fsp_name));
549	NDR_PRINT_DEBUG(security_descriptor,
550	CONST_DISCARD(struct security_descriptor *,psd));
551	}
552
553	status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
554	if (!NT_STATUS_IS_OK(status)) {
555	return status;
556	}
557
558	/* Ensure owner and group are set. */
559	if (!psd->owner_sid \|\| !psd->group_sid) {
560	int ret;
561	SMB_STRUCT_STAT sbuf;
562	DOM_SID owner_sid, group_sid;
563	struct security_descriptor *nc_psd = dup_sec_desc(talloc_tos(), psd);
564
565	if (!nc_psd) {
566	return NT_STATUS_OK;
567	}
568	if (fsp->is_directory \|\| fsp->fh->fd == -1) {
569	if (fsp->posix_open) {
570	ret = SMB_VFS_LSTAT(fsp->conn,fsp->fsp_name, &sbuf);
571	} else {
572	ret = SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf);
573	}
574	} else {
575	ret = SMB_VFS_FSTAT(fsp, &sbuf);
576	}
577	if (ret == -1) {
578	/* Lower level acl set succeeded,
579	* so still return OK. */
580	return NT_STATUS_OK;
581	}
582	create_file_sids(&sbuf, &owner_sid, &group_sid);
583	/* This is safe as nc_psd is discarded at fn exit. */
584	nc_psd->owner_sid = &owner_sid;
585	nc_psd->group_sid = &group_sid;
586	security_info_sent \|= (OWNER_SECURITY_INFORMATION\|GROUP_SECURITY_INFORMATION);
587	psd = nc_psd;
588	}
589
590	#if 0
591	if ((security_info_sent & DACL_SECURITY_INFORMATION) &&
592	psd->dacl != NULL &&
593	(psd->type & (SE_DESC_DACL_AUTO_INHERITED\|
594	SE_DESC_DACL_AUTO_INHERIT_REQ))==
595	(SE_DESC_DACL_AUTO_INHERITED\|
596	SE_DESC_DACL_AUTO_INHERIT_REQ) ) {
597	struct security_descriptor *new_psd = NULL;
598	status = append_parent_acl(fsp, psd, &new_psd);
599	if (!NT_STATUS_IS_OK(status)) {
600	/* Lower level acl set succeeded,
601	* so still return OK. */
602	return NT_STATUS_OK;
603	}
604	psd = new_psd;
605	}
606	#endif
607
608	if (DEBUGLEVEL >= 10) {
609	DEBUG(10,("fset_nt_acl_xattr: storing xattr sd for file %s\n",
610	fsp->fsp_name));
611	NDR_PRINT_DEBUG(security_descriptor,
612	CONST_DISCARD(struct security_descriptor *,psd));
613	}
614	create_acl_blob(psd, &blob);
615	store_acl_blob_fsp(handle, fsp, &blob);
616
617	return NT_STATUS_OK;
618	}
619
620	/*********************************************************************
621	Remove a Windows ACL - we're setting the underlying POSIX ACL.
622	*********************************************************************/
623
624	static int sys_acl_set_file_xattr(vfs_handle_struct *handle,
625	const char *name,
626	SMB_ACL_TYPE_T type,
627	SMB_ACL_T theacl)
628	{
629	int ret = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle,
630	name,
631	type,
632	theacl);
633	if (ret == -1) {
634	return -1;
635	}
636
637	become_root();
638	SMB_VFS_REMOVEXATTR(handle->conn, name, XATTR_NTACL_NAME);
639	unbecome_root();
640
641	return ret;
642	}
643
644	/*********************************************************************
645	Remove a Windows ACL - we're setting the underlying POSIX ACL.
646	*********************************************************************/
647
648	static int sys_acl_set_fd_xattr(vfs_handle_struct *handle,
649	files_struct *fsp,
650	SMB_ACL_T theacl)
651	{
652	int ret = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle,
653	fsp,
654	theacl);
655	if (ret == -1) {
656	return -1;
657	}
658
659	become_root();
660	SMB_VFS_FREMOVEXATTR(fsp, XATTR_NTACL_NAME);
661	unbecome_root();
662
663	return ret;
664	}
665
666	/* VFS operations structure */
667
668	static vfs_op_tuple skel_op_tuples[] =
669	{
670	{SMB_VFS_OP(mkdir_acl_xattr), SMB_VFS_OP_MKDIR, SMB_VFS_LAYER_TRANSPARENT},
671	{SMB_VFS_OP(open_acl_xattr), SMB_VFS_OP_OPEN, SMB_VFS_LAYER_TRANSPARENT},
672
673	/* NT File ACL operations */
674
675	{SMB_VFS_OP(fget_nt_acl_xattr),SMB_VFS_OP_FGET_NT_ACL,SMB_VFS_LAYER_TRANSPARENT},
676	{SMB_VFS_OP(get_nt_acl_xattr), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
677	{SMB_VFS_OP(fset_nt_acl_xattr),SMB_VFS_OP_FSET_NT_ACL,SMB_VFS_LAYER_TRANSPARENT},
678
679	/* POSIX ACL operations. */
680	{SMB_VFS_OP(sys_acl_set_file_xattr), SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT},
681	{SMB_VFS_OP(sys_acl_set_fd_xattr), SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT},
682
683	{SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
684	};
685
686	NTSTATUS vfs_acl_xattr_init(void)
687	{
688	return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "acl_xattr", skel_op_tuples);
689	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: