source: trunk-3.0/source/modules/vfs_tru64acl.c@ 101

Last change on this file since 101 was 39, checked in by Paul Smedley, 18 years ago

Upgrade source to 3.0.25a
File size: 13.8 KB
Line 
1/*
2 Unix SMB/Netbios implementation.
3 VFS module to get and set Tru64 acls
4 Copyright (C) Michael Adam 2006
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19*/
20
21#include "includes.h"
22
23/* prototypes for private functions first - for clarity */
24
25static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl);
26static BOOL tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
27 struct smb_acl_entry *smb_ace);
28static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl);
29static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag);
30static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag);
31static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset);
32static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset);
33
34
35/* public functions - the api */
36
37SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
38 const char *path_p,
39 SMB_ACL_TYPE_T type)
40{
41 struct smb_acl_t *result;
42 acl_type_t the_acl_type;
43 acl_t tru64_acl;
44
45 DEBUG(10, ("Hi! This is tru64acl_sys_acl_get_file.\n"));
46
47 switch(type) {
48 case SMB_ACL_TYPE_ACCESS:
49 the_acl_type = ACL_TYPE_ACCESS;
50 break;
51 case SMB_ACL_TYPE_DEFAULT:
52 the_acl_type = ACL_TYPE_DEFAULT;
53 break;
54 default:
55 errno = EINVAL;
56 return NULL;
57 }
58
59 tru64_acl = acl_get_file((char *)path_p, the_acl_type);
60
61 if (tru64_acl == NULL) {
62 return NULL;
63 }
64
65 result = tru64_acl_to_smb_acl(tru64_acl);
66 acl_free(tru64_acl);
67 return result;
68}
69
70SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
71 files_struct *fsp,
72 int fd)
73{
74 struct smb_acl_t *result;
75 acl_t tru64_acl = acl_get_fd(fd, ACL_TYPE_ACCESS);
76
77 if (tru64_acl == NULL) {
78 return NULL;
79 }
80
81 result = tru64_acl_to_smb_acl(tru64_acl);
82 acl_free(tru64_acl);
83 return result;
84}
85
86int tru64acl_sys_acl_set_file(vfs_handle_struct *handle,
87 const char *name,
88 SMB_ACL_TYPE_T type,
89 SMB_ACL_T theacl)
90{
91 int res;
92 acl_type_t the_acl_type;
93 acl_t tru64_acl;
94
95 DEBUG(10, ("tru64acl_sys_acl_set_file called with name %s, type %d\n",
96 name, type));
97
98 switch(type) {
99 case SMB_ACL_TYPE_ACCESS:
100 DEBUGADD(10, ("got acl type ACL_TYPE_ACCESS\n"));
101 the_acl_type = ACL_TYPE_ACCESS;
102 break;
103 case SMB_ACL_TYPE_DEFAULT:
104 DEBUGADD(10, ("got acl type ACL_TYPE_DEFAULT\n"));
105 the_acl_type = ACL_TYPE_DEFAULT;
106 break;
107 default:
108 DEBUGADD(10, ("invalid acl type\n"));
109 errno = EINVAL;
110 goto fail;
111 }
112
113 tru64_acl = smb_acl_to_tru64_acl(theacl);
114 if (tru64_acl == NULL) {
115 DEBUG(10, ("smb_acl_to_tru64_acl failed!\n"));
116 goto fail;
117 }
118 DEBUG(10, ("got tru64 acl...\n"));
119 res = acl_set_file((char *)name, the_acl_type, tru64_acl);
120 acl_free(tru64_acl);
121 if (res != 0) {
122 DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno)));
123 goto fail;
124 }
125 return res;
126fail:
127 DEBUG(1, ("tru64acl_sys_acl_set_file failed!\n"));
128 return -1;
129}
130
131int tru64acl_sys_acl_set_fd(vfs_handle_struct *handle,
132 files_struct *fsp,
133 int fd, SMB_ACL_T theacl)
134{
135 int res;
136 acl_t tru64_acl = smb_acl_to_tru64_acl(theacl);
137 if (tru64_acl == NULL) {
138 return -1;
139 }
140 res = acl_set_fd(fd, ACL_TYPE_ACCESS, tru64_acl);
141 acl_free(tru64_acl);
142 return res;
143
144}
145
146int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle,
147 const char *path)
148{
149 return acl_delete_def_file((char *)path);
150}
151
152
153/* private functions */
154
155static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl)
156{
157 struct smb_acl_t *result;
158 acl_entry_t entry;
159
160 DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n"));
161
162 if ((result = SMB_MALLOC_P(struct smb_acl_t)) == NULL) {
163 DEBUG(0, ("SMB_MALLOC_P failed in tru64_acl_to_smb_acl\n"));
164 errno = ENOMEM;
165 goto fail;
166 }
167 ZERO_STRUCTP(result);
168 if (acl_first_entry((struct acl *)tru64_acl) != 0) {
169 DEBUG(10, ("acl_first_entry failed: %s\n", strerror(errno)));
170 goto fail;
171 }
172 while ((entry = acl_get_entry((struct acl *)tru64_acl)) != NULL) {
173 result = SMB_REALLOC(result, sizeof(struct smb_acl_t) +
174 (sizeof(struct smb_acl_entry) *
175 (result->count + 1)));
176 if (result == NULL) {
177 DEBUG(0, ("SMB_REALLOC failed in tru64_acl_to_smb_acl\n"));
178 errno = ENOMEM;
179 goto fail;
180 }
181 /* XYZ */
182 if (!tru64_ace_to_smb_ace(entry, &result->acl[result->count])) {
183 SAFE_FREE(result);
184 goto fail;
185 }
186 result->count += 1;
187 }
188 return result;
189
190fail:
191 if (result != NULL) {
192 SAFE_FREE(result);
193 }
194 DEBUG(1, ("tru64_acl_to_smb_acl failed!\n"));
195 return NULL;
196}
197
198static BOOL tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
199 struct smb_acl_entry *smb_ace)
200{
201 acl_tag_t tru64_tag;
202 acl_permset_t permset;
203 SMB_ACL_TAG_T smb_tag_type;
204 SMB_ACL_PERM_T smb_permset;
205 void *qualifier;
206
207 if (acl_get_tag_type(tru64_ace, &tru64_tag) != 0) {
208 DEBUG(0, ("acl_get_tag_type failed: %s\n", strerror(errno)));
209 return False;
210 }
211
212 /* On could set the tag type directly to save a function call,
213 * but I like this better... */
214 smb_tag_type = tru64_tag_to_smb(tru64_tag);
215 if (smb_tag_type == 0) {
216 DEBUG(3, ("invalid tag type given: %d\n", tru64_tag));
217 return False;
218 }
219 if (sys_acl_set_tag_type(smb_ace, smb_tag_type) != 0) {
220 DEBUG(3, ("sys_acl_set_tag_type failed: %s\n",
221 strerror(errno)));
222 return False;
223 }
224 qualifier = acl_get_qualifier(tru64_ace);
225 if (qualifier != NULL) {
226 if (sys_acl_set_qualifier(smb_ace, qualifier) != 0) {
227 DEBUG(3, ("sys_acl_set_qualifier failed\n"));
228 return False;
229 }
230 }
231 if (acl_get_permset(tru64_ace, &permset) != 0) {
232 DEBUG(3, ("acl_get_permset failed: %s\n", strerror(errno)));
233 return False;
234 }
235 smb_permset = tru64_permset_to_smb(*permset);
236 if (sys_acl_set_permset(smb_ace, &smb_permset) != 0) {
237 DEBUG(3, ("sys_acl_set_permset failed: %s\n", strerror(errno)));
238 return False;
239 }
240 return True;
241}
242
243static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl)
244{
245 acl_t result;
246 acl_entry_t tru64_entry;
247 int i;
248 char *acl_text;
249 ssize_t acl_text_len;
250
251 /* The tru64 acl_init function takes a size_t value
252 * instead of a count of entries (as with posix).
253 * the size parameter "Specifies the size of the working
254 * storage in bytes" (according to the man page).
255 * But it is unclear to me, how this size is to be
256 * calculated.
257 *
258 * It should not matter, since acl_create_entry enlarges
259 * the working storage at need. ... */
260
261 DEBUG(10, ("Hi! This is smb_acl_to_tru64_acl.\n"));
262
263 result = acl_init(1);
264
265 if (result == NULL) {
266 DEBUG(3, ("acl_init failed!\n"));
267 goto fail;
268 }
269
270 DEBUGADD(10, ("parsing acl entries...\n"));
271 for (i = 0; i < smb_acl->count; i++) {
272 /* XYZ - maybe eliminate this direct access? */
273 const struct smb_acl_entry *smb_entry = &smb_acl->acl[i];
274 acl_tag_t tru64_tag;
275 acl_perm_t tru64_permset;
276
277 tru64_tag = smb_tag_to_tru64(smb_entry->a_type);
278 if (tru64_tag == -1) {
279 DEBUG(3, ("smb_tag_to_tru64 failed!\n"));
280 goto fail;
281 }
282
283 if (tru64_tag == ACL_MASK) {
284 DEBUGADD(10, (" - acl type ACL_MASK: not implemented on Tru64 ==> skipping\n"));
285 continue;
286 }
287
288 tru64_entry = acl_create_entry(&result);
289 if (tru64_entry == NULL) {
290 DEBUG(3, ("acl_create_entry failed: %s\n",
291 strerror(errno)));
292 goto fail;
293 }
294
295 if (acl_set_tag_type(tru64_entry, tru64_tag) != 0) {
296 DEBUG(3, ("acl_set_tag_type(%d) failed: %s\n",
297 strerror(errno)));
298 goto fail;
299 }
300
301 switch (smb_entry->a_type) {
302 case SMB_ACL_USER:
303 if (acl_set_qualifier(tru64_entry,
304 (int *)&smb_entry->uid) != 0)
305 {
306 DEBUG(3, ("acl_set_qualifier failed: %s\n",
307 strerror(errno)));
308 goto fail;
309 }
310 DEBUGADD(10, (" - setting uid to %d\n", smb_entry->uid));
311 break;
312 case SMB_ACL_GROUP:
313 if (acl_set_qualifier(tru64_entry,
314 (int *)&smb_entry->gid) != 0)
315 {
316 DEBUG(3, ("acl_set_qualifier failed: %s\n",
317 strerror(errno)));
318 goto fail;
319 }
320 DEBUGADD(10, (" - setting gid to %d\n", smb_entry->gid));
321 break;
322 default:
323 break;
324 }
325
326 tru64_permset = smb_permset_to_tru64(smb_entry->a_perm);
327 if (tru64_permset == -1) {
328 DEBUG(3, ("smb_permset_to_tru64 failed!\n"));
329 goto fail;
330 }
331 DEBUGADD(10, (" - setting perms to %0d\n", tru64_permset));
332 if (acl_set_permset(tru64_entry, &tru64_permset) != 0)
333 {
334 DEBUG(3, ("acl_set_permset failed: %s\n", strerror(errno)));
335 goto fail;
336 }
337 } /* for */
338 DEBUGADD(10, ("done parsing acl entries\n"));
339
340 tru64_entry = NULL;
341 if (acl_valid(result, &tru64_entry) != 0) {
342 DEBUG(1, ("smb_acl_to_tru64_acl: ACL is invalid (%s)\n",
343 strerror(errno)));
344 if (tru64_entry != NULL) {
345 DEBUGADD(1, ("the acl contains duplicate entries\n"));
346 }
347 goto fail;
348 }
349 DEBUGADD(10, ("acl is valid\n"));
350
351 acl_text = acl_to_text(result, &acl_text_len);
352 if (acl_text == NULL) {
353 DEBUG(3, ("acl_to_text failed: %s\n", strerror(errno)));
354 goto fail;
355 }
356 DEBUG(1, ("acl_text: %s\n", acl_text));
357 free(acl_text);
358
359 return result;
360
361fail:
362 if (result != NULL) {
363 acl_free(result);
364 }
365 DEBUG(1, ("smb_acl_to_tru64_acl failed!\n"));
366 return NULL;
367}
368
369static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag)
370{
371 acl_tag_t result;
372 switch (smb_tag) {
373 case SMB_ACL_USER:
374 result = ACL_USER;
375 DEBUGADD(10, ("got acl type ACL_USER\n"));
376 break;
377 case SMB_ACL_USER_OBJ:
378 result = ACL_USER_OBJ;
379 DEBUGADD(10, ("got acl type ACL_USER_OBJ\n"));
380 break;
381 case SMB_ACL_GROUP:
382 result = ACL_GROUP;
383 DEBUGADD(10, ("got acl type ACL_GROUP\n"));
384 break;
385 case SMB_ACL_GROUP_OBJ:
386 result = ACL_GROUP_OBJ;
387 DEBUGADD(10, ("got acl type ACL_GROUP_OBJ\n"));
388 break;
389 case SMB_ACL_OTHER:
390 result = ACL_OTHER;
391 DEBUGADD(10, ("got acl type ACL_OTHER\n"));
392 break;
393 case SMB_ACL_MASK:
394 result = ACL_MASK;
395 DEBUGADD(10, ("got acl type ACL_MASK\n"));
396 break;
397 default:
398 DEBUG(1, ("Unknown tag type %d\n", smb_tag));
399 result = -1;
400 }
401 return result;
402}
403
404
405static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag)
406{
407 SMB_ACL_TAG_T smb_tag_type;
408 switch(tru64_tag) {
409 case ACL_USER:
410 smb_tag_type = SMB_ACL_USER;
411 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER\n"));
412 break;
413 case ACL_USER_OBJ:
414 smb_tag_type = SMB_ACL_USER_OBJ;
415 DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER_OBJ\n"));
416 break;
417 case ACL_GROUP:
418 smb_tag_type = SMB_ACL_GROUP;
419 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP\n"));
420 break;
421 case ACL_GROUP_OBJ:
422 smb_tag_type = SMB_ACL_GROUP_OBJ;
423 DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP_OBJ\n"));
424 break;
425 case ACL_OTHER:
426 smb_tag_type = SMB_ACL_OTHER;
427 DEBUGADD(10, ("got smb acl tag type SMB_ACL_OTHER\n"));
428 break;
429 case ACL_MASK:
430 smb_tag_type = SMB_ACL_MASK;
431 DEBUGADD(10, ("got smb acl tag type SMB_ACL_MASK\n"));
432 break;
433 default:
434 DEBUG(0, ("Unknown tag type %d\n", (unsigned int)tru64_tag));
435 smb_tag_type = 0;
436 }
437 return smb_tag_type;
438}
439
440static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset)
441{
442 /* originally, I thought that acl_clear_perm was the
443 * proper way to reset the permset to 0. but without
444 * initializing it to 0, acl_clear_perm fails.
445 * so probably, acl_clear_perm is not necessary here... ?! */
446 acl_perm_t tru64_permset = 0;
447 if (acl_clear_perm(&tru64_permset) != 0) {
448 DEBUG(5, ("acl_clear_perm failed: %s\n", strerror(errno)));
449 return -1;
450 }
451 /* according to original lib/sysacls.c, acl_add_perm is
452 * broken on tru64 ... */
453 tru64_permset |= ((smb_permset & SMB_ACL_READ) ? ACL_READ : 0);
454 tru64_permset |= ((smb_permset & SMB_ACL_WRITE) ? ACL_WRITE : 0);
455 tru64_permset |= ((smb_permset & SMB_ACL_EXECUTE) ? ACL_EXECUTE : 0);
456 return tru64_permset;
457}
458
459static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset)
460{
461 SMB_ACL_PERM_T smb_permset = 0;
462 smb_permset |= ((tru64_permset & ACL_READ) ? SMB_ACL_READ : 0);
463 smb_permset |= ((tru64_permset & ACL_WRITE) ? SMB_ACL_WRITE : 0);
464 smb_permset |= ((tru64_permset & ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0);
465 return smb_permset;
466}
467
468
469/* VFS operations structure */
470
471static vfs_op_tuple tru64acl_op_tuples[] = {
472 /* Disk operations */
473 {SMB_VFS_OP(tru64acl_sys_acl_get_file),
474 SMB_VFS_OP_SYS_ACL_GET_FILE,
475 SMB_VFS_LAYER_TRANSPARENT},
476
477 {SMB_VFS_OP(tru64acl_sys_acl_get_fd),
478 SMB_VFS_OP_SYS_ACL_GET_FD,
479 SMB_VFS_LAYER_TRANSPARENT},
480
481 {SMB_VFS_OP(tru64acl_sys_acl_set_file),
482 SMB_VFS_OP_SYS_ACL_SET_FILE,
483 SMB_VFS_LAYER_TRANSPARENT},
484
485 {SMB_VFS_OP(tru64acl_sys_acl_set_fd),
486 SMB_VFS_OP_SYS_ACL_SET_FD,
487 SMB_VFS_LAYER_TRANSPARENT},
488
489 {SMB_VFS_OP(tru64acl_sys_acl_delete_def_file),
490 SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
491 SMB_VFS_LAYER_TRANSPARENT},
492
493 {SMB_VFS_OP(NULL),
494 SMB_VFS_OP_NOOP,
495 SMB_VFS_LAYER_NOOP}
496};
497
498NTSTATUS vfs_tru64acl_init(void);
499NTSTATUS vfs_tru64acl_init(void)
500{
501 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "tru64acl",
502 tru64acl_op_tuples);
503}
504
505/* ENTE */
Note: See TracBrowser for help on using the repository browser.