Changeset 140 for branches/samba-3.0/source/smbd
- Timestamp:
- Jul 11, 2008, 1:13:42 AM (17 years ago)
- Location:
- branches/samba-3.0/source/smbd
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.0/source/smbd/oplock_linux.c
r1 r140 24 24 #if HAVE_KERNEL_OPLOCKS_LINUX 25 25 26 /* these can be removed when they are in glibc headers */27 struct cap_user_header {28 uint32 version;29 int pid;30 } header;31 struct cap_user_data {32 uint32 effective;33 uint32 permitted;34 uint32 inheritable;35 } data;36 37 extern int capget(struct cap_user_header * hdrp,38 struct cap_user_data * datap);39 extern int capset(struct cap_user_header * hdrp,40 const struct cap_user_data * datap);41 42 26 static SIG_ATOMIC_T signals_received; 43 27 #define FD_PENDING_SIZE 100 … … 77 61 } 78 62 79 /****************************************************************************80 Try to gain a linux capability.81 ****************************************************************************/82 83 static void set_capability(unsigned capability)84 {85 #ifndef _LINUX_CAPABILITY_VERSION86 #define _LINUX_CAPABILITY_VERSION 0x1998033087 #endif88 header.version = _LINUX_CAPABILITY_VERSION;89 header.pid = 0;90 91 if (capget(&header, &data) == -1) {92 DEBUG(3,("Unable to get kernel capabilities (%s)\n",93 strerror(errno)));94 return;95 }96 97 data.effective |= (1<<capability);98 99 if (capset(&header, &data) == -1) {100 DEBUG(3,("Unable to set %d capability (%s)\n",101 capability, strerror(errno)));102 }103 }104 105 63 /* 106 64 Call to set the kernel lease signal handler … … 128 86 ret = fcntl(fd, F_SETLEASE, leasetype); 129 87 if (ret == -1 && errno == EACCES) { 130 set_ capability(CAP_LEASE);88 set_effective_capability(LEASE_CAPABILITY); 131 89 ret = fcntl(fd, F_SETLEASE, leasetype); 132 90 } -
branches/samba-3.0/source/smbd/posix_acls.c
r124 r140 2290 2290 2291 2291 /**************************************************************************** 2292 Should we override a deny ? Check deprecated 'acl group control' 2293 and 'dos filemode' 2294 ****************************************************************************/ 2295 2296 static BOOL acl_group_override(connection_struct *conn, gid_t prim_gid) 2297 { 2298 if ( (errno == EACCES || errno == EPERM) 2299 && (lp_acl_group_control(SNUM(conn)) || lp_dos_filemode(SNUM(conn))) 2300 && current_user_in_group(prim_gid)) 2301 { 2292 Should we override a deny ? Check 'acl group control' and 'dos filemode' 2293 ****************************************************************************/ 2294 2295 static BOOL acl_group_override(connection_struct *conn, gid_t prim_gid, const char *fname) 2296 { 2297 SMB_STRUCT_STAT sbuf; 2298 2299 if ((errno != EPERM) && (errno != EACCES)) { 2300 return False; 2301 } 2302 2303 /* file primary group == user primary or supplementary group */ 2304 if (lp_acl_group_control(SNUM(conn)) && current_user_in_group(prim_gid)) { 2302 2305 return True; 2303 } 2306 } 2307 2308 /* user has writeable permission */ 2309 if (lp_dos_filemode(SNUM(conn)) && can_write_to_file(conn, fname, &sbuf)) { 2310 return True; 2311 } 2304 2312 2305 2313 return False; … … 2489 2497 } 2490 2498 2491 if (acl_group_override(conn, prim_gid )) {2499 if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { 2492 2500 int sret; 2493 2501 … … 2520 2528 } 2521 2529 2522 if (acl_group_override(conn, prim_gid )) {2530 if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { 2523 2531 int sret; 2524 2532 … … 3478 3486 int sret = -1; 3479 3487 3480 if (acl_group_override(conn, sbuf.st_gid )) {3488 if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { 3481 3489 DEBUG(5,("set_nt_acl: acl group control on and " 3482 3490 "current user in file %s primary group. Override delete_def_acl\n", … … 3525 3533 if(SMB_VFS_CHMOD(conn,fsp->fsp_name, posix_perms) == -1) { 3526 3534 int sret = -1; 3527 if (acl_group_override(conn, sbuf.st_gid )) {3535 if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { 3528 3536 DEBUG(5,("set_nt_acl: acl group control on and " 3529 3537 "current user in file %s primary group. Override chmod\n",
Note:
See TracChangeset
for help on using the changeset viewer.