Changeset 732 for branches/samba-3.5.x/source3/smbd/posix_acls.c
- Timestamp:
- Nov 12, 2012, 4:35:55 PM (13 years ago)
- File:
-
- 1 edited
-
branches/samba-3.5.x/source3/smbd/posix_acls.c (modified) (11 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.5.x/source3/smbd/posix_acls.c
r599 r732 1398 1398 pace->trustee = *pfile_owner_sid; 1399 1399 pace->attr = ALLOW_ACE; 1400 /* Start with existing permissions, principle of least 1401 surprises for the user. */ 1402 pace->perms = pst->st_ex_mode; 1400 1403 1401 1404 if (setting_acl) { 1402 1405 /* See if the owning user is in any of the other groups in 1403 the ACE . If so, OR in the permissions from that group. */1404 1405 bool group_matched = False; 1406 the ACE, or if there's a matching user entry. 1407 If so, OR in the permissions from that entry. */ 1408 1406 1409 canon_ace *pace_iter; 1407 1410 1408 1411 for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) { 1409 if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) { 1412 if (pace_iter->type == SMB_ACL_USER && 1413 pace_iter->unix_ug.uid == pace->unix_ug.uid) { 1414 pace->perms |= pace_iter->perms; 1415 } else if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) { 1410 1416 if (uid_entry_in_group(pace, pace_iter)) { 1411 1417 pace->perms |= pace_iter->perms; 1412 group_matched = True;1413 1418 } 1414 1419 } 1415 1420 } 1416 1421 1417 /* If we only got an "everyone" perm, just use that. */1418 if (!group_matched) {1422 if (pace->perms == 0) { 1423 /* If we only got an "everyone" perm, just use that. */ 1419 1424 if (got_other) 1420 1425 pace->perms = pace_other->perms; 1421 else1422 pace->perms = 0;1423 1426 } 1424 1427 … … 1485 1488 If it does not have them, check if there are any entries where the trustee is the 1486 1489 file owner or the owning group, and map these to SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ. 1490 Note we must not do this to default directory ACLs. 1487 1491 ****************************************************************************/ 1488 1492 … … 1524 1528 if (!got_group_obj) 1525 1529 DEBUG(10,("check_owning_objs: ACL is missing an owning group entry.\n")); 1526 }1527 1528 /****************************************************************************1529 If an ACE entry is SMB_ACL_USER_OBJ and not CREATOR_OWNER, map to SMB_ACL_USER.1530 If an ACE entry is SMB_ACL_GROUP_OBJ and not CREATOR_GROUP, map to SMB_ACL_GROUP1531 ****************************************************************************/1532 1533 static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace)1534 {1535 /* dir ace must be followings.1536 SMB_ACL_USER_OBJ : trustee(CREATOR_OWNER) -> Posix ACL d:u::perm1537 SMB_ACL_USER : not trustee -> Posix ACL u:user:perm1538 SMB_ACL_USER_OBJ : trustee -> convert to SMB_ACL_USER : trustee1539 Posix ACL u:trustee:perm1540 1541 SMB_ACL_GROUP_OBJ: trustee(CREATOR_GROUP) -> Posix ACL d:g::perm1542 SMB_ACL_GROUP : not trustee -> Posix ACL g:group:perm1543 SMB_ACL_GROUP_OBJ: trustee -> convert to SMB_ACL_GROUP : trustee1544 Posix ACL g:trustee:perm1545 */1546 1547 if (ace->type == SMB_ACL_USER_OBJ &&1548 !(sid_equal(&ace->trustee, &global_sid_Creator_Owner))) {1549 canon_ace *dup_ace = dup_canon_ace(ace);1550 1551 if (dup_ace == NULL) {1552 return false;1553 }1554 dup_ace->type = SMB_ACL_USER;1555 DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);1556 }1557 1558 if (ace->type == SMB_ACL_GROUP_OBJ &&1559 !(sid_equal(&ace->trustee, &global_sid_Creator_Group))) {1560 canon_ace *dup_ace = dup_canon_ace(ace);1561 1562 if (dup_ace == NULL) {1563 return false;1564 }1565 dup_ace->type = SMB_ACL_GROUP;1566 DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);1567 }1568 1569 return true;1570 1530 } 1571 1531 … … 1793 1753 (SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT)) { 1794 1754 1755 canon_ace *current_dir_ace = current_ace; 1795 1756 DLIST_ADD_END(dir_ace, current_ace, canon_ace *); 1796 1757 … … 1818 1779 dbgtext("create_canon_ace_lists: adding dir ACL:\n"); 1819 1780 print_canon_ace( current_ace, 0); 1820 }1821 1822 /*1823 * We have a lossy mapping: directory ACE entries1824 * CREATOR_OWNER ------\1825 * (map to) +---> SMB_ACL_USER_OBJ1826 * owning sid ------/1827 *1828 * CREATOR_GROUP ------\1829 * (map to) +---> SMB_ACL_GROUP_OBJ1830 * primary group sid --/1831 *1832 * on set. And on read of a directory ACL1833 *1834 * SMB_ACL_USER_OBJ ----> CREATOR_OWNER1835 * SMB_ACL_GROUP_OBJ ---> CREATOR_GROUP.1836 *1837 * Deal with this on set by duplicating1838 * owning sid and primary group sid ACE1839 * entries into the directory ACL.1840 * Fix from Tsukasa Hamano <hamano@osstech.co.jp>.1841 */1842 1843 if (!dup_owning_ace(dir_ace, current_ace)) {1844 DEBUG(0,("create_canon_ace_lists: malloc fail !\n"));1845 free_canon_ace_list(file_ace);1846 free_canon_ace_list(dir_ace);1847 return false;1848 1781 } 1849 1782 … … 1882 1815 current_ace = NULL; 1883 1816 } 1817 1818 /* 1819 * current_ace is now either owned by file_ace 1820 * or is NULL. We can safely operate on current_dir_ace 1821 * to treat mapping for default acl entries differently 1822 * than access acl entries. 1823 */ 1824 1825 if (current_dir_ace->owner_type == UID_ACE) { 1826 /* 1827 * We already decided above this is a uid, 1828 * for default acls ace's only CREATOR_OWNER 1829 * maps to ACL_USER_OBJ. All other uid 1830 * ace's are ACL_USER. 1831 */ 1832 if (sid_equal(¤t_dir_ace->trustee, 1833 &global_sid_Creator_Owner)) { 1834 current_dir_ace->type = SMB_ACL_USER_OBJ; 1835 } else { 1836 current_dir_ace->type = SMB_ACL_USER; 1837 } 1838 } 1839 1840 if (current_dir_ace->owner_type == GID_ACE) { 1841 /* 1842 * We already decided above this is a gid, 1843 * for default acls ace's only CREATOR_GROUP 1844 * maps to ACL_GROUP_OBJ. All other uid 1845 * ace's are ACL_GROUP. 1846 */ 1847 if (sid_equal(¤t_dir_ace->trustee, 1848 &global_sid_Creator_Group)) { 1849 current_dir_ace->type = SMB_ACL_GROUP_OBJ; 1850 } else { 1851 current_dir_ace->type = SMB_ACL_GROUP; 1852 } 1853 } 1884 1854 } 1885 1855 } … … 1943 1913 } else { 1944 1914 /* 1945 * Check if we have SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ entries in each 1946 * ACL. If we don't have them, check if any SMB_ACL_USER/SMB_ACL_GROUP 1947 * entries can be converted to *_OBJ. Usually we will already have these 1948 * entries in the Default ACL, and the Access ACL will not have them. 1915 * Check if we have SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ entries in 1916 * the file ACL. If we don't have them, check if any SMB_ACL_USER/SMB_ACL_GROUP 1917 * entries can be converted to *_OBJ. Don't do this for the default 1918 * ACL, we will create them separately for this if needed inside 1919 * ensure_canon_entry_valid(). 1949 1920 */ 1950 1921 if (file_ace) { 1951 1922 check_owning_objs(file_ace, pfile_owner_sid, pfile_grp_sid); 1952 }1953 if (dir_ace) {1954 check_owning_objs(dir_ace, pfile_owner_sid, pfile_grp_sid);1955 1923 } 1956 1924 } … … 2275 2243 2276 2244 /**************************************************************************** 2277 Create a default mode that will be used if a security descriptor entry has2278 no user/group/world entries.2279 ****************************************************************************/2280 2281 static mode_t create_default_mode(files_struct *fsp, bool interitable_mode)2282 {2283 int snum = SNUM(fsp->conn);2284 mode_t and_bits = (mode_t)0;2285 mode_t or_bits = (mode_t)0;2286 mode_t mode;2287 2288 if (interitable_mode) {2289 mode = unix_mode(fsp->conn, FILE_ATTRIBUTE_ARCHIVE,2290 fsp->fsp_name, NULL);2291 } else {2292 mode = S_IRUSR;2293 }2294 2295 if (fsp->is_directory)2296 mode |= (S_IWUSR|S_IXUSR);2297 2298 /*2299 * Now AND with the create mode/directory mode bits then OR with the2300 * force create mode/force directory mode bits.2301 */2302 2303 if (fsp->is_directory) {2304 and_bits = lp_dir_security_mask(snum);2305 or_bits = lp_force_dir_security_mode(snum);2306 } else {2307 and_bits = lp_security_mask(snum);2308 or_bits = lp_force_security_mode(snum);2309 }2310 2311 return ((mode & and_bits)|or_bits);2312 }2313 2314 /****************************************************************************2315 2245 Unpack a SEC_DESC into two canonical ace lists. We don't depend on this 2316 2246 succeeding. … … 2326 2256 const SEC_DESC *psd) 2327 2257 { 2328 SMB_STRUCT_STAT st;2329 2258 canon_ace *file_ace = NULL; 2330 2259 canon_ace *dir_ace = NULL; … … 2390 2319 print_canon_ace_list( "file ace - before valid", file_ace); 2391 2320 2392 st = *pst;2393 2394 /*2395 * A default 3 element mode entry for a file should be r-- --- ---.2396 * A default 3 element mode entry for a directory should be rwx --- ---.2397 */2398 2399 st.st_ex_mode = create_default_mode(fsp, False);2400 2401 2321 if (!ensure_canon_entry_valid(&file_ace, fsp->conn->params, 2402 fsp->is_directory, pfile_owner_sid, pfile_grp_sid, &st, True)) {2322 fsp->is_directory, pfile_owner_sid, pfile_grp_sid, pst, True)) { 2403 2323 free_canon_ace_list(file_ace); 2404 2324 free_canon_ace_list(dir_ace); … … 2408 2328 print_canon_ace_list( "dir ace - before valid", dir_ace); 2409 2329 2410 /*2411 * A default inheritable 3 element mode entry for a directory should be the2412 * mode Samba will use to create a file within. Ensure user rwx bits are set if2413 * it's a directory.2414 */2415 2416 st.st_ex_mode = create_default_mode(fsp, True);2417 2418 2330 if (dir_ace && !ensure_canon_entry_valid(&dir_ace, fsp->conn->params, 2419 fsp->is_directory, pfile_owner_sid, pfile_grp_sid, &st, True)) {2331 fsp->is_directory, pfile_owner_sid, pfile_grp_sid, pst, True)) { 2420 2332 free_canon_ace_list(file_ace); 2421 2333 free_canon_ace_list(dir_ace);
Note:
See TracChangeset
for help on using the changeset viewer.
