134
114
/*******************************************************************
135
What to do when smb.conf is updated.
136
********************************************************************/
138
static void smb_conf_updated(int msg_type, struct process_id src,
139
void *buf, size_t len)
141
DEBUG(10,("smb_conf_updated: Got message saying smb.conf was updated. Reloading.\n"));
142
reload_services(False);
145
/*******************************************************************
146
Create the share security tdb.
147
********************************************************************/
149
static TDB_CONTEXT *share_tdb; /* used for share security descriptors */
150
#define SHARE_DATABASE_VERSION_V1 1
151
#define SHARE_DATABASE_VERSION_V2 2 /* version id in little endian. */
153
BOOL share_info_db_init(void)
155
static pid_t local_pid;
156
const char *vstring = "INFO/version";
159
if (share_tdb && local_pid == sys_getpid())
161
share_tdb = tdb_open_log(lock_path("share_info.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
163
DEBUG(0,("Failed to open share info database %s (%s)\n",
164
lock_path("share_info.tdb"), strerror(errno) ));
168
local_pid = sys_getpid();
170
/* handle a Samba upgrade */
171
tdb_lock_bystring(share_tdb, vstring, 0);
173
/* Cope with byte-reversed older versions of the db. */
174
vers_id = tdb_fetch_int32(share_tdb, vstring);
175
if ((vers_id == SHARE_DATABASE_VERSION_V1) || (IREV(vers_id) == SHARE_DATABASE_VERSION_V1)) {
176
/* Written on a bigendian machine with old fetch_int code. Save as le. */
177
tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
178
vers_id = SHARE_DATABASE_VERSION_V2;
181
if (vers_id != SHARE_DATABASE_VERSION_V2) {
182
tdb_traverse(share_tdb, tdb_traverse_delete_fn, NULL);
183
tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
185
tdb_unlock_bystring(share_tdb, vstring);
187
message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
192
/*******************************************************************
193
Fake up a Everyone, full access as a default.
194
********************************************************************/
196
static SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, int snum, size_t *psize)
201
SEC_DESC *psd = NULL;
202
uint32 def_access = GENERIC_ALL_ACCESS;
204
se_map_generic(&def_access, &file_generic_mapping);
206
init_sec_access(&sa, GENERIC_ALL_ACCESS | def_access );
207
init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
209
if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
210
psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, psize);
214
DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n"));
221
/*******************************************************************
222
Pull a security descriptor from the share tdb.
223
********************************************************************/
225
static SEC_DESC *get_share_security( TALLOC_CTX *ctx, int snum, size_t *psize)
229
SEC_DESC *psd = NULL;
233
/* Fetch security descriptor from tdb */
235
slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
237
if (tdb_prs_fetch(share_tdb, key, &ps, ctx)!=0 ||
238
!sec_io_desc("get_share_security", &psd, &ps, 1)) {
240
DEBUG(4,("get_share_security: using default secdesc for %s\n", lp_servicename(snum) ));
242
return get_share_security_default(ctx, snum, psize);
246
*psize = sec_desc_size(psd);
252
/*******************************************************************
253
Store a security descriptor in the share db.
254
********************************************************************/
256
static BOOL set_share_security(TALLOC_CTX *ctx, const char *share_name, SEC_DESC *psd)
259
TALLOC_CTX *mem_ctx = NULL;
263
mem_ctx = talloc_init("set_share_security");
267
prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
269
if (!sec_io_desc("share_security", &psd, &ps, 1))
272
slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name);
274
if (tdb_prs_store(share_tdb, key, &ps)==0) {
276
DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
278
DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name ));
281
/* Free malloc'ed memory */
287
talloc_destroy(mem_ctx);
291
/*******************************************************************
292
Delete a security descriptor.
293
********************************************************************/
295
static BOOL delete_share_security(int snum)
300
slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
302
kbuf.dsize = strlen(key)+1;
304
if (tdb_delete(share_tdb, kbuf) != 0) {
305
DEBUG(0,("delete_share_security: Failed to delete entry for share %s\n",
306
lp_servicename(snum) ));
313
/*******************************************************************
314
115
Map any generic bits to file specific bits.
315
116
********************************************************************/
317
void map_generic_share_sd_bits(SEC_DESC *psd)
118
static void map_generic_share_sd_bits(SEC_DESC *psd)
320
121
SEC_ACL *ps_dacl = NULL;