2
Unix SMB/Netbios implementation.
3
VFS module to get and set Tru64 acls
4
Copyright (C) Michael Adam 2006,2008
6
This program is free software; you can redistribute it and/or modify
7
it under the terms of the GNU General Public License as published by
8
the Free Software Foundation; either version 3 of the License, or
9
(at your option) any later version.
11
This program is distributed in the hope that it will be useful,
12
but WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
GNU General Public License for more details.
16
You should have received a copy of the GNU General Public License
17
along with this program. If not, see <http://www.gnu.org/licenses/>.
22
/* prototypes for private functions first - for clarity */
24
static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl);
25
static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
26
struct smb_acl_entry *smb_ace);
27
static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl);
28
static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag);
29
static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag);
30
static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset);
31
static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset);
34
/* public functions - the api */
36
SMB_ACL_T tru64acl_sys_acl_get_file(vfs_handle_struct *handle,
40
struct smb_acl_t *result;
41
acl_type_t the_acl_type;
44
DEBUG(10, ("Hi! This is tru64acl_sys_acl_get_file.\n"));
47
case SMB_ACL_TYPE_ACCESS:
48
the_acl_type = ACL_TYPE_ACCESS;
50
case SMB_ACL_TYPE_DEFAULT:
51
the_acl_type = ACL_TYPE_DEFAULT;
58
tru64_acl = acl_get_file((char *)path_p, the_acl_type);
60
if (tru64_acl == NULL) {
64
result = tru64_acl_to_smb_acl(tru64_acl);
69
SMB_ACL_T tru64acl_sys_acl_get_fd(vfs_handle_struct *handle,
72
struct smb_acl_t *result;
73
acl_t tru64_acl = acl_get_fd(fsp->fh->fd, ACL_TYPE_ACCESS);
75
if (tru64_acl == NULL) {
79
result = tru64_acl_to_smb_acl(tru64_acl);
84
int tru64acl_sys_acl_set_file(vfs_handle_struct *handle,
90
acl_type_t the_acl_type;
93
DEBUG(10, ("tru64acl_sys_acl_set_file called with name %s, type %d\n",
97
case SMB_ACL_TYPE_ACCESS:
98
DEBUGADD(10, ("got acl type ACL_TYPE_ACCESS\n"));
99
the_acl_type = ACL_TYPE_ACCESS;
101
case SMB_ACL_TYPE_DEFAULT:
102
DEBUGADD(10, ("got acl type ACL_TYPE_DEFAULT\n"));
103
the_acl_type = ACL_TYPE_DEFAULT;
106
DEBUGADD(10, ("invalid acl type\n"));
111
tru64_acl = smb_acl_to_tru64_acl(theacl);
112
if (tru64_acl == NULL) {
113
DEBUG(10, ("smb_acl_to_tru64_acl failed!\n"));
116
DEBUG(10, ("got tru64 acl...\n"));
117
res = acl_set_file((char *)name, the_acl_type, tru64_acl);
120
DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno)));
125
DEBUG(1, ("tru64acl_sys_acl_set_file failed!\n"));
129
int tru64acl_sys_acl_set_fd(vfs_handle_struct *handle,
134
acl_t tru64_acl = smb_acl_to_tru64_acl(theacl);
135
if (tru64_acl == NULL) {
138
res = acl_set_fd(fsp->fh->fd, ACL_TYPE_ACCESS, tru64_acl);
144
int tru64acl_sys_acl_delete_def_file(vfs_handle_struct *handle,
147
return acl_delete_def_file((char *)path);
151
/* private functions */
153
static struct smb_acl_t *tru64_acl_to_smb_acl(const struct acl *tru64_acl)
155
struct smb_acl_t *result;
158
DEBUG(10, ("Hi! This is tru64_acl_to_smb_acl.\n"));
160
if ((result = SMB_MALLOC_P(struct smb_acl_t)) == NULL) {
161
DEBUG(0, ("SMB_MALLOC_P failed in tru64_acl_to_smb_acl\n"));
165
ZERO_STRUCTP(result);
166
if (acl_first_entry((struct acl *)tru64_acl) != 0) {
167
DEBUG(10, ("acl_first_entry failed: %s\n", strerror(errno)));
170
while ((entry = acl_get_entry((struct acl *)tru64_acl)) != NULL) {
171
result = SMB_REALLOC(result, sizeof(struct smb_acl_t) +
172
(sizeof(struct smb_acl_entry) *
173
(result->count + 1)));
174
if (result == NULL) {
175
DEBUG(0, ("SMB_REALLOC failed in tru64_acl_to_smb_acl\n"));
180
if (!tru64_ace_to_smb_ace(entry, &result->acl[result->count])) {
189
if (result != NULL) {
192
DEBUG(1, ("tru64_acl_to_smb_acl failed!\n"));
196
static bool tru64_ace_to_smb_ace(acl_entry_t tru64_ace,
197
struct smb_acl_entry *smb_ace)
200
acl_permset_t permset;
201
SMB_ACL_TAG_T smb_tag_type;
202
SMB_ACL_PERM_T smb_permset;
205
if (acl_get_tag_type(tru64_ace, &tru64_tag) != 0) {
206
DEBUG(0, ("acl_get_tag_type failed: %s\n", strerror(errno)));
210
/* On could set the tag type directly to save a function call,
211
* but I like this better... */
212
smb_tag_type = tru64_tag_to_smb(tru64_tag);
213
if (smb_tag_type == 0) {
214
DEBUG(3, ("invalid tag type given: %d\n", tru64_tag));
217
if (sys_acl_set_tag_type(smb_ace, smb_tag_type) != 0) {
218
DEBUG(3, ("sys_acl_set_tag_type failed: %s\n",
222
qualifier = acl_get_qualifier(tru64_ace);
223
if (qualifier != NULL) {
224
if (sys_acl_set_qualifier(smb_ace, qualifier) != 0) {
225
DEBUG(3, ("sys_acl_set_qualifier failed\n"));
229
if (acl_get_permset(tru64_ace, &permset) != 0) {
230
DEBUG(3, ("acl_get_permset failed: %s\n", strerror(errno)));
233
smb_permset = tru64_permset_to_smb(*permset);
234
if (sys_acl_set_permset(smb_ace, &smb_permset) != 0) {
235
DEBUG(3, ("sys_acl_set_permset failed: %s\n", strerror(errno)));
241
static acl_t smb_acl_to_tru64_acl(const SMB_ACL_T smb_acl)
244
acl_entry_t tru64_entry;
247
ssize_t acl_text_len;
249
/* The tru64 acl_init function takes a size_t value
250
* instead of a count of entries (as with posix).
251
* the size parameter "Specifies the size of the working
252
* storage in bytes" (according to the man page).
253
* But it is unclear to me, how this size is to be
256
* It should not matter, since acl_create_entry enlarges
257
* the working storage at need. ... */
259
DEBUG(10, ("Hi! This is smb_acl_to_tru64_acl.\n"));
261
result = acl_init(1);
263
if (result == NULL) {
264
DEBUG(3, ("acl_init failed!\n"));
268
DEBUGADD(10, ("parsing acl entries...\n"));
269
for (i = 0; i < smb_acl->count; i++) {
270
/* XYZ - maybe eliminate this direct access? */
271
const struct smb_acl_entry *smb_entry = &smb_acl->acl[i];
273
acl_perm_t tru64_permset;
275
tru64_tag = smb_tag_to_tru64(smb_entry->a_type);
276
if (tru64_tag == -1) {
277
DEBUG(3, ("smb_tag_to_tru64 failed!\n"));
281
if (tru64_tag == ACL_MASK) {
282
DEBUGADD(10, (" - acl type ACL_MASK: not implemented on Tru64 ==> skipping\n"));
286
tru64_entry = acl_create_entry(&result);
287
if (tru64_entry == NULL) {
288
DEBUG(3, ("acl_create_entry failed: %s\n",
293
if (acl_set_tag_type(tru64_entry, tru64_tag) != 0) {
294
DEBUG(3, ("acl_set_tag_type(%d) failed: %s\n",
299
switch (smb_entry->a_type) {
301
if (acl_set_qualifier(tru64_entry,
302
(int *)&smb_entry->uid) != 0)
304
DEBUG(3, ("acl_set_qualifier failed: %s\n",
308
DEBUGADD(10, (" - setting uid to %d\n", smb_entry->uid));
311
if (acl_set_qualifier(tru64_entry,
312
(int *)&smb_entry->gid) != 0)
314
DEBUG(3, ("acl_set_qualifier failed: %s\n",
318
DEBUGADD(10, (" - setting gid to %d\n", smb_entry->gid));
324
tru64_permset = smb_permset_to_tru64(smb_entry->a_perm);
325
if (tru64_permset == -1) {
326
DEBUG(3, ("smb_permset_to_tru64 failed!\n"));
329
DEBUGADD(10, (" - setting perms to %0d\n", tru64_permset));
330
if (acl_set_permset(tru64_entry, &tru64_permset) != 0)
332
DEBUG(3, ("acl_set_permset failed: %s\n", strerror(errno)));
336
DEBUGADD(10, ("done parsing acl entries\n"));
339
if (acl_valid(result, &tru64_entry) != 0) {
340
DEBUG(1, ("smb_acl_to_tru64_acl: ACL is invalid (%s)\n",
342
if (tru64_entry != NULL) {
343
DEBUGADD(1, ("the acl contains duplicate entries\n"));
347
DEBUGADD(10, ("acl is valid\n"));
349
acl_text = acl_to_text(result, &acl_text_len);
350
if (acl_text == NULL) {
351
DEBUG(3, ("acl_to_text failed: %s\n", strerror(errno)));
354
DEBUG(1, ("acl_text: %s\n", acl_text));
360
if (result != NULL) {
363
DEBUG(1, ("smb_acl_to_tru64_acl failed!\n"));
367
static acl_tag_t smb_tag_to_tru64(SMB_ACL_TAG_T smb_tag)
373
DEBUGADD(10, ("got acl type ACL_USER\n"));
375
case SMB_ACL_USER_OBJ:
376
result = ACL_USER_OBJ;
377
DEBUGADD(10, ("got acl type ACL_USER_OBJ\n"));
381
DEBUGADD(10, ("got acl type ACL_GROUP\n"));
383
case SMB_ACL_GROUP_OBJ:
384
result = ACL_GROUP_OBJ;
385
DEBUGADD(10, ("got acl type ACL_GROUP_OBJ\n"));
389
DEBUGADD(10, ("got acl type ACL_OTHER\n"));
393
DEBUGADD(10, ("got acl type ACL_MASK\n"));
396
DEBUG(1, ("Unknown tag type %d\n", smb_tag));
403
static SMB_ACL_TAG_T tru64_tag_to_smb(acl_tag_t tru64_tag)
405
SMB_ACL_TAG_T smb_tag_type;
408
smb_tag_type = SMB_ACL_USER;
409
DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER\n"));
412
smb_tag_type = SMB_ACL_USER_OBJ;
413
DEBUGADD(10, ("got smb acl tag type SMB_ACL_USER_OBJ\n"));
416
smb_tag_type = SMB_ACL_GROUP;
417
DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP\n"));
420
smb_tag_type = SMB_ACL_GROUP_OBJ;
421
DEBUGADD(10, ("got smb acl tag type SMB_ACL_GROUP_OBJ\n"));
424
smb_tag_type = SMB_ACL_OTHER;
425
DEBUGADD(10, ("got smb acl tag type SMB_ACL_OTHER\n"));
428
smb_tag_type = SMB_ACL_MASK;
429
DEBUGADD(10, ("got smb acl tag type SMB_ACL_MASK\n"));
432
DEBUG(0, ("Unknown tag type %d\n", (unsigned int)tru64_tag));
438
static acl_perm_t smb_permset_to_tru64(SMB_ACL_PERM_T smb_permset)
440
/* originally, I thought that acl_clear_perm was the
441
* proper way to reset the permset to 0. but without
442
* initializing it to 0, acl_clear_perm fails.
443
* so probably, acl_clear_perm is not necessary here... ?! */
444
acl_perm_t tru64_permset = 0;
445
if (acl_clear_perm(&tru64_permset) != 0) {
446
DEBUG(5, ("acl_clear_perm failed: %s\n", strerror(errno)));
449
/* according to original lib/sysacls.c, acl_add_perm is
450
* broken on tru64 ... */
451
tru64_permset |= ((smb_permset & SMB_ACL_READ) ? ACL_READ : 0);
452
tru64_permset |= ((smb_permset & SMB_ACL_WRITE) ? ACL_WRITE : 0);
453
tru64_permset |= ((smb_permset & SMB_ACL_EXECUTE) ? ACL_EXECUTE : 0);
454
return tru64_permset;
457
static SMB_ACL_PERM_T tru64_permset_to_smb(const acl_perm_t tru64_permset)
459
SMB_ACL_PERM_T smb_permset = 0;
460
smb_permset |= ((tru64_permset & ACL_READ) ? SMB_ACL_READ : 0);
461
smb_permset |= ((tru64_permset & ACL_WRITE) ? SMB_ACL_WRITE : 0);
462
smb_permset |= ((tru64_permset & ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0);
467
/* VFS operations structure */
469
static vfs_op_tuple tru64acl_op_tuples[] = {
470
/* Disk operations */
471
{SMB_VFS_OP(tru64acl_sys_acl_get_file),
472
SMB_VFS_OP_SYS_ACL_GET_FILE,
473
SMB_VFS_LAYER_TRANSPARENT},
475
{SMB_VFS_OP(tru64acl_sys_acl_get_fd),
476
SMB_VFS_OP_SYS_ACL_GET_FD,
477
SMB_VFS_LAYER_TRANSPARENT},
479
{SMB_VFS_OP(tru64acl_sys_acl_set_file),
480
SMB_VFS_OP_SYS_ACL_SET_FILE,
481
SMB_VFS_LAYER_TRANSPARENT},
483
{SMB_VFS_OP(tru64acl_sys_acl_set_fd),
484
SMB_VFS_OP_SYS_ACL_SET_FD,
485
SMB_VFS_LAYER_TRANSPARENT},
487
{SMB_VFS_OP(tru64acl_sys_acl_delete_def_file),
488
SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
489
SMB_VFS_LAYER_TRANSPARENT},
496
NTSTATUS vfs_tru64acl_init(void);
497
NTSTATUS vfs_tru64acl_init(void)
499
return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "tru64acl",