Line data    Source code

       1             : /* 
       2             :  * Fake Perms VFS module.  Implements passthrough operation of all VFS
       3             :  * calls to disk functions, except for file permissions, which are now
       4             :  * mode 0700 for the current uid/gid.
       5             :  *
       6             :  * Copyright (C) Tim Potter, 1999-2000
       7             :  * Copyright (C) Alexander Bokovoy, 2002
       8             :  * Copyright (C) Andrew Bartlett, 2002
       9             :  *
      10             :  * This program is free software; you can redistribute it and/or modify
      11             :  * it under the terms of the GNU General Public License as published by
      12             :  * the Free Software Foundation; either version 3 of the License, or
      13             :  * (at your option) any later version.
      14             :  *  
      15             :  * This program is distributed in the hope that it will be useful,
      16             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      17             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      18             :  * GNU General Public License for more details.
      19             :  *  
      20             :  * You should have received a copy of the GNU General Public License
      21             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      22             :  */
      23             : 
      24             : #include "includes.h"
      25             : #include "smbd/smbd.h"
      26             : #include "system/filesys.h"
      27             : #include "auth.h"
      28             : 
      29             : #undef DBGC_CLASS
      30             : #define DBGC_CLASS DBGC_VFS
      31             : 
      32           0 : static int fake_perms_stat(vfs_handle_struct *handle,
      33             :                            struct smb_filename *smb_fname)
      34             : {
      35             :         int ret;
      36             : 
      37           0 :         ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
      38           0 :         if (ret != 0) {
      39           0 :                 return ret;
      40             :         }
      41             : 
      42           0 :         if (S_ISDIR(smb_fname->st.st_ex_mode)) {
      43           0 :                 smb_fname->st.st_ex_mode = S_IFDIR | S_IRWXU;
      44             :         } else {
      45           0 :                 smb_fname->st.st_ex_mode = S_IRWXU;
      46             :         }
      47             : 
      48           0 :         if (handle->conn->session_info != NULL) {
      49             :                 struct security_unix_token *utok;
      50             : 
      51           0 :                 utok = handle->conn->session_info->unix_token;
      52           0 :                 smb_fname->st.st_ex_uid = utok->uid;
      53           0 :                 smb_fname->st.st_ex_gid = utok->gid;
      54             :         } else {
      55             :                 /*
      56             :                  * We have an artificial connection for dfs for example. It
      57             :                  * sucks, but the current uid/gid is the best we have.
      58             :                  */
      59           0 :                 smb_fname->st.st_ex_uid = geteuid();
      60           0 :                 smb_fname->st.st_ex_gid = getegid();
      61             :         }
      62             : 
      63           0 :         return ret;
      64             : }
      65             : 
      66           0 : static int fake_perms_fstat(vfs_handle_struct *handle, files_struct *fsp, SMB_STRUCT_STAT *sbuf)
      67             : {
      68             :         int ret;
      69             : 
      70           0 :         ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
      71           0 :         if (ret != 0) {
      72           0 :                 return ret;
      73             :         }
      74             : 
      75           0 :         if (S_ISDIR(sbuf->st_ex_mode)) {
      76           0 :                 sbuf->st_ex_mode = S_IFDIR | S_IRWXU;
      77             :         } else {
      78           0 :                 sbuf->st_ex_mode = S_IRWXU;
      79             :         }
      80           0 :         if (handle->conn->session_info != NULL) {
      81             :                 struct security_unix_token *utok;
      82             : 
      83           0 :                 utok = handle->conn->session_info->unix_token;
      84           0 :                 sbuf->st_ex_uid = utok->uid;
      85           0 :                 sbuf->st_ex_gid = utok->gid;
      86             :         } else {
      87             :                 /*
      88             :                  * We have an artificial connection for dfs for example. It
      89             :                  * sucks, but the current uid/gid is the best we have.
      90             :                  */
      91           0 :                 sbuf->st_ex_uid = geteuid();
      92           0 :                 sbuf->st_ex_gid = getegid();
      93             :         }
      94             : 
      95           0 :         return ret;
      96             : }
      97             : 
      98             : static struct vfs_fn_pointers vfs_fake_perms_fns = {
      99             :         .stat_fn = fake_perms_stat,
     100             :         .fstat_fn = fake_perms_fstat
     101             : };
     102             : 
     103             : static_decl_vfs;
     104          27 : NTSTATUS vfs_fake_perms_init(TALLOC_CTX *ctx)
     105             : {
     106          27 :         return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "fake_perms",
     107             :                                 &vfs_fake_perms_fns);
     108             : }