Line data    Source code

       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    POSIX NTVFS backend - NT ACLs in xattrs
       5             : 
       6             :    Copyright (C) Andrew Tridgell 2006
       7             : 
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             :    
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             :    
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "vfs_posix.h"
      24             : #include "../lib/util/unix_privs.h"
      25             : #include "librpc/gen_ndr/ndr_xattr.h"
      26             : 
      27             : NTSTATUS pvfs_acl_xattr_init(TALLOC_CTX *);
      28             : 
      29             : /*
      30             :   load the current ACL from extended attributes
      31             : */
      32        1660 : static NTSTATUS pvfs_acl_load_xattr(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd,
      33             :                                     TALLOC_CTX *mem_ctx,
      34             :                                     struct security_descriptor **sd)
      35             : {
      36           0 :         NTSTATUS status;
      37           0 :         struct xattr_NTACL *acl;
      38             : 
      39        1660 :         if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) {
      40           0 :                 return NT_STATUS_NOT_FOUND;
      41             :         }
      42             : 
      43        1660 :         acl = talloc_zero(mem_ctx, struct xattr_NTACL);
      44        1660 :         NT_STATUS_HAVE_NO_MEMORY(acl);
      45             : 
      46        1660 :         status = pvfs_xattr_ndr_load(pvfs, mem_ctx, name->full_name, fd, 
      47             :                                      XATTR_NTACL_NAME,
      48             :                                      acl, (void *) ndr_pull_xattr_NTACL);
      49             : 
      50        1660 :         if (!NT_STATUS_IS_OK(status)) {
      51         786 :                 talloc_free(acl);
      52         786 :                 return status;
      53             :         }
      54             : 
      55         874 :         if (acl->version != 1) {
      56           0 :                 talloc_free(acl);
      57           0 :                 return NT_STATUS_INVALID_ACL;
      58             :         }
      59             :         
      60         874 :         *sd = talloc_steal(mem_ctx, acl->info.sd);
      61             : 
      62         874 :         return NT_STATUS_OK;
      63             : }
      64             : 
      65             : /*
      66             :   save the acl for a file into filesystem xattr
      67             : */
      68         614 : static NTSTATUS pvfs_acl_save_xattr(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd,
      69             :                                     struct security_descriptor *sd)
      70             : {
      71           0 :         NTSTATUS status;
      72           0 :         void *privs;
      73           0 :         struct xattr_NTACL acl;
      74             : 
      75         614 :         if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) {
      76           0 :                 return NT_STATUS_OK;
      77             :         }
      78             : 
      79         614 :         acl.version = 1;
      80         614 :         acl.info.sd = sd;
      81             : 
      82             :         /* this xattr is in the "system" namespace, so we need
      83             :            admin privileges to set it */
      84         614 :         privs = root_privileges();
      85         614 :         status = pvfs_xattr_ndr_save(pvfs, name->full_name, fd, 
      86             :                                      XATTR_NTACL_NAME, 
      87             :                                      &acl, (void *) ndr_push_xattr_NTACL);
      88         614 :         talloc_free(privs);
      89         614 :         return status;
      90             : }
      91             : 
      92             : 
      93             : /*
      94             :   initialise pvfs acl xattr backend
      95             : */
      96           4 : NTSTATUS pvfs_acl_xattr_init(TALLOC_CTX *ctx)
      97             : {
      98           4 :         struct pvfs_acl_ops ops = {
      99             :                 .name = "xattr",
     100             :                 .acl_load = pvfs_acl_load_xattr,
     101             :                 .acl_save = pvfs_acl_save_xattr
     102             :         };
     103           4 :         return pvfs_acl_register(ctx, &ops);
     104             : }