From 82611d3983cc5b7f0fb000abcb51e19af2432455 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 6 Feb 2020 15:55:13 -0800
Subject: [PATCH 1/2] s3: DFS: Don't allow link creation on a read-only share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14269

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit b4195cd488e1366887acfea6ae03bf4198514a15)
---
 source3/smbd/msdfs.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 75ad2d9223b..fd58a255869 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -1432,6 +1432,16 @@ bool create_msdfs_link(const struct junction_map *jucn,
 		goto out;
 	}
 
+	if (!CAN_WRITE(conn)) {
+		const struct loadparm_substitution *lp_sub =
+			loadparm_s3_global_substitution();
+		int snum = lp_servicenumber(jucn->service_name);
+
+		DBG_WARNING("Can't create DFS entry on read-only share %s\n",
+			lp_servicename(frame, lp_sub, snum));
+		goto out;
+	}
+
 	smb_fname = synthetic_smb_fname(frame,
 				path,
 				NULL,
-- 
2.25.0.265.gbab2e86ba0-goog


From 7bc2aadb2dfc4fe6a63cb8433108572d86492704 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 6 Feb 2020 16:20:59 -0800
Subject: [PATCH 2/2] s3: DFS: Don't allow link deletion on a read-only share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14269

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0450593e38d62fe0b925d789486517ade31fe3c6)
---
 source3/smbd/msdfs.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index fd58a255869..8f355d3a2c9 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -1504,6 +1504,17 @@ bool remove_msdfs_link(const struct junction_map *jucn,
 		return false;
 	}
 
+	if (!CAN_WRITE(conn)) {
+		const struct loadparm_substitution *lp_sub =
+			loadparm_s3_global_substitution();
+		int snum = lp_servicenumber(jucn->service_name);
+
+		DBG_WARNING("Can't remove DFS entry on read-only share %s\n",
+			lp_servicename(frame, lp_sub, snum));
+		TALLOC_FREE(frame);
+		return false;
+	}
+
 	smb_fname = synthetic_smb_fname(frame,
 					path,
 					NULL,
-- 
2.25.0.265.gbab2e86ba0-goog