The Samba-Bugzilla – Attachment 5153 Details for
Bug 6876
Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Test for for 3.5.0.
look (text/plain), 3.42 KB, created by
Jeremy Allison
on 2010-01-08 18:54:50 UTC
(
hide
)
Description:
Test for for 3.5.0.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2010-01-08 18:54:50 UTC
Size:
3.42 KB
patch
obsolete
>diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c >index 1eec448..5bddbd5 100644 >--- a/source3/modules/vfs_acl_common.c >+++ b/source3/modules/vfs_acl_common.c >@@ -760,6 +760,46 @@ static SMB_STRUCT_DIR *opendir_acl_common(vfs_handle_struct *handle, > return SMB_VFS_NEXT_OPENDIR(handle, fname, mask, attr); > } > >+static int rmdir_acl_common(struct vfs_handle_struct *handle, >+ const char *path) >+{ >+ SMB_STRUCT_STAT sbuf; >+ struct file_id id; >+ files_struct *fsp = NULL; >+ int ret; >+ >+ ret = SMB_VFS_NEXT_RMDIR(handle, path); >+ if (!(ret == -1 && errno == EACCES)) { >+ return ret; >+ } >+ >+ /* Ensure we have this directory open with DELETE access. */ >+ ret = vfs_stat_smb_fname(handle->conn, path, &sbuf); >+ if (ret == -1) { >+ return ret; >+ } >+ >+ id = vfs_file_id_from_sbuf(handle->conn, &sbuf); >+ for (fsp = file_find_di_first(id); fsp; file_find_di_next(fsp)) { >+ if (fsp->access_mask & DELETE_ACCESS) { >+ /* We did open this for delete, >+ * force the delete as root. >+ */ >+ break; >+ } >+ } >+ >+ if (!fsp) { >+ errno = EACCES; >+ return -1; >+ } >+ >+ become_root(); >+ ret = SMB_VFS_NEXT_RMDIR(handle, path); >+ unbecome_root(); >+ return ret; >+} >+ > static NTSTATUS create_file_acl_common(struct vfs_handle_struct *handle, > struct smb_request *req, > uint16_t root_dir_fid, >@@ -857,3 +897,37 @@ static NTSTATUS create_file_acl_common(struct vfs_handle_struct *handle, > /* NOTREACHED */ > return status; > } >+ >+static int unlink_acl_common(struct vfs_handle_struct *handle, >+ const struct smb_filename *smb_fname) >+{ >+ struct file_id id; >+ files_struct *fsp = NULL; >+ int ret; >+ >+ ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname); >+ if (!(ret == -1 && errno == EACCES)) { >+ return ret; >+ } >+ >+ /* Ensure we have this file open with DELETE access. */ >+ id = vfs_file_id_from_sbuf(handle->conn, &smb_fname->st); >+ for (fsp = file_find_di_first(id); fsp; file_find_di_next(fsp)) { >+ if (fsp->access_mask & DELETE_ACCESS) { >+ /* We did open this for delete, >+ * force the delete as root. >+ */ >+ break; >+ } >+ } >+ >+ if (!fsp) { >+ errno = EACCES; >+ return -1; >+ } >+ >+ become_root(); >+ ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname); >+ unbecome_root(); >+ return ret; >+} >diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c >index a1088ab..2afe69d 100644 >--- a/source3/modules/vfs_acl_tdb.c >+++ b/source3/modules/vfs_acl_tdb.c >@@ -265,7 +265,7 @@ static int unlink_acl_tdb(vfs_handle_struct *handle, > goto out; > } > >- ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname_tmp); >+ ret = unlink_acl_common(handle, smb_fname_tmp); > > if (ret == -1) { > goto out; >@@ -413,6 +413,7 @@ static struct vfs_fn_pointers vfs_acl_tdb_fns = { > .connect_fn = connect_acl_tdb, > .opendir = opendir_acl_common, > .mkdir = mkdir_acl_common, >+ .rmdir = rmdir_acl_common, > .open = open_acl_common, > .create_file = create_file_acl_common, > .unlink = unlink_acl_tdb, >diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c >index 625ef91..18f2d42 100644 >--- a/source3/modules/vfs_acl_xattr.c >+++ b/source3/modules/vfs_acl_xattr.c >@@ -199,8 +199,10 @@ static struct vfs_fn_pointers vfs_acl_xattr_fns = { > .connect_fn = connect_acl_xattr, > .opendir = opendir_acl_common, > .mkdir = mkdir_acl_common, >+ .rmdir = rmdir_acl_common, > .open = open_acl_common, > .create_file = create_file_acl_common, >+ .unlink = unlink_acl_common, > .fget_nt_acl = fget_nt_acl_common, > .get_nt_acl = get_nt_acl_common, > .fset_nt_acl = fset_nt_acl_common,
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 6876
:
5153
|
5161
|
5200
|
5299