On Thu, Mar 12, 2009 at 02:56:59AM +0100, Günter Kukkukk wrote:
> Am Donnerstag, 12. März 2009 schrieb Jeremy Allison:
> > On Thu, Mar 12, 2009 at 12:56:27AM +0000, tom m. wrote:
> > >
> > > I'm not against doing that, but does add some work: rebuild extended
> > > attribute
> > > support in kernel, change fstab, etc. But if I do this, what will be the
> > > state
> > > of all the attribute bits of existing files? That is, will files marked
> > > Read-only now suddenly be not Read-only? How about System/Hidden files?
> >
> > Yes, you'll lose current DOS attribute mapping, but you'll
> > be much happier in the long run :-).
> >
> > Jeremy.
>
> Hi Jeremy,
> but we have a bug here - the old wellknown "map readonly = Yes" stuff isn't
> working
> anymore. Just did a test on latest v3-3-test.
> Digging deeper now ... it's related to (current) NTCreateAndX
Reproduced - here's the fix. Didn't make 3.3.2 unfortunately, but I'll
create the bug and attach the patch.
Jeremy.
diff --git a/source/smbd/open.c b/source/smbd/open.c
index c89a5f6..064e17c 100644
--- a/source/smbd/open.c
+++ b/source/smbd/open.c
@@ -425,8 +425,26 @@ static NTSTATUS open_file(files_struct *fsp,
&access_granted);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,
NT_STATUS_ACCESS_DENIED)) {
+ /*
+ * On NT_STATUS_ACCESS_DENIED,
access_granted
+ * contains the denied bits.
+ */
+
+ if ((access_mask &
FILE_WRITE_ATTRIBUTES) &&
+ (access_granted &
FILE_WRITE_ATTRIBUTES) &&
+
(lp_map_readonly(SNUM(conn)) ||
+
lp_map_archive(SNUM(conn)) ||
+
lp_map_hidden(SNUM(conn)) ||
+
lp_map_system(SNUM(conn)))) {
+ access_granted &=
~FILE_WRITE_ATTRIBUTES;
+
+ DEBUG(10,("open_file: overrode
FILE_WRITE_ATTRIBUTES "
+ "on file %s\n",
+ path ));
+ }
+
if ((access_mask & DELETE_ACCESS) &&
- (access_granted ==
DELETE_ACCESS) &&
+ (access_granted &
DELETE_ACCESS) &&
can_delete_file_in_directory(conn, path)) {
/* Were we trying to do a stat
open
* for delete and didn't get
DELETE
@@ -436,10 +454,14 @@ static NTSTATUS open_file(files_struct *fsp,
*
http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
* for details. */
- DEBUG(10,("open_file: overrode
ACCESS_DENIED "
+ access_granted &=
~DELETE_ACCESS;
+
+ DEBUG(10,("open_file: overrode
DELETE_ACCESS "
"on file %s\n",
path ));
- } else {
+ }
+
+ if (access_granted != 0) {
DEBUG(10, ("open_file: Access
denied on "
"file %s\n",
path));
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
