On Thu, Mar 12, 2009 at 02:56:59AM +0100, Günter Kukkukk wrote: > Am Donnerstag, 12. März 2009 schrieb Jeremy Allison: > > On Thu, Mar 12, 2009 at 12:56:27AM +0000, tom m. wrote: > > > > > > I'm not against doing that, but does add some work: rebuild extended > > > attribute > > > support in kernel, change fstab, etc. But if I do this, what will be the > > > state > > > of all the attribute bits of existing files? That is, will files marked > > > Read-only now suddenly be not Read-only? How about System/Hidden files? > > > > Yes, you'll lose current DOS attribute mapping, but you'll > > be much happier in the long run :-). > > > > Jeremy. > > Hi Jeremy, > but we have a bug here - the old wellknown "map readonly = Yes" stuff isn't > working > anymore. Just did a test on latest v3-3-test. > Digging deeper now ... it's related to (current) NTCreateAndX
Reproduced - here's the fix. Didn't make 3.3.2 unfortunately, but I'll create the bug and attach the patch. Jeremy.
diff --git a/source/smbd/open.c b/source/smbd/open.c index c89a5f6..064e17c 100644 --- a/source/smbd/open.c +++ b/source/smbd/open.c @@ -425,8 +425,26 @@ static NTSTATUS open_file(files_struct *fsp, &access_granted); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + /* + * On NT_STATUS_ACCESS_DENIED, access_granted + * contains the denied bits. + */ + + if ((access_mask & FILE_WRITE_ATTRIBUTES) && + (access_granted & FILE_WRITE_ATTRIBUTES) && + (lp_map_readonly(SNUM(conn)) || + lp_map_archive(SNUM(conn)) || + lp_map_hidden(SNUM(conn)) || + lp_map_system(SNUM(conn)))) { + access_granted &= ~FILE_WRITE_ATTRIBUTES; + + DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES " + "on file %s\n", + path )); + } + if ((access_mask & DELETE_ACCESS) && - (access_granted == DELETE_ACCESS) && + (access_granted & DELETE_ACCESS) && can_delete_file_in_directory(conn, path)) { /* Were we trying to do a stat open * for delete and didn't get DELETE @@ -436,10 +454,14 @@ static NTSTATUS open_file(files_struct *fsp, * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx * for details. */ - DEBUG(10,("open_file: overrode ACCESS_DENIED " + access_granted &= ~DELETE_ACCESS; + + DEBUG(10,("open_file: overrode DELETE_ACCESS " "on file %s\n", path )); - } else { + } + + if (access_granted != 0) { DEBUG(10, ("open_file: Access denied on " "file %s\n", path));
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba