diff options
| author | Ralph Boehme <slow@samba.org> | 2016-08-24 10:01:17 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2016-09-16 12:05:33 +0200 |
| commit | b6519fdd17055a1a14fba859a888ab311c7267fd (patch) | |
| tree | 4f08c5ddcc85fa80191210b828bbbc148b2a40be | |
| parent | 7a831473bbec59b6317be763df90d9015afa2b33 (diff) | |
| download | samba-b6519fdd17055a1a14fba859a888ab311c7267fd.tar.gz | |
vfs_acl_tdb|xattr: use a config handle
Better for performance and a subsequent commit will add one more option
where this will pay off.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)
| -rw-r--r-- | source3/modules/vfs_acl_common.c | 50 | ||||
| -rw-r--r-- | source3/modules/vfs_acl_tdb.c | 7 | ||||
| -rw-r--r-- | source3/modules/vfs_acl_xattr.c | 7 |
3 files changed, 54 insertions, 10 deletions
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index 4d357e76546..4227c0f34d7 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -46,6 +46,34 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle, SECINFO_DACL | \ SECINFO_SACL) +struct acl_common_config { + bool ignore_system_acls; +}; + +static bool init_acl_common_config(vfs_handle_struct *handle) +{ + struct acl_common_config *config = NULL; + + config = talloc_zero(handle->conn, struct acl_common_config); + if (config == NULL) { + DBG_ERR("talloc_zero() failed\n"); + errno = ENOMEM; + return false; + } + + config->ignore_system_acls = lp_parm_bool(SNUM(handle->conn), + ACL_MODULE_NAME, + "ignore system acls", + false); + + SMB_VFS_HANDLE_SET_DATA(handle, config, NULL, + struct acl_common_config, + return false); + + return true; +} + + /******************************************************************* Hash a security descriptor. *******************************************************************/ @@ -505,14 +533,15 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx, struct security_descriptor *psd_fs = NULL; char *sys_acl_blob_description = NULL; DATA_BLOB sys_acl_blob = { 0 }; - bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn), - ACL_MODULE_NAME, - "ignore system acls", - false); + struct acl_common_config *config = NULL; *ppsd = NULL; *psd_is_from_fs = false; + SMB_VFS_HANDLE_GET_DATA(handle, config, + struct acl_common_config, + return NT_STATUS_UNSUCCESSFUL); + status = parse_acl_blob(blob, mem_ctx, &psd_blob, @@ -538,7 +567,7 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; case 3: case 4: - if (ignore_file_system_acl) { + if (config->ignore_system_acls) { *ppsd = psd_blob; return NT_STATUS_OK; } @@ -682,11 +711,12 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, DATA_BLOB blob = data_blob_null; NTSTATUS status; struct security_descriptor *psd = NULL; - bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn), - ACL_MODULE_NAME, - "ignore system acls", - false); bool psd_is_from_fs = false; + struct acl_common_config *config = NULL; + + SMB_VFS_HANDLE_GET_DATA(handle, config, + struct acl_common_config, + return NT_STATUS_UNSUCCESSFUL); if (fsp && name == NULL) { name = fsp->fsp_name->base_name; @@ -781,7 +811,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle, } is_directory = S_ISDIR(psbuf->st_ex_mode); - if (ignore_file_system_acl) { + if (config->ignore_system_acls) { TALLOC_FREE(psd); status = make_default_filesystem_acl(mem_ctx, name, diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c index 1537ba32f9c..d2417d7a714 100644 --- a/source3/modules/vfs_acl_tdb.c +++ b/source3/modules/vfs_acl_tdb.c @@ -305,6 +305,7 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle, const char *user) { int ret = SMB_VFS_NEXT_CONNECT(handle, service, user); + bool ok; if (ret < 0) { return ret; @@ -315,6 +316,12 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle, return -1; } + ok = init_acl_common_config(handle); + if (!ok) { + DBG_ERR("init_acl_common_config failed\n"); + return -1; + } + /* Ensure we have the parameters correct if we're * using this module. */ DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' " diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c index c1b0a60e16a..ae032c8bd5b 100644 --- a/source3/modules/vfs_acl_xattr.c +++ b/source3/modules/vfs_acl_xattr.c @@ -180,11 +180,18 @@ static int connect_acl_xattr(struct vfs_handle_struct *handle, const char *user) { int ret = SMB_VFS_NEXT_CONNECT(handle, service, user); + bool ok; if (ret < 0) { return ret; } + ok = init_acl_common_config(handle); + if (!ok) { + DBG_ERR("init_acl_common_config failed\n"); + return -1; + } + /* Ensure we have the parameters correct if we're * using this module. */ DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' " |