diff options
author | Ralph Boehme <slow@samba.org> | 2017-10-23 12:46:07 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2017-11-08 00:20:08 +0100 |
commit | 8b1b1cd8cc561378058b915e03996ff567355d81 (patch) | |
tree | 1a0f13b2a029b05119bb9b7e6b5c653f316f8a4f /source3/modules | |
parent | 0fdbe624fd708f372b9a1fe4176e04ebb1b040d6 (diff) | |
download | samba-8b1b1cd8cc561378058b915e03996ff567355d81.tar.gz |
vfs_nfs4acl_xattr: implement take-ownership as in vfs_acl_common
This allows take-ownership to work if the user has SEC_STD_WRITE_OWNER.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/modules')
-rw-r--r-- | source3/modules/vfs_nfs4acl_xattr.c | 55 |
1 files changed, 52 insertions, 3 deletions
diff --git a/source3/modules/vfs_nfs4acl_xattr.c b/source3/modules/vfs_nfs4acl_xattr.c index 9c0c87f6331..d4f4d47635e 100644 --- a/source3/modules/vfs_nfs4acl_xattr.c +++ b/source3/modules/vfs_nfs4acl_xattr.c @@ -359,9 +359,11 @@ static NTSTATUS nfs4acl_xattr_fset_nt_acl(vfs_handle_struct *handle, const struct security_descriptor *psd) { struct nfs4acl_config *config = NULL; + const struct security_token *token = NULL; mode_t existing_mode; mode_t expected_mode; mode_t restored_mode; + bool chown_needed = false; NTSTATUS status; int ret; @@ -416,11 +418,58 @@ static NTSTATUS nfs4acl_xattr_fset_nt_acl(vfs_handle_struct *handle, security_info_sent, psd, nfs4acl_smb4acl_set_fn); - if (!NT_STATUS_IS_OK(status)) { - return status; + if (NT_STATUS_IS_OK(status)) { + return NT_STATUS_OK; } - return NT_STATUS_OK; + /* + * We got access denied. If we're already root, or we didn't + * need to do a chown, or the fsp isn't open with WRITE_OWNER + * access, just return. + */ + + if ((security_info_sent & SECINFO_OWNER) && + (psd->owner_sid != NULL)) + { + chown_needed = true; + } + if ((security_info_sent & SECINFO_GROUP) && + (psd->group_sid != NULL)) + { + chown_needed = true; + } + + if (get_current_uid(handle->conn) == 0 || + chown_needed == false || + !(fsp->access_mask & SEC_STD_WRITE_OWNER)) + { + return NT_STATUS_ACCESS_DENIED; + } + + /* + * Only allow take-ownership, not give-ownership. That's the way Windows + * implements SEC_STD_WRITE_OWNER. MS-FSA 2.1.5.16 just states: If + * InputBuffer.OwnerSid is not a valid owner SID for a file in the + * objectstore, as determined in an implementation specific manner, the + * object store MUST return STATUS_INVALID_OWNER. + */ + token = get_current_nttok(fsp->conn); + if (!security_token_is_sid(token, psd->owner_sid)) { + return NT_STATUS_INVALID_OWNER; + } + + DBG_DEBUG("overriding chown on file %s for sid %s\n", + fsp_str_dbg(fsp), sid_string_tos(psd->owner_sid)); + + become_root(); + status = smb_set_nt_acl_nfs4(handle, + fsp, + &config->nfs4_params, + security_info_sent, + psd, + nfs4acl_smb4acl_set_fn); + unbecome_root(); + return status; } static int nfs4acl_connect(struct vfs_handle_struct *handle, |