1/* 2 Unix SMB/CIFS implementation. 3 4 POSIX NTVFS backend - NT ACLs in xattrs 5 6 Copyright (C) Andrew Tridgell 2006 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 3 of the License, or 11 (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program. If not, see <http://www.gnu.org/licenses/>. 20*/ 21 22#include "includes.h" 23#include "vfs_posix.h" 24#include "../lib/util/unix_privs.h" 25#include "librpc/gen_ndr/ndr_xattr.h" 26 27/* 28 load the current ACL from extended attributes 29*/ 30static NTSTATUS pvfs_acl_load_xattr(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd, 31 TALLOC_CTX *mem_ctx, 32 struct security_descriptor **sd) 33{ 34 NTSTATUS status; 35 struct xattr_NTACL *acl; 36 37 if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) { 38 return NT_STATUS_NOT_FOUND; 39 } 40 41 acl = talloc_zero(mem_ctx, struct xattr_NTACL); 42 NT_STATUS_HAVE_NO_MEMORY(acl); 43 44 status = pvfs_xattr_ndr_load(pvfs, mem_ctx, name->full_name, fd, 45 XATTR_NTACL_NAME, 46 acl, 47 (ndr_pull_flags_fn_t)ndr_pull_xattr_NTACL); 48 49 if (!NT_STATUS_IS_OK(status)) { 50 talloc_free(acl); 51 return status; 52 } 53 54 if (acl->version != 1) { 55 talloc_free(acl); 56 return NT_STATUS_INVALID_ACL; 57 } 58 59 *sd = talloc_steal(mem_ctx, acl->info.sd); 60 61 return NT_STATUS_OK; 62} 63 64/* 65 save the acl for a file into filesystem xattr 66*/ 67static NTSTATUS pvfs_acl_save_xattr(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd, 68 struct security_descriptor *sd) 69{ 70 NTSTATUS status; 71 void *privs; 72 struct xattr_NTACL acl; 73 74 if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) { 75 return NT_STATUS_OK; 76 } 77 78 acl.version = 1; 79 acl.info.sd = sd; 80 81 /* this xattr is in the "system" namespace, so we need 82 admin privileges to set it */ 83 privs = root_privileges(); 84 status = pvfs_xattr_ndr_save(pvfs, name->full_name, fd, 85 XATTR_NTACL_NAME, 86 &acl, 87 (ndr_push_flags_fn_t)ndr_push_xattr_NTACL); 88 talloc_free(privs); 89 return status; 90} 91 92 93/* 94 initialise pvfs acl xattr backend 95*/ 96NTSTATUS pvfs_acl_xattr_init(void) 97{ 98 struct pvfs_acl_ops ops = { 99 .name = "xattr", 100 .acl_load = pvfs_acl_load_xattr, 101 .acl_save = pvfs_acl_save_xattr 102 }; 103 return pvfs_acl_register(&ops); 104} 105