diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2008-08-07 20:20:03 +0400 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2008-08-07 20:20:03 +0400 |
| commit | b2d3f28fdab9867e371998b40f3951a7bfba5998 (patch) | |
| tree | 7968ffe1cada740b7ec96ae4ea6d13ca353aae63 /winsup/cygwin | |
| parent | af15c95e707cfc911400d40d1a1109727dcabcf3 (diff) | |
* fhandler.cc (fhandler_base::open): Use Samba workaround generally
for all remote filesystems supporting ACLs. Change comment and
explain why. Refer to the discussion which led to this.
Diffstat (limited to 'winsup/cygwin')
| -rw-r--r-- | winsup/cygwin/ChangeLog | 6 | ||||
| -rw-r--r-- | winsup/cygwin/fhandler.cc | 38 |
2 files changed, 27 insertions, 17 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index e72a51388..7381e3d5a 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,9 @@ +2008-08-07 Corinna Vinschen <corinna@vinschen.de> + + * fhandler.cc (fhandler_base::open): Use Samba workaround generally + for all remote filesystems supporting ACLs. Change comment and + explain why. Refer to the discussion which led to this. + 2008-08-05 Brian Dessent <brian@dessent.net> * config/i386/profile.h (mcount): Mark asms volatile. diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc index f99876d69..0f75ea7f5 100644 --- a/winsup/cygwin/fhandler.cc +++ b/winsup/cygwin/fhandler.cc @@ -573,8 +573,9 @@ fhandler_base::open (int flags, mode_t mode) file_attributes |= FILE_ATTRIBUTE_READONLY; /* If the file should actually be created and has ACLs, - set files attributes, except on Samba. See below. */ - if (has_acls () && !pc.fs_is_samba ()) + set files attributes, except on remote file systems. + See below. */ + if (has_acls () && !pc.isremote ()) { set_security_attribute (mode, &sa, sd); attr.SecurityDescriptor = sa.lpSecurityDescriptor; @@ -619,21 +620,24 @@ fhandler_base::open (int flags, mode_t mode) goto done; } - /* Samba weirdness: - The local user SID is used in set_security_attribute, but the - actual owner on the Samba share is the SID of the Unix account. - There's no transparent mapping between these accounts. - - FIXME: Really? - - And Samba has a strange behaviour when creating a file. Apparently - it *first* creates the file, *then* it looks if the security - descriptor matches. The result is that the file gets created, but - then NtCreateFile doesn't return a handle to the file and fails - with STATUS_ACCESS_DENIED. That's why we first create the file - with default SD and afterwards set the permissions while ignoring - the owner and group. */ - if ((flags & O_CREAT) && has_acls () && pc.fs_is_samba ()) + /* After some discussion on the samba-technical list, starting here: + http://lists.samba.org/archive/samba-technical/2008-July/060247.html + + Always create files on a remote share using a NULL SD. Create + correct permission bits afterwards, maintaing the owner and group + information just like chmod. + + The reason to do this is to maintain the Windows behaviour when + creating files on a remote share. Files on a remote share are + created as the user used for authentication. In a domain that's + usually the user you're logged in as. Outside of a domain you're + authenticating using a local user account on the sharing machine. + If the SIDs of the client machine are used, that's entirely + unexpected behaviour. + + Doing it like we do here creates the expected SD in a domain as + well as on standalone servers. */ + if ((flags & O_CREAT) && has_acls () && pc.isremote ()) set_file_attribute (fh, pc, ILLEGAL_UID, ILLEGAL_GID, mode); set_io_handle (fh); |