* FIX: afpd: Fix an error when duplicating files that lacked an AppleDouble file
which lead to a possible Finder crash
* FIX: afpd: Read-only filesystems lead to afpd processes running as root
+* FIX: afpd: Fix for filesystem without NFSv4 ACL support on Solaris
* FIX: dbd: Better checking for duplicated or bogus CNIDs from AppleDouble files
* FIX: Fix compilation error when AppleTalk support is disabled
* This is the magic function that makes ACLs usable by calculating
* the access granted by ACEs to the logged in user.
*/
-int acltoownermode(char *path, struct stat *st, struct maccess *ma)
+int acltoownermode(const struct vol *vol, char *path, struct stat *st, struct maccess *ma)
{
EC_INIT;
uint32_t rights = 0;
if ( ! (AFPobj->options.flags & OPTION_ACL2MACCESS)
- || (current_vol == NULL)
- || ! (current_vol->v_flags & AFPVOL_ACLS))
+ || ! (vol->v_flags & AFPVOL_ACLS))
return 0;
LOG(log_maxdebug, logtype_afpd, "acltoownermode(\"%s/%s\", 0x%02x)",
extern int acl_ldap_readconfig(char *name);
/* Misc funcs */
-extern int acltoownermode(char *path, struct stat *st, struct maccess *ma);
+extern int acltoownermode(const struct vol *vol, char *path, struct stat *st, struct maccess *ma);
extern int check_vol_acl_support(const struct vol *vol);
#endif
#undef accessmode
#endif
-void afsmode( path, ma, dir, st )
+void afsmode( vol, path, ma, dir, st )
+const struct volume *vol;
char *path;
struct maccess *ma;
struct dir *dir;
return;
}
- accessmode( path, ma, dir, st );
+ accessmode(vol, path, ma, dir, st );
return;
}
if (!p)
return -1;
- accessmode(p, &ma, curdir, NULL);
+ accessmode(current_vol, p, &ma, curdir, NULL);
if ((mode & OPENACC_WR) && !(ma.ma_user & AR_UWRITE))
return -1;
if ((mode & OPENACC_RD) && !(ma.ma_user & AR_UREAD))
{
struct maccess ma;
- accessmode(path->u_name, &ma, curdir, &path->st);
+ accessmode(current_vol, path->u_name, &ma, curdir, &path->st);
LOG(log_debug, logtype_afpd, "file_access(\"%s\"): mapped user mode: 0x%02x",
path->u_name, ma.ma_user);
break;
case DIRPBIT_ACCESS :
- accessmode( upath, &ma, dir , st);
+ accessmode(vol, upath, &ma, dir , st);
*data++ = ma.ma_user;
*data++ = ma.ma_world;
case DIRPBIT_UNIXPR :
/* accessmode may change st_mode with ACLs */
- accessmode( upath, &ma, dir, st);
+ accessmode(vol, upath, &ma, dir, st);
aint = htonl(st->st_uid);
memcpy( data, &aint, sizeof( aint ));
/* FIXME do we want a visual clue if the file is read only
*/
struct maccess ma;
- accessmode( ".", &ma, dir , NULL);
+ accessmode(vol, ".", &ma, dir , NULL);
if ((ma.ma_user & AR_UWRITE)) {
- accessmode( upath, &ma, dir , st);
+ accessmode(vol, upath, &ma, dir , st);
if (!(ma.ma_user & AR_UWRITE)) {
ashort |= htons(ATTRBIT_NOWRITE);
}
break;
case FILPBIT_UNIXPR :
/* accessmode may change st_mode with ACLs */
- accessmode( upath, &ma, dir , st);
+ accessmode(vol, upath, &ma, dir , st);
aint = htonl(st->st_uid);
memcpy( data, &aint, sizeof( aint ));
*
* dir parameter is used by AFS
*/
-void accessmode(char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st)
+void accessmode(const struct vol *vol, char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st)
{
struct stat sb;
}
utommode( st, ma );
#ifdef HAVE_ACLS
- acltoownermode(path, st, ma);
+ acltoownermode(vol, path, st, ma);
#endif
}
extern int setdirowner (const struct vol *, const char *, const uid_t, const gid_t);
extern int setfilunixmode (const struct vol *, struct path*, const mode_t);
extern int setfilowner (const struct vol *, const uid_t, const gid_t, struct path*);
-extern void accessmode (char *, struct maccess *, struct dir *, struct stat *);
+extern void accessmode (const struct vol *, char *, struct maccess *, struct dir *, struct stat *);
#ifdef AFS
#define accessmode afsmode
if (!S_ISDIR(st.st_mode)) {
continue; /* not a dir */
}
- accessmode(volume->v_path, &ma, NULL, &st);
+ accessmode(volume, volume->v_path, &ma, NULL, &st);
if ((ma.ma_user & (AR_UREAD | AR_USEARCH)) != (AR_UREAD | AR_USEARCH)) {
continue; /* no r-x access */
}
return 0;
if ( ! (S_ISREG(st.st_mode) || S_ISDIR(st.st_mode))) {
- LOG(log_warning, logtype_afpd, "get_nfsv4_acl(\"%s/%s\"): special", getcwdpath(), name);
+ LOG(log_debug, logtype_afpd, "get_nfsv4_acl(\"%s/%s\"): special", getcwdpath(), name);
return 0;
}
if ((ace_count = acl(name, ACE_GETACLCNT, 0, NULL)) == 0) {
- LOG(log_warning, logtype_afpd, "get_nfsv4_acl(\"%s/%s\"): 0 ACEs", getcwdpath(), name);
+ LOG(log_debug, logtype_afpd, "get_nfsv4_acl(\"%s/%s\"): 0 ACEs", getcwdpath(), name);
return 0;
}
if (ace_count == -1) {
- LOG(log_error, logtype_afpd, "get_nfsv4_acl: acl('%s/%s', ACE_GETACLCNT): ace_count %i, error: %s",
+ LOG(log_debug, logtype_afpd, "get_nfsv4_acl: acl('%s/%s', ACE_GETACLCNT): ace_count %i, error: %s",
getcwdpath(), name, ace_count, strerror(errno));
return -1;
}
* Change mode of file preserving existing explicit ACEs
*
* nfsv4_chmod
- * (1) reads objects ACL (acl1)
+ * (1) reads objects ACL (acl1), may return 0 or -1 NFSv4 ACEs on eg UFS fs
* (2) removes all trivial ACEs from the ACL by calling strip_trivial_aces(), possibly
* leaving 0 ACEs in the ACL if there were only trivial ACEs as mapped from the mode
- * (3) calls chmod() with mode
+ * (3) calls chmod() with mode, we're done if step (1) returned 0 for noaces
* (4) reads the changed ACL (acl2) which
* a) might still contain explicit ACEs (up to onnv132)
* b) will have any explicit ACE removed (starting with onnv145/Openindiana)
LOG(log_debug, logtype_afpd, "nfsv4_chmod(\"%s/%s\", %04o)",
getcwdpath(), name, mode);
- if ((noaces = get_nfsv4_acl(name, &oacl)) == -1) /* (1) */
- goto exit;
+ if ((noaces = get_nfsv4_acl(name, &oacl)) < 1) /* (1) */
+ return chmod(name, mode);
+
if ((noaces = strip_trivial_aces(&oacl, noaces)) == -1) /* (2) */
goto exit;