[Samba] SOLVED (sort of) : No write permission if POSIX bits 0 on ZFS written by M$ Office - dos_mode returning r

[Nils Goroll]

Hi odi and all,

> I've the same problem on Solaris 10 with samba 3.0.25c, interesting to read 
> that the problem exists also in later versions, due to the fact that I'm using 
> zfs and samba in production I've disabled nt acls on user shared shares with
> 
> nt acl support = no

This is not an option for the installation I work on.

I have more or less solved this issue, though I do think that the code changes 
I've done will need a review (besides the fact that all of the permission 
checking code should be refactored, but AFAIK the core team is working on some 
mayor rewrite for 3.3).

Anyway, some detail:

* The primary issue here is that dos_mode_from_sbuf basically yields R/O if
   the config parameter "map read only" is Yes and the owner does not have
   write permission (irrespective of who the owner is, but that's something
   for the major refactoring work)

   So the first thing to do is to set

	map read only = Permissions

   to actually check the ACLs.

* The second issue is that various places call file_set_dosmode which in
   turn calls umask(). This will most likely destroy your acl if you
   don't use aclmode = passthrough.

   Some of these cases can be avoided by setting

	map archive = no

* The third and fourth issue are umask based access checks in
   can_delete_file_in_directory() and can_access_file()

For the latter, I will attach a patch. Please note that removing the "Quick 
Path" check from can_delete_file_in_directory() changes the semantics of the 
function and will make it slower for many cases.

The change of can_access_file() somehow extends the semantics of "map read 
only", but I think that's OK.

I'll try to find some time to open a bug soon (need to finish off for today, 
almost 11pm here), but maybe obnox or someone else can tell us more about how 
these things are going to be handled in later versions.

Thanks,

Nils

-------------- next part --------------
diff -rub /tmp/samba-3.0.32//source/smbd/posix_acls.c ./source/smbd/posix_acls.c
--- /tmp/samba-3.0.32//source/smbd/posix_acls.c	Mon Aug 25 23:09:21 2008
+++ ./source/smbd/posix_acls.c	Mon Nov 24 21:57:35 2008
@@ -4275,11 +4275,6 @@
 		return True;
 	}
 
-	/* Check primary owner write access. */
-	if (current_user.ut.uid == sbuf.st_uid) {
-		return (sbuf.st_mode & S_IWUSR) ? True : False;
-	}
-
 #ifdef S_ISVTX
 	/* sticky bit means delete only by owner or root. */
 	if (sbuf.st_mode & S_ISVTX) {
@@ -4316,6 +4311,8 @@
 
 BOOL can_access_file(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf, uint32 access_mask)
 {
+	enum mapreadonly_options ro_opts = (enum mapreadonly_options)lp_map_readonly(SNUM(conn));
+
 	if (!(access_mask & (FILE_READ_DATA|FILE_WRITE_DATA))) {
 		return False;
 	}
@@ -4339,7 +4336,8 @@
 	}
 
 	/* Check primary owner access. */
-	if (current_user.ut.uid == psbuf->st_uid) {
+	if ((ro_opts == MAP_READONLY_YES) &&
+	    (current_user.ut.uid == psbuf->st_uid)) {
 		switch (access_mask) {
 			case FILE_READ_DATA:
 				return (psbuf->st_mode & S_IRUSR) ? True : False;