[cifs-protocol] [MS-SMB 2.2.1.1.1 <6>] Opening previous version of a file with WRITE access
Ralph Böhme
slow at samba.org
Fri Nov 16 18:46:34 UTC 2018
Hello dochelp,
I was debuging an interesting problem in the context previous versions of a file
on a Samba server, opened from a Windows client.
The unexpected client behaviour I obverved was a Windows 2016 client opening a
previous version of a file over SMB2 for reading *and* writing (Access Mask:
0x0012019f). pcap available on request.
With Samba this fails, in the specific configuration involving the VFS module
shadow_copy2 with ZFS snapshots on FreeBSD, as we map the SMB layer access mask
to O_RDWR for the POSIX open and when calling open() on the file in a ZFS
snapshot with mode=O_RDWR, unsurprisingly this fails with EROFS.
Now the interesting part.
The same open of a previous version of a file over SMB2 against a Windows 2016
server succeeds, *but* then a subsequent write on the handle files with
STATUS_MEDIA_WRITE_PROTECTED, pcap attached. I've reproduced this with a Samba
smbtorture test as client, cf attached pcap "twrp_write_w16.pcapng" packet 18.
The only section I could find in the protocol documentation dealing with opens
of previous versions and the requested access mask is [MS-SMB 2.2.1.1.1 <6>]
where we read:
When enabled previous versions of files are accessible as read-only.
Related to this question is how a server is supposed to return effective
permissions of a previous version of a file. In the attached pcap the Windows
2016 server return "Access Mask: 0x001f01ff".
Questions:
1. What is the expected behaviour for an SMB server for opens of previous
version of a file with regard to the desired access bits? Is this documented
anywhere in the protocol documentation?
2. What is the expected behaviour for an SMB server for opens of previous
version of a file with regard to queries for effective permissions? Is this
documented anywhere in the protocol documentation?
Thanks a lot!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
Samba Developer, SerNet GmbH https://sernet.de/en/samba/
GPG Key Fingerprint: FAE2 C608 8A24 2520 51C5
59E4 AA1E 9B71 2639 9E46
-------------- next part --------------
A non-text attachment was scrubbed...
Name: twrp_write_w16.pcapng
Type: application/octet-stream
Size: 2583 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20181116/78eabf33/twrp_write_w16.obj>
More information about the cifs-protocol
mailing list