svn commit: samba r14378 - in branches/tmp/vl-posixacls/source: . include modules

vlendec at samba.org vlendec at samba.org
Tue Mar 14 14:29:42 GMT 2006 

Author: vlendec
Date: 2006-03-14 14:29:41 +0000 (Tue, 14 Mar 2006)
New Revision: 14378

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14378

Log:
Writing an ACL seems to work as well.

Build the module static if we have POSIX_ACLs.

Now to look where to automagically add this module at the end of every module
chain.

My idea is that we statically build appropriate modules for all the different
APIs and auto-add them as vfs modules.

Volker

Modified:
   branches/tmp/vl-posixacls/source/configure.in
   branches/tmp/vl-posixacls/source/include/smb_acls.h
   branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c


Changeset:
Modified: branches/tmp/vl-posixacls/source/configure.in
===================================================================
--- branches/tmp/vl-posixacls/source/configure.in	2006-03-14 13:58:17 UTC (rev 14377)
+++ branches/tmp/vl-posixacls/source/configure.in	2006-03-14 14:29:41 UTC (rev 14378)
@@ -491,7 +491,7 @@
 default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_lsa_ds rpc_wks rpc_svcctl rpc_ntsvcs rpc_net rpc_netdfs rpc_srv rpc_spoolss rpc_eventlog auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin"
 
 dnl These are preferably build shared, and static if dlopen() is not available
-default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy charset_CP850 charset_CP437 auth_script vfs_posixacl"
+default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy charset_CP850 charset_CP437 auth_script"
 
 if test "x$developer" = xyes; then
    default_static_modules="$default_static_modules rpc_echo"
@@ -4609,6 +4609,10 @@
   AC_MSG_RESULT(no)
 )
 
+if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
+   default_static_modules="$default_static_modules vfs_posixacl"
+fi
+
 #################################################
 # check for AIO support
 

Modified: branches/tmp/vl-posixacls/source/include/smb_acls.h
===================================================================
--- branches/tmp/vl-posixacls/source/include/smb_acls.h	2006-03-14 13:58:17 UTC (rev 14377)
+++ branches/tmp/vl-posixacls/source/include/smb_acls.h	2006-03-14 14:29:41 UTC (rev 14378)
@@ -42,7 +42,7 @@
 
 struct smb_acl_entry {
 	enum smb_acl_tag_t a_type;
-	mode_t a_perm;
+	SMB_ACL_PERM_T a_perm;
 	uid_t uid;
 	gid_t gid;
 };

Modified: branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c
===================================================================
--- branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c	2006-03-14 13:58:17 UTC (rev 14377)
+++ branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c	2006-03-14 14:29:41 UTC (rev 14378)
@@ -84,9 +84,9 @@
 		return False;
 	}
 	ace->a_perm = 0;
-	ace->a_perm |= (acl_get_perm(permset, ACL_READ) ? S_IRUSR : 0);
-	ace->a_perm |= (acl_get_perm(permset, ACL_WRITE) ? S_IWUSR : 0);
-	ace->a_perm |= (acl_get_perm(permset, ACL_EXECUTE) ? S_IXUSR : 0);
+	ace->a_perm |= (acl_get_perm(permset, ACL_READ) ? SMB_ACL_READ : 0);
+	ace->a_perm |= (acl_get_perm(permset, ACL_WRITE) ? SMB_ACL_WRITE : 0);
+	ace->a_perm |= (acl_get_perm(permset, ACL_EXECUTE) ? SMB_ACL_EXECUTE : 0);
 	return True;
 }
 
@@ -170,26 +170,29 @@
 	return result;
 }
 
-static int smb_acl_set_mode(acl_entry_t entry, mode_t mode)
+static int smb_acl_set_mode(acl_entry_t entry, SMB_ACL_PERM_T perm)
 {
         int ret;
-        acl_permset_t permset = NULL;
-        ret = acl_clear_perms(permset);
-        if (ret != 0) {
-                return ret;
+        acl_permset_t permset;
+
+	if ((ret = acl_get_permset(entry, &permset)) != 0) {
+		return ret;
 	}
-        if ((mode & S_IRUSR) &&
-            ((ret = acl_add_perm(permset, ACL_READ)) != 0)) {
+        if ((ret = acl_clear_perms(permset)) != 0) {
                 return ret;
 	}
-        if ((mode & S_IWUSR) &&
-            ((ret = acl_add_perm(permset, ACL_WRITE)) != 0)) {
-                return ret;
+        if ((perm & SMB_ACL_READ) &&
+	    ((ret = acl_add_perm(permset, ACL_READ)) != 0)) {
+		return ret;
 	}
-        if ((mode & S_IXUSR) &&
-            ((ret = acl_add_perm(permset, ACL_EXECUTE)) != 0)) {
-                return ret;
+        if ((perm & SMB_ACL_WRITE) &&
+	    ((ret = acl_add_perm(permset, ACL_WRITE)) != 0)) {
+		return ret;
 	}
+        if ((perm & SMB_ACL_EXECUTE) &&
+	    ((ret = acl_add_perm(permset, ACL_EXECUTE)) != 0)) {
+		return ret;
+	}
         return acl_set_permset(entry, permset);
 }
 
@@ -200,6 +203,7 @@
 
 	result = acl_init(acl->count);
 	if (result == NULL) {
+		DEBUG(10, ("acl_init failed\n"));
 		return NULL;
 	}
 
@@ -215,27 +219,15 @@
 		}
 
 		switch (entry->a_type) {
-		case SMB_ACL_USER: {
+		case SMB_ACL_USER:
 			tag = ACL_USER;
-			if (acl_set_qualifier(e, &entry->uid) != 0) {
-				DEBUG(1, ("acl_set_qualifiier failed: %s\n",
-					  strerror(errno)));
-				goto fail;
-			}
 			break;
-		}
 		case SMB_ACL_USER_OBJ:
 			tag = ACL_USER_OBJ;
 			break;
-		case SMB_ACL_GROUP: {
+		case SMB_ACL_GROUP:
 			tag = ACL_GROUP;
-			if (acl_set_qualifier(e, &entry->gid) != 0) {
-				DEBUG(1, ("acl_set_qualifiier failed: %s\n",
-					  strerror(errno)));
-				goto fail;
-			}
 			break;
-		}
 		case SMB_ACL_GROUP_OBJ:
 			tag = ACL_GROUP_OBJ;
 			break;
@@ -251,9 +243,30 @@
 		}
 
 		if (acl_set_tag_type(e, tag) != 0) {
+			DEBUG(10, ("acl_set_tag_type(%d) failed: %s\n",
+				   tag, strerror(errno)));
 			goto fail;
 		}
 
+		switch (entry->a_type) {
+		case SMB_ACL_USER:
+			if (acl_set_qualifier(e, &entry->uid) != 0) {
+				DEBUG(1, ("acl_set_qualifiier failed: %s\n",
+					  strerror(errno)));
+				goto fail;
+			}
+			break;
+		case SMB_ACL_GROUP:
+			if (acl_set_qualifier(e, &entry->gid) != 0) {
+				DEBUG(1, ("acl_set_qualifiier failed: %s\n",
+					  strerror(errno)));
+				goto fail;
+			}
+			break;
+		default: 	/* Shut up, compiler! :-) */
+			break;
+		}
+
 		if (smb_acl_set_mode(e, entry->a_perm) != 0) {
 			goto fail;
 		}
@@ -278,22 +291,40 @@
 				  connection_struct *conn,
 				  SMB_ACL_T theacl )
 {
-	errno = EINVAL;
-	return -1;
+	return 0;
 }
 
 static int posixacl_sys_acl_set_file(vfs_handle_struct *handle,
 				     connection_struct *conn,
 				     const char *name,
-				     SMB_ACL_TYPE_T acltype,
+				     SMB_ACL_TYPE_T type,
 				     SMB_ACL_T theacl)
 {
 	int res;
-	acl_t acl = smb_acl_to_posix(theacl);
-	if (acl == NULL) {
+	acl_type_t acl_type;
+	acl_t acl;
+
+	DEBUG(10, ("Calling acl_set_file: %s, %d\n", name, type));
+
+	switch(type) {
+	case SMB_ACL_TYPE_ACCESS:
+		acl_type = ACL_TYPE_ACCESS;
+		break;
+	case SMB_ACL_TYPE_DEFAULT:
+		acl_type = ACL_TYPE_DEFAULT;
+		break;
+	default:
+		errno = EINVAL;
 		return -1;
 	}
-	res = acl_set_file(name, acltype, acl);
+
+	if ((acl = smb_acl_to_posix(theacl)) == NULL) {
+		return -1;
+	}
+	res = acl_set_file(name, acl_type, acl);
+	if (res != 0) {
+		DEBUG(10, ("acl_set_file failed: %s\n", strerror(errno)));
+	}
 	acl_free(acl);
 	return res;
 }

More information about the samba-cvs mailing list