[PATCH] new delete-on-close scenes
jra at samba.org
Wed Dec 17 15:09:26 MST 2014
On Wed, Dec 17, 2014 at 02:08:01PM +0100, Peter Somogyi wrote:
> I have a customer scenario where they're trying to use programs on a share
> where DELETE access on parent folder is disabled by intention, and samba
> behaves here different than windows.
> Windows lets to create temporary files having delete_on_close flag at
> create even when you don't have that access.
> We have found smb2.delete-on-close already covering this (found Richard
> Sharpe in commit history), but I've continued to explore it further:
> - allows to set delete-on-close via setinfo at any time until close (which
> really removes it on windows)
> - allows it for directories (+ other special files? entire trees?)
> - DELETE desired access comes with RENAME
> - you can delete it whenever you want once after you got the DELETE
> desired access at create, which you get not necessarily just upon new
> files but also at the time you still had the access but meanwhile revoked
> (and file gets removed in the end anyway).
> See attachment (tested against win7).
> Does anybody already dived into this already or have further interest?
> Somebody at least should ask protocol clarification, I haven't found
> anything in here: MS-FSA.pdf, MS-FSCC.pdf, MS-SMB2.pdf or MSDN.
> To me it looks granting the DELETE access at create time is the key
> (overriding ACLs): either it's a new file, or you must have this access
> (only!) at create time.
> But given we possibly just want the mostly needed subset of the whole
> feature stack (grant DELETE - only - on new files, enforce delete at close
> as root when it was really a new file) I'd already like to work on this
> Please let me know your opinion.
Can you describe the scenarios you're testing here ?
I'd like to fully understand what Windows does here,
but I'm doubtful we'll be able to reproduce fully
as creating inside a folder without DELETE access
(mapped into 'w' on POSIX) would violate server POSIX
semantics, even if the file is deleted on close.
More information about the samba-technical