[PATCH] new delete-on-close scenes

Jeremy Allison jra at samba.org
Wed Dec 17 15:09:26 MST 2014 

On Wed, Dec 17, 2014 at 02:08:01PM +0100, Peter Somogyi wrote:
> Hi,
> 
> I have a customer scenario where they're trying to use programs on a share 
> where DELETE access on parent folder is disabled by intention, and samba 
> behaves here different than windows.
> Windows lets to create temporary files having delete_on_close flag at 
> create even when you don't have that access.
> 
> We have found smb2.delete-on-close already covering this (found Richard 
> Sharpe in commit history), but I've continued to explore it further:
> - allows to set delete-on-close via setinfo at any time until close (which 
> really removes it on windows)
> - allows it for directories (+ other special files? entire trees?)
> - DELETE desired access comes with RENAME
> - you can delete it whenever you want once after you got the DELETE 
> desired access at create, which you get not necessarily just upon new 
> files but also at the time you still had the access but meanwhile revoked 
> (and file gets removed in the end anyway).
> See attachment (tested against win7).
> 
> Does anybody already dived into this already or have further interest?
> 
> Somebody at least should ask protocol clarification, I haven't found 
> anything in here: MS-FSA.pdf, MS-FSCC.pdf, MS-SMB2.pdf or MSDN.
> To me it looks granting the DELETE access at create time is the key 
> (overriding ACLs): either it's a new file, or you must have this access 
> (only!) at create time.
> 
> But given we possibly just want the mostly needed subset of the whole 
> feature stack (grant DELETE - only - on new files, enforce delete at close 
> as root when it was really a new file) I'd already like to work on this 
> part.
> Please let me know your opinion.

Can you describe the scenarios you're testing here ?

I'd like to fully understand what Windows does here,
but I'm doubtful we'll be able to reproduce fully
as creating inside a folder without DELETE access
(mapped into 'w' on POSIX) would violate server POSIX
semantics, even if the file is deleted on close.

More information about the samba-technical mailing list