[PATCHES] Add vfs_admin vfs module
Richard Sharpe
realrichardsharpe at gmail.com
Sun Oct 4 19:11:49 UTC 2015
On Sun, Oct 4, 2015 at 11:22 AM, Uri Simchoni <uri at samba.org> wrote:
> Hi,
>
> This patch set adds vfs_admin, a simple vfs module that fixes file ownership
> for admin users.
> When a user is defined as an admin user, smbd runs as root, and files
> created by this user are
> owned by root. This patch fixes that by adding a vfs module to change the
> ownership of created objects.
>
> One thing worth noting is that for file creation I chose to override the
> NT-layer create_file function rather than the POSIX layer open, which would
> be more natural since this is a POSIX issue, created when running POSIX
> open() system call or something with similar semantics.
>
> The reason for that is that when open returns, the fsp is still not
> initialized with the just-created file descriptor, and so I cannot use
> SMB_VFS_FCHOWN from within the open handler, and have to resort to fchown()
True. However, you do have access to the FD or pseudo FD so you could
update the FSP prior to calling the other VFS module.
Would it be better to require that the lowest module update the FSP
with the FD or pseudo FD as soon as it is available? Perhaps via an
accessor and a flag that tells us it has been updated?
> (supporting only kernel file systems) or SMB_VFS_CHOWN (racy), or hack the
> fsp (...). The downside of it is having to deal with things that don't
> necessarily translate to POSIX file creation (streams, mkdir) and I hope I
> got that right. I have an alternative implementation that overrides the
> POSIX open instead, with above-mentioned limitations.
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list