Samba, ACL and read only flag

Douglas K. Fischer skeet at Bridgewater.EDU
Tue Dec 8 18:51:54 GMT 1998 

> Date: Tue, 8 Dec 1998 11:10:44 +0100
> From: Axel Thimm <Axel.Thimm at physik.fu-berlin.de>
> To: samba at samba.org
> Subject: Samba, ACL and read only flag
> Message-ID: <19981208111044.A25533 at physik.fu-berlin.de>
> 
> I have a problem with ACL, when a non owner tries to access a file, to which
> he otherwise has full access over (DEC Unix) ACLs. He can read it, but it is
> write protected (checked with smbclient). We are using samba-1.9.18p7.
> 
> I browsed the archives and saw that someone had reported this in August (with
> Solaris ACLs) and mentioned a fast fix. So my question is whether this has
> been fixed, and if yes, whether a 1.9.18x version of Samba deals nicely with
> it? (We wouldn't like to switch to 2.0 beta, due to our production
> environment).

Hallo Axel,

Yes, we found a quick fix for Solaris ACLs and the read-only flag. I do
not know how well our fix would apply to DEC UNIX as I am unfamiliar with
it. Our fix makes use of the access() function in Solaris. To the best of
our knowledge (we use them extensively and have not had a single problem
with them once this fix was implemented), Solaris ACLs appear to work
fully under Samba with the mear exception of the dos_mode() function in
server.c. This function is responsible for the mapping between UNIX and
DOS permissions on a file.

I have included the diff patch for our fix below (taken against
1.9.18p10), as well as the man page for access() in Solaris. In order for
such a fix to work for you, you will need to find the same or a similar
function in DUNIX that will perform like access().

The same goes for anyone else wanting to use this type of ACL fix on any
other platform than Solaris (2.5 or greater, SPARC and x86). This fix will
likely NOT work for you as-is: you will need to make some OS-specific
changes.

[ Then again, maybe every UNIX has an access() function that works like
the one in Solaris... :-) ]

BTW, changes between the 1.9.18 series and 2.0 make the above fix
obsolete, i.e. the read-only ACL problem should not exist in 2.0. Unless
you really don't want to move forward to 2.0, upgrading's the best bet.

Cheers

Douglas
 ----------------------------------------------------------------------
  Douglas K. Fischer    DFischer at Bridgewater.EDU      (540) 828 - 5343
  Network Systems Engineer   C. E. Shull Information Technology Center
  College Box 36        Bridgewater College      Bridgewater, VA 22812
 ----------------------------------------------------------------------

===== cut here for diff patch =====
*** server.orig	Wed Aug 19 19:41:23 1998
--- server.c	Mon Nov  2 09:41:40 1998
***************
*** 197,202 ****
--- 197,203 ----
      if (!((sbuf->st_mode & S_IWOTH) ||
  	  Connections[cnum].admin_user ||
  	  ((sbuf->st_mode & S_IWUSR) && current_user.uid==sbuf->st_uid) ||
+ 	  (access(path,W_OK) == 0) ||
  	  ((sbuf->st_mode & S_IWGRP) && 
  	   in_group(sbuf->st_gid,current_user.gid,
  		    current_user.ngroups,current_user.igroups))))
===== cut here for diff patch =====

===== cut here for Solaris 2.6 access() man page =====
System Calls                                            access(2)

NAME
     access - determine accessibility of a file

SYNOPSIS
     #include <unistd.h>

     int access(const char *path, int amode);

DESCRIPTION
     The access() function checks the file named by the  pathname
     pointed  to by the path argument for accessibility according
     to the bit pattern contained in amode, using the  real  user
     ID  in  place of the effective user ID and the real group ID
     in place of the effective group ID.  This  allows  a  setuid
     process  to  verify  that the user running it would have had
     permission to access this file.

     The value of amode is either the bitwise inclusive OR of the
     access  permissions  to be checked (R_OK, W_OK, X_OK) or the
     existence test, F_OK.

     These constants are defined in <unistd.h> as follows:

          R_OK Test for read permission.

          W_OK Test for write permission.

          X_OK Test for execute or search permission.

          F_OK Check existence of file

     See intro(2) for additional information about  "File  Access
     Permission".

     If any access permissions are to be checked,  each  will  be
     checked individually, as described in intro(2).  If the pro-
     cess has appropriate privileges, an implementation may indi-
     cate  success for X_OK even if none of the execute file per-
     mission bits are set.

RETURN VALUES
     If the requested access is permitted, access() succeeds  and
     returns  0.   Otherwise,  -1 is returned and errno is set to
     indicate the error.

ERRORS
     The access() function will fail if:

     EACCES         Permission bits of the file mode do not  per-
                    mit  the  requested access, or search permis-
                    sion is denied on a  component  of  the  path
                    prefix.

SunOS 5.6           Last change: 28 Dec 1996                    1

System Calls                                            access(2)

     EFAULT         path points to an illegal address.

     EINTR          A signal was caught during the access() func-
                    tion.

     ELOOP          Too many symbolic links were  encountered  in
                    resolving path.

     EMULTIHOP      Components of path require hopping to  multi-
                    ple remote machines.

     ENAMETOOLONG   The  length  of  the  path  argument  exceeds
                    PATH_MAX,  or  a pathname component is longer
                    than NAME_MAX while {_POSIX_NO_TRUNC}  is  in
                    effect.

     ENOENT         A component of path does not name an existing
                    file or path is an empty string.

     ENOLINK        path points to a remote machine and the  link
                    to that machine is no longer active.

     ENOTDIR        A component of  the  path  prefix  is  not  a
                    directory.

     EROFS          Write access is requested for  a  file  on  a
                    read-only file system.

     The access() function may fail if:

     EINVAL         The value of the amode argument is invalid.

     ENAMETOOLONG   Pathname resolution of a symbolic  link  pro-
                    duced  an  intermediate  result  whose length
                    exceeds PATH_MAX.

     ETXTBSY        Write access is requested  for  a  pure  pro-
                    cedure  (shared text) file that is being exe-
                    cuted.

USAGE
     Additional values of amode other than the set defined in the
     description  may  be  valid,  for  example,  if a system has
     extended access controls.

SunOS 5.6           Last change: 28 Dec 1996                    2

System Calls                                            access(2)
ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________
    | ATTRIBUTE TYPE|   ATTRIBUTE VALUE |
    |____________________________________
    | MT-Level      |  Async-Signal-Safe|
    |_______________|___________________|

SEE ALSO
     intro(2), chmod(2), stat(2), attributes(5)

SunOS 5.6           Last change: 28 Dec 1996                    3
===== cut here for Solaris 2.6 access() man page =====

More information about the samba mailing list