* dir.cc (mkdir): Call set_file_attribute with additional handle
argument. * fhandler.cc (fhandler_base::fchmod): New method. * fhandler.h: Declare fchmod method in fhandler_base, fhandler_disk_file and fhandler_virtual. * fhandler_disk_file.cc (fhandler_disk_file::fchmod): New method. (fhandler_base::open_fs): Call set_file_attribute with additional handle argument. * fhandler_virtual.cc (fhandler_virtual::fchmod): New method. * path.cc (symlink_worker): Call set_file_attribute with additional handle argument. * security.cc (get_nt_object_security): New function. (get_nt_object_attribute): Call get_nt_object_security. (set_nt_attribute): Add handle argument. Call get_nt_object_security first, read_sd only if that fails. (set_file_attribute): Add handle argument. * security.h (set_file_attribute): Declare with additional handle argument. * syscalls.cc (stat_suffixes): Move to beginning of file. (chown_worker): Call set_file_attribute with additional handle argument. (chmod): Reorganize to call fhandler's fchmod method eventually. (fchmod): Ditto.
This commit is contained in:
@@ -1367,6 +1367,37 @@ get_nt_attribute (const char *file, mode_t *attribute,
|
||||
get_info_from_sd (sd, attribute, uidret, gidret);
|
||||
}
|
||||
|
||||
static int
|
||||
get_nt_object_security (HANDLE handle, SE_OBJECT_TYPE object_type,
|
||||
security_descriptor &sd_ret)
|
||||
{
|
||||
NTSTATUS ret;
|
||||
ULONG len = 0;
|
||||
ret = NtQuerySecurityObject (handle,
|
||||
DACL_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| OWNER_SECURITY_INFORMATION,
|
||||
sd_ret, len, &len);
|
||||
if (ret == STATUS_BUFFER_TOO_SMALL)
|
||||
{
|
||||
if (!sd_ret.malloc (len))
|
||||
set_errno (ENOMEM);
|
||||
else
|
||||
ret = NtQuerySecurityObject (handle,
|
||||
DACL_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| OWNER_SECURITY_INFORMATION,
|
||||
sd_ret, len, &len);
|
||||
}
|
||||
if (ret != STATUS_SUCCESS)
|
||||
{
|
||||
sd_ret.free ();
|
||||
__seterrno_from_win_error (RtlNtStatusToDosError (ret));
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
get_nt_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type,
|
||||
mode_t *attribute, __uid32_t *uidret,
|
||||
@@ -1375,34 +1406,14 @@ get_nt_object_attribute (HANDLE handle, SE_OBJECT_TYPE object_type,
|
||||
security_descriptor sd;
|
||||
PSECURITY_DESCRIPTOR psd = NULL;
|
||||
|
||||
NTSTATUS ret;
|
||||
ULONG len = 0;
|
||||
ret = NtQuerySecurityObject (handle,
|
||||
DACL_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| OWNER_SECURITY_INFORMATION,
|
||||
sd, len, &len);
|
||||
if (ret == STATUS_BUFFER_TOO_SMALL)
|
||||
if (get_nt_object_security (handle, object_type, sd))
|
||||
{
|
||||
if (!sd.malloc (len))
|
||||
set_errno (ENOMEM);
|
||||
else
|
||||
ret = NtQuerySecurityObject (handle,
|
||||
DACL_SECURITY_INFORMATION
|
||||
| GROUP_SECURITY_INFORMATION
|
||||
| OWNER_SECURITY_INFORMATION,
|
||||
sd, len, &len);
|
||||
}
|
||||
if (ret != STATUS_SUCCESS)
|
||||
{
|
||||
__seterrno_from_win_error (RtlNtStatusToDosError (ret));
|
||||
if (object_type == SE_FILE_OBJECT)
|
||||
return -1;
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
psd = sd;
|
||||
get_info_from_sd (psd, attribute, uidret, gidret);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -1805,16 +1816,16 @@ set_security_attribute (int attribute, PSECURITY_ATTRIBUTES psa,
|
||||
}
|
||||
|
||||
static int
|
||||
set_nt_attribute (const char *file, __uid32_t uid, __gid32_t gid,
|
||||
int attribute)
|
||||
set_nt_attribute (HANDLE handle, const char *file,
|
||||
__uid32_t uid, __gid32_t gid, int attribute)
|
||||
{
|
||||
if (!wincap.has_security ())
|
||||
return 0;
|
||||
|
||||
security_descriptor sd;
|
||||
|
||||
int ret;
|
||||
if ((ret = read_sd (file, sd)) <= 0)
|
||||
if (get_nt_object_security (handle, SE_FILE_OBJECT, sd)
|
||||
&& read_sd (file, sd) <= 0)
|
||||
{
|
||||
debug_printf ("read_sd %E");
|
||||
return -1;
|
||||
@@ -1827,13 +1838,13 @@ set_nt_attribute (const char *file, __uid32_t uid, __gid32_t gid,
|
||||
}
|
||||
|
||||
int
|
||||
set_file_attribute (int use_ntsec, const char *file,
|
||||
set_file_attribute (bool use_ntsec, HANDLE handle, const char *file,
|
||||
__uid32_t uid, __gid32_t gid, int attribute)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if (use_ntsec && allow_ntsec)
|
||||
ret = set_nt_attribute (file, uid, gid, attribute);
|
||||
ret = set_nt_attribute (handle, file, uid, gid, attribute);
|
||||
else if (allow_ntea && !NTWriteEA (file, ".UNIXATTR", (char *) &attribute,
|
||||
sizeof (attribute)))
|
||||
{
|
||||
@@ -1846,9 +1857,10 @@ set_file_attribute (int use_ntsec, const char *file,
|
||||
}
|
||||
|
||||
int
|
||||
set_file_attribute (int use_ntsec, const char *file, int attribute)
|
||||
set_file_attribute (bool use_ntsec, HANDLE handle, const char *file,
|
||||
int attribute)
|
||||
{
|
||||
return set_file_attribute (use_ntsec, file,
|
||||
return set_file_attribute (use_ntsec, handle, file,
|
||||
myself->uid, myself->gid, attribute);
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user