* fhandler.cc (fhandler_base::open): Accomodate query_write_control
query_state. (fhandler_base::fchown): New method. * fhandler.h: Declare fchown method in fhandler_base, fhandler_disk_file and fhandler_virtual. (enum query_state): Add query_write_control. * fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state to query_write_control. Only remove FILE_ATTRIBUTE_READONLY if not setting security descriptor. (fhandler_disk_file::fchown): New method. * fhandler_virtual.cc (fhandler_virtual::fchown): New method. * sec_acl.cc (setacl): Call write_sd with additional handle attribute. * security.cc (write_sd): Take handle argument. Only request owner if getting SE_RESTORE_NAME privilege failed. Only open file if NtSetSecurityObject failed or handle is NULL. (set_nt_attribute): Call write_sd with additional handle attribute. * security.h (write_sd): Declare with additional handle argument.
This commit is contained in:
@@ -377,14 +377,18 @@ fhandler_disk_file::fchmod (mode_t mode)
|
||||
if (pc.is_fs_special ())
|
||||
return chmod_device (pc, mode);
|
||||
|
||||
query_open (query_read_control);
|
||||
if (!get_io_handle () && !(oret = open_fs (O_BINARY, 0)))
|
||||
return -1;
|
||||
if (!get_io_handle ())
|
||||
{
|
||||
query_open (query_write_control);
|
||||
if (!(oret = open_fs (O_BINARY, 0)))
|
||||
return -1;
|
||||
}
|
||||
|
||||
SetFileAttributes (get_win32_name (), (DWORD) pc & ~FILE_ATTRIBUTE_READONLY);
|
||||
if (!allow_ntsec && allow_ntea) /* Not necessary when manipulating SD. */
|
||||
SetFileAttributes (pc, (DWORD) pc & ~FILE_ATTRIBUTE_READONLY);
|
||||
if (pc.isdir ())
|
||||
mode |= S_IFDIR;
|
||||
if (!set_file_attribute (pc.has_acls (), get_io_handle (), get_win32_name (),
|
||||
if (!set_file_attribute (pc.has_acls (), get_io_handle (), pc,
|
||||
ILLEGAL_UID, ILLEGAL_GID, mode)
|
||||
&& allow_ntsec)
|
||||
res = 0;
|
||||
@@ -410,6 +414,37 @@ fhandler_disk_file::fchmod (mode_t mode)
|
||||
return res;
|
||||
}
|
||||
|
||||
int __stdcall
|
||||
fhandler_disk_file::fchown (__uid32_t uid, __gid32_t gid)
|
||||
{
|
||||
int oret = 0;
|
||||
if (!get_io_handle ())
|
||||
{
|
||||
query_open (query_write_control);
|
||||
if (!(oret = open_fs (O_BINARY, 0)))
|
||||
return -1;
|
||||
}
|
||||
|
||||
mode_t attrib = 0;
|
||||
if (pc.isdir ())
|
||||
attrib |= S_IFDIR;
|
||||
int res = get_file_attribute (pc.has_acls (), get_io_handle (), pc, &attrib);
|
||||
if (!res)
|
||||
res = set_file_attribute (pc.has_acls (), get_io_handle (), pc,
|
||||
uid, gid, attrib);
|
||||
if (res && (!pc.has_acls () || !allow_ntsec))
|
||||
{
|
||||
/* fake - if not supported, pretend we're like win95
|
||||
where it just works */
|
||||
res = 0;
|
||||
}
|
||||
|
||||
if (oret)
|
||||
close_fs ();
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
fhandler_disk_file::fhandler_disk_file () :
|
||||
fhandler_base ()
|
||||
{
|
||||
|
Reference in New Issue
Block a user