vfs_acl_tdb|xattr: use a config handle

Better for performance and a subsequent commit will add one more option
where this will pay off.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit 61c3d2124fb1a180fae4c8c0b5ab5b32bd56c8ad)

diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 4d357e7654627f0cbd3d8957518c77665dbc3743..4227c0f34d773fbf19929e185ea8ca4cae8b30fe 100644 (file)
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -46,6 +46,34 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
                                SECINFO_DACL | \
                                SECINFO_SACL)
 
+struct acl_common_config {
+       bool ignore_system_acls;
+};
+
+static bool init_acl_common_config(vfs_handle_struct *handle)
+{
+       struct acl_common_config *config = NULL;
+
+       config = talloc_zero(handle->conn, struct acl_common_config);
+       if (config == NULL) {
+               DBG_ERR("talloc_zero() failed\n");
+               errno = ENOMEM;
+               return false;
+       }
+
+       config->ignore_system_acls = lp_parm_bool(SNUM(handle->conn),
+                                                 ACL_MODULE_NAME,
+                                                 "ignore system acls",
+                                                 false);
+
+       SMB_VFS_HANDLE_SET_DATA(handle, config, NULL,
+                               struct acl_common_config,
+                               return false);
+
+       return true;
+}
+
+
 /*******************************************************************
  Hash a security descriptor.
 *******************************************************************/
@@ -505,14 +533,15 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
        struct security_descriptor *psd_fs = NULL;
        char *sys_acl_blob_description = NULL;
        DATA_BLOB sys_acl_blob = { 0 };
-       bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
-                                               ACL_MODULE_NAME,
-                                               "ignore system acls",
-                                               false);
+       struct acl_common_config *config = NULL;
 
        *ppsd = NULL;
        *psd_is_from_fs = false;
 
+       SMB_VFS_HANDLE_GET_DATA(handle, config,
+                               struct acl_common_config,
+                               return NT_STATUS_UNSUCCESSFUL);
+
        status = parse_acl_blob(blob,
                                mem_ctx,
                                &psd_blob,
@@ -538,7 +567,7 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
                return NT_STATUS_OK;
        case 3:
        case 4:
-               if (ignore_file_system_acl) {
+               if (config->ignore_system_acls) {
                        *ppsd = psd_blob;
                        return NT_STATUS_OK;
                }
@@ -682,11 +711,12 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
        DATA_BLOB blob = data_blob_null;
        NTSTATUS status;
        struct security_descriptor *psd = NULL;
-       bool ignore_file_system_acl = lp_parm_bool(SNUM(handle->conn),
-                                               ACL_MODULE_NAME,
-                                               "ignore system acls",
-                                               false);
        bool psd_is_from_fs = false;
+       struct acl_common_config *config = NULL;
+
+       SMB_VFS_HANDLE_GET_DATA(handle, config,
+                               struct acl_common_config,
+                               return NT_STATUS_UNSUCCESSFUL);
 
        if (fsp && name == NULL) {
                name = fsp->fsp_name->base_name;
@@ -781,7 +811,7 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
                }
                is_directory = S_ISDIR(psbuf->st_ex_mode);
 
-               if (ignore_file_system_acl) {
+               if (config->ignore_system_acls) {
                        TALLOC_FREE(psd);
                        status = make_default_filesystem_acl(mem_ctx,
                                                name,

diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 1537ba32f9c6eacf493f4866bd7629d317a0919b..d2417d7a714a0bf55023c69760b96994bd88c2ce 100644 (file)
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -305,6 +305,7 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle,
                                const char *user)
 {
        int ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
+       bool ok;
 
        if (ret < 0) {
                return ret;
@@ -315,6 +316,12 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle,
                return -1;
        }
 
+       ok = init_acl_common_config(handle);
+       if (!ok) {
+               DBG_ERR("init_acl_common_config failed\n");
+               return -1;
+       }
+
        /* Ensure we have the parameters correct if we're
         * using this module. */
        DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' "

diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index c1b0a60e16a7c5457b7e6e731a1a2bfffb30bd5a..ae032c8bd5bac1f13251b11bf9f8a63333d497a1 100644 (file)
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -180,11 +180,18 @@ static int connect_acl_xattr(struct vfs_handle_struct *handle,
                                const char *user)
 {
        int ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
+       bool ok;
 
        if (ret < 0) {
                return ret;
        }
 
+       ok = init_acl_common_config(handle);
+       if (!ok) {
+               DBG_ERR("init_acl_common_config failed\n");
+               return -1;
+       }
+
        /* Ensure we have the parameters correct if we're
         * using this module. */
        DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' "