From: Christof Schmitt Date: Fri, 2 Nov 2018 19:08:23 +0000 (-0700) Subject: smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute X-Git-Tag: samba-4.8.8~38 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d60ad0171a09b57667ac0888ce95f22dd16d7630;p=thirdparty%2Fsamba.git smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute MS-FSA states that a CREATE with FILE_DELETE_ON_CLOSE on an existing file with READ_ONLY attribute has to return STATUS_CANNOT_DELETE. This was missing in smbd as the check used the DOS attributes from the CREATE instead of the DOS attributes on the existing file. We need to handle the new file and existing file cases separately. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13673 Signed-off-by: Christof Schmitt Reviewed-by: Jeremy Allison (cherry picked from commit 162a5257c48f20d3752f644e86c9e626b46436c0) --- diff --git a/selftest/knownfail b/selftest/knownfail index 781c14551fe..84776d4f35d 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -348,5 +348,3 @@ # Disabling NTLM means you can't use samr to change the password ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\) ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\) -^samba3.smb2.delete-on-close-perms.READONLY\(nt4_dc\) -^samba3.smb2.delete-on-close-perms.READONLY\(ad_dc\) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 8a9288dbdb4..97cf458a864 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3237,6 +3237,18 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, request_time = fsp->open_time; } + if ((create_options & FILE_DELETE_ON_CLOSE) && + (flags2 & O_CREAT) && + !file_existed) { + /* Delete on close semantics for new files. */ + status = can_set_delete_on_close(fsp, + new_dos_attributes); + if (!NT_STATUS_IS_OK(status)) { + fd_close(fsp); + return status; + } + } + /* * Ensure we pay attention to default ACLs on directories if required. */ @@ -3689,15 +3701,17 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, /* Handle strange delete on close create semantics. */ if (create_options & FILE_DELETE_ON_CLOSE) { + if (!new_file_created) { + status = can_set_delete_on_close(fsp, + existing_dos_attributes); - status = can_set_delete_on_close(fsp, new_dos_attributes); - - if (!NT_STATUS_IS_OK(status)) { - /* Remember to delete the mode we just added. */ - del_share_mode(lck, fsp); - TALLOC_FREE(lck); - fd_close(fsp); - return status; + if (!NT_STATUS_IS_OK(status)) { + /* Remember to delete the mode we just added. */ + del_share_mode(lck, fsp); + TALLOC_FREE(lck); + fd_close(fsp); + return status; + } } /* Note that here we set the *inital* delete on close flag, not the regular one. The magic gets handled in close. */