Commit Graph

455 Commits

Author SHA1 Message Date
Corinna Vinschen 379598dd67 Cygwin: Disable creating case-sensitive folders by default
Inspecting the content of case-sensitive directories
on remote machines results in lots of errors like
disappearing diretories and files, file not found, etc.

This is not feasible as default behaviour

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-03-01 14:38:36 +01:00
Corinna Vinschen 9db7f4d1dd Cygwin: move fhandler_cygdrive methods into own source file
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-07 12:29:07 +01:00
Corinna Vinschen af4a65a26d Cygwin: Add FS_IOC_GETFLAGS and FS_IOC_SETFLAGS ioctls
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-12-25 23:38:52 +01:00
Corinna Vinschen 4021509ba2 Cygwin: mkdir: create case-sensitive dirs
On Windows 10 1803 and later, create dirs under the Cygwin
installation dir as case sensitive, if WSL is installed.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-12-25 01:09:12 +01:00
Mark Geisert 87253cbe38 POSIX Asynchronous I/O support: fhandler files
This code is where the AIO implementation is wired into existing Cygwin
mechanisms for file and device I/O: the fhandler* functions.  It makes
use of an existing internal routine prw_open to supply a "shadow fd"
that permits asynchronous operations on a file the user app accesses
via its own fd.  This allows AIO to read or write at arbitrary locations
within a file without disturbing the app's file pointer.  (This was
already the case with normal pread|pwrite; we're just adding "async"
to the mix.)
2018-07-25 09:36:24 +02:00
Corinna Vinschen 8b6804b8a8 Cygwin: don't skip O_TMPFILE files in readdir
Bad idea.  A file hidden from directory listings is not seen by
rm either, so it never calls unlink for the file and a recursive
removal of the parent directory fails with "directory not empty".

Fix comments accordingly.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-03-09 21:13:28 +01:00
Corinna Vinschen 7ae89fe708 Cygwin: path_conv: rename is_rep_symlink to is_known_reparse_point
...in preparation of reusing this flag for other types of
reparse points, not only symlinks.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-03-01 16:41:45 +01:00
Corinna Vinschen fbdae2c216 Cygwin: reduce size of fhandler_cygdrive
fhandler_cygdrive has a size of 696 bytes on x86_64, while the next
biggest fhandler type, fhandler_pty_master, is 584 bytes.  The members
responsible for the size are private to opendir/readdir/closedir usage.
fhandler_disk_file stores private readdir data in DIR->__d_internal
instead.  Use equivalent method with fhandler_cygdrive.  This drops
the size to 464 bytes.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-02-26 20:39:48 +01:00
Corinna Vinschen 7ae73be141 Cygwin: improve O_TMPFILE handling
Windows does not remove FILE_ATTRIBUTE_TEMPORARY by itself after a
file has been closed.  It's just some attribute which can be set or
removed at will, despite its purpose.

Apparently there are tools out there which use FILE_ATTRIBUTE_TEMPORARY
accidentally or wrongly, even Microsoft's own tools are affected.  In
the end, the filesystem is potentially full of files with this attribute
set.

Implement O_TMPFILE files with FILE_ATTRIBUTE_TEMPORARY and
FILE_ATTRIBUTE_HIDDEN set.  This combination is pretty unlikely.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-02-14 12:55:24 +01:00
Corinna Vinschen 2af67d21b2 Cygwin: Cleanup time handling
* Redefine NSPERSEC to NS100PERSEC
* Define NSPERSEC as nanosecs per second
* Define USPERSEC as microsecs per second
* Use above constants throughout where appropriate
* Rename to_us to timespec_to_us and inline
* Rename it_bad to timespec_bad and inline

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-02-07 13:07:44 +01:00
Corinna Vinschen 2d2833dfab cygwin: remove accidentally committed debug statments
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-28 13:12:07 +01:00
Corinna Vinschen 662740b3d0 cygwin: further improve tags generation
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-28 13:10:34 +01:00
Corinna Vinschen 0b0b2b96f2 Cygwin: link: Simplify an expression
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 21:45:32 +01:00
Corinna Vinschen 0aa99373c1 Cygwin: fcntl.h: Define O_TMPFILE and implement it
Difference to Linux: We can't create files which don't show up
in the filesystem due to OS restrictions.  As a kludge, make a
(half-hearted) attempt to hide the file in the filesystem.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 21:45:25 +01:00
Corinna Vinschen 181fe5d2ed cygwin: pread: Remove incorrect comment
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-08 13:36:34 +01:00
Corinna Vinschen c983aa4879 cygwin: fhandler_disk_file::pread: always print debug info on return
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-08 13:30:42 +01:00
Xiaofeng Liu 46702f92ea cygwin: pread() returns non-zero if read beyond EOF
NtReadFile returns EOF status but doesn't set information to 0.
Set return value explicitly on EOF.
2017-11-08 13:21:30 +01:00
Erik M. Bray 94854321bb posix_fallocate() *returns* error codes but does not set errno
Also updates the fhandler_*::ftruncate implementations to adhere to the same
semantics.  The error handling semantics of those syscalls that use
fhandler_*::ftruncate are moved to the implementations of those syscalls (
in particular ftruncate() and friends still set errno and return -1 on error
but that logic is handled in the syscall implementation).
2017-11-02 18:01:01 +01:00
Erik M. Bray 8c8cdd9ad7 posix_fadvise() *returns* error codes but does not set errno
Also updates the fhandler_*::fadvise implementations to adhere to the same
semantics.
2017-11-02 17:58:18 +01:00
Corinna Vinschen 3e80cefb16 cygwin: unify reparse point checking code into single function
So far we had two functions checking the content of a reparse point,
readdir_check_reparse_point in fhandler_disk_file.cc for the sake of
readdir, and symlink_info::check_reparse_point for the sake of
generic path checking.

* Rename check_reparse_point_target helper to check_reparse_point_string
  and convert to static function.
* Create new check_reparse_point_target helper containing the core
  reparse point checking code
* Just call check_reparse_point_target from readdir_check_reparse_point
  and symlink_info::check_reparse_point and only perform the unique
  task in those functions.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-07-24 17:33:20 +02:00
Corinna Vinschen be1485191f cygwin: Fix resource leak in readdir reparse point handling
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-07-24 17:26:17 +02:00
Corinna Vinschen 185cd97d24 cygwin: readdir: Activate check for remote reparse points
Fix and move comment accordingly.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-06-20 10:06:45 +02:00
Joe_Lowe 7a4e299a18 Compatibility improvements to reparse point handling. 2017-06-20 09:57:36 +02:00
Corinna Vinschen 8eada33223 cygwin: readdir: don't lookup mount target inodes
So far Cygwin's readdir returned the inode number of a mount target
in d_ino, rather than the actual inode number of the mount point in
the underlying filesystem.  This not only results in a performance
hit if the mount target is a remote FS, it is also not done on other
POSIX systems.

Remove the code evaluating the mount target inode number.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-06-14 13:22:56 +02:00
Joe Lowe 0a9edd73e3 readdir() with mount point dentry, return mount point INO
This patch fixes a minor compatibility issue w/ cygwin mount point handling in
readdir(), compared to equivalent behavior of Linux and MacOS. dentry.d_ino
should indicate the INO of the mount point itself, not the target volume root
folder.

Changed return type from readdir_check_reparse_point to uint8_t, to avoid
unnecessarily being implicitly cast to and from a signed int.

Renamed a related local variable "attr" to "oattr" that was eclipsing a member
variable with the same name.

Joe L.
2017-06-14 10:57:02 +02:00
Christian Franke b8523353d7 Fix stat.st_blocks for files compressed with CompactOS method
Always retrieve FileCompressionInformation for non-empty
files if FileStandardInformation returns 0 allocated blocks.
This fixes stat.st_blocks for files compressed with CompactOS method.

Signed-off-by: Christian Franke <franke@computer.org>
2017-04-22 16:12:36 +02:00
Corinna Vinschen 00e9bf2bb3 Fix various OS-related comments
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-24 23:32:39 +02:00
Corinna Vinschen 8b7c4f67c6 fhandler_disk_file::opendir: Fix a comment 2016-06-24 22:48:40 +02:00
Corinna Vinschen 733af66c6e Remove support for SUNWNFS file system 2016-06-23 21:30:15 +02:00
Corinna Vinschen b2867a68b9 Handle up to 63 partitions per drive
Revamp device parsing code.  Introducing support for more partitions
into the shilka-generated parser has the unfortunate side-effect of
raising the size of the DLL by almost 2 Megs.  Therefore we split out
the handling for /dev/sdXY devices into a tiny bit of hand-written
code.

While at it, remove some unused cruft from devices.* and generally
clean up the device class to provide access methods instead of direct
access to members.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 16:56:41 +02:00
Corinna Vinschen 6e623e9320 Switching the Cygwin DLL to LGPLv3+, dropping commercial buyout option
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.

Everything else stays under GPLv3+.

New Linking Exception exempts resulting executables from LGPLv3 section 4.

Add CONTRIBUTORS file to keep track of licensing.

Remove 'Copyright Red Hat Inc' comments.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 10:09:17 +02:00
Corinna Vinschen 2c83227112 Drop useless calls to path_conv.isgood_inode
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-21 13:39:35 +02:00
Corinna Vinschen 4965cdc9ad Use correct file info (especially inode number) for newly created files
fhandler_base::open_fs has two problems:
- When newly creating a file, the file info in the path_conv is
  incorrect.  It points to info for the parent dir, not to info
  for the file itself (which, naturally, wasn't available before).
- Fetching the file's inode number only worked for non-NFS.

Both problems should be fixed now by reloading file info if the file
has just been created, as well as using the new FS-agnostic
path_conv::get_ino method.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-21 13:39:04 +02:00
Corinna Vinschen 36d4eb12b5 Use new path_conv_handle functions to access file info
This avoids having to call nfs_fetch_fattr3/file_get_fai depending
on FS type as well as having to extract the info FS dependent.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-21 13:28:12 +02:00
Peter Foley dc85a189a4 Add necessary braces to if statements
The missing braces cause only the first expression to be guarded by the
else clause.

winsup/cygwin/ChangeLog
* fhandler_disk_file.cc (facl): Add missing braces to if statement.
* mount.cc (dos_drive_mappings): Add missing braces to if statement.

Signed-off-by: Peter Foley <pefoley2@pefoley.com>
2016-03-20 11:55:08 +01:00
Corinna Vinschen 9ddf063921 Implement POSIX.1e ACL functions
* Makefile.in (DLL_OFILES): Add sec_posixacl.o.
	(SUBLIBS): Add libacl.a
	(libacl.a): New rule to create libacl.a.
	* common.din: Export POSIX ACL functions as well as most libacl.a
	extensions.
	* fhandler.h (fhander_base::acl_get): New prototype.
	(fhander_base::acl_set): Ditto.
	(fhandler_disk_file::acl_get): Ditto.
	(fhandler_disk_file::acl_set): Ditto.
	* include/acl/libacl.h: New file.
	* include/cygwin/version.h: Bump API minor version.
	* include/sys/acl.h: Drop including cygwin/acl.h.  Accommodate
	throughout Cygwin.  Add POSIX ACL definitions.
	* sec_acl.cc: Include sec_posixacl.h.  Replace ILLEGAL_UID and
	ILLEGAL_GID with ACL_UNDEFINED_ID where sensible.
	(__aclcheck): New internal acl check function to be used for
	Solaris and POSIX ACLs.
	(aclcheck32): Call __aclcheck.
	(__aclcalcmask): New function to compute ACL_MASK value.
	(__aclsort): New internal acl sort function to be used for Solaris
	and POSIX ACLs.
	(aclsort32): Call __aclsort.
	(permtostr): Work directly on provided buffer.
	(__acltotext): New internal acltotext function to be used for
	Solaris and POSIX ACLs.
	(acltotext32): Call __acltotext.
	(__aclfromtext): New internal aclfromtext function to be used for
	Solaris and POSIX ACLs.
	(aclfromtext32): Call __aclfromtext.
	* sec_posixacl.cc: New file implemeting POSIX ACL functions.
	* sec_posixacl.h: New internal header.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-03-08 13:56:40 +01:00
Corinna Vinschen ac4648c13e Treat ACLs with extra ACEs for Admins and SYSTEM like a trivial ACL
POSIX.1e requires that chmod changes the MASK rather than the
	GROUP_OBJ value if the ACL is non-trivial.

	On Windows, especially on home machines, a standard ACL often
	consists of entries for the user, maybe the group, and additional
	entries for SYSTEM and the Administrators group.  A user calling
	chmod on a file with bog standard Windows perms usually expects
	that chmod changes the GROUP_OBJ perms, but given the rules from
	POSIX.1e we can't do that.

	However, since we already treat Admins and SYSTEM special in a
	ACL (they are not used in MASK computations) we go a step in the
	Windows direction to follow user expectations.  If an ACL only
	consists of the three POSIX permissions, plus entries for Admins
	and SYSTEM *only*, then we change the permissions of the GROUP_OBJ
	entry *and* the MASK entry.

	* fhandler_disk_file.cc (fhandler_disk_file::chmod): Drop unused
	code.  Add special handling for a "standard" Windows ACL.  Add
	comment to explain.
	* sec_acl.cc (get_posix_access): Allow to return "standard-ness"
	of an ACL to the caller.  Add preceeding comment to explain a bit.
	* security.h (get_posix_access): Align prototype.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-01-28 22:05:49 +01:00
Corinna Vinschen e983bd6aa4 Only request WRITE_DAC rights when writing an ACL
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
        query_write_dac rather than query_write_control access when writing
        an ACL.  Fix a comment.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-25 21:40:51 +01:00
Ken Brown ecfba2bb2c Fix regparm attribute of fhandler_base::fstat_helper
* winsup/cygwin/fhandler_disk_file.cc (fhandler_base::fstat_helper):
Align regparm attribute to declaration in fhandler.h.
2015-12-14 10:22:12 +01:00
Corinna Vinschen eed35efbe6 Fetch and store FileAllInformation rather than FileNetworkOpenInformation
* path.h (class path_conv_handle): Use FILE_ALL_INFORMATION instead of
        FILE_NETWORK_OPEN_INFORMATION.  Use definitions from ntdll.h since it's
        included anyway.
        (path_conv_handle::fai): Change name from fnoi.
        (path_conv::fai): Ditto.
        (file_get_fai): Change name from file_get_fnoi.  Drop second parameter.
        * path.cc (file_get_fai): Ditto.  Fetch FileAllInformation rather than
        FileNetworkOpenInformation.  Convert STATUS_BUFFER_OVERFLOW to
        STATUS_SUCCESS.  Remove workaround to fetch FileBasicInformation and
        FileStandardInformation on filesystems with broken
        FileNetworkOpenInformation handling.
        (symlink_info::check): Accommodate above changes.  In case of using
        the NtQueryDirectoryFile fallback, fetch FileIdBothDirectoryInformation
        to get inode number as well.
        * fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Drop outdated
        comment.  Accommodate change to using FileAllInformation.  Drop
        extra function calls to fetch NumberOfLinks and IndexNumber.  Set ino
        directly from IndexNumber stored in pc.fai().  Drop second argument
        from call to fstat_helper.
        (fhandler_base::fstat_by_name): Drop second argument from call to
        fstat_helper.
        (fhandler_base::fstat_helper): Drop second parameter.  Accommodate
        the fact that we access a FILE_ALL_INFORMATION structure now.
        (fhandler_base::open_fs): Set ino directly from IndexNumber stored in
        pc.fai().
        * fhandler.h (fhandler_base::fstat_helper): Fix declaration accrdingly.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-10 00:02:34 +01:00
Corinna Vinschen a0e7563eb0 Drop unused path_conv::ndisk_links method
* fhandler_disk_file.cc (path_conv::ndisk_links): Drop unused method.
        (fhandler_base::fstat_helper): Drop unused call to ndisk_links.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-09 23:56:47 +01:00
Corinna Vinschen ab73edc056 Use fii instead of fai for FILE_INTERNAL_INFORMATION vars
* fhandler_disk_file.cc (path_conv::get_ino_by_handle): Rename fai to
        fii for clearness.
        (fhandler_disk_file::readdir): Ditto.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-09 23:51:48 +01:00
Corinna Vinschen 3da81956e2 In FILE_ID_BOTH_DIR_INFORMATION it's actually FileId, not IndexNumber
* ntdll.h (FILE_ID_BOTH_DIR_INFORMATION): Revert IndexNumber to FileId
        since it's actually right here.
        * fhandler_disk_file.cc: Accommodate above change.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-09 18:11:47 +01:00
Corinna Vinschen d0f5f4c422 Rename FileId to IndexNumber in NT structures to align with upstream
* ntdll.h (FILE_ID_BOTH_DIR_INFORMATION): Rename FileId to IndexNumber
        to align with Microsoft naming scheme.
        (FILE_INTERNAL_INFORMATION): Ditto.
        * fhandler_disk_file.cc: Rename FileId to IndexNumber throughout.
        * syscalls.cc: Ditto.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-08 14:33:07 +01:00
Corinna Vinschen 7edb6b8d3e Fix up POSIX permission handling
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Disable
	deviation from POSIX 1003.1e in terms of GROUP_OBJ/CLASS_OBJ
	permissions.  Follow POSIX 1003.1e again.  Keep old code in
	for future reference.
	* sec_acl.cc: Accommodate changes in ACE creation in leading
	comment.
	(set_posix_access): Fix user deny ACE creation.  Split group
	deny ACE creation into two steps, one to reflect CLASS_OBJ,
	the other to reflect OTHER_OBJ.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-18 22:29:46 +01:00
Corinna Vinschen bc444e5aa4 Reapply POSIX ACL changes.
- New, unified implementation of POSIX permission and ACL handling.  The
    new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
    they allow to inherit the S_ISGID bit.  ACL inheritance now really
    works as desired, in a limited, but theoretically equivalent fashion
    even for non-Cygwin processes.

    To accommodate Windows default ACLs, the new code ignores SYSTEM and
    Administrators group permissions when computing the MASK/CLASS_OBJ
    permission mask on old ACLs, and it doesn't deny access to SYSTEM and
    Administrators group based on the value of MASK/CLASS_OBJ when
    creating the new ACLs.

    The new code now handles the S_ISGID bit on directories as on Linux:
    Setting S_ISGID on a directory causes new files and subdirs created
    within to inherit its group, rather than the primary group of the user
    who created the file.  This only works for files and directories
    created by Cygwin processes.

2015-05-29  Corinna Vinschen  <corinna@vinschen.de>

	Reapply POSIX ACL changes.

	* utils.xml (setfacl): Show new option output.
	(getfacl): Show new option output.

	* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
	Apply umask, if so.  Align comments.
	* security.cc (set_created_file_access): Fix permission masking by
	incoming requested file mode.

	* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
	for SYSTEM and Admins group.

	* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
	GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.

	* fhandler.h (fhandler_pty_slave::facl): Add prototype.
	* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
	(fhandler_pty_slave::fchown): Fix uid/gid handling.
	* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
	Simplify and move around code in a few places.  To improve ACL
	readability, add r/w permissions to Admins ACE appended to pty ACL.
	Add comment to explain Windows ACE Mask filtering being in the way of
	creating a real CLASS_OBJ.
	(get_posix_access): Fake CLASS_OBJ for ptys.  Explain why.
	* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
	when calling get_posix_access.

	* sec_acl.cc (set_posix_access): Move merging group perms into owner
	perms in case of owner == group after mask has been computed.  Take
	mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.

	* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
	the ACCESS_ALLOWED_ACE.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
	set GROUP_OBJ and CLASS_OBJ perms to new group perms.  Add comment
	to explain why.
	* security.cc (set_created_file_access): Ditto.

	* sec_acl.cc (set_posix_access): Replace previous patch.  Return
	EINVAL if uid and/or guid is invalid and not backed by an actual
	Windows account.

	* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.

	* sec_acl.cc (set_posix_access): Handle files with owner == group.
	Rephrase switch statement checking against unfiltered a_type value.
	(get_posix_access): Handle files with owner == group.

	* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
	CLASS_OBJ mask on old-style ACLs.  Fix a comment.

	* sec_acl.cc (set_posix_access): Always make sure Admins have
	WRITE_DAC and WRITE_OWNER permissions.
	* security.h (create_object_sd_from_attribute): Drop handle parameter
	from prototype.
	* security.cc (create_object_sd_from_attribute): Drop handle parameter.
	Just create the standard POSIXy security descriptor.
	(set_object_attribute): Accommodate dropped paramter in call to
	create_object_sd_from_attribute.
	* fhandler_tty.cc: Ditto, throughout.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
	mask computation.

	* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
	not umasked.
	(fhandler_base::open): Explicitely umask mode on NFS here.  Call new
	set_created_file_access rather than set_file_attribute.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
	setting permissions on filesystems supporting ACLs using the new
	set_posix_access call.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::mkdir): Call new set_created_file_access rather
	than set_file_attribute.
	* fhandler_socket.cc (fhandler_socket::bind): Don't umask here.  Add
	WRITE_OWNER access to allow writing group in case of SGID bit set.
	Call new set_created_file_access rather than set_file_attribute.
	* path.cc (symlink_worker): Call new set_created_file_access rather
	than set_file_attribute.
	* sec_acl.cc (searchace): Un-staticize.
	(set_posix_access): New, complementary functionality to
	get_posix_access.
	(setacl): Implement in terms of get_posix_access/set_posix_access.
	(get_posix_access): Add handling for just created files requiring
	their first Cygwin ACL.  Fix new_style recognition.  Handle SGID
	bit.  For old-style ACLs, ignore SYSTEM and Administrators when
	computing the {DEF_}CLASS_OBJ perms.
	* security.cc (get_file_sd): Revamp comment.  Change and (hopefully)
	speed up inheritance processing for just created files.
	(alloc_sd): Remove.
	(set_security_attribute): Call set_posix_access instead of alloc_sd.
	(get_object_attribute): Fix return value.
	(create_object_sd_from_attribute): Call set_posix_access instead of
	alloc_sd.
	(set_file_attribute): Remove.
	(set_created_file_access): New function implemented in terms of
	get_posix_access/set_posix_access.
	* security.h (set_file_attribute): Remove prototype.
	(set_created_file_access): Add prototype.
	(searchace): Ditto.
	(set_posix_access): Ditto.
	* syscalls.cc (open): Call open_with_arch with mode not umasked.

	* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
	Describe how to generate deny ACEs in more detail.  Accommodate the
	fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
	a special Cygwin ACE.  Improve further comments.
	(CYG_ACE_NEW_STYLE): Define.
	(get_posix_access): Change from Cygwin ACE to NULL deny ACE.  Fix
	CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
	NULL deny ACE if the inheritance flags say so.
	* sec_helper.cc (well_known_cygwin_sid): Remove.
	* security.h (well_known_cygwin_sid): Drop declaration.

	* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
	(get_posix_access): Rename index variable from i to idx.  Define only
	once at top level.

	* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
	Accommodate throughout.
	(add_access_denied_ace): Ditto.
	* sec_acl.cc: Accommodate above change throughout.
	* security.h (add_access_allowed_ace): Adjust prototype to above change.
	(add_access_denied_ace): Ditto.

	* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
	owner and primary group of the file.  Handle the default primary
	group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
	set.  Add comments.  Minor code rearrangements.

	Preliminary read side implementation of new permission handling.
	* acl.h (MAX_ACL_ENTRIES): Raise to 2730.  Add comment to explain.
	* sec_acl.cc:  Add leading comment to explain new ACL style.
	Add definitions and macros to use for bits in new Cygwin ACL.
	(DENY_RWX): New mask value for all temporary deny bits.
	(getace): Add bool parameter to decide when leaving all bits intact,
	rather than filtering them per the already set bits.
	(get_posix_access): New function, taking over functionality to read
	POSIX ACL from SECURITY_DESCRIPTOR.
	(getacl): Just call get_posix_access.
	* sec_helper.cc (well_known_cygwin_sid): Define.
	* security.cc (get_attribute_from_acl): Remove.
	(get_info_from_sd): Remove.
	(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
	(get_file_attribute): Ditto.
	(get_object_attribute): Ditto.
	* security.h (well_known_cygwin_sid): Declare.
	(get_posix_access): Add prototype.

	* Throughout, use simpler ACE macros from Windows' accctrl.h.

	* getfacl.c (main): Special-case SYSTEM and Admins group.  Add comments.

	* setfacl.c: Align more to Linux tool.
	(delacl): New function to delete acl entries only.
	(modacl): Drop delete functionality.  Add handling of recomputing the
	mask and default mask values.
	(delallacl): Rename from delacl.
	(setfacl): Call delacl in Delete case.  Call delallacl in DeleteAll
	and DeleteDef case.
	(usage): Accommodate new options.  Rearrange and rephrase slightly.
	(longopts): Emit 'x' in --delete case.  Add --no-mask and --mask
	options.
	(opts): Add -x and -n options.
	(main): Handle -d and -x the same.  Handle -n and --mask options.
	Drop handling for -r option.

	* getfacl.c (usage): Align more closely to Linux version.  Add new
	options -c, -e, -E.  Change formatting to accommodate longer options.
	(longopts): Rename --noname to --numeric.  Keep --noname for backward
	compatibility.  Add --omit-header, --all-effective and --no-effective
	options.
	(opts): Add -c, -e and -E option.
	(main): Handle new -c, -e, and -E options.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-18 22:27:54 +01:00
Corinna Vinschen df6206aa56 Add support for Parallels Desktop FS (prlfs)
* mount.h (enum fs_info_type): Add prlfs (Parallels Desktop FS).
	(class fs_info): Add has_broken_fnoi flag.  Implement prlfs FS flag.
	* mount.cc (fs_info::update): Handle PrlFS.  Fill new has_broken_fnoi
	flag with life.
	(fs_names): Add prlfs.
	* globals.cc (ro_u_prlfs): Define.
	* path.h (path_conv::has_broken_fnoi): New method.
	* path.cc (symlink_info::check): Call file_get_fnoi utilizing new
	has_broken_fnoi filesystem flag.
	* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Ditto.

	* new-features.xml (ov-new2.3): Document Parallels Desktop FS support.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-02 12:08:25 +01:00
Corinna Vinschen 88dce3abd8 Try harder to avoid LDAP access for RFC2307 mapping
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Rearrange
        to fall back to myself uid/gid in case we don't utilize Windows
        account DBs, just as prior to 1.7.34.
        * sec_helper.cc (cygpsid::get_id): Disable Samba user/group mapping per
        RFC2307 if we're not utilizing Windows account DBs.
        * security.cc (convert_samba_sd): Revert previous patch.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-08-17 20:24:49 +02:00
Corinna Vinschen 5de7f2e6c3 Don't perform RFC2307 account mapping without account DB
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Only try
        to map user and group info per RFC2307 if account info is fetched
        from Windows account DB.
        (convert_samba_sd): Ditto.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-08-14 21:41:37 +02:00
Corinna Vinschen 853fcd8936 Introduce sidfromuid and sidfromgid
* pwdgrp.h (sidfromuid): New inline function.
	(sidfromgid): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchown): Use sidfromuid.
	* quotactl.cc (quotactl): Use sidfromuid and sidfromgid.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-04-23 21:57:12 +02:00