Commit 9a7aaef7 authored by Steve French's avatar Steve French Committed by Steve French

check permission locally for servers that do not support the CIFS Unix...

check permission locally for servers that do not support the CIFS Unix Extensions (allowing file_mode and dir_mode to augment the
server permission check, by doing local vfs_permission check)
parent e3404d5f
Version 1.08
------------
Allow file_mode and dir_mode (specified at mount time) to be enforced
locally (the server already enforced its own ACLs too) for servers
that do not report the correct mode (do not support the
CIFS Unix Extensions).
Version 1.07
------------
Fix some small memory leaks in some unmount error paths. Fix major leak
......
......@@ -191,8 +191,21 @@ cifs_statfs(struct super_block *sb, struct kstatfs *buf)
static int cifs_permission(struct inode * inode, int mask, struct nameidata *nd)
{
/* the server does permission checks, we do not need to do it here */
struct cifs_sb_info *cifs_sb;
cifs_sb = CIFS_SB(inode->i_sb);
if (cifs_sb->tcon->ses->capabilities & CAP_UNIX) {
/* the server supports the Unix-like mode bits and does its
own permission checks, and therefore we do not allow the file
mode to be overriden on these mounts - so do not do perm
check on client side */
return 0;
} else /* file mode might have been restricted at mount time
on the client (above and beyond ACL on servers) for
servers which do not support setting and viewing mode bits,
so allowing client to check permissions is useful */
return vfs_permission(inode, mask);
}
static kmem_cache_t *cifs_inode_cachep;
......
......@@ -1009,7 +1009,9 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
return -EINVAL;
}
cFYI(1, ("UNC: %s ip: %s ", volume_info.UNC, volume_info.UNCip));
cFYI(1, ("UNC: %s ip: %s", volume_info.UNC, volume_info.UNCip));
/* success */
rc = 0;
} else if (volume_info.UNCip){
/* BB using ip addr as server name connect to the DFS root below */
cERROR(1,("Connecting to DFS root not implemented yet"));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment