From 3dae332bed4832a8cafcb9341ad6b54cc685880c Mon Sep 17 00:00:00 2001 From: Roland Mainz Date: Wed, 3 Jul 2024 17:46:09 +0200 Subject: [PATCH] cygwin: Implement Unix_User+ and Unix_Group+ support in |map_nfs4ace_who()| /usr/bin/patch failed patching a file, complaining that it cannot change the group of it's temporary file. This happened because Cygwin is generating Unix_Group+ SIDs based on the Nfs3Attr EA |gid|, instead of taking the native SID returned by Windows. And some tools like patch(1) end-up just copying that SID, which our |map_nfs4ace_who()| did not support. Implementing Unix_User+ and Unix_Group+ support in |map_nfs4ace_who()| fixes this. See https://github.com/kofemann/ms-nfs41-client/issues/16 Fixes: Issue #16 Reported-by: Mark Liam Brown Signed-off-by: Cedric Blancher Signed-off-by: Tigran Mkrtchyan --- daemon/acl.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++ daemon/sid.h | 4 ++++ 2 files changed, 71 insertions(+) diff --git a/daemon/acl.c b/daemon/acl.c index 3ab4bf89..02f08b27 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -980,11 +980,78 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o * SIDs */ case ERROR_NONE_MAPPED: + /* + * This can happen for two reasons: + * 1. Someone copied a file from a NFS(v3) filesystem, + * and Cygwin generated an Unix_User+ or + * Unix_Group+ SID for the source file, which + * tools like Cygwin cp(1) just copy. + * 2. We have an uid/gid for which we do not have + * a user-/group-name mapped. + */ +#ifdef NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID + /* fixme: This should be a function argument */ + extern nfs41_daemon_globals nfs41_dg; + + uid_t unixuser_uid = ~0U; + gid_t unixgroup_gid = ~0U; + + if (unixuser_sid2uid(sid, &unixuser_uid)) { + if (!nfs41_idmap_uid_to_name(nfs41_dg.idmapper, + unixuser_uid, who_out, UNLEN)) { + who_size = (DWORD)strlen(who_out); + sid_type = SidTypeUser; + status = ERROR_SUCCESS; + + DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + "Unix_User+%d SID " + "mapped to user '%s'\n", + unixuser_uid, who_out)); + goto add_domain; + } + + eprintf("map_nfs4ace_who: " + "unixuser_sid2uid(sid='%s',unixuser_uid=%d) " + "returned no mapping.\n", + sidstr, (int)unixuser_uid); + goto err_none_mapped; + } + + if (unixgroup_sid2gid(sid, &unixgroup_gid)) { + if (!nfs41_idmap_gid_to_group(nfs41_dg.idmapper, + unixgroup_gid, who_out, GNLEN)) { + who_size = (DWORD)strlen(who_out); + sid_type = SidTypeGroup; + status = ERROR_SUCCESS; + + DPRINTF(ACLLVL1, ("map_nfs4ace_who: " + "Unix_Group+%d SID " + "mapped to group '%s'\n", + unixgroup_gid, who_out)); + goto add_domain; + } + + eprintf("map_nfs4ace_who: " + "unixgroup_sid2gid(sid='%s',unixgroup_gid=%d) " + "returned no mapping.\n", + sidstr, (int)unixgroup_gid); + goto err_none_mapped; + } + + eprintf("map_nfs4ace_who: LookupAccountSidA() " + "returned ERROR_NONE_MAPPED+no " + "Unix_@(User|Group)+ mapping for sidstr='%s'\n", + sidstr); +err_none_mapped: + status = ERROR_NONE_MAPPED; +#else DPRINTF(ACLLVL2, ("map_nfs4ace_who: LookupAccountSidA() " "returned ERROR_NONE_MAPPED for sidstr='%s'\n", sidstr)); status = lasterr; goto out; +#endif /* NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID */ + /* Catch other cases */ case ERROR_NO_SUCH_USER: case ERROR_NO_SUCH_GROUP: diff --git a/daemon/sid.h b/daemon/sid.h index d310d881..57edfc72 100644 --- a/daemon/sid.h +++ b/daemon/sid.h @@ -52,6 +52,10 @@ extern sidcache group_sidcache; /* prototypes */ int create_unknownsid(WELL_KNOWN_SID_TYPE type, PSID *sid, DWORD *sid_len); +#ifdef NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID +bool unixuser_sid2uid(PSID psid, uid_t *puid); +bool unixgroup_sid2gid(PSID psid, gid_t *pgid); +#endif /* NFS41_DRIVER_FEATURE_MAP_UNMAPPED_USER_TO_UNIXUSER_SID */ void sidcache_init(void); void sidcache_add(sidcache *cache, const char* win32name, PSID value); PSID *sidcache_getcached_byname(sidcache *cache, const char *win32name);