When Posix ACLs are used, the umask is ignored and the initial permissions
of created files are taken for the parent directory. However the umask
should still be used when the Posix ACLs are not enabled in the mount
options.
Ownership of files should always represent the creator of files.
This fixes a situation, currently disabled, where there is no user
mapping and the owner of the parent directory is used as the owner
of the created file.
When using Windows inheritance, the cacheing of ACLs for files created
within a directory only depended on the directory. Actually it also
depends on the user who creates the file. With the patch, only the ACLs
created by the owner of the directory are cached.
When grouping of users are determined from /etc/group (a compile-time
option not currently used), the groups examined for checking access rights
to a file were wrongly derived from the uid of the file instead of the
uid of the current process.
Since Vista, the standard directory /Users/Public which should be accessed
by any user is actually restricted to a few group of users, among them
the interactive ones. To make this directory accessible without using
the Posix ACLs, all Linux users are considered as interactive.
However, when Posix ACLs are used, users supposed to be interactive have
to be put into a secondary group mapped to the equivalent Windows group.
When using the Windows permission inheritance mode and the current user
has not been mapped, try to derive a reasonable user from the parent
directory.
The Windows-type inheritance of an ACE may imply creating two ACE's : one
for access and one for further inheritance. The conditions for doing so,
and the flags set on created ACE were sometimes wrong.
Note : the rules have been derived from testing multiple situations, but
there still are some gray cases.
Since Vista, Windows defines a /Users/Public directory supposed to be
public, but actually only allowed to a few user categories (interactive,
batch, etc.) This patch makes possible to create equivalent Unix groups
and group users the same way as in Windows. Posix ACLs have to be enabled
for access to /Users/Public to be allowed to several groups.
chkdsk deletes the ACLs when they are bad or when they are not used any
more. This fixes inserting a new ACL after the previously last ACL (or
even all of them) was deleted.
A bug was introduced by commit d2c7d40a2b :
when the beginning of a file was a hole and the runlist span over several
MFT extents, the runlist was not mapped on filling the initial hole.
This lead to a crash when using torrent to download big files.
Windows applies legacy restrictions to file names, so when the option
windows_names is applied, reject the same reserved names, which are
CON, PRN, AUX, NUL, COM1..COM9, and LPT1..LPT9
When the runlist of the data attribute of MFT has to be split across
several extents, the location of each extent has to be known from the
runlist present in previous extents. So, force the first extent into
record 15 to avoid a bad layout.
When a hole in a sparse file was filled, the runlist was fully recomputed.
When a sparse file spans over several MFT extents, this patch leads to
only recompute the runlist from the modified extent to the end.
Updating an attribute may imply decompressing runlists which are not
contiguous, leaving an unmapped region between them. When checking whether
the attribute has been made sparse, such unmapped regions should be ignored
This mostly happens after updating an index. (fix by Forrest Liu)
Windows server 2012 apparently uses files with no ACEs in their DACL,
thus denying any access to any process except system backup.
Such DACLs should however be considered valid.
When calling ntfstruncate() to expand a resident attribute, the function
is called again recursively, losing the requirement for not inserting
holes. This is for forwarding the requirement (used by ntfscp).
When testing whether a stream has been wiped out for possibly changing
its compression status, only the non-resident case was considered.
This fixes the test for streams which were never made non-resident.
Windows 8 does not zero any more the end of a compression block beyond
what is needed to reach the end of a file. We must now be careful not
to decompress more data than needed.
When translating Windows-type symlinks to Linux ones, the directory
separator has to be changed from '\' to '/'. The change was wrong
for multiple "..\" and ".\"
The file /etc/mtab is traditionally checked to avoid multiple mountings
of the same device, but this is not accurate enough in some conditions.
So use /proc/mounts when available and fall back to /etc/mtab on
systems which do not have /proc/mounts.
Author: Anton Altaparmakov <anton@tuxera.com>
Date: Tue Feb 12 10:33:55 2013 +0000
Modify libntfs-3g to make use of hd library to get the legacy BIOS geometry
from EDD. We scan all whole disk devices on the system and check if they
match the open ntfs device and if not we scan all partition devices on the
system and check if they match the open ntfs device.
If we find a partition device to match then we find its parent device again
using the hd library.
Once we have the parent of the partition device or we matched a whole disk
device we get the legacy EDD sectors per track and heads again using the hd
library.
Use of the hd library is auto detected (based on finding <hd.h> header file,
being able to link against libhd and finding the hd_list symbol in libhd.
Use can also be disabled/enabled/libhd prefix specified at ./configure time.
See ./configure --help for details.
Note this obviously requires libhd to be installed. On Ubuntu 12/04 systems
the relevant packages needed are libhd-dev and libhd16 (on older Ubuntu
versions it will be libhdN where N is some number <= 16 but an easy way to
get the right package is to simply install libhd-dev which by dependency
pulls in the correct libhdN package) whilst on SLES systems the relevant
packages needed are hwinfo and hwinfo-devel.
Upgrade the Win32 interface (win32_io.c) which was designed for Cygwin
so that it can be used for using the ntfsprogs utilities on native Windows.
Two new entries are added for truncating a file and creating a sparse
file, both of which not being supported through msvcrt.dll.
The MS_* flags originated from system constants. However the flags
passed to ntfs_mount were really unrelated to the system constants and
many new MS_* flags had to be introduced as different features were
added to the library. Those flags had no counterparts in any system
APIs, so using the same naming scheme is inappropriate.
Instead, let's namespace these flags similarly to what has already been
done in ntfsprogs/libntfs earlier. This avoids any possible conflicts
with system constants.
The values of the flags themselves are kept the same as earlier, so
backward compatibility is retained.
- Replaced 'ntfschar*' parameters with 'const ntfschar*' where
appropriate (the function does not need to modify the string).
- Replaced some instances of 'u8*' and 'char*' read-only buffer
arguments with 'const u8*' and 'const char*'.
Replace the obsolete definition of reparse tags in layout.h by the
current definitions from msdn, and use them in reparse.c instead of
redefining them.
As the path passed to ntfs-3g for getxattr(2)/setxattr(2) are not
guaranteed to be the one mentioned by the caller when there are hard links,
getting/setting DOS names have to be discontinued in that situation.
Getting/setting DOS names is still possible when there is a single
non-DOS name.
Windows 8 includes a "fast restart" feature for restarting without fully
remounting the internal volumes. When this mode is selected, metadata
stored in the cache (probably hiberfil.sys) is used instead of what
is actually on disk, and this may lead to inconsistencies when changes
have been made by ntfs-3g in the meantime.
This patch tries to prevent ntfs-3g from mounting in read-write mode
when a fast restart of Windows 8 is detected. It relies on the restart
pages in the $LogFile being identified as version 2.0, which is
apparently related to data being cached for hibernation or fast restarting.
External devices, such as USB keys, may have a switch to make them
temporarily unwriteable. When such a device is plugged in, mount it
as read-only by default.
In the $LogFile, Windows 8 defines restart pages with version 2.0.
The checks designed for version 1.1 appear to apply, so accept v 2.0
and apply the usual checks.
Accept security descriptors in which the SACL is present though it does not
contain any ACE. Such security descriptors have been found in Windows
installation files.
The type of special files (symlinks, fifos, etc.) was not returned in
readdir() and they appeared wrongly in the field d_type of "struct dirent".
This prevented some applications which relied on d_type (which does
not exist in Solaris) from navigating in an NTFS tree.
