2012-05-07 10:24:03 +04:00
/*
Unix SMB / CIFS implementation .
2012-09-25 01:11:05 +04:00
Set NT and POSIX ACLs and other VFS operations from Python
2012-08-02 07:36:43 +04:00
Copyrigyt ( C ) Andrew Bartlett 2012
2012-05-07 10:24:03 +04:00
Copyright ( C ) Jeremy Allison 1994 - 2009.
Copyright ( C ) Andreas Gruenbacher 2002.
Copyright ( C ) Simo Sorce < idra @ samba . org > 2009.
2012-08-02 07:35:24 +04:00
Copyright ( C ) Simo Sorce 2002
Copyright ( C ) Eric Lorimer 2002
2012-05-07 10:24:03 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
2015-06-12 12:45:39 +03:00
# include <Python.h>
2012-05-07 10:24:03 +04:00
# include "includes.h"
# include "smbd/smbd.h"
# include "libcli/util/pyerrors.h"
2012-08-02 07:35:24 +04:00
# include "librpc/rpc/pyrpc_util.h"
# include <pytalloc.h>
# include "system/filesys.h"
2012-05-07 10:24:03 +04:00
extern const struct generic_mapping file_generic_mapping ;
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_ACLS
2012-10-10 06:48:27 +04:00
static int conn_free_wrapper ( connection_struct * conn )
{
conn_free ( conn ) ;
return 0 ;
} ;
static connection_struct * get_conn ( TALLOC_CTX * mem_ctx , const char * service )
2012-05-07 10:24:03 +04:00
{
connection_struct * conn ;
2012-10-10 06:48:27 +04:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2013-01-09 02:18:27 +04:00
int snum = - 1 ;
NTSTATUS status ;
2012-10-10 06:48:27 +04:00
if ( ! posix_locking_init ( false ) ) {
PyErr_NoMemory ( ) ;
TALLOC_FREE ( frame ) ;
return NULL ;
}
if ( service ) {
2013-01-09 02:18:27 +04:00
snum = lp_servicenumber ( service ) ;
2012-10-10 06:48:27 +04:00
if ( snum = = - 1 ) {
TALLOC_FREE ( frame ) ;
PyErr_SetString ( PyExc_RuntimeError , " unknown service " ) ;
return NULL ;
}
2013-01-09 02:18:27 +04:00
}
2012-10-10 06:48:27 +04:00
2013-01-09 02:18:27 +04:00
status = create_conn_struct ( mem_ctx , NULL , NULL , & conn , snum , " / " ,
NULL ) ;
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2013-01-09 02:18:27 +04:00
/* Ignore read-only and share restrictions */
2012-10-10 06:48:27 +04:00
conn - > read_only = false ;
2013-01-09 02:18:27 +04:00
conn - > share_access = SEC_RIGHTS_FILE_ALL ;
2012-10-10 06:48:27 +04:00
talloc_set_destructor ( conn , conn_free_wrapper ) ;
return conn ;
}
2014-02-05 06:31:22 +04:00
static int set_sys_acl_conn ( const char * fname ,
2012-10-10 06:48:27 +04:00
SMB_ACL_TYPE_T acltype ,
SMB_ACL_T theacl , connection_struct * conn )
{
2012-05-07 10:24:03 +04:00
int ret ;
2012-10-26 07:22:07 +04:00
mode_t saved_umask ;
2012-05-07 10:24:03 +04:00
2012-10-10 06:48:27 +04:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2012-05-07 10:24:03 +04:00
2012-10-26 07:22:07 +04:00
/* we want total control over the permissions on created files,
so set our umask to 0 */
saved_umask = umask ( 0 ) ;
2012-05-07 10:24:03 +04:00
ret = SMB_VFS_SYS_ACL_SET_FILE ( conn , fname , acltype , theacl ) ;
2012-10-26 07:22:07 +04:00
umask ( saved_umask ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2014-02-05 06:31:22 +04:00
return ret ;
2012-05-07 10:24:03 +04:00
}
2012-10-10 06:48:27 +04:00
static NTSTATUS set_nt_acl_conn ( const char * fname ,
2015-05-03 07:01:14 +03:00
uint32_t security_info_sent , const struct security_descriptor * sd ,
2012-10-10 06:48:27 +04:00
connection_struct * conn )
2012-08-02 07:35:24 +04:00
{
TALLOC_CTX * frame = talloc_stackframe ( ) ;
NTSTATUS status = NT_STATUS_OK ;
files_struct * fsp ;
struct smb_filename * smb_fname = NULL ;
2012-11-14 00:34:35 +04:00
int flags , ret ;
2012-10-26 07:22:07 +04:00
mode_t saved_umask ;
2012-08-07 08:18:41 +04:00
fsp = talloc_zero ( frame , struct files_struct ) ;
2012-08-02 07:35:24 +04:00
if ( fsp = = NULL ) {
TALLOC_FREE ( frame ) ;
return NT_STATUS_NO_MEMORY ;
}
fsp - > fh = talloc ( fsp , struct fd_handle ) ;
if ( fsp - > fh = = NULL ) {
TALLOC_FREE ( frame ) ;
return NT_STATUS_NO_MEMORY ;
}
fsp - > conn = conn ;
2012-10-26 07:22:07 +04:00
/* we want total control over the permissions on created files,
so set our umask to 0 */
saved_umask = umask ( 0 ) ;
2013-04-12 14:06:51 +04:00
smb_fname = synthetic_smb_fname_split ( fsp , fname , NULL ) ;
if ( smb_fname = = NULL ) {
2012-08-02 07:35:24 +04:00
TALLOC_FREE ( frame ) ;
2012-10-26 07:22:07 +04:00
umask ( saved_umask ) ;
2013-04-12 14:06:51 +04:00
return NT_STATUS_NO_MEMORY ;
2012-08-02 07:35:24 +04:00
}
fsp - > fsp_name = smb_fname ;
# ifdef O_DIRECTORY
flags = O_RDONLY | O_DIRECTORY ;
# else
/* POSIX allows us to open a directory with O_RDONLY. */
flags = O_RDONLY ;
# endif
2012-08-07 08:19:06 +04:00
fsp - > fh - > fd = SMB_VFS_OPEN ( conn , smb_fname , fsp , O_RDWR , 00400 ) ;
2012-08-02 07:35:24 +04:00
if ( fsp - > fh - > fd = = - 1 & & errno = = EISDIR ) {
2012-08-07 08:19:06 +04:00
fsp - > fh - > fd = SMB_VFS_OPEN ( conn , smb_fname , fsp , flags , 00400 ) ;
2012-08-02 07:35:24 +04:00
}
if ( fsp - > fh - > fd = = - 1 ) {
printf ( " open: error=%d (%s) \n " , errno , strerror ( errno ) ) ;
TALLOC_FREE ( frame ) ;
2012-10-26 07:22:07 +04:00
umask ( saved_umask ) ;
2012-08-02 07:35:24 +04:00
return NT_STATUS_UNSUCCESSFUL ;
}
2012-11-14 00:34:35 +04:00
ret = SMB_VFS_FSTAT ( fsp , & smb_fname - > st ) ;
if ( ret = = - 1 ) {
/* If we have an fd, this stat should succeed. */
DEBUG ( 0 , ( " Error doing fstat on open file %s "
" (%s) \n " ,
smb_fname_str_dbg ( smb_fname ) ,
strerror ( errno ) ) ) ;
TALLOC_FREE ( frame ) ;
umask ( saved_umask ) ;
return map_nt_error_from_unix ( errno ) ;
}
fsp - > file_id = vfs_file_id_from_sbuf ( conn , & smb_fname - > st ) ;
fsp - > vuid = UID_FIELD_INVALID ;
fsp - > file_pid = 0 ;
fsp - > can_lock = True ;
fsp - > can_read = True ;
fsp - > can_write = True ;
fsp - > print_file = NULL ;
fsp - > modified = False ;
fsp - > sent_oplock_break = NO_BREAK_SENT ;
fsp - > is_directory = S_ISDIR ( smb_fname - > st . st_ex_mode ) ;
2012-08-02 07:35:24 +04:00
status = SMB_VFS_FSET_NT_ACL ( fsp , security_info_sent , sd ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " set_nt_acl_no_snum: fset_nt_acl returned %s. \n " , nt_errstr ( status ) ) ) ;
}
2012-10-26 03:07:02 +04:00
SMB_VFS_CLOSE ( fsp ) ;
2012-08-02 07:35:24 +04:00
conn_free ( conn ) ;
TALLOC_FREE ( frame ) ;
2012-10-26 07:22:07 +04:00
umask ( saved_umask ) ;
2012-08-02 07:35:24 +04:00
return status ;
}
2012-10-10 06:48:27 +04:00
static NTSTATUS get_nt_acl_conn ( TALLOC_CTX * mem_ctx ,
const char * fname ,
connection_struct * conn ,
2015-05-03 07:01:14 +03:00
uint32_t security_info_wanted ,
2012-10-10 06:48:27 +04:00
struct security_descriptor * * sd )
{
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2016-02-12 21:30:10 +03:00
NTSTATUS status ;
struct smb_filename * smb_fname = synthetic_smb_fname ( talloc_tos ( ) ,
fname ,
NULL ,
NULL ) ;
if ( smb_fname = = NULL ) {
TALLOC_FREE ( frame ) ;
return NT_STATUS_NO_MEMORY ;
}
status = SMB_VFS_GET_NT_ACL ( conn ,
smb_fname ,
security_info_wanted ,
mem_ctx ,
sd ) ;
2012-10-10 06:48:27 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " get_nt_acl_conn: get_nt_acl returned %s. \n " , nt_errstr ( status ) ) ) ;
}
TALLOC_FREE ( frame ) ;
return status ;
}
2012-05-07 10:24:03 +04:00
2012-08-22 12:35:01 +04:00
static SMB_ACL_T make_simple_acl ( gid_t gid , mode_t chmod_mode )
2012-05-07 10:24:03 +04:00
{
2012-10-10 03:18:32 +04:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2012-11-11 15:07:49 +04:00
mode_t mode = SMB_ACL_READ | SMB_ACL_WRITE | SMB_ACL_EXECUTE ;
2012-08-22 12:35:01 +04:00
2012-10-25 09:25:22 +04:00
mode_t mode_user = ( chmod_mode & 0700 ) > > 6 ;
mode_t mode_group = ( chmod_mode & 070 ) > > 3 ;
2012-08-22 12:35:01 +04:00
mode_t mode_other = chmod_mode & 07 ;
2012-05-07 10:24:03 +04:00
SMB_ACL_ENTRY_T entry ;
2012-10-10 03:18:32 +04:00
SMB_ACL_T acl = sys_acl_init ( frame ) ;
2012-05-07 10:24:03 +04:00
if ( ! acl ) {
return NULL ;
}
if ( sys_acl_create_entry ( & acl , & entry ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_set_tag_type ( entry , SMB_ACL_USER_OBJ ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_permset ( entry , & mode_user ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_create_entry ( & acl , & entry ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_set_tag_type ( entry , SMB_ACL_GROUP_OBJ ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_permset ( entry , & mode_group ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_create_entry ( & acl , & entry ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_set_tag_type ( entry , SMB_ACL_OTHER ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_permset ( entry , & mode_other ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
2012-08-22 12:35:01 +04:00
if ( gid ! = - 1 ) {
if ( sys_acl_create_entry ( & acl , & entry ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-08-22 12:35:01 +04:00
return NULL ;
}
2012-09-25 01:11:05 +04:00
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_tag_type ( entry , SMB_ACL_GROUP ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-08-22 12:35:01 +04:00
return NULL ;
}
2012-09-25 01:11:05 +04:00
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_qualifier ( entry , & gid ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-08-22 12:35:01 +04:00
return NULL ;
}
2012-09-25 01:11:05 +04:00
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_permset ( entry , & mode_group ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-08-22 12:35:01 +04:00
return NULL ;
}
2012-05-07 10:24:03 +04:00
}
if ( sys_acl_create_entry ( & acl , & entry ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
if ( sys_acl_set_tag_type ( entry , SMB_ACL_MASK ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
2012-08-22 12:35:01 +04:00
if ( sys_acl_set_permset ( entry , & mode ) ! = 0 ) {
2012-10-10 03:18:32 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
return NULL ;
}
return acl ;
}
/*
set a simple ACL on a file , as a test
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_set_simple_acl ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-05-07 10:24:03 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " mode " , " gid " , " service " , NULL } ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2014-02-05 06:31:22 +04:00
int ret ;
2012-08-22 12:35:01 +04:00
int mode , gid = - 1 ;
2012-05-07 10:24:03 +04:00
SMB_ACL_T acl ;
2012-08-07 04:45:14 +04:00
TALLOC_CTX * frame ;
2012-10-10 06:48:27 +04:00
connection_struct * conn ;
2012-05-07 10:24:03 +04:00
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " si|iz " ,
discard_const_p ( char * , kwnames ) ,
& fname , & mode , & gid , & service ) )
2012-05-07 10:24:03 +04:00
return NULL ;
2012-08-22 12:35:01 +04:00
acl = make_simple_acl ( gid , mode ) ;
2012-05-07 10:24:03 +04:00
2012-08-07 04:45:14 +04:00
frame = talloc_stackframe ( ) ;
2012-10-10 06:48:27 +04:00
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
return NULL ;
}
2014-02-05 06:31:22 +04:00
ret = set_sys_acl_conn ( fname , SMB_ACL_TYPE_ACCESS , acl , conn ) ;
2012-08-13 14:51:41 +04:00
TALLOC_FREE ( acl ) ;
2012-08-07 04:45:14 +04:00
2014-02-05 06:31:22 +04:00
if ( ret ! = 0 ) {
TALLOC_FREE ( frame ) ;
errno = ret ;
return PyErr_SetFromErrno ( PyExc_OSError ) ;
}
2012-08-07 04:45:14 +04:00
2014-02-05 06:31:22 +04:00
TALLOC_FREE ( frame ) ;
2012-05-07 10:24:03 +04:00
Py_RETURN_NONE ;
}
2012-08-21 08:23:35 +04:00
/*
chown a file
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_chown ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-08-21 08:23:35 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " uid " , " gid " , " service " , NULL } ;
2012-08-21 08:23:35 +04:00
connection_struct * conn ;
int ret ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2012-08-21 08:23:35 +04:00
int uid , gid ;
TALLOC_CTX * frame ;
2012-10-26 07:22:07 +04:00
mode_t saved_umask ;
2012-08-21 08:23:35 +04:00
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " sii|z " ,
discard_const_p ( char * , kwnames ) ,
& fname , & uid , & gid , & service ) )
2012-08-21 08:23:35 +04:00
return NULL ;
frame = talloc_stackframe ( ) ;
2012-10-10 06:48:27 +04:00
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
2012-08-21 08:23:35 +04:00
return NULL ;
}
2012-10-26 07:22:07 +04:00
/* we want total control over the permissions on created files,
so set our umask to 0 */
saved_umask = umask ( 0 ) ;
2012-08-21 08:23:35 +04:00
ret = SMB_VFS_CHOWN ( conn , fname , uid , gid ) ;
if ( ret ! = 0 ) {
2014-02-05 06:31:22 +04:00
umask ( saved_umask ) ;
TALLOC_FREE ( frame ) ;
errno = ret ;
return PyErr_SetFromErrno ( PyExc_OSError ) ;
2012-08-21 08:23:35 +04:00
}
2012-10-26 07:22:07 +04:00
umask ( saved_umask ) ;
2012-08-21 08:23:35 +04:00
TALLOC_FREE ( frame ) ;
Py_RETURN_NONE ;
}
2012-10-26 10:25:53 +04:00
/*
2014-02-05 06:31:22 +04:00
unlink a file
2012-10-26 10:25:53 +04:00
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_unlink ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-10-26 10:25:53 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " service " , NULL } ;
2012-10-26 10:25:53 +04:00
connection_struct * conn ;
int ret ;
struct smb_filename * smb_fname = NULL ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2012-10-26 10:25:53 +04:00
TALLOC_CTX * frame ;
frame = talloc_stackframe ( ) ;
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " s|z " ,
discard_const_p ( char * , kwnames ) ,
& fname , & service ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2012-10-26 10:25:53 +04:00
return NULL ;
}
2012-10-10 06:48:27 +04:00
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
TALLOC_FREE ( frame ) ;
2012-10-26 10:25:53 +04:00
return NULL ;
}
2013-04-12 14:14:32 +04:00
smb_fname = synthetic_smb_fname_split ( frame , fname , NULL ) ;
if ( smb_fname = = NULL ) {
2012-10-26 10:25:53 +04:00
TALLOC_FREE ( frame ) ;
2014-02-05 06:31:22 +04:00
return PyErr_NoMemory ( ) ;
2012-10-26 10:25:53 +04:00
}
ret = SMB_VFS_UNLINK ( conn , smb_fname ) ;
if ( ret ! = 0 ) {
2014-02-05 06:31:22 +04:00
TALLOC_FREE ( frame ) ;
errno = ret ;
return PyErr_SetFromErrno ( PyExc_OSError ) ;
2012-10-26 10:25:53 +04:00
}
TALLOC_FREE ( frame ) ;
Py_RETURN_NONE ;
}
2012-06-21 10:21:54 +04:00
/*
check if we have ACL support
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_have_posix_acls ( PyObject * self )
2012-06-21 10:21:54 +04:00
{
# ifdef HAVE_POSIX_ACLS
return PyBool_FromLong ( true ) ;
# else
return PyBool_FromLong ( false ) ;
# endif
}
2012-08-02 07:35:24 +04:00
/*
2012-08-21 09:10:43 +04:00
set the NT ACL on a file
2012-08-02 07:35:24 +04:00
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_set_nt_acl ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-08-02 07:35:24 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " security_info_sent " , " sd " , " service " , NULL } ;
2012-08-02 07:35:24 +04:00
NTSTATUS status ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2012-08-02 07:35:24 +04:00
int security_info_sent ;
PyObject * py_sd ;
struct security_descriptor * sd ;
2012-10-10 06:48:27 +04:00
connection_struct * conn ;
TALLOC_CTX * frame ;
frame = talloc_stackframe ( ) ;
2012-08-02 07:35:24 +04:00
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs ,
" siO|z " , discard_const_p ( char * , kwnames ) ,
& fname , & security_info_sent , & py_sd , & service ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2012-08-02 07:35:24 +04:00
return NULL ;
2012-10-10 06:48:27 +04:00
}
2012-08-02 07:35:24 +04:00
if ( ! py_check_dcerpc_type ( py_sd , " samba.dcerpc.security " , " descriptor " ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
return NULL ;
}
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
TALLOC_FREE ( frame ) ;
2012-08-02 07:35:24 +04:00
return NULL ;
}
sd = pytalloc_get_type ( py_sd , struct security_descriptor ) ;
2012-10-10 06:48:27 +04:00
status = set_nt_acl_conn ( fname , security_info_sent , sd , conn ) ;
TALLOC_FREE ( frame ) ;
2012-08-02 07:35:24 +04:00
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
Py_RETURN_NONE ;
}
2012-08-02 09:16:13 +04:00
/*
2012-08-21 09:10:43 +04:00
Return the NT ACL on a file
2012-08-02 09:16:13 +04:00
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_get_nt_acl ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-08-02 09:16:13 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " security_info_wanted " , " service " , NULL } ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2012-08-23 03:45:07 +04:00
int security_info_wanted ;
2012-08-02 09:16:13 +04:00
PyObject * py_sd ;
struct security_descriptor * sd ;
TALLOC_CTX * tmp_ctx = talloc_new ( NULL ) ;
2012-10-10 06:48:27 +04:00
connection_struct * conn ;
2012-11-14 00:48:53 +04:00
NTSTATUS status ;
2012-08-02 09:16:13 +04:00
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " si|z " , discard_const_p ( char * , kwnames ) ,
& fname , & security_info_wanted , & service ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2012-08-02 09:16:13 +04:00
return NULL ;
2012-10-10 06:48:27 +04:00
}
conn = get_conn ( tmp_ctx , service ) ;
if ( ! conn ) {
TALLOC_FREE ( tmp_ctx ) ;
return NULL ;
}
2012-09-25 01:11:05 +04:00
2012-10-10 06:48:27 +04:00
status = get_nt_acl_conn ( tmp_ctx , fname , conn , security_info_wanted , & sd ) ;
2012-11-14 00:48:53 +04:00
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2012-08-02 09:16:13 +04:00
2012-08-23 03:39:32 +04:00
py_sd = py_return_ndr_struct ( " samba.dcerpc.security " , " descriptor " , sd , sd ) ;
2012-08-02 09:16:13 +04:00
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2012-08-02 09:16:13 +04:00
return py_sd ;
}
2012-08-21 09:11:30 +04:00
/*
set the posix ( or similar ) ACL on a file
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_set_sys_acl ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-08-21 09:11:30 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " acl_type " , " acl " , " service " , NULL } ;
2012-10-10 06:48:27 +04:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2014-02-05 06:31:22 +04:00
int ret ;
2012-10-10 06:48:27 +04:00
char * fname , * service = NULL ;
2012-08-21 09:11:30 +04:00
PyObject * py_acl ;
struct smb_acl_t * acl ;
int acl_type ;
2012-10-10 06:48:27 +04:00
connection_struct * conn ;
2012-08-21 09:11:30 +04:00
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " siO|z " ,
discard_const_p ( char * , kwnames ) ,
& fname , & acl_type , & py_acl , & service ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2012-08-21 09:11:30 +04:00
return NULL ;
2012-10-10 06:48:27 +04:00
}
2012-08-21 09:11:30 +04:00
2012-08-21 16:41:13 +04:00
if ( ! py_check_dcerpc_type ( py_acl , " samba.dcerpc.smb_acl " , " t " ) ) {
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
return NULL ;
}
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
TALLOC_FREE ( frame ) ;
2012-08-21 09:11:30 +04:00
return NULL ;
}
acl = pytalloc_get_type ( py_acl , struct smb_acl_t ) ;
2014-02-05 06:31:22 +04:00
ret = set_sys_acl_conn ( fname , acl_type , acl , conn ) ;
if ( ret ! = 0 ) {
TALLOC_FREE ( frame ) ;
errno = ret ;
return PyErr_SetFromErrno ( PyExc_OSError ) ;
}
2012-08-21 09:11:30 +04:00
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( frame ) ;
2012-08-21 09:11:30 +04:00
Py_RETURN_NONE ;
}
/*
Return the posix ( or similar ) ACL on a file
*/
2012-12-15 14:17:30 +04:00
static PyObject * py_smbd_get_sys_acl ( PyObject * self , PyObject * args , PyObject * kwargs )
2012-08-21 09:11:30 +04:00
{
2012-12-15 14:17:30 +04:00
const char * const kwnames [ ] = { " fname " , " acl_type " , " service " , NULL } ;
2012-08-21 09:11:30 +04:00
char * fname ;
PyObject * py_acl ;
struct smb_acl_t * acl ;
int acl_type ;
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2012-10-10 06:48:27 +04:00
TALLOC_CTX * tmp_ctx = talloc_new ( NULL ) ;
2012-08-21 09:11:30 +04:00
connection_struct * conn ;
2012-10-10 06:48:27 +04:00
char * service = NULL ;
if ( ! tmp_ctx ) {
PyErr_NoMemory ( ) ;
2012-08-21 09:11:30 +04:00
return NULL ;
}
2012-12-15 14:17:30 +04:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " si|z " ,
discard_const_p ( char * , kwnames ) ,
& fname , & acl_type , & service ) ) {
2012-08-21 09:11:30 +04:00
TALLOC_FREE ( frame ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2012-08-21 09:11:30 +04:00
return NULL ;
}
2012-10-10 06:48:27 +04:00
conn = get_conn ( frame , service ) ;
if ( ! conn ) {
2012-08-21 09:11:30 +04:00
TALLOC_FREE ( frame ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2012-08-21 09:11:30 +04:00
return NULL ;
}
2012-10-10 06:48:27 +04:00
acl = SMB_VFS_SYS_ACL_GET_FILE ( conn , fname , acl_type , tmp_ctx ) ;
2012-08-21 09:11:30 +04:00
if ( ! acl ) {
TALLOC_FREE ( frame ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2014-02-05 06:31:22 +04:00
return PyErr_SetFromErrno ( PyExc_OSError ) ;
2012-08-21 09:11:30 +04:00
}
2012-08-21 16:41:13 +04:00
py_acl = py_return_ndr_struct ( " samba.dcerpc.smb_acl " , " t " , acl , acl ) ;
2012-08-21 09:11:30 +04:00
TALLOC_FREE ( frame ) ;
2012-10-10 06:48:27 +04:00
TALLOC_FREE ( tmp_ctx ) ;
2012-08-21 09:11:30 +04:00
return py_acl ;
}
2012-05-07 10:24:03 +04:00
static PyMethodDef py_smbd_methods [ ] = {
2012-06-21 10:21:54 +04:00
{ " have_posix_acls " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_have_posix_acls , METH_NOARGS ,
2012-06-21 10:21:54 +04:00
NULL } ,
2012-05-07 10:24:03 +04:00
{ " set_simple_acl " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_set_simple_acl , METH_VARARGS | METH_KEYWORDS ,
2012-05-07 10:24:03 +04:00
NULL } ,
2012-08-02 07:35:24 +04:00
{ " set_nt_acl " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_set_nt_acl , METH_VARARGS | METH_KEYWORDS ,
2012-08-02 07:35:24 +04:00
NULL } ,
2012-08-02 09:16:13 +04:00
{ " get_nt_acl " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_get_nt_acl , METH_VARARGS | METH_KEYWORDS ,
2012-08-02 09:16:13 +04:00
NULL } ,
2012-08-21 09:11:30 +04:00
{ " get_sys_acl " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_get_sys_acl , METH_VARARGS | METH_KEYWORDS ,
2012-08-21 09:11:30 +04:00
NULL } ,
{ " set_sys_acl " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_set_sys_acl , METH_VARARGS | METH_KEYWORDS ,
2012-08-21 09:11:30 +04:00
NULL } ,
2012-08-21 08:23:35 +04:00
{ " chown " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_chown , METH_VARARGS | METH_KEYWORDS ,
2012-08-21 08:23:35 +04:00
NULL } ,
2012-10-26 10:25:53 +04:00
{ " unlink " ,
2012-12-15 14:17:30 +04:00
( PyCFunction ) py_smbd_unlink , METH_VARARGS | METH_KEYWORDS ,
2012-10-26 10:25:53 +04:00
NULL } ,
2012-05-07 10:24:03 +04:00
{ NULL }
} ;
void initsmbd ( void ) ;
void initsmbd ( void )
{
PyObject * m ;
m = Py_InitModule3 ( " smbd " , py_smbd_methods ,
" Python bindings for the smbd file server. " ) ;
if ( m = = NULL )
return ;
}