mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
s3:net: add 'net vfs getntacl' command
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jul 12 22:59:58 UTC 2019 on sn-devel-184
This commit is contained in:
Ralph Boehme
Jeremy Allison
parent
bb37a88e63
commit
36b48aa783
@ -2953,6 +2953,26 @@ Dump the locking table of a certain global lock.
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect3>
|
||||
|
||||
<refsect3>
|
||||
<title>vfs getntacl <replaceable>share</replaceable> <replaceable>path</replaceable></title>
|
||||
|
||||
<para>Display the security descriptor of a file or directory.</para>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><replaceable>share</replaceable>
|
||||
A Samba share.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para><replaceable>path</replaceable> A relative path of something in
|
||||
the Samba share. "." can be used for the root directory of the
|
||||
share.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</refsect3>
|
||||
|
||||
</refsect2>
|
||||
|
||||
<refsect2>
|
||||
|
||||
@ -30,6 +30,8 @@
|
||||
#include "smbd/proto.h"
|
||||
#include "locking/proto.h"
|
||||
#include "auth.h"
|
||||
#include "client.h"
|
||||
#include "util_sd.h"
|
||||
#include "lib/adouble.h"
|
||||
#include "lib/string_replace.h"
|
||||
#include "utils/net.h"
|
||||
@ -50,6 +52,13 @@ static void net_vfs_usage(void)
|
||||
"net vfs [OPTIONS] <share> ....\n");
|
||||
}
|
||||
|
||||
static void net_vfs_getntacl_usage(void)
|
||||
{
|
||||
fprintf(stderr,
|
||||
"Usage:\n"
|
||||
"net vfs getntacl <share> <path>\n");
|
||||
}
|
||||
|
||||
static void net_vfs_stream_to_appledouble_usage(void)
|
||||
{
|
||||
fprintf(stderr,
|
||||
@ -188,6 +197,101 @@ done:
|
||||
return rc;
|
||||
}
|
||||
|
||||
static int net_vfs_get_ntacl(struct net_context *net,
|
||||
int argc,
|
||||
const char **argv)
|
||||
{
|
||||
const char *path = NULL;
|
||||
struct smb_filename *smb_fname = NULL;
|
||||
files_struct *fsp = NULL;
|
||||
struct security_descriptor *sd = NULL;
|
||||
NTSTATUS status;
|
||||
int ret;
|
||||
int rc = 1;
|
||||
|
||||
if (argc < 2 || net->display_usage) {
|
||||
net_vfs_getntacl_usage();
|
||||
goto done;
|
||||
}
|
||||
|
||||
ret = net_vfs_init(net, argc, argv);
|
||||
if (ret != 0) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
path = argv[1];
|
||||
smb_fname = synthetic_smb_fname(state.mem_ctx, path, NULL, NULL, 0);
|
||||
if (smb_fname == NULL) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
ret = SMB_VFS_STAT(state.conn_tos->conn, smb_fname);
|
||||
if (ret != 0) {
|
||||
fprintf(stderr, "stat [%s] failed: %s\n",
|
||||
smb_fname_str_dbg(smb_fname), strerror(errno));
|
||||
goto done;
|
||||
}
|
||||
|
||||
status = SMB_VFS_CREATE_FILE(
|
||||
state.conn_tos->conn,
|
||||
NULL, /* req */
|
||||
0, /* root_dir_fid */
|
||||
smb_fname,
|
||||
FILE_READ_ATTRIBUTES|READ_CONTROL_ACCESS,
|
||||
FILE_SHARE_READ|FILE_SHARE_WRITE,
|
||||
FILE_OPEN,
|
||||
0, /* create_options */
|
||||
0, /* file_attributes */
|
||||
INTERNAL_OPEN_ONLY, /* oplock_request */
|
||||
NULL, /* lease */
|
||||
0, /* allocation_size */
|
||||
0, /* private_flags */
|
||||
NULL, /* sd */
|
||||
NULL, /* ea_list */
|
||||
&fsp,
|
||||
NULL, /* info */
|
||||
NULL, NULL); /* create context */
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DBG_ERR("SMB_VFS_CREATE_FILE [%s] failed: %s\n",
|
||||
smb_fname_str_dbg(smb_fname), nt_errstr(status));
|
||||
goto done;
|
||||
}
|
||||
|
||||
status = SMB_VFS_FGET_NT_ACL(fsp,
|
||||
SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL,
|
||||
fsp,
|
||||
&sd);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DBG_ERR("SMB_VFS_FGET_NT_ACL [%s] failed: %s\n",
|
||||
smb_fname_str_dbg(smb_fname), nt_errstr(status));
|
||||
goto done;
|
||||
}
|
||||
|
||||
status = close_file(NULL, fsp, NORMAL_CLOSE);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DBG_ERR("close_file [%s] failed: %s\n",
|
||||
smb_fname_str_dbg(smb_fname),
|
||||
nt_errstr(status));
|
||||
goto done;
|
||||
}
|
||||
fsp = NULL;
|
||||
|
||||
sec_desc_print(NULL, stdout, sd, true);
|
||||
|
||||
rc = 0;
|
||||
done:
|
||||
if (fsp != NULL) {
|
||||
status = close_file(NULL, fsp, NORMAL_CLOSE);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DBG_ERR("close_file [%s] failed: %s\n",
|
||||
smb_fname_str_dbg(smb_fname),
|
||||
nt_errstr(status));
|
||||
rc = 1;
|
||||
}
|
||||
}
|
||||
return rc;
|
||||
}
|
||||
|
||||
static bool do_unfruit(const char *path)
|
||||
{
|
||||
struct smb_filename *smb_fname = NULL;
|
||||
@ -323,6 +427,13 @@ done:
|
||||
}
|
||||
|
||||
static struct functable func[] = {
|
||||
{
|
||||
"getntacl",
|
||||
net_vfs_get_ntacl,
|
||||
NET_TRANSPORT_LOCAL,
|
||||
N_("Display security descriptor of a file or directory"),
|
||||
N_("net vfs getntacl <share> <path> [<path> ...]")
|
||||
},
|
||||
{
|
||||
NET_VFS_CMD_STREAM_TO_ADOUBLE,
|
||||
net_vfs_stream_to_appledouble,
|
||||
|
||||
@ -229,6 +229,7 @@ bld.SAMBA3_BINARY('net',
|
||||
../registry/reg_format.c
|
||||
../registry/reg_import.c
|
||||
net_registry_util.c
|
||||
../lib/util_sd.c
|
||||
net_help_common.c''',
|
||||
deps='''
|
||||
talloc
|
||||
|
||||
Loading…
Reference in New Issue
Block a user