1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-05 09:18:06 +03:00
samba-mirror/examples/libsmbclient/testacl.c
Derrell Lipman 994694f7f2 r6149: Fixes bugs #2498 and 2484.
1. using smbc_getxattr() et al, one may now request all access control
   entities in the ACL without getting all other NT attributes.
2. added the ability to exclude specified attributes from the result set
   provided by smbc_getxattr() et al, when requesting all attributes,
   all NT attributes, or all DOS attributes.
3. eliminated all compiler warnings, including when --enable-developer
   compiler flags are in use.  removed -Wcast-qual flag from list, as that
   is specifically to force warnings in the case of casting away qualifiers.

Note: In the process of eliminating compiler warnings, a few nasties were
      discovered.  In the file libads/sasl.c, PRIVATE kerberos interfaces
      are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED
      kerberos interfaces are being used.  Someone who knows kerberos
      should look at these and determine if there is an alternate method
      of accomplishing the task.
2007-10-10 10:56:24 -05:00

229 lines
5.6 KiB
C

#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <popt.h>
#include "libsmbclient.h"
#include "get_auth_data_fn.h"
enum acl_mode
{
SMB_ACL_GET,
SMB_ACL_SET,
SMB_ACL_DELETE,
SMB_ACL_MODIFY,
SMB_ACL_ADD,
SMB_ACL_CHOWN,
SMB_ACL_CHGRP
};
int main(int argc, const char *argv[])
{
int opt;
int flags;
int debug = 0;
int numeric = 0;
enum acl_mode mode = SMB_ACL_GET;
static char *the_acl = NULL;
int ret;
char *p;
char *debugstr;
char path[1024];
char value[1024];
poptContext pc;
struct poptOption long_options[] =
{
POPT_AUTOHELP
{
"numeric", 'n', POPT_ARG_NONE, &numeric,
1, "Don't resolve sids or masks to names"
},
{
"debug", 'd', POPT_ARG_INT, &debug,
0, "Set debug level (0-100)"
},
{
"delete", 'D', POPT_ARG_STRING, NULL,
'D', "Delete an acl", "ACL"
},
{
"modify", 'M', POPT_ARG_STRING, NULL,
'M', "Modify an acl", "ACL"
},
{
"add", 'a', POPT_ARG_STRING, NULL,
'a', "Add an acl", "ACL"
},
{
"set", 'S', POPT_ARG_STRING, NULL,
'S', "Set acls", "ACLS"
},
{
"chown", 'C', POPT_ARG_STRING, NULL,
'C', "Change ownership of a file", "USERNAME"
},
{
"chgrp", 'G', POPT_ARG_STRING, NULL,
'G', "Change group ownership of a file", "GROUPNAME"
},
{
"get", 'g', POPT_ARG_STRING, NULL,
'g', "Get a specific acl attribute", "ACL"
},
{
NULL
}
};
setbuf(stdout, NULL);
pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
poptSetOtherOptionHelp(pc, "smb://server1/share1/filename");
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case 'S':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_SET;
break;
case 'D':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_DELETE;
break;
case 'M':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_MODIFY;
break;
case 'a':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_ADD;
break;
case 'g':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_GET;
break;
case 'C':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_CHOWN;
break;
case 'G':
the_acl = strdup(poptGetOptArg(pc));
mode = SMB_ACL_CHGRP;
break;
}
}
/* Make connection to server */
if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
return 1;
}
strcpy(path, poptGetArg(pc));
if (smbc_init(get_auth_data_fn, debug) != 0)
{
printf("Could not initialize smbc_ library\n");
return 1;
}
/* Perform requested action */
switch(mode)
{
case SMB_ACL_GET:
if (the_acl == NULL)
{
if (numeric)
{
the_acl = "system.nt_sec_desc.*";
}
else
{
the_acl = "system.nt_sec_desc.*+";
}
}
ret = smbc_getxattr(path, the_acl, value, sizeof(value));
if (ret < 0)
{
printf("Could not get attributes for [%s] %d: %s\n",
path, errno, strerror(errno));
return 1;
}
printf("Attributes for [%s] are:\n%s\n", path, value);
break;
case SMB_ACL_ADD:
flags = SMBC_XATTR_FLAG_CREATE;
debugstr = "add attributes";
goto do_set;
case SMB_ACL_MODIFY:
flags = SMBC_XATTR_FLAG_REPLACE;
debugstr = "modify attributes";
goto do_set;
case SMB_ACL_CHOWN:
snprintf(value, sizeof(value),
"system.nt_sec_desc.owner%s:%s",
numeric ? "" : "+", the_acl);
the_acl = value;
debugstr = "chown owner";
goto do_set;
case SMB_ACL_CHGRP:
snprintf(value, sizeof(value),
"system.nt_sec_desc.group%s:%s",
numeric ? "" : "+", the_acl);
the_acl = value;
debugstr = "change group";
goto do_set;
case SMB_ACL_SET:
flags = 0;
debugstr = "set attributes";
do_set:
if ((p = strchr(the_acl, ':')) == NULL)
{
printf("Missing value. ACL must be name:value pair\n");
return 1;
}
*p++ = '\0';
ret = smbc_setxattr(path, the_acl, p, strlen(p), flags);
if (ret < 0)
{
printf("Could not %s for [%s] %d: %s\n",
debugstr, path, errno, strerror(errno));
return 1;
}
break;
case SMB_ACL_DELETE:
ret = smbc_removexattr(path, the_acl);
if (ret < 0)
{
printf("Could not remove attribute %s for [%s] %d:%s\n",
the_acl, path, errno, strerror(errno));
return 1;
}
break;
default:
printf("operation not yet implemented\n");
break;
}
return 0;
}