mirror of
https://github.com/samba-team/samba.git
synced 2025-01-05 09:18:06 +03:00
994694f7f2
1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task.
229 lines
5.6 KiB
C
229 lines
5.6 KiB
C
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <popt.h>
|
|
#include "libsmbclient.h"
|
|
#include "get_auth_data_fn.h"
|
|
|
|
enum acl_mode
|
|
{
|
|
SMB_ACL_GET,
|
|
SMB_ACL_SET,
|
|
SMB_ACL_DELETE,
|
|
SMB_ACL_MODIFY,
|
|
SMB_ACL_ADD,
|
|
SMB_ACL_CHOWN,
|
|
SMB_ACL_CHGRP
|
|
};
|
|
|
|
|
|
int main(int argc, const char *argv[])
|
|
{
|
|
int opt;
|
|
int flags;
|
|
int debug = 0;
|
|
int numeric = 0;
|
|
enum acl_mode mode = SMB_ACL_GET;
|
|
static char *the_acl = NULL;
|
|
int ret;
|
|
char *p;
|
|
char *debugstr;
|
|
char path[1024];
|
|
char value[1024];
|
|
poptContext pc;
|
|
struct poptOption long_options[] =
|
|
{
|
|
POPT_AUTOHELP
|
|
{
|
|
"numeric", 'n', POPT_ARG_NONE, &numeric,
|
|
1, "Don't resolve sids or masks to names"
|
|
},
|
|
{
|
|
"debug", 'd', POPT_ARG_INT, &debug,
|
|
0, "Set debug level (0-100)"
|
|
},
|
|
{
|
|
"delete", 'D', POPT_ARG_STRING, NULL,
|
|
'D', "Delete an acl", "ACL"
|
|
},
|
|
{
|
|
"modify", 'M', POPT_ARG_STRING, NULL,
|
|
'M', "Modify an acl", "ACL"
|
|
},
|
|
{
|
|
"add", 'a', POPT_ARG_STRING, NULL,
|
|
'a', "Add an acl", "ACL"
|
|
},
|
|
{
|
|
"set", 'S', POPT_ARG_STRING, NULL,
|
|
'S', "Set acls", "ACLS"
|
|
},
|
|
{
|
|
"chown", 'C', POPT_ARG_STRING, NULL,
|
|
'C', "Change ownership of a file", "USERNAME"
|
|
},
|
|
{
|
|
"chgrp", 'G', POPT_ARG_STRING, NULL,
|
|
'G', "Change group ownership of a file", "GROUPNAME"
|
|
},
|
|
{
|
|
"get", 'g', POPT_ARG_STRING, NULL,
|
|
'g', "Get a specific acl attribute", "ACL"
|
|
},
|
|
{
|
|
NULL
|
|
}
|
|
};
|
|
|
|
setbuf(stdout, NULL);
|
|
|
|
pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
|
|
|
|
poptSetOtherOptionHelp(pc, "smb://server1/share1/filename");
|
|
|
|
while ((opt = poptGetNextOpt(pc)) != -1) {
|
|
switch (opt) {
|
|
case 'S':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_SET;
|
|
break;
|
|
|
|
case 'D':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_DELETE;
|
|
break;
|
|
|
|
case 'M':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_MODIFY;
|
|
break;
|
|
|
|
case 'a':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_ADD;
|
|
break;
|
|
|
|
case 'g':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_GET;
|
|
break;
|
|
|
|
case 'C':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_CHOWN;
|
|
break;
|
|
|
|
case 'G':
|
|
the_acl = strdup(poptGetOptArg(pc));
|
|
mode = SMB_ACL_CHGRP;
|
|
break;
|
|
}
|
|
}
|
|
|
|
/* Make connection to server */
|
|
if(!poptPeekArg(pc)) {
|
|
poptPrintUsage(pc, stderr, 0);
|
|
return 1;
|
|
}
|
|
|
|
strcpy(path, poptGetArg(pc));
|
|
|
|
if (smbc_init(get_auth_data_fn, debug) != 0)
|
|
{
|
|
printf("Could not initialize smbc_ library\n");
|
|
return 1;
|
|
}
|
|
|
|
/* Perform requested action */
|
|
|
|
switch(mode)
|
|
{
|
|
case SMB_ACL_GET:
|
|
if (the_acl == NULL)
|
|
{
|
|
if (numeric)
|
|
{
|
|
the_acl = "system.nt_sec_desc.*";
|
|
}
|
|
else
|
|
{
|
|
the_acl = "system.nt_sec_desc.*+";
|
|
}
|
|
}
|
|
ret = smbc_getxattr(path, the_acl, value, sizeof(value));
|
|
if (ret < 0)
|
|
{
|
|
printf("Could not get attributes for [%s] %d: %s\n",
|
|
path, errno, strerror(errno));
|
|
return 1;
|
|
}
|
|
|
|
printf("Attributes for [%s] are:\n%s\n", path, value);
|
|
break;
|
|
|
|
case SMB_ACL_ADD:
|
|
flags = SMBC_XATTR_FLAG_CREATE;
|
|
debugstr = "add attributes";
|
|
goto do_set;
|
|
|
|
case SMB_ACL_MODIFY:
|
|
flags = SMBC_XATTR_FLAG_REPLACE;
|
|
debugstr = "modify attributes";
|
|
goto do_set;
|
|
|
|
case SMB_ACL_CHOWN:
|
|
snprintf(value, sizeof(value),
|
|
"system.nt_sec_desc.owner%s:%s",
|
|
numeric ? "" : "+", the_acl);
|
|
the_acl = value;
|
|
debugstr = "chown owner";
|
|
goto do_set;
|
|
|
|
case SMB_ACL_CHGRP:
|
|
snprintf(value, sizeof(value),
|
|
"system.nt_sec_desc.group%s:%s",
|
|
numeric ? "" : "+", the_acl);
|
|
the_acl = value;
|
|
debugstr = "change group";
|
|
goto do_set;
|
|
|
|
case SMB_ACL_SET:
|
|
flags = 0;
|
|
debugstr = "set attributes";
|
|
|
|
do_set:
|
|
if ((p = strchr(the_acl, ':')) == NULL)
|
|
{
|
|
printf("Missing value. ACL must be name:value pair\n");
|
|
return 1;
|
|
}
|
|
|
|
*p++ = '\0';
|
|
|
|
ret = smbc_setxattr(path, the_acl, p, strlen(p), flags);
|
|
if (ret < 0)
|
|
{
|
|
printf("Could not %s for [%s] %d: %s\n",
|
|
debugstr, path, errno, strerror(errno));
|
|
return 1;
|
|
}
|
|
break;
|
|
|
|
case SMB_ACL_DELETE:
|
|
ret = smbc_removexattr(path, the_acl);
|
|
if (ret < 0)
|
|
{
|
|
printf("Could not remove attribute %s for [%s] %d:%s\n",
|
|
the_acl, path, errno, strerror(errno));
|
|
return 1;
|
|
}
|
|
break;
|
|
|
|
default:
|
|
printf("operation not yet implemented\n");
|
|
break;
|
|
}
|
|
|
|
return 0;
|
|
}
|