diff options
author | Andrew Tridgell <tridge@samba.org> | 2000-12-03 05:24:16 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2000-12-03 05:24:16 +0000 |
commit | c93f686f0106383cbc519eb9e1f4a781f445849e (patch) | |
tree | 0541d02d217e848a1dfacfa70bef8f203ffddcff | |
parent | bf0f2ea6b66b6f477b5468dcd2aec1f174935a5b (diff) | |
download | samba-c93f686f0106383cbc519eb9e1f4a781f445849e.tar.gz samba-c93f686f0106383cbc519eb9e1f4a781f445849e.tar.bz2 samba-c93f686f0106383cbc519eb9e1f4a781f445849e.zip |
added basic ability to dump remote file acls
(This used to be commit c6c90dc8e163d874748e2020cc140134cffcfe32)
-rw-r--r-- | source3/utils/smbcacls.c | 58 |
1 files changed, 52 insertions, 6 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 46fecd681c..52d02fed28 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -28,6 +28,48 @@ static fstring username; static int got_pass; +/* print a ascii version of a security descriptor on a FILE handle */ +static void sec_desc_print(FILE *f, SEC_DESC *sd) +{ + fstring sidstr; + int i; + + /* Print owner and group sid */ + + if (sd->owner_sid) { + sid_to_string(sidstr, sd->owner_sid); + } else { + fstrcpy(sidstr, ""); + } + + printf("%s\n", sidstr); + + if (sd->grp_sid) { + sid_to_string(sidstr, sd->grp_sid); + } else { + fstrcpy(sidstr, ""); + } + + fprintf(f, "%s\n", sidstr); + + /* Print aces */ + + if (!sd->dacl) { + return; + } + + for (i = 0; i < sd->dacl->num_aces; i++) { + SEC_ACE *ace = &sd->dacl->ace[i]; + fstring sidstr; + + sid_to_string(sidstr, &ace->sid); + + fprintf(f, "%d %d 0x%08x %s\n", ace->type, ace->flags, + ace->info.mask, sidstr); + } +} + + /***************************************************** @@ -36,6 +78,7 @@ dump the acls for a file static void cacl_dump(struct cli_state *cli, char *filename) { int fnum; + SEC_DESC *sd; fnum = cli_open(cli, filename, O_RDONLY, 0); if (fnum == -1) { @@ -43,9 +86,16 @@ static void cacl_dump(struct cli_state *cli, char *filename) return; } - cli_query_secdesc(cli, fnum); + sd = cli_query_secdesc(cli, fnum); + + if (!sd) { + printf("ERROR: secdesc query failed\n"); + return; + } + + sec_desc_print(stdout, sd); - sleep(1); + free_sec_desc(&sd); cli_close(cli, fnum); } @@ -127,10 +177,6 @@ struct cli_state *connect_one(char *share) * QUESTION ? Do we want to have a 'client compatibility * mode to turn these on/off ? JRA. */ - - if (*c->server_domain || *c->server_os || *c->server_type) - DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n", - c->server_domain,c->server_os,c->server_type)); DEBUG(4,(" session setup ok\n")); |