summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2000-12-03 05:24:16 +0000
committerAndrew Tridgell <tridge@samba.org>2000-12-03 05:24:16 +0000
commitc93f686f0106383cbc519eb9e1f4a781f445849e (patch)
tree0541d02d217e848a1dfacfa70bef8f203ffddcff
parentbf0f2ea6b66b6f477b5468dcd2aec1f174935a5b (diff)
downloadsamba-c93f686f0106383cbc519eb9e1f4a781f445849e.tar.gz
samba-c93f686f0106383cbc519eb9e1f4a781f445849e.tar.bz2
samba-c93f686f0106383cbc519eb9e1f4a781f445849e.zip
added basic ability to dump remote file acls
(This used to be commit c6c90dc8e163d874748e2020cc140134cffcfe32)
-rw-r--r--source3/utils/smbcacls.c58
1 files changed, 52 insertions, 6 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 46fecd681c..52d02fed28 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -28,6 +28,48 @@ static fstring username;
static int got_pass;
+/* print a ascii version of a security descriptor on a FILE handle */
+static void sec_desc_print(FILE *f, SEC_DESC *sd)
+{
+ fstring sidstr;
+ int i;
+
+ /* Print owner and group sid */
+
+ if (sd->owner_sid) {
+ sid_to_string(sidstr, sd->owner_sid);
+ } else {
+ fstrcpy(sidstr, "");
+ }
+
+ printf("%s\n", sidstr);
+
+ if (sd->grp_sid) {
+ sid_to_string(sidstr, sd->grp_sid);
+ } else {
+ fstrcpy(sidstr, "");
+ }
+
+ fprintf(f, "%s\n", sidstr);
+
+ /* Print aces */
+
+ if (!sd->dacl) {
+ return;
+ }
+
+ for (i = 0; i < sd->dacl->num_aces; i++) {
+ SEC_ACE *ace = &sd->dacl->ace[i];
+ fstring sidstr;
+
+ sid_to_string(sidstr, &ace->sid);
+
+ fprintf(f, "%d %d 0x%08x %s\n", ace->type, ace->flags,
+ ace->info.mask, sidstr);
+ }
+}
+
+
/*****************************************************
@@ -36,6 +78,7 @@ dump the acls for a file
static void cacl_dump(struct cli_state *cli, char *filename)
{
int fnum;
+ SEC_DESC *sd;
fnum = cli_open(cli, filename, O_RDONLY, 0);
if (fnum == -1) {
@@ -43,9 +86,16 @@ static void cacl_dump(struct cli_state *cli, char *filename)
return;
}
- cli_query_secdesc(cli, fnum);
+ sd = cli_query_secdesc(cli, fnum);
+
+ if (!sd) {
+ printf("ERROR: secdesc query failed\n");
+ return;
+ }
+
+ sec_desc_print(stdout, sd);
- sleep(1);
+ free_sec_desc(&sd);
cli_close(cli, fnum);
}
@@ -127,10 +177,6 @@ struct cli_state *connect_one(char *share)
* QUESTION ? Do we want to have a 'client compatibility
* mode to turn these on/off ? JRA.
*/
-
- if (*c->server_domain || *c->server_os || *c->server_type)
- DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",
- c->server_domain,c->server_os,c->server_type));
DEBUG(4,(" session setup ok\n"));