diff options
author | Jeremy Allison <jra@samba.org> | 2000-12-16 00:08:05 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2000-12-16 00:08:05 +0000 |
commit | 8325948287bde09dd2ad1039f3008a42930809dd (patch) | |
tree | a0e06974748fe739c163503976eede1dc1d0da0f /source3 | |
parent | a57a6da52b1c34683109fcac6b43633b197f847f (diff) | |
download | samba-8325948287bde09dd2ad1039f3008a42930809dd.tar.gz samba-8325948287bde09dd2ad1039f3008a42930809dd.tar.bz2 samba-8325948287bde09dd2ad1039f3008a42930809dd.zip |
Added -C username and -G username that allow a user (usually Administrator)
to change the ownership or group ownership of a file to any arbitrary user
from the UNIX command line.
This will show the people who quote NT manuals at us about how this is
"impossible" how their operating system really works :-).
Jeremy.
(This used to be commit 12f88c9ba731bdded626b9d011cfc8d2ba09010e)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/smbcacls.c | 66 |
1 files changed, 61 insertions, 5 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 3240438a7a..f8059a8b8b 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -5,6 +5,7 @@ Copyright (C) Andrew Tridgell 2000 Copyright (C) Tim Potter 2000 + Copyright (C) Jeremy Allison 2000 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -24,7 +25,8 @@ #include "includes.h" static fstring password; -static fstring username; +static pstring username; +static pstring owner_username; static fstring server; static int got_pass; static int test_args; @@ -33,7 +35,8 @@ static int test_args; than going via LSA calls to resolve them */ static int numeric; -enum acl_mode {ACL_SET, ACL_DELETE, ACL_MODIFY, ACL_ADD}; +enum acl_mode {ACL_SET, ACL_DELETE, ACL_MODIFY, ACL_ADD }; +enum chown_mode {REQUEST_NONE, REQUEST_CHOWN, REQUEST_CHGRP}; struct perm_value { char *perm; @@ -467,6 +470,44 @@ static void cacl_dump(struct cli_state *cli, char *filename) } /***************************************************** +Change the ownership or group ownership of a file. Just +because the NT docs say this can't be done :-). JRA. +*******************************************************/ + +static void owner_set(struct cli_state *cli, enum chown_mode change_mode, char *filename, char *new_username) +{ + int fnum; + DOM_SID sid; + SEC_DESC *sd, *old; + size_t sd_size; + + fnum = cli_nt_create(cli, filename, READ_CONTROL_ACCESS|WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS); + if (fnum == -1) { + printf("Failed to open %s: %s\n", filename, cli_errstr(cli)); + return; + } + + if (!StringToSid(&sid, new_username)) + return; + + old = cli_query_secdesc(cli, fnum); + + sd = make_sec_desc(old->revision, + (change_mode == REQUEST_CHOWN) ? &sid : old->owner_sid, + (change_mode == REQUEST_CHGRP) ? &sid : old->grp_sid, + NULL, old->dacl, &sd_size); + + if (!cli_set_secdesc(cli, fnum, sd)) { + printf("ERROR: secdesc set failed: %s\n", cli_errstr(cli)); + } + + free_sec_desc(&sd); + free_sec_desc(&old); + + cli_close(cli, fnum); +} + +/***************************************************** set the ACLs on a file given an ascii description *******************************************************/ static void cacl_set(struct cli_state *cli, char *filename, @@ -475,7 +516,7 @@ static void cacl_set(struct cli_state *cli, char *filename, int fnum; SEC_DESC *sd, *old; int i, j; - unsigned sd_size; + size_t sd_size; sd = sec_desc_parse(the_acl); @@ -677,6 +718,8 @@ static void usage(void) \t-M <acls> modify an acl\n\ \t-A <acls> add an acl\n\ \t-S <acls> set acls\n\ +\t-C username change ownership of a file\n\ +\t-G username change group ownership of a file\n\ \t-n don't resolve sids or masks to names\n\ \t-h print help\n\ \n\ @@ -704,6 +747,7 @@ You can string acls together with spaces, commas or newlines\n\ struct cli_state *cli; enum acl_mode mode; char *the_acl = NULL; + enum chown_mode change_mode = REQUEST_NONE; setlinebuf(stdout); @@ -736,7 +780,7 @@ You can string acls together with spaces, commas or newlines\n\ seed = time(NULL); - while ((opt = getopt(argc, argv, "U:nhS:D:A:M:t")) != EOF) { + while ((opt = getopt(argc, argv, "U:nhS:D:A:M:C:G:t")) != EOF) { switch (opt) { case 'U': pstrcpy(username,optarg); @@ -768,6 +812,16 @@ You can string acls together with spaces, commas or newlines\n\ mode = ACL_ADD; break; + case 'C': + pstrcpy(owner_username,optarg); + change_mode = REQUEST_CHOWN; + break; + + case 'G': + pstrcpy(owner_username,optarg); + change_mode = REQUEST_CHGRP; + break; + case 'n': numeric = 1; break; @@ -799,7 +853,9 @@ You can string acls together with spaces, commas or newlines\n\ if (!cli) exit(1); } - if (the_acl) { + if (change_mode != REQUEST_NONE) { + owner_set(cli, change_mode, filename, owner_username); + } else if (the_acl) { cacl_set(cli, filename, the_acl, mode); } else { cacl_dump(cli, filename); |