summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2000-12-04 06:14:28 +0000
committerTim Potter <tpot@samba.org>2000-12-04 06:14:28 +0000
commit252e3ba1283574511dc8ff3a07be4271cfee9a15 (patch)
treefffa37ecb252cdc82d3e78aceba1435c310f4f4b /source3
parent5092ad82bac2d8aa07122dfdb26a425a35e1084a (diff)
downloadsamba-252e3ba1283574511dc8ff3a07be4271cfee9a15.tar.gz
samba-252e3ba1283574511dc8ff3a07be4271cfee9a15.tar.bz2
samba-252e3ba1283574511dc8ff3a07be4271cfee9a15.zip
Mask value now displayed as READ/CHANGE/FULL for standard permissions, or
RWXDPO for special permissions. Append 0x to values printed as hex. Spruced up the help message. (This used to be commit 8a20318c5626f7328fd911144c54fe92426532c5)
Diffstat (limited to 'source3')
-rw-r--r--source3/utils/smbcacls.c93
1 files changed, 66 insertions, 27 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index f2e8c9cbd4..b2fef1ec83 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -20,8 +20,6 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-#define NO_SYSLOG
-
#include "includes.h"
static fstring password;
@@ -34,6 +32,29 @@ static int numeric;
enum acl_mode {ACL_SET, ACL_DELETE, ACL_MODIFY, ACL_ADD};
+struct perm_value {
+ char *perm;
+ uint32 mask;
+};
+
+/* These values discovered by inspection */
+
+static struct perm_value special_values[] = {
+ { "R", 0x00120089 },
+ { "W", 0x00120116 },
+ { "X", 0x001200a0 },
+ { "D", 0x00010000 },
+ { "P", 0x00040000 },
+ { "O", 0x00080000 },
+ { NULL, 0 },
+};
+
+static struct perm_value standard_values[] = {
+ { "READ", 0x001200a9 },
+ { "CHANGE", 0x001301bf },
+ { "FULL", 0x001f01ff },
+ { NULL, 0 },
+};
/* convert a SID to a string, either numeric or username/group */
static void SidToString(fstring str, DOM_SID *sid)
@@ -61,34 +82,51 @@ static BOOL StringToSid(DOM_SID *sid, fstring str)
/* print an ACE on a FILE, using either numeric or ascii representation */
static void print_ace(FILE *f, SEC_ACE *ace)
{
+ struct perm_value *v;
fstring sidstr;
- char *perm;
SidToString(sidstr, &ace->sid);
fprintf(f, "%s:", sidstr);
if (numeric) {
- fprintf(f, "%x/%x/%08x\n",
+ fprintf(f, "%d/%d/0x%08x\n",
ace->type, ace->flags, ace->info.mask);
return;
}
- /* this interpretation is almost certainly wrong, Tim, please
- have a look at these */
- if (ace->info.mask == 0x001f01ff) {
- perm = "F";
- } else if (ace->info.mask == 0x001301bf) {
- perm = "C";
- } else if (ace->info.mask == 0x001200a9) {
- perm = "R";
- } else if (ace->info.mask == 0x00080000) {
- perm = "N";
+ /* Ace type */
+
+ if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED) {
+ fprintf(f, "ALLOWED");
+ } else if (ace->type == SEC_ACE_TYPE_ACCESS_DENIED) {
+ fprintf(f, "DENIED");
} else {
- perm = "?";
+ fprintf(f, "%d", ace->type);
}
- fprintf(f,"%s\n", perm);
+ /* Not sure what flags can be set in a file ACL */
+
+ fprintf(f, "/%d/", ace->flags);
+
+ /* Standard permissions */
+
+ for (v = standard_values; v->perm; v++) {
+ if (ace->info.mask == v->mask) {
+ fprintf(f, "%s\n", v->perm);
+ return;
+ }
+ }
+
+ /* Special permissions */
+
+ for (v = special_values; v->perm; v++) {
+ if ((ace->info.mask & v->mask) == v->mask) {
+ fprintf(f, "%s", v->perm);
+ }
+ }
+
+ fprintf(f, "\n");
}
@@ -113,8 +151,6 @@ static BOOL parse_ace(SEC_ACE *ace, char *str)
return True;
}
-
-
/* add an ACE to a list of ACEs in a SEC_ACL */
static BOOL add_ace(SEC_ACL **acl, SEC_ACE *ace)
{
@@ -202,7 +238,7 @@ static void sec_desc_print(FILE *f, SEC_DESC *sd)
fstring sidstr;
int i;
- printf("REVISION:%x TYPE:%x\n", sd->revision, sd->type);
+ printf("REVISION:%d\nTYPE:0x%x\n", sd->revision, sd->type);
/* Print owner and group sid */
@@ -439,16 +475,18 @@ struct cli_state *connect_one(char *share)
static void usage(void)
{
printf(
-"Usage:\n\
- smbcacls //server1/share1 filename [options]\n\n\
+"Usage: smbcacls //server1/share1 filename [options]\n\n\
\n\
- -D <acls> delete an acl\n\
- -M <acls> modify an acl\n\
- -A <acls> add an acl\n\
- -S <acls> set acls\n\
+\t-D <acls> delete an acl\n\
+\t-M <acls> modify an acl\n\
+\t-A <acls> add an acl\n\
+\t-S <acls> set acls\n\
+\t-U username set the network username\n\
+\t-n don't resolve sids or masks to names\n\
+\t-h print help\n\
\n\
- an acl is of the form SID:type/flags/mask\n\
- you can string acls together with spaces, commas or newlines\n\
+An acl is of the form SID:type/flags/mask\n\
+You can string acls together with spaces, commas or newlines\n\
");
}
@@ -540,6 +578,7 @@ static void usage(void)
case 'h':
usage();
exit(1);
+
default:
printf("Unknown option %c (%d)\n", (char)opt, opt);
exit(1);