diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-11-18 03:31:35 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:05:57 -0500 |
| commit | bc7b4abc3a85e78a73d401345265b2c022f0f04d (patch) | |
| tree | 198b8203af8003f3e08c351f27425236bfd38227 /source4/ntvfs/posix/pvfs_xattr.c | |
| parent | 3c25dfe78905984da1b18a7c136f954bfcdece42 (diff) | |
| download | samba-bc7b4abc3a85e78a73d401345265b2c022f0f04d.tar.gz samba-bc7b4abc3a85e78a73d401345265b2c022f0f04d.tar.bz2 samba-bc7b4abc3a85e78a73d401345265b2c022f0f04d.zip | |
r3832: added NT ACL query/set to the posix NTVFS backend. The default ACL is
based on the current nttoken, which is completely wrong, but works as a start.
The ACL is stored in the xattr system.DosAcl, using a NDR encoded IDL
union with a version number to allow for future expansion.
pvfs does not yet check the ACL for file access. At the moment the ACL
is just query/set.
We also need to do some RPC work to allow the windows ACL editor to be
used. At the moment is queries the ACL fine, but displays an error
when it fails to map the SIDs via rpc.
(This used to be commit 3a1f20d874ab2d8b2a2f2485b7a705847abf1263)
Diffstat (limited to 'source4/ntvfs/posix/pvfs_xattr.c')
| -rw-r--r-- | source4/ntvfs/posix/pvfs_xattr.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/source4/ntvfs/posix/pvfs_xattr.c b/source4/ntvfs/posix/pvfs_xattr.c index 6984c2d284..a50348ef04 100644 --- a/source4/ntvfs/posix/pvfs_xattr.c +++ b/source4/ntvfs/posix/pvfs_xattr.c @@ -348,6 +348,49 @@ NTSTATUS pvfs_streams_save(struct pvfs_state *pvfs, struct pvfs_filename *name, (ndr_push_flags_fn_t)ndr_push_xattr_DosStreams); } + +/* + load the current ACL from extended attributes +*/ +NTSTATUS pvfs_acl_load(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd, + struct xattr_DosAcl *acl) +{ + NTSTATUS status; + ZERO_STRUCTP(acl); + if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) { + return NT_STATUS_OK; + } + status = pvfs_xattr_ndr_load(pvfs, acl, name->full_name, fd, + XATTR_DOSACL_NAME, + acl, + (ndr_pull_flags_fn_t)ndr_pull_xattr_DosAcl); + return status; +} + +/* + save the acl for a file into filesystem xattr +*/ +NTSTATUS pvfs_acl_save(struct pvfs_state *pvfs, struct pvfs_filename *name, int fd, + struct xattr_DosAcl *acl) +{ + NTSTATUS status; + void *privs; + + if (!(pvfs->flags & PVFS_FLAG_XATTR_ENABLE)) { + return NT_STATUS_OK; + } + + /* this xattr is in the "system" namespace, so we need + admin privileges to set it */ + privs = root_privileges(); + status = pvfs_xattr_ndr_save(pvfs, name->full_name, fd, + XATTR_DOSACL_NAME, + acl, + (ndr_push_flags_fn_t)ndr_push_xattr_DosAcl); + talloc_free(privs); + return status; +} + /* create a zero length xattr with the given name */ |