diff options
| author | Andrew Tridgell <tridge@samba.org> | 2005-01-17 04:07:33 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:08:56 -0500 |
| commit | 4d7e4c80580f9902339680cecee457460fe85218 (patch) | |
| tree | f0f952e0ea3d8225aefcca97f11190844616abf6 /source4/utils | |
| parent | 6717dcca765e5286a36d89eebc5da2d167bcbef2 (diff) | |
| download | samba-4d7e4c80580f9902339680cecee457460fe85218.tar.gz samba-4d7e4c80580f9902339680cecee457460fe85218.tar.bz2 samba-4d7e4c80580f9902339680cecee457460fe85218.zip | |
r4794: - disabled the ntacl command line utilities until they are rewritten to use the same
acl format as we use in pvfs (and hopefully use common code too)
- removed a lot of old cruft from our autoconf tests. This may well break some builds,
but then we can fix them properly instead of the "if solaris version 5.1.2" crap
This was prompted by someone sending me solaris 10 patches that
patched the configure script with if statements for several more
versions of solaris to check for and do special stuff. That is just
silly.
(This used to be commit 1ea59d1146f041e9befbb435e901c6d7d497c52c)
Diffstat (limited to 'source4/utils')
| -rw-r--r-- | source4/utils/getntacl.c | 102 | ||||
| -rw-r--r-- | source4/utils/setntacl.c | 90 | ||||
| -rw-r--r-- | source4/utils/setnttoken.c | 54 |
3 files changed, 3 insertions, 243 deletions
diff --git a/source4/utils/getntacl.c b/source4/utils/getntacl.c index 762167a93a..87cc280fcc 100644 --- a/source4/utils/getntacl.c +++ b/source4/utils/getntacl.c @@ -23,108 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -/* Display a security descriptor in "psec" format which is as follows. - - The first two lines describe the owner user and owner group of the - object. If either of these lines are blank then the respective - owner property is not set. The remaining lines list the individual - permissions or ACE entries, one per line. Each column describes a - different property of the ACE: - - Column Description - ------------------------------------------------------------------- - 1 ACE type (allow/deny etc) - 2 ACE flags - 3 ACE mask - 4 SID the ACE applies to - - Example: - - S-1-5-21-1067277791-1719175008-3000797951-500 - - 1 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501 - 1 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501 - 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500 - 0 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500 - 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-513 - 0 2 0x00020000 S-1-5-21-1067277791-1719175008-3000797951-513 - 0 2 0xe0000000 S-1-1-0 -*/ - -static void print_psec(TALLOC_CTX *mem_ctx, struct security_descriptor *sd) -{ - if (sd->owner_sid) - printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid)); - else - printf("\n"); - - if (sd->group_sid) - printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid)); - else - printf("\n"); - - /* Note: SACL not displayed */ - - if (sd->dacl) { - int i; - - for (i = 0; i < sd->dacl->num_aces; i++) { - struct security_ace *ace = &sd->dacl->aces[i]; - - printf("%d %d 0x%08x %s\n", ace->type, ace->flags, - ace->access_mask, - dom_sid_string(mem_ctx, &ace->trustee)); - } - - } -} - -int main(int argc, char **argv) -{ - TALLOC_CTX *mem_ctx; - ssize_t size; - char *data; - struct security_descriptor sd; - DATA_BLOB blob; - struct ndr_pull *ndr; - NTSTATUS result; - - static_init_getntacl; - - mem_ctx = talloc_init("getntacl"); - - /* Fetch ACL data */ - - size = getxattr(argv[1], "security.ntacl", NULL, 0); - - if (size == -1) { - fprintf(stderr, "%s: %s\n", argv[1], strerror(errno)); - exit(1); - } - - data = talloc_size(mem_ctx, size); - - size = getxattr(argv[1], "security.ntacl", data, size); - - blob = data_blob_talloc(mem_ctx, data, size); - - ndr = ndr_pull_init_blob(&blob, mem_ctx); - - result = ndr_pull_security_descriptor( - ndr, NDR_SCALARS|NDR_BUFFERS, &sd); - - print_psec(data, &sd); - return 0; -} - -#endif /* HAVE_NO_ACLS */ diff --git a/source4/utils/setntacl.c b/source4/utils/setntacl.c index 0535c3037e..d7fe2f0a68 100644 --- a/source4/utils/setntacl.c +++ b/source4/utils/setntacl.c @@ -23,96 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -static void setntacl(char *filename, struct security_descriptor *sd) -{ - NTSTATUS status; - struct ndr_push *ndr; - ssize_t result; - - ndr = ndr_push_init(); - - status = ndr_push_security_descriptor( - ndr, NDR_SCALARS|NDR_BUFFERS, sd); - - result = setxattr( - filename, "security.ntacl", ndr->data, ndr->offset, 0); - - if (result == -1) { - fprintf(stderr, "%s: %s\n", filename, strerror(errno)); - exit(1); - } - -} - - int main(int argc, char **argv) -{ - char line[255]; - struct security_descriptor *sd; - TALLOC_CTX *mem_ctx; - struct security_acl *acl; - - static_init_ntacl; - - setup_logging("setntacl", DEBUG_STDOUT); - - mem_ctx = talloc_init("setntacl"); - - sd = sd_initialise(mem_ctx); - - fgets(line, sizeof(line), stdin); - sd->owner_sid = dom_sid_parse_talloc(mem_ctx, line); - - fgets(line, sizeof(line), stdin); - sd->group_sid = dom_sid_parse_talloc(mem_ctx, line); - - acl = talloc_p(mem_ctx, struct security_acl); - - acl->revision = 2; - acl->size = 0; - acl->num_aces = 0; - acl->aces = NULL; - - while(fgets(line, sizeof(line), stdin)) { - int ace_type, ace_flags; - uint32 ace_mask; - char sidstr[255]; - struct dom_sid *sid; - - if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags, - &ace_mask, sidstr) != 4) { - fprintf(stderr, "invalid ACL line\ndr"); - return 1; - } - - acl->aces = talloc_realloc(mem_ctx, acl->aces, - (acl->num_aces + 1) * sizeof(struct security_ace)); - - acl->aces[acl->num_aces].type = ace_type; - acl->aces[acl->num_aces].flags = ace_flags; - acl->aces[acl->num_aces].access_mask = ace_mask; - - sid = dom_sid_parse_talloc(mem_ctx, sidstr); - - acl->aces[acl->num_aces].trustee = *sid; - - acl->num_aces++; - } - - sd->dacl = acl; - - setntacl(argv[1], sd); - - return 0; -} - -#endif /* HAVE_NO_ACLS */ diff --git a/source4/utils/setnttoken.c b/source4/utils/setnttoken.c index ccdd7a5578..d7fe2f0a68 100644 --- a/source4/utils/setnttoken.c +++ b/source4/utils/setnttoken.c @@ -23,60 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -int main(int argc, char **argv) -{ - char line[255]; - struct ndr_push *ndr; - struct lsa_SidArray sidarray; - NTSTATUS status; - TALLOC_CTX *mem_ctx; - - static_init_setnttoken; - - setup_logging("setnttoken", DEBUG_STDOUT); - - mem_ctx = talloc_init("setnttoken"); - - ndr = ndr_push_init(); - - sidarray.num_sids = 0; - sidarray.sids = NULL; - - while(fgets(line, sizeof(line), stdin)) { - struct dom_sid *sid = dom_sid_parse_talloc(ndr, line); - - if (!sid) { - fprintf(stderr, "Invalid sid: %s", line); - continue; - } - - sidarray.sids = talloc_realloc(mem_ctx, sidarray.sids, - (sidarray.num_sids + 1) * sizeof(struct lsa_SidPtr)); - - sidarray.sids[sidarray.num_sids].sid = - dom_sid_dup(ndr, sid); - - sidarray.num_sids++; - } - -/* NDR_PRINT_DEBUG(lsa_SidArray, &sidarray); */ - - status = ndr_push_lsa_SidArray( - ndr, NDR_SCALARS|NDR_BUFFERS, &sidarray); - - fwrite(ndr->data, 1, ndr->offset, stdout); - - return 0; -} - -#endif /* HAVE_NO_ACLS */ |