summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/htmldocs/smbcacls.1.html50
-rw-r--r--docs/manpages/smbcacls.162
-rw-r--r--docs/yodldocs/smbcacls.1.yo69
3 files changed, 139 insertions, 42 deletions
diff --git a/docs/htmldocs/smbcacls.1.html b/docs/htmldocs/smbcacls.1.html
index b7a048a1f3..e75a5741e5 100644
--- a/docs/htmldocs/smbcacls.1.html
+++ b/docs/htmldocs/smbcacls.1.html
@@ -11,7 +11,7 @@
<h1>smbcacls (1)</h1>
<h2>Samba</h2>
-<h2>3 Dec 2000</h2>
+<h2>22 Dec 2000</h2>
@@ -21,9 +21,10 @@
<p><a name="SYNOPSIS"></a>
<h2>SYNOPSIS</h2>
-<p><strong>smbcacls</strong> //server/share filename <a href="smbcacls.1.html#minusU">-U username</a>
+<p><strong>smbcacls</strong> //server/share filename [<a href="smbcacls.1.html#minusU">-U username</a>]
[<a href="smbcacls.1.html#minusA">-A acls</a>] [<a href="smbcacls.1.html#minusM">-M acls</a>]
[<a href="smbcacls.1.html#minusD">-D acls</a>] [<a href="smbcacls.1.html#minusS">-S acls</a>]
+[<a href="smbcacls.1.html#minusC">-C name</a>] [<a href="smbcacls.1.html#minusG">-G name</a>]
[<a href="smbcacls.1.html#minusn">-n</a>] [<a href="smbcacls.1.html#minush">-h</a>]
<p><a name="DESCRIPTION"></a>
<h2>DESCRIPTION</h2>
@@ -62,6 +63,18 @@ prompted to enter in a password and the workgroup specified in the
<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file is used, or <code>username%password</code>
or <code>DOMAIN\username%password</code> and the password and workgroup names are
used as provided.
+<p><a name="minusC"></a>
+<p></p><dt><strong><strong>-C name</strong></strong><dd>
+<p>The owner of a file or directory can be changed to the name given
+using the -C option. The name can be a sid in the form <code>S-1-x-y-z</code> or a
+name resolved against the server specified in the first argument.
+<p>This command is a shortcut for <code>-M OWNER:name</code>.
+<p><a name="minusG"></a>
+<p></p><dt><strong><strong>-G name</strong></strong><dd>
+<p>The group owner of a file or directory can be changed to the name given
+using the -G option. The name can be a sid in the form <code>S-1-x-y-z</code> or a
+name resolved against the server specified in the first argument.
+<p>This command is a shortcut for <code>-M GROUP:name</code>.
<p><a name="minusn"></a>
<p></p><dt><strong><strong>-n</strong></strong><dd>
<p>This option displays all ACL information in numeric format. The default is
@@ -74,10 +87,9 @@ format.
<p><a name="ACLFORMAT"></a>
<h2>ACL FORMAT</h2>
-<p>The format of an ACL is one or more ACL entries separated by either spaces,
+<p>The format of an ACL is one or more ACL entries separated by either
commas or newlines. An ACL entry is one of the following:
<p><pre>
-
REVISION:&lt;revision number&gt;
OWNER:&lt;sid or name&gt;
GROUP:&lt;sid or name&gt;
@@ -85,11 +97,12 @@ ACL:&lt;sid or name&gt;:&lt;type&gt;/&lt;flags&gt;/&lt;mask&gt;
</pre>
<p>The revision of the ACL specifies the internal Windows NT ACL revision for
-the security descriptor. If not specified it defaults to 1.
+the security descriptor. If not specified it defaults to 1. Using values
+other than 1 may cause strange behaviour.
<p>The owner and group specify the owner and group sids for the object. If a
SID in the format <code>S-1-x-y-z</code> is specified this is used, otherwise
the name specified is resolved using the server on which the file or
-directory resides.
+directory resides.
<p>ACLs specify permissions granted to the SID. This SID again can be
specified in <code>S-1-x-y-z</code> format or as a name in which case it is resolved
against the server on which the file or directory resides. The type, flags
@@ -98,17 +111,17 @@ and mask values determine the type of access granted to the SID.
the SID. The flags values are generally zero for file ACLs and either 9 or
2 for directory ACLs. Some common flags are:
<p><pre>
-
#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1
#define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2
#define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4
#define SEC_ACE_FLAG_INHERIT_ONLY 0x8
</pre>
-<p>The mask is a value which expresses the access right granted to
-the SID. It can be given as a hexadecimal value or by using one of the
+<p>At present flags can only be specified as decimal or hexadecimal values.
+<p>The mask is a value which expresses the access right granted to the SID.
+It can be given as a decimal or hexadecimal value, or by using one of the
following text strings which map to the NT file permissions of the same
-name.
+name.
<p><dl>
<p><p></p><dt><strong></strong><dd> <code>R</code> Allow read access
<p><p></p><dt><strong></strong><dd> <code>W</code> Allow write access
@@ -119,13 +132,24 @@ name.
<p></dl>
<p>The following combined permissions can be specified:
<p><dl>
-<p><p></p><dt><strong></strong><dd> <code>READ</code> Equivalent to <code>RX</code> permissions
-<p></p><dt><strong></strong><dd> <code>CHANGE</code> Equivalent to <code>RXWD</code> permissions
-<p></p><dt><strong></strong><dd> <code>FULL</code> Equivalent to <code>RWXDPO</code> permissions
+<p><p></p><dt><strong></strong><dd> <code>READ</code>
+<p>Equivalent to <code>RX</code> permissions
+<p><p></p><dt><strong></strong><dd> <code>CHANGE</code>
+<p>Equivalent to <code>RXWD</code> permissions
+<p><p></p><dt><strong></strong><dd> <code>FULL</code>
+<p>Equivalent to <code>RWXDPO</code> permissions
<p></dl>
<p><a name="EXITSTATUS"></a>
<h2>EXIT STATUS</h2>
+<p>The <strong>smbcacls</strong> program sets the exit status depending on the success or
+otherwise of the operations performed. The exit status may be one of the
+following values.
+<p>If the operation succeded, <strong>smbcacls</strong> returns and exit status of 0. If
+<strong>smbcacls</strong> couldn't connect to the specified server, or there was an
+error getting or setting the ACLs, an exit status of 1 is returned. If
+there was an error parsing any command line arguments, an exit status of 2
+is returned.
<p><a name="AUTHOR"></a>
<h2>AUTHOR</h2>
diff --git a/docs/manpages/smbcacls.1 b/docs/manpages/smbcacls.1
index 52b6a6ce3f..9f5c00c6c4 100644
--- a/docs/manpages/smbcacls.1
+++ b/docs/manpages/smbcacls.1
@@ -1,13 +1,14 @@
-.TH "smbcacls " "1" "3 Dec 2000" "Samba" "SAMBA"
+.TH "smbcacls " "1" "22 Dec 2000" "Samba" "SAMBA"
.PP
.SH "NAME"
smbcacls \- Set or get ACLs on an NT file or directory
.PP
.SH "SYNOPSIS"
.PP
-\fBsmbcacls\fP //server/share filename -U username
+\fBsmbcacls\fP //server/share filename [-U username]
[-A acls] [-M acls]
[-D acls] [-S acls]
+[-C name] [-G name]
[-n] [-h]
.PP
.SH "DESCRIPTION"
@@ -52,6 +53,22 @@ prompted to enter in a password and the workgroup specified in the
or \f(CWDOMAIN\eusername%password\fP and the password and workgroup names are
used as provided\&.
.IP
+.IP "\fB-C name\fP"
+.IP
+The owner of a file or directory can be changed to the name given
+using the -C option\&. The name can be a sid in the form \f(CWS-1-x-y-z\fP or a
+name resolved against the server specified in the first argument\&.
+.IP
+This command is a shortcut for \f(CW-M OWNER:name\fP\&.
+.IP
+.IP "\fB-G name\fP"
+.IP
+The group owner of a file or directory can be changed to the name given
+using the -G option\&. The name can be a sid in the form \f(CWS-1-x-y-z\fP or a
+name resolved against the server specified in the first argument\&.
+.IP
+This command is a shortcut for \f(CW-M GROUP:name\fP\&.
+.IP
.IP "\fB-n\fP"
.IP
This option displays all ACL information in numeric format\&. The default is
@@ -65,13 +82,12 @@ Print usage information on the \fBsmbcacls\fP program
.PP
.SH "ACL FORMAT"
.PP
-The format of an ACL is one or more ACL entries separated by either spaces,
+The format of an ACL is one or more ACL entries separated by either
commas or newlines\&. An ACL entry is one of the following:
.PP
.nf
-
REVISION:<revision number>
OWNER:<sid or name>
GROUP:<sid or name>
@@ -81,12 +97,13 @@ ACL:<sid or name>:<type>/<flags>/<mask>
.PP
The revision of the ACL specifies the internal Windows NT ACL revision for
-the security descriptor\&. If not specified it defaults to 1\&.
+the security descriptor\&. If not specified it defaults to 1\&. Using values
+other than 1 may cause strange behaviour\&.
.PP
The owner and group specify the owner and group sids for the object\&. If a
SID in the format \f(CWS-1-x-y-z\fP is specified this is used, otherwise
the name specified is resolved using the server on which the file or
-directory resides\&.
+directory resides\&.
.PP
ACLs specify permissions granted to the SID\&. This SID again can be
specified in \f(CWS-1-x-y-z\fP format or as a name in which case it is resolved
@@ -100,7 +117,6 @@ the SID\&. The flags values are generally zero for file ACLs and either 9 or
.nf
-
#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1
#define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2
#define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4
@@ -109,10 +125,12 @@ the SID\&. The flags values are generally zero for file ACLs and either 9 or
.PP
-The mask is a value which expresses the access right granted to
-the SID\&. It can be given as a hexadecimal value or by using one of the
+At present flags can only be specified as decimal or hexadecimal values\&.
+.PP
+The mask is a value which expresses the access right granted to the SID\&.
+It can be given as a decimal or hexadecimal value, or by using one of the
following text strings which map to the NT file permissions of the same
-name\&.
+name\&.
.PP
.IP
.IP ""
@@ -138,15 +156,33 @@ The following combined permissions can be specified:
.PP
.IP
.IP ""
-\f(CWREAD\fP Equivalent to \f(CWRX\fP permissions
+\f(CWREAD\fP
+.IP
+Equivalent to \f(CWRX\fP permissions
+.IP
.IP ""
-\f(CWCHANGE\fP Equivalent to \f(CWRXWD\fP permissions
+\f(CWCHANGE\fP
+.IP
+Equivalent to \f(CWRXWD\fP permissions
+.IP
.IP ""
-\f(CWFULL\fP Equivalent to \f(CWRWXDPO\fP permissions
+\f(CWFULL\fP
+.IP
+Equivalent to \f(CWRWXDPO\fP permissions
.IP
.PP
.SH "EXIT STATUS"
.PP
+The \fBsmbcacls\fP program sets the exit status depending on the success or
+otherwise of the operations performed\&. The exit status may be one of the
+following values\&.
+.PP
+If the operation succeded, \fBsmbcacls\fP returns and exit status of 0\&. If
+\fBsmbcacls\fP couldn\'t connect to the specified server, or there was an
+error getting or setting the ACLs, an exit status of 1 is returned\&. If
+there was an error parsing any command line arguments, an exit status of 2
+is returned\&.
+.PP
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
diff --git a/docs/yodldocs/smbcacls.1.yo b/docs/yodldocs/smbcacls.1.yo
index 4668d03f1f..e8be5a4d28 100644
--- a/docs/yodldocs/smbcacls.1.yo
+++ b/docs/yodldocs/smbcacls.1.yo
@@ -1,4 +1,4 @@
-manpage(smbcacls htmlcommand((1)))(1)(3 Dec 2000)(Samba)(SAMBA)
+manpage(smbcacls htmlcommand((1)))(1)(22 Dec 2000)(Samba)(SAMBA)
label(NAME)
manpagename(smbcacls)(Set or get ACLs on an NT file or directory )
@@ -6,10 +6,10 @@ manpagename(smbcacls)(Set or get ACLs on an NT file or directory )
label(SYNOPSIS)
manpagesynopsis()
-bf(smbcacls) //server/share filename link(-U username)(minusU)
+bf(smbcacls) //server/share filename [link(-U username)(minusU)]
[link(-A acls)(minusA)] [link(-M acls)(minusM)]
[link(-D acls)(minusD)] [link(-S acls)(minusS)]
-[link(-C username)(minusC)] [link(-G username)(minusG)]
+[link(-C name)(minusC)] [link(-G name)(minusG)]
[link(-n)(minusn)] [link(-h)(minush)]
label(DESCRIPTION)
@@ -78,6 +78,24 @@ url(bf(smb.conf))(smb.conf.5.html) file is used, or tt(username%password)
or tt(DOMAIN\username%password) and the password and workgroup names are
used as provided.
+label(minusC)
+dit(bf(-C name))
+
+The owner of a file or directory can be changed to the name given
+using the -C option. The name can be a sid in the form tt(S-1-x-y-z) or a
+name resolved against the server specified in the first argument.
+
+This command is a shortcut for tt(-M OWNER:name).
+
+label(minusG)
+dit(bf(-G name))
+
+The group owner of a file or directory can be changed to the name given
+using the -G option. The name can be a sid in the form tt(S-1-x-y-z) or a
+name resolved against the server specified in the first argument.
+
+This command is a shortcut for tt(-M GROUP:name).
+
label(minusn)
dit(bf(-n))
@@ -95,22 +113,22 @@ enddit()
label(ACLFORMAT)
manpagesection(ACL FORMAT)
-The format of an ACL is one or more ACL entries separated by either spaces,
+The format of an ACL is one or more ACL entries separated by either
commas or newlines. An ACL entry is one of the following:
-verb(
-REVISION:<revision number>
+verb(REVISION:<revision number>
OWNER:<sid or name>
GROUP:<sid or name>
ACL:<sid or name>:<type>/<flags>/<mask>)
The revision of the ACL specifies the internal Windows NT ACL revision for
-the security descriptor. If not specified it defaults to 1.
+the security descriptor. If not specified it defaults to 1. Using values
+other than 1 may cause strange behaviour.
The owner and group specify the owner and group sids for the object. If a
SID in the format tt(S-1-x-y-z) is specified this is used, otherwise
the name specified is resolved using the server on which the file or
-directory resides.
+directory resides.
ACLs specify permissions granted to the SID. This SID again can be
specified in tt(S-1-x-y-z) format or as a name in which case it is resolved
@@ -121,16 +139,17 @@ The type can be either 0 or 1 corresponding to ALLOWED or DENIED access to
the SID. The flags values are generally zero for file ACLs and either 9 or
2 for directory ACLs. Some common flags are:
-verb(
-#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1
+verb(#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1
#define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2
#define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4
#define SEC_ACE_FLAG_INHERIT_ONLY 0x8)
-The mask is a value which expresses the access right granted to
-the SID. It can be given as a hexadecimal value or by using one of the
+At present flags can only be specified as decimal or hexadecimal values.
+
+The mask is a value which expresses the access right granted to the SID.
+It can be given as a decimal or hexadecimal value, or by using one of the
following text strings which map to the NT file permissions of the same
-name.
+name.
startdit()
@@ -152,15 +171,33 @@ The following combined permissions can be specified:
startdit()
-dit() tt(READ) Equivalent to tt(RX) permissions
-dit() tt(CHANGE) Equivalent to tt(RXWD) permissions
-dit() tt(FULL) Equivalent to tt(RWXDPO) permissions
+dit() tt(READ)
+
+Equivalent to tt(RX) permissions
+
+dit() tt(CHANGE)
+
+Equivalent to tt(RXWD) permissions
+
+dit() tt(FULL)
+
+Equivalent to tt(RWXDPO) permissions
enddit()
label(EXITSTATUS)
manpagesection(EXIT STATUS)
+The bf(smbcacls) program sets the exit status depending on the success or
+otherwise of the operations performed. The exit status may be one of the
+following values.
+
+If the operation succeded, bf(smbcacls) returns and exit status of 0. If
+bf(smbcacls) couldn't connect to the specified server, or there was an
+error getting or setting the ACLs, an exit status of 1 is returned. If
+there was an error parsing any command line arguments, an exit status of 2
+is returned.
+
label(AUTHOR)
manpageauthor()