diff options
-rw-r--r-- | docs/htmldocs/smbcacls.1.html | 50 | ||||
-rw-r--r-- | docs/manpages/smbcacls.1 | 62 | ||||
-rw-r--r-- | docs/yodldocs/smbcacls.1.yo | 69 |
3 files changed, 139 insertions, 42 deletions
diff --git a/docs/htmldocs/smbcacls.1.html b/docs/htmldocs/smbcacls.1.html index b7a048a1f3..e75a5741e5 100644 --- a/docs/htmldocs/smbcacls.1.html +++ b/docs/htmldocs/smbcacls.1.html @@ -11,7 +11,7 @@ <h1>smbcacls (1)</h1> <h2>Samba</h2> -<h2>3 Dec 2000</h2> +<h2>22 Dec 2000</h2> @@ -21,9 +21,10 @@ <p><a name="SYNOPSIS"></a> <h2>SYNOPSIS</h2> -<p><strong>smbcacls</strong> //server/share filename <a href="smbcacls.1.html#minusU">-U username</a> +<p><strong>smbcacls</strong> //server/share filename [<a href="smbcacls.1.html#minusU">-U username</a>] [<a href="smbcacls.1.html#minusA">-A acls</a>] [<a href="smbcacls.1.html#minusM">-M acls</a>] [<a href="smbcacls.1.html#minusD">-D acls</a>] [<a href="smbcacls.1.html#minusS">-S acls</a>] +[<a href="smbcacls.1.html#minusC">-C name</a>] [<a href="smbcacls.1.html#minusG">-G name</a>] [<a href="smbcacls.1.html#minusn">-n</a>] [<a href="smbcacls.1.html#minush">-h</a>] <p><a name="DESCRIPTION"></a> <h2>DESCRIPTION</h2> @@ -62,6 +63,18 @@ prompted to enter in a password and the workgroup specified in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file is used, or <code>username%password</code> or <code>DOMAIN\username%password</code> and the password and workgroup names are used as provided. +<p><a name="minusC"></a> +<p></p><dt><strong><strong>-C name</strong></strong><dd> +<p>The owner of a file or directory can be changed to the name given +using the -C option. The name can be a sid in the form <code>S-1-x-y-z</code> or a +name resolved against the server specified in the first argument. +<p>This command is a shortcut for <code>-M OWNER:name</code>. +<p><a name="minusG"></a> +<p></p><dt><strong><strong>-G name</strong></strong><dd> +<p>The group owner of a file or directory can be changed to the name given +using the -G option. The name can be a sid in the form <code>S-1-x-y-z</code> or a +name resolved against the server specified in the first argument. +<p>This command is a shortcut for <code>-M GROUP:name</code>. <p><a name="minusn"></a> <p></p><dt><strong><strong>-n</strong></strong><dd> <p>This option displays all ACL information in numeric format. The default is @@ -74,10 +87,9 @@ format. <p><a name="ACLFORMAT"></a> <h2>ACL FORMAT</h2> -<p>The format of an ACL is one or more ACL entries separated by either spaces, +<p>The format of an ACL is one or more ACL entries separated by either commas or newlines. An ACL entry is one of the following: <p><pre> - REVISION:<revision number> OWNER:<sid or name> GROUP:<sid or name> @@ -85,11 +97,12 @@ ACL:<sid or name>:<type>/<flags>/<mask> </pre> <p>The revision of the ACL specifies the internal Windows NT ACL revision for -the security descriptor. If not specified it defaults to 1. +the security descriptor. If not specified it defaults to 1. Using values +other than 1 may cause strange behaviour. <p>The owner and group specify the owner and group sids for the object. If a SID in the format <code>S-1-x-y-z</code> is specified this is used, otherwise the name specified is resolved using the server on which the file or -directory resides. +directory resides. <p>ACLs specify permissions granted to the SID. This SID again can be specified in <code>S-1-x-y-z</code> format or as a name in which case it is resolved against the server on which the file or directory resides. The type, flags @@ -98,17 +111,17 @@ and mask values determine the type of access granted to the SID. the SID. The flags values are generally zero for file ACLs and either 9 or 2 for directory ACLs. Some common flags are: <p><pre> - #define SEC_ACE_FLAG_OBJECT_INHERIT 0x1 #define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2 #define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4 #define SEC_ACE_FLAG_INHERIT_ONLY 0x8 </pre> -<p>The mask is a value which expresses the access right granted to -the SID. It can be given as a hexadecimal value or by using one of the +<p>At present flags can only be specified as decimal or hexadecimal values. +<p>The mask is a value which expresses the access right granted to the SID. +It can be given as a decimal or hexadecimal value, or by using one of the following text strings which map to the NT file permissions of the same -name. +name. <p><dl> <p><p></p><dt><strong></strong><dd> <code>R</code> Allow read access <p><p></p><dt><strong></strong><dd> <code>W</code> Allow write access @@ -119,13 +132,24 @@ name. <p></dl> <p>The following combined permissions can be specified: <p><dl> -<p><p></p><dt><strong></strong><dd> <code>READ</code> Equivalent to <code>RX</code> permissions -<p></p><dt><strong></strong><dd> <code>CHANGE</code> Equivalent to <code>RXWD</code> permissions -<p></p><dt><strong></strong><dd> <code>FULL</code> Equivalent to <code>RWXDPO</code> permissions +<p><p></p><dt><strong></strong><dd> <code>READ</code> +<p>Equivalent to <code>RX</code> permissions +<p><p></p><dt><strong></strong><dd> <code>CHANGE</code> +<p>Equivalent to <code>RXWD</code> permissions +<p><p></p><dt><strong></strong><dd> <code>FULL</code> +<p>Equivalent to <code>RWXDPO</code> permissions <p></dl> <p><a name="EXITSTATUS"></a> <h2>EXIT STATUS</h2> +<p>The <strong>smbcacls</strong> program sets the exit status depending on the success or +otherwise of the operations performed. The exit status may be one of the +following values. +<p>If the operation succeded, <strong>smbcacls</strong> returns and exit status of 0. If +<strong>smbcacls</strong> couldn't connect to the specified server, or there was an +error getting or setting the ACLs, an exit status of 1 is returned. If +there was an error parsing any command line arguments, an exit status of 2 +is returned. <p><a name="AUTHOR"></a> <h2>AUTHOR</h2> diff --git a/docs/manpages/smbcacls.1 b/docs/manpages/smbcacls.1 index 52b6a6ce3f..9f5c00c6c4 100644 --- a/docs/manpages/smbcacls.1 +++ b/docs/manpages/smbcacls.1 @@ -1,13 +1,14 @@ -.TH "smbcacls " "1" "3 Dec 2000" "Samba" "SAMBA" +.TH "smbcacls " "1" "22 Dec 2000" "Samba" "SAMBA" .PP .SH "NAME" smbcacls \- Set or get ACLs on an NT file or directory .PP .SH "SYNOPSIS" .PP -\fBsmbcacls\fP //server/share filename -U username +\fBsmbcacls\fP //server/share filename [-U username] [-A acls] [-M acls] [-D acls] [-S acls] +[-C name] [-G name] [-n] [-h] .PP .SH "DESCRIPTION" @@ -52,6 +53,22 @@ prompted to enter in a password and the workgroup specified in the or \f(CWDOMAIN\eusername%password\fP and the password and workgroup names are used as provided\&. .IP +.IP "\fB-C name\fP" +.IP +The owner of a file or directory can be changed to the name given +using the -C option\&. The name can be a sid in the form \f(CWS-1-x-y-z\fP or a +name resolved against the server specified in the first argument\&. +.IP +This command is a shortcut for \f(CW-M OWNER:name\fP\&. +.IP +.IP "\fB-G name\fP" +.IP +The group owner of a file or directory can be changed to the name given +using the -G option\&. The name can be a sid in the form \f(CWS-1-x-y-z\fP or a +name resolved against the server specified in the first argument\&. +.IP +This command is a shortcut for \f(CW-M GROUP:name\fP\&. +.IP .IP "\fB-n\fP" .IP This option displays all ACL information in numeric format\&. The default is @@ -65,13 +82,12 @@ Print usage information on the \fBsmbcacls\fP program .PP .SH "ACL FORMAT" .PP -The format of an ACL is one or more ACL entries separated by either spaces, +The format of an ACL is one or more ACL entries separated by either commas or newlines\&. An ACL entry is one of the following: .PP .nf - REVISION:<revision number> OWNER:<sid or name> GROUP:<sid or name> @@ -81,12 +97,13 @@ ACL:<sid or name>:<type>/<flags>/<mask> .PP The revision of the ACL specifies the internal Windows NT ACL revision for -the security descriptor\&. If not specified it defaults to 1\&. +the security descriptor\&. If not specified it defaults to 1\&. Using values +other than 1 may cause strange behaviour\&. .PP The owner and group specify the owner and group sids for the object\&. If a SID in the format \f(CWS-1-x-y-z\fP is specified this is used, otherwise the name specified is resolved using the server on which the file or -directory resides\&. +directory resides\&. .PP ACLs specify permissions granted to the SID\&. This SID again can be specified in \f(CWS-1-x-y-z\fP format or as a name in which case it is resolved @@ -100,7 +117,6 @@ the SID\&. The flags values are generally zero for file ACLs and either 9 or .nf - #define SEC_ACE_FLAG_OBJECT_INHERIT 0x1 #define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2 #define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4 @@ -109,10 +125,12 @@ the SID\&. The flags values are generally zero for file ACLs and either 9 or .PP -The mask is a value which expresses the access right granted to -the SID\&. It can be given as a hexadecimal value or by using one of the +At present flags can only be specified as decimal or hexadecimal values\&. +.PP +The mask is a value which expresses the access right granted to the SID\&. +It can be given as a decimal or hexadecimal value, or by using one of the following text strings which map to the NT file permissions of the same -name\&. +name\&. .PP .IP .IP "" @@ -138,15 +156,33 @@ The following combined permissions can be specified: .PP .IP .IP "" -\f(CWREAD\fP Equivalent to \f(CWRX\fP permissions +\f(CWREAD\fP +.IP +Equivalent to \f(CWRX\fP permissions +.IP .IP "" -\f(CWCHANGE\fP Equivalent to \f(CWRXWD\fP permissions +\f(CWCHANGE\fP +.IP +Equivalent to \f(CWRXWD\fP permissions +.IP .IP "" -\f(CWFULL\fP Equivalent to \f(CWRWXDPO\fP permissions +\f(CWFULL\fP +.IP +Equivalent to \f(CWRWXDPO\fP permissions .IP .PP .SH "EXIT STATUS" .PP +The \fBsmbcacls\fP program sets the exit status depending on the success or +otherwise of the operations performed\&. The exit status may be one of the +following values\&. +.PP +If the operation succeded, \fBsmbcacls\fP returns and exit status of 0\&. If +\fBsmbcacls\fP couldn\'t connect to the specified server, or there was an +error getting or setting the ACLs, an exit status of 1 is returned\&. If +there was an error parsing any command line arguments, an exit status of 2 +is returned\&. +.PP .SH "AUTHOR" .PP The original Samba software and related utilities were created by diff --git a/docs/yodldocs/smbcacls.1.yo b/docs/yodldocs/smbcacls.1.yo index 4668d03f1f..e8be5a4d28 100644 --- a/docs/yodldocs/smbcacls.1.yo +++ b/docs/yodldocs/smbcacls.1.yo @@ -1,4 +1,4 @@ -manpage(smbcacls htmlcommand((1)))(1)(3 Dec 2000)(Samba)(SAMBA) +manpage(smbcacls htmlcommand((1)))(1)(22 Dec 2000)(Samba)(SAMBA) label(NAME) manpagename(smbcacls)(Set or get ACLs on an NT file or directory ) @@ -6,10 +6,10 @@ manpagename(smbcacls)(Set or get ACLs on an NT file or directory ) label(SYNOPSIS) manpagesynopsis() -bf(smbcacls) //server/share filename link(-U username)(minusU) +bf(smbcacls) //server/share filename [link(-U username)(minusU)] [link(-A acls)(minusA)] [link(-M acls)(minusM)] [link(-D acls)(minusD)] [link(-S acls)(minusS)] -[link(-C username)(minusC)] [link(-G username)(minusG)] +[link(-C name)(minusC)] [link(-G name)(minusG)] [link(-n)(minusn)] [link(-h)(minush)] label(DESCRIPTION) @@ -78,6 +78,24 @@ url(bf(smb.conf))(smb.conf.5.html) file is used, or tt(username%password) or tt(DOMAIN\username%password) and the password and workgroup names are used as provided. +label(minusC) +dit(bf(-C name)) + +The owner of a file or directory can be changed to the name given +using the -C option. The name can be a sid in the form tt(S-1-x-y-z) or a +name resolved against the server specified in the first argument. + +This command is a shortcut for tt(-M OWNER:name). + +label(minusG) +dit(bf(-G name)) + +The group owner of a file or directory can be changed to the name given +using the -G option. The name can be a sid in the form tt(S-1-x-y-z) or a +name resolved against the server specified in the first argument. + +This command is a shortcut for tt(-M GROUP:name). + label(minusn) dit(bf(-n)) @@ -95,22 +113,22 @@ enddit() label(ACLFORMAT) manpagesection(ACL FORMAT) -The format of an ACL is one or more ACL entries separated by either spaces, +The format of an ACL is one or more ACL entries separated by either commas or newlines. An ACL entry is one of the following: -verb( -REVISION:<revision number> +verb(REVISION:<revision number> OWNER:<sid or name> GROUP:<sid or name> ACL:<sid or name>:<type>/<flags>/<mask>) The revision of the ACL specifies the internal Windows NT ACL revision for -the security descriptor. If not specified it defaults to 1. +the security descriptor. If not specified it defaults to 1. Using values +other than 1 may cause strange behaviour. The owner and group specify the owner and group sids for the object. If a SID in the format tt(S-1-x-y-z) is specified this is used, otherwise the name specified is resolved using the server on which the file or -directory resides. +directory resides. ACLs specify permissions granted to the SID. This SID again can be specified in tt(S-1-x-y-z) format or as a name in which case it is resolved @@ -121,16 +139,17 @@ The type can be either 0 or 1 corresponding to ALLOWED or DENIED access to the SID. The flags values are generally zero for file ACLs and either 9 or 2 for directory ACLs. Some common flags are: -verb( -#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1 +verb(#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1 #define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2 #define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4 #define SEC_ACE_FLAG_INHERIT_ONLY 0x8) -The mask is a value which expresses the access right granted to -the SID. It can be given as a hexadecimal value or by using one of the +At present flags can only be specified as decimal or hexadecimal values. + +The mask is a value which expresses the access right granted to the SID. +It can be given as a decimal or hexadecimal value, or by using one of the following text strings which map to the NT file permissions of the same -name. +name. startdit() @@ -152,15 +171,33 @@ The following combined permissions can be specified: startdit() -dit() tt(READ) Equivalent to tt(RX) permissions -dit() tt(CHANGE) Equivalent to tt(RXWD) permissions -dit() tt(FULL) Equivalent to tt(RWXDPO) permissions +dit() tt(READ) + +Equivalent to tt(RX) permissions + +dit() tt(CHANGE) + +Equivalent to tt(RXWD) permissions + +dit() tt(FULL) + +Equivalent to tt(RWXDPO) permissions enddit() label(EXITSTATUS) manpagesection(EXIT STATUS) +The bf(smbcacls) program sets the exit status depending on the success or +otherwise of the operations performed. The exit status may be one of the +following values. + +If the operation succeded, bf(smbcacls) returns and exit status of 0. If +bf(smbcacls) couldn't connect to the specified server, or there was an +error getting or setting the ACLs, an exit status of 1 is returned. If +there was an error parsing any command line arguments, an exit status of 2 +is returned. + label(AUTHOR) manpageauthor() |