diff options
Diffstat (limited to 'source4/utils')
| -rw-r--r-- | source4/utils/getntacl.c | 102 | ||||
| -rw-r--r-- | source4/utils/setntacl.c | 90 | ||||
| -rw-r--r-- | source4/utils/setnttoken.c | 54 |
3 files changed, 3 insertions, 243 deletions
diff --git a/source4/utils/getntacl.c b/source4/utils/getntacl.c index 762167a93a..87cc280fcc 100644 --- a/source4/utils/getntacl.c +++ b/source4/utils/getntacl.c @@ -23,108 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -/* Display a security descriptor in "psec" format which is as follows. - - The first two lines describe the owner user and owner group of the - object. If either of these lines are blank then the respective - owner property is not set. The remaining lines list the individual - permissions or ACE entries, one per line. Each column describes a - different property of the ACE: - - Column Description - ------------------------------------------------------------------- - 1 ACE type (allow/deny etc) - 2 ACE flags - 3 ACE mask - 4 SID the ACE applies to - - Example: - - S-1-5-21-1067277791-1719175008-3000797951-500 - - 1 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501 - 1 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501 - 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500 - 0 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500 - 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-513 - 0 2 0x00020000 S-1-5-21-1067277791-1719175008-3000797951-513 - 0 2 0xe0000000 S-1-1-0 -*/ - -static void print_psec(TALLOC_CTX *mem_ctx, struct security_descriptor *sd) -{ - if (sd->owner_sid) - printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid)); - else - printf("\n"); - - if (sd->group_sid) - printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid)); - else - printf("\n"); - - /* Note: SACL not displayed */ - - if (sd->dacl) { - int i; - - for (i = 0; i < sd->dacl->num_aces; i++) { - struct security_ace *ace = &sd->dacl->aces[i]; - - printf("%d %d 0x%08x %s\n", ace->type, ace->flags, - ace->access_mask, - dom_sid_string(mem_ctx, &ace->trustee)); - } - - } -} - -int main(int argc, char **argv) -{ - TALLOC_CTX *mem_ctx; - ssize_t size; - char *data; - struct security_descriptor sd; - DATA_BLOB blob; - struct ndr_pull *ndr; - NTSTATUS result; - - static_init_getntacl; - - mem_ctx = talloc_init("getntacl"); - - /* Fetch ACL data */ - - size = getxattr(argv[1], "security.ntacl", NULL, 0); - - if (size == -1) { - fprintf(stderr, "%s: %s\n", argv[1], strerror(errno)); - exit(1); - } - - data = talloc_size(mem_ctx, size); - - size = getxattr(argv[1], "security.ntacl", data, size); - - blob = data_blob_talloc(mem_ctx, data, size); - - ndr = ndr_pull_init_blob(&blob, mem_ctx); - - result = ndr_pull_security_descriptor( - ndr, NDR_SCALARS|NDR_BUFFERS, &sd); - - print_psec(data, &sd); - return 0; -} - -#endif /* HAVE_NO_ACLS */ diff --git a/source4/utils/setntacl.c b/source4/utils/setntacl.c index 0535c3037e..d7fe2f0a68 100644 --- a/source4/utils/setntacl.c +++ b/source4/utils/setntacl.c @@ -23,96 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -static void setntacl(char *filename, struct security_descriptor *sd) -{ - NTSTATUS status; - struct ndr_push *ndr; - ssize_t result; - - ndr = ndr_push_init(); - - status = ndr_push_security_descriptor( - ndr, NDR_SCALARS|NDR_BUFFERS, sd); - - result = setxattr( - filename, "security.ntacl", ndr->data, ndr->offset, 0); - - if (result == -1) { - fprintf(stderr, "%s: %s\n", filename, strerror(errno)); - exit(1); - } - -} - - int main(int argc, char **argv) -{ - char line[255]; - struct security_descriptor *sd; - TALLOC_CTX *mem_ctx; - struct security_acl *acl; - - static_init_ntacl; - - setup_logging("setntacl", DEBUG_STDOUT); - - mem_ctx = talloc_init("setntacl"); - - sd = sd_initialise(mem_ctx); - - fgets(line, sizeof(line), stdin); - sd->owner_sid = dom_sid_parse_talloc(mem_ctx, line); - - fgets(line, sizeof(line), stdin); - sd->group_sid = dom_sid_parse_talloc(mem_ctx, line); - - acl = talloc_p(mem_ctx, struct security_acl); - - acl->revision = 2; - acl->size = 0; - acl->num_aces = 0; - acl->aces = NULL; - - while(fgets(line, sizeof(line), stdin)) { - int ace_type, ace_flags; - uint32 ace_mask; - char sidstr[255]; - struct dom_sid *sid; - - if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags, - &ace_mask, sidstr) != 4) { - fprintf(stderr, "invalid ACL line\ndr"); - return 1; - } - - acl->aces = talloc_realloc(mem_ctx, acl->aces, - (acl->num_aces + 1) * sizeof(struct security_ace)); - - acl->aces[acl->num_aces].type = ace_type; - acl->aces[acl->num_aces].flags = ace_flags; - acl->aces[acl->num_aces].access_mask = ace_mask; - - sid = dom_sid_parse_talloc(mem_ctx, sidstr); - - acl->aces[acl->num_aces].trustee = *sid; - - acl->num_aces++; - } - - sd->dacl = acl; - - setntacl(argv[1], sd); - - return 0; -} - -#endif /* HAVE_NO_ACLS */ diff --git a/source4/utils/setnttoken.c b/source4/utils/setnttoken.c index ccdd7a5578..d7fe2f0a68 100644 --- a/source4/utils/setnttoken.c +++ b/source4/utils/setnttoken.c @@ -23,60 +23,8 @@ #include "includes.h" #include "system/filesys.h" -#if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT)) - int main(int argc, char **argv) { - printf("ACL support not compiled in."); + printf("This utility disabled until rewritten\n"); return 1; } - -#else - -int main(int argc, char **argv) -{ - char line[255]; - struct ndr_push *ndr; - struct lsa_SidArray sidarray; - NTSTATUS status; - TALLOC_CTX *mem_ctx; - - static_init_setnttoken; - - setup_logging("setnttoken", DEBUG_STDOUT); - - mem_ctx = talloc_init("setnttoken"); - - ndr = ndr_push_init(); - - sidarray.num_sids = 0; - sidarray.sids = NULL; - - while(fgets(line, sizeof(line), stdin)) { - struct dom_sid *sid = dom_sid_parse_talloc(ndr, line); - - if (!sid) { - fprintf(stderr, "Invalid sid: %s", line); - continue; - } - - sidarray.sids = talloc_realloc(mem_ctx, sidarray.sids, - (sidarray.num_sids + 1) * sizeof(struct lsa_SidPtr)); - - sidarray.sids[sidarray.num_sids].sid = - dom_sid_dup(ndr, sid); - - sidarray.num_sids++; - } - -/* NDR_PRINT_DEBUG(lsa_SidArray, &sidarray); */ - - status = ndr_push_lsa_SidArray( - ndr, NDR_SCALARS|NDR_BUFFERS, &sidarray); - - fwrite(ndr->data, 1, ndr->offset, stdout); - - return 0; -} - -#endif /* HAVE_NO_ACLS */ |