summaryrefslogtreecommitdiff
path: root/source3/utils/smbcacls.c
AgeCommit message (Collapse)AuthorFilesLines
2008-10-14Attempt to fix bug #5818 - "smbcacls: sorts ACEs improperly and loses ↵Jeremy Allison1-26/+157
inheritance", based on a patch from Paul Fertser <fercerpav@gmail.com>. I also added the ability to get/set hex and symbolic inheritance flag names on ACE flags. I'm still investigating the effects of setting the "SEC_DESC_DACL_AUTO_INHERIT_REQ" flag as I don't yet see what effects this is having on the ACE sent. Jeremy.
2008-10-09Remove SEC_ACCESS. It's a uint32_t.Jeremy Allison1-1/+1
Jeremy.
2008-07-20Refactoring: Change calling conventions for cli_rpc_pipe_open_noauthVolker Lendecke1-4/+6
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS (This used to be commit 9abc9dc4dc13bd3e42f98eff64eacf24b51f5779)
2008-07-07Fix option processing in smbcacls - add POPT_COMMON_CONNECTION.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 599d5f75c703a4cae3da87eb09b6a46285f6b074)
2008-05-05Fix client authentication with -P switch in client tools (Bug 5435).Günther Deschner1-1/+13
Guenther (This used to be commit d077ef64cd1d9bbaeb936566c2c70da508de829f)
2008-04-20Replace cli_rpc_pipe_close by a talloc destructor on rpc_pipe_structVolker Lendecke1-6/+2
(This used to be commit 99fc3283c4ecc791f5a242bd1983b4352ce3e6cf)
2008-01-05Add general '-e' option to enable smb encryptionJeremy Allison1-12/+25
on tools. Jeremy. (This used to be commit 757653966fc1384159bd2d57c5670cd8af0cae96)
2008-01-04Add missing patch to allow smbcacls to do krb5 auth, bug #5175Jeremy Allison1-1/+1
from Tom Maher <tmaher@watson.org>. Jeremy. (This used to be commit 54ee718957b768a06e41857b96f0b5e18b3ca6a4)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-1/+1
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-10Remove the char[1024] strings from dynconfig. ReplaceJeremy Allison1-1/+1
them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy. (This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05)
2007-12-07Remove next_token - all uses must now be next_token_talloc.Jeremy Allison1-10/+21
No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-06Make all the tools use the proper accessor functions.Jeremy Allison1-4/+3
Jeremy. (This used to be commit 6d61bb87975839adb25c304e5e5041f91b12d236)
2007-12-06Remove pstrings from client/client.c by doing a large rewrite.Jeremy Allison1-3/+6
Mostly compiles.... Jeremy. (This used to be commit c87f3eba9aa52f4ab25d77e2167262bf5c43b1a6)
2007-12-03Getting to the home stretch for elimination of pstrings...Jeremy Allison1-26/+34
Jeremy. (This used to be commit 041163551194102ca67fef52c57d87020a1d09bc)
2007-11-15More pstring removal. This one was tricky. I had to addJeremy Allison1-2/+1
one horror (pstring_clean_name()) which will have to remain until I've removed all pstrings from the client code. Jeremy. (This used to be commit 1ea3ac80146b83c2522b69e7747c823366a2b47d)
2007-11-09Sanitize smbcacls slightlyVolker Lendecke1-94/+144
(This used to be commit 9c57628dbd79d3d28f20d5d1ab62a68ae683d46e)
2007-10-27Change all occurrences of zero_addr(&ss,AF_INET) toJeremy Allison1-1/+1
zero_addr(&ss). All current uses were always of the AF_INET form, so simplify the call. If in the future we need to zero an addr to AF_INET6 this can be done separately. Jeremy. (This used to be commit 2e92418a138bf2738b77b7e0fcb2fa37ad84fc0c)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison1-7/+8
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-19Fix the popt / bool issues. Some places we used BOOLJeremy Allison1-1/+1
where we meant int. Fix this. Thanks to metze for pointing this out. Jeremy. (This used to be commit 793a9d24a163cb6cf5a3a0aa5ae30e9f8cf4744a)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-10/+10
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison1-1/+1
IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy. (This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
2007-10-10r24943: Some stackframesVolker Lendecke1-1/+1
(This used to be commit cddb9f11d5fafcd3797cb242775c37f0c04d4f15)
2007-10-10r23804: here tooAndrew Tridgell1-1/+1
(This used to be commit e5d18768a014753c439ba6be24a52b04fed63b31)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23782: I tested this against NT4 PDC, W2K Server, W2K3 Dc, and a Win XP std ↵Simo Sorce1-6/+1
alone client and they all work with this code. (This used to be commit 44e22581d731572d3fa260b92063922c59ce75db)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23627: Allow to pass down the lookup-level to rpccli_lsa_lookup_names().Günther Deschner1-1/+1
Guenther (This used to be commit e9a7512a9f630340004913f1379452eea8a9b6ae)
2007-10-10r23009: Both contains a strchr_m(server,'/') few lines after replacing all / ↵James Peach1-5/+2
with \. This patch removes this dead code. Patch from Pascal Terjan <pterjan@mandriva.com> for bug #2313. (This used to be commit 04b84baef344206d97776e04a25f4bd214eea28f)
2007-10-10r18745: Use the Samba4 data structures for security descriptors and security ↵Jelmer Vernooij1-26/+26
descriptor buffers. Make security access masks simply a uint32 rather than a structure with a uint32 in it. (This used to be commit b41c52b9db5fc4a553b20a7a5a051a4afced9366)
2007-10-10r18271: Big change:Gerald Carter1-2/+2
* autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2007-10-10r16644: Fix bug #3887 reported by jason@ncac.gwu.eduJeremy Allison1-2/+2
by converting the lookup_XX functions to correctly return SID_NAME_TYPE enums. Jeremy. (This used to be commit ee2b2d96b60c668e37592c79e86c2fd851e15f69)
2007-10-10r16409: Fix Klocwork ID's.Volker Lendecke1-3/+4
1177 In reg_perfcount.c: 1200 1202 1203 1204 In regfio.c: 1243 1245 1246 1247 1251 Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This is really your code, and I'm not sure I did the right thing to return an error. smbcacls.c: 1377 srv_eventlog_nt.c: 1415 1416 1417 srv_lsa_nt.c: 1420 1421 srv_netlog_nt.c: 1429 srv_samr_nt: 1458 1459 1460 Volker Volker (This used to be commit d6547d12b1c9f9454876665a5bdb010f46b9f5ff)
2007-10-10r14278: Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to beJim McDonough1-0/+8
specified once in an ACL, so it can be allocated a second time, overwriting the first (This used to be commit 1804a8a01ebf3353574a2c5b26a1746b34715737)
2007-10-10r14272: Fix Coverity # 81: free alloc'ed storage before returningJim McDonough1-6/+7
(This used to be commit 1899d8ea283845141b24d91d230248009744fe1a)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-1/+1
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13212: r12414@cabra: derrell | 2006-01-28 17:52:17 -0500Derrell Lipman1-1/+1
lp_load() could not be called multiple times to modify parameter settings based on reading from multiple configuration settings. Each time, it initialized all of the settings back to their defaults before reading the specified configuration file. This patch adds a parameter to lp_load() specifying whether the settings should be initialized. It does, however, still force the settings to be initialized the first time, even if the request was to not initialize them. (Not doing so could wreak havoc due to uninitialized values.) (This used to be commit f2a24de769d1b2266e576597c57a8e3b1e2a2b51)
2007-10-10r12555: Fix more load_case_table swegfaults. Arggg.Jeremy Allison1-0/+2
What I'd give for a global constructor... Jeremy. (This used to be commit c970d7d0a5ba225465dfb0980989b8817b17c643)
2007-10-10r11506: Added description of ACL in usage message.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 7795fce24e1e6dfe55360bb62617b922973f5f95)
2007-10-10r11482: Arrg. Can't believe this code was in this state. If youJeremy Allison1-1/+3
don't initialize the mask then setting "special" access gets set to *random* permissions ! Jeremy. (This used to be commit f1616911a858886da0a635a2f9b95d471215e84c)
2007-10-10r11464: Allow smbcacls to modify a SD on W2K3. This may fix severalJeremy Allison1-1/+14
bugzilla bugs - I need to go through and check. I also need to test against WNT/W2K and WXP. Jeremy. (This used to be commit 881dd7dbf6de0e11a3703afd2a1ba286ff0d62ad)
2007-10-10r11460: Improve error messages in parsing security descriptors.Jeremy Allison1-5/+38
Jeremy. (This used to be commit 385f128de716b62bdfc82627a403fe6dd69bd39d)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-4/+7
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison1-3/+3
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-3/+3
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3918: Allow to set OWNER- and GROUP-entries while setting security descriptorsGünther Deschner1-1/+9
with smbcacls and using with the -S or -M switch. Fixes #404 and #2076. Guenther (This used to be commit 13d32519e3806d7c080a0ac3c5ba196868ed2581)
2007-10-10r3846: Typo fix. Bug 2055. Lars, I'm available on irc.... :-)Volker Lendecke1-1/+1
Volker (This used to be commit 78ab68367d437cd5f84d46ac96fcaf9ebb3305b8)
2007-10-10r2348: fix segmention faultsStefan Metzmacher1-3/+5
in smbcquotas and smbcacls caused by setup_logging() (-r 1425) metze (This used to be commit 39f3f76ea2097c10799f0bef8717d3ac71cacaa8)
2007-10-10r1103: need to leave empty dacl so we can remove last ACEHerb Lewis1-5/+0
(This used to be commit d8a545368c8111fddcfdd423c4d6fcbab65e96d6)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-3/+3
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 28b315a7501f42928d73efaa75f74146ba95cf2d)
2003-09-01Fix bug 342. Short version of --add now -a instead of -A.Tim Potter1-2/+2
(This used to be commit 233568dd6b08d3dfb48a712b763dfc31c03b229d)