summaryrefslogtreecommitdiff
path: root/source3/utils/smbcacls.c
AgeCommit message (Collapse)AuthorFilesLines
2002-01-26Back out some of the less well thought out ideas from last weeks work onAndrew Bartlett1-5/+2
winbind default domains, particulary now I understand whats going on a lot better. This ensures that the RPC client code does as little 'magic' as possible - this is up to the application/user. (Where - for to name->sid code - it was all along). This leaves the change that allows the sid->name code to return domains and usernames in seperate paramaters. Andrew Bartlett (This used to be commit 5dfba2cf536f761b0aee314ed9e30dc53900b691)
2002-01-20This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett1-5/+14
smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett (This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
2001-12-18Fixup JF's weird SID return :-).Jeremy Allison1-1/+1
Jeremy (This used to be commit 7b8fb8d85c406b8755f60cf14dc2377bc59eda53)
2001-11-30Renamed sid field in SEC_ACE to trustee to be more in line with MS'sTim Potter1-10/+22
definitions. (This used to be commit 9712d3f15a47155f558d0034ef71fd06afb11301)
2001-11-28fix a bunch of places where we can double-free a cli structureAndrew Tridgell1-5/+0
(This used to be commit e2ba2383c9f679c076749a8f4fccefc3559e37ec)
2001-11-26Got medieval on another pointless extern. Removed extern struct ipzeroTim Potter1-3/+2
and replaced with two functions: void zero_ip(struct in_adder *ip); BOOL is_zero_ip(struct in_addr ip); (This used to be commit 778f5f77a66cda76348a7c6f64cd63afe2bfe077)
2001-11-23Removed TimeInit() call from every client program (except for one placeTim Potter1-2/+0
in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean. (This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
2001-11-19Store some path names in global variables initialized to configureMartin Pool1-2/+1
default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
2001-09-17move to SAFE_FREE()Simo Sorce1-12/+10
(This used to be commit 67db8f03c5c9e81e11b5f3276b50ee23e09a2659)
2001-09-10declare dbf in one spotAndrew Tridgell1-1/+0
(This used to be commit f41c3bb80f1e498a9d27f6e236b0ff3a742764c9)
2001-09-10replaced stdio in many parts of samba with a XFILE. XFILE is a cut-downAndrew Tridgell1-2/+2
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor limit that we hit with nasty consequences on some systems I would eventually prefer us to have a configure test to see if we need to replace stdio, but for now this code needs to be tested widely so I'm enabling it by default. (This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
2001-09-04it now all compiles - so try enabling it by default and see what explodes on ↵Andrew Tridgell1-7/+6
the build farm (This used to be commit 5bb7e4f0f65edf1db20245f403cbe81833134240)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-3/+3
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-24fixed handling of 139/445 in clientsAndrew Tridgell1-2/+1
(This used to be commit 22b372f8a7996a19bebb8cdb411df999cffa32a4)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-5/+5
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-07-04The big character set handling changeover!Andrew Tridgell1-2/+0
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-07-04Removed bogus server_n local variable in connect_one() function.Tim Potter1-5/+2
(This used to be commit 69d90a8af167d53ebdb6d7aeef41b28b672288d1)
2001-06-27Added some missing entries to usage().Tim Potter1-1/+7
Added -d option to set debug level. (This used to be commit 9874df0c2242ee46182744eabae14829c3b5f21e)
2001-06-21next_token() was supposed to be a reentrant replacement for strtok(),Andrew Tridgell1-2/+2
but the code suffered from bitrot and is not now reentrant. That means we can get bizarre behaviour i've fixed this by making next_token() reentrant and creating a next_token_nr() that is a small non-reentrant wrapper for those lumps of code (mostly smbclient) that have come to rely on the non-reentrant behaviour (This used to be commit 674ee2f1d12b0afc164a9e9072758fd1c5e54df7)
2001-06-20Warning fix from Andrew Bartlett.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 87f647715d9fba9f8d25da0bde005a8d8858c2ae)
2001-06-19rpc_server/srv_srvsvc_nt.c: Don't test an uint32 for < 0.Jeremy Allison1-1/+1
utils/smbcacls.c: Set enum correctly. Jeremy. (This used to be commit 66f959e0ffb0cd385167a34c7db3f4959eaf1d7f)
2001-05-01Fixup smbcacls. Don't return memory already freed, don't free memory allocatedJeremy Allison1-10/+3
with talloc. Jeremy. (This used to be commit 0ae0d024f5898f7e47e4b1d4487b15447096780c)
2001-05-01fixed some uninitialised variablesAndrew Tridgell1-1/+1
(This used to be commit 5d899e51a4fc4e872da550b88ef603dbd2d8391f)
2001-04-28rpcclient merge from 2.2 (including Jeremy's non-void return fix)Gerald Carter1-3/+3
(This used to be commit 0a6ceed279cc8111008b21f75c6791efbd993f4b)
2001-04-13Merge of Andrew's changes in 2.2.Jeremy Allison1-7/+4
Jeremy. (This used to be commit fc76681812b1469208ad6c8847afdfc68bc6db49)
2001-04-11Added SMB_ prefix to enums that clash with Solaris ACL definitions.Jeremy Allison1-9/+9
Jeremy. (This used to be commit 493d2c316a9e80de0239ef3a6f0b3f4ec9ac6e13)
2001-02-28Ooops - forgot to check the rpcclient and smbcacls compile with the newJeremy Allison1-22/+18
code :-(. Jeremy. (This used to be commit 70beabf73bdaad7b6a60e24b7a11798a411bed02)
2001-02-23make sure denied aces are firstAndrew Tridgell1-1/+1
(This used to be commit b0b49a4b28891f3e2ec8e8e221af713250cc8e17)
2001-02-23cast the qsortAndrew Tridgell1-1/+1
(This used to be commit 703d9f5cb32ca4131051c50646fd833fb1ae7d76)
2001-02-23- fixed the sort_acl bug, sorting now works rightAndrew Tridgell1-45/+32
- don't allow setting of duplicate ACEs - fixed a ACE delete bug (This used to be commit 61293979ce2aded58a5ef2a54b3b05d1d278f7cf)
2001-02-22don't crash on null acl sortAndrew Tridgell1-0/+2
(This used to be commit 59341377413fcbf30c090a3763608d23ac2bff95)
2001-02-22- workaround filer lsa lookup bug for unknown sidsAndrew Tridgell1-11/+10
- add \ at start of name if not needed (another filer workaround) (This used to be commit 48ab6297a1b462e03f70a4d90d50b21982d0d90d)
2001-02-22cope with filer/NT/samba all in one binary. yeah.Andrew Tridgell1-7/+35
we now don't open rw for acls (This used to be commit c0f57c3fe636c5a5885c6b2ed4723252597533eb)
2001-02-20don't need _uni hack nowAndrew Tridgell1-30/+6
(This used to be commit f191271986d085cc73b62c8d3de8ab7b326c19c0)
2001-01-23Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED for lsa_open_policy()Tim Potter1-1/+5
but NT sends 0x2000000 so we might as well do it too. (This used to be commit 394e17645b777be767cd1c69be3f5efe7a703d85)
2000-12-21Return appropriate exit codes for various situations:Tim Potter1-22/+32
0 for success 1 if operation failed 2 command line parse error (This used to be commit b4773618acb60b62b20b01ff7ba749984c1379fb)
2000-12-21Don't call string_to_sid after cli_lsa_lookup_names() fails.Tim Potter1-2/+55
Can't use space as a ACL separator as it breaks NT user/group names that contain spaces (i.e most of the default ones). The MSDN is contradictory over the exact ordering of ACE entries in an ACL. However NT4 gives a "The information may have been modified by a computer running Windows NT 5.0" if denied ACEs do not appear before allowed ACEs. Sort ACE list before calling cli_set_secdesc(). (This used to be commit 01a89978ff4b9fcc813c4f251ddfe23c0485a696)
2000-12-21Some systems seem to only accept a ntcreate&x with a unicode filenameTim Potter1-5/+45
despite samba negotiating ascii filenames. Retry with unicode pathnames if the ascii version fails. Convert all forward slashes to backslashes in the filename argument. (This used to be commit 935b77573ec82bece6211a9f61c800ef1c8c9aa4)
2000-12-21Cleaned up SidToString() and StringToSid() exit paths.Tim Potter1-17/+27
Can now use user%password format in $USER environment variable. -U option is now optional. (This used to be commit e21f2ef4fbfae1451d77b53291a78646dee9cfce)
2000-12-16Added -C username and -G username that allow a user (usually Administrator)Jeremy Allison1-5/+61
to change the ownership or group ownership of a file to any arbitrary user from the UNIX command line. This will show the people who quote NT manuals at us about how this is "impossible" how their operating system really works :-). Jeremy. (This used to be commit 12f88c9ba731bdded626b9d011cfc8d2ba09010e)
2000-12-15Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. MergedJeremy Allison1-7/+17
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
2000-12-14Renamed parameters and variables called acl to the_acl as it conflictsTim Potter1-18/+18
with a Solaris system call. (This used to be commit 5e547ddcb526be5562db9213c5b36e505e735a2e)
2000-12-14Cache lsa connection and policy handle for resolving names and sids.Tim Potter1-48/+56
(This used to be commit 09d2d972fd6f70bdf62f25936494968ef597b98b)
2000-12-13Convert names to sids when modifying ACLs. Convert sids to names whenTim Potter1-10/+68
displaying ACLs. (This used to be commit 5001bbc64be62af1597eb334e5b530b415d62a6b)
2000-12-12Don't print out the security descriptor type as it is automaticallyTim Potter1-7/+1
calculated by the new make_sec_desc() function. (This used to be commit 6fd5dc81458317e106f5ea24958cefe4146c90a6)
2000-12-12Better error checking for ACL parsing.Tim Potter1-7/+21
Print an error when attempting to delete a non-existent ACL. (This used to be commit d119782d0d8d2738650da47fa11134d26134ce17)
2000-12-07Added undocumented -t command for testing parsing of acl entries.Tim Potter1-11/+118
Print out hex value for ace mask if we can't decode it. We can now parse FULL,CHANGE,READ as well as combos of RWXDPO as ace mask values. Clarified usage message. Bomb out if excess args are given. (This used to be commit ed5bda119a984e124d24f168db15e15da62ceaa5)
2000-12-04added a commentAndrew Tridgell1-0/+2
(This used to be commit 032442802f73948e3af2c86fee0d58f82e47f673)
2000-12-04fixed the parsing again and got setting acls working with w2kAndrew Tridgell1-3/+3
(This used to be commit 374d08be6443738d6a450801866fd6e046322e2c)
2000-12-04Added some cli_errstr() calls.Tim Potter1-4/+4
(This used to be commit faaa71a032bc27d073c39da42fc2928ea3226698)