From 70922b9bbe412dc43397ecfd3feeb01169ed0b96 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 6 Dec 2000 23:24:31 +0000 Subject: Cause smbd to use the new posix_acls code, not the old unix_acls code. Currently does exactly the same thing (returns ACLs the same way). This code is written to try and get a POSIX ACL via the abstract sys_XX interface, then fall back to providing a UNIX based ACL if the calls fail. Seems to work. Next step is to add a --with-posix-acls to configure.in and then check on a POSIX ACL system that a complex ACL is returned correctly as an NT ACL. Note that the ACL set (a more complex problem) is not addressed yet. Jeremy. (This used to be commit 4339e20202a876dbadc07980b731f711463b7299) --- source3/include/proto.h | 35 ++++++++++++++++++++++++++--------- source3/include/smb.h | 1 + source3/include/smb_acls.h | 6 ++++-- 3 files changed, 31 insertions(+), 11 deletions(-) (limited to 'source3/include') diff --git a/source3/include/proto.h b/source3/include/proto.h index c4898fc2ba..fe04dcb5e3 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -240,6 +240,23 @@ void standard_sub_snum(int snum, char *str); void standard_sub_vuser(char *str, user_struct *vuser); void standard_sub_vsnum(char *str, user_struct *vuser, int snum); +/*The following definitions come from lib/sysacls.c */ + +int sys_acl_get_entry( SMB_ACL_T acl, int entry_id, SMB_ACL_ENTRY_T *entry_p); +int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p); +int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p); +void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d); +SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type); +SMB_ACL_T sys_acl_get_fd(int fd); +int sys_acl_free( void *obj_p); +int sys_acl_get_entry( SMB_ACL_T acl, int entry_id, SMB_ACL_ENTRY_T *entry_p); +int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p); +int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p); +void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d); +SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type); +SMB_ACL_T sys_acl_get_fd(int fd); +int sys_acl_free( void *obj_p); + /*The following definitions come from lib/system.c */ int sys_usleep(long usecs); @@ -1731,10 +1748,10 @@ BOOL pdb_delete_sam_account (char* username); BOOL pdb_setsampwent(BOOL update); void pdb_endsampwent(void); SAM_ACCOUNT* pdb_getsampwent(void); -SAM_ACCOUNT* pdb_getsampwnam (char *name); +SAM_ACCOUNT* pdb_getsampwnam (char *sname); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); -BOOL pdb_delete_sam_account(char *name); +BOOL pdb_delete_sam_account(char *sname); BOOL pdb_update_sam_account (SAM_ACCOUNT *newpwd, BOOL override); BOOL pdb_add_sam_account (SAM_ACCOUNT *newpwd); @@ -3699,6 +3716,13 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize); int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf); #endif +/*The following definitions come from smbd/posix_acls.c */ + +#if OLD_NTDOMAIN +size_t get_nt_acl(files_struct *fsp, SEC_DESC **ppdesc); +BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); +#endif + /*The following definitions come from smbd/process.c */ #if OLD_NTDOMAIN @@ -3866,13 +3890,6 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype); BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype); #endif -/*The following definitions come from smbd/unix_acls.c */ - -#if OLD_NTDOMAIN -size_t get_nt_acl(files_struct *fsp, SEC_DESC **ppdesc); -BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); -#endif - /*The following definitions come from smbd/vfs-wrap.c */ int vfswrap_dummy_connect(connection_struct *conn, char *service, char *user); diff --git a/source3/include/smb.h b/source3/include/smb.h index 1e5d312997..f97e7cd9f5 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1670,5 +1670,6 @@ typedef struct user_struct #define MAP_TO_GUEST_ON_BAD_PASSWORD 2 #include "nsswitch/winbindd_nss.h" +#include "smb_acls.h" #endif /* _SMB_H */ diff --git a/source3/include/smb_acls.h b/source3/include/smb_acls.h index 6acd17c321..bc07a1b271 100644 --- a/source3/include/smb_acls.h +++ b/source3/include/smb_acls.h @@ -29,6 +29,7 @@ /* This is an identity mapping (just remove the SMB_). */ #define SMB_ACL_TAG_T acl_tag_t +#define SMB_ACL_TYPE_T acl_type_t #define SMB_ACL_PERMSET_T acl_permset_t #define SMB_ACL_READ ACL_READ #define SMB_ACL_WRITE ACL_WRITE @@ -60,6 +61,7 @@ /* No ACLS - fake it. */ #define SMB_ACL_TAG_T int +#define SMB_ACL_TYPE_T int #define SMB_ACL_PERMSET_T mode_t #define SMB_ACL_READ S_IRUSR #define SMB_ACL_WRITE S_IWUSR @@ -73,11 +75,11 @@ #define SMB_ACL_OTHER_OBJ 4 #define SMB_ACL_MASK 5 -typdef struct SMB_ACL_T { +typedef struct SMB_ACL_T { int dummy; } *SMB_ACL_T; -typdef struct SMB_ACL_ENTRY_T { +typedef struct SMB_ACL_ENTRY_T { int dummy; } *SMB_ACL_ENTRY_T; -- cgit