1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
/*
Unix SMB/CIFS implementation.
Set NT ACLs on UNIX files.
Copyright (C) Tim Potter <tpot@samba.org> 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef HAVE_NO_ACLS
int main(int argc, char **argv)
{
printf("ACL support not compiled in.");
return 1;
}
#else
static void setntacl(char *filename, struct security_descriptor *sd)
{
NTSTATUS status;
struct ndr_push *ndr;
ssize_t result;
ndr = ndr_push_init();
status = ndr_push_security_descriptor(
ndr, NDR_SCALARS|NDR_BUFFERS, sd);
result = setxattr(
filename, "security.ntacl", ndr->data, ndr->offset, 0);
if (result == -1) {
fprintf(stderr, "%s: %s\n", filename, strerror(errno));
exit(1);
}
}
int main(int argc, char **argv)
{
char line[255];
struct security_descriptor *sd;
TALLOC_CTX *mem_ctx;
struct security_acl *acl;
setup_logging("setntacl", DEBUG_STDOUT);
mem_ctx = talloc_init("setntacl");
sd = sd_initialise(mem_ctx);
fgets(line, sizeof(line), stdin);
sd->owner_sid = dom_sid_parse_talloc(mem_ctx, line);
fgets(line, sizeof(line), stdin);
sd->group_sid = dom_sid_parse_talloc(mem_ctx, line);
acl = talloc(mem_ctx, sizeof(struct security_acl));
acl->revision = 2;
acl->size = 0;
acl->num_aces = 0;
acl->aces = NULL;
while(fgets(line, sizeof(line), stdin)) {
int ace_type, ace_flags;
uint32 ace_mask;
char sidstr[255];
struct dom_sid *sid;
if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags,
&ace_mask, sidstr) != 4) {
fprintf(stderr, "invalid ACL line\ndr");
return 1;
}
acl->aces = talloc_realloc(mem_ctx, acl->aces,
(acl->num_aces + 1) * sizeof(struct security_ace));
acl->aces[acl->num_aces].type = ace_type;
acl->aces[acl->num_aces].flags = ace_flags;
acl->aces[acl->num_aces].access_mask = ace_mask;
sid = dom_sid_parse_talloc(mem_ctx, sidstr);
acl->aces[acl->num_aces].trustee = *sid;
acl->num_aces++;
}
sd->dacl = acl;
setntacl(argv[1], sd);
return 0;
}
#endif /* HAVE_NO_ACLS */
|