search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tests: Create symlinks using posix extensions
[Samba.git] / source3 / utils / net_usershare.c
blobe5826eeecf16e4f0915473e8c0defd16129b349e
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4
5 Copyright (C) Jeremy Allison (jra@samba.org) 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "system/passwd.h"
23 #include "system/filesys.h"
24 #include "utils/net.h"
25 #include "../libcli/security/security.h"
26 #include "lib/util/string_wrappers.h"
27
28 struct {
29 const char *us_errstr;
30 enum usershare_err us_err;
31 } us_errs [] = {
32 {"",USERSHARE_OK},
33 {N_("Malformed usershare file"), USERSHARE_MALFORMED_FILE},
34 {N_("Bad version number"), USERSHARE_BAD_VERSION},
35 {N_("Malformed path entry"), USERSHARE_MALFORMED_PATH},
36 {N_("Malformed comment entryfile"), USERSHARE_MALFORMED_COMMENT_DEF},
37 {N_("Malformed acl definition"), USERSHARE_MALFORMED_ACL_DEF},
38 {N_("Acl parse error"), USERSHARE_ACL_ERR},
39 {N_("Path not absolute"), USERSHARE_PATH_NOT_ABSOLUTE},
40 {N_("Path is denied"), USERSHARE_PATH_IS_DENIED},
41 {N_("Path not allowed"), USERSHARE_PATH_NOT_ALLOWED},
42 {N_("Path is not a directory"), USERSHARE_PATH_NOT_DIRECTORY},
43 {N_("System error"), USERSHARE_POSIX_ERR},
44 {N_("Malformed sharename definition"), USERSHARE_MALFORMED_SHARENAME_DEF},
45 {N_("Bad sharename (doesn't match filename)"), USERSHARE_BAD_SHARENAME},
46 {NULL,(enum usershare_err)-1}
47 };
48
49 static const char *get_us_error_code(enum usershare_err us_err)
50 {
51 char *result;
52 int idx = 0;
53
54 while (us_errs[idx].us_errstr != NULL) {
55 if (us_errs[idx].us_err == us_err) {
56 return us_errs[idx].us_errstr;
57 }
58 idx++;
59 }
60
61 result = talloc_asprintf(talloc_tos(), _("Usershare error code (0x%x)"),
62 (unsigned int)us_err);
63 SMB_ASSERT(result != NULL);
64 return result;
65 }
66
67 /* The help subsystem for the USERSHARE subcommand */
68
69 static int net_usershare_add_usage(struct net_context *c, int argc, const char **argv)
70 {
71 char chr = *lp_winbind_separator();
72 d_printf(_(
73 "net usershare add [--long] <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>]\n"
74 "\tAdds the specified share name for this user.\n"
75 "\t<sharename> is the new share name.\n"
76 "\t<path> is the path on the filesystem to export.\n"
77 "\t<comment> is the optional comment for the new share.\n"
78 "\t<acl> is an optional share acl in the format \"DOMAIN%cname:X,DOMAIN%cname:X,....\"\n"
79 "\t<guest_ok=y> if present sets \"guest ok = yes\" on this usershare.\n"
80 "\t\t\"X\" represents a permission and can be any one of the characters f, r or d\n"
81 "\t\twhere \"f\" means full control, \"r\" means read-only, \"d\" means deny access.\n"
82 "\t\tname may be a domain user or group. For local users use the local server name "
83 "instead of \"DOMAIN\"\n"
84 "\t\tThe default acl is \"Everyone:r\" which allows everyone read-only access.\n"
85 "\tAdd --long to print the info on the newly added share.\n"),
86 chr, chr );
87 return -1;
88 }
89
90 static int net_usershare_delete_usage(struct net_context *c, int argc, const char **argv)
91 {
92 d_printf(_(
93 "net usershare delete <sharename>\n"
94 "\tdeletes the specified share name for this user.\n"));
95 return -1;
96 }
97
98 static int net_usershare_info_usage(struct net_context *c, int argc, const char **argv)
99 {
100 d_printf(_(
101 "net usershare info [--long] [wildcard sharename]\n"
102 "\tPrints out the path, comment and acl elements of shares that match the wildcard.\n"
103 "\tBy default only gives info on shares owned by the current user\n"
104 "\tAdd --long to apply this to all shares\n"
105 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
106 return -1;
107 }
108
109 static int net_usershare_list_usage(struct net_context *c, int argc, const char **argv)
110 {
111 d_printf(_(
112 "net usershare list [--long] [wildcard sharename]\n"
113 "\tLists the names of all shares that match the wildcard.\n"
114 "\tBy default only lists shares owned by the current user\n"
115 "\tAdd --long to apply this to all shares\n"
116 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
117 return -1;
118 }
119
120 int net_usershare_usage(struct net_context *c, int argc, const char **argv)
121 {
122 d_printf(_("net usershare add <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>] to "
123 "add or change a user defined share.\n"
124 "net usershare delete <sharename> to delete a user defined share.\n"
125 "net usershare info [--long] [wildcard sharename] to print info about a user defined share.\n"
126 "net usershare list [--long] [wildcard sharename] to list user defined shares.\n"
127 "net usershare help\n"
128 "\nType \"net usershare help <option>\" to get more information on that option\n\n"));
129
130 net_common_flags_usage(c, argc, argv);
131 return -1;
132 }
133
134 /***************************************************************************
135 ***************************************************************************/
136
137 static char *get_basepath(TALLOC_CTX *ctx)
138 {
139 const struct loadparm_substitution *lp_sub =
140 loadparm_s3_global_substitution();
141 char *basepath = lp_usershare_path(ctx, lp_sub);
142
143 if (!basepath) {
144 return NULL;
145 }
146 if ((basepath[0] != '\0') && (basepath[strlen(basepath)-1] == '/')) {
147 basepath[strlen(basepath)-1] = '\0';
148 }
149 return basepath;
150 }
151
152 /***************************************************************************
153 Delete a single userlevel share.
154 ***************************************************************************/
155
156 static int net_usershare_delete(struct net_context *c, int argc, const char **argv)
157 {
158 const struct loadparm_substitution *lp_sub =
159 loadparm_s3_global_substitution();
160 char *us_path;
161 char *sharename;
162
163 if (argc != 1 || c->display_usage) {
164 return net_usershare_delete_usage(c, argc, argv);
165 }
166
167 if ((sharename = strlower_talloc(talloc_tos(), argv[0])) == NULL) {
168 d_fprintf(stderr, _("strlower_talloc failed\n"));
169 return -1;
170 }
171
172 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
173 d_fprintf(stderr, _("net usershare delete: share name %s contains "
174 "invalid characters (any of %s)\n"),
175 sharename, INVALID_SHARENAME_CHARS);
176 TALLOC_FREE(sharename);
177 return -1;
178 }
179
180 us_path = talloc_asprintf(talloc_tos(),
181 "%s/%s",
182 lp_usershare_path(talloc_tos(), lp_sub),
183 sharename);
184 if (!us_path) {
185 TALLOC_FREE(sharename);
186 return -1;
187 }
188
189 if (unlink(us_path) != 0) {
190 d_fprintf(stderr, _("net usershare delete: unable to remove usershare %s. "
191 "Error was %s\n"),
192 us_path, strerror(errno));
193 TALLOC_FREE(sharename);
194 return -1;
195 }
196 TALLOC_FREE(sharename);
197 return 0;
198 }
199
200 /***************************************************************************
201 Data structures to handle a list of usershare files.
202 ***************************************************************************/
203
204 struct file_list {
205 struct file_list *next, *prev;
206 const char *pathname;
207 };
208
209 static struct file_list *flist;
210
211 /***************************************************************************
212 ***************************************************************************/
213
214 static int get_share_list(TALLOC_CTX *ctx, const char *wcard, bool only_ours)
215 {
216 DIR *dp;
217 struct dirent *de;
218 uid_t myuid = geteuid();
219 struct file_list *fl = NULL;
220 char *basepath = get_basepath(ctx);
221
222 if (!basepath) {
223 return -1;
224 }
225 dp = opendir(basepath);
226 if (!dp) {
227 d_fprintf(stderr,
228 _("get_share_list: cannot open usershare directory %s. "
229 "Error %s\n"),
230 basepath, strerror(errno) );
231 return -1;
232 }
233
234 while((de = readdir(dp)) != 0) {
235 SMB_STRUCT_STAT sbuf;
236 char *path;
237 const char *n = de->d_name;
238
239 /* Ignore . and .. */
240 if (*n == '.') {
241 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
242 continue;
243 }
244 }
245
246 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
247 d_fprintf(stderr,
248 _("get_share_list: ignoring bad share "
249 "name %s\n"), n);
250 continue;
251 }
252 path = talloc_asprintf(ctx,
253 "%s/%s",
254 basepath,
255 n);
256 if (!path) {
257 closedir(dp);
258 return -1;
259 }
260
261 if (sys_lstat(path, &sbuf, false) != 0) {
262 d_fprintf(stderr,
263 _("get_share_list: can't lstat file %s. Error "
264 "was %s\n"),
265 path, strerror(errno) );
266 continue;
267 }
268
269 if (!S_ISREG(sbuf.st_ex_mode)) {
270 d_fprintf(stderr,
271 _("get_share_list: file %s is not a regular "
272 "file. Ignoring.\n"),
273 path );
274 continue;
275 }
276
277 if (only_ours && sbuf.st_ex_uid != myuid) {
278 continue;
279 }
280
281 if (!unix_wild_match(wcard, n)) {
282 continue;
283 }
284
285 /* (Finally) - add to list. */
286 fl = talloc(ctx, struct file_list);
287 if (!fl) {
288 closedir(dp);
289 return -1;
290 }
291 fl->pathname = talloc_strdup(ctx, n);
292 if (!fl->pathname) {
293 closedir(dp);
294 return -1;
295 }
296
297 DLIST_ADD(flist, fl);
298 }
299
300 closedir(dp);
301 return 0;
302 }
303
304 enum us_priv_op { US_LIST_OP, US_INFO_OP};
305
306 struct us_priv_info {
307 TALLOC_CTX *ctx;
308 enum us_priv_op op;
309 struct net_context *c;
310 };
311
312 /***************************************************************************
313 Call a function for every share on the list.
314 ***************************************************************************/
315
316 static int process_share_list(int (*fn)(struct file_list *, void *), void *priv)
317 {
318 struct file_list *fl;
319 int ret = 0;
320
321 for (fl = flist; fl; fl = fl->next) {
322 ret = (*fn)(fl, priv);
323 }
324
325 return ret;
326 }
327
328 /***************************************************************************
329 Info function.
330 ***************************************************************************/
331
332 static int info_fn(struct file_list *fl, void *priv)
333 {
334 SMB_STRUCT_STAT sbuf;
335 char **lines = NULL;
336 struct us_priv_info *pi = (struct us_priv_info *)priv;
337 TALLOC_CTX *ctx = pi->ctx;
338 struct net_context *c = pi->c;
339 int fd = -1;
340 int numlines = 0;
341 struct security_descriptor *psd = NULL;
342 char *basepath;
343 char *sharepath = NULL;
344 char *comment = NULL;
345 char *cp_sharename = NULL;
346 char *acl_str;
347 int num_aces;
348 char sep_str[2];
349 enum usershare_err us_err;
350 bool guest_ok = false;
351
352 sep_str[0] = *lp_winbind_separator();
353 sep_str[1] = '\0';
354
355 basepath = get_basepath(ctx);
356 if (!basepath) {
357 return -1;
358 }
359 basepath = talloc_asprintf_append(basepath,
360 "/%s",
361 fl->pathname);
362 if (!basepath) {
363 return -1;
364 }
365
366 #ifdef O_NOFOLLOW
367 fd = open(basepath, O_RDONLY|O_NOFOLLOW, 0);
368 #else
369 fd = open(basepath, O_RDONLY, 0);
370 #endif
371
372 if (fd == -1) {
373 d_fprintf(stderr, _("info_fn: unable to open %s. %s\n"),
374 basepath, strerror(errno) );
375 return -1;
376 }
377
378 /* Paranoia... */
379 if (sys_fstat(fd, &sbuf, false) != 0) {
380 d_fprintf(stderr,
381 _("info_fn: can't fstat file %s. Error was %s\n"),
382 basepath, strerror(errno) );
383 close(fd);
384 return -1;
385 }
386
387 if (!S_ISREG(sbuf.st_ex_mode)) {
388 d_fprintf(stderr,
389 _("info_fn: file %s is not a regular file. Ignoring.\n"),
390 basepath );
391 close(fd);
392 return -1;
393 }
394
395 lines = fd_lines_load(fd, &numlines, 10240, NULL);
396 close(fd);
397
398 if (lines == NULL) {
399 return -1;
400 }
401
402 /* Ensure it's well formed. */
403 us_err = parse_usershare_file(ctx, &sbuf, fl->pathname, -1, lines, numlines,
404 &sharepath,
405 &comment,
406 &cp_sharename,
407 &psd,
408 &guest_ok);
409
410 TALLOC_FREE(lines);
411
412 if (us_err != USERSHARE_OK) {
413 d_fprintf(stderr,
414 _("info_fn: file %s is not a well formed usershare "
415 "file.\n"),
416 basepath );
417 d_fprintf(stderr, _("info_fn: Error was %s.\n"),
418 get_us_error_code(us_err) );
419 return -1;
420 }
421
422 acl_str = talloc_strdup(ctx, "usershare_acl=");
423 if (!acl_str) {
424 return -1;
425 }
426
427 for (num_aces = 0; num_aces < psd->dacl->num_aces; num_aces++) {
428 const char *domain;
429 const char *name;
430 NTSTATUS ntstatus;
431
432 ntstatus = net_lookup_name_from_sid(c, ctx,
433 &psd->dacl->aces[num_aces].trustee,
434 &domain, &name);
435
436 if (NT_STATUS_IS_OK(ntstatus)) {
437 if (domain && *domain) {
438 acl_str = talloc_asprintf_append(acl_str,
439 "%s%s",
440 domain,
441 sep_str);
442 if (!acl_str) {
443 return -1;
444 }
445 }
446 acl_str = talloc_asprintf_append(acl_str,
447 "%s",
448 name);
449 if (!acl_str) {
450 return -1;
451 }
452
453 } else {
454 struct dom_sid_buf sidstr;
455
456 acl_str = talloc_asprintf_append(
457 acl_str,
458 "%s",
459 dom_sid_str_buf(
460 &psd->dacl->aces[num_aces].trustee,
461 &sidstr));
462 if (!acl_str) {
463 return -1;
464 }
465 }
466 acl_str = talloc_asprintf_append(acl_str, ":");
467 if (!acl_str) {
468 return -1;
469 }
470
471 if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
472 acl_str = talloc_asprintf_append(acl_str, "D,");
473 if (!acl_str) {
474 return -1;
475 }
476 } else {
477 if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
478 acl_str = talloc_asprintf_append(acl_str, "F,");
479 } else {
480 acl_str = talloc_asprintf_append(acl_str, "R,");
481 }
482 if (!acl_str) {
483 return -1;
484 }
485 }
486 }
487
488 /* NOTE: This is smb.conf-like output. Do not translate. */
489 if (pi->op == US_INFO_OP) {
490 d_printf("[%s]\n", cp_sharename );
491 d_printf("path=%s\n", sharepath );
492 d_printf("comment=%s\n", comment);
493 d_printf("%s\n", acl_str);
494 d_printf("guest_ok=%c\n\n", guest_ok ? 'y' : 'n');
495 } else if (pi->op == US_LIST_OP) {
496 d_printf("%s\n", cp_sharename);
497 }
498
499 return 0;
500 }
501
502 /***************************************************************************
503 Print out info (internal detail) on userlevel shares.
504 ***************************************************************************/
505
506 static int net_usershare_info(struct net_context *c, int argc, const char **argv)
507 {
508 fstring wcard;
509 bool only_ours = true;
510 int ret = -1;
511 struct us_priv_info pi;
512 TALLOC_CTX *ctx;
513
514 fstrcpy(wcard, "*");
515
516 if (c->display_usage)
517 return net_usershare_info_usage(c, argc, argv);
518
519 if (c->opt_long_list_entries) {
520 only_ours = false;
521 }
522
523 switch (argc) {
524 case 0:
525 break;
526 case 1:
527 fstrcpy(wcard, argv[0]);
528 break;
529 default:
530 return net_usershare_info_usage(c, argc, argv);
531 }
532
533 if (!strlower_m(wcard)) {
534 return -1;
535 }
536
537 ctx = talloc_init("share_info");
538 ret = get_share_list(ctx, wcard, only_ours);
539 if (ret) {
540 return ret;
541 }
542
543 pi.ctx = ctx;
544 pi.op = US_INFO_OP;
545 pi.c = c;
546
547 ret = process_share_list(info_fn, &pi);
548 talloc_destroy(ctx);
549 return ret;
550 }
551
552 /***************************************************************************
553 Count the current total number of usershares.
554 ***************************************************************************/
555
556 static int count_num_usershares(void)
557 {
558 DIR *dp;
559 struct dirent *de;
560 int num_usershares = 0;
561 TALLOC_CTX *ctx = talloc_tos();
562 char *basepath = get_basepath(ctx);
563
564 if (!basepath) {
565 return -1;
566 }
567
568 dp = opendir(basepath);
569 if (!dp) {
570 d_fprintf(stderr,
571 _("count_num_usershares: cannot open usershare "
572 "directory %s. Error %s\n"),
573 basepath, strerror(errno) );
574 return -1;
575 }
576
577 while((de = readdir(dp)) != 0) {
578 SMB_STRUCT_STAT sbuf;
579 char *path;
580 const char *n = de->d_name;
581
582 /* Ignore . and .. */
583 if (*n == '.') {
584 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
585 continue;
586 }
587 }
588
589 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
590 d_fprintf(stderr,
591 _("count_num_usershares: ignoring bad share "
592 "name %s\n"), n);
593 continue;
594 }
595 path = talloc_asprintf(ctx,
596 "%s/%s",
597 basepath,
598 n);
599 if (!path) {
600 closedir(dp);
601 return -1;
602 }
603
604 if (sys_lstat(path, &sbuf, false) != 0) {
605 d_fprintf(stderr,
606 _("count_num_usershares: can't lstat file %s. "
607 "Error was %s\n"),
608 path, strerror(errno) );
609 continue;
610 }
611
612 if (!S_ISREG(sbuf.st_ex_mode)) {
613 d_fprintf(stderr,
614 _("count_num_usershares: file %s is not a "
615 "regular file. Ignoring.\n"),
616 path );
617 continue;
618 }
619 num_usershares++;
620 }
621
622 closedir(dp);
623 return num_usershares;
624 }
625
626 /***************************************************************************
627 Add a single userlevel share.
628 ***************************************************************************/
629
630 static int net_usershare_add(struct net_context *c, int argc, const char **argv)
631 {
632 TALLOC_CTX *ctx = talloc_stackframe();
633 SMB_STRUCT_STAT sbuf;
634 SMB_STRUCT_STAT lsbuf;
635 char *sharename;
636 const char *cp_sharename;
637 char *full_path;
638 char *full_path_tmp;
639 const char *us_path;
640 const char *us_comment;
641 const char *arg_acl;
642 char *us_acl;
643 char *file_img;
644 int num_aces = 0;
645 int i;
646 int tmpfd;
647 const char *pacl;
648 size_t to_write;
649 uid_t myeuid = geteuid();
650 bool guest_ok = false;
651 int num_usershares;
652 mode_t mask;
653
654 us_comment = "";
655 arg_acl = "S-1-1-0:R";
656
657 if (c->display_usage) {
658 TALLOC_FREE(ctx);
659 return net_usershare_add_usage(c, argc, argv);
660 }
661
662 switch (argc) {
663 case 0:
664 case 1:
665 default:
666 TALLOC_FREE(ctx);
667 return net_usershare_add_usage(c, argc, argv);
668 case 2:
669 cp_sharename = argv[0];
670 sharename = strlower_talloc(ctx, argv[0]);
671 us_path = argv[1];
672 break;
673 case 3:
674 cp_sharename = argv[0];
675 sharename = strlower_talloc(ctx, argv[0]);
676 us_path = argv[1];
677 us_comment = argv[2];
678 break;
679 case 4:
680 cp_sharename = argv[0];
681 sharename = strlower_talloc(ctx, argv[0]);
682 us_path = argv[1];
683 us_comment = argv[2];
684 arg_acl = argv[3];
685 break;
686 case 5:
687 cp_sharename = argv[0];
688 sharename = strlower_talloc(ctx, argv[0]);
689 us_path = argv[1];
690 us_comment = argv[2];
691 arg_acl = argv[3];
692 if (strlen(arg_acl) == 0) {
693 arg_acl = "S-1-1-0:R";
694 }
695 if (!strnequal(argv[4], "guest_ok=", 9)) {
696 TALLOC_FREE(ctx);
697 return net_usershare_add_usage(c, argc, argv);
698 }
699 switch (argv[4][9]) {
700 case 'y':
701 case 'Y':
702 guest_ok = true;
703 break;
704 case 'n':
705 case 'N':
706 guest_ok = false;
707 break;
708 default:
709 TALLOC_FREE(ctx);
710 return net_usershare_add_usage(c, argc, argv);
711 }
712 break;
713 }
714
715 /* Ensure we're under the "usershare max shares" number. Advisory only. */
716 num_usershares = count_num_usershares();
717 if (num_usershares >= lp_usershare_max_shares()) {
718 d_fprintf(stderr,
719 _("net usershare add: maximum number of allowed "
720 "usershares (%d) reached\n"),
721 lp_usershare_max_shares() );
722 TALLOC_FREE(ctx);
723 return -1;
724 }
725
726 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
727 d_fprintf(stderr, _("net usershare add: share name %s contains "
728 "invalid characters (any of %s)\n"),
729 sharename, INVALID_SHARENAME_CHARS);
730 TALLOC_FREE(ctx);
731 return -1;
732 }
733
734 /* Disallow shares the same as users. */
735 if (getpwnam(sharename)) {
736 d_fprintf(stderr,
737 _("net usershare add: share name %s is already a valid "
738 "system user name\n"),
739 sharename );
740 TALLOC_FREE(ctx);
741 return -1;
742 }
743
744 /* Construct the full path for the usershare file. */
745 full_path = get_basepath(ctx);
746 if (!full_path) {
747 TALLOC_FREE(ctx);
748 return -1;
749 }
750 full_path_tmp = talloc_asprintf(ctx,
751 "%s/:tmpXXXXXX",
752 full_path);
753 if (!full_path_tmp) {
754 TALLOC_FREE(ctx);
755 return -1;
756 }
757
758 full_path = talloc_asprintf_append(full_path,
759 "/%s",
760 sharename);
761 if (!full_path) {
762 TALLOC_FREE(ctx);
763 return -1;
764 }
765
766 /* The path *must* be absolute. */
767 if (us_path[0] != '/') {
768 d_fprintf(stderr,
769 _("net usershare add: path %s is not an absolute "
770 "path.\n"),
771 us_path);
772 TALLOC_FREE(ctx);
773 return -1;
774 }
775
776 /* Check the directory to be shared exists. */
777 if (sys_stat(us_path, &sbuf, false) != 0) {
778 d_fprintf(stderr,
779 _("net usershare add: cannot stat path %s to ensure "
780 "this is a directory. Error was %s\n"),
781 us_path, strerror(errno) );
782 TALLOC_FREE(ctx);
783 return -1;
784 }
785
786 if (!S_ISDIR(sbuf.st_ex_mode)) {
787 d_fprintf(stderr,
788 _("net usershare add: path %s is not a directory.\n"),
789 us_path );
790 TALLOC_FREE(ctx);
791 return -1;
792 }
793
794 /* If we're not root, check if we're restricted to sharing out directories
795 that we own only. */
796
797 if ((myeuid != 0) && lp_usershare_owner_only() && (myeuid != sbuf.st_ex_uid)) {
798 d_fprintf(stderr, _("net usershare add: cannot share path %s as "
799 "we are restricted to only sharing directories we own.\n"
800 "\tAsk the administrator to add the line \"usershare owner only = false\" \n"
801 "\tto the [global] section of the smb.conf to allow this.\n"),
802 us_path );
803 TALLOC_FREE(ctx);
804 return -1;
805 }
806
807 /* No validation needed on comment. Now go through and validate the
808 acl string. Convert names to SID's as needed. Then run it through
809 parse_usershare_acl to ensure it's valid. */
810
811 /* Start off the string we'll append to. */
812 us_acl = talloc_strdup(ctx, "");
813 if (!us_acl) {
814 TALLOC_FREE(ctx);
815 return -1;
816 }
817
818 pacl = arg_acl;
819 num_aces = 1;
820
821 /* Add the number of ',' characters to get the number of aces. */
822 num_aces += count_chars(pacl,',');
823
824 for (i = 0; i < num_aces; i++) {
825 struct dom_sid sid;
826 struct dom_sid_buf buf;
827 const char *pcolon = strchr_m(pacl, ':');
828 const char *name;
829
830 if (pcolon == NULL) {
831 d_fprintf(stderr,
832 _("net usershare add: malformed acl %s "
833 "(missing ':').\n"),
834 pacl );
835 TALLOC_FREE(ctx);
836 return -1;
837 }
838
839 switch(pcolon[1]) {
840 case 'f':
841 case 'F':
842 case 'd':
843 case 'r':
844 case 'R':
845 break;
846 default:
847 d_fprintf(stderr,
848 _("net usershare add: malformed acl %s "
849 "(access control must be 'r', 'f', "
850 "or 'd')\n"),
851 pacl );
852 TALLOC_FREE(ctx);
853 return -1;
854 }
855
856 if (pcolon[2] != ',' && pcolon[2] != '\0') {
857 d_fprintf(stderr,
858 _("net usershare add: malformed terminating "
859 "character for acl %s\n"),
860 pacl );
861 TALLOC_FREE(ctx);
862 return -1;
863 }
864
865 /* Get the name */
866 if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
867 d_fprintf(stderr, _("talloc_strndup failed\n"));
868 TALLOC_FREE(ctx);
869 return -1;
870 }
871 if (!string_to_sid(&sid, name)) {
872 /* Convert to a SID */
873 NTSTATUS ntstatus = net_lookup_sid_from_name(c, ctx, name, &sid);
874 if (!NT_STATUS_IS_OK(ntstatus)) {
875 d_fprintf(stderr,
876 _("net usershare add: cannot convert "
877 "name \"%s\" to a SID. %s."),
878 name, get_friendly_nt_error_msg(ntstatus) );
879 if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_CONNECTION_REFUSED)) {
880 d_fprintf(stderr,
881 _(" Maybe smbd is not running.\n"));
882 } else {
883 d_fprintf(stderr, "\n");
884 }
885 TALLOC_FREE(ctx);
886 return -1;
887 }
888 }
889 us_acl = talloc_asprintf_append(
890 us_acl,
891 "%s:%c,",
892 dom_sid_str_buf(&sid, &buf),
893 pcolon[1]);
894 if (us_acl == NULL) {
895 d_fprintf(stderr,
896 _("net usershare add: talloc_asprintf_append() failed\n"));
897 TALLOC_FREE(ctx);
898 return -1;
899 }
900
901 /* Move to the next ACL entry. */
902 if (pcolon[2] == ',') {
903 pacl = &pcolon[3];
904 }
905 }
906
907 /* Remove the last ',' */
908 us_acl[strlen(us_acl)-1] = '\0';
909
910 if (guest_ok && !lp_usershare_allow_guests()) {
911 d_fprintf(stderr, _("net usershare add: guest_ok=y requested "
912 "but the \"usershare allow guests\" parameter is not "
913 "enabled by this server.\n"));
914 TALLOC_FREE(ctx);
915 return -1;
916 }
917
918 /* Create a temporary filename for this share. */
919 mask = umask(S_IRWXO | S_IRWXG);
920 tmpfd = mkstemp(full_path_tmp);
921 umask(mask);
922
923 if (tmpfd == -1) {
924 d_fprintf(stderr,
925 _("net usershare add: cannot create tmp file %s\n"),
926 full_path_tmp );
927 TALLOC_FREE(ctx);
928 return -1;
929 }
930
931 /* Ensure we opened the file we thought we did. */
932 if (sys_lstat(full_path_tmp, &lsbuf, false) != 0) {
933 d_fprintf(stderr,
934 _("net usershare add: cannot lstat tmp file %s\n"),
935 full_path_tmp );
936 TALLOC_FREE(ctx);
937 close(tmpfd);
938 return -1;
939 }
940
941 /* Check this is the same as the file we opened. */
942 if (sys_fstat(tmpfd, &sbuf, false) != 0) {
943 d_fprintf(stderr,
944 _("net usershare add: cannot fstat tmp file %s\n"),
945 full_path_tmp );
946 TALLOC_FREE(ctx);
947 close(tmpfd);
948 return -1;
949 }
950
951 if (!S_ISREG(sbuf.st_ex_mode) || sbuf.st_ex_dev != lsbuf.st_ex_dev || sbuf.st_ex_ino != lsbuf.st_ex_ino) {
952 d_fprintf(stderr,
953 _("net usershare add: tmp file %s is not a regular "
954 "file ?\n"),
955 full_path_tmp );
956 TALLOC_FREE(ctx);
957 close(tmpfd);
958 return -1;
959 }
960
961 if (fchmod(tmpfd, 0644) == -1) {
962 d_fprintf(stderr,
963 _("net usershare add: failed to fchmod tmp file %s "
964 "to 0644\n"),
965 full_path_tmp );
966 TALLOC_FREE(ctx);
967 close(tmpfd);
968 return -1;
969 }
970
971 /* Create the in-memory image of the file. */
972 file_img = talloc_strdup(ctx, "#VERSION 2\npath=");
973 if (file_img == NULL) {
974 d_fprintf(stderr,
975 _("net usershare add: talloc_strdup() failed\n"));
976 TALLOC_FREE(ctx);
977 close(tmpfd);
978 return -1;
979 }
980 file_img = talloc_asprintf_append(file_img,
981 "%s\ncomment=%s\nusershare_acl=%s\n"
982 "guest_ok=%c\nsharename=%s\n",
983 us_path,
984 us_comment,
985 us_acl,
986 guest_ok ? 'y' : 'n',
987 cp_sharename);
988 if (file_img == NULL) {
989 d_fprintf(stderr,
990 _("net usershare add: talloc_asprintf_append() failed\n"));
991 TALLOC_FREE(ctx);
992 close(tmpfd);
993 return -1;
994 }
995
996 to_write = strlen(file_img);
997
998 if (write(tmpfd, file_img, to_write) != to_write) {
999 d_fprintf(stderr,
1000 _("net usershare add: failed to write %u bytes to "
1001 "file %s. Error was %s\n"),
1002 (unsigned int)to_write, full_path_tmp, strerror(errno));
1003 unlink(full_path_tmp);
1004 TALLOC_FREE(ctx);
1005 close(tmpfd);
1006 return -1;
1007 }
1008
1009 /* Attempt to replace any existing share by this name. */
1010 if (rename(full_path_tmp, full_path) != 0) {
1011 unlink(full_path_tmp);
1012 d_fprintf(stderr,
1013 _("net usershare add: failed to add share %s. Error "
1014 "was %s\n"),
1015 sharename, strerror(errno));
1016 TALLOC_FREE(ctx);
1017 close(tmpfd);
1018 return -1;
1019 }
1020
1021 close(tmpfd);
1022
1023 if (c->opt_long_list_entries) {
1024 const char *my_argv[2];
1025 my_argv[0] = sharename;
1026 my_argv[1] = NULL;
1027 net_usershare_info(c, 1, my_argv);
1028 }
1029
1030 TALLOC_FREE(ctx);
1031 return 0;
1032 }
1033
1034 #if 0
1035 /***************************************************************************
1036 List function.
1037 ***************************************************************************/
1038
1039 static int list_fn(struct file_list *fl, void *priv)
1040 {
1041 d_printf("%s\n", fl->pathname);
1042 return 0;
1043 }
1044 #endif
1045
1046 /***************************************************************************
1047 List userlevel shares.
1048 ***************************************************************************/
1049
1050 static int net_usershare_list(struct net_context *c, int argc,
1051 const char **argv)
1052 {
1053 fstring wcard;
1054 bool only_ours = true;
1055 int ret = -1;
1056 struct us_priv_info pi;
1057 TALLOC_CTX *ctx;
1058
1059 fstrcpy(wcard, "*");
1060
1061 if (c->display_usage)
1062 return net_usershare_list_usage(c, argc, argv);
1063
1064 if (c->opt_long_list_entries) {
1065 only_ours = false;
1066 }
1067
1068 switch (argc) {
1069 case 0:
1070 break;
1071 case 1:
1072 fstrcpy(wcard, argv[0]);
1073 break;
1074 default:
1075 return net_usershare_list_usage(c, argc, argv);
1076 }
1077
1078 if (!strlower_m(wcard)) {
1079 return -1;
1080 }
1081
1082 ctx = talloc_init("share_list");
1083 ret = get_share_list(ctx, wcard, only_ours);
1084 if (ret) {
1085 return ret;
1086 }
1087
1088 pi.ctx = ctx;
1089 pi.op = US_LIST_OP;
1090 pi.c = c;
1091
1092 ret = process_share_list(info_fn, &pi);
1093 talloc_destroy(ctx);
1094 return ret;
1095 }
1096
1097 /***************************************************************************
1098 Entry-point for all the USERSHARE functions.
1099 ***************************************************************************/
1100
1101 int net_usershare(struct net_context *c, int argc, const char **argv)
1102 {
1103 const struct loadparm_substitution *lp_sub =
1104 loadparm_s3_global_substitution();
1105 DIR *dp;
1106
1107 struct functable func[] = {
1108 {
1109 "add",
1110 net_usershare_add,
1111 NET_TRANSPORT_LOCAL,
1112 N_("Add/modify user defined share"),
1113 N_("net usershare add\n"
1114 " Add/modify user defined share")
1115 },
1116 {
1117 "delete",
1118 net_usershare_delete,
1119 NET_TRANSPORT_LOCAL,
1120 N_("Delete user defined share"),
1121 N_("net usershare delete\n"
1122 " Delete user defined share")
1123 },
1124 {
1125 "info",
1126 net_usershare_info,
1127 NET_TRANSPORT_LOCAL,
1128 N_("Display information about a user defined share"),
1129 N_("net usershare info\n"
1130 " Display information about a user defined share")
1131 },
1132 {
1133 "list",
1134 net_usershare_list,
1135 NET_TRANSPORT_LOCAL,
1136 N_("List user defined shares"),
1137 N_("net usershare list\n"
1138 " List user defined shares")
1139 },
1140 {NULL, NULL, 0, NULL, NULL}
1141 };
1142
1143 if (lp_usershare_max_shares() == 0) {
1144 d_fprintf(stderr,
1145 _("net usershare: usershares are currently "
1146 "disabled\n"));
1147 return -1;
1148 }
1149
1150 dp = opendir(lp_usershare_path(talloc_tos(), lp_sub));
1151 if (!dp) {
1152 int err = errno;
1153 d_fprintf(stderr,
1154 _("net usershare: cannot open usershare directory %s. "
1155 "Error %s\n"),
1156 lp_usershare_path(talloc_tos(), lp_sub), strerror(err) );
1157 if (err == EACCES) {
1158 d_fprintf(stderr,
1159 _("You do not have permission to create a "
1160 "usershare. Ask your administrator to grant "
1161 "you permissions to create a share.\n"));
1162 } else if (err == ENOENT) {
1163 d_fprintf(stderr,
1164 _("Please ask your system administrator to "
1165 "enable user sharing.\n"));
1166 }
1167 return -1;
1168 }
1169 closedir(dp);
1170
1171 return net_run_function(c, argc, argv, "net usershare", func);
1172 }
Samba GIT mirror