search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vfs_aio_fork: Use a shorter random delay
[Samba.git] / source3 / utils / net_usershare.c
blob8357296f72793734f05a0f0ba421fe8638a974e1
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4
5 Copyright (C) Jeremy Allison (jra@samba.org) 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "system/passwd.h"
23 #include "system/filesys.h"
24 #include "utils/net.h"
25 #include "../libcli/security/security.h"
26
27 struct {
28 const char *us_errstr;
29 enum usershare_err us_err;
30 } us_errs [] = {
31 {"",USERSHARE_OK},
32 {N_("Malformed usershare file"), USERSHARE_MALFORMED_FILE},
33 {N_("Bad version number"), USERSHARE_BAD_VERSION},
34 {N_("Malformed path entry"), USERSHARE_MALFORMED_PATH},
35 {N_("Malformed comment entryfile"), USERSHARE_MALFORMED_COMMENT_DEF},
36 {N_("Malformed acl definition"), USERSHARE_MALFORMED_ACL_DEF},
37 {N_("Acl parse error"), USERSHARE_ACL_ERR},
38 {N_("Path not absolute"), USERSHARE_PATH_NOT_ABSOLUTE},
39 {N_("Path is denied"), USERSHARE_PATH_IS_DENIED},
40 {N_("Path not allowed"), USERSHARE_PATH_NOT_ALLOWED},
41 {N_("Path is not a directory"), USERSHARE_PATH_NOT_DIRECTORY},
42 {N_("System error"), USERSHARE_POSIX_ERR},
43 {N_("Malformed sharename definition"), USERSHARE_MALFORMED_SHARENAME_DEF},
44 {N_("Bad sharename (doesn't match filename)"), USERSHARE_BAD_SHARENAME},
45 {NULL,(enum usershare_err)-1}
46 };
47
48 static const char *get_us_error_code(enum usershare_err us_err)
49 {
50 char *result;
51 int idx = 0;
52
53 while (us_errs[idx].us_errstr != NULL) {
54 if (us_errs[idx].us_err == us_err) {
55 return us_errs[idx].us_errstr;
56 }
57 idx++;
58 }
59
60 result = talloc_asprintf(talloc_tos(), _("Usershare error code (0x%x)"),
61 (unsigned int)us_err);
62 SMB_ASSERT(result != NULL);
63 return result;
64 }
65
66 /* The help subsystem for the USERSHARE subcommand */
67
68 static int net_usershare_add_usage(struct net_context *c, int argc, const char **argv)
69 {
70 char chr = *lp_winbind_separator();
71 d_printf(_(
72 "net usershare add [-l|--long] <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>]\n"
73 "\tAdds the specified share name for this user.\n"
74 "\t<sharename> is the new share name.\n"
75 "\t<path> is the path on the filesystem to export.\n"
76 "\t<comment> is the optional comment for the new share.\n"
77 "\t<acl> is an optional share acl in the format \"DOMAIN%cname:X,DOMAIN%cname:X,....\"\n"
78 "\t<guest_ok=y> if present sets \"guest ok = yes\" on this usershare.\n"
79 "\t\t\"X\" represents a permission and can be any one of the characters f, r or d\n"
80 "\t\twhere \"f\" means full control, \"r\" means read-only, \"d\" means deny access.\n"
81 "\t\tname may be a domain user or group. For local users use the local server name "
82 "instead of \"DOMAIN\"\n"
83 "\t\tThe default acl is \"Everyone:r\" which allows everyone read-only access.\n"
84 "\tAdd -l or --long to print the info on the newly added share.\n"),
85 chr, chr );
86 return -1;
87 }
88
89 static int net_usershare_delete_usage(struct net_context *c, int argc, const char **argv)
90 {
91 d_printf(_(
92 "net usershare delete <sharename>\n"
93 "\tdeletes the specified share name for this user.\n"));
94 return -1;
95 }
96
97 static int net_usershare_info_usage(struct net_context *c, int argc, const char **argv)
98 {
99 d_printf(_(
100 "net usershare info [-l|--long] [wildcard sharename]\n"
101 "\tPrints out the path, comment and acl elements of shares that match the wildcard.\n"
102 "\tBy default only gives info on shares owned by the current user\n"
103 "\tAdd -l or --long to apply this to all shares\n"
104 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
105 return -1;
106 }
107
108 static int net_usershare_list_usage(struct net_context *c, int argc, const char **argv)
109 {
110 d_printf(_(
111 "net usershare list [-l|--long] [wildcard sharename]\n"
112 "\tLists the names of all shares that match the wildcard.\n"
113 "\tBy default only lists shares owned by the current user\n"
114 "\tAdd -l or --long to apply this to all shares\n"
115 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
116 return -1;
117 }
118
119 int net_usershare_usage(struct net_context *c, int argc, const char **argv)
120 {
121 d_printf(_("net usershare add <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>] to "
122 "add or change a user defined share.\n"
123 "net usershare delete <sharename> to delete a user defined share.\n"
124 "net usershare info [-l|--long] [wildcard sharename] to print info about a user defined share.\n"
125 "net usershare list [-l|--long] [wildcard sharename] to list user defined shares.\n"
126 "net usershare help\n"
127 "\nType \"net usershare help <option>\" to get more information on that option\n\n"));
128
129 net_common_flags_usage(c, argc, argv);
130 return -1;
131 }
132
133 /***************************************************************************
134 ***************************************************************************/
135
136 static char *get_basepath(TALLOC_CTX *ctx)
137 {
138 char *basepath = lp_usershare_path(ctx);
139
140 if (!basepath) {
141 return NULL;
142 }
143 if ((basepath[0] != '\0') && (basepath[strlen(basepath)-1] == '/')) {
144 basepath[strlen(basepath)-1] = '\0';
145 }
146 return basepath;
147 }
148
149 /***************************************************************************
150 Delete a single userlevel share.
151 ***************************************************************************/
152
153 static int net_usershare_delete(struct net_context *c, int argc, const char **argv)
154 {
155 char *us_path;
156 char *sharename;
157
158 if (argc != 1 || c->display_usage) {
159 return net_usershare_delete_usage(c, argc, argv);
160 }
161
162 if ((sharename = strlower_talloc(talloc_tos(), argv[0])) == NULL) {
163 d_fprintf(stderr, _("strlower_talloc failed\n"));
164 return -1;
165 }
166
167 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
168 d_fprintf(stderr, _("net usershare delete: share name %s contains "
169 "invalid characters (any of %s)\n"),
170 sharename, INVALID_SHARENAME_CHARS);
171 TALLOC_FREE(sharename);
172 return -1;
173 }
174
175 us_path = talloc_asprintf(talloc_tos(),
176 "%s/%s",
177 lp_usershare_path(talloc_tos()),
178 sharename);
179 if (!us_path) {
180 TALLOC_FREE(sharename);
181 return -1;
182 }
183
184 if (unlink(us_path) != 0) {
185 d_fprintf(stderr, _("net usershare delete: unable to remove usershare %s. "
186 "Error was %s\n"),
187 us_path, strerror(errno));
188 TALLOC_FREE(sharename);
189 return -1;
190 }
191 TALLOC_FREE(sharename);
192 return 0;
193 }
194
195 /***************************************************************************
196 Data structures to handle a list of usershare files.
197 ***************************************************************************/
198
199 struct file_list {
200 struct file_list *next, *prev;
201 const char *pathname;
202 };
203
204 static struct file_list *flist;
205
206 /***************************************************************************
207 ***************************************************************************/
208
209 static int get_share_list(TALLOC_CTX *ctx, const char *wcard, bool only_ours)
210 {
211 DIR *dp;
212 struct dirent *de;
213 uid_t myuid = geteuid();
214 struct file_list *fl = NULL;
215 char *basepath = get_basepath(ctx);
216
217 if (!basepath) {
218 return -1;
219 }
220 dp = opendir(basepath);
221 if (!dp) {
222 d_fprintf(stderr,
223 _("get_share_list: cannot open usershare directory %s. "
224 "Error %s\n"),
225 basepath, strerror(errno) );
226 return -1;
227 }
228
229 while((de = readdir(dp)) != 0) {
230 SMB_STRUCT_STAT sbuf;
231 char *path;
232 const char *n = de->d_name;
233
234 /* Ignore . and .. */
235 if (*n == '.') {
236 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
237 continue;
238 }
239 }
240
241 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
242 d_fprintf(stderr,
243 _("get_share_list: ignoring bad share "
244 "name %s\n"), n);
245 continue;
246 }
247 path = talloc_asprintf(ctx,
248 "%s/%s",
249 basepath,
250 n);
251 if (!path) {
252 closedir(dp);
253 return -1;
254 }
255
256 if (sys_lstat(path, &sbuf, false) != 0) {
257 d_fprintf(stderr,
258 _("get_share_list: can't lstat file %s. Error "
259 "was %s\n"),
260 path, strerror(errno) );
261 continue;
262 }
263
264 if (!S_ISREG(sbuf.st_ex_mode)) {
265 d_fprintf(stderr,
266 _("get_share_list: file %s is not a regular "
267 "file. Ignoring.\n"),
268 path );
269 continue;
270 }
271
272 if (only_ours && sbuf.st_ex_uid != myuid) {
273 continue;
274 }
275
276 if (!unix_wild_match(wcard, n)) {
277 continue;
278 }
279
280 /* (Finally) - add to list. */
281 fl = talloc(ctx, struct file_list);
282 if (!fl) {
283 closedir(dp);
284 return -1;
285 }
286 fl->pathname = talloc_strdup(ctx, n);
287 if (!fl->pathname) {
288 closedir(dp);
289 return -1;
290 }
291
292 DLIST_ADD(flist, fl);
293 }
294
295 closedir(dp);
296 return 0;
297 }
298
299 enum us_priv_op { US_LIST_OP, US_INFO_OP};
300
301 struct us_priv_info {
302 TALLOC_CTX *ctx;
303 enum us_priv_op op;
304 struct net_context *c;
305 };
306
307 /***************************************************************************
308 Call a function for every share on the list.
309 ***************************************************************************/
310
311 static int process_share_list(int (*fn)(struct file_list *, void *), void *priv)
312 {
313 struct file_list *fl;
314 int ret = 0;
315
316 for (fl = flist; fl; fl = fl->next) {
317 ret = (*fn)(fl, priv);
318 }
319
320 return ret;
321 }
322
323 /***************************************************************************
324 Info function.
325 ***************************************************************************/
326
327 static int info_fn(struct file_list *fl, void *priv)
328 {
329 SMB_STRUCT_STAT sbuf;
330 char **lines = NULL;
331 struct us_priv_info *pi = (struct us_priv_info *)priv;
332 TALLOC_CTX *ctx = pi->ctx;
333 struct net_context *c = pi->c;
334 int fd = -1;
335 int numlines = 0;
336 struct security_descriptor *psd = NULL;
337 char *basepath;
338 char *sharepath = NULL;
339 char *comment = NULL;
340 char *cp_sharename = NULL;
341 char *acl_str;
342 int num_aces;
343 char sep_str[2];
344 enum usershare_err us_err;
345 bool guest_ok = false;
346
347 sep_str[0] = *lp_winbind_separator();
348 sep_str[1] = '\0';
349
350 basepath = get_basepath(ctx);
351 if (!basepath) {
352 return -1;
353 }
354 basepath = talloc_asprintf_append(basepath,
355 "/%s",
356 fl->pathname);
357 if (!basepath) {
358 return -1;
359 }
360
361 #ifdef O_NOFOLLOW
362 fd = open(basepath, O_RDONLY|O_NOFOLLOW, 0);
363 #else
364 fd = open(basepath, O_RDONLY, 0);
365 #endif
366
367 if (fd == -1) {
368 d_fprintf(stderr, _("info_fn: unable to open %s. %s\n"),
369 basepath, strerror(errno) );
370 return -1;
371 }
372
373 /* Paranoia... */
374 if (sys_fstat(fd, &sbuf, false) != 0) {
375 d_fprintf(stderr,
376 _("info_fn: can't fstat file %s. Error was %s\n"),
377 basepath, strerror(errno) );
378 close(fd);
379 return -1;
380 }
381
382 if (!S_ISREG(sbuf.st_ex_mode)) {
383 d_fprintf(stderr,
384 _("info_fn: file %s is not a regular file. Ignoring.\n"),
385 basepath );
386 close(fd);
387 return -1;
388 }
389
390 lines = fd_lines_load(fd, &numlines, 10240, NULL);
391 close(fd);
392
393 if (lines == NULL) {
394 return -1;
395 }
396
397 /* Ensure it's well formed. */
398 us_err = parse_usershare_file(ctx, &sbuf, fl->pathname, -1, lines, numlines,
399 &sharepath,
400 &comment,
401 &cp_sharename,
402 &psd,
403 &guest_ok);
404
405 TALLOC_FREE(lines);
406
407 if (us_err != USERSHARE_OK) {
408 d_fprintf(stderr,
409 _("info_fn: file %s is not a well formed usershare "
410 "file.\n"),
411 basepath );
412 d_fprintf(stderr, _("info_fn: Error was %s.\n"),
413 get_us_error_code(us_err) );
414 return -1;
415 }
416
417 acl_str = talloc_strdup(ctx, "usershare_acl=");
418 if (!acl_str) {
419 return -1;
420 }
421
422 for (num_aces = 0; num_aces < psd->dacl->num_aces; num_aces++) {
423 const char *domain;
424 const char *name;
425 NTSTATUS ntstatus;
426
427 ntstatus = net_lookup_name_from_sid(c, ctx,
428 &psd->dacl->aces[num_aces].trustee,
429 &domain, &name);
430
431 if (NT_STATUS_IS_OK(ntstatus)) {
432 if (domain && *domain) {
433 acl_str = talloc_asprintf_append(acl_str,
434 "%s%s",
435 domain,
436 sep_str);
437 if (!acl_str) {
438 return -1;
439 }
440 }
441 acl_str = talloc_asprintf_append(acl_str,
442 "%s",
443 name);
444 if (!acl_str) {
445 return -1;
446 }
447
448 } else {
449 fstring sidstr;
450 sid_to_fstring(sidstr,
451 &psd->dacl->aces[num_aces].trustee);
452 acl_str = talloc_asprintf_append(acl_str,
453 "%s",
454 sidstr);
455 if (!acl_str) {
456 return -1;
457 }
458 }
459 acl_str = talloc_asprintf_append(acl_str, ":");
460 if (!acl_str) {
461 return -1;
462 }
463
464 if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
465 acl_str = talloc_asprintf_append(acl_str, "D,");
466 if (!acl_str) {
467 return -1;
468 }
469 } else {
470 if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
471 acl_str = talloc_asprintf_append(acl_str, "F,");
472 } else {
473 acl_str = talloc_asprintf_append(acl_str, "R,");
474 }
475 if (!acl_str) {
476 return -1;
477 }
478 }
479 }
480
481 /* NOTE: This is smb.conf-like output. Do not translate. */
482 if (pi->op == US_INFO_OP) {
483 d_printf("[%s]\n", cp_sharename );
484 d_printf("path=%s\n", sharepath );
485 d_printf("comment=%s\n", comment);
486 d_printf("%s\n", acl_str);
487 d_printf("guest_ok=%c\n\n", guest_ok ? 'y' : 'n');
488 } else if (pi->op == US_LIST_OP) {
489 d_printf("%s\n", cp_sharename);
490 }
491
492 return 0;
493 }
494
495 /***************************************************************************
496 Print out info (internal detail) on userlevel shares.
497 ***************************************************************************/
498
499 static int net_usershare_info(struct net_context *c, int argc, const char **argv)
500 {
501 fstring wcard;
502 bool only_ours = true;
503 int ret = -1;
504 struct us_priv_info pi;
505 TALLOC_CTX *ctx;
506
507 fstrcpy(wcard, "*");
508
509 if (c->display_usage)
510 return net_usershare_info_usage(c, argc, argv);
511
512 if (c->opt_long_list_entries) {
513 only_ours = false;
514 }
515
516 switch (argc) {
517 case 0:
518 break;
519 case 1:
520 fstrcpy(wcard, argv[0]);
521 break;
522 default:
523 return net_usershare_info_usage(c, argc, argv);
524 }
525
526 if (!strlower_m(wcard)) {
527 return -1;
528 }
529
530 ctx = talloc_init("share_info");
531 ret = get_share_list(ctx, wcard, only_ours);
532 if (ret) {
533 return ret;
534 }
535
536 pi.ctx = ctx;
537 pi.op = US_INFO_OP;
538 pi.c = c;
539
540 ret = process_share_list(info_fn, &pi);
541 talloc_destroy(ctx);
542 return ret;
543 }
544
545 /***************************************************************************
546 Count the current total number of usershares.
547 ***************************************************************************/
548
549 static int count_num_usershares(void)
550 {
551 DIR *dp;
552 struct dirent *de;
553 int num_usershares = 0;
554 TALLOC_CTX *ctx = talloc_tos();
555 char *basepath = get_basepath(ctx);
556
557 if (!basepath) {
558 return -1;
559 }
560
561 dp = opendir(basepath);
562 if (!dp) {
563 d_fprintf(stderr,
564 _("count_num_usershares: cannot open usershare "
565 "directory %s. Error %s\n"),
566 basepath, strerror(errno) );
567 return -1;
568 }
569
570 while((de = readdir(dp)) != 0) {
571 SMB_STRUCT_STAT sbuf;
572 char *path;
573 const char *n = de->d_name;
574
575 /* Ignore . and .. */
576 if (*n == '.') {
577 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
578 continue;
579 }
580 }
581
582 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
583 d_fprintf(stderr,
584 _("count_num_usershares: ignoring bad share "
585 "name %s\n"), n);
586 continue;
587 }
588 path = talloc_asprintf(ctx,
589 "%s/%s",
590 basepath,
591 n);
592 if (!path) {
593 closedir(dp);
594 return -1;
595 }
596
597 if (sys_lstat(path, &sbuf, false) != 0) {
598 d_fprintf(stderr,
599 _("count_num_usershares: can't lstat file %s. "
600 "Error was %s\n"),
601 path, strerror(errno) );
602 continue;
603 }
604
605 if (!S_ISREG(sbuf.st_ex_mode)) {
606 d_fprintf(stderr,
607 _("count_num_usershares: file %s is not a "
608 "regular file. Ignoring.\n"),
609 path );
610 continue;
611 }
612 num_usershares++;
613 }
614
615 closedir(dp);
616 return num_usershares;
617 }
618
619 /***************************************************************************
620 Add a single userlevel share.
621 ***************************************************************************/
622
623 static int net_usershare_add(struct net_context *c, int argc, const char **argv)
624 {
625 TALLOC_CTX *ctx = talloc_stackframe();
626 SMB_STRUCT_STAT sbuf;
627 SMB_STRUCT_STAT lsbuf;
628 char *sharename;
629 const char *cp_sharename;
630 char *full_path;
631 char *full_path_tmp;
632 const char *us_path;
633 const char *us_comment;
634 const char *arg_acl;
635 char *us_acl;
636 char *file_img;
637 int num_aces = 0;
638 int i;
639 int tmpfd;
640 const char *pacl;
641 size_t to_write;
642 uid_t myeuid = geteuid();
643 bool guest_ok = false;
644 int num_usershares;
645 mode_t mask;
646
647 us_comment = "";
648 arg_acl = "S-1-1-0:R";
649
650 if (c->display_usage) {
651 TALLOC_FREE(ctx);
652 return net_usershare_add_usage(c, argc, argv);
653 }
654
655 switch (argc) {
656 case 0:
657 case 1:
658 default:
659 TALLOC_FREE(ctx);
660 return net_usershare_add_usage(c, argc, argv);
661 case 2:
662 cp_sharename = argv[0];
663 sharename = strlower_talloc(ctx, argv[0]);
664 us_path = argv[1];
665 break;
666 case 3:
667 cp_sharename = argv[0];
668 sharename = strlower_talloc(ctx, argv[0]);
669 us_path = argv[1];
670 us_comment = argv[2];
671 break;
672 case 4:
673 cp_sharename = argv[0];
674 sharename = strlower_talloc(ctx, argv[0]);
675 us_path = argv[1];
676 us_comment = argv[2];
677 arg_acl = argv[3];
678 break;
679 case 5:
680 cp_sharename = argv[0];
681 sharename = strlower_talloc(ctx, argv[0]);
682 us_path = argv[1];
683 us_comment = argv[2];
684 arg_acl = argv[3];
685 if (strlen(arg_acl) == 0) {
686 arg_acl = "S-1-1-0:R";
687 }
688 if (!strnequal(argv[4], "guest_ok=", 9)) {
689 TALLOC_FREE(ctx);
690 return net_usershare_add_usage(c, argc, argv);
691 }
692 switch (argv[4][9]) {
693 case 'y':
694 case 'Y':
695 guest_ok = true;
696 break;
697 case 'n':
698 case 'N':
699 guest_ok = false;
700 break;
701 default:
702 TALLOC_FREE(ctx);
703 return net_usershare_add_usage(c, argc, argv);
704 }
705 break;
706 }
707
708 /* Ensure we're under the "usershare max shares" number. Advisory only. */
709 num_usershares = count_num_usershares();
710 if (num_usershares >= lp_usershare_max_shares()) {
711 d_fprintf(stderr,
712 _("net usershare add: maximum number of allowed "
713 "usershares (%d) reached\n"),
714 lp_usershare_max_shares() );
715 TALLOC_FREE(ctx);
716 return -1;
717 }
718
719 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
720 d_fprintf(stderr, _("net usershare add: share name %s contains "
721 "invalid characters (any of %s)\n"),
722 sharename, INVALID_SHARENAME_CHARS);
723 TALLOC_FREE(ctx);
724 return -1;
725 }
726
727 /* Disallow shares the same as users. */
728 if (getpwnam(sharename)) {
729 d_fprintf(stderr,
730 _("net usershare add: share name %s is already a valid "
731 "system user name\n"),
732 sharename );
733 TALLOC_FREE(ctx);
734 return -1;
735 }
736
737 /* Construct the full path for the usershare file. */
738 full_path = get_basepath(ctx);
739 if (!full_path) {
740 TALLOC_FREE(ctx);
741 return -1;
742 }
743 full_path_tmp = talloc_asprintf(ctx,
744 "%s/:tmpXXXXXX",
745 full_path);
746 if (!full_path_tmp) {
747 TALLOC_FREE(ctx);
748 return -1;
749 }
750
751 full_path = talloc_asprintf_append(full_path,
752 "/%s",
753 sharename);
754 if (!full_path) {
755 TALLOC_FREE(ctx);
756 return -1;
757 }
758
759 /* The path *must* be absolute. */
760 if (us_path[0] != '/') {
761 d_fprintf(stderr,
762 _("net usershare add: path %s is not an absolute "
763 "path.\n"),
764 us_path);
765 TALLOC_FREE(ctx);
766 return -1;
767 }
768
769 /* Check the directory to be shared exists. */
770 if (sys_stat(us_path, &sbuf, false) != 0) {
771 d_fprintf(stderr,
772 _("net usershare add: cannot stat path %s to ensure "
773 "this is a directory. Error was %s\n"),
774 us_path, strerror(errno) );
775 TALLOC_FREE(ctx);
776 return -1;
777 }
778
779 if (!S_ISDIR(sbuf.st_ex_mode)) {
780 d_fprintf(stderr,
781 _("net usershare add: path %s is not a directory.\n"),
782 us_path );
783 TALLOC_FREE(ctx);
784 return -1;
785 }
786
787 /* If we're not root, check if we're restricted to sharing out directories
788 that we own only. */
789
790 if ((myeuid != 0) && lp_usershare_owner_only() && (myeuid != sbuf.st_ex_uid)) {
791 d_fprintf(stderr, _("net usershare add: cannot share path %s as "
792 "we are restricted to only sharing directories we own.\n"
793 "\tAsk the administrator to add the line \"usershare owner only = false\" \n"
794 "\tto the [global] section of the smb.conf to allow this.\n"),
795 us_path );
796 TALLOC_FREE(ctx);
797 return -1;
798 }
799
800 /* No validation needed on comment. Now go through and validate the
801 acl string. Convert names to SID's as needed. Then run it through
802 parse_usershare_acl to ensure it's valid. */
803
804 /* Start off the string we'll append to. */
805 us_acl = talloc_strdup(ctx, "");
806 if (!us_acl) {
807 TALLOC_FREE(ctx);
808 return -1;
809 }
810
811 pacl = arg_acl;
812 num_aces = 1;
813
814 /* Add the number of ',' characters to get the number of aces. */
815 num_aces += count_chars(pacl,',');
816
817 for (i = 0; i < num_aces; i++) {
818 struct dom_sid sid;
819 const char *pcolon = strchr_m(pacl, ':');
820 const char *name;
821
822 if (pcolon == NULL) {
823 d_fprintf(stderr,
824 _("net usershare add: malformed acl %s "
825 "(missing ':').\n"),
826 pacl );
827 TALLOC_FREE(ctx);
828 return -1;
829 }
830
831 switch(pcolon[1]) {
832 case 'f':
833 case 'F':
834 case 'd':
835 case 'r':
836 case 'R':
837 break;
838 default:
839 d_fprintf(stderr,
840 _("net usershare add: malformed acl %s "
841 "(access control must be 'r', 'f', "
842 "or 'd')\n"),
843 pacl );
844 TALLOC_FREE(ctx);
845 return -1;
846 }
847
848 if (pcolon[2] != ',' && pcolon[2] != '\0') {
849 d_fprintf(stderr,
850 _("net usershare add: malformed terminating "
851 "character for acl %s\n"),
852 pacl );
853 TALLOC_FREE(ctx);
854 return -1;
855 }
856
857 /* Get the name */
858 if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
859 d_fprintf(stderr, _("talloc_strndup failed\n"));
860 TALLOC_FREE(ctx);
861 return -1;
862 }
863 if (!string_to_sid(&sid, name)) {
864 /* Convert to a SID */
865 NTSTATUS ntstatus = net_lookup_sid_from_name(c, ctx, name, &sid);
866 if (!NT_STATUS_IS_OK(ntstatus)) {
867 d_fprintf(stderr,
868 _("net usershare add: cannot convert "
869 "name \"%s\" to a SID. %s."),
870 name, get_friendly_nt_error_msg(ntstatus) );
871 if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_CONNECTION_REFUSED)) {
872 d_fprintf(stderr,
873 _(" Maybe smbd is not running.\n"));
874 } else {
875 d_fprintf(stderr, "\n");
876 }
877 TALLOC_FREE(ctx);
878 return -1;
879 }
880 }
881 us_acl = talloc_asprintf_append(
882 us_acl, "%s:%c,", sid_string_tos(&sid), pcolon[1]);
883
884 /* Move to the next ACL entry. */
885 if (pcolon[2] == ',') {
886 pacl = &pcolon[3];
887 }
888 }
889
890 /* Remove the last ',' */
891 us_acl[strlen(us_acl)-1] = '\0';
892
893 if (guest_ok && !lp_usershare_allow_guests()) {
894 d_fprintf(stderr, _("net usershare add: guest_ok=y requested "
895 "but the \"usershare allow guests\" parameter is not "
896 "enabled by this server.\n"));
897 TALLOC_FREE(ctx);
898 return -1;
899 }
900
901 /* Create a temporary filename for this share. */
902 mask = umask(S_IRWXO | S_IRWXG);
903 tmpfd = mkstemp(full_path_tmp);
904 umask(mask);
905
906 if (tmpfd == -1) {
907 d_fprintf(stderr,
908 _("net usershare add: cannot create tmp file %s\n"),
909 full_path_tmp );
910 TALLOC_FREE(ctx);
911 return -1;
912 }
913
914 /* Ensure we opened the file we thought we did. */
915 if (sys_lstat(full_path_tmp, &lsbuf, false) != 0) {
916 d_fprintf(stderr,
917 _("net usershare add: cannot lstat tmp file %s\n"),
918 full_path_tmp );
919 TALLOC_FREE(ctx);
920 close(tmpfd);
921 return -1;
922 }
923
924 /* Check this is the same as the file we opened. */
925 if (sys_fstat(tmpfd, &sbuf, false) != 0) {
926 d_fprintf(stderr,
927 _("net usershare add: cannot fstat tmp file %s\n"),
928 full_path_tmp );
929 TALLOC_FREE(ctx);
930 close(tmpfd);
931 return -1;
932 }
933
934 if (!S_ISREG(sbuf.st_ex_mode) || sbuf.st_ex_dev != lsbuf.st_ex_dev || sbuf.st_ex_ino != lsbuf.st_ex_ino) {
935 d_fprintf(stderr,
936 _("net usershare add: tmp file %s is not a regular "
937 "file ?\n"),
938 full_path_tmp );
939 TALLOC_FREE(ctx);
940 close(tmpfd);
941 return -1;
942 }
943
944 if (fchmod(tmpfd, 0644) == -1) {
945 d_fprintf(stderr,
946 _("net usershare add: failed to fchmod tmp file %s "
947 "to 0644n"),
948 full_path_tmp );
949 TALLOC_FREE(ctx);
950 close(tmpfd);
951 return -1;
952 }
953
954 /* Create the in-memory image of the file. */
955 file_img = talloc_strdup(ctx, "#VERSION 2\npath=");
956 file_img = talloc_asprintf_append(file_img,
957 "%s\ncomment=%s\nusershare_acl=%s\n"
958 "guest_ok=%c\nsharename=%s\n",
959 us_path,
960 us_comment,
961 us_acl,
962 guest_ok ? 'y' : 'n',
963 cp_sharename);
964
965 to_write = strlen(file_img);
966
967 if (write(tmpfd, file_img, to_write) != to_write) {
968 d_fprintf(stderr,
969 _("net usershare add: failed to write %u bytes to "
970 "file %s. Error was %s\n"),
971 (unsigned int)to_write, full_path_tmp, strerror(errno));
972 unlink(full_path_tmp);
973 TALLOC_FREE(ctx);
974 close(tmpfd);
975 return -1;
976 }
977
978 /* Attempt to replace any existing share by this name. */
979 if (rename(full_path_tmp, full_path) != 0) {
980 unlink(full_path_tmp);
981 d_fprintf(stderr,
982 _("net usershare add: failed to add share %s. Error "
983 "was %s\n"),
984 sharename, strerror(errno));
985 TALLOC_FREE(ctx);
986 close(tmpfd);
987 return -1;
988 }
989
990 close(tmpfd);
991
992 if (c->opt_long_list_entries) {
993 const char *my_argv[2];
994 my_argv[0] = sharename;
995 my_argv[1] = NULL;
996 net_usershare_info(c, 1, my_argv);
997 }
998
999 TALLOC_FREE(ctx);
1000 return 0;
1001 }
1002
1003 #if 0
1004 /***************************************************************************
1005 List function.
1006 ***************************************************************************/
1007
1008 static int list_fn(struct file_list *fl, void *priv)
1009 {
1010 d_printf("%s\n", fl->pathname);
1011 return 0;
1012 }
1013 #endif
1014
1015 /***************************************************************************
1016 List userlevel shares.
1017 ***************************************************************************/
1018
1019 static int net_usershare_list(struct net_context *c, int argc,
1020 const char **argv)
1021 {
1022 fstring wcard;
1023 bool only_ours = true;
1024 int ret = -1;
1025 struct us_priv_info pi;
1026 TALLOC_CTX *ctx;
1027
1028 fstrcpy(wcard, "*");
1029
1030 if (c->display_usage)
1031 return net_usershare_list_usage(c, argc, argv);
1032
1033 if (c->opt_long_list_entries) {
1034 only_ours = false;
1035 }
1036
1037 switch (argc) {
1038 case 0:
1039 break;
1040 case 1:
1041 fstrcpy(wcard, argv[0]);
1042 break;
1043 default:
1044 return net_usershare_list_usage(c, argc, argv);
1045 }
1046
1047 if (!strlower_m(wcard)) {
1048 return -1;
1049 }
1050
1051 ctx = talloc_init("share_list");
1052 ret = get_share_list(ctx, wcard, only_ours);
1053 if (ret) {
1054 return ret;
1055 }
1056
1057 pi.ctx = ctx;
1058 pi.op = US_LIST_OP;
1059 pi.c = c;
1060
1061 ret = process_share_list(info_fn, &pi);
1062 talloc_destroy(ctx);
1063 return ret;
1064 }
1065
1066 /***************************************************************************
1067 Entry-point for all the USERSHARE functions.
1068 ***************************************************************************/
1069
1070 int net_usershare(struct net_context *c, int argc, const char **argv)
1071 {
1072 DIR *dp;
1073
1074 struct functable func[] = {
1075 {
1076 "add",
1077 net_usershare_add,
1078 NET_TRANSPORT_LOCAL,
1079 N_("Add/modify user defined share"),
1080 N_("net usershare add\n"
1081 " Add/modify user defined share")
1082 },
1083 {
1084 "delete",
1085 net_usershare_delete,
1086 NET_TRANSPORT_LOCAL,
1087 N_("Delete user defined share"),
1088 N_("net usershare delete\n"
1089 " Delete user defined share")
1090 },
1091 {
1092 "info",
1093 net_usershare_info,
1094 NET_TRANSPORT_LOCAL,
1095 N_("Display information about a user defined share"),
1096 N_("net usershare info\n"
1097 " Display information about a user defined share")
1098 },
1099 {
1100 "list",
1101 net_usershare_list,
1102 NET_TRANSPORT_LOCAL,
1103 N_("List user defined shares"),
1104 N_("net usershare list\n"
1105 " List user defined shares")
1106 },
1107 {NULL, NULL, 0, NULL, NULL}
1108 };
1109
1110 if (lp_usershare_max_shares() == 0) {
1111 d_fprintf(stderr,
1112 _("net usershare: usershares are currently "
1113 "disabled\n"));
1114 return -1;
1115 }
1116
1117 dp = opendir(lp_usershare_path(talloc_tos()));
1118 if (!dp) {
1119 int err = errno;
1120 d_fprintf(stderr,
1121 _("net usershare: cannot open usershare directory %s. "
1122 "Error %s\n"),
1123 lp_usershare_path(talloc_tos()), strerror(err) );
1124 if (err == EACCES) {
1125 d_fprintf(stderr,
1126 _("You do not have permission to create a "
1127 "usershare. Ask your administrator to grant "
1128 "you permissions to create a share.\n"));
1129 } else if (err == ENOENT) {
1130 d_fprintf(stderr,
1131 _("Please ask your system administrator to "
1132 "enable user sharing.\n"));
1133 }
1134 return -1;
1135 }
1136 closedir(dp);
1137
1138 return net_run_function(c, argc, argv, "net usershare", func);
1139 }
Samba GIT mirror