4 IDL structures for xattr file attributes
6 this has nothing to do with RPC, we are just using our NDR/IDL
7 infrastructure as a convenient way to store linearised information
8 about a file in a architecture independent manner
11 import
"security.idl";
15 helper
("../librpc/ndr/ndr_xattr.h"),
16 pyhelper
("librpc/ndr/py_xattr.c"),
17 pointer_default(unique)
21 const char *XATTR_DOSATTRIB_NAME
= "user.DosAttrib";
22 const char *XATTR_DOSATTRIB_NAME_S3
= "user.DOSATTRIB";
23 const int XATTR_DOSATTRIB_ESTIMATED_SIZE
= 64;
25 /* we store basic dos attributes in a DosAttrib xattr. By
26 using a union we can cope with new version of this
27 structure more easily */
30 * the FFFF level is never really used,
31 * it's used to pass the information from
32 * the old hex string attrib information
33 * we have a handwritten parser which converts
34 * the hex string to the xattr_DosInfoFFFFCompat strucure
39 } xattr_DosInfoFFFFCompat
;
51 We use xattrDosInfo1 again when we store values.
52 Because the sticky write time is now stored in the opendb
53 and xattr_DosInfo2Old is only present to parse existing
56 const int XATTR_ATTRIB_FLAG_STICKY_WRITE_TIME = 0x1;
66 NTTIME write_time
; /* only used when sticky write time is set */
70 typedef [bitmap32bit
] bitmap
{
71 XATTR_DOSINFO_ATTRIB
= 0x00000001,
72 XATTR_DOSINFO_EA_SIZE
= 0x00000002,
73 XATTR_DOSINFO_SIZE
= 0x00000004,
74 XATTR_DOSINFO_ALLOC_SIZE
= 0x00000008,
75 XATTR_DOSINFO_CREATE_TIME
= 0x00000010,
76 XATTR_DOSINFO_CHANGE_TIME
= 0x00000020,
77 XATTR_DOSINFO_ITIME
= 0x00000040
78 } xattr_DosInfoValidFlags
;
81 xattr_DosInfoValidFlags valid_flags
;
91 xattr_DosInfoValidFlags valid_flags
;
98 xattr_DosInfoValidFlags valid_flags
;
103 typedef [public,switch_type(uint16
)] union {
104 [case(0xFFFF)] xattr_DosInfoFFFFCompat compatinfoFFFF
;
105 [case(1)] xattr_DosInfo1 info1
;
106 [case(2)] xattr_DosInfo2Old oldinfo2
;
107 [case(3)] xattr_DosInfo3 info3
;
108 [case(4)] xattr_DosInfo4 info4
;
109 [case(5)] xattr_DosInfo5 info5
;
112 typedef [public] struct {
114 [switch_is(version)] xattr_DosInfo info
;
117 typedef [public,nopush
,nopull
,noprint
] struct {
120 [switch_is(version)] xattr_DosInfo info
;
123 /* we store DOS style extended attributes in a DosEAs xattr */
124 const char *XATTR_DOSEAS_NAME
= "user.DosEAs";
131 typedef [public] struct {
133 [size_is(num_eas
)] xattr_EA
*eas
;
136 /* Slightly different version, used by the vfs_xattr_tdb module */
137 typedef [public] struct {
139 xattr_EA eas
[num_eas
];
142 /* we store stream information in this xattr structure. Then
143 the streams themselves are stored in
144 user.DosStream.STREAMNAME or in external files, according
146 const char *XATTR_DOSSTREAMS_NAME
= "user.DosStreams";
148 const int XATTR_STREAM_FLAG_INTERNAL
= 0x00000001;
150 /* stream data is stored in attributes with the given prefix */
151 const char *XATTR_DOSSTREAM_PREFIX
= "user.DosStream.";
153 const int XATTR_MAX_STREAM_SIZE
= 0x4000;
154 const int XATTR_MAX_STREAM_SIZE_TDB
= 0x100000;
163 typedef [public] struct {
165 [size_is(num_streams
)] xattr_DosStream
*streams
;
169 /* we store the NT ACL a NTACL xattr. It is versioned so we
170 can later add other acl attribs (such as posix acl mapping)
172 we put this xattr in the security namespace to ensure that
173 only trusted users can write to the ACL
175 stored in "security.NTACL"
177 Version 1. raw SD stored as Samba4 does it.
178 Version 2. raw SD + last changed hash so we
179 can discard if this doesn't match the underlying ACL hash.
182 const char *XATTR_NTACL_NAME
= "security.NTACL";
184 const int XATTR_SD_HASH_SIZE
= 64;
185 const int XATTR_SD_HASH_TYPE_NONE
= 0x0;
186 const int XATTR_SD_HASH_TYPE_SHA256
= 0x1;
188 typedef [public] struct {
189 security_descriptor
*sd
;
191 } security_descriptor_hash_v2
; /* Hash never used in this version. */
193 typedef [public] struct {
194 security_descriptor
*sd
;
196 uint8 hash
[64]; /* 64 bytes hash. */
197 } security_descriptor_hash_v3
;
199 typedef [public] struct {
200 security_descriptor
*sd
;
202 uint8 hash
[64]; /* 64 bytes hash. */
203 utf8string description
; /* description of what created
204 * this hash (to allow
205 * forensics later, if we have
206 * a bug in one codepath */
208 uint8 sys_acl_hash
[64]; /* 64 bytes hash. */
209 } security_descriptor_hash_v4
;
211 typedef [switch_type(uint16
)] union {
212 [case(1)] security_descriptor
*sd
;
213 [case(2)] security_descriptor_hash_v2
*sd_hs2
;
214 [case(3)] security_descriptor_hash_v3
*sd_hs3
;
215 [case(4)] security_descriptor_hash_v4
*sd_hs4
;
218 typedef [public] struct {
220 [switch_is(version)] xattr_NTACL_Info info
;
224 * A wrapper of the common information required to be in the
225 * hash of the ACL, for the acl_xattr and acl_tdb modules.
227 [public] typedef struct {
228 DATA_BLOB acl_as_blob
;
232 } xattr_sys_acl_hash_wrapper
;