search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Pass the "fake dir create times" parameter to sys_*stat
[Samba.git] / source3 / utils / net_usershare.c
blob9e2bf2940987efe2f69c2be4f07ebb4450805483
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4
5 Copyright (C) Jeremy Allison (jra@samba.org) 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "utils/net.h"
23
24 struct {
25 const char *us_errstr;
26 enum usershare_err us_err;
27 } us_errs [] = {
28 {"",USERSHARE_OK},
29 {N_("Malformed usershare file"), USERSHARE_MALFORMED_FILE},
30 {N_("Bad version number"), USERSHARE_BAD_VERSION},
31 {N_("Malformed path entry"), USERSHARE_MALFORMED_PATH},
32 {N_("Malformed comment entryfile"), USERSHARE_MALFORMED_COMMENT_DEF},
33 {N_("Malformed acl definition"), USERSHARE_MALFORMED_ACL_DEF},
34 {N_("Acl parse error"), USERSHARE_ACL_ERR},
35 {N_("Path not absolute"), USERSHARE_PATH_NOT_ABSOLUTE},
36 {N_("Path is denied"), USERSHARE_PATH_IS_DENIED},
37 {N_("Path not allowed"), USERSHARE_PATH_NOT_ALLOWED},
38 {N_("Path is not a directory"), USERSHARE_PATH_NOT_DIRECTORY},
39 {N_("System error"), USERSHARE_POSIX_ERR},
40 {NULL,(enum usershare_err)-1}
41 };
42
43 static const char *get_us_error_code(enum usershare_err us_err)
44 {
45 char *result;
46 int idx = 0;
47
48 while (us_errs[idx].us_errstr != NULL) {
49 if (us_errs[idx].us_err == us_err) {
50 return us_errs[idx].us_errstr;
51 }
52 idx++;
53 }
54
55 result = talloc_asprintf(talloc_tos(), _("Usershare error code (0x%x)"),
56 (unsigned int)us_err);
57 SMB_ASSERT(result != NULL);
58 return result;
59 }
60
61 /* The help subsystem for the USERSHARE subcommand */
62
63 static int net_usershare_add_usage(struct net_context *c, int argc, const char **argv)
64 {
65 char chr = *lp_winbind_separator();
66 d_printf(_(
67 "net usershare add [-l|--long] <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>]\n"
68 "\tAdds the specified share name for this user.\n"
69 "\t<sharename> is the new share name.\n"
70 "\t<path> is the path on the filesystem to export.\n"
71 "\t<comment> is the optional comment for the new share.\n"
72 "\t<acl> is an optional share acl in the format \"DOMAIN%cname:X,DOMAIN%cname:X,....\"\n"
73 "\t<guest_ok=y> if present sets \"guest ok = yes\" on this usershare.\n"
74 "\t\t\"X\" represents a permission and can be any one of the characters f, r or d\n"
75 "\t\twhere \"f\" means full control, \"r\" means read-only, \"d\" means deny access.\n"
76 "\t\tname may be a domain user or group. For local users use the local server name "
77 "instead of \"DOMAIN\"\n"
78 "\t\tThe default acl is \"Everyone:r\" which allows everyone read-only access.\n"
79 "\tAdd -l or --long to print the info on the newly added share.\n"),
80 chr, chr );
81 return -1;
82 }
83
84 static int net_usershare_delete_usage(struct net_context *c, int argc, const char **argv)
85 {
86 d_printf(_(
87 "net usershare delete <sharename>\n"
88 "\tdeletes the specified share name for this user.\n"));
89 return -1;
90 }
91
92 static int net_usershare_info_usage(struct net_context *c, int argc, const char **argv)
93 {
94 d_printf(_(
95 "net usershare info [-l|--long] [wildcard sharename]\n"
96 "\tPrints out the path, comment and acl elements of shares that match the wildcard.\n"
97 "\tBy default only gives info on shares owned by the current user\n"
98 "\tAdd -l or --long to apply this to all shares\n"
99 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
100 return -1;
101 }
102
103 static int net_usershare_list_usage(struct net_context *c, int argc, const char **argv)
104 {
105 d_printf(_(
106 "net usershare list [-l|--long] [wildcard sharename]\n"
107 "\tLists the names of all shares that match the wildcard.\n"
108 "\tBy default only lists shares owned by the current user\n"
109 "\tAdd -l or --long to apply this to all shares\n"
110 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
111 return -1;
112 }
113
114 int net_usershare_usage(struct net_context *c, int argc, const char **argv)
115 {
116 d_printf(_("net usershare add <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>] to "
117 "add or change a user defined share.\n"
118 "net usershare delete <sharename> to delete a user defined share.\n"
119 "net usershare info [-l|--long] [wildcard sharename] to print info about a user defined share.\n"
120 "net usershare list [-l|--long] [wildcard sharename] to list user defined shares.\n"
121 "net usershare help\n"
122 "\nType \"net usershare help <option>\" to get more information on that option\n\n"));
123
124 net_common_flags_usage(c, argc, argv);
125 return -1;
126 }
127
128 /***************************************************************************
129 ***************************************************************************/
130
131 static char *get_basepath(TALLOC_CTX *ctx)
132 {
133 char *basepath = talloc_strdup(ctx, lp_usershare_path());
134
135 if (!basepath) {
136 return NULL;
137 }
138 if ((basepath[0] != '\0') && (basepath[strlen(basepath)-1] == '/')) {
139 basepath[strlen(basepath)-1] = '\0';
140 }
141 return basepath;
142 }
143
144 /***************************************************************************
145 Delete a single userlevel share.
146 ***************************************************************************/
147
148 static int net_usershare_delete(struct net_context *c, int argc, const char **argv)
149 {
150 char *us_path;
151 char *sharename;
152
153 if (argc != 1 || c->display_usage) {
154 return net_usershare_delete_usage(c, argc, argv);
155 }
156
157 if ((sharename = strlower_talloc(talloc_tos(), argv[0])) == NULL) {
158 d_fprintf(stderr, _("strlower_talloc failed\n"));
159 return -1;
160 }
161
162 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
163 d_fprintf(stderr, _("net usershare delete: share name %s contains "
164 "invalid characters (any of %s)\n"),
165 sharename, INVALID_SHARENAME_CHARS);
166 TALLOC_FREE(sharename);
167 return -1;
168 }
169
170 us_path = talloc_asprintf(talloc_tos(),
171 "%s/%s",
172 lp_usershare_path(),
173 sharename);
174 if (!us_path) {
175 TALLOC_FREE(sharename);
176 return -1;
177 }
178
179 if (unlink(us_path) != 0) {
180 d_fprintf(stderr, _("net usershare delete: unable to remove usershare %s. "
181 "Error was %s\n"),
182 us_path, strerror(errno));
183 TALLOC_FREE(sharename);
184 return -1;
185 }
186 TALLOC_FREE(sharename);
187 return 0;
188 }
189
190 /***************************************************************************
191 Data structures to handle a list of usershare files.
192 ***************************************************************************/
193
194 struct file_list {
195 struct file_list *next, *prev;
196 const char *pathname;
197 };
198
199 static struct file_list *flist;
200
201 /***************************************************************************
202 ***************************************************************************/
203
204 static int get_share_list(TALLOC_CTX *ctx, const char *wcard, bool only_ours)
205 {
206 SMB_STRUCT_DIR *dp;
207 SMB_STRUCT_DIRENT *de;
208 uid_t myuid = geteuid();
209 struct file_list *fl = NULL;
210 char *basepath = get_basepath(ctx);
211
212 if (!basepath) {
213 return -1;
214 }
215 dp = sys_opendir(basepath);
216 if (!dp) {
217 d_fprintf(stderr,
218 _("get_share_list: cannot open usershare directory %s. "
219 "Error %s\n"),
220 basepath, strerror(errno) );
221 return -1;
222 }
223
224 while((de = sys_readdir(dp)) != 0) {
225 SMB_STRUCT_STAT sbuf;
226 char *path;
227 const char *n = de->d_name;
228
229 /* Ignore . and .. */
230 if (*n == '.') {
231 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
232 continue;
233 }
234 }
235
236 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
237 d_fprintf(stderr,
238 _("get_share_list: ignoring bad share "
239 "name %s\n"), n);
240 continue;
241 }
242 path = talloc_asprintf(ctx,
243 "%s/%s",
244 basepath,
245 n);
246 if (!path) {
247 sys_closedir(dp);
248 return -1;
249 }
250
251 if (sys_lstat(path, &sbuf, lp_fake_dir_create_times())
252 != 0) {
253 d_fprintf(stderr,
254 _("get_share_list: can't lstat file %s. Error "
255 "was %s\n"),
256 path, strerror(errno) );
257 continue;
258 }
259
260 if (!S_ISREG(sbuf.st_ex_mode)) {
261 d_fprintf(stderr,
262 _("get_share_list: file %s is not a regular "
263 "file. Ignoring.\n"),
264 path );
265 continue;
266 }
267
268 if (only_ours && sbuf.st_ex_uid != myuid) {
269 continue;
270 }
271
272 if (!unix_wild_match(wcard, n)) {
273 continue;
274 }
275
276 /* (Finally) - add to list. */
277 fl = TALLOC_P(ctx, struct file_list);
278 if (!fl) {
279 sys_closedir(dp);
280 return -1;
281 }
282 fl->pathname = talloc_strdup(ctx, n);
283 if (!fl->pathname) {
284 sys_closedir(dp);
285 return -1;
286 }
287
288 DLIST_ADD(flist, fl);
289 }
290
291 sys_closedir(dp);
292 return 0;
293 }
294
295 enum us_priv_op { US_LIST_OP, US_INFO_OP};
296
297 struct us_priv_info {
298 TALLOC_CTX *ctx;
299 enum us_priv_op op;
300 struct net_context *c;
301 };
302
303 /***************************************************************************
304 Call a function for every share on the list.
305 ***************************************************************************/
306
307 static int process_share_list(int (*fn)(struct file_list *, void *), void *priv)
308 {
309 struct file_list *fl;
310 int ret = 0;
311
312 for (fl = flist; fl; fl = fl->next) {
313 ret = (*fn)(fl, priv);
314 }
315
316 return ret;
317 }
318
319 /***************************************************************************
320 Info function.
321 ***************************************************************************/
322
323 static int info_fn(struct file_list *fl, void *priv)
324 {
325 SMB_STRUCT_STAT sbuf;
326 char **lines = NULL;
327 struct us_priv_info *pi = (struct us_priv_info *)priv;
328 TALLOC_CTX *ctx = pi->ctx;
329 struct net_context *c = pi->c;
330 int fd = -1;
331 int numlines = 0;
332 SEC_DESC *psd = NULL;
333 char *basepath;
334 char *sharepath = NULL;
335 char *comment = NULL;
336 char *acl_str;
337 int num_aces;
338 char sep_str[2];
339 enum usershare_err us_err;
340 bool guest_ok = false;
341
342 sep_str[0] = *lp_winbind_separator();
343 sep_str[1] = '\0';
344
345 basepath = get_basepath(ctx);
346 if (!basepath) {
347 return -1;
348 }
349 basepath = talloc_asprintf_append(basepath,
350 "/%s",
351 fl->pathname);
352 if (!basepath) {
353 return -1;
354 }
355
356 #ifdef O_NOFOLLOW
357 fd = sys_open(basepath, O_RDONLY|O_NOFOLLOW, 0);
358 #else
359 fd = sys_open(basepath, O_RDONLY, 0);
360 #endif
361
362 if (fd == -1) {
363 d_fprintf(stderr, _("info_fn: unable to open %s. %s\n"),
364 basepath, strerror(errno) );
365 return -1;
366 }
367
368 /* Paranoia... */
369 if (sys_fstat(fd, &sbuf, lp_fake_dir_create_times()) != 0) {
370 d_fprintf(stderr,
371 _("info_fn: can't fstat file %s. Error was %s\n"),
372 basepath, strerror(errno) );
373 close(fd);
374 return -1;
375 }
376
377 if (!S_ISREG(sbuf.st_ex_mode)) {
378 d_fprintf(stderr,
379 _("info_fn: file %s is not a regular file. Ignoring.\n"),
380 basepath );
381 close(fd);
382 return -1;
383 }
384
385 lines = fd_lines_load(fd, &numlines, 10240, NULL);
386 close(fd);
387
388 if (lines == NULL) {
389 return -1;
390 }
391
392 /* Ensure it's well formed. */
393 us_err = parse_usershare_file(ctx, &sbuf, fl->pathname, -1, lines, numlines,
394 &sharepath,
395 &comment,
396 &psd,
397 &guest_ok);
398
399 TALLOC_FREE(lines);
400
401 if (us_err != USERSHARE_OK) {
402 d_fprintf(stderr,
403 _("info_fn: file %s is not a well formed usershare "
404 "file.\n"),
405 basepath );
406 d_fprintf(stderr, _("info_fn: Error was %s.\n"),
407 get_us_error_code(us_err) );
408 return -1;
409 }
410
411 acl_str = talloc_strdup(ctx, "usershare_acl=");
412 if (!acl_str) {
413 return -1;
414 }
415
416 for (num_aces = 0; num_aces < psd->dacl->num_aces; num_aces++) {
417 const char *domain;
418 const char *name;
419 NTSTATUS ntstatus;
420
421 ntstatus = net_lookup_name_from_sid(c, ctx,
422 &psd->dacl->aces[num_aces].trustee,
423 &domain, &name);
424
425 if (NT_STATUS_IS_OK(ntstatus)) {
426 if (domain && *domain) {
427 acl_str = talloc_asprintf_append(acl_str,
428 "%s%s",
429 domain,
430 sep_str);
431 if (!acl_str) {
432 return -1;
433 }
434 }
435 acl_str = talloc_asprintf_append(acl_str,
436 "%s",
437 name);
438 if (!acl_str) {
439 return -1;
440 }
441
442 } else {
443 fstring sidstr;
444 sid_to_fstring(sidstr,
445 &psd->dacl->aces[num_aces].trustee);
446 acl_str = talloc_asprintf_append(acl_str,
447 "%s",
448 sidstr);
449 if (!acl_str) {
450 return -1;
451 }
452 }
453 acl_str = talloc_asprintf_append(acl_str, ":");
454 if (!acl_str) {
455 return -1;
456 }
457
458 if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
459 acl_str = talloc_asprintf_append(acl_str, "D,");
460 if (!acl_str) {
461 return -1;
462 }
463 } else {
464 if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
465 acl_str = talloc_asprintf_append(acl_str, "F,");
466 } else {
467 acl_str = talloc_asprintf_append(acl_str, "R,");
468 }
469 if (!acl_str) {
470 return -1;
471 }
472 }
473 }
474
475 /* NOTE: This is smb.conf-like output. Do not translate. */
476 if (pi->op == US_INFO_OP) {
477 d_printf("[%s]\n", fl->pathname );
478 d_printf("path=%s\n", sharepath );
479 d_printf("comment=%s\n", comment);
480 d_printf("%s\n", acl_str);
481 d_printf("guest_ok=%c\n\n", guest_ok ? 'y' : 'n');
482 } else if (pi->op == US_LIST_OP) {
483 d_printf("%s\n", fl->pathname);
484 }
485
486 return 0;
487 }
488
489 /***************************************************************************
490 Print out info (internal detail) on userlevel shares.
491 ***************************************************************************/
492
493 static int net_usershare_info(struct net_context *c, int argc, const char **argv)
494 {
495 fstring wcard;
496 bool only_ours = true;
497 int ret = -1;
498 struct us_priv_info pi;
499 TALLOC_CTX *ctx;
500
501 fstrcpy(wcard, "*");
502
503 if (c->display_usage)
504 return net_usershare_info_usage(c, argc, argv);
505
506 if (c->opt_long_list_entries) {
507 only_ours = false;
508 }
509
510 switch (argc) {
511 case 0:
512 break;
513 case 1:
514 fstrcpy(wcard, argv[0]);
515 break;
516 default:
517 return net_usershare_info_usage(c, argc, argv);
518 }
519
520 strlower_m(wcard);
521
522 ctx = talloc_init("share_info");
523 ret = get_share_list(ctx, wcard, only_ours);
524 if (ret) {
525 return ret;
526 }
527
528 pi.ctx = ctx;
529 pi.op = US_INFO_OP;
530 pi.c = c;
531
532 ret = process_share_list(info_fn, &pi);
533 talloc_destroy(ctx);
534 return ret;
535 }
536
537 /***************************************************************************
538 Count the current total number of usershares.
539 ***************************************************************************/
540
541 static int count_num_usershares(void)
542 {
543 SMB_STRUCT_DIR *dp;
544 SMB_STRUCT_DIRENT *de;
545 int num_usershares = 0;
546 TALLOC_CTX *ctx = talloc_tos();
547 char *basepath = get_basepath(ctx);
548
549 if (!basepath) {
550 return -1;
551 }
552
553 dp = sys_opendir(basepath);
554 if (!dp) {
555 d_fprintf(stderr,
556 _("count_num_usershares: cannot open usershare "
557 "directory %s. Error %s\n"),
558 basepath, strerror(errno) );
559 return -1;
560 }
561
562 while((de = sys_readdir(dp)) != 0) {
563 SMB_STRUCT_STAT sbuf;
564 char *path;
565 const char *n = de->d_name;
566
567 /* Ignore . and .. */
568 if (*n == '.') {
569 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
570 continue;
571 }
572 }
573
574 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
575 d_fprintf(stderr,
576 _("count_num_usershares: ignoring bad share "
577 "name %s\n"), n);
578 continue;
579 }
580 path = talloc_asprintf(ctx,
581 "%s/%s",
582 basepath,
583 n);
584 if (!path) {
585 sys_closedir(dp);
586 return -1;
587 }
588
589 if (sys_lstat(path, &sbuf, lp_fake_dir_create_times())
590 != 0) {
591 d_fprintf(stderr,
592 _("count_num_usershares: can't lstat file %s. "
593 "Error was %s\n"),
594 path, strerror(errno) );
595 continue;
596 }
597
598 if (!S_ISREG(sbuf.st_ex_mode)) {
599 d_fprintf(stderr,
600 _("count_num_usershares: file %s is not a "
601 "regular file. Ignoring.\n"),
602 path );
603 continue;
604 }
605 num_usershares++;
606 }
607
608 sys_closedir(dp);
609 return num_usershares;
610 }
611
612 /***************************************************************************
613 Add a single userlevel share.
614 ***************************************************************************/
615
616 static int net_usershare_add(struct net_context *c, int argc, const char **argv)
617 {
618 TALLOC_CTX *ctx = talloc_stackframe();
619 SMB_STRUCT_STAT sbuf;
620 SMB_STRUCT_STAT lsbuf;
621 char *sharename;
622 char *full_path;
623 char *full_path_tmp;
624 const char *us_path;
625 const char *us_comment;
626 const char *arg_acl;
627 char *us_acl;
628 char *file_img;
629 int num_aces = 0;
630 int i;
631 int tmpfd;
632 const char *pacl;
633 size_t to_write;
634 uid_t myeuid = geteuid();
635 bool guest_ok = false;
636 int num_usershares;
637
638 us_comment = "";
639 arg_acl = "S-1-1-0:R";
640
641 if (c->display_usage)
642 return net_usershare_add_usage(c, argc, argv);
643
644 switch (argc) {
645 case 0:
646 case 1:
647 default:
648 return net_usershare_add_usage(c, argc, argv);
649 case 2:
650 sharename = strlower_talloc(ctx, argv[0]);
651 us_path = argv[1];
652 break;
653 case 3:
654 sharename = strlower_talloc(ctx, argv[0]);
655 us_path = argv[1];
656 us_comment = argv[2];
657 break;
658 case 4:
659 sharename = strlower_talloc(ctx, argv[0]);
660 us_path = argv[1];
661 us_comment = argv[2];
662 arg_acl = argv[3];
663 break;
664 case 5:
665 sharename = strlower_talloc(ctx, argv[0]);
666 us_path = argv[1];
667 us_comment = argv[2];
668 arg_acl = argv[3];
669 if (strlen(arg_acl) == 0) {
670 arg_acl = "S-1-1-0:R";
671 }
672 if (!strnequal(argv[4], "guest_ok=", 9)) {
673 TALLOC_FREE(ctx);
674 return net_usershare_add_usage(c, argc, argv);
675 }
676 switch (argv[4][9]) {
677 case 'y':
678 case 'Y':
679 guest_ok = true;
680 break;
681 case 'n':
682 case 'N':
683 guest_ok = false;
684 break;
685 default:
686 TALLOC_FREE(ctx);
687 return net_usershare_add_usage(c, argc, argv);
688 }
689 break;
690 }
691
692 /* Ensure we're under the "usershare max shares" number. Advisory only. */
693 num_usershares = count_num_usershares();
694 if (num_usershares >= lp_usershare_max_shares()) {
695 d_fprintf(stderr,
696 _("net usershare add: maximum number of allowed "
697 "usershares (%d) reached\n"),
698 lp_usershare_max_shares() );
699 TALLOC_FREE(ctx);
700 return -1;
701 }
702
703 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
704 d_fprintf(stderr, _("net usershare add: share name %s contains "
705 "invalid characters (any of %s)\n"),
706 sharename, INVALID_SHARENAME_CHARS);
707 TALLOC_FREE(ctx);
708 return -1;
709 }
710
711 /* Disallow shares the same as users. */
712 if (getpwnam(sharename)) {
713 d_fprintf(stderr,
714 _("net usershare add: share name %s is already a valid "
715 "system user name\n"),
716 sharename );
717 TALLOC_FREE(ctx);
718 return -1;
719 }
720
721 /* Construct the full path for the usershare file. */
722 full_path = get_basepath(ctx);
723 if (!full_path) {
724 TALLOC_FREE(ctx);
725 return -1;
726 }
727 full_path_tmp = talloc_asprintf(ctx,
728 "%s/:tmpXXXXXX",
729 full_path);
730 if (!full_path_tmp) {
731 TALLOC_FREE(ctx);
732 return -1;
733 }
734
735 full_path = talloc_asprintf_append(full_path,
736 "/%s",
737 sharename);
738 if (!full_path) {
739 TALLOC_FREE(ctx);
740 return -1;
741 }
742
743 /* The path *must* be absolute. */
744 if (us_path[0] != '/') {
745 d_fprintf(stderr,
746 _("net usershare add: path %s is not an absolute "
747 "path.\n"),
748 us_path);
749 TALLOC_FREE(ctx);
750 return -1;
751 }
752
753 /* Check the directory to be shared exists. */
754 if (sys_stat(us_path, &sbuf, lp_fake_dir_create_times()) != 0) {
755 d_fprintf(stderr,
756 _("net usershare add: cannot stat path %s to ensure "
757 "this is a directory. Error was %s\n"),
758 us_path, strerror(errno) );
759 TALLOC_FREE(ctx);
760 return -1;
761 }
762
763 if (!S_ISDIR(sbuf.st_ex_mode)) {
764 d_fprintf(stderr,
765 _("net usershare add: path %s is not a directory.\n"),
766 us_path );
767 TALLOC_FREE(ctx);
768 return -1;
769 }
770
771 /* If we're not root, check if we're restricted to sharing out directories
772 that we own only. */
773
774 if ((myeuid != 0) && lp_usershare_owner_only() && (myeuid != sbuf.st_ex_uid)) {
775 d_fprintf(stderr, _("net usershare add: cannot share path %s as "
776 "we are restricted to only sharing directories we own.\n"
777 "\tAsk the administrator to add the line \"usershare owner only = false\" \n"
778 "\tto the [global] section of the smb.conf to allow this.\n"),
779 us_path );
780 TALLOC_FREE(ctx);
781 return -1;
782 }
783
784 /* No validation needed on comment. Now go through and validate the
785 acl string. Convert names to SID's as needed. Then run it through
786 parse_usershare_acl to ensure it's valid. */
787
788 /* Start off the string we'll append to. */
789 us_acl = talloc_strdup(ctx, "");
790 if (!us_acl) {
791 TALLOC_FREE(ctx);
792 return -1;
793 }
794
795 pacl = arg_acl;
796 num_aces = 1;
797
798 /* Add the number of ',' characters to get the number of aces. */
799 num_aces += count_chars(pacl,',');
800
801 for (i = 0; i < num_aces; i++) {
802 DOM_SID sid;
803 const char *pcolon = strchr_m(pacl, ':');
804 const char *name;
805
806 if (pcolon == NULL) {
807 d_fprintf(stderr,
808 _("net usershare add: malformed acl %s "
809 "(missing ':').\n"),
810 pacl );
811 TALLOC_FREE(ctx);
812 return -1;
813 }
814
815 switch(pcolon[1]) {
816 case 'f':
817 case 'F':
818 case 'd':
819 case 'r':
820 case 'R':
821 break;
822 default:
823 d_fprintf(stderr,
824 _("net usershare add: malformed acl %s "
825 "(access control must be 'r', 'f', "
826 "or 'd')\n"),
827 pacl );
828 TALLOC_FREE(ctx);
829 return -1;
830 }
831
832 if (pcolon[2] != ',' && pcolon[2] != '\0') {
833 d_fprintf(stderr,
834 _("net usershare add: malformed terminating "
835 "character for acl %s\n"),
836 pacl );
837 TALLOC_FREE(ctx);
838 return -1;
839 }
840
841 /* Get the name */
842 if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
843 d_fprintf(stderr, _("talloc_strndup failed\n"));
844 TALLOC_FREE(ctx);
845 return -1;
846 }
847 if (!string_to_sid(&sid, name)) {
848 /* Convert to a SID */
849 NTSTATUS ntstatus = net_lookup_sid_from_name(c, ctx, name, &sid);
850 if (!NT_STATUS_IS_OK(ntstatus)) {
851 d_fprintf(stderr,
852 _("net usershare add: cannot convert "
853 "name \"%s\" to a SID. %s."),
854 name, get_friendly_nt_error_msg(ntstatus) );
855 if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_CONNECTION_REFUSED)) {
856 d_fprintf(stderr,
857 _(" Maybe smbd is not running.\n"));
858 } else {
859 d_fprintf(stderr, "\n");
860 }
861 TALLOC_FREE(ctx);
862 return -1;
863 }
864 }
865 us_acl = talloc_asprintf_append(
866 us_acl, "%s:%c,", sid_string_tos(&sid), pcolon[1]);
867
868 /* Move to the next ACL entry. */
869 if (pcolon[2] == ',') {
870 pacl = &pcolon[3];
871 }
872 }
873
874 /* Remove the last ',' */
875 us_acl[strlen(us_acl)-1] = '\0';
876
877 if (guest_ok && !lp_usershare_allow_guests()) {
878 d_fprintf(stderr, _("net usershare add: guest_ok=y requested "
879 "but the \"usershare allow guests\" parameter is not "
880 "enabled by this server.\n"));
881 TALLOC_FREE(ctx);
882 return -1;
883 }
884
885 /* Create a temporary filename for this share. */
886 tmpfd = mkstemp(full_path_tmp);
887
888 if (tmpfd == -1) {
889 d_fprintf(stderr,
890 _("net usershare add: cannot create tmp file %s\n"),
891 full_path_tmp );
892 TALLOC_FREE(ctx);
893 return -1;
894 }
895
896 /* Ensure we opened the file we thought we did. */
897 if (sys_lstat(full_path_tmp, &lsbuf, lp_fake_dir_create_times())
898 != 0) {
899 d_fprintf(stderr,
900 _("net usershare add: cannot lstat tmp file %s\n"),
901 full_path_tmp );
902 TALLOC_FREE(ctx);
903 return -1;
904 }
905
906 /* Check this is the same as the file we opened. */
907 if (sys_fstat(tmpfd, &sbuf, lp_fake_dir_create_times()) != 0) {
908 d_fprintf(stderr,
909 _("net usershare add: cannot fstat tmp file %s\n"),
910 full_path_tmp );
911 TALLOC_FREE(ctx);
912 return -1;
913 }
914
915 if (!S_ISREG(sbuf.st_ex_mode) || sbuf.st_ex_dev != lsbuf.st_ex_dev || sbuf.st_ex_ino != lsbuf.st_ex_ino) {
916 d_fprintf(stderr,
917 _("net usershare add: tmp file %s is not a regular "
918 "file ?\n"),
919 full_path_tmp );
920 TALLOC_FREE(ctx);
921 return -1;
922 }
923
924 if (fchmod(tmpfd, 0644) == -1) {
925 d_fprintf(stderr,
926 _("net usershare add: failed to fchmod tmp file %s "
927 "to 0644n"),
928 full_path_tmp );
929 TALLOC_FREE(ctx);
930 return -1;
931 }
932
933 /* Create the in-memory image of the file. */
934 file_img = talloc_strdup(ctx, "#VERSION 2\npath=");
935 file_img = talloc_asprintf_append(file_img, "%s\ncomment=%s\nusershare_acl=%s\nguest_ok=%c\n",
936 us_path, us_comment, us_acl, guest_ok ? 'y' : 'n');
937
938 to_write = strlen(file_img);
939
940 if (write(tmpfd, file_img, to_write) != to_write) {
941 d_fprintf(stderr,
942 _("net usershare add: failed to write %u bytes to "
943 "file %s. Error was %s\n"),
944 (unsigned int)to_write, full_path_tmp, strerror(errno));
945 unlink(full_path_tmp);
946 TALLOC_FREE(ctx);
947 return -1;
948 }
949
950 /* Attempt to replace any existing share by this name. */
951 if (rename(full_path_tmp, full_path) != 0) {
952 unlink(full_path_tmp);
953 d_fprintf(stderr,
954 _("net usershare add: failed to add share %s. Error "
955 "was %s\n"),
956 sharename, strerror(errno));
957 TALLOC_FREE(ctx);
958 close(tmpfd);
959 return -1;
960 }
961
962 close(tmpfd);
963
964 if (c->opt_long_list_entries) {
965 const char *my_argv[2];
966 my_argv[0] = sharename;
967 my_argv[1] = NULL;
968 net_usershare_info(c, 1, my_argv);
969 }
970
971 TALLOC_FREE(ctx);
972 return 0;
973 }
974
975 #if 0
976 /***************************************************************************
977 List function.
978 ***************************************************************************/
979
980 static int list_fn(struct file_list *fl, void *priv)
981 {
982 d_printf("%s\n", fl->pathname);
983 return 0;
984 }
985 #endif
986
987 /***************************************************************************
988 List userlevel shares.
989 ***************************************************************************/
990
991 static int net_usershare_list(struct net_context *c, int argc,
992 const char **argv)
993 {
994 fstring wcard;
995 bool only_ours = true;
996 int ret = -1;
997 struct us_priv_info pi;
998 TALLOC_CTX *ctx;
999
1000 fstrcpy(wcard, "*");
1001
1002 if (c->display_usage)
1003 return net_usershare_list_usage(c, argc, argv);
1004
1005 if (c->opt_long_list_entries) {
1006 only_ours = false;
1007 }
1008
1009 switch (argc) {
1010 case 0:
1011 break;
1012 case 1:
1013 fstrcpy(wcard, argv[0]);
1014 break;
1015 default:
1016 return net_usershare_list_usage(c, argc, argv);
1017 }
1018
1019 strlower_m(wcard);
1020
1021 ctx = talloc_init("share_list");
1022 ret = get_share_list(ctx, wcard, only_ours);
1023 if (ret) {
1024 return ret;
1025 }
1026
1027 pi.ctx = ctx;
1028 pi.op = US_LIST_OP;
1029 pi.c = c;
1030
1031 ret = process_share_list(info_fn, &pi);
1032 talloc_destroy(ctx);
1033 return ret;
1034 }
1035
1036 /***************************************************************************
1037 Entry-point for all the USERSHARE functions.
1038 ***************************************************************************/
1039
1040 int net_usershare(struct net_context *c, int argc, const char **argv)
1041 {
1042 SMB_STRUCT_DIR *dp;
1043
1044 struct functable func[] = {
1045 {
1046 "add",
1047 net_usershare_add,
1048 NET_TRANSPORT_LOCAL,
1049 N_("Add/modify user defined share"),
1050 N_("net usershare add\n"
1051 " Add/modify user defined share")
1052 },
1053 {
1054 "delete",
1055 net_usershare_delete,
1056 NET_TRANSPORT_LOCAL,
1057 N_("Delete user defined share"),
1058 N_("net usershare delete\n"
1059 " Delete user defined share")
1060 },
1061 {
1062 "info",
1063 net_usershare_info,
1064 NET_TRANSPORT_LOCAL,
1065 N_("Display information about a user defined share"),
1066 N_("net usershare info\n"
1067 " Display information about a user defined share")
1068 },
1069 {
1070 "list",
1071 net_usershare_list,
1072 NET_TRANSPORT_LOCAL,
1073 N_("List user defined shares"),
1074 N_("net usershare list\n"
1075 " List user defined shares")
1076 },
1077 {NULL, NULL, 0, NULL, NULL}
1078 };
1079
1080 if (lp_usershare_max_shares() == 0) {
1081 d_fprintf(stderr,
1082 _("net usershare: usershares are currently "
1083 "disabled\n"));
1084 return -1;
1085 }
1086
1087 dp = sys_opendir(lp_usershare_path());
1088 if (!dp) {
1089 int err = errno;
1090 d_fprintf(stderr,
1091 _("net usershare: cannot open usershare directory %s. "
1092 "Error %s\n"),
1093 lp_usershare_path(), strerror(err) );
1094 if (err == EACCES) {
1095 d_fprintf(stderr,
1096 _("You do not have permission to create a "
1097 "usershare. Ask your administrator to grant "
1098 "you permissions to create a share.\n"));
1099 } else if (err == ENOENT) {
1100 d_fprintf(stderr,
1101 _("Please ask your system administrator to "
1102 "enable user sharing.\n"));
1103 }
1104 return -1;
1105 }
1106 sys_closedir(dp);
1107
1108 return net_run_function(c, argc, argv, "net usershare", func);
1109 }
Samba GIT mirror