4 IDL structures for xattr file attributes
6 this has nothing to do with RPC, we are just using our NDR/IDL
7 infrastructure as a convenient way to store linearised information
8 about a file in a architecture independent manner
11 import
"security.idl";
15 helper
("../librpc/ndr/ndr_xattr.h"),
16 pyhelper
("librpc/ndr/py_xattr.c"),
17 pointer_default(unique)
21 const char *XATTR_DOSATTRIB_NAME
= "user.DosAttrib";
22 const char *XATTR_DOSATTRIB_NAME_S3
= "user.DOSATTRIB";
23 const int XATTR_DOSATTRIB_ESTIMATED_SIZE
= 64;
25 /* we store basic dos attributes in a DosAttrib xattr. By
26 using a union we can cope with new version of this
27 structure more easily */
30 * the FFFF level is never really used,
31 * it's used to pass the information from
32 * the old hex string attrib information
33 * we have a handwritten parser which converts
34 * the hex string to the xattr_DosInfoFFFFCompat strucure
39 } xattr_DosInfoFFFFCompat
;
51 We use xattrDosInfo1 again when we store values.
52 Because the sticky write time is now stored in the opendb
53 and xattr_DosInfo2Old is only present to parse existing
56 const int XATTR_ATTRIB_FLAG_STICKY_WRITE_TIME = 0x1;
66 NTTIME write_time
; /* only used when sticky write time is set */
70 typedef [bitmap32bit
] bitmap
{
71 XATTR_DOSINFO_ATTRIB
= 0x00000001,
72 XATTR_DOSINFO_EA_SIZE
= 0x00000002,
73 XATTR_DOSINFO_SIZE
= 0x00000004,
74 XATTR_DOSINFO_ALLOC_SIZE
= 0x00000008,
75 XATTR_DOSINFO_CREATE_TIME
= 0x00000010,
76 XATTR_DOSINFO_CHANGE_TIME
= 0x00000020,
77 XATTR_DOSINFO_ITIME
= 0x00000040
78 } xattr_DosInfoValidFlags
;
81 xattr_DosInfoValidFlags valid_flags
;
91 xattr_DosInfoValidFlags valid_flags
;
97 typedef [public,switch_type(uint16
)] union {
98 [case(0xFFFF)] xattr_DosInfoFFFFCompat compatinfoFFFF
;
99 [case(1)] xattr_DosInfo1 info1
;
100 [case(2)] xattr_DosInfo2Old oldinfo2
;
101 [case(3)] xattr_DosInfo3 info3
;
102 [case(4)] xattr_DosInfo4 info4
;
105 typedef [public] struct {
107 [switch_is(version)] xattr_DosInfo info
;
110 typedef [public,nopush
,nopull
,noprint
] struct {
113 [switch_is(version)] xattr_DosInfo info
;
116 /* we store DOS style extended attributes in a DosEAs xattr */
117 const char *XATTR_DOSEAS_NAME
= "user.DosEAs";
124 typedef [public] struct {
126 [size_is(num_eas
)] xattr_EA
*eas
;
129 /* Slightly different version, used by the vfs_xattr_tdb module */
130 typedef [public] struct {
132 xattr_EA eas
[num_eas
];
135 /* we store stream information in this xattr structure. Then
136 the streams themselves are stored in
137 user.DosStream.STREAMNAME or in external files, according
139 const char *XATTR_DOSSTREAMS_NAME
= "user.DosStreams";
141 const int XATTR_STREAM_FLAG_INTERNAL
= 0x00000001;
143 /* stream data is stored in attributes with the given prefix */
144 const char *XATTR_DOSSTREAM_PREFIX
= "user.DosStream.";
146 const int XATTR_MAX_STREAM_SIZE
= 0x4000;
147 const int XATTR_MAX_STREAM_SIZE_TDB
= 0x100000;
156 typedef [public] struct {
158 [size_is(num_streams
)] xattr_DosStream
*streams
;
162 /* we store the NT ACL a NTACL xattr. It is versioned so we
163 can later add other acl attribs (such as posix acl mapping)
165 we put this xattr in the security namespace to ensure that
166 only trusted users can write to the ACL
168 stored in "security.NTACL"
170 Version 1. raw SD stored as Samba4 does it.
171 Version 2. raw SD + last changed hash so we
172 can discard if this doesn't match the underlying ACL hash.
175 const char *XATTR_NTACL_NAME
= "security.NTACL";
177 const int XATTR_SD_HASH_SIZE
= 64;
178 const int XATTR_SD_HASH_TYPE_NONE
= 0x0;
179 const int XATTR_SD_HASH_TYPE_SHA256
= 0x1;
181 typedef [public] struct {
182 security_descriptor
*sd
;
184 } security_descriptor_hash_v2
; /* Hash never used in this version. */
186 typedef [public] struct {
187 security_descriptor
*sd
;
189 uint8 hash
[64]; /* 64 bytes hash. */
190 } security_descriptor_hash_v3
;
192 typedef [public] struct {
193 security_descriptor
*sd
;
195 uint8 hash
[64]; /* 64 bytes hash. */
196 utf8string description
; /* description of what created
197 * this hash (to allow
198 * forensics later, if we have
199 * a bug in one codepath */
201 uint8 sys_acl_hash
[64]; /* 64 bytes hash. */
202 } security_descriptor_hash_v4
;
204 typedef [switch_type(uint16
)] union {
205 [case(1)] security_descriptor
*sd
;
206 [case(2)] security_descriptor_hash_v2
*sd_hs2
;
207 [case(3)] security_descriptor_hash_v3
*sd_hs3
;
208 [case(4)] security_descriptor_hash_v4
*sd_hs4
;
211 typedef [public] struct {
213 [switch_is(version)] xattr_NTACL_Info info
;
217 * A wrapper of the common information required to be in the
218 * hash of the ACL, for the acl_xattr and acl_tdb modules.
220 [public] typedef struct {
221 DATA_BLOB acl_as_blob
;
225 } xattr_sys_acl_hash_wrapper
;