search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ldb:kv_index: use subtransaction_cancel in transaction_cancel
[Samba.git] / source3 / utils / net_usershare.c
blob745888224348bf422db16c588c88b947f1567e88
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4
5 Copyright (C) Jeremy Allison (jra@samba.org) 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "system/passwd.h"
23 #include "system/filesys.h"
24 #include "utils/net.h"
25 #include "../libcli/security/security.h"
26 #include "lib/util/string_wrappers.h"
27 #include "lib/util/util_file.h"
28
29 struct {
30 const char *us_errstr;
31 enum usershare_err us_err;
32 } us_errs [] = {
33 {"",USERSHARE_OK},
34 {N_("Malformed usershare file"), USERSHARE_MALFORMED_FILE},
35 {N_("Bad version number"), USERSHARE_BAD_VERSION},
36 {N_("Malformed path entry"), USERSHARE_MALFORMED_PATH},
37 {N_("Malformed comment entryfile"), USERSHARE_MALFORMED_COMMENT_DEF},
38 {N_("Malformed acl definition"), USERSHARE_MALFORMED_ACL_DEF},
39 {N_("Acl parse error"), USERSHARE_ACL_ERR},
40 {N_("Path not absolute"), USERSHARE_PATH_NOT_ABSOLUTE},
41 {N_("Path is denied"), USERSHARE_PATH_IS_DENIED},
42 {N_("Path not allowed"), USERSHARE_PATH_NOT_ALLOWED},
43 {N_("Path is not a directory"), USERSHARE_PATH_NOT_DIRECTORY},
44 {N_("System error"), USERSHARE_POSIX_ERR},
45 {N_("Malformed sharename definition"), USERSHARE_MALFORMED_SHARENAME_DEF},
46 {N_("Bad sharename (doesn't match filename)"), USERSHARE_BAD_SHARENAME},
47 {NULL,(enum usershare_err)-1}
48 };
49
50 static const char *get_us_error_code(enum usershare_err us_err)
51 {
52 char *result;
53 int idx = 0;
54
55 while (us_errs[idx].us_errstr != NULL) {
56 if (us_errs[idx].us_err == us_err) {
57 return us_errs[idx].us_errstr;
58 }
59 idx++;
60 }
61
62 result = talloc_asprintf(talloc_tos(), _("Usershare error code (0x%x)"),
63 (unsigned int)us_err);
64 SMB_ASSERT(result != NULL);
65 return result;
66 }
67
68 /* The help subsystem for the USERSHARE subcommand */
69
70 static int net_usershare_add_usage(struct net_context *c, int argc, const char **argv)
71 {
72 char chr = *lp_winbind_separator();
73 d_printf(_(
74 "net usershare add [--long] <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>]\n"
75 "\tAdds the specified share name for this user.\n"
76 "\t<sharename> is the new share name.\n"
77 "\t<path> is the path on the filesystem to export.\n"
78 "\t<comment> is the optional comment for the new share.\n"
79 "\t<acl> is an optional share acl in the format \"DOMAIN%cname:X,DOMAIN%cname:X,....\"\n"
80 "\t<guest_ok=y> if present sets \"guest ok = yes\" on this usershare.\n"
81 "\t\t\"X\" represents a permission and can be any one of the characters f, r or d\n"
82 "\t\twhere \"f\" means full control, \"r\" means read-only, \"d\" means deny access.\n"
83 "\t\tname may be a domain user or group. For local users use the local server name "
84 "instead of \"DOMAIN\"\n"
85 "\t\tThe default acl is \"Everyone:r\" which allows everyone read-only access.\n"
86 "\tAdd --long to print the info on the newly added share.\n"),
87 chr, chr );
88 return -1;
89 }
90
91 static int net_usershare_delete_usage(struct net_context *c, int argc, const char **argv)
92 {
93 d_printf(_(
94 "net usershare delete <sharename>\n"
95 "\tdeletes the specified share name for this user.\n"));
96 return -1;
97 }
98
99 static int net_usershare_info_usage(struct net_context *c, int argc, const char **argv)
100 {
101 d_printf(_(
102 "net usershare info [--long] [wildcard sharename]\n"
103 "\tPrints out the path, comment and acl elements of shares that match the wildcard.\n"
104 "\tBy default only gives info on shares owned by the current user\n"
105 "\tAdd --long to apply this to all shares\n"
106 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
107 return -1;
108 }
109
110 static int net_usershare_list_usage(struct net_context *c, int argc, const char **argv)
111 {
112 d_printf(_(
113 "net usershare list [--long] [wildcard sharename]\n"
114 "\tLists the names of all shares that match the wildcard.\n"
115 "\tBy default only lists shares owned by the current user\n"
116 "\tAdd --long to apply this to all shares\n"
117 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
118 return -1;
119 }
120
121 int net_usershare_usage(struct net_context *c, int argc, const char **argv)
122 {
123 d_printf(_("net usershare add <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>] to "
124 "add or change a user defined share.\n"
125 "net usershare delete <sharename> to delete a user defined share.\n"
126 "net usershare info [--long] [wildcard sharename] to print info about a user defined share.\n"
127 "net usershare list [--long] [wildcard sharename] to list user defined shares.\n"
128 "net usershare help\n"
129 "\nType \"net usershare help <option>\" to get more information on that option\n\n"));
130
131 net_common_flags_usage(c, argc, argv);
132 return -1;
133 }
134
135 /***************************************************************************
136 ***************************************************************************/
137
138 static char *get_basepath(TALLOC_CTX *ctx)
139 {
140 const struct loadparm_substitution *lp_sub =
141 loadparm_s3_global_substitution();
142 char *basepath = lp_usershare_path(ctx, lp_sub);
143
144 if (!basepath) {
145 return NULL;
146 }
147 if ((basepath[0] != '\0') && (basepath[strlen(basepath)-1] == '/')) {
148 basepath[strlen(basepath)-1] = '\0';
149 }
150 return basepath;
151 }
152
153 /***************************************************************************
154 Delete a single userlevel share.
155 ***************************************************************************/
156
157 static int net_usershare_delete(struct net_context *c, int argc, const char **argv)
158 {
159 const struct loadparm_substitution *lp_sub =
160 loadparm_s3_global_substitution();
161 char *us_path;
162 char *sharename;
163
164 if (argc != 1 || c->display_usage) {
165 return net_usershare_delete_usage(c, argc, argv);
166 }
167
168 if ((sharename = strlower_talloc(talloc_tos(), argv[0])) == NULL) {
169 d_fprintf(stderr, _("strlower_talloc failed\n"));
170 return -1;
171 }
172
173 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
174 d_fprintf(stderr, _("net usershare delete: share name %s contains "
175 "invalid characters (any of %s)\n"),
176 sharename, INVALID_SHARENAME_CHARS);
177 TALLOC_FREE(sharename);
178 return -1;
179 }
180
181 us_path = talloc_asprintf(talloc_tos(),
182 "%s/%s",
183 lp_usershare_path(talloc_tos(), lp_sub),
184 sharename);
185 if (!us_path) {
186 TALLOC_FREE(sharename);
187 return -1;
188 }
189
190 if (unlink(us_path) != 0) {
191 d_fprintf(stderr, _("net usershare delete: unable to remove usershare %s. "
192 "Error was %s\n"),
193 us_path, strerror(errno));
194 TALLOC_FREE(sharename);
195 return -1;
196 }
197 TALLOC_FREE(sharename);
198 return 0;
199 }
200
201 /***************************************************************************
202 Data structures to handle a list of usershare files.
203 ***************************************************************************/
204
205 struct file_list {
206 struct file_list *next, *prev;
207 const char *pathname;
208 };
209
210 static struct file_list *flist;
211
212 /***************************************************************************
213 ***************************************************************************/
214
215 static int get_share_list(TALLOC_CTX *ctx, const char *wcard, bool only_ours)
216 {
217 DIR *dp;
218 struct dirent *de;
219 uid_t myuid = geteuid();
220 struct file_list *fl = NULL;
221 char *basepath = get_basepath(ctx);
222
223 if (!basepath) {
224 return -1;
225 }
226 dp = opendir(basepath);
227 if (!dp) {
228 d_fprintf(stderr,
229 _("get_share_list: cannot open usershare directory %s. "
230 "Error %s\n"),
231 basepath, strerror(errno) );
232 return -1;
233 }
234
235 while((de = readdir(dp)) != 0) {
236 SMB_STRUCT_STAT sbuf;
237 char *path;
238 const char *n = de->d_name;
239
240 /* Ignore . and .. */
241 if (*n == '.') {
242 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
243 continue;
244 }
245 }
246
247 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
248 d_fprintf(stderr,
249 _("get_share_list: ignoring bad share "
250 "name %s\n"), n);
251 continue;
252 }
253 path = talloc_asprintf(ctx,
254 "%s/%s",
255 basepath,
256 n);
257 if (!path) {
258 closedir(dp);
259 return -1;
260 }
261
262 if (sys_lstat(path, &sbuf, false) != 0) {
263 d_fprintf(stderr,
264 _("get_share_list: can't lstat file %s. Error "
265 "was %s\n"),
266 path, strerror(errno) );
267 continue;
268 }
269
270 if (!S_ISREG(sbuf.st_ex_mode)) {
271 d_fprintf(stderr,
272 _("get_share_list: file %s is not a regular "
273 "file. Ignoring.\n"),
274 path );
275 continue;
276 }
277
278 if (only_ours && sbuf.st_ex_uid != myuid) {
279 continue;
280 }
281
282 if (!unix_wild_match(wcard, n)) {
283 continue;
284 }
285
286 /* (Finally) - add to list. */
287 fl = talloc(ctx, struct file_list);
288 if (!fl) {
289 closedir(dp);
290 return -1;
291 }
292 fl->pathname = talloc_strdup(ctx, n);
293 if (!fl->pathname) {
294 closedir(dp);
295 return -1;
296 }
297
298 DLIST_ADD(flist, fl);
299 }
300
301 closedir(dp);
302 return 0;
303 }
304
305 enum us_priv_op { US_LIST_OP, US_INFO_OP};
306
307 struct us_priv_info {
308 TALLOC_CTX *ctx;
309 enum us_priv_op op;
310 struct net_context *c;
311 };
312
313 /***************************************************************************
314 Call a function for every share on the list.
315 ***************************************************************************/
316
317 static int process_share_list(int (*fn)(struct file_list *, void *), void *priv)
318 {
319 struct file_list *fl;
320 int ret = 0;
321
322 for (fl = flist; fl; fl = fl->next) {
323 ret = (*fn)(fl, priv);
324 }
325
326 return ret;
327 }
328
329 /***************************************************************************
330 Info function.
331 ***************************************************************************/
332
333 static int info_fn(struct file_list *fl, void *priv)
334 {
335 SMB_STRUCT_STAT sbuf;
336 char **lines = NULL;
337 struct us_priv_info *pi = (struct us_priv_info *)priv;
338 TALLOC_CTX *ctx = pi->ctx;
339 struct net_context *c = pi->c;
340 int fd = -1;
341 int numlines = 0;
342 struct security_descriptor *psd = NULL;
343 char *basepath;
344 char *sharepath = NULL;
345 char *comment = NULL;
346 char *cp_sharename = NULL;
347 char *acl_str;
348 int num_aces;
349 char sep_str[2];
350 enum usershare_err us_err;
351 bool guest_ok = false;
352
353 sep_str[0] = *lp_winbind_separator();
354 sep_str[1] = '\0';
355
356 basepath = get_basepath(ctx);
357 if (!basepath) {
358 return -1;
359 }
360 basepath = talloc_asprintf_append(basepath,
361 "/%s",
362 fl->pathname);
363 if (!basepath) {
364 return -1;
365 }
366
367 #ifdef O_NOFOLLOW
368 fd = open(basepath, O_RDONLY|O_NOFOLLOW, 0);
369 #else
370 fd = open(basepath, O_RDONLY, 0);
371 #endif
372
373 if (fd == -1) {
374 d_fprintf(stderr, _("info_fn: unable to open %s. %s\n"),
375 basepath, strerror(errno) );
376 return -1;
377 }
378
379 /* Paranoia... */
380 if (sys_fstat(fd, &sbuf, false) != 0) {
381 d_fprintf(stderr,
382 _("info_fn: can't fstat file %s. Error was %s\n"),
383 basepath, strerror(errno) );
384 close(fd);
385 return -1;
386 }
387
388 if (!S_ISREG(sbuf.st_ex_mode)) {
389 d_fprintf(stderr,
390 _("info_fn: file %s is not a regular file. Ignoring.\n"),
391 basepath );
392 close(fd);
393 return -1;
394 }
395
396 lines = fd_lines_load(fd, &numlines, 10240, NULL);
397 close(fd);
398
399 if (lines == NULL) {
400 return -1;
401 }
402
403 /* Ensure it's well formed. */
404 us_err = parse_usershare_file(ctx, &sbuf, fl->pathname, -1, lines, numlines,
405 &sharepath,
406 &comment,
407 &cp_sharename,
408 &psd,
409 &guest_ok);
410
411 TALLOC_FREE(lines);
412
413 if (us_err != USERSHARE_OK) {
414 d_fprintf(stderr,
415 _("info_fn: file %s is not a well formed usershare "
416 "file.\n"),
417 basepath );
418 d_fprintf(stderr, _("info_fn: Error was %s.\n"),
419 get_us_error_code(us_err) );
420 return -1;
421 }
422
423 acl_str = talloc_strdup(ctx, "usershare_acl=");
424 if (!acl_str) {
425 return -1;
426 }
427
428 for (num_aces = 0; num_aces < psd->dacl->num_aces; num_aces++) {
429 const char *domain;
430 const char *name;
431 NTSTATUS ntstatus;
432
433 ntstatus = net_lookup_name_from_sid(c, ctx,
434 &psd->dacl->aces[num_aces].trustee,
435 &domain, &name);
436
437 if (NT_STATUS_IS_OK(ntstatus)) {
438 if (domain && *domain) {
439 acl_str = talloc_asprintf_append(acl_str,
440 "%s%s",
441 domain,
442 sep_str);
443 if (!acl_str) {
444 return -1;
445 }
446 }
447 acl_str = talloc_asprintf_append(acl_str,
448 "%s",
449 name);
450 if (!acl_str) {
451 return -1;
452 }
453
454 } else {
455 struct dom_sid_buf sidstr;
456
457 acl_str = talloc_asprintf_append(
458 acl_str,
459 "%s",
460 dom_sid_str_buf(
461 &psd->dacl->aces[num_aces].trustee,
462 &sidstr));
463 if (!acl_str) {
464 return -1;
465 }
466 }
467 acl_str = talloc_asprintf_append(acl_str, ":");
468 if (!acl_str) {
469 return -1;
470 }
471
472 if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
473 acl_str = talloc_asprintf_append(acl_str, "D,");
474 if (!acl_str) {
475 return -1;
476 }
477 } else {
478 if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
479 acl_str = talloc_asprintf_append(acl_str, "F,");
480 } else {
481 acl_str = talloc_asprintf_append(acl_str, "R,");
482 }
483 if (!acl_str) {
484 return -1;
485 }
486 }
487 }
488
489 /* NOTE: This is smb.conf-like output. Do not translate. */
490 if (pi->op == US_INFO_OP) {
491 d_printf("[%s]\n", cp_sharename );
492 d_printf("path=%s\n", sharepath );
493 d_printf("comment=%s\n", comment);
494 d_printf("%s\n", acl_str);
495 d_printf("guest_ok=%c\n\n", guest_ok ? 'y' : 'n');
496 } else if (pi->op == US_LIST_OP) {
497 d_printf("%s\n", cp_sharename);
498 }
499
500 return 0;
501 }
502
503 /***************************************************************************
504 Print out info (internal detail) on userlevel shares.
505 ***************************************************************************/
506
507 static int net_usershare_info(struct net_context *c, int argc, const char **argv)
508 {
509 fstring wcard;
510 bool only_ours = true;
511 int ret = -1;
512 struct us_priv_info pi;
513 TALLOC_CTX *ctx;
514
515 fstrcpy(wcard, "*");
516
517 if (c->display_usage)
518 return net_usershare_info_usage(c, argc, argv);
519
520 if (c->opt_long_list_entries) {
521 only_ours = false;
522 }
523
524 switch (argc) {
525 case 0:
526 break;
527 case 1:
528 fstrcpy(wcard, argv[0]);
529 break;
530 default:
531 return net_usershare_info_usage(c, argc, argv);
532 }
533
534 if (!strlower_m(wcard)) {
535 return -1;
536 }
537
538 ctx = talloc_init("share_info");
539 ret = get_share_list(ctx, wcard, only_ours);
540 if (ret) {
541 return ret;
542 }
543
544 pi.ctx = ctx;
545 pi.op = US_INFO_OP;
546 pi.c = c;
547
548 ret = process_share_list(info_fn, &pi);
549 talloc_destroy(ctx);
550 return ret;
551 }
552
553 /***************************************************************************
554 Count the current total number of usershares.
555 ***************************************************************************/
556
557 static int count_num_usershares(void)
558 {
559 DIR *dp;
560 struct dirent *de;
561 int num_usershares = 0;
562 TALLOC_CTX *ctx = talloc_tos();
563 char *basepath = get_basepath(ctx);
564
565 if (!basepath) {
566 return -1;
567 }
568
569 dp = opendir(basepath);
570 if (!dp) {
571 d_fprintf(stderr,
572 _("count_num_usershares: cannot open usershare "
573 "directory %s. Error %s\n"),
574 basepath, strerror(errno) );
575 return -1;
576 }
577
578 while((de = readdir(dp)) != 0) {
579 SMB_STRUCT_STAT sbuf;
580 char *path;
581 const char *n = de->d_name;
582
583 /* Ignore . and .. */
584 if (*n == '.') {
585 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
586 continue;
587 }
588 }
589
590 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
591 d_fprintf(stderr,
592 _("count_num_usershares: ignoring bad share "
593 "name %s\n"), n);
594 continue;
595 }
596 path = talloc_asprintf(ctx,
597 "%s/%s",
598 basepath,
599 n);
600 if (!path) {
601 closedir(dp);
602 return -1;
603 }
604
605 if (sys_lstat(path, &sbuf, false) != 0) {
606 d_fprintf(stderr,
607 _("count_num_usershares: can't lstat file %s. "
608 "Error was %s\n"),
609 path, strerror(errno) );
610 continue;
611 }
612
613 if (!S_ISREG(sbuf.st_ex_mode)) {
614 d_fprintf(stderr,
615 _("count_num_usershares: file %s is not a "
616 "regular file. Ignoring.\n"),
617 path );
618 continue;
619 }
620 num_usershares++;
621 }
622
623 closedir(dp);
624 return num_usershares;
625 }
626
627 /***************************************************************************
628 Add a single userlevel share.
629 ***************************************************************************/
630
631 static int net_usershare_add(struct net_context *c, int argc, const char **argv)
632 {
633 TALLOC_CTX *ctx = talloc_stackframe();
634 SMB_STRUCT_STAT sbuf;
635 SMB_STRUCT_STAT lsbuf;
636 char *sharename;
637 const char *cp_sharename;
638 char *full_path;
639 char *full_path_tmp;
640 const char *us_path;
641 const char *us_comment;
642 const char *arg_acl;
643 char *us_acl;
644 char *file_img;
645 int num_aces = 0;
646 int i;
647 int tmpfd;
648 const char *pacl;
649 size_t to_write;
650 uid_t myeuid = geteuid();
651 bool guest_ok = false;
652 int num_usershares;
653 mode_t mask;
654
655 us_comment = "";
656 arg_acl = "S-1-1-0:R";
657
658 if (c->display_usage) {
659 TALLOC_FREE(ctx);
660 return net_usershare_add_usage(c, argc, argv);
661 }
662
663 switch (argc) {
664 case 0:
665 case 1:
666 default:
667 TALLOC_FREE(ctx);
668 return net_usershare_add_usage(c, argc, argv);
669 case 2:
670 cp_sharename = argv[0];
671 sharename = strlower_talloc(ctx, argv[0]);
672 us_path = argv[1];
673 break;
674 case 3:
675 cp_sharename = argv[0];
676 sharename = strlower_talloc(ctx, argv[0]);
677 us_path = argv[1];
678 us_comment = argv[2];
679 break;
680 case 4:
681 cp_sharename = argv[0];
682 sharename = strlower_talloc(ctx, argv[0]);
683 us_path = argv[1];
684 us_comment = argv[2];
685 arg_acl = argv[3];
686 break;
687 case 5:
688 cp_sharename = argv[0];
689 sharename = strlower_talloc(ctx, argv[0]);
690 us_path = argv[1];
691 us_comment = argv[2];
692 arg_acl = argv[3];
693 if (strlen(arg_acl) == 0) {
694 arg_acl = "S-1-1-0:R";
695 }
696 if (!strnequal(argv[4], "guest_ok=", 9)) {
697 TALLOC_FREE(ctx);
698 return net_usershare_add_usage(c, argc, argv);
699 }
700 switch (argv[4][9]) {
701 case 'y':
702 case 'Y':
703 guest_ok = true;
704 break;
705 case 'n':
706 case 'N':
707 guest_ok = false;
708 break;
709 default:
710 TALLOC_FREE(ctx);
711 return net_usershare_add_usage(c, argc, argv);
712 }
713 break;
714 }
715
716 /* Ensure we're under the "usershare max shares" number. Advisory only. */
717 num_usershares = count_num_usershares();
718 if (num_usershares >= lp_usershare_max_shares()) {
719 d_fprintf(stderr,
720 _("net usershare add: maximum number of allowed "
721 "usershares (%d) reached\n"),
722 lp_usershare_max_shares() );
723 TALLOC_FREE(ctx);
724 return -1;
725 }
726
727 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
728 d_fprintf(stderr, _("net usershare add: share name %s contains "
729 "invalid characters (any of %s)\n"),
730 sharename, INVALID_SHARENAME_CHARS);
731 TALLOC_FREE(ctx);
732 return -1;
733 }
734
735 /* Disallow shares the same as users. */
736 if (getpwnam(sharename)) {
737 d_fprintf(stderr,
738 _("net usershare add: share name %s is already a valid "
739 "system user name\n"),
740 sharename );
741 TALLOC_FREE(ctx);
742 return -1;
743 }
744
745 /* Construct the full path for the usershare file. */
746 full_path = get_basepath(ctx);
747 if (!full_path) {
748 TALLOC_FREE(ctx);
749 return -1;
750 }
751 full_path_tmp = talloc_asprintf(ctx,
752 "%s/:tmpXXXXXX",
753 full_path);
754 if (!full_path_tmp) {
755 TALLOC_FREE(ctx);
756 return -1;
757 }
758
759 full_path = talloc_asprintf_append(full_path,
760 "/%s",
761 sharename);
762 if (!full_path) {
763 TALLOC_FREE(ctx);
764 return -1;
765 }
766
767 /* The path *must* be absolute. */
768 if (us_path[0] != '/') {
769 d_fprintf(stderr,
770 _("net usershare add: path %s is not an absolute "
771 "path.\n"),
772 us_path);
773 TALLOC_FREE(ctx);
774 return -1;
775 }
776
777 /* Check the directory to be shared exists. */
778 if (sys_stat(us_path, &sbuf, false) != 0) {
779 d_fprintf(stderr,
780 _("net usershare add: cannot stat path %s to ensure "
781 "this is a directory. Error was %s\n"),
782 us_path, strerror(errno) );
783 TALLOC_FREE(ctx);
784 return -1;
785 }
786
787 if (!S_ISDIR(sbuf.st_ex_mode)) {
788 d_fprintf(stderr,
789 _("net usershare add: path %s is not a directory.\n"),
790 us_path );
791 TALLOC_FREE(ctx);
792 return -1;
793 }
794
795 /* If we're not root, check if we're restricted to sharing out directories
796 that we own only. */
797
798 if ((myeuid != 0) && lp_usershare_owner_only() && (myeuid != sbuf.st_ex_uid)) {
799 d_fprintf(stderr, _("net usershare add: cannot share path %s as "
800 "we are restricted to only sharing directories we own.\n"
801 "\tAsk the administrator to add the line \"usershare owner only = false\" \n"
802 "\tto the [global] section of the smb.conf to allow this.\n"),
803 us_path );
804 TALLOC_FREE(ctx);
805 return -1;
806 }
807
808 /* No validation needed on comment. Now go through and validate the
809 acl string. Convert names to SID's as needed. Then run it through
810 parse_usershare_acl to ensure it's valid. */
811
812 /* Start off the string we'll append to. */
813 us_acl = talloc_strdup(ctx, "");
814 if (!us_acl) {
815 TALLOC_FREE(ctx);
816 return -1;
817 }
818
819 pacl = arg_acl;
820 num_aces = 1;
821
822 /* Add the number of ',' characters to get the number of aces. */
823 num_aces += count_chars(pacl,',');
824
825 for (i = 0; i < num_aces; i++) {
826 struct dom_sid sid;
827 struct dom_sid_buf buf;
828 const char *pcolon = strchr_m(pacl, ':');
829 const char *name;
830
831 if (pcolon == NULL) {
832 d_fprintf(stderr,
833 _("net usershare add: malformed acl %s "
834 "(missing ':').\n"),
835 pacl );
836 TALLOC_FREE(ctx);
837 return -1;
838 }
839
840 switch(pcolon[1]) {
841 case 'f':
842 case 'F':
843 case 'd':
844 case 'r':
845 case 'R':
846 break;
847 default:
848 d_fprintf(stderr,
849 _("net usershare add: malformed acl %s "
850 "(access control must be 'r', 'f', "
851 "or 'd')\n"),
852 pacl );
853 TALLOC_FREE(ctx);
854 return -1;
855 }
856
857 if (pcolon[2] != ',' && pcolon[2] != '\0') {
858 d_fprintf(stderr,
859 _("net usershare add: malformed terminating "
860 "character for acl %s\n"),
861 pacl );
862 TALLOC_FREE(ctx);
863 return -1;
864 }
865
866 /* Get the name */
867 if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
868 d_fprintf(stderr, _("talloc_strndup failed\n"));
869 TALLOC_FREE(ctx);
870 return -1;
871 }
872 if (!string_to_sid(&sid, name)) {
873 /* Convert to a SID */
874 NTSTATUS ntstatus = net_lookup_sid_from_name(c, ctx, name, &sid);
875 if (!NT_STATUS_IS_OK(ntstatus)) {
876 d_fprintf(stderr,
877 _("net usershare add: cannot convert "
878 "name \"%s\" to a SID. %s."),
879 name, get_friendly_nt_error_msg(ntstatus) );
880 if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_CONNECTION_REFUSED)) {
881 d_fprintf(stderr,
882 _(" Maybe smbd is not running.\n"));
883 } else {
884 d_fprintf(stderr, "\n");
885 }
886 TALLOC_FREE(ctx);
887 return -1;
888 }
889 }
890 us_acl = talloc_asprintf_append(
891 us_acl,
892 "%s:%c,",
893 dom_sid_str_buf(&sid, &buf),
894 pcolon[1]);
895 if (us_acl == NULL) {
896 d_fprintf(stderr,
897 _("net usershare add: talloc_asprintf_append() failed\n"));
898 TALLOC_FREE(ctx);
899 return -1;
900 }
901
902 /* Move to the next ACL entry. */
903 if (pcolon[2] == ',') {
904 pacl = &pcolon[3];
905 }
906 }
907
908 /* Remove the last ',' */
909 us_acl[strlen(us_acl)-1] = '\0';
910
911 if (guest_ok && !lp_usershare_allow_guests()) {
912 d_fprintf(stderr, _("net usershare add: guest_ok=y requested "
913 "but the \"usershare allow guests\" parameter is not "
914 "enabled by this server.\n"));
915 TALLOC_FREE(ctx);
916 return -1;
917 }
918
919 /* Create a temporary filename for this share. */
920 mask = umask(S_IRWXO | S_IRWXG);
921 tmpfd = mkstemp(full_path_tmp);
922 umask(mask);
923
924 if (tmpfd == -1) {
925 d_fprintf(stderr,
926 _("net usershare add: cannot create tmp file %s\n"),
927 full_path_tmp );
928 TALLOC_FREE(ctx);
929 return -1;
930 }
931
932 /* Ensure we opened the file we thought we did. */
933 if (sys_lstat(full_path_tmp, &lsbuf, false) != 0) {
934 d_fprintf(stderr,
935 _("net usershare add: cannot lstat tmp file %s\n"),
936 full_path_tmp );
937 TALLOC_FREE(ctx);
938 close(tmpfd);
939 return -1;
940 }
941
942 /* Check this is the same as the file we opened. */
943 if (sys_fstat(tmpfd, &sbuf, false) != 0) {
944 d_fprintf(stderr,
945 _("net usershare add: cannot fstat tmp file %s\n"),
946 full_path_tmp );
947 TALLOC_FREE(ctx);
948 close(tmpfd);
949 return -1;
950 }
951
952 if (!S_ISREG(sbuf.st_ex_mode) || sbuf.st_ex_dev != lsbuf.st_ex_dev || sbuf.st_ex_ino != lsbuf.st_ex_ino) {
953 d_fprintf(stderr,
954 _("net usershare add: tmp file %s is not a regular "
955 "file ?\n"),
956 full_path_tmp );
957 TALLOC_FREE(ctx);
958 close(tmpfd);
959 return -1;
960 }
961
962 if (fchmod(tmpfd, 0644) == -1) {
963 d_fprintf(stderr,
964 _("net usershare add: failed to fchmod tmp file %s "
965 "to 0644\n"),
966 full_path_tmp );
967 TALLOC_FREE(ctx);
968 close(tmpfd);
969 return -1;
970 }
971
972 /* Create the in-memory image of the file. */
973 file_img = talloc_strdup(ctx, "#VERSION 2\npath=");
974 if (file_img == NULL) {
975 d_fprintf(stderr,
976 _("net usershare add: talloc_strdup() failed\n"));
977 TALLOC_FREE(ctx);
978 close(tmpfd);
979 return -1;
980 }
981 file_img = talloc_asprintf_append(file_img,
982 "%s\ncomment=%s\nusershare_acl=%s\n"
983 "guest_ok=%c\nsharename=%s\n",
984 us_path,
985 us_comment,
986 us_acl,
987 guest_ok ? 'y' : 'n',
988 cp_sharename);
989 if (file_img == NULL) {
990 d_fprintf(stderr,
991 _("net usershare add: talloc_asprintf_append() failed\n"));
992 TALLOC_FREE(ctx);
993 close(tmpfd);
994 return -1;
995 }
996
997 to_write = strlen(file_img);
998
999 if (write(tmpfd, file_img, to_write) != to_write) {
1000 d_fprintf(stderr,
1001 _("net usershare add: failed to write %u bytes to "
1002 "file %s. Error was %s\n"),
1003 (unsigned int)to_write, full_path_tmp, strerror(errno));
1004 unlink(full_path_tmp);
1005 TALLOC_FREE(ctx);
1006 close(tmpfd);
1007 return -1;
1008 }
1009
1010 /* Attempt to replace any existing share by this name. */
1011 if (rename(full_path_tmp, full_path) != 0) {
1012 unlink(full_path_tmp);
1013 d_fprintf(stderr,
1014 _("net usershare add: failed to add share %s. Error "
1015 "was %s\n"),
1016 sharename, strerror(errno));
1017 TALLOC_FREE(ctx);
1018 close(tmpfd);
1019 return -1;
1020 }
1021
1022 close(tmpfd);
1023
1024 if (c->opt_long_list_entries) {
1025 const char *my_argv[2];
1026 my_argv[0] = sharename;
1027 my_argv[1] = NULL;
1028 net_usershare_info(c, 1, my_argv);
1029 }
1030
1031 TALLOC_FREE(ctx);
1032 return 0;
1033 }
1034
1035 #if 0
1036 /***************************************************************************
1037 List function.
1038 ***************************************************************************/
1039
1040 static int list_fn(struct file_list *fl, void *priv)
1041 {
1042 d_printf("%s\n", fl->pathname);
1043 return 0;
1044 }
1045 #endif
1046
1047 /***************************************************************************
1048 List userlevel shares.
1049 ***************************************************************************/
1050
1051 static int net_usershare_list(struct net_context *c, int argc,
1052 const char **argv)
1053 {
1054 fstring wcard;
1055 bool only_ours = true;
1056 int ret = -1;
1057 struct us_priv_info pi;
1058 TALLOC_CTX *ctx;
1059
1060 fstrcpy(wcard, "*");
1061
1062 if (c->display_usage)
1063 return net_usershare_list_usage(c, argc, argv);
1064
1065 if (c->opt_long_list_entries) {
1066 only_ours = false;
1067 }
1068
1069 switch (argc) {
1070 case 0:
1071 break;
1072 case 1:
1073 fstrcpy(wcard, argv[0]);
1074 break;
1075 default:
1076 return net_usershare_list_usage(c, argc, argv);
1077 }
1078
1079 if (!strlower_m(wcard)) {
1080 return -1;
1081 }
1082
1083 ctx = talloc_init("share_list");
1084 ret = get_share_list(ctx, wcard, only_ours);
1085 if (ret) {
1086 return ret;
1087 }
1088
1089 pi.ctx = ctx;
1090 pi.op = US_LIST_OP;
1091 pi.c = c;
1092
1093 ret = process_share_list(info_fn, &pi);
1094 talloc_destroy(ctx);
1095 return ret;
1096 }
1097
1098 /***************************************************************************
1099 Entry-point for all the USERSHARE functions.
1100 ***************************************************************************/
1101
1102 int net_usershare(struct net_context *c, int argc, const char **argv)
1103 {
1104 const struct loadparm_substitution *lp_sub =
1105 loadparm_s3_global_substitution();
1106 DIR *dp;
1107
1108 struct functable func[] = {
1109 {
1110 "add",
1111 net_usershare_add,
1112 NET_TRANSPORT_LOCAL,
1113 N_("Add/modify user defined share"),
1114 N_("net usershare add\n"
1115 " Add/modify user defined share")
1116 },
1117 {
1118 "delete",
1119 net_usershare_delete,
1120 NET_TRANSPORT_LOCAL,
1121 N_("Delete user defined share"),
1122 N_("net usershare delete\n"
1123 " Delete user defined share")
1124 },
1125 {
1126 "info",
1127 net_usershare_info,
1128 NET_TRANSPORT_LOCAL,
1129 N_("Display information about a user defined share"),
1130 N_("net usershare info\n"
1131 " Display information about a user defined share")
1132 },
1133 {
1134 "list",
1135 net_usershare_list,
1136 NET_TRANSPORT_LOCAL,
1137 N_("List user defined shares"),
1138 N_("net usershare list\n"
1139 " List user defined shares")
1140 },
1141 {NULL, NULL, 0, NULL, NULL}
1142 };
1143
1144 if (lp_usershare_max_shares() == 0) {
1145 d_fprintf(stderr,
1146 _("net usershare: usershares are currently "
1147 "disabled\n"));
1148 return -1;
1149 }
1150
1151 dp = opendir(lp_usershare_path(talloc_tos(), lp_sub));
1152 if (!dp) {
1153 int err = errno;
1154 d_fprintf(stderr,
1155 _("net usershare: cannot open usershare directory %s. "
1156 "Error %s\n"),
1157 lp_usershare_path(talloc_tos(), lp_sub), strerror(err) );
1158 if (err == EACCES) {
1159 d_fprintf(stderr,
1160 _("You do not have permission to create a "
1161 "usershare. Ask your administrator to grant "
1162 "you permissions to create a share.\n"));
1163 } else if (err == ENOENT) {
1164 d_fprintf(stderr,
1165 _("Please ask your system administrator to "
1166 "enable user sharing.\n"));
1167 }
1168 return -1;
1169 }
1170 closedir(dp);
1171
1172 return net_run_function(c, argc, argv, "net usershare", func);
1173 }
Samba GIT mirror