search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
WHATSNEW: Update changed parameters.
[Samba/gebeck_regimport.git] / source3 / utils / net_usershare.c
blob61b2caa606a3384dde467be08ddac5e95789be27
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4
5 Copyright (C) Jeremy Allison (jra@samba.org) 2005
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "utils/net.h"
23 #include "../libcli/security/security.h"
24
25 struct {
26 const char *us_errstr;
27 enum usershare_err us_err;
28 } us_errs [] = {
29 {"",USERSHARE_OK},
30 {N_("Malformed usershare file"), USERSHARE_MALFORMED_FILE},
31 {N_("Bad version number"), USERSHARE_BAD_VERSION},
32 {N_("Malformed path entry"), USERSHARE_MALFORMED_PATH},
33 {N_("Malformed comment entryfile"), USERSHARE_MALFORMED_COMMENT_DEF},
34 {N_("Malformed acl definition"), USERSHARE_MALFORMED_ACL_DEF},
35 {N_("Acl parse error"), USERSHARE_ACL_ERR},
36 {N_("Path not absolute"), USERSHARE_PATH_NOT_ABSOLUTE},
37 {N_("Path is denied"), USERSHARE_PATH_IS_DENIED},
38 {N_("Path not allowed"), USERSHARE_PATH_NOT_ALLOWED},
39 {N_("Path is not a directory"), USERSHARE_PATH_NOT_DIRECTORY},
40 {N_("System error"), USERSHARE_POSIX_ERR},
41 {N_("Malformed sharename definition"), USERSHARE_MALFORMED_SHARENAME_DEF},
42 {N_("Bad sharename (doesn't match filename)"), USERSHARE_BAD_SHARENAME},
43 {NULL,(enum usershare_err)-1}
44 };
45
46 static const char *get_us_error_code(enum usershare_err us_err)
47 {
48 char *result;
49 int idx = 0;
50
51 while (us_errs[idx].us_errstr != NULL) {
52 if (us_errs[idx].us_err == us_err) {
53 return us_errs[idx].us_errstr;
54 }
55 idx++;
56 }
57
58 result = talloc_asprintf(talloc_tos(), _("Usershare error code (0x%x)"),
59 (unsigned int)us_err);
60 SMB_ASSERT(result != NULL);
61 return result;
62 }
63
64 /* The help subsystem for the USERSHARE subcommand */
65
66 static int net_usershare_add_usage(struct net_context *c, int argc, const char **argv)
67 {
68 char chr = *lp_winbind_separator();
69 d_printf(_(
70 "net usershare add [-l|--long] <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>]\n"
71 "\tAdds the specified share name for this user.\n"
72 "\t<sharename> is the new share name.\n"
73 "\t<path> is the path on the filesystem to export.\n"
74 "\t<comment> is the optional comment for the new share.\n"
75 "\t<acl> is an optional share acl in the format \"DOMAIN%cname:X,DOMAIN%cname:X,....\"\n"
76 "\t<guest_ok=y> if present sets \"guest ok = yes\" on this usershare.\n"
77 "\t\t\"X\" represents a permission and can be any one of the characters f, r or d\n"
78 "\t\twhere \"f\" means full control, \"r\" means read-only, \"d\" means deny access.\n"
79 "\t\tname may be a domain user or group. For local users use the local server name "
80 "instead of \"DOMAIN\"\n"
81 "\t\tThe default acl is \"Everyone:r\" which allows everyone read-only access.\n"
82 "\tAdd -l or --long to print the info on the newly added share.\n"),
83 chr, chr );
84 return -1;
85 }
86
87 static int net_usershare_delete_usage(struct net_context *c, int argc, const char **argv)
88 {
89 d_printf(_(
90 "net usershare delete <sharename>\n"
91 "\tdeletes the specified share name for this user.\n"));
92 return -1;
93 }
94
95 static int net_usershare_info_usage(struct net_context *c, int argc, const char **argv)
96 {
97 d_printf(_(
98 "net usershare info [-l|--long] [wildcard sharename]\n"
99 "\tPrints out the path, comment and acl elements of shares that match the wildcard.\n"
100 "\tBy default only gives info on shares owned by the current user\n"
101 "\tAdd -l or --long to apply this to all shares\n"
102 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
103 return -1;
104 }
105
106 static int net_usershare_list_usage(struct net_context *c, int argc, const char **argv)
107 {
108 d_printf(_(
109 "net usershare list [-l|--long] [wildcard sharename]\n"
110 "\tLists the names of all shares that match the wildcard.\n"
111 "\tBy default only lists shares owned by the current user\n"
112 "\tAdd -l or --long to apply this to all shares\n"
113 "\tOmit the sharename or use a wildcard of '*' to see all shares\n"));
114 return -1;
115 }
116
117 int net_usershare_usage(struct net_context *c, int argc, const char **argv)
118 {
119 d_printf(_("net usershare add <sharename> <path> [<comment>] [<acl>] [<guest_ok=[y|n]>] to "
120 "add or change a user defined share.\n"
121 "net usershare delete <sharename> to delete a user defined share.\n"
122 "net usershare info [-l|--long] [wildcard sharename] to print info about a user defined share.\n"
123 "net usershare list [-l|--long] [wildcard sharename] to list user defined shares.\n"
124 "net usershare help\n"
125 "\nType \"net usershare help <option>\" to get more information on that option\n\n"));
126
127 net_common_flags_usage(c, argc, argv);
128 return -1;
129 }
130
131 /***************************************************************************
132 ***************************************************************************/
133
134 static char *get_basepath(TALLOC_CTX *ctx)
135 {
136 char *basepath = talloc_strdup(ctx, lp_usershare_path());
137
138 if (!basepath) {
139 return NULL;
140 }
141 if ((basepath[0] != '\0') && (basepath[strlen(basepath)-1] == '/')) {
142 basepath[strlen(basepath)-1] = '\0';
143 }
144 return basepath;
145 }
146
147 /***************************************************************************
148 Delete a single userlevel share.
149 ***************************************************************************/
150
151 static int net_usershare_delete(struct net_context *c, int argc, const char **argv)
152 {
153 char *us_path;
154 char *sharename;
155
156 if (argc != 1 || c->display_usage) {
157 return net_usershare_delete_usage(c, argc, argv);
158 }
159
160 if ((sharename = strlower_talloc(talloc_tos(), argv[0])) == NULL) {
161 d_fprintf(stderr, _("strlower_talloc failed\n"));
162 return -1;
163 }
164
165 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
166 d_fprintf(stderr, _("net usershare delete: share name %s contains "
167 "invalid characters (any of %s)\n"),
168 sharename, INVALID_SHARENAME_CHARS);
169 TALLOC_FREE(sharename);
170 return -1;
171 }
172
173 us_path = talloc_asprintf(talloc_tos(),
174 "%s/%s",
175 lp_usershare_path(),
176 sharename);
177 if (!us_path) {
178 TALLOC_FREE(sharename);
179 return -1;
180 }
181
182 if (unlink(us_path) != 0) {
183 d_fprintf(stderr, _("net usershare delete: unable to remove usershare %s. "
184 "Error was %s\n"),
185 us_path, strerror(errno));
186 TALLOC_FREE(sharename);
187 return -1;
188 }
189 TALLOC_FREE(sharename);
190 return 0;
191 }
192
193 /***************************************************************************
194 Data structures to handle a list of usershare files.
195 ***************************************************************************/
196
197 struct file_list {
198 struct file_list *next, *prev;
199 const char *pathname;
200 };
201
202 static struct file_list *flist;
203
204 /***************************************************************************
205 ***************************************************************************/
206
207 static int get_share_list(TALLOC_CTX *ctx, const char *wcard, bool only_ours)
208 {
209 SMB_STRUCT_DIR *dp;
210 SMB_STRUCT_DIRENT *de;
211 uid_t myuid = geteuid();
212 struct file_list *fl = NULL;
213 char *basepath = get_basepath(ctx);
214
215 if (!basepath) {
216 return -1;
217 }
218 dp = sys_opendir(basepath);
219 if (!dp) {
220 d_fprintf(stderr,
221 _("get_share_list: cannot open usershare directory %s. "
222 "Error %s\n"),
223 basepath, strerror(errno) );
224 return -1;
225 }
226
227 while((de = sys_readdir(dp)) != 0) {
228 SMB_STRUCT_STAT sbuf;
229 char *path;
230 const char *n = de->d_name;
231
232 /* Ignore . and .. */
233 if (*n == '.') {
234 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
235 continue;
236 }
237 }
238
239 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
240 d_fprintf(stderr,
241 _("get_share_list: ignoring bad share "
242 "name %s\n"), n);
243 continue;
244 }
245 path = talloc_asprintf(ctx,
246 "%s/%s",
247 basepath,
248 n);
249 if (!path) {
250 sys_closedir(dp);
251 return -1;
252 }
253
254 if (sys_lstat(path, &sbuf, false) != 0) {
255 d_fprintf(stderr,
256 _("get_share_list: can't lstat file %s. Error "
257 "was %s\n"),
258 path, strerror(errno) );
259 continue;
260 }
261
262 if (!S_ISREG(sbuf.st_ex_mode)) {
263 d_fprintf(stderr,
264 _("get_share_list: file %s is not a regular "
265 "file. Ignoring.\n"),
266 path );
267 continue;
268 }
269
270 if (only_ours && sbuf.st_ex_uid != myuid) {
271 continue;
272 }
273
274 if (!unix_wild_match(wcard, n)) {
275 continue;
276 }
277
278 /* (Finally) - add to list. */
279 fl = TALLOC_P(ctx, struct file_list);
280 if (!fl) {
281 sys_closedir(dp);
282 return -1;
283 }
284 fl->pathname = talloc_strdup(ctx, n);
285 if (!fl->pathname) {
286 sys_closedir(dp);
287 return -1;
288 }
289
290 DLIST_ADD(flist, fl);
291 }
292
293 sys_closedir(dp);
294 return 0;
295 }
296
297 enum us_priv_op { US_LIST_OP, US_INFO_OP};
298
299 struct us_priv_info {
300 TALLOC_CTX *ctx;
301 enum us_priv_op op;
302 struct net_context *c;
303 };
304
305 /***************************************************************************
306 Call a function for every share on the list.
307 ***************************************************************************/
308
309 static int process_share_list(int (*fn)(struct file_list *, void *), void *priv)
310 {
311 struct file_list *fl;
312 int ret = 0;
313
314 for (fl = flist; fl; fl = fl->next) {
315 ret = (*fn)(fl, priv);
316 }
317
318 return ret;
319 }
320
321 /***************************************************************************
322 Info function.
323 ***************************************************************************/
324
325 static int info_fn(struct file_list *fl, void *priv)
326 {
327 SMB_STRUCT_STAT sbuf;
328 char **lines = NULL;
329 struct us_priv_info *pi = (struct us_priv_info *)priv;
330 TALLOC_CTX *ctx = pi->ctx;
331 struct net_context *c = pi->c;
332 int fd = -1;
333 int numlines = 0;
334 struct security_descriptor *psd = NULL;
335 char *basepath;
336 char *sharepath = NULL;
337 char *comment = NULL;
338 char *cp_sharename = NULL;
339 char *acl_str;
340 int num_aces;
341 char sep_str[2];
342 enum usershare_err us_err;
343 bool guest_ok = false;
344
345 sep_str[0] = *lp_winbind_separator();
346 sep_str[1] = '\0';
347
348 basepath = get_basepath(ctx);
349 if (!basepath) {
350 return -1;
351 }
352 basepath = talloc_asprintf_append(basepath,
353 "/%s",
354 fl->pathname);
355 if (!basepath) {
356 return -1;
357 }
358
359 #ifdef O_NOFOLLOW
360 fd = sys_open(basepath, O_RDONLY|O_NOFOLLOW, 0);
361 #else
362 fd = sys_open(basepath, O_RDONLY, 0);
363 #endif
364
365 if (fd == -1) {
366 d_fprintf(stderr, _("info_fn: unable to open %s. %s\n"),
367 basepath, strerror(errno) );
368 return -1;
369 }
370
371 /* Paranoia... */
372 if (sys_fstat(fd, &sbuf, false) != 0) {
373 d_fprintf(stderr,
374 _("info_fn: can't fstat file %s. Error was %s\n"),
375 basepath, strerror(errno) );
376 close(fd);
377 return -1;
378 }
379
380 if (!S_ISREG(sbuf.st_ex_mode)) {
381 d_fprintf(stderr,
382 _("info_fn: file %s is not a regular file. Ignoring.\n"),
383 basepath );
384 close(fd);
385 return -1;
386 }
387
388 lines = fd_lines_load(fd, &numlines, 10240, NULL);
389 close(fd);
390
391 if (lines == NULL) {
392 return -1;
393 }
394
395 /* Ensure it's well formed. */
396 us_err = parse_usershare_file(ctx, &sbuf, fl->pathname, -1, lines, numlines,
397 &sharepath,
398 &comment,
399 &cp_sharename,
400 &psd,
401 &guest_ok);
402
403 TALLOC_FREE(lines);
404
405 if (us_err != USERSHARE_OK) {
406 d_fprintf(stderr,
407 _("info_fn: file %s is not a well formed usershare "
408 "file.\n"),
409 basepath );
410 d_fprintf(stderr, _("info_fn: Error was %s.\n"),
411 get_us_error_code(us_err) );
412 return -1;
413 }
414
415 acl_str = talloc_strdup(ctx, "usershare_acl=");
416 if (!acl_str) {
417 return -1;
418 }
419
420 for (num_aces = 0; num_aces < psd->dacl->num_aces; num_aces++) {
421 const char *domain;
422 const char *name;
423 NTSTATUS ntstatus;
424
425 ntstatus = net_lookup_name_from_sid(c, ctx,
426 &psd->dacl->aces[num_aces].trustee,
427 &domain, &name);
428
429 if (NT_STATUS_IS_OK(ntstatus)) {
430 if (domain && *domain) {
431 acl_str = talloc_asprintf_append(acl_str,
432 "%s%s",
433 domain,
434 sep_str);
435 if (!acl_str) {
436 return -1;
437 }
438 }
439 acl_str = talloc_asprintf_append(acl_str,
440 "%s",
441 name);
442 if (!acl_str) {
443 return -1;
444 }
445
446 } else {
447 fstring sidstr;
448 sid_to_fstring(sidstr,
449 &psd->dacl->aces[num_aces].trustee);
450 acl_str = talloc_asprintf_append(acl_str,
451 "%s",
452 sidstr);
453 if (!acl_str) {
454 return -1;
455 }
456 }
457 acl_str = talloc_asprintf_append(acl_str, ":");
458 if (!acl_str) {
459 return -1;
460 }
461
462 if (psd->dacl->aces[num_aces].type == SEC_ACE_TYPE_ACCESS_DENIED) {
463 acl_str = talloc_asprintf_append(acl_str, "D,");
464 if (!acl_str) {
465 return -1;
466 }
467 } else {
468 if (psd->dacl->aces[num_aces].access_mask & GENERIC_ALL_ACCESS) {
469 acl_str = talloc_asprintf_append(acl_str, "F,");
470 } else {
471 acl_str = talloc_asprintf_append(acl_str, "R,");
472 }
473 if (!acl_str) {
474 return -1;
475 }
476 }
477 }
478
479 /* NOTE: This is smb.conf-like output. Do not translate. */
480 if (pi->op == US_INFO_OP) {
481 d_printf("[%s]\n", cp_sharename );
482 d_printf("path=%s\n", sharepath );
483 d_printf("comment=%s\n", comment);
484 d_printf("%s\n", acl_str);
485 d_printf("guest_ok=%c\n\n", guest_ok ? 'y' : 'n');
486 } else if (pi->op == US_LIST_OP) {
487 d_printf("%s\n", cp_sharename);
488 }
489
490 return 0;
491 }
492
493 /***************************************************************************
494 Print out info (internal detail) on userlevel shares.
495 ***************************************************************************/
496
497 static int net_usershare_info(struct net_context *c, int argc, const char **argv)
498 {
499 fstring wcard;
500 bool only_ours = true;
501 int ret = -1;
502 struct us_priv_info pi;
503 TALLOC_CTX *ctx;
504
505 fstrcpy(wcard, "*");
506
507 if (c->display_usage)
508 return net_usershare_info_usage(c, argc, argv);
509
510 if (c->opt_long_list_entries) {
511 only_ours = false;
512 }
513
514 switch (argc) {
515 case 0:
516 break;
517 case 1:
518 fstrcpy(wcard, argv[0]);
519 break;
520 default:
521 return net_usershare_info_usage(c, argc, argv);
522 }
523
524 strlower_m(wcard);
525
526 ctx = talloc_init("share_info");
527 ret = get_share_list(ctx, wcard, only_ours);
528 if (ret) {
529 return ret;
530 }
531
532 pi.ctx = ctx;
533 pi.op = US_INFO_OP;
534 pi.c = c;
535
536 ret = process_share_list(info_fn, &pi);
537 talloc_destroy(ctx);
538 return ret;
539 }
540
541 /***************************************************************************
542 Count the current total number of usershares.
543 ***************************************************************************/
544
545 static int count_num_usershares(void)
546 {
547 SMB_STRUCT_DIR *dp;
548 SMB_STRUCT_DIRENT *de;
549 int num_usershares = 0;
550 TALLOC_CTX *ctx = talloc_tos();
551 char *basepath = get_basepath(ctx);
552
553 if (!basepath) {
554 return -1;
555 }
556
557 dp = sys_opendir(basepath);
558 if (!dp) {
559 d_fprintf(stderr,
560 _("count_num_usershares: cannot open usershare "
561 "directory %s. Error %s\n"),
562 basepath, strerror(errno) );
563 return -1;
564 }
565
566 while((de = sys_readdir(dp)) != 0) {
567 SMB_STRUCT_STAT sbuf;
568 char *path;
569 const char *n = de->d_name;
570
571 /* Ignore . and .. */
572 if (*n == '.') {
573 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
574 continue;
575 }
576 }
577
578 if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) {
579 d_fprintf(stderr,
580 _("count_num_usershares: ignoring bad share "
581 "name %s\n"), n);
582 continue;
583 }
584 path = talloc_asprintf(ctx,
585 "%s/%s",
586 basepath,
587 n);
588 if (!path) {
589 sys_closedir(dp);
590 return -1;
591 }
592
593 if (sys_lstat(path, &sbuf, false) != 0) {
594 d_fprintf(stderr,
595 _("count_num_usershares: can't lstat file %s. "
596 "Error was %s\n"),
597 path, strerror(errno) );
598 continue;
599 }
600
601 if (!S_ISREG(sbuf.st_ex_mode)) {
602 d_fprintf(stderr,
603 _("count_num_usershares: file %s is not a "
604 "regular file. Ignoring.\n"),
605 path );
606 continue;
607 }
608 num_usershares++;
609 }
610
611 sys_closedir(dp);
612 return num_usershares;
613 }
614
615 /***************************************************************************
616 Add a single userlevel share.
617 ***************************************************************************/
618
619 static int net_usershare_add(struct net_context *c, int argc, const char **argv)
620 {
621 TALLOC_CTX *ctx = talloc_stackframe();
622 SMB_STRUCT_STAT sbuf;
623 SMB_STRUCT_STAT lsbuf;
624 char *sharename;
625 const char *cp_sharename;
626 char *full_path;
627 char *full_path_tmp;
628 const char *us_path;
629 const char *us_comment;
630 const char *arg_acl;
631 char *us_acl;
632 char *file_img;
633 int num_aces = 0;
634 int i;
635 int tmpfd;
636 const char *pacl;
637 size_t to_write;
638 uid_t myeuid = geteuid();
639 bool guest_ok = false;
640 int num_usershares;
641
642 us_comment = "";
643 arg_acl = "S-1-1-0:R";
644
645 if (c->display_usage)
646 return net_usershare_add_usage(c, argc, argv);
647
648 switch (argc) {
649 case 0:
650 case 1:
651 default:
652 return net_usershare_add_usage(c, argc, argv);
653 case 2:
654 cp_sharename = argv[0];
655 sharename = strlower_talloc(ctx, argv[0]);
656 us_path = argv[1];
657 break;
658 case 3:
659 cp_sharename = argv[0];
660 sharename = strlower_talloc(ctx, argv[0]);
661 us_path = argv[1];
662 us_comment = argv[2];
663 break;
664 case 4:
665 cp_sharename = argv[0];
666 sharename = strlower_talloc(ctx, argv[0]);
667 us_path = argv[1];
668 us_comment = argv[2];
669 arg_acl = argv[3];
670 break;
671 case 5:
672 cp_sharename = argv[0];
673 sharename = strlower_talloc(ctx, argv[0]);
674 us_path = argv[1];
675 us_comment = argv[2];
676 arg_acl = argv[3];
677 if (strlen(arg_acl) == 0) {
678 arg_acl = "S-1-1-0:R";
679 }
680 if (!strnequal(argv[4], "guest_ok=", 9)) {
681 TALLOC_FREE(ctx);
682 return net_usershare_add_usage(c, argc, argv);
683 }
684 switch (argv[4][9]) {
685 case 'y':
686 case 'Y':
687 guest_ok = true;
688 break;
689 case 'n':
690 case 'N':
691 guest_ok = false;
692 break;
693 default:
694 TALLOC_FREE(ctx);
695 return net_usershare_add_usage(c, argc, argv);
696 }
697 break;
698 }
699
700 /* Ensure we're under the "usershare max shares" number. Advisory only. */
701 num_usershares = count_num_usershares();
702 if (num_usershares >= lp_usershare_max_shares()) {
703 d_fprintf(stderr,
704 _("net usershare add: maximum number of allowed "
705 "usershares (%d) reached\n"),
706 lp_usershare_max_shares() );
707 TALLOC_FREE(ctx);
708 return -1;
709 }
710
711 if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) {
712 d_fprintf(stderr, _("net usershare add: share name %s contains "
713 "invalid characters (any of %s)\n"),
714 sharename, INVALID_SHARENAME_CHARS);
715 TALLOC_FREE(ctx);
716 return -1;
717 }
718
719 /* Disallow shares the same as users. */
720 if (getpwnam(sharename)) {
721 d_fprintf(stderr,
722 _("net usershare add: share name %s is already a valid "
723 "system user name\n"),
724 sharename );
725 TALLOC_FREE(ctx);
726 return -1;
727 }
728
729 /* Construct the full path for the usershare file. */
730 full_path = get_basepath(ctx);
731 if (!full_path) {
732 TALLOC_FREE(ctx);
733 return -1;
734 }
735 full_path_tmp = talloc_asprintf(ctx,
736 "%s/:tmpXXXXXX",
737 full_path);
738 if (!full_path_tmp) {
739 TALLOC_FREE(ctx);
740 return -1;
741 }
742
743 full_path = talloc_asprintf_append(full_path,
744 "/%s",
745 sharename);
746 if (!full_path) {
747 TALLOC_FREE(ctx);
748 return -1;
749 }
750
751 /* The path *must* be absolute. */
752 if (us_path[0] != '/') {
753 d_fprintf(stderr,
754 _("net usershare add: path %s is not an absolute "
755 "path.\n"),
756 us_path);
757 TALLOC_FREE(ctx);
758 return -1;
759 }
760
761 /* Check the directory to be shared exists. */
762 if (sys_stat(us_path, &sbuf, false) != 0) {
763 d_fprintf(stderr,
764 _("net usershare add: cannot stat path %s to ensure "
765 "this is a directory. Error was %s\n"),
766 us_path, strerror(errno) );
767 TALLOC_FREE(ctx);
768 return -1;
769 }
770
771 if (!S_ISDIR(sbuf.st_ex_mode)) {
772 d_fprintf(stderr,
773 _("net usershare add: path %s is not a directory.\n"),
774 us_path );
775 TALLOC_FREE(ctx);
776 return -1;
777 }
778
779 /* If we're not root, check if we're restricted to sharing out directories
780 that we own only. */
781
782 if ((myeuid != 0) && lp_usershare_owner_only() && (myeuid != sbuf.st_ex_uid)) {
783 d_fprintf(stderr, _("net usershare add: cannot share path %s as "
784 "we are restricted to only sharing directories we own.\n"
785 "\tAsk the administrator to add the line \"usershare owner only = false\" \n"
786 "\tto the [global] section of the smb.conf to allow this.\n"),
787 us_path );
788 TALLOC_FREE(ctx);
789 return -1;
790 }
791
792 /* No validation needed on comment. Now go through and validate the
793 acl string. Convert names to SID's as needed. Then run it through
794 parse_usershare_acl to ensure it's valid. */
795
796 /* Start off the string we'll append to. */
797 us_acl = talloc_strdup(ctx, "");
798 if (!us_acl) {
799 TALLOC_FREE(ctx);
800 return -1;
801 }
802
803 pacl = arg_acl;
804 num_aces = 1;
805
806 /* Add the number of ',' characters to get the number of aces. */
807 num_aces += count_chars(pacl,',');
808
809 for (i = 0; i < num_aces; i++) {
810 struct dom_sid sid;
811 const char *pcolon = strchr_m(pacl, ':');
812 const char *name;
813
814 if (pcolon == NULL) {
815 d_fprintf(stderr,
816 _("net usershare add: malformed acl %s "
817 "(missing ':').\n"),
818 pacl );
819 TALLOC_FREE(ctx);
820 return -1;
821 }
822
823 switch(pcolon[1]) {
824 case 'f':
825 case 'F':
826 case 'd':
827 case 'r':
828 case 'R':
829 break;
830 default:
831 d_fprintf(stderr,
832 _("net usershare add: malformed acl %s "
833 "(access control must be 'r', 'f', "
834 "or 'd')\n"),
835 pacl );
836 TALLOC_FREE(ctx);
837 return -1;
838 }
839
840 if (pcolon[2] != ',' && pcolon[2] != '\0') {
841 d_fprintf(stderr,
842 _("net usershare add: malformed terminating "
843 "character for acl %s\n"),
844 pacl );
845 TALLOC_FREE(ctx);
846 return -1;
847 }
848
849 /* Get the name */
850 if ((name = talloc_strndup(ctx, pacl, pcolon - pacl)) == NULL) {
851 d_fprintf(stderr, _("talloc_strndup failed\n"));
852 TALLOC_FREE(ctx);
853 return -1;
854 }
855 if (!string_to_sid(&sid, name)) {
856 /* Convert to a SID */
857 NTSTATUS ntstatus = net_lookup_sid_from_name(c, ctx, name, &sid);
858 if (!NT_STATUS_IS_OK(ntstatus)) {
859 d_fprintf(stderr,
860 _("net usershare add: cannot convert "
861 "name \"%s\" to a SID. %s."),
862 name, get_friendly_nt_error_msg(ntstatus) );
863 if (NT_STATUS_EQUAL(ntstatus, NT_STATUS_CONNECTION_REFUSED)) {
864 d_fprintf(stderr,
865 _(" Maybe smbd is not running.\n"));
866 } else {
867 d_fprintf(stderr, "\n");
868 }
869 TALLOC_FREE(ctx);
870 return -1;
871 }
872 }
873 us_acl = talloc_asprintf_append(
874 us_acl, "%s:%c,", sid_string_tos(&sid), pcolon[1]);
875
876 /* Move to the next ACL entry. */
877 if (pcolon[2] == ',') {
878 pacl = &pcolon[3];
879 }
880 }
881
882 /* Remove the last ',' */
883 us_acl[strlen(us_acl)-1] = '\0';
884
885 if (guest_ok && !lp_usershare_allow_guests()) {
886 d_fprintf(stderr, _("net usershare add: guest_ok=y requested "
887 "but the \"usershare allow guests\" parameter is not "
888 "enabled by this server.\n"));
889 TALLOC_FREE(ctx);
890 return -1;
891 }
892
893 /* Create a temporary filename for this share. */
894 tmpfd = mkstemp(full_path_tmp);
895
896 if (tmpfd == -1) {
897 d_fprintf(stderr,
898 _("net usershare add: cannot create tmp file %s\n"),
899 full_path_tmp );
900 TALLOC_FREE(ctx);
901 return -1;
902 }
903
904 /* Ensure we opened the file we thought we did. */
905 if (sys_lstat(full_path_tmp, &lsbuf, false) != 0) {
906 d_fprintf(stderr,
907 _("net usershare add: cannot lstat tmp file %s\n"),
908 full_path_tmp );
909 TALLOC_FREE(ctx);
910 return -1;
911 }
912
913 /* Check this is the same as the file we opened. */
914 if (sys_fstat(tmpfd, &sbuf, false) != 0) {
915 d_fprintf(stderr,
916 _("net usershare add: cannot fstat tmp file %s\n"),
917 full_path_tmp );
918 TALLOC_FREE(ctx);
919 return -1;
920 }
921
922 if (!S_ISREG(sbuf.st_ex_mode) || sbuf.st_ex_dev != lsbuf.st_ex_dev || sbuf.st_ex_ino != lsbuf.st_ex_ino) {
923 d_fprintf(stderr,
924 _("net usershare add: tmp file %s is not a regular "
925 "file ?\n"),
926 full_path_tmp );
927 TALLOC_FREE(ctx);
928 return -1;
929 }
930
931 if (fchmod(tmpfd, 0644) == -1) {
932 d_fprintf(stderr,
933 _("net usershare add: failed to fchmod tmp file %s "
934 "to 0644n"),
935 full_path_tmp );
936 TALLOC_FREE(ctx);
937 return -1;
938 }
939
940 /* Create the in-memory image of the file. */
941 file_img = talloc_strdup(ctx, "#VERSION 2\npath=");
942 file_img = talloc_asprintf_append(file_img,
943 "%s\ncomment=%s\nusershare_acl=%s\n"
944 "guest_ok=%c\nsharename=%s\n",
945 us_path,
946 us_comment,
947 us_acl,
948 guest_ok ? 'y' : 'n',
949 cp_sharename);
950
951 to_write = strlen(file_img);
952
953 if (write(tmpfd, file_img, to_write) != to_write) {
954 d_fprintf(stderr,
955 _("net usershare add: failed to write %u bytes to "
956 "file %s. Error was %s\n"),
957 (unsigned int)to_write, full_path_tmp, strerror(errno));
958 unlink(full_path_tmp);
959 TALLOC_FREE(ctx);
960 return -1;
961 }
962
963 /* Attempt to replace any existing share by this name. */
964 if (rename(full_path_tmp, full_path) != 0) {
965 unlink(full_path_tmp);
966 d_fprintf(stderr,
967 _("net usershare add: failed to add share %s. Error "
968 "was %s\n"),
969 sharename, strerror(errno));
970 TALLOC_FREE(ctx);
971 close(tmpfd);
972 return -1;
973 }
974
975 close(tmpfd);
976
977 if (c->opt_long_list_entries) {
978 const char *my_argv[2];
979 my_argv[0] = sharename;
980 my_argv[1] = NULL;
981 net_usershare_info(c, 1, my_argv);
982 }
983
984 TALLOC_FREE(ctx);
985 return 0;
986 }
987
988 #if 0
989 /***************************************************************************
990 List function.
991 ***************************************************************************/
992
993 static int list_fn(struct file_list *fl, void *priv)
994 {
995 d_printf("%s\n", fl->pathname);
996 return 0;
997 }
998 #endif
999
1000 /***************************************************************************
1001 List userlevel shares.
1002 ***************************************************************************/
1003
1004 static int net_usershare_list(struct net_context *c, int argc,
1005 const char **argv)
1006 {
1007 fstring wcard;
1008 bool only_ours = true;
1009 int ret = -1;
1010 struct us_priv_info pi;
1011 TALLOC_CTX *ctx;
1012
1013 fstrcpy(wcard, "*");
1014
1015 if (c->display_usage)
1016 return net_usershare_list_usage(c, argc, argv);
1017
1018 if (c->opt_long_list_entries) {
1019 only_ours = false;
1020 }
1021
1022 switch (argc) {
1023 case 0:
1024 break;
1025 case 1:
1026 fstrcpy(wcard, argv[0]);
1027 break;
1028 default:
1029 return net_usershare_list_usage(c, argc, argv);
1030 }
1031
1032 strlower_m(wcard);
1033
1034 ctx = talloc_init("share_list");
1035 ret = get_share_list(ctx, wcard, only_ours);
1036 if (ret) {
1037 return ret;
1038 }
1039
1040 pi.ctx = ctx;
1041 pi.op = US_LIST_OP;
1042 pi.c = c;
1043
1044 ret = process_share_list(info_fn, &pi);
1045 talloc_destroy(ctx);
1046 return ret;
1047 }
1048
1049 /***************************************************************************
1050 Entry-point for all the USERSHARE functions.
1051 ***************************************************************************/
1052
1053 int net_usershare(struct net_context *c, int argc, const char **argv)
1054 {
1055 SMB_STRUCT_DIR *dp;
1056
1057 struct functable func[] = {
1058 {
1059 "add",
1060 net_usershare_add,
1061 NET_TRANSPORT_LOCAL,
1062 N_("Add/modify user defined share"),
1063 N_("net usershare add\n"
1064 " Add/modify user defined share")
1065 },
1066 {
1067 "delete",
1068 net_usershare_delete,
1069 NET_TRANSPORT_LOCAL,
1070 N_("Delete user defined share"),
1071 N_("net usershare delete\n"
1072 " Delete user defined share")
1073 },
1074 {
1075 "info",
1076 net_usershare_info,
1077 NET_TRANSPORT_LOCAL,
1078 N_("Display information about a user defined share"),
1079 N_("net usershare info\n"
1080 " Display information about a user defined share")
1081 },
1082 {
1083 "list",
1084 net_usershare_list,
1085 NET_TRANSPORT_LOCAL,
1086 N_("List user defined shares"),
1087 N_("net usershare list\n"
1088 " List user defined shares")
1089 },
1090 {NULL, NULL, 0, NULL, NULL}
1091 };
1092
1093 if (lp_usershare_max_shares() == 0) {
1094 d_fprintf(stderr,
1095 _("net usershare: usershares are currently "
1096 "disabled\n"));
1097 return -1;
1098 }
1099
1100 dp = sys_opendir(lp_usershare_path());
1101 if (!dp) {
1102 int err = errno;
1103 d_fprintf(stderr,
1104 _("net usershare: cannot open usershare directory %s. "
1105 "Error %s\n"),
1106 lp_usershare_path(), strerror(err) );
1107 if (err == EACCES) {
1108 d_fprintf(stderr,
1109 _("You do not have permission to create a "
1110 "usershare. Ask your administrator to grant "
1111 "you permissions to create a share.\n"));
1112 } else if (err == ENOENT) {
1113 d_fprintf(stderr,
1114 _("Please ask your system administrator to "
1115 "enable user sharing.\n"));
1116 }
1117 return -1;
1118 }
1119 sys_closedir(dp);
1120
1121 return net_run_function(c, argc, argv, "net usershare", func);
1122 }
reg import