2 Unix SMB/CIFS implementation.
3 SMB NT Security Descriptor / Unix permission conversion.
4 Copyright (C) Jeremy Allison 1994-2009.
5 Copyright (C) Andreas Gruenbacher 2002.
6 Copyright (C) Simo Sorce <idra@samba.org> 2009.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "smbd/smbd.h"
25 #include "libcli/util/pyerrors.h"
27 extern const struct generic_mapping file_generic_mapping
;
30 #define DBGC_CLASS DBGC_ACLS
32 static NTSTATUS
set_sys_acl_no_snum(const char *fname
,
33 SMB_ACL_TYPE_T acltype
,
36 connection_struct
*conn
;
37 NTSTATUS status
= NT_STATUS_OK
;
40 conn
= talloc_zero(NULL
, connection_struct
);
42 DEBUG(0, ("talloc failed\n"));
43 return NT_STATUS_NO_MEMORY
;
46 if (!(conn
->params
= talloc(conn
, struct share_params
))) {
47 DEBUG(0,("get_nt_acl_no_snum: talloc() failed!\n"));
49 return NT_STATUS_NO_MEMORY
;
52 conn
->params
->service
= -1;
54 set_conn_connectpath(conn
, "/");
58 ret
= SMB_VFS_SYS_ACL_SET_FILE( conn
, fname
, acltype
, theacl
);
60 status
= map_nt_error_from_unix_common(ret
);
61 DEBUG(0,("get_nt_acl_no_snum: fset_nt_acl returned zero.\n"));
70 static SMB_ACL_T
make_simple_acl(uid_t uid
, gid_t gid
)
72 mode_t mode
= SMB_ACL_READ
|SMB_ACL_WRITE
;
75 SMB_ACL_ENTRY_T entry
;
76 SMB_ACL_T acl
= sys_acl_init(4);
82 if (sys_acl_create_entry(&acl
, &entry
) != 0) {
83 sys_acl_free_acl(acl
);
87 if (sys_acl_set_tag_type(entry
, SMB_ACL_USER_OBJ
) != 0) {
88 sys_acl_free_acl(acl
);
92 if (sys_acl_set_permset(entry
, &mode
) != 0) {
93 sys_acl_free_acl(acl
);
97 if (sys_acl_create_entry(&acl
, &entry
) != 0) {
98 sys_acl_free_acl(acl
);
102 if (sys_acl_set_tag_type(entry
, SMB_ACL_GROUP_OBJ
) != 0) {
103 sys_acl_free_acl(acl
);
107 if (sys_acl_set_permset(entry
, &mode
) != 0) {
108 sys_acl_free_acl(acl
);
112 if (sys_acl_create_entry(&acl
, &entry
) != 0) {
113 sys_acl_free_acl(acl
);
117 if (sys_acl_set_tag_type(entry
, SMB_ACL_OTHER
) != 0) {
118 sys_acl_free_acl(acl
);
122 if (sys_acl_set_permset(entry
, &mode0
) != 0) {
123 sys_acl_free_acl(acl
);
127 if (sys_acl_create_entry(&acl
, &entry
) != 0) {
128 sys_acl_free_acl(acl
);
132 if (sys_acl_set_tag_type(entry
, SMB_ACL_GROUP
) != 0) {
133 sys_acl_free_acl(acl
);
137 if (sys_acl_set_qualifier(entry
, &gid
) != 0) {
138 sys_acl_free_acl(acl
);
142 if (sys_acl_set_permset(entry
, &mode
) != 0) {
143 sys_acl_free_acl(acl
);
147 if (sys_acl_create_entry(&acl
, &entry
) != 0) {
148 sys_acl_free_acl(acl
);
152 if (sys_acl_set_tag_type(entry
, SMB_ACL_MASK
) != 0) {
153 sys_acl_free_acl(acl
);
157 if (sys_acl_set_permset(entry
, &mode0
) != 0) {
158 sys_acl_free_acl(acl
);
165 set a simple ACL on a file, as a test
167 static PyObject
*py_smbd_set_simple_acl(PyObject
*self
, PyObject
*args
)
174 if (!PyArg_ParseTuple(args
, "sii", &fname
, &uid
, &gid
))
177 acl
= make_simple_acl(uid
, gid
);
179 status
= set_sys_acl_no_snum(fname
, SMB_ACL_TYPE_ACCESS
, acl
);
180 sys_acl_free_acl(acl
);
181 PyErr_NTSTATUS_IS_ERR_RAISE(status
);
186 static PyMethodDef py_smbd_methods
[] = {
188 (PyCFunction
)py_smbd_set_simple_acl
, METH_VARARGS
,
198 m
= Py_InitModule3("smbd", py_smbd_methods
,
199 "Python bindings for the smbd file server.");