From 51e3547426bcfe9ae086c12bff95dfc31aba5e24 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 22 Aug 2012 18:35:01 +1000 Subject: [PATCH] s3-pysmbd: Allow a mode to be specified for the simple ACL The additional group for the ACL is now optional. Andrew Bartlett --- source3/smbd/pysmbd.c | 59 ++++++++++++---------- .../scripting/python/samba/provision/__init__.py | 2 +- 2 files changed, 33 insertions(+), 28 deletions(-) diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 6456797d63b..6866ff35390 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c @@ -151,10 +151,13 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, } -static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) +static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) { mode_t mode = SMB_ACL_READ|SMB_ACL_WRITE; - mode_t mode0 = 0; + + mode_t mode_user = (chmod_mode & 0700) >> 16; + mode_t mode_group = (chmod_mode & 070) >> 8; + mode_t mode_other = chmod_mode & 07; SMB_ACL_ENTRY_T entry; SMB_ACL_T acl = sys_acl_init(4); @@ -173,7 +176,7 @@ static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) return NULL; } - if (sys_acl_set_permset(entry, &mode) != 0) { + if (sys_acl_set_permset(entry, &mode_user) != 0) { TALLOC_FREE(acl); return NULL; } @@ -188,7 +191,7 @@ static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) return NULL; } - if (sys_acl_set_permset(entry, &mode) != 0) { + if (sys_acl_set_permset(entry, &mode_group) != 0) { TALLOC_FREE(acl); return NULL; } @@ -203,29 +206,31 @@ static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) return NULL; } - if (sys_acl_set_permset(entry, &mode0) != 0) { - TALLOC_FREE(acl); - return NULL; - } - - if (sys_acl_create_entry(&acl, &entry) != 0) { - TALLOC_FREE(acl); - return NULL; - } - - if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) { + if (sys_acl_set_permset(entry, &mode_other) != 0) { TALLOC_FREE(acl); return NULL; } - if (sys_acl_set_qualifier(entry, &gid) != 0) { - TALLOC_FREE(acl); - return NULL; - } - - if (sys_acl_set_permset(entry, &mode) != 0) { - TALLOC_FREE(acl); - return NULL; + if (gid != -1) { + if (sys_acl_create_entry(&acl, &entry) != 0) { + TALLOC_FREE(acl); + return NULL; + } + + if (sys_acl_set_tag_type(entry, SMB_ACL_GROUP) != 0) { + TALLOC_FREE(acl); + return NULL; + } + + if (sys_acl_set_qualifier(entry, &gid) != 0) { + TALLOC_FREE(acl); + return NULL; + } + + if (sys_acl_set_permset(entry, &mode_group) != 0) { + TALLOC_FREE(acl); + return NULL; + } } if (sys_acl_create_entry(&acl, &entry) != 0) { @@ -238,7 +243,7 @@ static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid) return NULL; } - if (sys_acl_set_permset(entry, &mode0) != 0) { + if (sys_acl_set_permset(entry, &mode) != 0) { TALLOC_FREE(acl); return NULL; } @@ -252,14 +257,14 @@ static PyObject *py_smbd_set_simple_acl(PyObject *self, PyObject *args) { NTSTATUS status; char *fname; - int uid, gid; + int mode, gid = -1; SMB_ACL_T acl; TALLOC_CTX *frame; - if (!PyArg_ParseTuple(args, "sii", &fname, &uid, &gid)) + if (!PyArg_ParseTuple(args, "si|i", &fname, &mode, &gid)) return NULL; - acl = make_simple_acl(uid, gid); + acl = make_simple_acl(gid, mode); frame = talloc_stackframe(); diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index fd71631ee75..e84cb2137ba 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1801,7 +1801,7 @@ def provision(logger, session_info, credentials, smbconf=None, file = tempfile.NamedTemporaryFile(dir=os.path.abspath(paths.sysvol)) try: try: - smbd.set_simple_acl(file.name, root_uid, wheel_gid) + smbd.set_simple_acl(file.name, 0755, wheel_gid) except Exception: raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires. Try the mounting the filesystem with the 'acl' option.") try: -- 2.11.4.GIT