3 # Get or set the security descriptor on a printer
7 from samba
import spoolss
10 print "Usage: psec.py getsec|setsec printername"
14 printername
= sys
.argv
[2]
16 # Display security descriptor
21 hnd
= spoolss
.openprinter(printername
)
23 print "error opening printer %s" % printername
26 secdesc
= hnd
.getprinter(level
= 3)["security_descriptor"]
28 print secdesc
["owner_sid"]
29 print secdesc
["group_sid"]
31 for acl
in secdesc
["dacl"]["ace_list"]:
32 print "%d %d 0x%08x %s" % (acl
["type"], acl
["flags"],
33 acl
["mask"], acl
["trustee"])
35 spoolss
.closeprinter(hnd
)
39 # Set security descriptor
46 hnd
= spoolss
.openprinter(printername
,
47 creds
= {"domain": "NPSD-TEST2",
48 "username": "Administrator",
49 "password": "penguin"})
51 print "error opening printer %s" % printername
54 # Read lines from standard input and build security descriptor
56 lines
= sys
.stdin
.readlines()
60 secdesc
["owner_sid"] = lines
[0]
61 secdesc
["group_sid"] = lines
[1]
63 secdesc
["revision"] = 1
65 secdesc
["dacl"]["revision"] = 2
66 secdesc
["dacl"]["ace_list"] = []
69 match
= re
.match("(\d+) (\d+) (0[xX][\dA-Fa-f]+) (\S+)", acl
)
70 secdesc
["dacl"]["ace_list"].append(
71 {"type": int(match
.group(1)), "flags": int(match
.group(2)),
72 "mask": string
.atoi(match
.group(3), 0), "trustee": match
.group(4)})
74 # Build info3 structure
78 info3
["flags"] = 0x8004 # self-relative, dacl present
80 info3
["security_descriptor"] = secdesc
84 spoolss
.closeprinter(hnd
)
87 print "invalid operation %s" % op