diff options
| author | Boris Protopopov <boris.v.protopopov@gmail.com> | 2020-01-06 16:31:19 +0000 |
|---|---|---|
| committer | Pavel Shilovsky <pshilov@microsoft.com> | 2020-09-03 10:35:18 -0700 |
| commit | 3d399e4a9a2741af5383c35323eb702f8e2fe913 (patch) | |
| tree | 3d7add330ef5eca9709adc166e9b0fa16159fcf4 /setcifsacl.rst.in | |
| parent | a138fd1155b5259e8955cb6d6997091e47acfd8c (diff) | |
| download | cifs-utils-3d399e4a9a2741af5383c35323eb702f8e2fe913.tar.gz cifs-utils-3d399e4a9a2741af5383c35323eb702f8e2fe913.tar.bz2 cifs-utils-3d399e4a9a2741af5383c35323eb702f8e2fe913.zip | |
Add support for setting owner and group in ntsd
Extend setcifsacl utility to allow setting owner and group SIDs
in the security descriptor in addition to setting ACLs. This is
a user-friendly intefrace for setting owner and group SIDs that
takes advantage of the recent extensions in the CIFS kernel
client, and it complements setting raw values via setfattr.
Signed-off-by: Boris Protopopov <boris.v.protopopov@gmail.com>
Diffstat (limited to 'setcifsacl.rst.in')
| -rw-r--r-- | setcifsacl.rst.in | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/setcifsacl.rst.in b/setcifsacl.rst.in index de9c758..985af7c 100644 --- a/setcifsacl.rst.in +++ b/setcifsacl.rst.in @@ -2,16 +2,16 @@ setcifsacl ========== ------------------------------------------------------------------------------------------------- -Userspace helper to alter an ACL in a security descriptor for Common Internet File System (CIFS) ------------------------------------------------------------------------------------------------- +------------------------------------------------------------------------------------------------------------------- +Userspace helper to alter an ACL or owner/group SID in a security descriptor for Common Internet File System (CIFS) +------------------------------------------------------------------------------------------------------------------- :Manual section: 1 ******** SYNOPSIS ******** - setcifsacl [-v|-a|-D|-M|-S] "{one or more ACEs}" {file system object} + setcifsacl [-v|-a|-D|-M|-S|-o|-g] "{one or more ACEs or a SID}" {file system object} *********** DESCRIPTION @@ -20,7 +20,7 @@ DESCRIPTION This tool is part of the cifs-utils suite. ``setcifsacl`` is a userspace helper program for the Linux CIFS client -file system. It is intended to alter an ACL of a security descriptor +file system. It is intended to alter an ACL or set owner/group SID of a security descriptor for a file system object. Whether a security descriptor to be set is applied or not is determined by the CIFS/SMB server. @@ -55,6 +55,13 @@ OPTIONS Set an ACL of security descriptor with the list of ACEs Existing ACL is replaced entirely with the specified ACEs. +-o + Set owner SID to one specified as a command line argument. + +-g + Set group SID to one specified as a command line argument. + + The owner/group SID can be specified as a name or a raw SID value. Every ACE entry starts with "ACL:" One or more ACEs are specified within double quotes. Multiple ACEs are separated by a comma. @@ -93,6 +100,16 @@ Set an ACL setcifsacl -S "ACL:CIFSTESTDOM\Administrator:0x0/0x0/FULL,ACL:CIFSTESTDOM\user2:0x0/0x0/FULL" <file_name> +Set owner SID +============= + + setcifsacl -o "S-1-5-21-3338130290-3403600371-1423429424-2102" <file_name> + +Set group SID +============= + + setcifsacl -g "Administrators@BUILTIN" <file_name> + ***** NOTES ***** |