/*
* setcifsacl utility
*
* Copyright (C) Shirish Pargaonkar (shirishp@us.ibm.com) 2011
*
* Used to alter entries of an ACL or replace an entire ACL in a
* security descriptor of a file system object that belongs to a
* share mounted using option cifsacl.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* This utility modifies various components of the security descriptor. These
* actions require different permissions and different SMB protocol-level flags.
* The user needs to make sure the share is mounted using the user credentials
* for the user who has appropriate permissions and privileges. The kernel
* CIFS client knows which flags to use based on the extended attribute name:
* - system.cifs_acl - set dacl only
* - system.cifs_ndst - set dacl and owner info
* - system.cifs_ntsd_full - set dacl, owner, and sacl
*
* For simplicity, the utility modifies one component of the descriptor:
* owner sid, group sid, DACL, or SACL. The rest of the descriptor is unchanged.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif /* HAVE_CONFIG_H */
#include <string.h>
#include <getopt.h>
#include <stdint.h>
#include <stdbool.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <limits.h>
#include <ctype.h>
#include <sys/xattr.h>
#include "cifsacl.h"
#include "idmap_plugin.h"
enum setcifsacl_actions {
ActUnknown = -1,
ActDelete,
ActModify,
ActAdd,
ActSetAcl,
ActSetOwner,
ActSetGroup,
ActSetSacl
};
static void *plugin_handle;
static bool plugin_loaded;
static int
copy_cifs_sid(struct cifs_sid *dst, const struct cifs_sid *src)
{
int i, size = 0;
dst->revision = src->revision;
size += sizeof(uint8_t);
dst->num_subauth = src->num_subauth;
size += sizeof(uint8_t);
for (i = 0; i < NUM_AUTHS; i++)
dst->authority[i] = src->authority[i];
size += (sizeof(uint8_t) * NUM_AUTHS);
for (i = 0; i < src->num_subauth; i++)
dst->sub_auth[i]</