2 * Header file for getcifsacl and setcifsacl utilities
4 * Copyright (C) Shirish Pargaonkar (shirishp@us.ibm.com) 2011
6 * Has various access rights, security descriptor fields defines
7 * and data structures related to security descriptor, DACL, ACE,
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 #include "cifsidmap.h"
29 #define ATTRNAME "system.cifs_acl"
31 #define MAX_NUM_AUTHS 6
33 /* File specific rights */
34 #define READ_DATA 0x00000001 /* R */
35 #define WRITE_DATA 0x00000002 /* W */
36 #define APPEND_DATA 0x00000004 /* A */
37 #define READ_EA 0x00000008 /* REA */
38 #define WRITE_EA 0x00000010 /* WEA */
39 #define EXEC 0x00000020 /* E */
40 #define DELDHLD 0x00000040 /* DC */
41 #define READ_ATTR 0x00000080 /* RA */
42 #define WRITE_ATTR 0x00000100 /* WA */
45 #define DELETE 0x00010000 /* D */
46 #define READ_CONTROL 0x00020000 /* RC */
47 #define WRITE_DAC 0x00040000 /* P */
48 #define WRITE_OWNER 0x00080000 /* O */
49 #define SYNC 0x00100000 /* S */
52 #define SYSSEC 0x01000000
53 #define MAX 0x02000000
54 #define ALL 0x10000000
55 #define EXECUTE 0x20000000 /* GE */
56 #define WRITE 0x40000000 /* GW */
57 #define READ 0x80000000 /* GR */
59 /* D | RC | P | O | S | R | W | A | E | DC | REA | WEA | RA | WA */
60 #define FULL_CONTROL 0x001f01ff
62 /* RC | S | R | E | REA | RA */
63 #define EREAD 0x001200a9
65 /* RC | S | R | E | REA | GR | GE */
66 #define OREAD 0xa01200a1
68 /* RC | S | R | REA | RA */
69 #define BREAD 0x00120089
71 /* W | A | WA | WEA| */
72 #define EWRITE 0x00000116
74 /* D | RC | S | R | W | A | E |REA | WEA | RA | WA */
75 #define CHANGE 0x001301bf
77 /* GR | RC | REA | RA | REA | R */
78 #define ALL_READ_BITS 0x80020089
80 /* WA | WEA | A | W */
81 #define ALL_WRITE_BITS 0x40000116
83 #define OBJECT_INHERIT_FLAG 0x01 /* OI */
84 #define CONTAINER_INHERIT_FLAG 0x02 /* CI */
85 #define NO_PROPAGATE_INHERIT_FLAG 0x04 /* NP */
86 #define INHERIT_ONLY_FLAG 0x08 /* IO */
87 #define INHERITED_ACE_FLAG 0x10 /* I */
88 #define VFLAGS (OBJECT_INHERIT_FLAG|CONTAINER_INHERIT_FLAG|NO_PROPAGATE_INHERIT_FLAG|INHERIT_ONLY_FLAG|INHERITED_ACE_FLAG)
90 #define ACCESS_ALLOWED 0 /* ALLOWED */
91 #define ACCESS_DENIED 1 /* DENIED */
92 #define ACCESS_ALLOWED_OBJECT 5 /* OBJECT_ALLOWED */
93 #define ACCESS_DENIED_OBJECT 6 /* OBJECT_DENIED */
99 #define COMPALL (COMPSID|COMPTYPE|COMPFLAG|COMPMASK)
102 * While not indicated here, the structs below represent on-the-wire data
103 * structures. Any multi-byte values are expected to be little-endian!
105 * FIXME: should we change these to use endianness annotations?
108 uint16_t revision; /* revision level */
114 } __attribute__((packed));
116 struct cifs_ctrl_acl {
117 uint16_t revision; /* revision level */
120 } __attribute__((packed));
127 struct cifs_sid sid; /* ie UUID of user or group who gets these perms */
128 } __attribute__((packed));
130 #endif /* CIFSACL_H */