2 Unix SMB/Netbios implementation.
4 Samba system utilities for ACL support.
5 Copyright (C) Jeremy Allison 2000.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern int DEBUGLEVEL;
27 This file wraps all differing system ACL interfaces into a consistent
28 one based on the POSIX interface. It also returns the correct errors
29 for older UNIX systems that don't support ACLs.
31 The interfaces that each ACL implementation must support are as follows :
33 int sys_acl_get_entry( SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
34 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
35 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p
36 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
37 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
38 SMB_ACL_T sys_acl_get_fd(int fd)
39 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset);
40 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
41 char *sys_acl_to_text( SMB_ACL_T theacl, ssize_t *plen)
42 SMB_ACL_T sys_acl_init( int count)
43 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
44 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
45 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
46 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
47 int sys_acl_valid( SMB_ACL_T theacl )
48 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
49 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
51 This next one is not POSIX complient - but we *have* to have it !
52 More POSIX braindamage.
54 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
56 The generic POSIX free is the following call. We split this into
57 several different free functions as we may need to add tag info
58 to structures when emulating the POSIX interface.
60 int sys_acl_free( void *obj_p)
62 The calls we actually use are :
64 int sys_acl_free_text(char *text) - free acl_to_text
65 int sys_acl_free_acl(SMB_ACL_T posix_acl)
66 int sys_acl_free_qualifier(SMB_ACL_T posix_acl)
70 #if defined(HAVE_POSIX_ACLS)
72 /* Identity mapping - easy. */
74 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
76 return acl_get_entry( the_acl, entry_id, entry_p);
79 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
81 return acl_get_tag_type( entry_d, tag_type_p);
84 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
86 return acl_get_permset( entry_d, permset_p);
89 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
91 return acl_get_qualifier( entry_d);
94 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
96 return acl_get_file( path_p, type);
99 SMB_ACL_T sys_acl_get_fd(int fd)
101 return acl_get_fd(fd);
104 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
106 return acl_clear_perms(permset);
109 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
111 return acl_add_perm(permset, perm);
114 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
116 #if defined(HAVE_ACL_GET_PERM_NP)
118 * Required for TrustedBSD-based ACL implementations where
119 * non-POSIX.1e functions are denoted by a _np (non-portable)
122 return acl_get_perm_np(permset, perm);
124 return acl_get_perm(permset, perm);
128 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
130 return acl_to_text( the_acl, plen);
133 SMB_ACL_T sys_acl_init( int count)
135 return acl_init(count);
138 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
140 return acl_create_entry(pacl, pentry);
143 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
145 return acl_set_tag_type(entry, tagtype);
148 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
150 return acl_set_qualifier(entry, qual);
153 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
155 return acl_set_permset(entry, permset);
158 int sys_acl_valid( SMB_ACL_T theacl )
160 return acl_valid(theacl);
163 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
165 return acl_set_file(name, acltype, theacl);
168 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
170 return acl_set_fd(fd, theacl);
173 int sys_acl_free_text(char *text)
175 return acl_free(text);
178 int sys_acl_free_acl(SMB_ACL_T the_acl)
180 return acl_free(the_acl);
183 int sys_acl_free_qualifier(void *qual)
185 return acl_free(qual);
188 #elif defined(HAVE_UNIXWARE_ACLS) || defined(HAVE_SOLARIS_ACLS)
191 * Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
192 * Modified by Toomas Soome <tsoome@ut.ee> for Solaris.
196 * Note that while this code implements sufficient functionality
197 * to support the sys_acl_* interfaces it does not provide all
198 * of the semantics of the POSIX ACL interfaces.
200 * In particular, an ACL entry descriptor (SMB_ACL_ENTRY_T) returned
201 * from a call to sys_acl_get_entry() should not be assumed to be
202 * valid after calling any of the following functions, which may
203 * reorder the entries in the ACL.
211 * The only difference between Solaris and UnixWare / OpenUNIX is
212 * that the #defines for the ACL operations have different names
214 #if defined(HAVE_UNIXWARE_ACLS)
216 #define SETACL ACL_SET
217 #define GETACL ACL_GET
218 #define GETACLCNT ACL_CNT
223 int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
225 if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
230 if (entry_p == NULL) {
235 if (entry_id == SMB_ACL_FIRST_ENTRY) {
239 if (acl_d->next < 0) {
244 if (acl_d->next >= acl_d->count) {
248 *entry_p = &acl_d->acl[acl_d->next++];
253 int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
255 *type_p = entry_d->a_type;
260 int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
262 *permset_p = &entry_d->a_perm;
267 void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
269 if (entry_d->a_type != SMB_ACL_USER
270 && entry_d->a_type != SMB_ACL_GROUP) {
275 return &entry_d->a_id;
279 * There is no way of knowing what size the ACL returned by
280 * GETACL will be unless you first call GETACLCNT which means
281 * making an additional system call.
283 * In the hope of avoiding the cost of the additional system
284 * call in most cases, we initially allocate enough space for
285 * an ACL with INITIAL_ACL_SIZE entries. If this turns out to
286 * be too small then we use GETACLCNT to find out the actual
287 * size, reallocate the ACL buffer, and then call GETACL again.
290 #define INITIAL_ACL_SIZE 16
292 SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
295 int count; /* # of ACL entries allocated */
296 int naccess; /* # of access ACL entries */
297 int ndefault; /* # of default ACL entries */
299 if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
304 count = INITIAL_ACL_SIZE;
305 if ((acl_d = sys_acl_init(count)) == NULL) {
310 * If there isn't enough space for the ACL entries we use
311 * GETACLCNT to determine the actual number of ACL entries
312 * reallocate and try again. This is in a loop because it
313 * is possible that someone else could modify the ACL and
314 * increase the number of entries between the call to
315 * GETACLCNT and the call to GETACL.
317 while ((count = acl(path_p, GETACL, count, &acl_d->acl[0])) < 0
318 && errno == ENOSPC) {
320 sys_acl_free_acl(acl_d);
322 if ((count = acl(path_p, GETACLCNT, 0, NULL)) < 0) {
326 if ((acl_d = sys_acl_init(count)) == NULL) {
332 sys_acl_free_acl(acl_d);
337 * calculate the number of access and default ACL entries
339 * Note: we assume that the acl() system call returned a
340 * well formed ACL which is sorted so that all of the
341 * access ACL entries preceed any default ACL entries
343 for (naccess = 0; naccess < count; naccess++) {
344 if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
347 ndefault = count - naccess;
350 * if the caller wants the default ACL we have to copy
351 * the entries down to the start of the acl[] buffer
352 * and mask out the ACL_DEFAULT flag from the type field
354 if (type == SMB_ACL_TYPE_DEFAULT) {
357 for (i = 0, j = naccess; i < ndefault; i++, j++) {
358 acl_d->acl[i] = acl_d->acl[j];
359 acl_d->acl[i].a_type &= ~ACL_DEFAULT;
362 acl_d->count = ndefault;
364 acl_d->count = naccess;
370 SMB_ACL_T sys_acl_get_fd(int fd)
373 int count; /* # of ACL entries allocated */
374 int naccess; /* # of access ACL entries */
376 count = INITIAL_ACL_SIZE;
377 if ((acl_d = sys_acl_init(count)) == NULL) {
381 while ((count = facl(fd, GETACL, count, &acl_d->acl[0])) < 0
382 && errno == ENOSPC) {
384 sys_acl_free_acl(acl_d);
386 if ((count = facl(fd, GETACLCNT, 0, NULL)) < 0) {
390 if ((acl_d = sys_acl_init(count)) == NULL) {
396 sys_acl_free_acl(acl_d);
401 * calculate the number of access ACL entries
403 for (naccess = 0; naccess < count; naccess++) {
404 if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
408 acl_d->count = naccess;
413 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
420 int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
422 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
423 && perm != SMB_ACL_EXECUTE) {
428 if (permset_d == NULL) {
438 int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
440 return *permset_d & perm;
443 char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
450 * use an initial estimate of 20 bytes per ACL entry
451 * when allocating memory for the text representation
455 maxlen = 20 * acl_d->count;
456 if ((text = malloc(maxlen)) == NULL) {
461 for (i = 0; i < acl_d->count; i++) {
462 struct acl *ap = &acl_d->acl[i];
472 switch (ap->a_type) {
474 * for debugging purposes it's probably more
475 * useful to dump unknown tag types rather
476 * than just returning an error
479 slprintf(tagbuf, sizeof(tagbuf)-1, "0x%x",
482 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
488 if ((pw = sys_getpwuid(ap->a_id)) == NULL) {
489 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
495 case SMB_ACL_USER_OBJ:
500 if ((gr = getgrgid(ap->a_id)) == NULL) {
501 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
507 case SMB_ACL_GROUP_OBJ:
521 perms[0] = (ap->a_perm & SMB_ACL_READ) ? 'r' : '-';
522 perms[1] = (ap->a_perm & SMB_ACL_WRITE) ? 'w' : '-';
523 perms[2] = (ap->a_perm & SMB_ACL_EXECUTE) ? 'x' : '-';
526 /* <tag> : <qualifier> : rwx \n \0 */
527 nbytes = strlen(tag) + 1 + strlen(id) + 1 + 3 + 1 + 1;
530 * If this entry would overflow the buffer
531 * allocate enough additional memory for this
532 * entry and an estimate of another 20 bytes
533 * for each entry still to be processed
535 if ((len + nbytes) > maxlen) {
536 char *oldtext = text;
538 maxlen += nbytes + 20 * (acl_d->count - i);
540 if ((text = realloc(oldtext, maxlen)) == NULL) {
547 slprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
557 SMB_ACL_T sys_acl_init(int count)
567 * note that since the definition of the structure pointed
568 * to by the SMB_ACL_T includes the first element of the
569 * acl[] array, this actually allocates an ACL with room
570 * for (count+1) entries
572 if ((a = malloc(sizeof(*a) + count * sizeof(struct acl))) == NULL) {
585 int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
588 SMB_ACL_ENTRY_T entry_d;
590 if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
595 if (acl_d->count >= acl_d->size) {
600 entry_d = &acl_d->acl[acl_d->count++];
609 int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
613 case SMB_ACL_USER_OBJ:
615 case SMB_ACL_GROUP_OBJ:
618 entry_d->a_type = tag_type;
628 int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
630 if (entry_d->a_type != SMB_ACL_GROUP
631 && entry_d->a_type != SMB_ACL_USER) {
636 entry_d->a_id = *((id_t *)qual_p);
641 int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
643 if (*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
647 entry_d->a_perm = *permset_d;
652 int sys_acl_valid(SMB_ACL_T acl_d)
654 if (aclsort(acl_d->count, 1, acl_d->acl) != 0) {
662 int sys_acl_set_file(char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
667 struct acl *acl_buf = NULL;
670 if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
675 if (stat(name, &s) != 0) {
679 acl_p = &acl_d->acl[0];
680 acl_count = acl_d->count;
683 * if it's a directory there is extra work to do
684 * since the acl() system call will replace both
685 * the access ACLs and the default ACLs (if any)
687 if (S_ISDIR(s.st_mode)) {
693 if (type == SMB_ACL_TYPE_ACCESS) {
696 tmp_acl = sys_acl_get_file(name, SMB_ACL_TYPE_DEFAULT);
701 tmp_acl = sys_acl_get_file(name, SMB_ACL_TYPE_ACCESS);
704 if (tmp_acl == NULL) {
709 * allocate a temporary buffer for the complete ACL
711 acl_count = acc_acl->count + def_acl->count;
713 acl_buf = malloc(acl_count * sizeof(acl_buf[0]));
715 if (acl_buf == NULL) {
716 sys_acl_free_acl(tmp_acl);
722 * copy the access control and default entries into the buffer
724 memcpy(&acl_buf[0], &acc_acl->acl[0],
725 acc_acl->count * sizeof(acl_buf[0]));
727 memcpy(&acl_buf[acc_acl->count], &def_acl->acl[0],
728 def_acl->count * sizeof(acl_buf[0]));
731 * set the ACL_DEFAULT flag on the default entries
733 for (i = acc_acl->count; i < acl_count; i++) {
734 acl_buf[i].a_type |= ACL_DEFAULT;
737 sys_acl_free_acl(tmp_acl);
739 } else if (type != SMB_ACL_TYPE_ACCESS) {
744 if (aclsort(acl_count, 1, acl_p) != 0) {
748 ret = acl(name, SETACL, acl_count, acl_p);
758 int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
760 if (aclsort(acl_d->count, 1, acl_d->acl) != 0) {
765 return facl(fd, SETACL, acl_d->count, &acl_d->acl[0]);
768 int sys_acl_free_text(char *text)
774 int sys_acl_free_acl(SMB_ACL_T acl_d)
780 int sys_acl_free_qualifier(void *qual)
785 #elif defined(HAVE_IRIX_ACLS)
787 int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
789 if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
794 if (entry_p == NULL) {
799 if (entry_id == SMB_ACL_FIRST_ENTRY) {
803 if (acl_d->next < 0) {
808 if (acl_d->next >= acl_d->aclp->acl_cnt) {
812 *entry_p = &acl_d->aclp->acl_entry[acl_d->next++];
817 int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
819 *type_p = entry_d->ae_tag;
824 int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
826 *permset_p = entry_d;
831 void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
833 if (entry_d->ae_tag != SMB_ACL_USER
834 && entry_d->ae_tag != SMB_ACL_GROUP) {
839 return &entry_d->ae_id;
842 SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
846 if ((a = malloc(sizeof(*a))) == NULL) {
850 if ((a->aclp = acl_get_file(path_p, type)) == NULL) {
859 SMB_ACL_T sys_acl_get_fd(int fd)
863 if ((a = malloc(sizeof(*a))) == NULL) {
867 if ((a->aclp = acl_get_fd(fd)) == NULL) {
876 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
878 permset_d->ae_perm = 0;
883 int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
885 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
886 && perm != SMB_ACL_EXECUTE) {
891 if (permset_d == NULL) {
896 permset_d->ae_perm |= perm;
901 int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
903 return permset_d->ae_perm & perm;
906 char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
908 return acl_to_text(acl_d->aclp, len_p);
911 SMB_ACL_T sys_acl_init(int count)
920 if ((a = malloc(sizeof(*a) + sizeof(struct acl))) == NULL) {
927 a->aclp = (struct acl *)(&a->aclp + sizeof(struct acl *));
928 a->aclp->acl_cnt = 0;
934 int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
937 SMB_ACL_ENTRY_T entry_d;
939 if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
944 if (acl_d->aclp->acl_cnt >= ACL_MAX_ENTRIES) {
949 entry_d = &acl_d->aclp->acl_entry[acl_d->aclp->acl_cnt++];
952 entry_d->ae_perm = 0;
958 int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
962 case SMB_ACL_USER_OBJ:
964 case SMB_ACL_GROUP_OBJ:
967 entry_d->ae_tag = tag_type;
977 int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
979 if (entry_d->ae_tag != SMB_ACL_GROUP
980 && entry_d->ae_tag != SMB_ACL_USER) {
985 entry_d->ae_id = *((id_t *)qual_p);
990 int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
992 if (permset_d->ae_perm & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
996 entry_d->ae_perm = permset_d->ae_perm;
1001 int sys_acl_valid(SMB_ACL_T acl_d)
1003 return acl_valid(acl_d->aclp);
1006 int sys_acl_set_file(char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
1008 return acl_set_file(name, type, acl_d->aclp);
1011 int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
1013 return acl_set_fd(fd, acl_d->aclp);
1016 int sys_acl_free_text(char *text)
1018 return acl_free(text);
1021 int sys_acl_free_acl(SMB_ACL_T acl_d)
1023 if (acl_d->freeaclp) {
1024 acl_free(acl_d->aclp);
1030 int sys_acl_free_qualifier(void *qual)
1035 #elif defined(HAVE_XFS_ACLS)
1036 /* For Linux SGI/XFS Filesystems
1037 * contributed by J Trostel, Connex
1040 /* based on the implementation for Solaris by Toomas Soome.. which is
1041 * based on the implementation by Micheal Davidson for Unixware...
1043 * Linux XFS is a 'work-in-progress'
1044 * This interface may change...
1045 * You've been warned ;-> */
1047 /* First, do the identity mapping */
1049 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
1051 if( acl_get_entry( the_acl, entry_id, entry_p) >= 0) {
1059 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
1061 return acl_get_file( path_p, type);
1064 SMB_ACL_T sys_acl_get_fd(int fd)
1066 return acl_get_fd(fd);
1069 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
1071 return acl_to_text( the_acl, plen);
1074 int sys_acl_valid( SMB_ACL_T theacl )
1076 return acl_valid(theacl);
1079 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
1081 return acl_set_file(name, acltype, theacl);
1084 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
1086 return acl_set_fd(fd, theacl);
1089 /* Now the functions I need to define for XFS */
1091 int sys_acl_create_entry( SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
1100 if((*acl_p == NULL) || (ace == NULL)){
1106 if( (cnt + 1) > ACL_MAX_ENTRIES ){
1111 newacl = (acl_t)malloc(sizeof(struct acl));
1118 newacl->acl_entry[cnt] = *ace;
1119 newacl->acl_cnt = cnt + 1;
1123 *entry_p = &newacl->acl_entry[cnt];
1128 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
1130 *tag_type_p = entry_d->ae_tag;
1134 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
1136 *permset_p = &entry_d->ae_perm;
1140 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
1142 if (entry_d->ae_tag != SMB_ACL_USER
1143 && entry_d->ae_tag != SMB_ACL_GROUP) {
1147 return &entry_d->ae_id;
1150 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
1156 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1158 return (*permset & perm);
1161 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1164 // TO DO: Add in ALL possible permissions here
1165 // TO DO: Include extended ones!!
1167 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE && perm != SMB_ACL_EXECUTE) {
1172 if(permset == NULL) {
1182 SMB_ACL_T sys_acl_init( int count)
1185 if((count > ACL_MAX_ENTRIES) || (count < 0)) {
1190 a = (struct acl *)malloc(sizeof(struct acl)); // where is this memory freed?
1196 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
1201 case SMB_ACL_USER_OBJ:
1203 case SMB_ACL_GROUP_OBJ:
1206 entry_d->ae_tag = tag_type;
1215 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry_d, void *qual_p)
1217 if(entry_d->ae_tag != SMB_ACL_GROUP &&
1218 entry_d->ae_tag != SMB_ACL_USER) {
1223 entry_d->ae_id = *((uid_t *)qual_p);
1228 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
1230 // TO DO: expand to extended permissions eventually!
1232 if(*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
1239 int sys_acl_free_text(char *text)
1241 return acl_free(text);
1244 int sys_acl_free_acl(SMB_ACL_T the_acl)
1246 return acl_free(the_acl);
1249 int sys_acl_free_qualifier(void *qual)
1254 #else /* No ACLs. */
1256 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
1262 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
1268 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
1274 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
1280 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
1283 return (SMB_ACL_T)NULL;
1286 SMB_ACL_T sys_acl_get_fd(int fd)
1289 return (SMB_ACL_T)NULL;
1292 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
1298 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1304 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1307 return (permset & perm) ? 1 : 0;
1310 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
1316 int sys_acl_free_text(char *text)
1322 SMB_ACL_T sys_acl_init( int count)
1328 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
1334 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
1340 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
1346 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
1352 int sys_acl_valid( SMB_ACL_T theacl )
1358 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
1364 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
1370 int sys_acl_free_acl(SMB_ACL_T the_acl)
1376 int sys_acl_free_qualifier(void *qual)
1382 #endif /* No ACLs. */
git.samba.org / abartlet / samba.git / .git / blob