2 Unix SMB/Netbios implementation.
4 Samba system utilities for ACL support.
5 Copyright (C) Jeremy Allison 2000.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern int DEBUGLEVEL;
27 This file wraps all differing system ACL interfaces into a consistent
28 one based on the POSIX interface. It also returns the correct errors
29 for older UNIX systems that don't support ACLs.
31 The interfaces that each ACL implementation must support are as follows :
33 int sys_acl_get_entry( SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
34 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
35 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p
36 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
37 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
38 SMB_ACL_T sys_acl_get_fd(int fd)
39 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset);
40 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
41 char *sys_acl_to_text( SMB_ACL_T theacl, ssize_t *plen)
42 SMB_ACL_T sys_acl_init( int count)
43 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
44 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
45 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
46 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
47 int sys_acl_valid( SMB_ACL_T theacl )
48 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
49 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
51 This next one is not POSIX complient - but we *have* to have it !
52 More POSIX braindamage.
54 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
56 The generic POSIX free is the following call. We split this into
57 several different free functions as we may need to add tag info
58 to structures when emulating the POSIX interface.
60 int sys_acl_free( void *obj_p)
62 The calls we actually use are :
64 int sys_acl_free_text(char *text) - free acl_to_text
65 int sys_acl_free_acl(SMB_ACL_T posix_acl)
66 int sys_acl_free_qualifier(SMB_ACL_T posix_acl)
70 #if defined(HAVE_POSIX_ACLS)
72 /* Identity mapping - easy. */
74 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
76 return acl_get_entry( the_acl, entry_id, entry_p);
79 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
81 return acl_get_tag_type( entry_d, tag_type_p);
84 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
86 return acl_get_permset( entry_d, permset_p);
89 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
91 return acl_get_qualifier( entry_d);
94 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
96 return acl_get_file( path_p, type);
99 SMB_ACL_T sys_acl_get_fd(int fd)
101 return acl_get_fd(fd);
104 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
106 return acl_clear_perms(permset);
109 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
111 return acl_add_perm(permset, perm);
114 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
116 return acl_get_perm(permset, perm);
119 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
121 return acl_to_text( the_acl, plen);
124 SMB_ACL_T sys_acl_init( int count)
126 return acl_init(count);
129 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
131 return acl_create_entry(pacl, pentry);
134 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
136 return acl_set_tag_type(entry, tagtype);
139 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
141 return acl_set_qualifier(entry, qual);
144 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
146 return acl_set_permset(entry, permset);
149 int sys_acl_valid( SMB_ACL_T theacl )
151 return acl_valid(theacl);
154 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
156 return acl_set_file(name, acltype, theacl);
159 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
161 return acl_set_fd(fd, theacl);
164 int sys_acl_free_text(char *text)
166 return acl_free(text);
169 int sys_acl_free_acl(SMB_ACL_T the_acl)
171 return acl_free(the_acl);
174 int sys_acl_free_qualifier(void *qual)
176 return acl_free(qual);
179 #elif defined(HAVE_UNIXWARE_ACLS) || defined(HAVE_SOLARIS_ACLS)
182 * Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
183 * Modified by Toomas Soome <tsoome@ut.ee> for Solaris.
187 * Note that while this code implements sufficient functionality
188 * to support the sys_acl_* interfaces it does not provide all
189 * of the semantics of the POSIX ACL interfaces.
191 * In particular, an ACL entry descriptor (SMB_ACL_ENTRY_T) returned
192 * from a call to sys_acl_get_entry() should not be assumed to be
193 * valid after calling any of the following functions, which may
194 * reorder the entries in the ACL.
202 * The only difference between Solaris and UnixWare / OpenUNIX is
203 * that the #defines for the ACL operations have different names
205 #if defined(HAVE_UNIXWARE_ACLS)
207 #define SETACL ACL_SET
208 #define GETACL ACL_GET
209 #define GETACLCNT ACL_CNT
214 int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
216 if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
221 if (entry_p == NULL) {
226 if (entry_id == SMB_ACL_FIRST_ENTRY) {
230 if (acl_d->next < 0) {
235 if (acl_d->next >= acl_d->count) {
239 *entry_p = &acl_d->acl[acl_d->next++];
244 int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
246 *type_p = entry_d->a_type;
251 int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
253 *permset_p = &entry_d->a_perm;
258 void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
260 if (entry_d->a_type != SMB_ACL_USER
261 && entry_d->a_type != SMB_ACL_GROUP) {
266 return &entry_d->a_id;
270 * There is no way of knowing what size the ACL returned by
271 * GETACL will be unless you first call GETACLCNT which means
272 * making an additional system call.
274 * In the hope of avoiding the cost of the additional system
275 * call in most cases, we initially allocate enough space for
276 * an ACL with INITIAL_ACL_SIZE entries. If this turns out to
277 * be too small then we use GETACLCNT to find out the actual
278 * size, reallocate the ACL buffer, and then call GETACL again.
281 #define INITIAL_ACL_SIZE 16
283 SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
286 int count; /* # of ACL entries allocated */
287 int naccess; /* # of access ACL entries */
288 int ndefault; /* # of default ACL entries */
290 if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
295 count = INITIAL_ACL_SIZE;
296 if ((acl_d = sys_acl_init(count)) == NULL) {
301 * If there isn't enough space for the ACL entries we use
302 * GETACLCNT to determine the actual number of ACL entries
303 * reallocate and try again. This is in a loop because it
304 * is possible that someone else could modify the ACL and
305 * increase the number of entries between the call to
306 * GETACLCNT and the call to GETACL.
308 while ((count = acl(path_p, GETACL, count, &acl_d->acl[0])) < 0
309 && errno == ENOSPC) {
311 sys_acl_free_acl(acl_d);
313 if ((count = acl(path_p, GETACLCNT, 0, NULL)) < 0) {
317 if ((acl_d = sys_acl_init(count)) == NULL) {
323 sys_acl_free_acl(acl_d);
328 * calculate the number of access and default ACL entries
330 * Note: we assume that the acl() system call returned a
331 * well formed ACL which is sorted so that all of the
332 * access ACL entries preceed any default ACL entries
334 for (naccess = 0; naccess < count; naccess++) {
335 if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
338 ndefault = count - naccess;
341 * if the caller wants the default ACL we have to copy
342 * the entries down to the start of the acl[] buffer
343 * and mask out the ACL_DEFAULT flag from the type field
345 if (type == SMB_ACL_TYPE_DEFAULT) {
348 for (i = 0, j = naccess; i < ndefault; i++, j++) {
349 acl_d->acl[i] = acl_d->acl[j];
350 acl_d->acl[i].a_type &= ~ACL_DEFAULT;
353 acl_d->count = ndefault;
355 acl_d->count = naccess;
361 SMB_ACL_T sys_acl_get_fd(int fd)
364 int count; /* # of ACL entries allocated */
365 int naccess; /* # of access ACL entries */
367 count = INITIAL_ACL_SIZE;
368 if ((acl_d = sys_acl_init(count)) == NULL) {
372 while ((count = facl(fd, GETACL, count, &acl_d->acl[0])) < 0
373 && errno == ENOSPC) {
375 sys_acl_free_acl(acl_d);
377 if ((count = facl(fd, GETACLCNT, 0, NULL)) < 0) {
381 if ((acl_d = sys_acl_init(count)) == NULL) {
387 sys_acl_free_acl(acl_d);
392 * calculate the number of access ACL entries
394 for (naccess = 0; naccess < count; naccess++) {
395 if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
399 acl_d->count = naccess;
404 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
411 int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
413 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
414 && perm != SMB_ACL_EXECUTE) {
419 if (permset_d == NULL) {
429 int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
431 return *permset_d & perm;
434 char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
441 * use an initial estimate of 20 bytes per ACL entry
442 * when allocating memory for the text representation
446 maxlen = 20 * acl_d->count;
447 if ((text = malloc(maxlen)) == NULL) {
452 for (i = 0; i < acl_d->count; i++) {
453 struct acl *ap = &acl_d->acl[i];
463 switch (ap->a_type) {
465 * for debugging purposes it's probably more
466 * useful to dump unknown tag types rather
467 * than just returning an error
470 slprintf(tagbuf, sizeof(tagbuf)-1, "0x%x",
473 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
479 if ((pw = sys_getpwuid(ap->a_id)) == NULL) {
480 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
486 case SMB_ACL_USER_OBJ:
491 if ((gr = getgrgid(ap->a_id)) == NULL) {
492 slprintf(idbuf, sizeof(idbuf)-1, "%ld",
498 case SMB_ACL_GROUP_OBJ:
512 perms[0] = (ap->a_perm & SMB_ACL_READ) ? 'r' : '-';
513 perms[1] = (ap->a_perm & SMB_ACL_WRITE) ? 'w' : '-';
514 perms[2] = (ap->a_perm & SMB_ACL_EXECUTE) ? 'x' : '-';
517 /* <tag> : <qualifier> : rwx \n \0 */
518 nbytes = strlen(tag) + 1 + strlen(id) + 1 + 3 + 1 + 1;
521 * If this entry would overflow the buffer
522 * allocate enough additional memory for this
523 * entry and an estimate of another 20 bytes
524 * for each entry still to be processed
526 if ((len + nbytes) > maxlen) {
527 char *oldtext = text;
529 maxlen += nbytes + 20 * (acl_d->count - i);
531 if ((text = realloc(oldtext, maxlen)) == NULL) {
538 slprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
548 SMB_ACL_T sys_acl_init(int count)
558 * note that since the definition of the structure pointed
559 * to by the SMB_ACL_T includes the first element of the
560 * acl[] array, this actually allocates an ACL with room
561 * for (count+1) entries
563 if ((a = malloc(sizeof(*a) + count * sizeof(struct acl))) == NULL) {
576 int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
579 SMB_ACL_ENTRY_T entry_d;
581 if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
586 if (acl_d->count >= acl_d->size) {
591 entry_d = &acl_d->acl[acl_d->count++];
600 int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
604 case SMB_ACL_USER_OBJ:
606 case SMB_ACL_GROUP_OBJ:
609 entry_d->a_type = tag_type;
619 int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
621 if (entry_d->a_type != SMB_ACL_GROUP
622 && entry_d->a_type != SMB_ACL_USER) {
627 entry_d->a_id = *((id_t *)qual_p);
632 int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
634 if (*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
638 entry_d->a_perm = *permset_d;
643 int sys_acl_valid(SMB_ACL_T acl_d)
645 if (aclsort(acl_d->count, 1, acl_d->acl) != 0) {
653 int sys_acl_set_file(char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
658 struct acl *acl_buf = NULL;
661 if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
666 if (stat(name, &s) != 0) {
670 acl_p = &acl_d->acl[0];
671 acl_count = acl_d->count;
674 * if it's a directory there is extra work to do
675 * since the acl() system call will replace both
676 * the access ACLs and the default ACLs (if any)
678 if (S_ISDIR(s.st_mode)) {
684 if (type == SMB_ACL_TYPE_ACCESS) {
687 tmp_acl = sys_acl_get_file(name, SMB_ACL_TYPE_DEFAULT);
692 tmp_acl = sys_acl_get_file(name, SMB_ACL_TYPE_ACCESS);
695 if (tmp_acl == NULL) {
700 * allocate a temporary buffer for the complete ACL
702 acl_count = acc_acl->count + def_acl->count;
704 acl_buf = malloc(acl_count * sizeof(acl_buf[0]));
706 if (acl_buf == NULL) {
707 sys_acl_free_acl(tmp_acl);
713 * copy the access control and default entries into the buffer
715 memcpy(&acl_buf[0], &acc_acl->acl[0],
716 acc_acl->count * sizeof(acl_buf[0]));
718 memcpy(&acl_buf[acc_acl->count], &def_acl->acl[0],
719 def_acl->count * sizeof(acl_buf[0]));
722 * set the ACL_DEFAULT flag on the default entries
724 for (i = acc_acl->count; i < acl_count; i++) {
725 acl_buf[i].a_type |= ACL_DEFAULT;
728 sys_acl_free_acl(tmp_acl);
730 } else if (type != SMB_ACL_TYPE_ACCESS) {
735 if (aclsort(acl_count, 1, acl_p) != 0) {
739 ret = acl(name, SETACL, acl_count, acl_p);
749 int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
751 if (aclsort(acl_d->count, 1, acl_d->acl) != 0) {
756 return facl(fd, SETACL, acl_d->count, &acl_d->acl[0]);
759 int sys_acl_free_text(char *text)
765 int sys_acl_free_acl(SMB_ACL_T acl_d)
771 int sys_acl_free_qualifier(void *qual)
776 #elif defined(HAVE_IRIX_ACLS)
778 int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
780 if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
785 if (entry_p == NULL) {
790 if (entry_id == SMB_ACL_FIRST_ENTRY) {
794 if (acl_d->next < 0) {
799 if (acl_d->next >= acl_d->aclp->acl_cnt) {
803 *entry_p = &acl_d->aclp->acl_entry[acl_d->next++];
808 int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
810 *type_p = entry_d->ae_tag;
815 int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
817 *permset_p = entry_d;
822 void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
824 if (entry_d->ae_tag != SMB_ACL_USER
825 && entry_d->ae_tag != SMB_ACL_GROUP) {
830 return &entry_d->ae_id;
833 SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
837 if ((a = malloc(sizeof(*a))) == NULL) {
841 if ((a->aclp = acl_get_file(path_p, type)) == NULL) {
850 SMB_ACL_T sys_acl_get_fd(int fd)
854 if ((a = malloc(sizeof(*a))) == NULL) {
858 if ((a->aclp = acl_get_fd(fd)) == NULL) {
867 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
869 permset_d->ae_perm = 0;
874 int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
876 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
877 && perm != SMB_ACL_EXECUTE) {
882 if (permset_d == NULL) {
887 permset_d->ae_perm |= perm;
892 int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
894 return permset_d->ae_perm & perm;
897 char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
899 return acl_to_text(acl_d->aclp, len_p);
902 SMB_ACL_T sys_acl_init(int count)
911 if ((a = malloc(sizeof(*a) + sizeof(struct acl))) == NULL) {
918 a->aclp = (struct acl *)(&a->aclp + sizeof(struct acl *));
919 a->aclp->acl_cnt = 0;
925 int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
928 SMB_ACL_ENTRY_T entry_d;
930 if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
935 if (acl_d->aclp->acl_cnt >= ACL_MAX_ENTRIES) {
940 entry_d = &acl_d->aclp->acl_entry[acl_d->aclp->acl_cnt++];
943 entry_d->ae_perm = 0;
949 int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
953 case SMB_ACL_USER_OBJ:
955 case SMB_ACL_GROUP_OBJ:
958 entry_d->ae_tag = tag_type;
968 int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
970 if (entry_d->ae_tag != SMB_ACL_GROUP
971 && entry_d->ae_tag != SMB_ACL_USER) {
976 entry_d->ae_id = *((id_t *)qual_p);
981 int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
983 if (permset_d->ae_perm & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
987 entry_d->ae_perm = permset_d->ae_perm;
992 int sys_acl_valid(SMB_ACL_T acl_d)
994 return acl_valid(acl_d->aclp);
997 int sys_acl_set_file(char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
999 return acl_set_file(name, type, acl_d->aclp);
1002 int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
1004 return acl_set_fd(fd, acl_d->aclp);
1007 int sys_acl_free_text(char *text)
1009 return acl_free(text);
1012 int sys_acl_free_acl(SMB_ACL_T acl_d)
1014 if (acl_d->freeaclp) {
1015 acl_free(acl_d->aclp);
1021 int sys_acl_free_qualifier(void *qual)
1026 #elif defined(HAVE_XFS_ACLS)
1027 /* For Linux SGI/XFS Filesystems
1028 * contributed by J Trostel, Connex
1031 /* based on the implementation for Solaris by Toomas Soome.. which is
1032 * based on the implementation by Micheal Davidson for Unixware...
1034 * Linux XFS is a 'work-in-progress'
1035 * This interface may change...
1036 * You've been warned ;-> */
1038 /* First, do the identity mapping */
1040 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
1042 if( acl_get_entry( the_acl, entry_id, entry_p) >= 0) {
1050 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
1052 return acl_get_file( path_p, type);
1055 SMB_ACL_T sys_acl_get_fd(int fd)
1057 return acl_get_fd(fd);
1060 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
1062 return acl_to_text( the_acl, plen);
1065 int sys_acl_valid( SMB_ACL_T theacl )
1067 return acl_valid(theacl);
1070 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
1072 return acl_set_file(name, acltype, theacl);
1075 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
1077 return acl_set_fd(fd, theacl);
1080 /* Now the functions I need to define for XFS */
1082 int sys_acl_create_entry( SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
1091 if((*acl_p == NULL) || (ace == NULL)){
1097 if( (cnt + 1) > ACL_MAX_ENTRIES ){
1102 newacl = (acl_t)malloc(sizeof(struct acl));
1109 newacl->acl_entry[cnt] = *ace;
1110 newacl->acl_cnt = cnt + 1;
1114 *entry_p = &newacl->acl_entry[cnt];
1119 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
1121 *tag_type_p = entry_d->ae_tag;
1125 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
1127 *permset_p = &entry_d->ae_perm;
1131 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
1133 if (entry_d->ae_tag != SMB_ACL_USER
1134 && entry_d->ae_tag != SMB_ACL_GROUP) {
1138 return &entry_d->ae_id;
1141 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
1147 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1149 return (*permset & perm);
1152 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1155 // TO DO: Add in ALL possible permissions here
1156 // TO DO: Include extended ones!!
1158 if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE && perm != SMB_ACL_EXECUTE) {
1163 if(permset == NULL) {
1173 SMB_ACL_T sys_acl_init( int count)
1176 if((count > ACL_MAX_ENTRIES) || (count < 0)) {
1181 a = (struct acl *)malloc(sizeof(struct acl)); // where is this memory freed?
1187 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
1192 case SMB_ACL_USER_OBJ:
1194 case SMB_ACL_GROUP_OBJ:
1197 entry_d->ae_tag = tag_type;
1206 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry_d, void *qual_p)
1208 if(entry_d->ae_tag != SMB_ACL_GROUP &&
1209 entry_d->ae_tag != SMB_ACL_USER) {
1214 entry_d->ae_id = *((uid_t *)qual_p);
1219 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
1221 // TO DO: expand to extended permissions eventually!
1223 if(*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
1230 int sys_acl_free_text(char *text)
1232 return acl_free(text);
1235 int sys_acl_free_acl(SMB_ACL_T the_acl)
1237 return acl_free(the_acl);
1240 int sys_acl_free_qualifier(void *qual)
1245 #else /* No ACLs. */
1247 int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
1253 int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
1259 int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
1265 void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
1271 SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
1274 return (SMB_ACL_T)NULL;
1277 SMB_ACL_T sys_acl_get_fd(int fd)
1280 return (SMB_ACL_T)NULL;
1283 int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
1289 int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1295 int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
1298 return (permset & perm) ? 1 : 0;
1301 char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
1307 int sys_acl_free_text(char *text)
1313 SMB_ACL_T sys_acl_init( int count)
1319 int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
1325 int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
1331 int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
1337 int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
1343 int sys_acl_valid( SMB_ACL_T theacl )
1349 int sys_acl_set_file( char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
1355 int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
1361 int sys_acl_free_acl(SMB_ACL_T the_acl)
1367 int sys_acl_free_qualifier(void *qual)
1373 #endif /* No ACLs. */
git.samba.org / samba.git / blob