2 Unix SMB/CIFS implementation.
4 Get NT ACLs from UNIX files.
6 Copyright (C) Tim Potter <tpot@samba.org> 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "system/filesys.h"
26 #if (defined(HAVE_NO_ACLS) || !defined(HAVE_XATTR_SUPPORT))
28 int main(int argc, char **argv)
30 printf("ACL support not compiled in.");
36 /* Display a security descriptor in "psec" format which is as follows.
38 The first two lines describe the owner user and owner group of the
39 object. If either of these lines are blank then the respective
40 owner property is not set. The remaining lines list the individual
41 permissions or ACE entries, one per line. Each column describes a
42 different property of the ACE:
45 -------------------------------------------------------------------
46 1 ACE type (allow/deny etc)
49 4 SID the ACE applies to
53 S-1-5-21-1067277791-1719175008-3000797951-500
55 1 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501
56 1 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-501
57 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500
58 0 2 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-500
59 0 9 0x10000000 S-1-5-21-1067277791-1719175008-3000797951-513
60 0 2 0x00020000 S-1-5-21-1067277791-1719175008-3000797951-513
61 0 2 0xe0000000 S-1-1-0
64 static void print_psec(TALLOC_CTX *mem_ctx, struct security_descriptor *sd)
67 printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid));
72 printf("%s\n", dom_sid_string(mem_ctx, sd->owner_sid));
76 /* Note: SACL not displayed */
81 for (i = 0; i < sd->dacl->num_aces; i++) {
82 struct security_ace *ace = &sd->dacl->aces[i];
84 printf("%d %d 0x%08x %s\n", ace->type, ace->flags,
86 dom_sid_string(mem_ctx, &ace->trustee));
92 int main(int argc, char **argv)
97 struct security_descriptor sd;
102 static_init_getntacl;
104 mem_ctx = talloc_init("getntacl");
108 size = getxattr(argv[1], "security.ntacl", NULL, 0);
111 fprintf(stderr, "%s: %s\n", argv[1], strerror(errno));
115 data = talloc_size(mem_ctx, size);
117 size = getxattr(argv[1], "security.ntacl", data, size);
119 blob = data_blob_talloc(mem_ctx, data, size);
121 ndr = ndr_pull_init_blob(&blob, mem_ctx);
123 result = ndr_pull_security_descriptor(
124 ndr, NDR_SCALARS|NDR_BUFFERS, &sd);
126 print_psec(data, &sd);
130 #endif /* HAVE_NO_ACLS */