X-Git-Url: http://git.samba.org/samba.git/?p=nivanova%2Fsamba-autobuild%2F.git;a=blobdiff_plain;f=source3%2Futils%2Fsmbcquotas.c;h=522af1730633f5ec75577eb0c3831ed4c1c0e662;hp=9c7379ca2a9c94837213afe270d02cda8fb6d1d8;hb=d096de56b16c50c7cc22df08895dc29567ee15d7;hpb=d031ba5c83d3243a7509692097c3a1a25aa34553;ds=sidebyside
diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c
index 9c7379ca2a9..522af173063 100644
--- a/source3/utils/smbcquotas.c
+++ b/source3/utils/smbcquotas.c
@@ -9,7 +9,7 @@
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
@@ -18,49 +18,59 @@
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see .
*/
#include "includes.h"
+#include "popt_common.h"
+#include "../librpc/gen_ndr/ndr_lsa.h"
+#include "rpc_client/cli_lsarpc.h"
+#include "fake_file.h"
+#include "../libcli/security/security.h"
-static pstring server;
+static char *server;
/* numeric is set when the user wants numeric SIDs and ACEs rather
than going via LSA calls to resolve them */
-static BOOL numeric;
-static BOOL verbose;
+static bool numeric;
+static bool verbose;
enum todo_values {NOOP_QUOTA=0,FS_QUOTA,USER_QUOTA,LIST_QUOTA,SET_QUOTA};
enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR};
-static struct cli_state *cli_ipc = NULL;
-static POLICY_HND pol;
-static BOOL got_policy_hnd;
+static struct cli_state *cli_ipc;
+static struct rpc_pipe_client *global_pipe_hnd;
+static struct policy_handle pol;
+static bool got_policy_hnd;
+static struct user_auth_info *smbcquotas_auth_info;
static struct cli_state *connect_one(const char *share);
/* Open cli connection and policy handle */
-static BOOL cli_open_policy_hnd(void)
+static bool cli_open_policy_hnd(void)
{
/* Initialise cli LSA connection */
if (!cli_ipc) {
+ NTSTATUS ret;
cli_ipc = connect_one("IPC$");
- if (!cli_nt_session_open (cli_ipc, PI_LSARPC)) {
+ ret = cli_rpc_pipe_open_noauth(cli_ipc,
+ &ndr_table_lsarpc.syntax_id,
+ &global_pipe_hnd);
+ if (!NT_STATUS_IS_OK(ret)) {
return False;
}
}
-
+
/* Open policy handle */
if (!got_policy_hnd) {
- /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED,
+ /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED,
but NT sends 0x2000000 so we might as well do it too. */
- if (!NT_STATUS_IS_OK(cli_lsa_open_policy(cli_ipc, cli_ipc->mem_ctx, True,
+ if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True,
GENERIC_EXECUTE_ACCESS, &pol))) {
return False;
}
@@ -72,20 +82,20 @@ static BOOL cli_open_policy_hnd(void)
}
/* convert a SID to a string, either numeric or username/group */
-static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric)
+static void SidToString(fstring str, struct dom_sid *sid, bool _numeric)
{
char **domains = NULL;
char **names = NULL;
- uint32 *types = NULL;
+ enum lsa_SidType *types = NULL;
- sid_to_string(str, sid);
+ sid_to_fstring(str, sid);
if (_numeric) return;
/* Ask LSA to convert the sid to a name */
if (!cli_open_policy_hnd() ||
- !NT_STATUS_IS_OK(cli_lsa_lookup_sids(cli_ipc, cli_ipc->mem_ctx,
+ !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, talloc_tos(),
&pol, 1, sid, &domains,
&names, &types)) ||
!domains || !domains[0] || !names || !names[0]) {
@@ -101,19 +111,19 @@ static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric)
}
/* convert a string to a SID, either numeric or username/group */
-static BOOL StringToSid(DOM_SID *sid, const char *str)
+static bool StringToSid(struct dom_sid *sid, const char *str)
{
- uint32 *types = NULL;
- DOM_SID *sids = NULL;
- BOOL result = True;
+ enum lsa_SidType *types = NULL;
+ struct dom_sid *sids = NULL;
+ bool result = True;
- if (strncmp(str, "S-", 2) == 0) {
- return string_to_sid(sid, str);
+ if (string_to_sid(sid, str)) {
+ return true;
}
if (!cli_open_policy_hnd() ||
- !NT_STATUS_IS_OK(cli_lsa_lookup_names(cli_ipc, cli_ipc->mem_ctx,
- &pol, 1, &str, &sids,
+ !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, talloc_tos(),
+ &pol, 1, &str, NULL, 1, &sids,
&types))) {
result = False;
goto done;
@@ -132,15 +142,21 @@ static BOOL StringToSid(DOM_SID *sid, const char *str)
enum {PARSE_FLAGS,PARSE_LIM};
-static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA_TYPE *qtype, int *cmd, SMB_NTQUOTA_STRUCT *pqt)
+static int parse_quota_set(TALLOC_CTX *ctx,
+ char *set_str,
+ char **pp_username_str,
+ enum SMB_QUOTA_TYPE *qtype,
+ int *cmd,
+ SMB_NTQUOTA_STRUCT *pqt)
{
char *p = set_str,*p2;
int todo;
- BOOL stop = False;
- BOOL enable = False;
- BOOL deny = False;
-
- if (strncasecmp(set_str,"UQLIM:",6)==0) {
+ bool stop = False;
+ bool enable = False;
+ bool deny = False;
+
+ *pp_username_str = NULL;
+ if (strnequal(set_str,"UQLIM:",6)) {
p += 6;
*qtype = SMB_USER_QUOTA_TYPE;
*cmd = QUOTA_SETLIM;
@@ -148,18 +164,18 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
if ((p2=strstr(p,":"))==NULL) {
return -1;
}
-
+
*p2 = '\0';
p2++;
-
- fstrcpy(username_str,p);
+
+ *pp_username_str = talloc_strdup(ctx, p);
p = p2;
- } else if (strncasecmp(set_str,"FSQLIM:",7)==0) {
+ } else if (strnequal(set_str,"FSQLIM:",7)) {
p +=7;
*qtype = SMB_USER_FS_QUOTA_TYPE;
*cmd = QUOTA_SETLIM;
todo = PARSE_LIM;
- } else if (strncasecmp(set_str,"FSQFLAGS:",9)==0) {
+ } else if (strnequal(set_str,"FSQFLAGS:",9)) {
p +=9;
todo = PARSE_FLAGS;
*qtype = SMB_USER_FS_QUOTA_TYPE;
@@ -170,14 +186,10 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
switch (todo) {
case PARSE_LIM:
-#if defined(HAVE_LONGLONG)
- if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) {
-#else
- if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) {
-#endif
+ if (sscanf(p,"%"PRIu64"/%"PRIu64,&pqt->softlim,&pqt->hardlim)!=2) {
return -1;
}
-
+
break;
case PARSE_FLAGS:
while (!stop) {
@@ -189,13 +201,13 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
p2++;
}
- if (strncasecmp(p,"QUOTA_ENABLED",13)==0) {
+ if (strnequal(p,"QUOTA_ENABLED",13)) {
enable = True;
- } else if (strncasecmp(p,"DENY_DISK",9)==0) {
+ } else if (strnequal(p,"DENY_DISK",9)) {
deny = True;
- } else if (strncasecmp(p,"LOG_SOFTLIMIT",13)==0) {
+ } else if (strnequal(p,"LOG_SOFTLIMIT",13)) {
pqt->qflags |= QUOTAS_LOG_THRESHOLD;
- } else if (strncasecmp(p,"LOG_HARDLIMIT",13)==0) {
+ } else if (strnequal(p,"LOG_HARDLIMIT",13)) {
pqt->qflags |= QUOTAS_LOG_LIMIT;
} else {
return -1;
@@ -209,35 +221,45 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
} else if (enable) {
pqt->qflags |= QUOTAS_ENABLED;
}
-
- break;
+
+ break;
}
return 0;
}
-static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd, pstring username_str, SMB_NTQUOTA_STRUCT *pqt)
+static int do_quota(struct cli_state *cli,
+ enum SMB_QUOTA_TYPE qtype,
+ uint16 cmd,
+ const char *username_str,
+ SMB_NTQUOTA_STRUCT *pqt)
{
uint32 fs_attrs = 0;
- int quota_fnum = 0;
+ uint16_t quota_fnum = 0;
SMB_NTQUOTA_LIST *qtl = NULL;
SMB_NTQUOTA_STRUCT qt;
+ NTSTATUS status;
+
ZERO_STRUCT(qt);
- if (!cli_get_fs_attr_info(cli, &fs_attrs)) {
+ status = cli_get_fs_attr_info(cli, &fs_attrs);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("Failed to get the filesystem attributes %s.\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
if (!(fs_attrs & FILE_VOLUME_QUOTAS)) {
d_printf("Quotas are not supported by the server.\n");
- return 0;
+ return 0;
}
- if (!cli_get_quota_handle(cli, "a_fnum)) {
- d_printf("Failed to open \\%s %s.\n",
- FAKE_FILE_NAME_QUOTA,cli_errstr(cli));
+ status = cli_get_quota_handle(cli, "a_fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Quotas are not enabled on this share.\n");
+ d_printf("Failed to open %s %s.\n",
+ FAKE_FILE_NAME_QUOTA_WIN32,
+ nt_errstr(status));
return -1;
}
@@ -247,7 +269,7 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
d_printf("StringToSid() failed for [%s]\n",username_str);
return -1;
}
-
+
switch(cmd) {
case QUOTA_GET:
if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
@@ -278,12 +300,12 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
return -1;
}
dump_ntquota_list(&qtl,verbose,numeric,SidToString);
- free_ntquota_list(&qtl);
+ free_ntquota_list(&qtl);
break;
default:
d_printf("Unknown Error\n");
return -1;
- }
+ }
break;
case SMB_USER_FS_QUOTA_TYPE:
switch(cmd) {
@@ -337,7 +359,7 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
default:
d_printf("Unknown Error\n");
return -1;
- }
+ }
break;
default:
d_printf("Unknown Error\n");
@@ -349,34 +371,58 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
return 0;
}
-/*****************************************************
-return a connection to a server
+/*****************************************************
+ Return a connection to a server.
*******************************************************/
+
static struct cli_state *connect_one(const char *share)
{
struct cli_state *c;
- struct in_addr ip;
+ struct sockaddr_storage ss;
NTSTATUS nt_status;
- zero_ip(&ip);
-
- if (!cmdline_auth_info.got_pass) {
- char *pass = getpass("Password: ");
- if (pass) {
- pstrcpy(cmdline_auth_info.password, pass);
- cmdline_auth_info.got_pass = True;
- }
+ uint32_t flags = 0;
+
+ zero_sockaddr(&ss);
+
+ if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) &&
+ !set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) {
+ return NULL;
}
- if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server,
- &ip, 0,
- share, "?????",
- cmdline_auth_info.username, lp_workgroup(),
- cmdline_auth_info.password, 0, NULL))) {
- return c;
- } else {
+ if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
+ CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+
+ }
+
+ set_cmdline_auth_info_getpass(smbcquotas_auth_info);
+
+ nt_status = cli_full_connection(&c, global_myname(), server,
+ &ss, 0,
+ share, "?????",
+ get_cmdline_auth_info_username(smbcquotas_auth_info),
+ lp_workgroup(),
+ get_cmdline_auth_info_password(smbcquotas_auth_info),
+ flags,
+ get_cmdline_auth_info_signing_state(smbcquotas_auth_info));
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
}
+
+ if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) {
+ nt_status = cli_cm_force_encryption(c,
+ get_cmdline_auth_info_username(smbcquotas_auth_info),
+ get_cmdline_auth_info_password(smbcquotas_auth_info),
+ lp_workgroup(),
+ share);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ cli_shutdown(c);
+ return NULL;
+ }
+ }
+
+ return c;
}
/****************************************************************************
@@ -388,15 +434,16 @@ static struct cli_state *connect_one(const char *share)
int opt;
int result;
int todo = 0;
- pstring username_str = {0};
- pstring path = {0};
- pstring set_str = {0};
- enum SMB_QUOTA_TYPE qtype;
+ char *username_str = NULL;
+ char *path = NULL;
+ char *set_str = NULL;
+ enum SMB_QUOTA_TYPE qtype = SMB_INVALID_QUOTA_TYPE;
int cmd = 0;
- static BOOL test_args = False;
+ static bool test_args = False;
struct cli_state *cli;
- BOOL fix_user = False;
+ bool fix_user = False;
SMB_NTQUOTA_STRUCT qt;
+ TALLOC_CTX *frame = talloc_stackframe();
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
@@ -408,34 +455,50 @@ SETSTRING:\n\
UQLIM:// for user quotas\n\
FSQLIM:/ for filesystem defaults\n\
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
- { "numeric", 'n', POPT_ARG_NONE, &numeric, True, "Don't resolve sids or limits to names" },
- { "verbose", 'v', POPT_ARG_NONE, &verbose, True, "be verbose" },
- { "test-args", 't', POPT_ARG_NONE, &test_args, True, "Test arguments"},
+ { "numeric", 'n', POPT_ARG_NONE, NULL, 'n', "Don't resolve sids or limits to names" },
+ { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "be verbose" },
+ { "test-args", 't', POPT_ARG_NONE, NULL, 'r', "Test arguments"},
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
{ NULL }
};
+ load_case_tables();
+
ZERO_STRUCT(qt);
- setlinebuf(stdout);
+ /* set default debug level to 1 regardless of what smb.conf sets */
+ setup_logging( "smbcquotas", DEBUG_STDERR);
+ lp_set_cmdline("log level", "1");
- dbf = x_stderr;
+ setlinebuf(stdout);
fault_setup(NULL);
- setup_logging(argv[0],True);
-
-
- lp_load(dyn_CONFIGFILE,True,False,False);
+ lp_load(get_dyn_CONFIGFILE(),True,False,False,True);
load_interfaces();
+ smbcquotas_auth_info = user_auth_info_init(frame);
+ if (smbcquotas_auth_info == NULL) {
+ exit(1);
+ }
+ popt_common_set_auth_info(smbcquotas_auth_info);
+
pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
-
+
poptSetOtherOptionHelp(pc, "//server1/share1");
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
+ case 'n':
+ numeric = true;
+ break;
+ case 'v':
+ verbose = true;
+ break;
+ case 't':
+ test_args = true;
+ break;
case 'L':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
@@ -451,23 +514,29 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
}
todo = FS_QUOTA;
break;
-
+
case 'u':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
exit(EXIT_PARSE_ERROR);
}
- pstrcpy(username_str,poptGetOptArg(pc));
+ username_str = talloc_strdup(frame, poptGetOptArg(pc));
+ if (!username_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
todo = USER_QUOTA;
fix_user = True;
break;
-
+
case 'S':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
exit(EXIT_PARSE_ERROR);
}
- pstrcpy(set_str,poptGetOptArg(pc));
+ set_str = talloc_strdup(frame, poptGetOptArg(pc));
+ if (!set_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
todo = SET_QUOTA;
break;
}
@@ -476,34 +545,44 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
if (todo == 0)
todo = USER_QUOTA;
- if (!fix_user)
- pstrcpy(username_str,cmdline_auth_info.username);
+ if (!fix_user) {
+ username_str = talloc_strdup(
+ frame, get_cmdline_auth_info_username(smbcquotas_auth_info));
+ if (!username_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
+ }
/* Make connection to server */
- if(!poptPeekArg(pc)) {
+ if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
exit(EXIT_PARSE_ERROR);
}
-
- pstrcpy(path, poptGetArg(pc));
- all_string_sub(path,"/","\\",0);
+ path = talloc_strdup(frame, poptGetArg(pc));
+ if (!path) {
+ printf("Out of memory\n");
+ exit(EXIT_PARSE_ERROR);
+ }
+
+ string_replace(path, '/', '\\');
- pstrcpy(server,path+2);
+ server = SMB_STRDUP(path+2);
+ if (!server) {
+ printf("Out of memory\n");
+ exit(EXIT_PARSE_ERROR);
+ }
share = strchr_m(server,'\\');
if (!share) {
- share = strchr_m(server,'/');
- if (!share) {
- printf("Invalid argument: %s\n", share);
- exit(EXIT_PARSE_ERROR);
- }
+ printf("Invalid argument: %s\n", share);
+ exit(EXIT_PARSE_ERROR);
}
*share = 0;
share++;
if (todo == SET_QUOTA) {
- if (parse_quota_set(set_str, username_str, &qtype, &cmd, &qt)) {
+ if (parse_quota_set(talloc_tos(), set_str, &username_str, &qtype, &cmd, &qt)) {
printf("Invalid argument: -S %s\n", set_str);
exit(EXIT_PARSE_ERROR);
}
@@ -540,6 +619,7 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
break;
}
+ talloc_free(frame);
+
return result;
}
-