/*
Unix SMB/CIFS implementation.
QUOTA get/set utility
-
+
Copyright (C) Andrew Tridgell 2000
Copyright (C) Tim Potter 2000
Copyright (C) Jeremy Allison 2000
Copyright (C) Stefan (metze) Metzmacher 2003
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "popt_common_cmdline.h"
+#include "rpc_client/cli_pipe.h"
+#include "../librpc/gen_ndr/ndr_lsa.h"
+#include "rpc_client/cli_lsarpc.h"
+#include "fake_file.h"
+#include "../libcli/security/security.h"
+#include "libsmb/libsmb.h"
static char *server;
static struct cli_state *cli_ipc;
static struct rpc_pipe_client *global_pipe_hnd;
-static POLICY_HND pol;
+static struct policy_handle pol;
static bool got_policy_hnd;
static struct cli_state *connect_one(const char *share);
if (!cli_ipc) {
NTSTATUS ret;
cli_ipc = connect_one("IPC$");
- global_pipe_hnd = cli_rpc_pipe_open_noauth(cli_ipc, PI_LSARPC, &ret);
- if (!global_pipe_hnd) {
+ ret = cli_rpc_pipe_open_noauth(cli_ipc,
+ &ndr_table_lsarpc,
+ &global_pipe_hnd);
+ if (!NT_STATUS_IS_OK(ret)) {
return False;
}
}
if (!got_policy_hnd) {
- /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED,
+ /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED,
but NT sends 0x2000000 so we might as well do it too. */
if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True,
got_policy_hnd = True;
}
-
+
return True;
}
/* convert a SID to a string, either numeric or username/group */
-static void SidToString(fstring str, DOM_SID *sid, bool _numeric)
+static void SidToString(fstring str, struct dom_sid *sid, bool _numeric)
{
char **domains = NULL;
char **names = NULL;
enum lsa_SidType *types = NULL;
- sid_to_string(str, sid);
+ sid_to_fstring(str, sid);
if (_numeric) return;
slprintf(str, sizeof(fstring) - 1, "%s%s%s",
domains[0], lp_winbind_separator(),
names[0]);
-
}
/* convert a string to a SID, either numeric or username/group */
-static bool StringToSid(DOM_SID *sid, const char *str)
+static bool StringToSid(struct dom_sid *sid, const char *str)
{
enum lsa_SidType *types = NULL;
- DOM_SID *sids = NULL;
+ struct dom_sid *sids = NULL;
bool result = True;
- if (strncmp(str, "S-", 2) == 0) {
- return string_to_sid(sid, str);
+ if (string_to_sid(sid, str)) {
+ return true;
}
if (!cli_open_policy_hnd() ||
switch (todo) {
case PARSE_LIM:
-#if defined(HAVE_LONGLONG)
- if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) {
-#else
- if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) {
-#endif
+ if (sscanf(p,"%"SCNu64"/%"SCNu64,&pqt->softlim,
+ &pqt->hardlim) != 2)
+ {
return -1;
}
return 0;
}
+
+static const char *quota_str_static(uint64_t val, bool special, bool _numeric)
+{
+ const char *result;
+
+ if (!_numeric && special && val == 0) {
+ return "NO LIMIT";
+ }
+ result = talloc_asprintf(talloc_tos(), "%"PRIu64, val);
+ SMB_ASSERT(result != NULL);
+ return result;
+}
+
+static void dump_ntquota(SMB_NTQUOTA_STRUCT *qt, bool _verbose,
+ bool _numeric,
+ void (*_sidtostring)(fstring str,
+ struct dom_sid *sid,
+ bool _numeric))
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ if (!qt) {
+ smb_panic("dump_ntquota() called with NULL pointer");
+ }
+
+ switch (qt->qtype) {
+ case SMB_USER_FS_QUOTA_TYPE:
+ {
+ d_printf("File System QUOTAS:\n");
+ d_printf("Limits:\n");
+ d_printf(" Default Soft Limit: %15s\n",
+ quota_str_static(qt->softlim,True,_numeric));
+ d_printf(" Default Hard Limit: %15s\n",
+ quota_str_static(qt->hardlim,True,_numeric));
+ d_printf("Quota Flags:\n");
+ d_printf(" Quotas Enabled: %s\n",
+ ((qt->qflags"AS_ENABLED)
+ ||(qt->qflags"AS_DENY_DISK))?"On":"Off");
+ d_printf(" Deny Disk: %s\n",
+ (qt->qflags"AS_DENY_DISK)?"On":"Off");
+ d_printf(" Log Soft Limit: %s\n",
+ (qt->qflags"AS_LOG_THRESHOLD)?"On":"Off");
+ d_printf(" Log Hard Limit: %s\n",
+ (qt->qflags"AS_LOG_LIMIT)?"On":"Off");
+ }
+ break;
+ case SMB_USER_QUOTA_TYPE:
+ {
+ fstring username_str = {0};
+
+ if (_sidtostring) {
+ _sidtostring(username_str,&qt->sid,_numeric);
+ } else {
+ sid_to_fstring(username_str, &qt->sid);
+ }
+
+ if (_verbose) {
+ d_printf("Quotas for User: %s\n",username_str);
+ d_printf("Used Space: %15s\n",
+ quota_str_static(qt->usedspace,False,
+ _numeric));
+ d_printf("Soft Limit: %15s\n",
+ quota_str_static(qt->softlim,True,
+ _numeric));
+ d_printf("Hard Limit: %15s\n",
+ quota_str_static(qt->hardlim,True,_numeric));
+ } else {
+ d_printf("%-30s: ",username_str);
+ d_printf("%15s/",quota_str_static(
+ qt->usedspace,False,_numeric));
+ d_printf("%15s/",quota_str_static(
+ qt->softlim,True,_numeric));
+ d_printf("%15s\n",quota_str_static(
+ qt->hardlim,True,_numeric));
+ }
+ }
+ break;
+ default:
+ d_printf("dump_ntquota() invalid qtype(%d)\n",qt->qtype);
+ }
+ TALLOC_FREE(frame);
+ return;
+}
+
+static void dump_ntquota_list(SMB_NTQUOTA_LIST **qtl, bool _verbose,
+ bool _numeric,
+ void (*_sidtostring)(fstring str,
+ struct dom_sid *sid,
+ bool _numeric))
+{
+ SMB_NTQUOTA_LIST *cur;
+
+ for (cur = *qtl;cur;cur = cur->next) {
+ if (cur->quotas)
+ dump_ntquota(cur->quotas,_verbose,_numeric,
+ _sidtostring);
+ }
+}
+
static int do_quota(struct cli_state *cli,
enum SMB_QUOTA_TYPE qtype,
- uint16 cmd,
+ uint16_t cmd,
const char *username_str,
SMB_NTQUOTA_STRUCT *pqt)
{
- uint32 fs_attrs = 0;
- int quota_fnum = 0;
+ uint32_t fs_attrs = 0;
+ uint16_t quota_fnum = 0;
SMB_NTQUOTA_LIST *qtl = NULL;
+ TALLOC_CTX *qtl_ctx = NULL;
SMB_NTQUOTA_STRUCT qt;
+ NTSTATUS status;
+
ZERO_STRUCT(qt);
- if (!cli_get_fs_attr_info(cli, &fs_attrs)) {
+ status = cli_get_fs_attr_info(cli, &fs_attrs);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("Failed to get the filesystem attributes %s.\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
return 0;
}
- if (!cli_get_quota_handle(cli, "a_fnum)) {
+ status = cli_get_quota_handle(cli, "a_fnum);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("Quotas are not enabled on this share.\n");
d_printf("Failed to open %s %s.\n",
- FAKE_FILE_NAME_QUOTA_WIN32,cli_errstr(cli));
+ FAKE_FILE_NAME_QUOTA_WIN32,
+ nt_errstr(status));
return -1;
}
switch(cmd) {
case QUOTA_GET:
- if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
+ status = cli_get_user_quota(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_user_quota %s\n",
- cli_errstr(cli),username_str);
+ nt_errstr(status),
+ username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_SETLIM:
pqt->sid = qt.sid;
- if (!cli_set_user_quota(cli, quota_fnum, pqt)) {
+ if ((qtl_ctx = talloc_init(
+ "SMB_USER_QUOTA_SET")) ==
+ NULL) {
+ return -1;
+ }
+
+ if (!add_record_to_ntquota_list(
+ qtl_ctx, pqt, &qtl)) {
+ TALLOC_FREE(qtl_ctx);
+ return -1;
+ }
+
+ status = cli_set_user_quota(
+ cli, quota_fnum, qtl);
+ free_ntquota_list(&qtl);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_set_user_quota %s\n",
- cli_errstr(cli),username_str);
+ nt_errstr(status),
+ username_str);
return -1;
}
- if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
+ status = cli_get_user_quota(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_user_quota %s\n",
- cli_errstr(cli),username_str);
+ nt_errstr(status),
+ username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_LIST:
- if (!cli_list_user_quota(cli, quota_fnum, &qtl)) {
- d_printf("%s cli_set_user_quota %s\n",
- cli_errstr(cli),username_str);
+ status = cli_list_user_quota(
+ cli, quota_fnum, &qtl);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(
+ "%s cli_list_user_quota\n",
+ nt_errstr(status));
return -1;
}
dump_ntquota_list(&qtl,verbose,numeric,SidToString);
case SMB_USER_FS_QUOTA_TYPE:
switch(cmd) {
case QUOTA_GET:
- if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_get_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
break;
case QUOTA_SETLIM:
- if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_get_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
qt.softlim = pqt->softlim;
qt.hardlim = pqt->hardlim;
- if (!cli_set_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_set_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_set_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
- if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_get_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
break;
case QUOTA_SETFLAGS:
- if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_get_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
qt.qflags = pqt->qflags;
- if (!cli_set_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_set_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_set_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
- if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
+ status = cli_get_fs_quota_info(
+ cli, quota_fnum, &qt);
+ if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
- cli_errstr(cli));
+ nt_errstr(status));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
static struct cli_state *connect_one(const char *share)
{
struct cli_state *c;
- struct sockaddr_storage ss;
NTSTATUS nt_status;
- zero_addr(&ss);
+ uint32_t flags = 0;
+
+ if (get_cmdline_auth_info_use_kerberos(popt_get_cmdline_auth_info())) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
+ CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
- if (!get_cmdline_auth_info_got_pass()) {
- char *pass = getpass("Password: ");
- if (pass) {
- set_cmdline_auth_info_password(pass);
- }
}
- if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server,
- &ss, 0,
- share, "?????",
- get_cmdline_auth_info_username(),
- lp_workgroup(),
- get_cmdline_auth_info_password(),
- 0,
- get_cmdline_auth_info_signing_state(),
- NULL))) {
- return c;
- } else {
+ nt_status = cli_full_connection(&c, lp_netbios_name(), server,
+ NULL, 0,
+ share, "?????",
+ get_cmdline_auth_info_username(
+ popt_get_cmdline_auth_info()),
+ get_cmdline_auth_info_domain(
+ popt_get_cmdline_auth_info()),
+ get_cmdline_auth_info_password(
+ popt_get_cmdline_auth_info()),
+ flags,
+ get_cmdline_auth_info_signing_state(
+ popt_get_cmdline_auth_info()));
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
}
+
+ if (get_cmdline_auth_info_smb_encrypt(popt_get_cmdline_auth_info())) {
+ nt_status = cli_cm_force_encryption(c,
+ get_cmdline_auth_info_username(
+ popt_get_cmdline_auth_info()),
+ get_cmdline_auth_info_password(
+ popt_get_cmdline_auth_info()),
+ lp_workgroup(),
+ share);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ cli_shutdown(c);
+ return NULL;
+ }
+ }
+
+ return c;
}
/****************************************************************************
main program
****************************************************************************/
- int main(int argc, const char *argv[])
+int main(int argc, char *argv[])
{
+ const char **argv_const = discard_const_p(const char *, argv);
char *share;
int opt;
int result;
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
- { "user", 'u', POPT_ARG_STRING, NULL, 'u', "Show quotas for user", "user" },
- { "list", 'L', POPT_ARG_NONE, NULL, 'L', "List user quotas" },
- { "fs", 'F', POPT_ARG_NONE, NULL, 'F', "Show filesystem quotas" },
- { "set", 'S', POPT_ARG_STRING, NULL, 'S', "Set acls\n\
-SETSTRING:\n\
-UQLIM:<username>/<softlimit>/<hardlimit> for user quotas\n\
-FSQLIM:<softlimit>/<hardlimit> for filesystem defaults\n\
-FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
- { "numeric", 'n', POPT_ARG_NONE, NULL, 'n', "Don't resolve sids or limits to names" },
- { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "be verbose" },
- { "test-args", 't', POPT_ARG_NONE, NULL, 'r', "Test arguments"},
+ {
+ .longName = "user",
+ .shortName = 'u',
+ .argInfo = POPT_ARG_STRING,
+ .arg = NULL,
+ .val = 'u',
+ .descrip = "Show quotas for user",
+ .argDescrip = "USER",
+ },
+ {
+ .longName = "list",
+ .shortName = 'L',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 'L',
+ .descrip = "List user quotas",
+ },
+ {
+ .longName = "fs",
+ .shortName = 'F',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 'F',
+ .descrip = "Show filesystem quotas",
+ },
+ {
+ .longName = "set",
+ .shortName = 'S',
+ .argInfo = POPT_ARG_STRING,
+ .arg = NULL,
+ .val = 'S',
+ .descrip = "Set acls\n"
+ "SETSTRING:\n"
+ "UQLIM:<username>/<softlimit>/<hardlimit> for user quotas\n"
+ "FSQLIM:<softlimit>/<hardlimit> for filesystem defaults\n"
+ "FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT",
+ .argDescrip = "SETSTRING",
+ },
+ {
+ .longName = "numeric",
+ .shortName = 'n',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 'n',
+ .descrip = "Don't resolve sids or limits to names",
+ },
+ {
+ .longName = "verbose",
+ .shortName = 'v',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 'v',
+ .descrip = "be verbose",
+ },
+ {
+ .longName = "test-args",
+ .shortName = 't',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 't',
+ .descrip = "Test arguments"
+ },
+ {
+ .longName = "max-protocol",
+ .shortName = 'm',
+ .argInfo = POPT_ARG_STRING,
+ .arg = NULL,
+ .val = 'm',
+ .descrip = "Set the max protocol level",
+ .argDescrip = "LEVEL"
+ },
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
- { NULL }
+ POPT_TABLEEND
};
- load_case_tables();
+ smb_init_locale();
ZERO_STRUCT(qt);
/* set default debug level to 1 regardless of what smb.conf sets */
- setup_logging( "smbcquotas", True );
- DEBUGLEVEL_CLASS[DBGC_ALL] = 1;
- dbf = x_stderr;
- x_setbuf( x_stderr, NULL );
+ setup_logging( "smbcquotas", DEBUG_STDERR);
+ lp_set_cmdline("log level", "1");
setlinebuf(stdout);
- fault_setup(NULL);
+ fault_setup();
- lp_load(dyn_CONFIGFILE,True,False,False,True);
- load_interfaces();
-
- pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
+ pc = poptGetContext("smbcquotas", argc, argv_const, long_options, 0);
poptSetOtherOptionHelp(pc, "//server1/share1");
}
todo = SET_QUOTA;
break;
+ case 'm':
+ lp_set_cmdline("client max protocol",
+ poptGetOptArg(pc));
+ break;
}
}
todo = USER_QUOTA;
if (!fix_user) {
- username_str = talloc_strdup(frame, get_cmdline_auth_info_username());
+ username_str = talloc_strdup(
+ frame, get_cmdline_auth_info_username(
+ popt_get_cmdline_auth_info()));
if (!username_str) {
exit(EXIT_PARSE_ERROR);
}
exit(EXIT_PARSE_ERROR);
}
+ poptFreeContext(pc);
+ popt_burn_cmdline_password(argc, argv);
+
string_replace(path, '/', '\\');
server = SMB_STRDUP(path+2);
exit(EXIT_FAILED);
}
} else {
+ popt_free_cmdline_auth_info();
exit(EXIT_OK);
}
result = do_quota(cli, qtype, cmd, username_str, &qt);
break;
default:
-
result = EXIT_FAILED;
break;
}
+ popt_free_cmdline_auth_info();
talloc_free(frame);
return result;