[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Thu Aug 2 05:28:02 MDT 2012
The branch, master has been updated
via 1e5098d s3-pysmbd: Add hook for get_nt_acl()
via 64f494d s3-pysmbd: fix DEBUG
via e5686a4 s3-pysmbd: Add my copyright
via 55a0d66 s3-pysmbd: Add set_nt_acl() function based on parts of vfstest
via b041d29 s3-pypassdb: Fix wrapper for pdb_domain_info to return correct dns_{domain,forest}
from e956253 s4:torture: send the TCONX_FLAG_EXTENDED_RESPONSE flag
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1e5098d5e1bb4dd2df6af690ad5555e1b4b52a8d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 2 15:16:13 2012 +1000
s3-pysmbd: Add hook for get_nt_acl()
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug 2 13:27:55 CEST 2012 on sn-devel-104
commit 64f494de5e8e468a3adde62b02843d734d6cc483
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 2 13:36:55 2012 +1000
s3-pysmbd: fix DEBUG
commit e5686a4cf0931d8a89ed8f5922fd00d93b7893ea
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 2 13:36:43 2012 +1000
s3-pysmbd: Add my copyright
commit 55a0d6606c76463296188582c52821a7607ade7b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 2 13:35:24 2012 +1000
s3-pysmbd: Add set_nt_acl() function based on parts of vfstest
This will allow us to set the full NT ACL on a file, using the VFS
layer, during provision of the AD DC.
Andrew Bartlett
commit b041d29c116a5d93b70a2cea5f808e81b9e12556
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Aug 2 18:05:03 2012 +1000
s3-pypassdb: Fix wrapper for pdb_domain_info to return correct dns_{domain,forest}
-----------------------------------------------------------------------
Summary of changes:
source3/passdb/py_passdb.c | 4 +-
source3/smbd/pysmbd.c | 143 +++++++++++++++++++++++++++++++++++++++++++-
source3/wscript_build | 2 +-
3 files changed, 144 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c
index 7043ce6..bd332e1 100644
--- a/source3/passdb/py_passdb.c
+++ b/source3/passdb/py_passdb.c
@@ -1368,8 +1368,8 @@ static PyObject *py_pdb_domain_info(pytalloc_Object *self, PyObject *args)
}
PyDict_SetItemString(py_domain_info, "name", PyString_FromString(domain_info->name));
- PyDict_SetItemString(py_domain_info, "dns_domain", PyString_FromString(domain_info->name));
- PyDict_SetItemString(py_domain_info, "dns_forest", PyString_FromString(domain_info->name));
+ PyDict_SetItemString(py_domain_info, "dns_domain", PyString_FromString(domain_info->dns_domain));
+ PyDict_SetItemString(py_domain_info, "dns_forest", PyString_FromString(domain_info->dns_forest));
PyDict_SetItemString(py_domain_info, "dom_sid", pytalloc_steal(dom_sid_Type, sid));
PyDict_SetItemString(py_domain_info, "guid", pytalloc_steal(guid_Type, guid));
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 5badb3a..9a44d25 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -1,9 +1,13 @@
/*
Unix SMB/CIFS implementation.
- SMB NT Security Descriptor / Unix permission conversion.
+ Set NT and POSIX ACLs and other VFS operations from Python
+
+ Copyrigyt (C) Andrew Bartlett 2012
Copyright (C) Jeremy Allison 1994-2009.
Copyright (C) Andreas Gruenbacher 2002.
Copyright (C) Simo Sorce <idra at samba.org> 2009.
+ Copyright (C) Simo Sorce 2002
+ Copyright (C) Eric Lorimer 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -23,6 +27,9 @@
#include "smbd/smbd.h"
#include <Python.h>
#include "libcli/util/pyerrors.h"
+#include "librpc/rpc/pyrpc_util.h"
+#include <pytalloc.h>
+#include "system/filesys.h"
extern const struct generic_mapping file_generic_mapping;
@@ -58,7 +65,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
ret = SMB_VFS_SYS_ACL_SET_FILE( conn, fname, acltype, theacl);
if (ret != 0) {
status = map_nt_error_from_unix_common(ret);
- DEBUG(0,("get_nt_acl_no_snum: fset_nt_acl returned zero.\n"));
+ DEBUG(0,("set_nt_acl_no_snum: fset_nt_acl returned zero.\n"));
}
conn_free(conn);
@@ -66,6 +73,83 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
return status;
}
+static NTSTATUS set_nt_acl_no_snum(const char *fname,
+ uint32 security_info_sent, const struct security_descriptor *sd)
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+ connection_struct *conn;
+ NTSTATUS status = NT_STATUS_OK;
+ files_struct *fsp;
+ struct smb_filename *smb_fname = NULL;
+ int flags;
+
+ conn = talloc_zero(frame, connection_struct);
+ if (conn == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!(conn->params = talloc(conn, struct share_params))) {
+ DEBUG(0,("get_nt_acl_no_snum: talloc() failed!\n"));
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ conn->params->service = -1;
+
+ set_conn_connectpath(conn, "/");
+
+ smbd_vfs_init(conn);
+
+ fsp = talloc(frame, struct files_struct);
+ if (fsp == NULL) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+ fsp->fh = talloc(fsp, struct fd_handle);
+ if (fsp->fh == NULL) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+ fsp->conn = conn;
+
+ status = create_synthetic_smb_fname_split(fsp, fname, NULL,
+ &smb_fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+ return status;
+ }
+
+ fsp->fsp_name = smb_fname;
+
+#ifdef O_DIRECTORY
+ flags = O_RDONLY|O_DIRECTORY;
+#else
+ /* POSIX allows us to open a directory with O_RDONLY. */
+ flags = O_RDONLY;
+#endif
+
+ fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, 00400);
+ if (fsp->fh->fd == -1 && errno == EISDIR) {
+ fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, O_RDWR, 00400);
+ }
+ if (fsp->fh->fd == -1) {
+ printf("open: error=%d (%s)\n", errno, strerror(errno));
+ TALLOC_FREE(frame);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ status = SMB_VFS_FSET_NT_ACL( fsp, security_info_sent, sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("set_nt_acl_no_snum: fset_nt_acl returned %s.\n", nt_errstr(status)));
+ }
+
+ conn_free(conn);
+ TALLOC_FREE(frame);
+
+ return status;
+}
+
static SMB_ACL_T make_simple_acl(uid_t uid, gid_t gid)
{
@@ -195,6 +279,55 @@ static PyObject *py_smbd_have_posix_acls(PyObject *self, PyObject *args)
#endif
}
+/*
+ set a simple ACL on a file, as a test
+ */
+static PyObject *py_smbd_set_nt_acl(PyObject *self, PyObject *args)
+{
+ NTSTATUS status;
+ char *fname;
+ int security_info_sent;
+ PyObject *py_sd;
+ struct security_descriptor *sd;
+
+ if (!PyArg_ParseTuple(args, "siO", &fname, &security_info_sent, &py_sd))
+ return NULL;
+
+ if (!py_check_dcerpc_type(py_sd, "samba.dcerpc.security", "descriptor")) {
+ return NULL;
+ }
+
+ sd = pytalloc_get_type(py_sd, struct security_descriptor);
+
+ status = set_nt_acl_no_snum(fname, security_info_sent, sd);
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+
+ Py_RETURN_NONE;
+}
+
+/*
+ set a simple ACL on a file, as a test
+ */
+static PyObject *py_smbd_get_nt_acl(PyObject *self, PyObject *args)
+{
+ char *fname;
+ int security_info_sent;
+ PyObject *py_sd;
+ struct security_descriptor *sd;
+ TALLOC_CTX *tmp_ctx = talloc_new(NULL);
+
+ if (!PyArg_ParseTuple(args, "si", &fname, &security_info_sent))
+ return NULL;
+
+ sd = get_nt_acl_no_snum(tmp_ctx, fname);
+
+ py_sd = py_return_ndr_struct("samba.dcerpc.security", "security_descriptor", sd, sd);
+
+ talloc_free(tmp_ctx);
+
+ return py_sd;
+}
+
static PyMethodDef py_smbd_methods[] = {
{ "have_posix_acls",
(PyCFunction)py_smbd_have_posix_acls, METH_VARARGS,
@@ -202,6 +335,12 @@ static PyMethodDef py_smbd_methods[] = {
{ "set_simple_acl",
(PyCFunction)py_smbd_set_simple_acl, METH_VARARGS,
NULL },
+ { "set_nt_acl",
+ (PyCFunction)py_smbd_set_nt_acl, METH_VARARGS,
+ NULL },
+ { "get_nt_acl",
+ (PyCFunction)py_smbd_get_nt_acl, METH_VARARGS,
+ NULL },
{ NULL }
};
diff --git a/source3/wscript_build b/source3/wscript_build
index bed31a1..40afdd7 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -1585,7 +1585,7 @@ bld.SAMBA3_BINARY('vlp',
bld.SAMBA3_PYTHON('pysmbd',
source='smbd/pysmbd.c',
- deps='smbd_base',
+ deps='smbd_base pyrpc_util',
realname='samba/samba3/smbd.so'
)
--
Samba Shared Repository
More information about the samba-cvs
mailing list