Getting and setting SDs from Python for testing ...

Richard Sharpe realrichardsharpe at gmail.com
Sun Mar 25 17:16:09 MDT 2012


On Sun, Mar 25, 2012 at 4:07 PM, Amitay Isaacs <amitay at gmail.com> wrote:
> Hi Richard,
>
> 2012/3/26 Richard Sharpe <realrichardsharpe at gmail.com>:
>> Hi Folks,
>>
>> Well, this patch now works for me but I am unhappy with it and want to
>> move to treating the security_info parameters as optional. The
>> following patch is sent mainly to get feedback ...
>>
>> diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c
>> index 2f9a579..bc90df7 100644
>> --- a/source4/libcli/pysmb.c
>> +++ b/source4/libcli/pysmb.c
>> @@ -302,9 +302,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObj
>>        union smb_fileinfo fio;
>>        struct smb_private_data *spdata;
>>        const char *filename;
>> +       int sinfo = 0;
>>        int fnum;
>>
>> -       if (!PyArg_ParseTuple(args, "s:get_acl", &filename)) {
>> +       if (!PyArg_ParseTuple(args, "si:get_acl", &filename, &sinfo)) {
>>                return NULL;
>>        }
>>
>> @@ -335,7 +336,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObj
>>
>>        fio.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
>>        fio.query_secdesc.in.file.fnum = fnum;
>> -       fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
>> +       if (sinfo)
>> +               fio.query_secdesc.in.secinfo_flags = sinfo;
>> +       else
>> +               fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
>>                                                SECINFO_GROUP |
>>                                                SECINFO_DACL |
>>                                                SECINFO_PROTECTED_DACL |
>> @@ -367,9 +371,10 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObj
>>        const char *filename;
>>        PyObject *py_sd;
>>        struct security_descriptor *sd;
>> +       uint32_t sinfo = 0;
>>        int fnum;
>>
>> -       if (!PyArg_ParseTuple(args, "sO:set_acl", &filename, &py_sd)) {
>> +       if (!PyArg_ParseTuple(args, "sOi:set_acl", &filename, &py_sd, &sinfo)) {
>>                return NULL;
>>        }
>>
>> @@ -410,7 +415,7 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObje
>>
>>        fio.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
>>        fio.set_secdesc.in.file.fnum = fnum;
>> -       fio.set_secdesc.in.secinfo_flags = 0;
>> +       fio.set_secdesc.in.secinfo_flags = sinfo;
>>        fio.set_secdesc.in.sd = sd;
>>
>>        status = smb_raw_set_secdesc(spdata->tree, &fio);
>> @@ -447,10 +452,10 @@ static PyMethodDef py_smb_methods[] = {
>>                "chkpath(path) -> True or False\n\n \
>>                Return true if path exists, false otherwise." },
>>        { "get_acl", (PyCFunction)py_smb_getacl, METH_VARARGS,
>> -               "get_acl(path) -> security_descriptor object\n\n \
>> +               "get_acl(path, security_info) -> security_descriptor object\n\n
>>                Get security descriptor for file." },
>>        { "set_acl", (PyCFunction)py_smb_setacl, METH_VARARGS,
>> -               "set_acl(path, security_descriptor) -> None\n\n \
>> +               "set_acl(path, security_descriptor, security_info) -> None\n\n \
>>                Set security descriptor for file." },
>>        { NULL },
>>  };
>> @@ -522,7 +527,7 @@ static PyTypeObject PySMB = {
>>        .tp_new = py_smb_new,
>>        .tp_flags = Py_TPFLAGS_DEFAULT,
>>        .tp_methods = py_smb_methods,
>> -       .tp_doc = "SMB(hostname, service[, lp[, creds]]) -> SMB connection objec
>> +       .tp_doc = "SMB(hostname, service[, creds[, lp]]) -> SMB connection objec
>>
>>  };
>>
>
> You can convert sinfo as an optional argument using kwargs.
>
> For example, check py_smb_new().

Sure, thanks.

Do you have any objections to the approach I am taking?

I would also want to fix the issue in set_acl (security_info needs to
be set to something useful if it is not supplied on the call.)

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)


More information about the samba-technical mailing list