Some mods to samba.smb.SMB to support test cases for File System ACLs and privs

Sat Mar 31 07:24:39 MDT 2012

Hi Richard,

Am 31/03/12 06:45, schrieb Richard Sharpe:
> On Thu, Mar 29, 2012 at 9:41 PM, Richard Sharpe
> <realrichardsharpe at gmail.com> wrote:
>>>>> Hi Richard,
>>>>>
>>>>> Instead of adding specific open_close_file(), can you add open() and
>>>>> close() as separate calls? That paves a way for adding read/write
>>>>> stuff at a later date.
> OK, is this what you had in mind (plus a py_close_file)?
I suspect Amitay meant returning an object that represents a file rather
than the file descriptor, but this seems to work well too.
>
> +/*
> + * Open the file with the parameters passed in and return an object if OK
> + */
This returns the file descriptor (technically that's also an object, but
it suggests it will return a file-like object).
> +static PyObject *py_open_file(pytalloc_Object *self, PyObject *args, PyObject *
> +{
> +       NTSTATUS status;
> +       union smb_open io;
> +       struct smb_private_data *spdata;
> +       const char *filename;
> +       uint32_t access_mask = 0;
> +       uint32_t share_access = 0;
> +        uint32_t open_disposition = 0;
> +        uint32_t create_options = 0;
> +       int fnum;
> +
> +       if (!PyArg_ParseTuple(args, "si|iii:get_acl",
> +                               &filename,
> +                               &access_mask,
> +                               &share_access,
> +                               &open_disposition,
> +                               &create_options)) {
> +               return NULL;
> +       }
^ you probably want s/get_acl/open_file/.
> +
> +       if (!access_mask)
> +               access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
This looks odd. Is there a particular reason not to assign these values
by default, in the declaration? That way python can just override them
if the user supplies them.
> +
> +       if (!share_access)
> +               share_access = NTCREATEX_SHARE_ACCESS_READ |
> +                               NTCREATEX_SHARE_ACCESS_WRITE;
> +
> +       if (!open_disposition)
> +               open_disposition = NTCREATEX_DISP_OPEN;
> +
> +       ZERO_STRUCT(io);
> +
> +       spdata = self->ptr;

> +
> +       io.generic.level = RAW_OPEN_NTCREATEX;
> +       io.ntcreatex.in.root_fid.fnum = 0;
> +       io.ntcreatex.in.flags = 0;
> +       io.ntcreatex.in.access_mask = access_mask;
> +       io.ntcreatex.in.create_options = create_options;
> +       io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
> +       io.ntcreatex.in.share_access = share_access;
> +       io.ntcreatex.in.alloc_size = 0;
> +       io.ntcreatex.in.open_disposition = open_disposition;
> +       io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
> +       io.ntcreatex.in.security_flags = 0;
> +       io.ntcreatex.in.fname = filename;
> +
> +       status = smb_raw_open(spdata->tree, self->talloc_ctx, &io);
> +       PyErr_NTSTATUS_IS_ERR_RAISE(status);
> +
> +       fnum = io.ntcreatex.out.file.fnum;
> +
> +       return Py_BuildValue("i", fnum);
> +}
If you're returning a single value, you probably want to return just
that rather than a tuple.

Cheers,

Jelmer

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120331/3eb3f94b/attachment.pgp>