[PATCH] Extend cifs acl utilities to handle SACLs
Pavel Shilovsky
piastryyy at gmail.com
Wed Dec 9 19:12:07 UTC 2020
Squashed the 2nd patch into the 1st and merged into "next". Please let
me know if you'd like those patches to go separately.
--
Best regards,
Pavel Shilovsky
пт, 20 нояб. 2020 г. в 14:07, Boris Protopopov via samba-technical
<samba-technical at lists.samba.org>:
>
> Fixed error cases for insufficient privileges, added
> attribute not supported error case for getcifsacl.
>
> Signed-off-by: Boris Protopopov <pboris at amazon.com>
> ---
> getcifsacl.c | 17 ++++++++++++++---
> 1 file changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/getcifsacl.c b/getcifsacl.c
> index 1c72e7c..c1974d3 100644
> --- a/getcifsacl.c
> +++ b/getcifsacl.c
> @@ -445,15 +445,26 @@ getxattr:
> free(attrval);
> bufsize += BUFSIZE;
> goto cifsacl;
> - } else if ((errno == EPERM || errno == EACCES) &&
> - !(strcmp(attrname, ATTRNAME_NTSD_FULL))) {
> + } else if (errno == EIO && !(strcmp(attrname, ATTRNAME_NTSD_FULL))) {
> /*
> * attempt to fetch SACL in addition to owner and DACL via
> * ATTRNAME_NTSD_FULL, fall back to owner/DACL via
> * ATTRNAME_ACL if not allowed
> + * CIFS client maps STATUS_PRIVILEGE_NOT_HELD to EIO
> */
> - fprintf(stderr, "Insufficient permissions to fetch full descriptor for %s\n",
> + fprintf(stderr, "WARGNING: Insufficient priviledges to fetch SACL for %s\n",
> filename);
> + fprintf(stderr, " Fetching owner info and DACL only\n");
> + attrname = ATTRNAME_ACL;
> + goto getxattr;
> + } else if (errno == EOPNOTSUPP && !(strcmp(attrname, ATTRNAME_NTSD_FULL))) {
> + /*
> + * no support for fetching SACL, fall back to owner/DACL via
> + * ATTRNAME_ACL
> + */
> + fprintf(stderr, "WARNING: CIFS client does not support fetching SACL for %s\n",
> + filename);
> + fprintf(stderr, " Fetching owner info and DACL only\n");
> attrname = ATTRNAME_ACL;
> goto getxattr;
> } else {
> --
> 2.23.3
>
>
More information about the samba-technical
mailing list