Getting and setting SDs from Python for testing ...

Sun Mar 25 17:07:05 MDT 2012

Hi Richard,

2012/3/26 Richard Sharpe <realrichardsharpe at gmail.com>:
> Hi Folks,
>
> Well, this patch now works for me but I am unhappy with it and want to
> move to treating the security_info parameters as optional. The
> following patch is sent mainly to get feedback ...
>
> diff --git a/source4/libcli/pysmb.c b/source4/libcli/pysmb.c
> index 2f9a579..bc90df7 100644
> --- a/source4/libcli/pysmb.c
> +++ b/source4/libcli/pysmb.c
> @@ -302,9 +302,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObj
>        union smb_fileinfo fio;
>        struct smb_private_data *spdata;
>        const char *filename;
> +       int sinfo = 0;
>        int fnum;
>
> -       if (!PyArg_ParseTuple(args, "s:get_acl", &filename)) {
> +       if (!PyArg_ParseTuple(args, "si:get_acl", &filename, &sinfo)) {
>                return NULL;
>        }
>
> @@ -335,7 +336,10 @@ static PyObject *py_smb_getacl(pytalloc_Object *self, PyObj
>
>        fio.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
>        fio.query_secdesc.in.file.fnum = fnum;
> -       fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
> +       if (sinfo)
> +               fio.query_secdesc.in.secinfo_flags = sinfo;
> +       else
> +               fio.query_secdesc.in.secinfo_flags = SECINFO_OWNER |
>                                                SECINFO_GROUP |
>                                                SECINFO_DACL |
>                                                SECINFO_PROTECTED_DACL |
> @@ -367,9 +371,10 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObj
>        const char *filename;
>        PyObject *py_sd;
>        struct security_descriptor *sd;
> +       uint32_t sinfo = 0;
>        int fnum;
>
> -       if (!PyArg_ParseTuple(args, "sO:set_acl", &filename, &py_sd)) {
> +       if (!PyArg_ParseTuple(args, "sOi:set_acl", &filename, &py_sd, &sinfo)) {
>                return NULL;
>        }
>
> @@ -410,7 +415,7 @@ static PyObject *py_smb_setacl(pytalloc_Object *self, PyObje
>
>        fio.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
>        fio.set_secdesc.in.file.fnum = fnum;
> -       fio.set_secdesc.in.secinfo_flags = 0;
> +       fio.set_secdesc.in.secinfo_flags = sinfo;
>        fio.set_secdesc.in.sd = sd;
>
>        status = smb_raw_set_secdesc(spdata->tree, &fio);
> @@ -447,10 +452,10 @@ static PyMethodDef py_smb_methods[] = {
>                "chkpath(path) -> True or False\n\n \
>                Return true if path exists, false otherwise." },
>        { "get_acl", (PyCFunction)py_smb_getacl, METH_VARARGS,
> -               "get_acl(path) -> security_descriptor object\n\n \
> +               "get_acl(path, security_info) -> security_descriptor object\n\n
>                Get security descriptor for file." },
>        { "set_acl", (PyCFunction)py_smb_setacl, METH_VARARGS,
> -               "set_acl(path, security_descriptor) -> None\n\n \
> +               "set_acl(path, security_descriptor, security_info) -> None\n\n \
>                Set security descriptor for file." },
>        { NULL },
>  };
> @@ -522,7 +527,7 @@ static PyTypeObject PySMB = {
>        .tp_new = py_smb_new,
>        .tp_flags = Py_TPFLAGS_DEFAULT,
>        .tp_methods = py_smb_methods,
> -       .tp_doc = "SMB(hostname, service[, lp[, creds]]) -> SMB connection objec
> +       .tp_doc = "SMB(hostname, service[, creds[, lp]]) -> SMB connection objec
>
>  };
>

You can convert sinfo as an optional argument using kwargs.

For example, check py_smb_new().

Amitay.