|
Packit |
5f9837 |
/*
|
|
Packit |
5f9837 |
* Header file for getcifsacl and setcifsacl utilities
|
|
Packit |
5f9837 |
*
|
|
Packit |
5f9837 |
* Copyright (C) Shirish Pargaonkar (shirishp@us.ibm.com) 2011
|
|
Packit |
5f9837 |
*
|
|
Packit |
5f9837 |
* Has various access rights, security descriptor fields defines
|
|
Packit |
5f9837 |
* and data structures related to security descriptor, DACL, ACE,
|
|
Packit |
5f9837 |
* and SID.
|
|
Packit |
5f9837 |
*
|
|
Packit |
5f9837 |
* This program is free software; you can redistribute it and/or modify
|
|
Packit |
5f9837 |
* it under the terms of the GNU General Public License as published by
|
|
Packit |
5f9837 |
* the Free Software Foundation; either version 2 of the License, or
|
|
Packit |
5f9837 |
* (at your option) any later version.
|
|
Packit |
5f9837 |
* This program is distributed in the hope that it will be useful,
|
|
Packit |
5f9837 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
5f9837 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit |
5f9837 |
* GNU General Public License for more details.
|
|
Packit |
5f9837 |
* You should have received a copy of the GNU General Public License
|
|
Packit |
5f9837 |
* along with this program; if not, write to the Free Software
|
|
Packit |
5f9837 |
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
Packit |
5f9837 |
*/
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#include "cifsidmap.h"
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#ifndef _CIFSACL_H
|
|
Packit |
5f9837 |
#define _CIFSACL_H
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#define BUFSIZE 1024
|
|
Packit |
5f9837 |
#define ATTRNAME "system.cifs_acl"
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#define MAX_NUM_AUTHS 6
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* File specific rights */
|
|
Packit |
5f9837 |
#define READ_DATA 0x00000001 /* R */
|
|
Packit |
5f9837 |
#define WRITE_DATA 0x00000002 /* W */
|
|
Packit |
5f9837 |
#define APPEND_DATA 0x00000004 /* A */
|
|
Packit |
5f9837 |
#define READ_EA 0x00000008 /* REA */
|
|
Packit |
5f9837 |
#define WRITE_EA 0x00000010 /* WEA */
|
|
Packit |
5f9837 |
#define EXEC 0x00000020 /* E */
|
|
Packit |
5f9837 |
#define DELDHLD 0x00000040 /* DC */
|
|
Packit |
5f9837 |
#define READ_ATTR 0x00000080 /* RA */
|
|
Packit |
5f9837 |
#define WRITE_ATTR 0x00000100 /* WA */
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* Standard rights */
|
|
Packit |
5f9837 |
#define DELETE 0x00010000 /* D */
|
|
Packit |
5f9837 |
#define READ_CONTROL 0x00020000 /* RC */
|
|
Packit |
5f9837 |
#define WRITE_DAC 0x00040000 /* P */
|
|
Packit |
5f9837 |
#define WRITE_OWNER 0x00080000 /* O */
|
|
Packit |
5f9837 |
#define SYNC 0x00100000 /* S */
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* Generic rights */
|
|
Packit |
5f9837 |
#define SYSSEC 0x01000000
|
|
Packit |
5f9837 |
#define MAX 0x02000000
|
|
Packit |
5f9837 |
#define ALL 0x10000000
|
|
Packit |
5f9837 |
#define EXECUTE 0x20000000 /* GE */
|
|
Packit |
5f9837 |
#define WRITE 0x40000000 /* GW */
|
|
Packit |
5f9837 |
#define READ 0x80000000 /* GR */
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* D | RC | P | O | S | R | W | A | E | DC | REA | WEA | RA | WA */
|
|
Packit |
5f9837 |
#define FULL_CONTROL 0x001f01ff
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* RC | S | R | E | REA | RA */
|
|
Packit |
5f9837 |
#define EREAD 0x001200a9
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* RC | S | R | E | REA | GR | GE */
|
|
Packit |
5f9837 |
#define OREAD 0xa01200a1
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* RC | S | R | REA | RA */
|
|
Packit |
5f9837 |
#define BREAD 0x00120089
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* W | A | WA | WEA| */
|
|
Packit |
5f9837 |
#define EWRITE 0x00000116
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* D | RC | S | R | W | A | E |REA | WEA | RA | WA */
|
|
Packit |
5f9837 |
#define CHANGE 0x001301bf
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* GR | RC | REA | RA | REA | R */
|
|
Packit |
5f9837 |
#define ALL_READ_BITS 0x80020089
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/* WA | WEA | A | W */
|
|
Packit |
5f9837 |
#define ALL_WRITE_BITS 0x40000116
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#define OBJECT_INHERIT_FLAG 0x01 /* OI */
|
|
Packit |
5f9837 |
#define CONTAINER_INHERIT_FLAG 0x02 /* CI */
|
|
Packit |
5f9837 |
#define NO_PROPAGATE_INHERIT_FLAG 0x04 /* NP */
|
|
Packit |
5f9837 |
#define INHERIT_ONLY_FLAG 0x08 /* IO */
|
|
Packit |
5f9837 |
#define INHERITED_ACE_FLAG 0x10 /* I */
|
|
Packit |
5f9837 |
#define VFLAGS (OBJECT_INHERIT_FLAG|CONTAINER_INHERIT_FLAG|NO_PROPAGATE_INHERIT_FLAG|INHERIT_ONLY_FLAG|INHERITED_ACE_FLAG)
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#define ACCESS_ALLOWED 0 /* ALLOWED */
|
|
Packit |
5f9837 |
#define ACCESS_DENIED 1 /* DENIED */
|
|
Packit |
5f9837 |
#define ACCESS_ALLOWED_OBJECT 5 /* OBJECT_ALLOWED */
|
|
Packit |
5f9837 |
#define ACCESS_DENIED_OBJECT 6 /* OBJECT_DENIED */
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#define COMPSID 0x1
|
|
Packit |
5f9837 |
#define COMPTYPE 0x2
|
|
Packit |
5f9837 |
#define COMPFLAG 0x4
|
|
Packit |
5f9837 |
#define COMPMASK 0x8
|
|
Packit |
5f9837 |
#define COMPALL (COMPSID|COMPTYPE|COMPFLAG|COMPMASK)
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
/*
|
|
Packit |
5f9837 |
* While not indicated here, the structs below represent on-the-wire data
|
|
Packit |
5f9837 |
* structures. Any multi-byte values are expected to be little-endian!
|
|
Packit |
5f9837 |
*
|
|
Packit |
5f9837 |
* FIXME: should we change these to use endianness annotations?
|
|
Packit |
5f9837 |
*/
|
|
Packit |
5f9837 |
struct cifs_ntsd {
|
|
Packit |
5f9837 |
uint16_t revision; /* revision level */
|
|
Packit |
5f9837 |
uint16_t type;
|
|
Packit |
5f9837 |
uint32_t osidoffset;
|
|
Packit |
5f9837 |
uint32_t gsidoffset;
|
|
Packit |
5f9837 |
uint32_t sacloffset;
|
|
Packit |
5f9837 |
uint32_t dacloffset;
|
|
Packit |
5f9837 |
} __attribute__((packed));
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
struct cifs_ctrl_acl {
|
|
Packit |
5f9837 |
uint16_t revision; /* revision level */
|
|
Packit |
5f9837 |
uint16_t size;
|
|
Packit |
5f9837 |
uint32_t num_aces;
|
|
Packit |
5f9837 |
} __attribute__((packed));
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
struct cifs_ace {
|
|
Packit |
5f9837 |
uint8_t type;
|
|
Packit |
5f9837 |
uint8_t flags;
|
|
Packit |
5f9837 |
uint16_t size;
|
|
Packit |
5f9837 |
uint32_t access_req;
|
|
Packit |
5f9837 |
struct cifs_sid sid; /* ie UUID of user or group who gets these perms */
|
|
Packit |
5f9837 |
} __attribute__((packed));
|
|
Packit |
5f9837 |
|
|
Packit |
5f9837 |
#endif /* CIFSACL_H */
|