root/source3/modules/nfs4_acls.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /*
   2  * NFS4 ACL handling
   3  *
   4  * Copyright (C) Jim McDonough, 2006
   5  * Reused & renamed some parts of AIX 5.3 sys/acl.h structures
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, see <http://www.gnu.org/licenses/>.
  19  */
  20 
  21 #ifndef __NFS4_ACLS_H__
  22 #define __NFS4_ACLS_H__
  23 
  24 #define SMB_ACLTYPE_NONE 0
  25 #define SMB_ACLTYPE_UNKNOWN 1
  26 #define SMB_ACLTYPE_POSIX 2
  27 #define SMB_ACLTYPE_NFS4 4
  28 
  29 /* 
  30  * Following union captures the identity as 
  31  * used in the NFS4 ACL structures. 
  32  */
  33 typedef union _SMB_NFS4_ACEWHOID_T {
  34         uid_t   uid;    /* User id */
  35         gid_t   gid;    /* Group id */
  36         uint32  special_id;     /* Identifies special identities in NFS4 */
  37 
  38 #define SMB_ACE4_WHO_OWNER         0x00000001 /*The owner of the file. */
  39 #define SMB_ACE4_WHO_GROUP         0x00000002 /*The group associated with the file. */
  40 #define SMB_ACE4_WHO_EVERYONE      0x00000003 /*The world. */
  41 #define SMB_ACE4_WHO_INTERACTIVE   0x00000004 /*Accessed from an interactive terminal. */
  42 #define SMB_ACE4_WHO_NETWORK       0x00000005 /*Accessed via the network. */
  43 #define SMB_ACE4_WHO_DIALUP        0x00000006 /*Accessed as a dialup user to the server. */
  44 #define SMB_ACE4_WHO_BATCH         0x00000007 /*Accessed from a batch job. */
  45 #define SMB_ACE4_WHO_ANONYMOUS     0x00000008 /*Accessed without any authentication. */
  46 #define SMB_ACE4_WHO_AUTHENTICATED 0x00000009 /*Any authenticated user (opposite of ANONYMOUS) */
  47 #define SMB_ACE4_WHO_SERVICE       0x0000000A /*Access from a system service. */
  48 #define SMB_ACE4_WHO_MAX                SMB_ACE4_WHO_SERVICE  /* largest valid ACE4_WHO */
  49         uint32 id;
  50 } SMB_NFS4_ACEWHOID_T;
  51 
  52 typedef struct _SMB_ACE4PROP_T { 
  53         uint32  flags;  /* Bit mask defining details of ACE */
  54 /*The following are constants for flags field */
  55 /* #define      SMB_ACE4_ID_NOT_VALID   0x00000001 - from aix/jfs2 */
  56 #define SMB_ACE4_ID_SPECIAL             0x00000002
  57 
  58         SMB_NFS4_ACEWHOID_T     who;    /* Identifies to whom this ACE applies */
  59 
  60         /* The following part of ACE has the same layout as NFSv4 wire format. */
  61 
  62         uint32  aceType;        /* Type of ACE PERMIT/ALLOW etc*/
  63 /*The constants used for the type field (acetype4) are as follows: */
  64 #define SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE        0x00000000
  65 #define SMB_ACE4_ACCESS_DENIED_ACE_TYPE 0x00000001
  66 #define SMB_ACE4_SYSTEM_AUDIT_ACE_TYPE  0x00000002
  67 #define SMB_ACE4_SYSTEM_ALARM_ACE_TYPE  0x00000003
  68 #define SMB_ACE4_MAX_TYPE       ACE4_SYSTEM_ALARM_ACE_TYPE  /* largest valid ACE4_TYPE */
  69 
  70         uint32  aceFlags;       /* Controls Inheritance and such */
  71 /*The bitmask constants used for the flag field are as follows: */
  72 #define SMB_ACE4_FILE_INHERIT_ACE             0x00000001
  73 #define SMB_ACE4_DIRECTORY_INHERIT_ACE        0x00000002
  74 #define SMB_ACE4_NO_PROPAGATE_INHERIT_ACE     0x00000004
  75 #define SMB_ACE4_INHERIT_ONLY_ACE             0x00000008
  76 #define SMB_ACE4_SUCCESSFUL_ACCESS_ACE_FLAG   0x00000010
  77 #define SMB_ACE4_FAILED_ACCESS_ACE_FLAG       0x00000020
  78 #define SMB_ACE4_IDENTIFIER_GROUP             0x00000040
  79 #define SMB_ACE4_ALL_FLAGS      ( SMB_ACE4_FILE_INHERIT_ACE | SMB_ACE4_DIRECTORY_INHERIT_ACE \
  80 | SMB_ACE4_NO_PROPAGATE_INHERIT_ACE | SMB_ACE4_INHERIT_ONLY_ACE | SMB_ACE4_SUCCESSFUL_ACCESS_ACE_FLAG \
  81 | SMB_ACE4_FAILED_ACCESS_ACE_FLAG | SMB_ACE4_IDENTIFIER_GROUP )
  82 
  83         uint32  aceMask;        /* Access rights */
  84 /*The bitmask constants used for the access mask field are as follows: */
  85 #define SMB_ACE4_READ_DATA            0x00000001
  86 #define SMB_ACE4_LIST_DIRECTORY       0x00000001
  87 #define SMB_ACE4_WRITE_DATA           0x00000002
  88 #define SMB_ACE4_ADD_FILE             0x00000002
  89 #define SMB_ACE4_APPEND_DATA          0x00000004
  90 #define SMB_ACE4_ADD_SUBDIRECTORY     0x00000004
  91 #define SMB_ACE4_READ_NAMED_ATTRS     0x00000008
  92 #define SMB_ACE4_WRITE_NAMED_ATTRS    0x00000010
  93 #define SMB_ACE4_EXECUTE              0x00000020
  94 #define SMB_ACE4_DELETE_CHILD         0x00000040
  95 #define SMB_ACE4_READ_ATTRIBUTES      0x00000080
  96 #define SMB_ACE4_WRITE_ATTRIBUTES     0x00000100
  97 #define SMB_ACE4_DELETE               0x00010000
  98 #define SMB_ACE4_READ_ACL             0x00020000
  99 #define SMB_ACE4_WRITE_ACL            0x00040000
 100 #define SMB_ACE4_WRITE_OWNER          0x00080000
 101 #define SMB_ACE4_SYNCHRONIZE          0x00100000
 102 #define SMB_ACE4_ALL_MASKS      ( SMB_ACE4_READ_DATA | SMB_ACE4_LIST_DIRECTORY \
 103 | SMB_ACE4_WRITE_DATA | SMB_ACE4_ADD_FILE | SMB_ACE4_APPEND_DATA | SMB_ACE4_ADD_SUBDIRECTORY \
 104 | SMB_ACE4_READ_NAMED_ATTRS | SMB_ACE4_WRITE_NAMED_ATTRS | SMB_ACE4_EXECUTE | SMB_ACE4_DELETE_CHILD \
 105 | SMB_ACE4_READ_ATTRIBUTES | SMB_ACE4_WRITE_ATTRIBUTES | SMB_ACE4_DELETE | SMB_ACE4_READ_ACL \
 106 | SMB_ACE4_WRITE_ACL | SMB_ACE4_WRITE_OWNER | SMB_ACE4_SYNCHRONIZE )
 107 } SMB_ACE4PROP_T;
 108 
 109 /*
 110  * Never allocate these structures on your own
 111  * use create_smb4acl instead
 112  */
 113 typedef struct _SMB4ACL_T {char dontuse;} SMB4ACL_T;
 114 typedef struct _SMB4ACE_T {char dontuse;} SMB4ACE_T;
 115 
 116 SMB4ACL_T *smb_create_smb4acl(void);
 117 
 118 /* prop's contents are copied */
 119 /* it doesn't change the order, appends */
 120 SMB4ACE_T *smb_add_ace4(SMB4ACL_T *theacl, SMB_ACE4PROP_T *prop);
 121 
 122 SMB_ACE4PROP_T *smb_get_ace4(SMB4ACE_T *ace);
 123 
 124 /* Returns NULL if none - or error */
 125 SMB4ACE_T *smb_first_ace4(SMB4ACL_T *theacl);
 126 
 127 /* Returns NULL in the end - or error */
 128 SMB4ACE_T *smb_next_ace4(SMB4ACE_T *ace);
 129 
 130 uint32 smb_get_naces(SMB4ACL_T *theacl);
 131 
 132 NTSTATUS smb_fget_nt_acl_nfs4(files_struct *fsp,
 133         uint32 security_info,
 134         SEC_DESC **ppdesc, SMB4ACL_T *theacl);
 135 
 136 NTSTATUS smb_get_nt_acl_nfs4(connection_struct *conn,
 137         const char *name,
 138         uint32 security_info,
 139         SEC_DESC **ppdesc, SMB4ACL_T *theacl);
 140 
 141 /* Callback function needed to set the native acl
 142  * when applicable */
 143 typedef bool (*set_nfs4acl_native_fn_t)(files_struct *, SMB4ACL_T *);
 144 
 145 NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
 146         uint32 security_info_sent,
 147         const SEC_DESC *psd,
 148         set_nfs4acl_native_fn_t set_nfs4_native);
 149 
 150 #endif /* __NFS4_ACLS_H__ */

/* [<][>][^][v][top][bottom][index][help] */