summaryrefslogtreecommitdiffstats
path: root/source4/scripting/python/samba/netcmd
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-02-25 16:16:33 +1100
committerAndrew Tridgell <tridge@samba.org>2010-02-26 13:59:16 +1100
commit781ad038c96195031053291414a12225eb818fd9 (patch)
treefaf68b7deb844b69cb7463d6c7f689ecc7248971 /source4/scripting/python/samba/netcmd
parentad7223b9bd31f71b8af2ae83361d7e054a433cc5 (diff)
downloadsamba-781ad038c96195031053291414a12225eb818fd9.tar.gz
samba-781ad038c96195031053291414a12225eb818fd9.tar.xz
samba-781ad038c96195031053291414a12225eb818fd9.zip
s4-krb5: propogate errors from a lot more kerberos functions
We need to be able to give sensible error messages when a kerberos calls fails. This propogates the kerberos error up the stack to the caller. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/scripting/python/samba/netcmd')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2025-06-17 17:39:09 +0000
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 
#!/usr/bin/env python

# Unix SMB/CIFS implementation.
# Copyright (C) Matthieu Patou <mat@matws.net> 2009-2010
#
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

"""NT Acls."""


import os
import samba.xattr_native, samba.xattr_tdb
from samba.dcerpc import security, xattr
from samba.ndr import ndr_pack, ndr_unpack

class XattrBackendError(Exception):
    """A generic xattr backend error."""


def checkset_backend(lp, backend, eadbfile):
    '''return the path to the eadb, or None'''
    if backend is None:
        return lp.get("posix:eadb")
    elif backend == "native":
        return None
    elif backend == "tdb":
        if eadbfile is not None:
            return eadbfile
        else:
            return os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb"))
    else:
        raise XattrBackendError("Invalid xattr backend choice %s"%backend)


def getntacl(lp, file, backend=None, eadbfile=None):
    eadbname = checkset_backend(lp, backend, eadbfile)
    if eadbname is not None:
        try:
            attribute = samba.xattr_tdb.wrap_getxattr(eadbname, file, 
                xattr.XATTR_NTACL_NAME)
        except Exception:
            # FIXME: Don't catch all exceptions, just those related to opening 
            # xattrdb
            print "Fail to open %s" % eadbname
            attribute = samba.xattr_native.wrap_getxattr(file,
                xattr.XATTR_NTACL_NAME)
    else:
        attribute = samba.xattr_native.wrap_getxattr(file,
            xattr.XATTR_NTACL_NAME)
    ntacl = ndr_unpack(xattr.NTACL, attribute)
    return ntacl


def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None):
    eadbname = checkset_backend(lp, backend, eadbfile)
    ntacl = xattr.NTACL()
    ntacl.version = 1
    sid = security.dom_sid(domsid)
    sd = security.descriptor.from_sddl(sddl, sid)
    ntacl.info = sd
    if eadbname is not None:
        try:
            samba.xattr_tdb.wrap_setxattr(eadbname,
                file, xattr.XATTR_NTACL_NAME, ndr_pack(ntacl))
        except Exception:
            # FIXME: Don't catch all exceptions, just those related to opening 
            # xattrdb