diff options
| author | Matt Barden <matt.barden@nexenta.com> | 2019-03-19 14:59:16 -0400 |
|---|---|---|
| committer | Gordon Ross <gwr@nexenta.com> | 2019-11-14 09:23:07 -0500 |
| commit | 0292c176d853baa7e46c9ff8e4f16f63b8cbd6e5 (patch) | |
| tree | 89c8bb52f27d6e2facb863fc2119aabb616a2366 /usr/src/cmd/smbsrv | |
| parent | 06721c885c2d7becabe2cba874b84cdfba66eb47 (diff) | |
| download | illumos-joyent-0292c176d853baa7e46c9ff8e4f16f63b8cbd6e5.tar.gz | |
11773 Need ways to override Domain Admins' full control
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Andrew Stormont <astormont@racktopsystems.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Diffstat (limited to 'usr/src/cmd/smbsrv')
| -rw-r--r-- | usr/src/cmd/smbsrv/smbadm/smbadm.c | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/usr/src/cmd/smbsrv/smbadm/smbadm.c b/usr/src/cmd/smbsrv/smbadm/smbadm.c index d8509aecdf..4d06c00b36 100644 --- a/usr/src/cmd/smbsrv/smbadm/smbadm.c +++ b/usr/src/cmd/smbsrv/smbadm/smbadm.c @@ -20,7 +20,7 @@ */ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. - * Copyright 2017 Nexenta Systems, Inc. All rights reserved. + * Copyright 2019 Nexenta by DDN, Inc. All rights reserved. */ /* @@ -178,6 +178,10 @@ static smbadm_prop_handle_t *smbadm_prop_gethandle(char *pname); static boolean_t smbadm_chkprop_priv(smbadm_prop_t *prop); static int smbadm_setprop_tkowner(char *gname, smbadm_prop_t *prop); static int smbadm_getprop_tkowner(char *gname, smbadm_prop_t *prop); +static int smbadm_setprop_readfile(char *gname, smbadm_prop_t *prop); +static int smbadm_getprop_readfile(char *gname, smbadm_prop_t *prop); +static int smbadm_setprop_writefile(char *gname, smbadm_prop_t *prop); +static int smbadm_getprop_writefile(char *gname, smbadm_prop_t *prop); static int smbadm_setprop_backup(char *gname, smbadm_prop_t *prop); static int smbadm_getprop_backup(char *gname, smbadm_prop_t *prop); static int smbadm_setprop_restore(char *gname, smbadm_prop_t *prop); @@ -192,6 +196,10 @@ static smbadm_prop_handle_t smbadm_ptable[] = { smbadm_getprop_restore, smbadm_chkprop_priv }, {"take-ownership", "on|off", smbadm_setprop_tkowner, smbadm_getprop_tkowner, smbadm_chkprop_priv }, + {"bypass-read", "on|off", smbadm_setprop_readfile, + smbadm_getprop_readfile, smbadm_chkprop_priv }, + {"bypass-write", "on|off", smbadm_setprop_writefile, + smbadm_getprop_writefile, smbadm_chkprop_priv }, {"description", "<string>", smbadm_setprop_desc, smbadm_getprop_desc, NULL }, }; @@ -1807,6 +1815,30 @@ smbadm_getprop_tkowner(char *gname, smbadm_prop_t *prop) } static int +smbadm_setprop_readfile(char *gname, smbadm_prop_t *prop) +{ + return (smbadm_group_setpriv(gname, SE_READ_FILE_LUID, prop)); +} + +static int +smbadm_getprop_readfile(char *gname, smbadm_prop_t *prop) +{ + return (smbadm_group_getpriv(gname, SE_READ_FILE_LUID, prop)); +} + +static int +smbadm_setprop_writefile(char *gname, smbadm_prop_t *prop) +{ + return (smbadm_group_setpriv(gname, SE_WRITE_FILE_LUID, prop)); +} + +static int +smbadm_getprop_writefile(char *gname, smbadm_prop_t *prop) +{ + return (smbadm_group_getpriv(gname, SE_WRITE_FILE_LUID, prop)); +} + +static int smbadm_setprop_backup(char *gname, smbadm_prop_t *prop) { return (smbadm_group_setpriv(gname, SE_BACKUP_LUID, prop)); |