On Fri, 19 Aug 2011 22:27:12 -0500 shirishpargaonkar@xxxxxxxxx wrote: > > Implement utilities getcifsacl and setcifsacl > > > Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx> > > > Set of patches to build utilities getcifsacl and setcifsacl > along with their manpages. > > getcifsacl fetches a security descriptor of a file off of a > share mounted using option cifsacl using API getxattr. > It then parses the security descriptor printing control > porttion of the security descriptor and then DACL if there > is one by printing each ACE with it fields, SID, type, flags, and mask. > > setcifsacl builds two lists of ACEs, one specified on the command line > and other fetched from the file the way getcifacl does. > It then constructs a security descriptor consisting of ACL > and uses API setxattr to send the security descriptor as a blob to > the server. setcifsacl also works with files off of shares > mounted with option cifsacl. > > manpages are provided for both the utilities with some examples > in setcifsacl manpage. The usage of getcifsacl is simple and > very much self explanatory. > > With these utilities, there is a way to interprete and construct a > blob describing security descritpor of a file system object. > > These utilities are modeled after smbcacls command in the > Samba suite. > Other than my comments on the header and the autoconf stuff, I think this is probably OK. I do wonder whether time would be better spent on getting RichACL's into the VFS, but this certainly doesn't preclude that, and seems useful. One minor nit: you should add the manpages before the autoconf changes to make sure that bisectability is preserved. -- Jeff Layton <jlayton@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
