Bug 8991 - duplicated option "-S" for smbcacls
Summary: duplicated option "-S" for smbcacls
Status: RESOLVED LATER
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools (show other bugs)
Version: 4.11.0
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-06-11 20:44 UTC by soundlessthj
Modified: 2022-04-20 20:52 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description soundlessthj 2012-06-11 20:44:19 UTC
./smbcacls 
Usage: smbcacls [-?] [-?tV] [-?tV] [-?tVNkPeC] [-?|--help] [--usage] [-D|--delete ACL]
        [-M|--modify ACL] [-a|--add ACL] [-S|--set ACLS] [-C|--chown USERNAME]
        [-G|--chgrp GROUPNAME] [--numeric] [-t|--test-args]
        [-d|--debuglevel DEBUGLEVEL] [-s|--configfile CONFIGFILE]
        [-l|--log-basename LOGFILEBASE] [-V|--version]
        [-O|--socket-options SOCKETOPTIONS] [-n|--netbiosname NETBIOSNAME]
        [-W|--workgroup WORKGROUP] [-i|--scope SCOPE] [-U|--user USERNAME]
        [-N|--no-pass] [-k|--kerberos] [-A|--authentication-file FILE]
        [-S|--signing on|off|required] [-P|--machine-pass] [-e|--encrypt]
        [-C|--use-ccache]
        //server1/share1 filename
ACLs look like: 'ACL:user:[ALLOWED|DENIED]/flags/permissions'

From the usage, we can see that the "-S" option is both used for "--set ACLS" and "--signing on|off|required".
Comment 1 Christian Ambach 2019-10-22 14:16:45 UTC
The same applies to smbcquotas and subtree
Comment 2 Christian Ambach 2019-10-22 14:17:23 UTC
ups, meant to write smbtree
Comment 3 Andrew Bartlett 2019-10-23 03:45:24 UTC
Douglas did a presentation at SambaXP on this: 

https://sambaxp.org/archive-data-samba/SambaXP2019-SLIDES/dbagnall-what-should-we-do-with-our-ui.pdf
Comment 4 Christian Ambach 2019-10-23 10:27:55 UTC
The slides contain lots of findings beside the -S issue in this bug, but no proposal for a fix.
Did something come up in the discussion of the talk or so? Any discussions on samba-technical?

If we look at the -S dilemma, we could do two different things:
-switch the -S parameters of the tools to another letter, to that the original -S becomes usable again. Drawback: we are changing the interface of the tools, users need to adjust scripts etc
-remove the -S is for signing line from the --help outputs to represent how the tools have behaved in the past years. Good stuff: no change for users

However, fixing other letters than -S might become more difficult to fix by breaking up the existing arrays like popt_common_credentials into small enough chunks to catch the different combinations.

I would prefer not to change user experience, but we can also open up a discussion on the mailing list and ask for other's opinions.
Comment 5 Douglas Bagnall 2019-10-24 00:49:28 UTC
(In reply to Christian Ambach from comment #4)

Yes, we shouldn't change the actual behaviour of the scripts (at least on behalf of this bug), but change the --help and usage strings to reflect the true behaviour.

Another way to do it would be to take ownership of third_party/popt and adapt it so it only shows the options that are in effect.

There was quite a bit of discussion in the room, but no fixes came out of it.
Comment 6 Christian Ambach 2022-04-20 20:52:54 UTC
fixed with 4.15 (and the removal of the -S flag for signing)