diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-12-14 22:09:18 +1100 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2013-01-07 16:19:43 -0800 |
commit | 0533905c5df2c0de4f2714df3e29ad90b48b1892 (patch) | |
tree | 4d8334cb89fbd8034fdb3ef84abab56ea6a42667 | |
parent | 813a3f0df91251dd7f920074ff8cd2b45bf48749 (diff) | |
download | samba-0533905c5df2c0de4f2714df3e29ad90b48b1892.tar.gz samba-0533905c5df2c0de4f2714df3e29ad90b48b1892.tar.bz2 samba-0533905c5df2c0de4f2714df3e29ad90b48b1892.zip |
scripting-ntacls: Optionally allow the service to be specified.
Providing a service allows a VFS connect to be issued on the correct
service, and so ensures that the correct modules are loaded rather
than just what is specified in [globals].
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
-rw-r--r-- | source4/scripting/python/samba/ntacls.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py index b89e9e9480..86fe062dc6 100644 --- a/source4/scripting/python/samba/ntacls.py +++ b/source4/scripting/python/samba/ntacls.py @@ -55,7 +55,7 @@ def checkset_backend(lp, backend, eadbfile): raise XattrBackendError("Invalid xattr backend choice %s"%backend) -def getntacl(lp, file, backend=None, eadbfile=None, direct_db_access=True): +def getntacl(lp, file, backend=None, eadbfile=None, direct_db_access=True, service=None): if direct_db_access: (backend_obj, dbname) = checkset_backend(lp, backend, eadbfile) if dbname is not None: @@ -81,10 +81,10 @@ def getntacl(lp, file, backend=None, eadbfile=None, direct_db_access=True): elif ntacl.version == 4: return ntacl.info.sd else: - return smbd.get_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL) + return smbd.get_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, service) -def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True, skip_invalid_chown=False, passdb=None): +def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True, skip_invalid_chown=False, passdb=None, service=None): assert(isinstance(domsid, str) or isinstance(domsid, security.dom_sid)) if isinstance(domsid, str): sid = security.dom_sid(domsid) @@ -117,7 +117,7 @@ def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True sd2 = sd sd2.owner_sid = administrator - smbd.set_nt_acl(file, security.SECINFO_OWNER |security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd2) + smbd.set_nt_acl(file, security.SECINFO_OWNER |security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd2, service) # and then set an NTVFS ACL (which does not set the posix ACL) to pretend the owner really was set use_ntvfs = True @@ -130,7 +130,7 @@ def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True # This won't work in test environments, as it tries a real (rather than xattr-based fake) chown os.chown(file, 0, 0) - smbd.set_nt_acl(file, security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd) + smbd.set_nt_acl(file, security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service) if use_ntvfs: (backend_obj, dbname) = checkset_backend(lp, backend, eadbfile) @@ -151,7 +151,7 @@ def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True samba.xattr_native.wrap_setxattr(file, xattr.XATTR_NTACL_NAME, ndr_pack(ntacl)) else: - smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd) + smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service) def ldapmask2filemask(ldm): |