summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-08-23 09:45:07 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-08-23 15:02:26 +0200
commit0aed29105e9d8ddcd27a70d7af820da8813ca47b (patch)
tree9c9cfad154e13af3771b01c543a129606de157c6
parente058dfb3b0714da229d1bddf96c72611af7b1fab (diff)
downloadsamba-0aed29105e9d8ddcd27a70d7af820da8813ca47b.tar.gz
samba-0aed29105e9d8ddcd27a70d7af820da8813ca47b.tar.bz2
samba-0aed29105e9d8ddcd27a70d7af820da8813ca47b.zip
s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum
I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett
-rw-r--r--source3/rpc_server/eventlog/srv_eventlog_nt.c2
-rw-r--r--source3/smbd/posix_acls.c4
-rw-r--r--source3/smbd/proto.h2
-rw-r--r--source3/smbd/pysmbd.c6
-rw-r--r--source4/scripting/python/samba/ntacls.py2
5 files changed, 8 insertions, 8 deletions
diff --git a/source3/rpc_server/eventlog/srv_eventlog_nt.c b/source3/rpc_server/eventlog/srv_eventlog_nt.c
index 67ab471444..a05ea3fcbe 100644
--- a/source3/rpc_server/eventlog/srv_eventlog_nt.c
+++ b/source3/rpc_server/eventlog/srv_eventlog_nt.c
@@ -91,7 +91,7 @@ static bool elog_check_access( EVENTLOG_INFO *info, const struct security_token
/* get the security descriptor for the file */
- sec_desc = get_nt_acl_no_snum( info, tdbname );
+ sec_desc = get_nt_acl_no_snum( info, tdbname, SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL);
TALLOC_FREE( tdbname );
if ( !sec_desc ) {
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 1394266c4a..c5dea9c141 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4842,7 +4842,7 @@ bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *
Assume we are dealing with files (for now)
********************************************************************/
-struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
+struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname, uint32 security_info_wanted)
{
struct security_descriptor *psd, *ret_sd;
connection_struct *conn;
@@ -4890,7 +4890,7 @@ struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fna
return NULL;
}
- if (!NT_STATUS_IS_OK(SMB_VFS_FGET_NT_ACL( &finfo, SECINFO_DACL, &psd))) {
+ if (!NT_STATUS_IS_OK(SMB_VFS_FGET_NT_ACL( &finfo, security_info_wanted, &psd))) {
DEBUG(0,("get_nt_acl_no_snum: get_nt_acl returned zero.\n"));
TALLOC_FREE(finfo.fsp_name);
conn_free(conn);
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index aa79688106..5a384744a7 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -729,7 +729,7 @@ bool set_unix_posix_default_acl(connection_struct *conn, const char *fname,
const SMB_STRUCT_STAT *psbuf,
uint16 num_def_acls, const char *pdata);
bool set_unix_posix_acl(connection_struct *conn, files_struct *fsp, const char *fname, uint16 num_acls, const char *pdata);
-struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
+struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname, uint32 security_info_wanted);
NTSTATUS make_default_filesystem_acl(TALLOC_CTX *ctx,
const char *name,
SMB_STRUCT_STAT *psbuf,
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 6a0811a9b3..74acc01a3a 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -372,15 +372,15 @@ static PyObject *py_smbd_set_nt_acl(PyObject *self, PyObject *args)
static PyObject *py_smbd_get_nt_acl(PyObject *self, PyObject *args)
{
char *fname;
- int security_info_sent;
+ int security_info_wanted;
PyObject *py_sd;
struct security_descriptor *sd;
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
- if (!PyArg_ParseTuple(args, "si", &fname, &security_info_sent))
+ if (!PyArg_ParseTuple(args, "si", &fname, &security_info_wanted))
return NULL;
- sd = get_nt_acl_no_snum(tmp_ctx, fname);
+ sd = get_nt_acl_no_snum(tmp_ctx, fname, security_info_wanted);
py_sd = py_return_ndr_struct("samba.dcerpc.security", "descriptor", sd, sd);
diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py
index 6f8e770bba..ac4aad0725 100644
--- a/source4/scripting/python/samba/ntacls.py
+++ b/source4/scripting/python/samba/ntacls.py
@@ -79,7 +79,7 @@ def getntacl(lp, file, backend=None, eadbfile=None, direct_db_access=True):
elif ntacl.version == 3:
return ntacl.info.sd
else:
- return smbd.get_nt_acl(file)
+ return smbd.get_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL)
def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True):