diff options
| author | Dan Sledz <dsledz@isilon.com> | 2009-01-08 17:09:28 -0800 |
|---|---|---|
| committer | Steven Danneman <steven.danneman@isilon.com> | 2009-01-23 13:49:12 -0800 |
| commit | b7eabeb347d6815a7a4a0ece282dba5da94777ca (patch) | |
| tree | 58742f67bdfe3bc7c57a1705b8ad58bfb064fd25 /source3/modules/onefs.h | |
| parent | 481183ab025a84dd8d08c1e365251b274597b6c9 (diff) | |
| download | samba-b7eabeb347d6815a7a4a0ece282dba5da94777ca.tar.gz samba-b7eabeb347d6815a7a4a0ece282dba5da94777ca.tar.bz2 samba-b7eabeb347d6815a7a4a0ece282dba5da94777ca.zip | |
s3: OneFS unmappable sids support.
Updates the onefs vfs module to add configurable behavior to deal
with sids that are unknown to us. The best examples are aces that
come from robocopy/xcopy.
Adds the following share level options (which are specific to the vfs_onefs
module):
onefs: ignore unmappable sids (Default = false)
If this option is set to true, sids which could not be resolved to
a uid/gid are ignored. If an unmappable sid is encountered as the owner
or group, the owner/group is converted to BUILTIN\Administrators.
onefs: unmappable sids ignore list (Default = empty)
Only the sids in the list are ignored.
onefs: ignore sacls (Default = false)
SACLs are ignored
onefs: unmappable sids deny everyone (Default = false)
If an unmappable sid is found in a deny ACE, the ACE's identity is
changed to Everyone.
Diffstat (limited to 'source3/modules/onefs.h')
| -rw-r--r-- | source3/modules/onefs.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source3/modules/onefs.h b/source3/modules/onefs.h index 6e5eae3085..e189fc4570 100644 --- a/source3/modules/onefs.h +++ b/source3/modules/onefs.h @@ -45,6 +45,14 @@ enum onefs_acl_wire_format #define PARM_SIMPLE_FILE_SHARING_COMPATIBILITY_MODE_DEFAULT false #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL "creator owner gets full control" #define PARM_CREATOR_OWNER_GETS_FULL_CONTROL_DEFAULT true +#define PARM_UNMAPPABLE_SIDS_DENY_EVERYONE "unmappable sids deny everyone" +#define PARM_UNMAPPABLE_SIDS_DENY_EVERYONE_DEFAULT false +#define PARM_UNMAPPABLE_SIDS_IGNORE "ignore unmappable sids" +#define PARM_UNMAPPABLE_SIDS_IGNORE_DEFAULT false +#define PARM_UNMAPPABLE_SIDS_IGNORE_LIST "unmappable sids ignore list" +#define PARM_UNMAPPABLE_SIDS_IGNORE_LIST_DEFAULT NULL +#define PARM_IGNORE_SACL "ignore sacl" +#define PARM_IGNORE_SACL_DEFAULT false /* * vfs interface handlers @@ -105,7 +113,7 @@ NTSTATUS onefs_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, * Utility functions */ NTSTATUS onefs_samba_sd_to_sd(uint32 security_info_sent, SEC_DESC *psd, - struct ifs_security_descriptor *sd); + struct ifs_security_descriptor *sd, int snum); NTSTATUS onefs_split_ntfs_stream_name(TALLOC_CTX *mem_ctx, const char *fname, char **pbase, char **pstream); |