summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-10-14 16:07:00 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:04:59 -0500
commitbb68761a500fc5d426c75e53700fa793e016135f (patch)
treeb644c2323b3f0ea635e56dcd0435ebec7ae5c1af /source3/smbd
parentb9ae4455fd0be70c6c7b08807425066e0dd91242 (diff)
downloadsamba-bb68761a500fc5d426c75e53700fa793e016135f.tar.gz
samba-bb68761a500fc5d426c75e53700fa793e016135f.tar.bz2
samba-bb68761a500fc5d426c75e53700fa793e016135f.zip
r11060: merging new eventlog code from trunk
(This used to be commit 1bcf7e82ede63a851a244162a3b939373787b693)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c55
1 files changed, 55 insertions, 0 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 818bf95b3f..ffb1698394 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4182,3 +4182,58 @@ BOOL can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_ST
/* Finally check other write access. */
return (psbuf->st_mode & S_IWOTH) ? True : False;
}
+
+/********************************************************************
+ Pull the NT ACL from a file on disk or the OpenEventlog() access
+ check. Caller is responsible for freeing the returned security
+ descriptor via TALLOC_FREE(). This is designed for dealing with
+ user space access checks in smbd outside of the VFS. For example,
+ checking access rights in OpenEventlog().
+
+ Assume we are dealing with files (for now)
+********************************************************************/
+
+SEC_DESC* get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
+{
+ SEC_DESC *psd, *ret_sd;
+ size_t sd_size;
+ connection_struct conn;
+ files_struct finfo;
+ struct fd_handle fh;
+ fstring path;
+ pstring filename;
+
+ ZERO_STRUCT( conn );
+ conn.service = -1;
+
+ if ( !(conn.mem_ctx = talloc_init( "novfs_get_nt_acl" )) ) {
+ DEBUG(0,("novfs_get_nt_acl: talloc() failed!\n"));
+ return NULL;
+ }
+
+ fstrcpy( path, "/" );
+ string_set(&conn.connectpath, path);
+
+ if (!smbd_vfs_init(&conn)) {
+ DEBUG(0,("novfs_get_nt_acl: Unable to create a fake connection struct!\n"));
+ return NULL;
+ }
+
+ ZERO_STRUCT( finfo );
+ ZERO_STRUCT( fh );
+
+ finfo.fnum = -1;
+ finfo.conn = &conn;
+ finfo.fh = &fh;
+ finfo.fh->fd = -1;
+ pstrcpy( filename, fname );
+ finfo.fsp_name = filename;
+
+ sd_size = get_nt_acl( &finfo, DACL_SECURITY_INFORMATION, &psd );
+
+ ret_sd = dup_sec_desc( ctx, psd );
+
+ conn_free_internal( &conn );
+
+ return ret_sd;
+}