summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-11-16 12:49:16 +0100
committerMichael Adam <obnox@samba.org>2012-11-30 17:17:21 +0100
commitf8c0ad65ad783b3c82ec8ab120d18ad454fe2665 (patch)
tree623d6d9e82fc4bdd7cc57edf2bc36b3774cb7aa0 /source4
parentdae1b0d85207040fed873d4232a45206b0162f53 (diff)
downloadsamba-f8c0ad65ad783b3c82ec8ab120d18ad454fe2665.tar.gz
samba-f8c0ad65ad783b3c82ec8ab120d18ad454fe2665.tar.bz2
samba-f8c0ad65ad783b3c82ec8ab120d18ad454fe2665.zip
s4:dsdb/descriptor: recalculate nTSecurityDescriptor after a rename (bug #8621)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'source4')
-rw-r--r--source4/dsdb/samdb/ldb_modules/descriptor.c19
1 files changed, 18 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index 9ffb6eb27f..36a64d06e6 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -860,11 +860,13 @@ static int descriptor_search(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(ac->module, down_req);
}
-/* TODO */
+
static int descriptor_rename(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
struct ldb_dn *olddn = req->op.rename.olddn;
+ struct ldb_dn *newdn = req->op.rename.newdn;
+ int ret;
/* do not manipulate our control entries */
if (ldb_dn_is_special(req->op.rename.olddn)) {
@@ -874,6 +876,21 @@ static int descriptor_rename(struct ldb_module *module, struct ldb_request *req)
ldb_debug(ldb, LDB_DEBUG_TRACE,"descriptor_rename: %s\n",
ldb_dn_get_linearized(olddn));
+ if (ldb_dn_compare(olddn, newdn) != 0) {
+ struct ldb_dn *nc_root;
+
+ ret = dsdb_find_nc_root(ldb, req, newdn, &nc_root);
+ if (ret != LDB_SUCCESS) {
+ return ldb_oom(ldb);
+ }
+
+ ret = dsdb_module_schedule_sd_propagation(module, nc_root,
+ newdn, true);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+ }
+ }
+
return ldb_next_request(module, req);
}