diff options
| -rw-r--r-- | source3/utils/smbcacls.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 01ca54c649..26037f643e 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -718,11 +718,24 @@ static int cacl_set(struct cli_state *cli, char *filename, sort_acl(old->dacl); /* Create new security descriptor and set it */ +#if 0 + /* We used to just have "WRITE_DAC_ACCESS" without WRITE_OWNER. + But if we're sending an owner, even if it's the same as the one + that already exists then W2K3 insists we open with WRITE_OWNER access. + I need to check that setting a SD with no owner set works against WNT + and W2K. JRA. + */ + sd = make_sec_desc(ctx,old->revision, old->type, old->owner_sid, old->grp_sid, NULL, old->dacl, &sd_size); - fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS); + fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS); +#else + sd = make_sec_desc(ctx,old->revision, old->type, NULL, NULL, + NULL, old->dacl, &sd_size); + fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS); +#endif if (fnum == -1) { printf("cacl_set failed to open %s: %s\n", filename, cli_errstr(cli)); return EXIT_FAILED; |