Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
Fix indentation a bit
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 1 07:07:12 CEST 2012 on sn-devel-104
|
|
Don't set the priv_open_requested yet until the open-for-backup
request is correctly passed in.
|
|
We need to filter out the
SEC_DESC_DACL_AUTO_INHERITED|SEC_DESC_DACL_AUTO_INHERIT_REQ
bits. If both are set we store SEC_DESC_DACL_AUTO_INHERITED
as this alters whether SEC_ACE_FLAG_INHERITED_ACE is set
when an ACE is inherited. Otherwise we zero these bits out.
See:
http://social.msdn.microsoft.com/Forums/eu/os_fileservices/thread/11f77b68-731e-407d-b1b3-064750716531
for details.
|
|
client to got through set_sd(),
the canonicalize sd function.
|
|
canonicalization.
|
|
|
|
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Aug 28 16:38:55 CEST 2012 on sn-devel-104
|
|
|
|
I need to get at the owner, group, DACL and SACL when testing correct
ACL storage.
Andrew Bartlett
|
|
The security_ prefix is stripped off in the python bindings.
Andrew Bartlett
|
|
This is required because the functions it calls use talloc_tos().
Andrew Bartlett
|
|
This should eliminate confusion from our users about what they can
expect to successfully run.
Andrew Bartlett
|
|
|
|
The additional group for the ACL is now optional.
Andrew Bartlett
|
|
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 23 10:01:14 CEST 2012 on sn-devel-104
|
|
metze
|
|
This was just for debugging...
metze
|
|
The t is weird, but the python bindings trim the traditional IDL name
prefix of each element, as it is usually rudundent.
Andrew Bartlett
|
|
These will be used to verify that an ACL set as an NT ACL creates
the correct posix ACL.
Andrew Bartlett
|
|
|
|
|
|
|
|
The estimated EA size needs to be of the main file. However, the fsp
may point to the stream, so we need to ignore it if this is the case.
This may mean we estimate wrong if there has been a rename.
Andrew Bartlett
|
|
This ensures that we return the ea size of the stream, not the overall file.
This is important as if there is an EA on the main file, the raw.streams
test was failing.
Andrew Bartlett
|
|
metze
|
|
metze
|
|
It's not the client fault, if he doesn't know that encryption is required.
We should just return ACCESS_DENIED and let the client work on other
shares and open files on the current SMB connection.
metze
|
|
metze
|
|
metze
|
|
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 17 00:54:01 CEST 2012 on sn-devel-104
|
|
metze
|
|
metze
|
|
Please note that this is not finished and only for internal use.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This is no longer a VFS call, so will no longer fail in this way.
Andrew Bartlett
|
|
smbd_smb2_request_validate()
metze
|
|
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
|
|
|
|
We no longer do struct smb_acl_t manipuations via the VFS layer,
which is now reduced to handling the get/set functions.
The only backend that implemented these functions (aside from audit)
was the vfs_default module calling the sys_acl code. The various ACL
implementation modules either worked on the fully initilaised
smb_acl_t object or on NT ACLs.
This not only makes the operation of the posix ACL code more efficient
(as allocation and free is not put via the VFS), it makes it easier to
test and removes the fantasy that a module could safely redefine this
structure or the behaviour here.
The smb_acls.idl now defines the structure, and it is now allocated
with talloc.
These operations were originally added to the VFS in commit
3bb219161a270f12c27c3bc7e1220829c6e9f284.
Andrew Bartlett
|
|
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|
|
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
|