summaryrefslogtreecommitdiff
path: root/source4/ntvfs/posix/pvfs_acl.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4205: fixed the default acl mapping from posix permissions to use the mappedAndrew Tridgell1-33/+33
uid->sid and gid->sid (This used to be commit 590e1a91bfc719c2d84a9a066fb4e0308b6d9803)
2007-10-10r4147: converted from NT_USER_TOKEN to struct security_tokenAndrew Tridgell1-1/+1
this is mostly just a tidyup, but also adds the privilege_mask, which I will be using shortly in ACL checking. note that I had to move the definition of struct security_token out of security.idl as pidl doesn't yet handle arrays of pointers, and the usual workaround (to use a intermediate structure) would make things too cumbersome for this structure, especially given we never encode it to NDR. (This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
2007-10-10r4056: modified the access check code based on results from RAW-ACLSAndrew Tridgell1-0/+41
test. Also added generic mapping bits for pvfs. We don't pass RAW-ACLS yet, but its close. (This used to be commit c7cbd966d49a5345ea326732587555d209c531fc)
2007-10-10r4035: more effort on consistent naming of the access mask bits.Andrew Tridgell1-1/+1
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and SEC_RIGHTS_FULL_CONTROL, which are just other names for SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names match the new naming conventions in security.idl Also added names for the generic->specific mappings for files are directories (This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
2007-10-10r4026: added NT ACL checking on pvfs_open() for existing files. I need toAndrew Tridgell1-2/+78
work out some way to do a decent test suite for this. (This used to be commit 9a9a0d0e791e4b64f0a35c921729e623b977af47)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell1-40/+40
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r3995: improved the default ACL mapping from unix permsAndrew Tridgell1-7/+11
(This used to be commit 01e89697fe837ee76fedda149e1e2b389a7d3889)
2007-10-10r3990: take advantage of the uid->sid and gid->sid code to create a muchAndrew Tridgell1-14/+91
better default NT ACL in pvfs (This used to be commit 9ff6ecbdb6c08528193f7958d7ea7d9a8df6defd)
2007-10-10r3836: - fixed the handling of NT_STATUS_BUFFER_TOO_SMALL in nttrans serverAndrew Tridgell1-0/+1
- fixed revision number on default DACL - fixed DACL_PRESENT bit in acl query with these fixes cacls.exe and the GUI ACL editor in w2k both work against pvfs. The GUI editor is slow as it times out looking up the SID -> name mappings. (This used to be commit 4468018cb63fd884920c2b0f5235bded50c6b5db)
2007-10-10r3833: NTACL is a better xattr name than DosAcl (tpot suggested this)Andrew Tridgell1-5/+5
(This used to be commit 17911eea5995c12a2300dd3928612c77f8f0883e)
2007-10-10r3832: added NT ACL query/set to the posix NTVFS backend. The default ACL isAndrew Tridgell1-0/+193
based on the current nttoken, which is completely wrong, but works as a start. The ACL is stored in the xattr system.DosAcl, using a NDR encoded IDL union with a version number to allow for future expansion. pvfs does not yet check the ACL for file access. At the moment the ACL is just query/set. We also need to do some RPC work to allow the windows ACL editor to be used. At the moment is queries the ACL fine, but displays an error when it fails to map the SIDs via rpc. (This used to be commit 3a1f20d874ab2d8b2a2f2485b7a705847abf1263)
generated by cgit (git 2.34.1) at 2024-11-06 00:48:04 +0000