summaryrefslogtreecommitdiff
path: root/source4/torture/raw/acls.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r18301: I discovered how to load the warnings from a build farm build intoAndrew Tridgell1-5/+5
emacs compile mode (hint, paste to a file, and compile as "cat filename"). This allowed me to fix nearly all the warnings for a IA_64 SuSE build very quickly. (This used to be commit eba6c84efff735bb0ca941ac4b755ce2b0591667)
2007-10-10r16907: Add an index parameter to torture_open_connection. Next step is to ↵Volker Lendecke1-1/+1
enable the unclist parameter for all tests that do two connections, to enable cluster testing. Volker (This used to be commit a5d6db09244d444986f8fded3fc6e72c74c8ca1f)
2007-10-10r15881: fixed the RAW-ACLS test for 64 bit systems (was failing on ppc64)Andrew Tridgell1-3/+5
(This used to be commit c954a6662de70fb36772e85b96aecf64761a66aa)
2007-10-10r15328: Move some functions around, remove dependencies.Jelmer Vernooij1-1/+1
Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2007-10-10r15070: test the needed access masks for read/write the differentStefan Metzmacher1-0/+209
security descriptor components metze (This used to be commit 88c57c8703565c4fb367b68e70030944d9f262e6)
2007-10-10r15066: - sync the dir_flags tests with the file_flags testsStefan Metzmacher1-4/+94
- add some more checks for the w2k3 bug case metze (This used to be commit a55b44b96c556c5a645b493faa8d9660e1fcda67)
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r14720: Add torture_context argument to all torture testsJelmer Vernooij1-1/+1
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
2007-10-10r14527: Fix build problems.Jelmer Vernooij1-0/+1
(This used to be commit 863ca4014d9b821706ee90f58ab5d5cf3899a4c7)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14379: Build torture/rpc/ as a seperate smbtorture module. Move helperJelmer Vernooij1-0/+1
functions for rpc out of torture/torture.c (This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
2007-10-10r14256: - rename smb_file -> smb_handleStefan Metzmacher1-60/+60
- move it into the in/out substructs again - allow file.path only on smb_fileinfo/smb_setfileinfo metze (This used to be commit be6d5298a2cdb7e7c61d70471bad445645af5963)
2007-10-10r14173: change smb interface structures to always useStefan Metzmacher1-57/+57
a union smb_file, to abtract - const char *path fot qpathinfo and setpathinfo - uint16_t fnum for SMB - smb2_handle handle for SMB2 the idea is to later add a struct ntvfs_handle *ntvfs so that the ntvfs subsystem don't need to know the difference between SMB and SMB2 metze (This used to be commit 2ef3f5970901b5accdb50f0d0115b5d46b0c788f)
2007-10-10r13944: Yet another round of splitups.Jelmer Vernooij1-0/+1
(This used to be commit f87debeb12cebd734b47314554ab671c9e06237e)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-0/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12693: Move core data structures out of smb.h into core.hJelmer Vernooij1-0/+1
torture prototypes in seperate header (This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-2/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r9046: fixed display of privileges in RAW-ACLS testAndrew Tridgell1-2/+2
(This used to be commit 0ab907af6a4c3d1adbafccdb1bd4150c491bcba4)
2007-10-10r6342: fixed a bad union assumption that caused ACLs to fail on 64 bit machinesAndrew Tridgell1-10/+10
Thanks to lars and agruen for finding this (This used to be commit 2acc06918574b1178eecf3d61026f84f85bb40e1)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-1/+2
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-1/+1
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4612: make the output for the w2k3 acl bug a bit clearerAndrew Tridgell1-0/+19
(This used to be commit 24ec8c4274241576683f1f6c86c33a2dfa43848c)
2007-10-10r4596: added a dynamic inheritance ACLs test. As far as I can tell w2k3 does ↵Andrew Tridgell1-10/+148
not do dynamic inheritance (This used to be commit ebe6b002843196bc6d6fadfa646aa3bc8eb27af8)
2007-10-10r4583: print which bit failed in the owner bits checkAndrew Tridgell1-0/+4
(This used to be commit f893ad9c45d6d06fa1b6f1f949a7834e7bf99ba7)
2007-10-10r4582: finally worked out what is going on with the inherited ACLs test and ↵Andrew Tridgell1-12/+197
win2003. It is a win2003 bug! This new test code works against w2k, and against longhorn, but fails against w2k3. When tested against w2k3 it allows a open with an access mask that should be denied by the given ACL, after setting up the ACL using inheritance. Note that only the very specific SEC_RIGHTS_FILE_ALL mask incorrectly succeeds, so they must have a special case for that mask. Maybe its an optimisation gone wrong? I don't know if there are any serious security implications to this, but it is pretty clearly wrong, and has been fixed in longhorn. (This used to be commit 4f9fd767dbb5e47f3786f5acda17267d57e839e0)
2007-10-10r4463: added testing of the special SID_CREATOR_OWNER inheritance rulesAndrew Tridgell1-21/+56
(This used to be commit 5448c72ebe58e264ee772f8e1c4caee2250c328c)
2007-10-10r4401: stricter test for correct ACL inheritance in RAW-ACLSAndrew Tridgell1-2/+2
(This used to be commit 1bb769196377772326151210309ff12362eb0f2f)
2007-10-10r4389: added checking for the default inherited ACL, which is used when no ACEsAndrew Tridgell1-6/+39
are inheritable (This used to be commit e30b8d5783e073a31f738a36400fe866c970464b)
2007-10-10r4388: - allow ACE flags to be specified in security_descriptor_create()Andrew Tridgell1-0/+270
- added a test for all combinations of the inheritance ACE flags and how they are propogated to child directories and files (This used to be commit fdb38c8e4b6279137892402b21d2d52e1921e456)
2007-10-10r4147: converted from NT_USER_TOKEN to struct security_tokenAndrew Tridgell1-2/+6
this is mostly just a tidyup, but also adds the privilege_mask, which I will be using shortly in ACL checking. note that I had to move the definition of struct security_token out of security.idl as pidl doesn't yet handle arrays of pointers, and the usual workaround (to use a intermediate structure) would make things too cumbersome for this structure, especially given we never encode it to NDR. (This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
2007-10-10r4074: make the RAW-ACLS test use the new lsa helper functions to determineAndrew Tridgell1-16/+39
the privileges of the user running the test. This allows the test to work out what the expected access masks are. (This used to be commit dcf6c297d372cfa421d757d43897f00ad1d4f5f5)
2007-10-10r4061: more additions to the RAW-ACLS test, to help me work out some details ↵Andrew Tridgell1-5/+54
for pvfs (This used to be commit 273165e53a606fa0a55ff8fb6fea440e19a7e285)
2007-10-10r4053: expanded and fixed a bug in the RAW-ACLS testAndrew Tridgell1-6/+19
(This used to be commit 0d19b4a09f4ce0b0c5e7779809c383322f4de4fc)
2007-10-10r4037: fixed a bunch of "might be uninitialised" warnings after enabling -O1 ↵Andrew Tridgell1-4/+4
in my compile (This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
2007-10-10r4036: expanded the RAW-ACLS torture test to include tests for theAndrew Tridgell1-2/+427
generic->specific access mask mappings, and tests of the behaviour of SID_CREATOR_OWNER and SEC_FLAG_MAXIMUM_ALLOWED (This used to be commit f572fe6d29d5a318b24d71a2ebfa2baca2b79a10)
2007-10-10r4011: get rid of rpc_secdes.h and replace it with a single sane set ofAndrew Tridgell1-10/+10
definitions for security access masks, in security.idl The previous definitions were inconsistently named, and contained many duplicate and misleading entries. I kept finding myself tripping up while using them. (This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
2007-10-10r3835: - added testing of setting an initial ACL on a file using NTTRANS createAndrew Tridgell1-0/+92
- added support for initial ACLs in pvfs backend (This used to be commit 05ee9179f74d243aa22fa00be7873c5db76a8ad1)
2007-10-10r3830: unified the query/set security descriptor code with the rest of theAndrew Tridgell1-18/+20
queryfileinfo/setfileinfo logic, so querying/setting a security descriptor is treated as just another file query/set operation. This will allow NTVFS backends to see the query/set security descriptor operations as RAW_FILEINFO_SEC_DESC and RAW_SFILEINFO_SEC_DESC operations. (This used to be commit f68a6b6b915c37e48c42390c1e74c2d1c2636fa9)
2007-10-10r3829: added a RAW-ACLS test suite that tests query/set of ACLs on a fileAndrew Tridgell1-0/+162
(This used to be commit 2ff9816ae0ae41e0e63e4276a70d292888346dc7)