From 17ad62b33a66fea2558ff7618495e33febc9103f Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Tue, 19 Jun 2012 16:49:33 +1000
Subject: samba-tool: gpo: Fix creation of filesystem ACL from directory ACL

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Jun 21 03:25:57 CEST 2012 on sn-devel-104
---
 source4/scripting/python/samba/netcmd/gpo.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/source4/scripting/python/samba/netcmd/gpo.py b/source4/scripting/python/samba/netcmd/gpo.py
index 82ea3db8b9..88c76227b2 100644
--- a/source4/scripting/python/samba/netcmd/gpo.py
+++ b/source4/scripting/python/samba/netcmd/gpo.py
@@ -910,10 +910,16 @@ class cmd_create(Command):
             ds_sd = ndr_unpack(security.descriptor, ds_sd_ndr).as_sddl()
 
             # Create a file system security descriptor
-            fs_sd = security.descriptor(dsacl2fsacl(ds_sd, self.samdb.get_domain_sid()))
+            domain_sid = self.samdb.get_domain_sid()
+            sddl = dsacl2fsacl(ds_sd, domain_sid)
+            fs_sd = security.descriptor.from_sddl(sddl, security.dom_sid(domain_sid))
 
             # Set ACL
-            conn.set_acl(sharepath, fs_sd)
+            sio = ( security.SECINFO_OWNER |
+                    security.SECINFO_GROUP |
+                    security.SECINFO_DACL |
+                    security.SECINFO_PROTECTED_DACL )
+            conn.set_acl(sharepath, fs_sd, sio)
         except:
             self.samdb.transaction_cancel()
             raise
-- 
cgit