From c42fc5e103d9d210c2f370e237a952e6df361792 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 25 Mar 2009 21:29:13 +0100 Subject: display_sec: Move to common libcli/security directory. --- libcli/security/config.mk | 2 +- libcli/security/display_sec.c | 322 ++++++++++++++++++++++++++++++++++++++ source3/Makefile.in | 2 +- source3/lib/display_sec.c | 317 ------------------------------------- source4/libcli/security/config.mk | 2 - 5 files changed, 324 insertions(+), 321 deletions(-) create mode 100644 libcli/security/display_sec.c delete mode 100644 source3/lib/display_sec.c diff --git a/libcli/security/config.mk b/libcli/security/config.mk index 56d8e138ff..7ade01510c 100644 --- a/libcli/security/config.mk +++ b/libcli/security/config.mk @@ -2,4 +2,4 @@ PRIVATE_DEPENDENCIES = TALLOC LIBSECURITY_COMMON_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/security/, \ - dom_sid.o) + dom_sid.o display_sec.o secace.o secacl.o) diff --git a/libcli/security/display_sec.c b/libcli/security/display_sec.c new file mode 100644 index 0000000000..bec657da86 --- /dev/null +++ b/libcli/security/display_sec.c @@ -0,0 +1,322 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + Copyright (C) Andrew Tridgell 1992-1999 + Copyright (C) Luke Kenneth Casson Leighton 1996 - 1999 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "librpc/gen_ndr/security.h" +#include "libcli/security/secace.h" +#include "libcli/security/dom_sid.h" +#include "librpc/ndr/libndr.h" + +/**************************************************************************** +convert a security permissions into a string +****************************************************************************/ + +char *get_sec_mask_str(TALLOC_CTX *ctx, uint32_t type) +{ + char *typestr = talloc_strdup(ctx, ""); + + if (!typestr) { + return NULL; + } + + if (type & SEC_GENERIC_ALL) { + typestr = talloc_asprintf_append(typestr, + "Generic all access "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_GENERIC_EXECUTE) { + typestr = talloc_asprintf_append(typestr, + "Generic execute access"); + if (!typestr) { + return NULL; + } + } + if (type & SEC_GENERIC_WRITE) { + typestr = talloc_asprintf_append(typestr, + "Generic write access "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_GENERIC_READ) { + typestr = talloc_asprintf_append(typestr, + "Generic read access "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_FLAG_MAXIMUM_ALLOWED) { + typestr = talloc_asprintf_append(typestr, + "MAXIMUM_ALLOWED_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_FLAG_SYSTEM_SECURITY) { + typestr = talloc_asprintf_append(typestr, + "SYSTEM_SECURITY_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_STD_SYNCHRONIZE) { + typestr = talloc_asprintf_append(typestr, + "SYNCHRONIZE_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_STD_WRITE_OWNER) { + typestr = talloc_asprintf_append(typestr, + "WRITE_OWNER_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_STD_WRITE_DAC) { + typestr = talloc_asprintf_append(typestr, + "WRITE_DAC_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_STD_READ_CONTROL) { + typestr = talloc_asprintf_append(typestr, + "READ_CONTROL_ACCESS "); + if (!typestr) { + return NULL; + } + } + if (type & SEC_STD_DELETE) { + typestr = talloc_asprintf_append(typestr, + "DELETE_ACCESS "); + if (!typestr) { + return NULL; + } + } + + printf("\t\tSpecific bits: 0x%lx\n", (unsigned long)type&SEC_MASK_SPECIFIC); + + return typestr; +} + +/**************************************************************************** + display sec_access structure + ****************************************************************************/ +void display_sec_access(uint32_t *info) +{ + char *mask_str = get_sec_mask_str(NULL, *info); + printf("\t\tPermissions: 0x%x: %s\n", *info, mask_str ? mask_str : ""); + talloc_free(mask_str); +} + +/**************************************************************************** + display sec_ace flags + ****************************************************************************/ +void display_sec_ace_flags(uint8_t flags) +{ + if (flags & SEC_ACE_FLAG_OBJECT_INHERIT) + printf("SEC_ACE_FLAG_OBJECT_INHERIT "); + if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT) + printf(" SEC_ACE_FLAG_CONTAINER_INHERIT "); + if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) + printf("SEC_ACE_FLAG_NO_PROPAGATE_INHERIT "); + if (flags & SEC_ACE_FLAG_INHERIT_ONLY) + printf("SEC_ACE_FLAG_INHERIT_ONLY "); + if (flags & SEC_ACE_FLAG_INHERITED_ACE) + printf("SEC_ACE_FLAG_INHERITED_ACE "); +/* if (flags & SEC_ACE_FLAG_VALID_INHERIT) + printf("SEC_ACE_FLAG_VALID_INHERIT "); */ + if (flags & SEC_ACE_FLAG_SUCCESSFUL_ACCESS) + printf("SEC_ACE_FLAG_SUCCESSFUL_ACCESS "); + if (flags & SEC_ACE_FLAG_FAILED_ACCESS) + printf("SEC_ACE_FLAG_FAILED_ACCESS "); + + printf("\n"); +} + +/**************************************************************************** + display sec_ace object + ****************************************************************************/ +static void disp_sec_ace_object(struct security_ace_object *object) +{ + if (object->flags & SEC_ACE_OBJECT_TYPE_PRESENT) { + printf("Object type: SEC_ACE_OBJECT_TYPE_PRESENT\n"); + printf("Object GUID: %s\n", GUID_string(talloc_tos(), + &object->type.type)); + } + if (object->flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) { + printf("Object type: SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT\n"); + printf("Object GUID: %s\n", GUID_string(talloc_tos(), + &object->inherited_type.inherited_type)); + } +} + +/**************************************************************************** + display sec_ace structure + ****************************************************************************/ +void display_sec_ace(struct security_ace *ace) +{ + char *sid_str; + + printf("\tACE\n\t\ttype: "); + switch (ace->type) { + case SEC_ACE_TYPE_ACCESS_ALLOWED: + printf("ACCESS ALLOWED"); + break; + case SEC_ACE_TYPE_ACCESS_DENIED: + printf("ACCESS DENIED"); + break; + case SEC_ACE_TYPE_SYSTEM_AUDIT: + printf("SYSTEM AUDIT"); + break; + case SEC_ACE_TYPE_SYSTEM_ALARM: + printf("SYSTEM ALARM"); + break; + case SEC_ACE_TYPE_ALLOWED_COMPOUND: + printf("SEC_ACE_TYPE_ALLOWED_COMPOUND"); + break; + case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: + printf("SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT"); + break; + case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: + printf("SEC_ACE_TYPE_ACCESS_DENIED_OBJECT"); + break; + case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: + printf("SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT"); + break; + case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: + printf("SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT"); + break; + default: + printf("????"); + break; + } + + printf(" (%d) flags: 0x%02x ", ace->type, ace->flags); + display_sec_ace_flags(ace->flags); + display_sec_access(&ace->access_mask); + sid_str = dom_sid_string(NULL, &ace->trustee); + printf("\t\tSID: %s\n\n", sid_str); + talloc_free(sid_str); + + if (sec_ace_object(ace->type)) { + disp_sec_ace_object(&ace->object.object); + } + +} + +/**************************************************************************** + display sec_acl structure + ****************************************************************************/ +void display_sec_acl(struct security_acl *sec_acl) +{ + int i; + + printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n", + sec_acl->num_aces, sec_acl->revision); + printf("\t---\n"); + + if (sec_acl->size != 0 && sec_acl->num_aces != 0) { + for (i = 0; i < sec_acl->num_aces; i++) { + display_sec_ace(&sec_acl->aces[i]); + } + } +} + +void display_acl_type(uint16_t type) +{ + printf("type: 0x%04x: ", type); + + if (type & SEC_DESC_OWNER_DEFAULTED) /* 0x0001 */ + printf("SEC_DESC_OWNER_DEFAULTED "); + if (type & SEC_DESC_GROUP_DEFAULTED) /* 0x0002 */ + printf("SEC_DESC_GROUP_DEFAULTED "); + if (type & SEC_DESC_DACL_PRESENT) /* 0x0004 */ + printf("SEC_DESC_DACL_PRESENT "); + if (type & SEC_DESC_DACL_DEFAULTED) /* 0x0008 */ + printf("SEC_DESC_DACL_DEFAULTED "); + if (type & SEC_DESC_SACL_PRESENT) /* 0x0010 */ + printf("SEC_DESC_SACL_PRESENT "); + if (type & SEC_DESC_SACL_DEFAULTED) /* 0x0020 */ + printf("SEC_DESC_SACL_DEFAULTED "); + if (type & SEC_DESC_DACL_TRUSTED) /* 0x0040 */ + printf("SEC_DESC_DACL_TRUSTED "); + if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */ + printf("SEC_DESC_SERVER_SECURITY "); + if (type & SEC_DESC_DACL_AUTO_INHERIT_REQ) /* 0x0100 */ + printf("SEC_DESC_DACL_AUTO_INHERIT_REQ "); + if (type & SEC_DESC_SACL_AUTO_INHERIT_REQ) /* 0x0200 */ + printf("SEC_DESC_SACL_AUTO_INHERIT_REQ "); + if (type & SEC_DESC_DACL_AUTO_INHERITED) /* 0x0400 */ + printf("SEC_DESC_DACL_AUTO_INHERITED "); + if (type & SEC_DESC_SACL_AUTO_INHERITED) /* 0x0800 */ + printf("SEC_DESC_SACL_AUTO_INHERITED "); + if (type & SEC_DESC_DACL_PROTECTED) /* 0x1000 */ + printf("SEC_DESC_DACL_PROTECTED "); + if (type & SEC_DESC_SACL_PROTECTED) /* 0x2000 */ + printf("SEC_DESC_SACL_PROTECTED "); + if (type & SEC_DESC_RM_CONTROL_VALID) /* 0x4000 */ + printf("SEC_DESC_RM_CONTROL_VALID "); + if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */ + printf("SEC_DESC_SELF_RELATIVE "); + + printf("\n"); +} + +/**************************************************************************** + display sec_desc structure + ****************************************************************************/ +void display_sec_desc(struct security_descriptor *sec) +{ + char *sid_str; + + if (!sec) { + printf("NULL\n"); + return; + } + + printf("revision: %d\n", sec->revision); + display_acl_type(sec->type); + + if (sec->sacl) { + printf("SACL\n"); + display_sec_acl(sec->sacl); + } + + if (sec->dacl) { + printf("DACL\n"); + display_sec_acl(sec->dacl); + } + + if (sec->owner_sid) { + sid_str = dom_sid_string(NULL, sec->owner_sid); + printf("\tOwner SID:\t%s\n", sid_str); + talloc_free(sid_str); + } + + if (sec->group_sid) { + sid_str = dom_sid_string(NULL, sec->group_sid); + printf("\tGroup SID:\t%s\n", sid_str); + talloc_free(sid_str); + } +} diff --git a/source3/Makefile.in b/source3/Makefile.in index ec52d85508..22911bf772 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -831,7 +831,7 @@ PDBEDIT_OBJ = utils/pdbedit.o $(PASSWD_UTIL_OBJ) $(PARAM_OBJ) $(PASSDB_OBJ) @LIB SMBGET_OBJ = utils/smbget.o $(POPT_LIB_OBJ) $(LIBSMBCLIENT_OBJ1) @LIBWBCLIENT_STATIC@ -DISPLAY_SEC_OBJ= lib/display_sec.o +DISPLAY_SEC_OBJ= ../libcli/security/display_sec.o RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \ rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \ diff --git a/source3/lib/display_sec.c b/source3/lib/display_sec.c deleted file mode 100644 index 6edbb27f3a..0000000000 --- a/source3/lib/display_sec.c +++ /dev/null @@ -1,317 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Samba utility functions - Copyright (C) Andrew Tridgell 1992-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996 - 1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#include "includes.h" - -/**************************************************************************** -convert a security permissions into a string -****************************************************************************/ - -char *get_sec_mask_str(TALLOC_CTX *ctx, uint32_t type) -{ - char *typestr = talloc_strdup(ctx, ""); - - if (!typestr) { - return NULL; - } - - if (type & GENERIC_ALL_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "Generic all access "); - if (!typestr) { - return NULL; - } - } - if (type & GENERIC_EXECUTE_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "Generic execute access"); - if (!typestr) { - return NULL; - } - } - if (type & GENERIC_WRITE_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "Generic write access "); - if (!typestr) { - return NULL; - } - } - if (type & GENERIC_READ_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "Generic read access "); - if (!typestr) { - return NULL; - } - } - if (type & MAXIMUM_ALLOWED_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "MAXIMUM_ALLOWED_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & SYSTEM_SECURITY_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "SYSTEM_SECURITY_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & SYNCHRONIZE_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "SYNCHRONIZE_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & WRITE_OWNER_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "WRITE_OWNER_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & WRITE_DAC_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "WRITE_DAC_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & READ_CONTROL_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "READ_CONTROL_ACCESS "); - if (!typestr) { - return NULL; - } - } - if (type & DELETE_ACCESS) { - typestr = talloc_asprintf_append(typestr, - "DELETE_ACCESS "); - if (!typestr) { - return NULL; - } - } - - printf("\t\tSpecific bits: 0x%lx\n", (unsigned long)type&SPECIFIC_RIGHTS_MASK); - - return typestr; -} - -/**************************************************************************** - display sec_access structure - ****************************************************************************/ -void display_sec_access(uint32_t *info) -{ - char *mask_str = get_sec_mask_str(NULL, *info); - printf("\t\tPermissions: 0x%x: %s\n", *info, mask_str ? mask_str : ""); - talloc_free(mask_str); -} - -/**************************************************************************** - display sec_ace flags - ****************************************************************************/ -void display_sec_ace_flags(uint8_t flags) -{ - if (flags & SEC_ACE_FLAG_OBJECT_INHERIT) - printf("SEC_ACE_FLAG_OBJECT_INHERIT "); - if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT) - printf(" SEC_ACE_FLAG_CONTAINER_INHERIT "); - if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) - printf("SEC_ACE_FLAG_NO_PROPAGATE_INHERIT "); - if (flags & SEC_ACE_FLAG_INHERIT_ONLY) - printf("SEC_ACE_FLAG_INHERIT_ONLY "); - if (flags & SEC_ACE_FLAG_INHERITED_ACE) - printf("SEC_ACE_FLAG_INHERITED_ACE "); -/* if (flags & SEC_ACE_FLAG_VALID_INHERIT) - printf("SEC_ACE_FLAG_VALID_INHERIT "); */ - if (flags & SEC_ACE_FLAG_SUCCESSFUL_ACCESS) - printf("SEC_ACE_FLAG_SUCCESSFUL_ACCESS "); - if (flags & SEC_ACE_FLAG_FAILED_ACCESS) - printf("SEC_ACE_FLAG_FAILED_ACCESS "); - - printf("\n"); -} - -/**************************************************************************** - display sec_ace object - ****************************************************************************/ -static void disp_sec_ace_object(struct security_ace_object *object) -{ - if (object->flags & SEC_ACE_OBJECT_TYPE_PRESENT) { - printf("Object type: SEC_ACE_OBJECT_TYPE_PRESENT\n"); - printf("Object GUID: %s\n", GUID_string(talloc_tos(), - &object->type.type)); - } - if (object->flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) { - printf("Object type: SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT\n"); - printf("Object GUID: %s\n", GUID_string(talloc_tos(), - &object->inherited_type.inherited_type)); - } -} - -/**************************************************************************** - display sec_ace structure - ****************************************************************************/ -void display_sec_ace(SEC_ACE *ace) -{ - fstring sid_str; - - printf("\tACE\n\t\ttype: "); - switch (ace->type) { - case SEC_ACE_TYPE_ACCESS_ALLOWED: - printf("ACCESS ALLOWED"); - break; - case SEC_ACE_TYPE_ACCESS_DENIED: - printf("ACCESS DENIED"); - break; - case SEC_ACE_TYPE_SYSTEM_AUDIT: - printf("SYSTEM AUDIT"); - break; - case SEC_ACE_TYPE_SYSTEM_ALARM: - printf("SYSTEM ALARM"); - break; - case SEC_ACE_TYPE_ALLOWED_COMPOUND: - printf("SEC_ACE_TYPE_ALLOWED_COMPOUND"); - break; - case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: - printf("SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT"); - break; - case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: - printf("SEC_ACE_TYPE_ACCESS_DENIED_OBJECT"); - break; - case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: - printf("SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT"); - break; - case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: - printf("SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT"); - break; - default: - printf("????"); - break; - } - - printf(" (%d) flags: 0x%02x ", ace->type, ace->flags); - display_sec_ace_flags(ace->flags); - display_sec_access(&ace->access_mask); - sid_to_fstring(sid_str, &ace->trustee); - printf("\t\tSID: %s\n\n", sid_str); - - if (sec_ace_object(ace->type)) { - disp_sec_ace_object(&ace->object.object); - } - -} - -/**************************************************************************** - display sec_acl structure - ****************************************************************************/ -void display_sec_acl(SEC_ACL *sec_acl) -{ - int i; - - printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n", - sec_acl->num_aces, sec_acl->revision); - printf("\t---\n"); - - if (sec_acl->size != 0 && sec_acl->num_aces != 0) { - for (i = 0; i < sec_acl->num_aces; i++) { - display_sec_ace(&sec_acl->aces[i]); - } - } -} - -void display_acl_type(uint16_t type) -{ - fstring typestr=""; - - typestr[0] = 0; - - if (type & SEC_DESC_OWNER_DEFAULTED) /* 0x0001 */ - fstrcat(typestr, "SEC_DESC_OWNER_DEFAULTED "); - if (type & SEC_DESC_GROUP_DEFAULTED) /* 0x0002 */ - fstrcat(typestr, "SEC_DESC_GROUP_DEFAULTED "); - if (type & SEC_DESC_DACL_PRESENT) /* 0x0004 */ - fstrcat(typestr, "SEC_DESC_DACL_PRESENT "); - if (type & SEC_DESC_DACL_DEFAULTED) /* 0x0008 */ - fstrcat(typestr, "SEC_DESC_DACL_DEFAULTED "); - if (type & SEC_DESC_SACL_PRESENT) /* 0x0010 */ - fstrcat(typestr, "SEC_DESC_SACL_PRESENT "); - if (type & SEC_DESC_SACL_DEFAULTED) /* 0x0020 */ - fstrcat(typestr, "SEC_DESC_SACL_DEFAULTED "); - if (type & SEC_DESC_DACL_TRUSTED) /* 0x0040 */ - fstrcat(typestr, "SEC_DESC_DACL_TRUSTED "); - if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */ - fstrcat(typestr, "SEC_DESC_SERVER_SECURITY "); - if (type & SEC_DESC_DACL_AUTO_INHERIT_REQ) /* 0x0100 */ - fstrcat(typestr, "SEC_DESC_DACL_AUTO_INHERIT_REQ "); - if (type & SEC_DESC_SACL_AUTO_INHERIT_REQ) /* 0x0200 */ - fstrcat(typestr, "SEC_DESC_SACL_AUTO_INHERIT_REQ "); - if (type & SEC_DESC_DACL_AUTO_INHERITED) /* 0x0400 */ - fstrcat(typestr, "SEC_DESC_DACL_AUTO_INHERITED "); - if (type & SEC_DESC_SACL_AUTO_INHERITED) /* 0x0800 */ - fstrcat(typestr, "SEC_DESC_SACL_AUTO_INHERITED "); - if (type & SEC_DESC_DACL_PROTECTED) /* 0x1000 */ - fstrcat(typestr, "SEC_DESC_DACL_PROTECTED "); - if (type & SEC_DESC_SACL_PROTECTED) /* 0x2000 */ - fstrcat(typestr, "SEC_DESC_SACL_PROTECTED "); - if (type & SEC_DESC_RM_CONTROL_VALID) /* 0x4000 */ - fstrcat(typestr, "SEC_DESC_RM_CONTROL_VALID "); - if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */ - fstrcat(typestr, "SEC_DESC_SELF_RELATIVE "); - - printf("type: 0x%04x: %s\n", type, typestr); -} - -/**************************************************************************** - display sec_desc structure - ****************************************************************************/ -void display_sec_desc(SEC_DESC *sec) -{ - fstring sid_str; - - if (!sec) { - printf("NULL\n"); - return; - } - - printf("revision: %d\n", sec->revision); - display_acl_type(sec->type); - - if (sec->sacl) { - printf("SACL\n"); - display_sec_acl(sec->sacl); - } - - if (sec->dacl) { - printf("DACL\n"); - display_sec_acl(sec->dacl); - } - - if (sec->owner_sid) { - sid_to_fstring(sid_str, sec->owner_sid); - printf("\tOwner SID:\t%s\n", sid_str); - } - - if (sec->group_sid) { - sid_to_fstring(sid_str, sec->group_sid); - printf("\tGroup SID:\t%s\n", sid_str); - } -} diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk index d6d9ad5545..9d23fe9588 100644 --- a/source4/libcli/security/config.mk +++ b/source4/libcli/security/config.mk @@ -4,7 +4,5 @@ PUBLIC_DEPENDENCIES = LIBNDR LIBSECURITY_COMMON LIBSECURITY_OBJ_FILES = $(addprefix $(libclisrcdir)/security/, \ security_token.o security_descriptor.o \ access_check.o privilege.o sddl.o) \ - ../libcli/security/secace.o \ - ../libcli/security/secacl.o $(eval $(call proto_header_template,$(libclisrcdir)/security/proto.h,$(LIBSECURITY_OBJ_FILES:.o=.c))) -- cgit