From 96e969c9eb60cf1d96ba9aeeb4c991d2acf4c095 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 May 2008 10:09:00 -0700 Subject: Move directory_has_default_acl() to file_access.c, belongs there as it no longer uses explicit POSIX ACL calls. Jeremy. (This used to be commit ac1eac9b0d07b7b3d341c06ef1a8fd8f3c05a618) --- source3/smbd/file_access.c | 27 +++++++++++++++++++++++++++ source3/smbd/posix_acls.c | 25 ------------------------- 2 files changed, 27 insertions(+), 25 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index 964d1af258..4c07bc5a61 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -183,3 +183,30 @@ bool can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_ST return can_access_file(conn, fname, psbuf, FILE_WRITE_DATA); } +/**************************************************************************** + Check for an existing default Windows ACL on a directory. +****************************************************************************/ + +bool directory_has_default_acl(connection_struct *conn, const char *fname) +{ + /* returns talloced off tos. */ + struct security_descriptor *secdesc = NULL; + unsigned int i; + NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname, + DACL_SECURITY_INFORMATION, &secdesc); + + if (!NT_STATUS_IS_OK(status) || secdesc == NULL) { + return false; + } + + for (i = 0; i < secdesc->dacl->num_aces; i++) { + struct security_ace *psa = &secdesc->dacl->aces[i]; + if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT| + SEC_ACE_FLAG_CONTAINER_INHERIT)) { + TALLOC_FREE(secdesc); + return true; + } + } + TALLOC_FREE(secdesc); + return false; +} diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index d422746a3c..61ee5b4352 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4310,28 +4310,3 @@ SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname) return ret_sd; } - -/**************************************************************************** - Check for an existing default Windows ACL on a directory. -****************************************************************************/ - -bool directory_has_default_acl(connection_struct *conn, const char *fname) -{ - SEC_DESC *psd = NULL; /* returns talloced off tos. */ - unsigned int i; - NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname, - DACL_SECURITY_INFORMATION, &psd); - - if (!NT_STATUS_IS_OK(status) || psd == NULL) { - return false; - } - - for (i = 0; i < psd->dacl->num_aces; i++) { - SEC_ACE *psa = &psd->dacl->aces[i]; - if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT| - SEC_ACE_FLAG_CONTAINER_INHERIT)) { - return true; - } - } - return false; -} -- cgit