1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get the ACL

We should avoid security.SEC_FLAG_MAXIMUM_ALLOWED otherwise
we may get NT_STATUS_SHARING_VIOLATION when we run
'samba-tool domain backup online' against a Windows DC.
Windows DCs have hidden folders for the NtFrs or Dfsr services,
which are locked by the running service.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13917

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher 2019-04-26 17:07:20 +02:00
parent 706aba5bf6
commit 15032ec6df

View File

@ -49,7 +49,7 @@ SECURITY_SECINFO_FLAGS = security.SECINFO_OWNER | \
# SEC_FLAG_SYSTEM_SECURITY is required otherwise get Access Denied # SEC_FLAG_SYSTEM_SECURITY is required otherwise get Access Denied
SECURITY_SEC_FLAGS = security.SEC_FLAG_SYSTEM_SECURITY | \ SECURITY_SEC_FLAGS = security.SEC_FLAG_SYSTEM_SECURITY | \
security.SEC_FLAG_MAXIMUM_ALLOWED security.SEC_STD_READ_CONTROL
class XattrBackendError(Exception): class XattrBackendError(Exception):