mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
Renamed sid field in SEC_ACE to trustee to be more in line with MS's
definitions.
(This used to be commit 9712d3f15a
)
This commit is contained in:
parent
0d5f30fe5f
commit
6d9adfe73c
@ -95,7 +95,7 @@ typedef struct security_ace_info
|
|||||||
uint16 size;
|
uint16 size;
|
||||||
|
|
||||||
SEC_ACCESS info;
|
SEC_ACCESS info;
|
||||||
DOM_SID sid;
|
DOM_SID trustee;
|
||||||
|
|
||||||
} SEC_ACE;
|
} SEC_ACE;
|
||||||
#define _SEC_ACE
|
#define _SEC_ACE
|
||||||
|
@ -33,7 +33,7 @@ static BOOL token_sid_in_ace(const NT_USER_TOKEN *token, const SEC_ACE *ace)
|
|||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
for (i = 0; i < token->num_sids; i++) {
|
for (i = 0; i < token->num_sids; i++) {
|
||||||
if (sid_equal(&ace->sid, &token->user_sids[i]))
|
if (sid_equal(&ace->trustee, &token->user_sids[i]))
|
||||||
return True;
|
return True;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -277,7 +277,7 @@ BOOL se_access_check(SEC_DESC *sd, NT_USER_TOKEN *token,
|
|||||||
|
|
||||||
DEBUG(10,("se_access_check: ACE %u: type %d, flags = 0x%02x, SID = %s mask = %x, current desired = %x\n",
|
DEBUG(10,("se_access_check: ACE %u: type %d, flags = 0x%02x, SID = %s mask = %x, current desired = %x\n",
|
||||||
(unsigned int)i, ace->type, ace->flags,
|
(unsigned int)i, ace->type, ace->flags,
|
||||||
sid_to_string(sid_str, &ace->sid),
|
sid_to_string(sid_str, &ace->trustee),
|
||||||
(unsigned int) ace->info.mask,
|
(unsigned int) ace->info.mask,
|
||||||
(unsigned int)tmp_acc_desired ));
|
(unsigned int)tmp_acc_desired ));
|
||||||
|
|
||||||
@ -388,10 +388,10 @@ SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr,
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
init_sec_access(&new_ace->info, ace->info.mask);
|
init_sec_access(&new_ace->info, ace->info.mask);
|
||||||
init_sec_ace(new_ace, &ace->sid, ace->type,
|
init_sec_ace(new_ace, &ace->trustee, ace->type,
|
||||||
new_ace->info, new_flags);
|
new_ace->info, new_flags);
|
||||||
|
|
||||||
sid_to_string(sid_str, &ace->sid);
|
sid_to_string(sid_str, &ace->trustee);
|
||||||
|
|
||||||
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
|
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
|
||||||
" inherited as %s:%d/0x%02x/0x%08x\n", sid_str,
|
" inherited as %s:%d/0x%02x/0x%08x\n", sid_str,
|
||||||
|
@ -3624,7 +3624,7 @@ BOOL nt_printing_getsec(TALLOC_CTX *ctx, char *printername, SEC_DESC_BUF **secde
|
|||||||
for (i = 0; i < the_acl->num_aces; i++) {
|
for (i = 0; i < the_acl->num_aces; i++) {
|
||||||
fstring sid_str;
|
fstring sid_str;
|
||||||
|
|
||||||
sid_to_string(sid_str, &the_acl->ace[i].sid);
|
sid_to_string(sid_str, &the_acl->ace[i].trustee);
|
||||||
|
|
||||||
DEBUG(10, ("%s %d %d 0x%08x\n", sid_str,
|
DEBUG(10, ("%s %d %d 0x%08x\n", sid_str,
|
||||||
the_acl->ace[i].type, the_acl->ace[i].flags,
|
the_acl->ace[i].type, the_acl->ace[i].flags,
|
||||||
|
@ -68,8 +68,8 @@ void init_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 f
|
|||||||
t->size = sid_size(sid) + 8;
|
t->size = sid_size(sid) + 8;
|
||||||
t->info = mask;
|
t->info = mask;
|
||||||
|
|
||||||
ZERO_STRUCTP(&t->sid);
|
ZERO_STRUCTP(&t->trustee);
|
||||||
sid_copy(&t->sid, sid);
|
sid_copy(&t->trustee, sid);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
@ -107,7 +107,7 @@ BOOL sec_io_ace(char *desc, SEC_ACE *psa, prs_struct *ps, int depth)
|
|||||||
if(!prs_align(ps))
|
if(!prs_align(ps))
|
||||||
return False;
|
return False;
|
||||||
|
|
||||||
if(!smb_io_dom_sid("sid ", &psa->sid , ps, depth))
|
if(!smb_io_dom_sid("trustee ", &psa->trustee , ps, depth))
|
||||||
return False;
|
return False;
|
||||||
|
|
||||||
if(!prs_uint16_post("size ", ps, depth, &psa->size, offset_ace_size, old_offset))
|
if(!prs_uint16_post("size ", ps, depth, &psa->size, offset_ace_size, old_offset))
|
||||||
@ -281,7 +281,7 @@ BOOL sec_ace_equal(SEC_ACE *s1, SEC_ACE *s2)
|
|||||||
|
|
||||||
/* Check SID */
|
/* Check SID */
|
||||||
|
|
||||||
if (!sid_equal(&s1->sid, &s2->sid)) {
|
if (!sid_equal(&s1->trustee, &s2->trustee)) {
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4150,7 +4150,7 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
|
|||||||
for (i = 0; i < the_acl->num_aces; i++) {
|
for (i = 0; i < the_acl->num_aces; i++) {
|
||||||
fstring sid_str;
|
fstring sid_str;
|
||||||
|
|
||||||
sid_to_string(sid_str, &the_acl->ace[i].sid);
|
sid_to_string(sid_str, &the_acl->ace[i].trustee);
|
||||||
|
|
||||||
DEBUG(10, ("%s 0x%08x\n", sid_str,
|
DEBUG(10, ("%s 0x%08x\n", sid_str,
|
||||||
the_acl->ace[i].info.mask));
|
the_acl->ace[i].info.mask));
|
||||||
@ -4165,7 +4165,7 @@ static WERROR update_printer_sec(POLICY_HND *handle, uint32 level,
|
|||||||
for (i = 0; i < the_acl->num_aces; i++) {
|
for (i = 0; i < the_acl->num_aces; i++) {
|
||||||
fstring sid_str;
|
fstring sid_str;
|
||||||
|
|
||||||
sid_to_string(sid_str, &the_acl->ace[i].sid);
|
sid_to_string(sid_str, &the_acl->ace[i].trustee);
|
||||||
|
|
||||||
DEBUG(10, ("%s 0x%08x\n", sid_str,
|
DEBUG(10, ("%s 0x%08x\n", sid_str,
|
||||||
the_acl->ace[i].info.mask));
|
the_acl->ace[i].info.mask));
|
||||||
|
@ -89,7 +89,7 @@ static void display_sec_ace(SEC_ACE *ace)
|
|||||||
{
|
{
|
||||||
fstring sid_str;
|
fstring sid_str;
|
||||||
|
|
||||||
sid_to_string(sid_str, &ace->sid);
|
sid_to_string(sid_str, &ace->trustee);
|
||||||
printf("\t\tSID: %s\n", sid_str);
|
printf("\t\tSID: %s\n", sid_str);
|
||||||
|
|
||||||
printf("\t\ttype:[%d], flags:[0x%02x], mask:[0x%08x]\n",
|
printf("\t\ttype:[%d], flags:[0x%02x], mask:[0x%08x]\n",
|
||||||
|
@ -38,7 +38,7 @@ typedef struct canon_ace {
|
|||||||
struct canon_ace *next, *prev;
|
struct canon_ace *next, *prev;
|
||||||
SMB_ACL_TAG_T type;
|
SMB_ACL_TAG_T type;
|
||||||
mode_t perms; /* Only use S_I(R|W|X)USR mode bits here. */
|
mode_t perms; /* Only use S_I(R|W|X)USR mode bits here. */
|
||||||
DOM_SID sid;
|
DOM_SID trustee;
|
||||||
enum ace_owner owner_type;
|
enum ace_owner owner_type;
|
||||||
enum ace_attribute attr;
|
enum ace_attribute attr;
|
||||||
posix_id unix_ug;
|
posix_id unix_ug;
|
||||||
@ -103,7 +103,7 @@ static void print_canon_ace(canon_ace *pace, int num)
|
|||||||
fstring str;
|
fstring str;
|
||||||
|
|
||||||
dbgtext( "canon_ace index %d. Type = %s ", num, pace->attr == ALLOW_ACE ? "allow" : "deny" );
|
dbgtext( "canon_ace index %d. Type = %s ", num, pace->attr == ALLOW_ACE ? "allow" : "deny" );
|
||||||
dbgtext( "SID = %s ", sid_to_string( str, &pace->sid));
|
dbgtext( "SID = %s ", sid_to_string( str, &pace->trustee));
|
||||||
if (pace->owner_type == UID_ACE) {
|
if (pace->owner_type == UID_ACE) {
|
||||||
struct passwd *pass = sys_getpwuid(pace->unix_ug.uid);
|
struct passwd *pass = sys_getpwuid(pace->unix_ug.uid);
|
||||||
dbgtext( "uid %u (%s) ", (unsigned int)pace->unix_ug.uid, pass ? pass->pw_name : "UNKNOWN");
|
dbgtext( "uid %u (%s) ", (unsigned int)pace->unix_ug.uid, pass ? pass->pw_name : "UNKNOWN");
|
||||||
@ -243,7 +243,7 @@ static void merge_aces( canon_ace **pp_list_head )
|
|||||||
|
|
||||||
curr_ace_next = curr_ace->next; /* Save the link in case of delete. */
|
curr_ace_next = curr_ace->next; /* Save the link in case of delete. */
|
||||||
|
|
||||||
if (sid_equal(&curr_ace->sid, &curr_ace_outer->sid) &&
|
if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
|
||||||
(curr_ace->attr == curr_ace_outer->attr)) {
|
(curr_ace->attr == curr_ace_outer->attr)) {
|
||||||
|
|
||||||
if( DEBUGLVL( 10 )) {
|
if( DEBUGLVL( 10 )) {
|
||||||
@ -283,7 +283,7 @@ static void merge_aces( canon_ace **pp_list_head )
|
|||||||
* we've put on the ACL, we know the deny must be the first one.
|
* we've put on the ACL, we know the deny must be the first one.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (sid_equal(&curr_ace->sid, &curr_ace_outer->sid) &&
|
if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
|
||||||
(curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
|
(curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
|
||||||
|
|
||||||
if( DEBUGLVL( 10 )) {
|
if( DEBUGLVL( 10 )) {
|
||||||
@ -572,7 +572,7 @@ static BOOL ensure_canon_entry_valid(canon_ace **pp_ace,
|
|||||||
pace->type = SMB_ACL_USER_OBJ;
|
pace->type = SMB_ACL_USER_OBJ;
|
||||||
pace->owner_type = UID_ACE;
|
pace->owner_type = UID_ACE;
|
||||||
pace->unix_ug.uid = pst->st_uid;
|
pace->unix_ug.uid = pst->st_uid;
|
||||||
pace->sid = *pfile_owner_sid;
|
pace->trustee = *pfile_owner_sid;
|
||||||
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IRUSR, S_IWUSR, S_IXUSR);
|
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IRUSR, S_IWUSR, S_IXUSR);
|
||||||
pace->attr = ALLOW_ACE;
|
pace->attr = ALLOW_ACE;
|
||||||
|
|
||||||
@ -589,7 +589,7 @@ static BOOL ensure_canon_entry_valid(canon_ace **pp_ace,
|
|||||||
pace->type = SMB_ACL_GROUP_OBJ;
|
pace->type = SMB_ACL_GROUP_OBJ;
|
||||||
pace->owner_type = GID_ACE;
|
pace->owner_type = GID_ACE;
|
||||||
pace->unix_ug.uid = pst->st_gid;
|
pace->unix_ug.uid = pst->st_gid;
|
||||||
pace->sid = *pfile_grp_sid;
|
pace->trustee = *pfile_grp_sid;
|
||||||
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IRGRP, S_IWGRP, S_IXGRP);
|
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IRGRP, S_IWGRP, S_IXGRP);
|
||||||
pace->attr = ALLOW_ACE;
|
pace->attr = ALLOW_ACE;
|
||||||
|
|
||||||
@ -606,7 +606,7 @@ static BOOL ensure_canon_entry_valid(canon_ace **pp_ace,
|
|||||||
pace->type = SMB_ACL_OTHER;
|
pace->type = SMB_ACL_OTHER;
|
||||||
pace->owner_type = WORLD_ACE;
|
pace->owner_type = WORLD_ACE;
|
||||||
pace->unix_ug.world = -1;
|
pace->unix_ug.world = -1;
|
||||||
pace->sid = global_sid_World;
|
pace->trustee = global_sid_World;
|
||||||
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IROTH, S_IWOTH, S_IXOTH);
|
pace->perms = unix_perms_to_acl_perms(pst->st_mode, S_IROTH, S_IWOTH, S_IXOTH);
|
||||||
pace->attr = ALLOW_ACE;
|
pace->attr = ALLOW_ACE;
|
||||||
|
|
||||||
@ -688,7 +688,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp,
|
|||||||
if (psa1->info.mask != psa2->info.mask)
|
if (psa1->info.mask != psa2->info.mask)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (!sid_equal(&psa1->sid, &psa2->sid))
|
if (!sid_equal(&psa1->trustee, &psa2->trustee))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -718,10 +718,10 @@ static BOOL create_canon_ace_lists(files_struct *fsp,
|
|||||||
* Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
|
* Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (non_mappable_sid(&psa->sid)) {
|
if (non_mappable_sid(&psa->trustee)) {
|
||||||
fstring str;
|
fstring str;
|
||||||
DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
|
DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
|
||||||
sid_to_string(str, &psa->sid) ));
|
sid_to_string(str, &psa->trustee) ));
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -738,19 +738,19 @@ static BOOL create_canon_ace_lists(files_struct *fsp,
|
|||||||
|
|
||||||
ZERO_STRUCTP(current_ace);
|
ZERO_STRUCTP(current_ace);
|
||||||
|
|
||||||
sid_copy(¤t_ace->sid, &psa->sid);
|
sid_copy(¤t_ace->trustee, &psa->trustee);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Try and work out if the SID is a user or group
|
* Try and work out if the SID is a user or group
|
||||||
* as we need to flag these differently for POSIX.
|
* as we need to flag these differently for POSIX.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if( sid_equal(¤t_ace->sid, &global_sid_World)) {
|
if( sid_equal(¤t_ace->trustee, &global_sid_World)) {
|
||||||
current_ace->owner_type = WORLD_ACE;
|
current_ace->owner_type = WORLD_ACE;
|
||||||
current_ace->unix_ug.world = -1;
|
current_ace->unix_ug.world = -1;
|
||||||
} else if (sid_to_uid( ¤t_ace->sid, ¤t_ace->unix_ug.uid, &sid_type)) {
|
} else if (sid_to_uid( ¤t_ace->trustee, ¤t_ace->unix_ug.uid, &sid_type)) {
|
||||||
current_ace->owner_type = UID_ACE;
|
current_ace->owner_type = UID_ACE;
|
||||||
} else if (sid_to_gid( ¤t_ace->sid, ¤t_ace->unix_ug.gid, &sid_type)) {
|
} else if (sid_to_gid( ¤t_ace->trustee, ¤t_ace->unix_ug.gid, &sid_type)) {
|
||||||
current_ace->owner_type = GID_ACE;
|
current_ace->owner_type = GID_ACE;
|
||||||
} else {
|
} else {
|
||||||
fstring str;
|
fstring str;
|
||||||
@ -759,7 +759,7 @@ static BOOL create_canon_ace_lists(files_struct *fsp,
|
|||||||
free_canon_ace_list(dir_ace);
|
free_canon_ace_list(dir_ace);
|
||||||
SAFE_FREE(current_ace);
|
SAFE_FREE(current_ace);
|
||||||
DEBUG(0,("create_canon_ace_lists: unable to map SID %s to uid or gid.\n",
|
DEBUG(0,("create_canon_ace_lists: unable to map SID %s to uid or gid.\n",
|
||||||
sid_to_string(str, ¤t_ace->sid) ));
|
sid_to_string(str, ¤t_ace->trustee) ));
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -775,15 +775,15 @@ static BOOL create_canon_ace_lists(files_struct *fsp,
|
|||||||
* Now note what kind of a POSIX ACL this should map to.
|
* Now note what kind of a POSIX ACL this should map to.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(sid_equal(¤t_ace->sid, pfile_owner_sid)) {
|
if(sid_equal(¤t_ace->trustee, pfile_owner_sid)) {
|
||||||
|
|
||||||
current_ace->type = SMB_ACL_USER_OBJ;
|
current_ace->type = SMB_ACL_USER_OBJ;
|
||||||
|
|
||||||
} else if( sid_equal(¤t_ace->sid, pfile_grp_sid)) {
|
} else if( sid_equal(¤t_ace->trustee, pfile_grp_sid)) {
|
||||||
|
|
||||||
current_ace->type = SMB_ACL_GROUP_OBJ;
|
current_ace->type = SMB_ACL_GROUP_OBJ;
|
||||||
|
|
||||||
} else if( sid_equal(¤t_ace->sid, &global_sid_World)) {
|
} else if( sid_equal(¤t_ace->trustee, &global_sid_World)) {
|
||||||
|
|
||||||
current_ace->type = SMB_ACL_OTHER;
|
current_ace->type = SMB_ACL_OTHER;
|
||||||
|
|
||||||
@ -930,7 +930,7 @@ static BOOL uid_entry_in_group( canon_ace *uid_ace, canon_ace *group_ace )
|
|||||||
|
|
||||||
/* "Everyone" always matches every uid. */
|
/* "Everyone" always matches every uid. */
|
||||||
|
|
||||||
if (sid_equal(&group_ace->sid, &global_sid_World))
|
if (sid_equal(&group_ace->trustee, &global_sid_World))
|
||||||
return True;
|
return True;
|
||||||
|
|
||||||
if (!(pass = sys_getpwuid(uid_ace->unix_ug.uid)))
|
if (!(pass = sys_getpwuid(uid_ace->unix_ug.uid)))
|
||||||
@ -1067,7 +1067,7 @@ static void process_deny_list( canon_ace **pp_ace_list )
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!sid_equal(&curr_ace->sid, &global_sid_World))
|
if (!sid_equal(&curr_ace->trustee, &global_sid_World))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* JRATEST - assert. */
|
/* JRATEST - assert. */
|
||||||
@ -1518,7 +1518,7 @@ static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_
|
|||||||
ace->type = tagtype;
|
ace->type = tagtype;
|
||||||
ace->perms = convert_permset_to_mode_t(permset);
|
ace->perms = convert_permset_to_mode_t(permset);
|
||||||
ace->attr = ALLOW_ACE;
|
ace->attr = ALLOW_ACE;
|
||||||
ace->sid = sid;
|
ace->trustee = sid;
|
||||||
ace->unix_ug = unix_ug;
|
ace->unix_ug = unix_ug;
|
||||||
ace->owner_type = owner_type;
|
ace->owner_type = owner_type;
|
||||||
|
|
||||||
@ -1937,14 +1937,14 @@ size_t get_nt_acl(files_struct *fsp, SEC_DESC **ppdesc)
|
|||||||
|
|
||||||
for (i = 0; i < num_acls; i++, ace = ace->next) {
|
for (i = 0; i < num_acls; i++, ace = ace->next) {
|
||||||
SEC_ACCESS acc = map_canon_ace_perms(&nt_acl_type, &owner_sid, ace );
|
SEC_ACCESS acc = map_canon_ace_perms(&nt_acl_type, &owner_sid, ace );
|
||||||
init_sec_ace(&nt_ace_list[num_aces++], &ace->sid, nt_acl_type, acc, 0);
|
init_sec_ace(&nt_ace_list[num_aces++], &ace->trustee, nt_acl_type, acc, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
ace = dir_ace;
|
ace = dir_ace;
|
||||||
|
|
||||||
for (i = 0; i < num_dir_acls; i++, ace = ace->next) {
|
for (i = 0; i < num_dir_acls; i++, ace = ace->next) {
|
||||||
SEC_ACCESS acc = map_canon_ace_perms(&nt_acl_type, &owner_sid, ace );
|
SEC_ACCESS acc = map_canon_ace_perms(&nt_acl_type, &owner_sid, ace );
|
||||||
init_sec_ace(&nt_ace_list[num_aces++], &ace->sid, nt_acl_type, acc,
|
init_sec_ace(&nt_ace_list[num_aces++], &ace->trustee, nt_acl_type, acc,
|
||||||
SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERIT_ONLY);
|
SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|SEC_ACE_FLAG_INHERIT_ONLY);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -163,7 +163,7 @@ static void print_ace(FILE *f, SEC_ACE *ace)
|
|||||||
int do_print = 0;
|
int do_print = 0;
|
||||||
uint32 got_mask;
|
uint32 got_mask;
|
||||||
|
|
||||||
SidToString(sidstr, &ace->sid);
|
SidToString(sidstr, &ace->trustee);
|
||||||
|
|
||||||
fprintf(f, "%s:", sidstr);
|
fprintf(f, "%s:", sidstr);
|
||||||
|
|
||||||
@ -525,12 +525,24 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
|
|||||||
|
|
||||||
static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2)
|
||||||
{
|
{
|
||||||
if (sec_ace_equal(ace1, ace2)) return 0;
|
if (sec_ace_equal(ace1, ace2))
|
||||||
if (ace1->type != ace2->type) return ace2->type - ace1->type;
|
return 0;
|
||||||
if (sid_compare(&ace1->sid, &ace2->sid)) return sid_compare(&ace1->sid, &ace2->sid);
|
|
||||||
if (ace1->flags != ace2->flags) return ace1->flags - ace2->flags;
|
if (ace1->type != ace2->type)
|
||||||
if (ace1->info.mask != ace2->info.mask) return ace1->info.mask - ace2->info.mask;
|
return ace2->type - ace1->type;
|
||||||
if (ace1->size != ace2->size) return ace1->size - ace2->size;
|
|
||||||
|
if (sid_compare(&ace1->trustee, &ace2->trustee))
|
||||||
|
return sid_compare(&ace1->trustee, &ace2->trustee);
|
||||||
|
|
||||||
|
if (ace1->flags != ace2->flags)
|
||||||
|
return ace1->flags - ace2->flags;
|
||||||
|
|
||||||
|
if (ace1->info.mask != ace2->info.mask)
|
||||||
|
return ace1->info.mask - ace2->info.mask;
|
||||||
|
|
||||||
|
if (ace1->size != ace2->size)
|
||||||
|
return ace1->size - ace2->size;
|
||||||
|
|
||||||
return memcmp(ace1, ace2, sizeof(SEC_ACE));
|
return memcmp(ace1, ace2, sizeof(SEC_ACE));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -627,8 +639,8 @@ static int cacl_set(struct cli_state *cli, char *filename,
|
|||||||
BOOL found = False;
|
BOOL found = False;
|
||||||
|
|
||||||
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
|
for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
|
||||||
if (sid_equal(&sd->dacl->ace[i].sid,
|
if (sid_equal(&sd->dacl->ace[i].trustee,
|
||||||
&old->dacl->ace[j].sid)) {
|
&old->dacl->ace[j].trustee)) {
|
||||||
old->dacl->ace[j] = sd->dacl->ace[i];
|
old->dacl->ace[j] = sd->dacl->ace[i];
|
||||||
found = True;
|
found = True;
|
||||||
}
|
}
|
||||||
@ -637,7 +649,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
|
|||||||
if (!found) {
|
if (!found) {
|
||||||
fstring str;
|
fstring str;
|
||||||
|
|
||||||
SidToString(str, &sd->dacl->ace[i].sid);
|
SidToString(str, &sd->dacl->ace[i].trustee);
|
||||||
printf("ACL for SID %s not found\n", str);
|
printf("ACL for SID %s not found\n", str);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user