provision: Make dsacl2fsacl() take a security.dom_sid, not str

Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov  6 00:12:43 CET 2012 on sn-devel-104

source4/scripting/python/samba/netcmd/gpo.py

@@ -975,9 +975,9 @@ class cmd_create(Command):
             ds_sd = ndr_unpack(security.descriptor, ds_sd_ndr).as_sddl()
 
             # Create a file system security descriptor
-            domain_sid = self.samdb.get_domain_sid()
+            domain_sid = security.dom_sid(self.samdb.get_domain_sid())
             sddl = dsacl2fsacl(ds_sd, domain_sid)
-            fs_sd = security.descriptor.from_sddl(sddl, security.dom_sid(domain_sid))
+            fs_sd = security.descriptor.from_sddl(sddl, domain_sid)
 
             # Set ACL
             sio = ( security.SECINFO_OWNER |

source4/scripting/python/samba/ntacls.py

@@ -198,14 +198,13 @@ def ldapmask2filemask(ldm):
     return filemask
 
 
-def dsacl2fsacl(dssddl, domsid):
+def dsacl2fsacl(dssddl, sid):
     """
 
     This function takes an the SDDL representation of a DS
     ACL and return the SDDL representation of this ACL adapted
     for files. It's used for Policy object provision
     """
-    sid = security.dom_sid(domsid)
     ref = security.descriptor.from_sddl(dssddl, sid)
     fdescr = security.descriptor()
     fdescr.owner_sid = ref.owner_sid

source4/scripting/python/samba/provision/__init__.py

@@ -1395,7 +1395,7 @@ def set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, p
         acl = ndr_unpack(security.descriptor,
                          str(policy["nTSecurityDescriptor"])).as_sddl()
         policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"]))
-        set_dir_acl(policy_path, dsacl2fsacl(acl, str(domainsid)), lp,
+        set_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp,
                     str(domainsid), use_ntvfs,
                     passdb=passdb)
 
@@ -1522,7 +1522,7 @@ def check_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp,
         acl = ndr_unpack(security.descriptor,
                          str(policy["nTSecurityDescriptor"])).as_sddl()
         policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"]))
-        check_dir_acl(policy_path, dsacl2fsacl(acl, str(domainsid)), lp,
+        check_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp,
                       domainsid, direct_db_access)