git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
e24a59f
)
s3-security: use shared SECINFO_DACL define.
author
Günther Deschner
<gd@samba.org>
Wed, 2 Jun 2010 21:35:44 +0000
(23:35 +0200)
committer
Günther Deschner
<gd@samba.org>
Thu, 3 Jun 2010 09:00:12 +0000
(11:00 +0200)
Guenther
17 files changed:
libgpo/gpo_ldap.c
patch
|
blob
|
history
source3/include/rpc_secdes.h
patch
|
blob
|
history
source3/lib/secdesc.c
patch
|
blob
|
history
source3/libsmb/clisecdesc.c
patch
|
blob
|
history
source3/modules/nfs4_acls.c
patch
|
blob
|
history
source3/modules/onefs_acl.c
patch
|
blob
|
history
source3/modules/vfs_acl_common.c
patch
|
blob
|
history
source3/modules/vfs_afsacl.c
patch
|
blob
|
history
source3/rpc_server/srv_srvsvc_nt.c
patch
|
blob
|
history
source3/rpc_server/srv_svcctl_nt.c
patch
|
blob
|
history
source3/rpcclient/cmd_lsarpc.c
patch
|
blob
|
history
source3/rpcclient/cmd_samr.c
patch
|
blob
|
history
source3/smbd/file_access.c
patch
|
blob
|
history
source3/smbd/nttrans.c
patch
|
blob
|
history
source3/smbd/open.c
patch
|
blob
|
history
source3/smbd/posix_acls.c
patch
|
blob
|
history
source3/utils/net_ads_gpo.c
patch
|
blob
|
history
diff --git
a/libgpo/gpo_ldap.c
b/libgpo/gpo_ldap.c
index 66e90fb0c9aaf6cd82c9357397815a259a7d6590..367756d7a2f7bf62bf78290c97263f9bb30bd426 100644
(file)
--- a/
libgpo/gpo_ldap.c
+++ b/
libgpo/gpo_ldap.c
@@
-485,7
+485,7
@@
ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
"ntSecurityDescriptor",
"versionNumber",
NULL};
"ntSecurityDescriptor",
"versionNumber",
NULL};
- uint32_t sd_flags =
DACL_SECURITY_INFORMATION
;
+ uint32_t sd_flags =
SECINFO_DACL
;
ZERO_STRUCTP(gpo);
ZERO_STRUCTP(gpo);
diff --git
a/source3/include/rpc_secdes.h
b/source3/include/rpc_secdes.h
index f4eb22cfef0b77976dee6e758e563f1250e60897..1eefbc92da209bfe5c976ccd85b8d1d0efdc1b56 100644
(file)
--- a/
source3/include/rpc_secdes.h
+++ b/
source3/include/rpc_secdes.h
@@
-24,8
+24,6
@@
/* for ADS */
#define SEC_RIGHTS_FULL_CTRL 0xf01ff
/* for ADS */
#define SEC_RIGHTS_FULL_CTRL 0xf01ff
-/* security information */
-#define DACL_SECURITY_INFORMATION 0x00000004
/* Extra W2K flags. */
#define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000
#define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000
/* Extra W2K flags. */
#define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000
#define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000
@@
-33,7
+31,7
@@
#define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000
#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
#define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000
#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\
-
DACL_SECURITY_INFORMATION
|SECINFO_SACL|\
+
SECINFO_DACL
|SECINFO_SACL|\
UNPROTECTED_SACL_SECURITY_INFORMATION|\
UNPROTECTED_DACL_SECURITY_INFORMATION|\
PROTECTED_SACL_SECURITY_INFORMATION|\
UNPROTECTED_SACL_SECURITY_INFORMATION|\
UNPROTECTED_DACL_SECURITY_INFORMATION|\
PROTECTED_SACL_SECURITY_INFORMATION|\
diff --git
a/source3/lib/secdesc.c
b/source3/lib/secdesc.c
index b1e12c3f2bf997cd11a94413b8959930978a38cd..8cabe0b5f5484857493a03ae0b64a9208a008b98 100644
(file)
--- a/
source3/lib/secdesc.c
+++ b/
source3/lib/secdesc.c
@@
-52,7
+52,7
@@
uint32_t get_sec_info(const struct security_descriptor *sd)
sec_info &= ~SECINFO_SACL;
}
if (sd->dacl == NULL) {
sec_info &= ~SECINFO_SACL;
}
if (sd->dacl == NULL) {
- sec_info &= ~
DACL_SECURITY_INFORMATION
;
+ sec_info &= ~
SECINFO_DACL
;
}
return sec_info;
}
return sec_info;
diff --git
a/source3/libsmb/clisecdesc.c
b/source3/libsmb/clisecdesc.c
index bddf3895a03e3a3fb77d8d04195cf4115a8cb308..1fc3da0c8683d4a04955404d7f7a51b6661882bd 100644
(file)
--- a/
source3/libsmb/clisecdesc.c
+++ b/
source3/libsmb/clisecdesc.c
@@
-91,7
+91,7
@@
bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descr
SIVAL(param, 0, fnum);
if (sd->dacl)
SIVAL(param, 0, fnum);
if (sd->dacl)
- sec_info |=
DACL_SECURITY_INFORMATION
;
+ sec_info |=
SECINFO_DACL
;
if (sd->owner_sid)
sec_info |= SECINFO_OWNER;
if (sd->group_sid)
if (sd->owner_sid)
sec_info |= SECINFO_OWNER;
if (sd->group_sid)
diff --git
a/source3/modules/nfs4_acls.c
b/source3/modules/nfs4_acls.c
index 9f383cfc16502e31805cce7c3ea0059f26e877ac..a6b9c6ed01c32f777d8a7d0dae8922d6603c7937 100644
(file)
--- a/
source3/modules/nfs4_acls.c
+++ b/
source3/modules/nfs4_acls.c
@@
-734,7
+734,7
@@
NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
DEBUG(10, ("smb_set_nt_acl_nfs4 invoked for %s\n", fsp_str_dbg(fsp)));
DEBUG(10, ("smb_set_nt_acl_nfs4 invoked for %s\n", fsp_str_dbg(fsp)));
- if ((security_info_sent & (
DACL_SECURITY_INFORMATION
|
+ if ((security_info_sent & (
SECINFO_DACL
|
SECINFO_GROUP | SECINFO_OWNER)) == 0)
{
DEBUG(9, ("security_info_sent (0x%x) ignored\n",
SECINFO_GROUP | SECINFO_OWNER)) == 0)
{
DEBUG(9, ("security_info_sent (0x%x) ignored\n",
@@
-784,7
+784,7
@@
NTSTATUS smb_set_nt_acl_nfs4(files_struct *fsp,
}
}
}
}
- if (!(security_info_sent &
DACL_SECURITY_INFORMATION
) || psd->dacl ==NULL) {
+ if (!(security_info_sent &
SECINFO_DACL
) || psd->dacl ==NULL) {
DEBUG(10, ("no dacl found; security_info_sent = 0x%x\n", security_info_sent));
return NT_STATUS_OK;
}
DEBUG(10, ("no dacl found; security_info_sent = 0x%x\n", security_info_sent));
return NT_STATUS_OK;
}
diff --git
a/source3/modules/onefs_acl.c
b/source3/modules/onefs_acl.c
index 4fa2e79c7bdcd950fbffe59f82457ad02903fab4..7080f6c660b3726fec0f2e9b4656b506effe512b 100644
(file)
--- a/
source3/modules/onefs_acl.c
+++ b/
source3/modules/onefs_acl.c
@@
-725,7
+725,7
@@
onefs_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
}
/* Copy DACL into ppdesc */
}
/* Copy DACL into ppdesc */
- if (security_info &
DACL_SECURITY_INFORMATION
) {
+ if (security_info &
SECINFO_DACL
) {
if (!onefs_acl_to_samba_acl(sd->dacl, &dacl)) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
if (!onefs_acl_to_samba_acl(sd->dacl, &dacl)) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
@@
-860,13
+860,13
@@
NTSTATUS onefs_samba_sd_to_sd(uint32_t security_info_sent,
}
/* Setup DACL */
}
/* Setup DACL */
- if ((security_info_sent &
DACL_SECURITY_INFORMATION
) && (psd->dacl)) {
+ if ((security_info_sent &
SECINFO_DACL
) && (psd->dacl)) {
if (!onefs_samba_acl_to_acl(psd->dacl, &daclp, &ignore_aces,
snum))
return NT_STATUS_ACCESS_DENIED;
if (ignore_aces == true)
if (!onefs_samba_acl_to_acl(psd->dacl, &daclp, &ignore_aces,
snum))
return NT_STATUS_ACCESS_DENIED;
if (ignore_aces == true)
- *security_info_effective &= ~
DACL_SECURITY_INFORMATION
;
+ *security_info_effective &= ~
SECINFO_DACL
;
}
/* Setup SACL */
}
/* Setup SACL */
diff --git
a/source3/modules/vfs_acl_common.c
b/source3/modules/vfs_acl_common.c
index 59aa70310f248d9fdb1773e2491453bb8b4da5b2..79eb533af744e928415f61c2ef6f56cdce340810 100644
(file)
--- a/
source3/modules/vfs_acl_common.c
+++ b/
source3/modules/vfs_acl_common.c
@@
-38,7
+38,7
@@
static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
#define HASH_SECURITY_INFO (SECINFO_OWNER | \
SECINFO_GROUP | \
#define HASH_SECURITY_INFO (SECINFO_OWNER | \
SECINFO_GROUP | \
-
DACL_SECURITY_INFORMATION
| \
+
SECINFO_DACL
| \
SECINFO_SACL)
/*******************************************************************
SECINFO_SACL)
/*******************************************************************
@@
-377,7
+377,7
@@
static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
if (!(security_info & SECINFO_GROUP)) {
psd->group_sid = NULL;
}
if (!(security_info & SECINFO_GROUP)) {
psd->group_sid = NULL;
}
- if (!(security_info &
DACL_SECURITY_INFORMATION
)) {
+ if (!(security_info &
SECINFO_DACL
)) {
psd->dacl = NULL;
}
if (!(security_info & SECINFO_SACL)) {
psd->dacl = NULL;
}
if (!(security_info & SECINFO_SACL)) {
@@
-438,7
+438,7
@@
static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
return SMB_VFS_FSET_NT_ACL(fsp,
(SECINFO_OWNER |
SECINFO_GROUP |
return SMB_VFS_FSET_NT_ACL(fsp,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),
+
SECINFO_DACL
),
psd);
}
psd);
}
@@
-461,7
+461,7
@@
static NTSTATUS check_parent_acl_common(vfs_handle_struct *handle,
parent_name,
(SECINFO_OWNER |
SECINFO_GROUP |
parent_name,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),
+
SECINFO_DACL
),
&parent_desc);
if (!NT_STATUS_IS_OK(status)) {
&parent_desc);
if (!NT_STATUS_IS_OK(status)) {
@@
-534,7
+534,7
@@
static int open_acl_common(vfs_handle_struct *handle,
fname,
(SECINFO_OWNER |
SECINFO_GROUP |
fname,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),
+
SECINFO_DACL
),
&pdesc);
if (NT_STATUS_IS_OK(status)) {
/* See if we can access it. */
&pdesc);
if (NT_STATUS_IS_OK(status)) {
/* See if we can access it. */
@@
-680,10
+680,10
@@
static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
if ((security_info_sent & (SECINFO_OWNER|
SECINFO_GROUP|
if ((security_info_sent & (SECINFO_OWNER|
SECINFO_GROUP|
-
DACL_SECURITY_INFORMATION
)) !=
+
SECINFO_DACL
)) !=
(SECINFO_OWNER|
SECINFO_GROUP|
(SECINFO_OWNER|
SECINFO_GROUP|
-
DACL_SECURITY_INFORMATION
)) {
+
SECINFO_DACL
)) {
/* No we don't - read from the existing SD. */
struct security_descriptor *nc_psd = NULL;
/* No we don't - read from the existing SD. */
struct security_descriptor *nc_psd = NULL;
@@
-691,7
+691,7
@@
static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
NULL,
(SECINFO_OWNER|
SECINFO_GROUP|
NULL,
(SECINFO_OWNER|
SECINFO_GROUP|
-
DACL_SECURITY_INFORMATION
),
+
SECINFO_DACL
),
&nc_psd);
if (!NT_STATUS_IS_OK(status)) {
&nc_psd);
if (!NT_STATUS_IS_OK(status)) {
@@
-709,13
+709,13
@@
static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
}
security_info_sent |= SECINFO_GROUP;
}
security_info_sent |= SECINFO_GROUP;
- if (security_info_sent &
DACL_SECURITY_INFORMATION
) {
+ if (security_info_sent &
SECINFO_DACL
) {
nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
if (nc_psd->dacl == NULL) {
return NT_STATUS_NO_MEMORY;
}
}
nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
if (nc_psd->dacl == NULL) {
return NT_STATUS_NO_MEMORY;
}
}
- security_info_sent |=
DACL_SECURITY_INFORMATION
;
+ security_info_sent |=
SECINFO_DACL
;
psd = nc_psd;
}
psd = nc_psd;
}
diff --git
a/source3/modules/vfs_afsacl.c
b/source3/modules/vfs_afsacl.c
index f2ff474f0699173015860d941d2488e8c0a4d207..dacd58f7aee39892bf95d0b3791ced79dd6c7c0b 100644
(file)
--- a/
source3/modules/vfs_afsacl.c
+++ b/
source3/modules/vfs_afsacl.c
@@
-731,7
+731,7
@@
static bool nt_to_afs_acl(const char *filename,
/* Currently we *only* look at the dacl */
/* Currently we *only* look at the dacl */
- if (((security_info_sent &
DACL_SECURITY_INFORMATION
) == 0) ||
+ if (((security_info_sent &
SECINFO_DACL
) == 0) ||
(psd->dacl == NULL))
return True;
(psd->dacl == NULL))
return True;
diff --git
a/source3/rpc_server/srv_srvsvc_nt.c
b/source3/rpc_server/srv_srvsvc_nt.c
index bdf7018147e01720a1970e91a4cc050d885d99a2..14461df35533022a0f8b6c6742da9d02ae3df753 100644
(file)
--- a/
source3/rpc_server/srv_srvsvc_nt.c
+++ b/
source3/rpc_server/srv_srvsvc_nt.c
@@
-2148,7
+2148,7
@@
WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
nt_status = SMB_VFS_FGET_NT_ACL(fsp,
(SECINFO_OWNER
|SECINFO_GROUP
nt_status = SMB_VFS_FGET_NT_ACL(fsp,
(SECINFO_OWNER
|SECINFO_GROUP
- |
DACL_SECURITY_INFORMATION
), &psd);
+ |
SECINFO_DACL
), &psd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL "
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL "
@@
-2289,7
+2289,7
@@
WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
security_info_sent &= ~SECINFO_SACL;
}
if (psd->dacl==0) {
security_info_sent &= ~SECINFO_SACL;
}
if (psd->dacl==0) {
- security_info_sent &= ~
DACL_SECURITY_INFORMATION
;
+ security_info_sent &= ~
SECINFO_DACL
;
}
/* Convert all the generic bits. */
}
/* Convert all the generic bits. */
diff --git
a/source3/rpc_server/srv_svcctl_nt.c
b/source3/rpc_server/srv_svcctl_nt.c
index b8dcfbe1c6a69695edadbddffa95a56f59d11bc0..02b3c8d83341d3e6c0a3873eaa8177aba8964ffa 100644
(file)
--- a/
source3/rpc_server/srv_svcctl_nt.c
+++ b/
source3/rpc_server/srv_svcctl_nt.c
@@
-872,9
+872,9
@@
WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p,
if ( !(info->access_granted & STD_RIGHT_READ_CONTROL_ACCESS) )
return WERR_ACCESS_DENIED;
if ( !(info->access_granted & STD_RIGHT_READ_CONTROL_ACCESS) )
return WERR_ACCESS_DENIED;
- /* TODO: handle something besides
DACL_SECURITY_INFORMATION
*/
+ /* TODO: handle something besides
SECINFO_DACL
*/
- if ( (r->in.security_flags &
DACL_SECURITY_INFORMATION) != DACL_SECURITY_INFORMATION
)
+ if ( (r->in.security_flags &
SECINFO_DACL) != SECINFO_DACL
)
return WERR_INVALID_PARAM;
/* lookup the security descriptor and marshall it up for a reply */
return WERR_INVALID_PARAM;
/* lookup the security descriptor and marshall it up for a reply */
@@
-922,7
+922,7
@@
WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p,
/* check the access on the open handle */
switch ( r->in.security_flags ) {
/* check the access on the open handle */
switch ( r->in.security_flags ) {
- case
DACL_SECURITY_INFORMATION
:
+ case
SECINFO_DACL
:
required_access = STD_RIGHT_WRITE_DAC_ACCESS;
break;
required_access = STD_RIGHT_WRITE_DAC_ACCESS;
break;
diff --git
a/source3/rpcclient/cmd_lsarpc.c
b/source3/rpcclient/cmd_lsarpc.c
index da01e6ec94788363bcecd0001cb7c4bd06462e0b..1cc16fb7f45adf421f7720804518b3e0dc5cdf2d 100644
(file)
--- a/
source3/rpcclient/cmd_lsarpc.c
+++ b/
source3/rpcclient/cmd_lsarpc.c
@@
-1040,7
+1040,7
@@
static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
struct policy_handle pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct sec_desc_buf *sdb;
struct policy_handle pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct sec_desc_buf *sdb;
- uint32 sec_info =
DACL_SECURITY_INFORMATION
;
+ uint32 sec_info =
SECINFO_DACL
;
if (argc < 1 || argc > 2) {
printf("Usage: %s [sec_info]\n", argv[0]);
if (argc < 1 || argc > 2) {
printf("Usage: %s [sec_info]\n", argv[0]);
diff --git
a/source3/rpcclient/cmd_samr.c
b/source3/rpcclient/cmd_samr.c
index 199c8b1dccdcd35cf446c4f7f6d788a4df70b207..367c3b864b59f99598d76c0628bc2dc405289249 100644
(file)
--- a/
source3/rpcclient/cmd_samr.c
+++ b/
source3/rpcclient/cmd_samr.c
@@
-2160,7
+2160,7
@@
static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
{
struct policy_handle connect_pol, domain_pol, user_pol, *pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
{
struct policy_handle connect_pol, domain_pol, user_pol, *pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 sec_info =
DACL_SECURITY_INFORMATION
;
+ uint32 sec_info =
SECINFO_DACL
;
uint32 user_rid = 0;
TALLOC_CTX *ctx = NULL;
struct sec_desc_buf *sec_desc_buf=NULL;
uint32 user_rid = 0;
TALLOC_CTX *ctx = NULL;
struct sec_desc_buf *sec_desc_buf=NULL;
diff --git
a/source3/smbd/file_access.c
b/source3/smbd/file_access.c
index bd0a725e9d3d1f2554786695d00af4cec567cb76..1d1776218ebac441fd06b37cad46ee8df6401733 100644
(file)
--- a/
source3/smbd/file_access.c
+++ b/
source3/smbd/file_access.c
@@
-44,7
+44,7
@@
bool can_access_file_acl(struct connection_struct *conn,
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),
+
SECINFO_DACL
),
&secdesc);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5, ("Could not get acl: %s\n", nt_errstr(status)));
&secdesc);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5, ("Could not get acl: %s\n", nt_errstr(status)));
@@
-252,7
+252,7
@@
bool directory_has_default_acl(connection_struct *conn, const char *fname)
struct security_descriptor *secdesc = NULL;
unsigned int i;
NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname,
struct security_descriptor *secdesc = NULL;
unsigned int i;
NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname,
-
DACL_SECURITY_INFORMATION
, &secdesc);
+
SECINFO_DACL
, &secdesc);
if (!NT_STATUS_IS_OK(status) || secdesc == NULL) {
return false;
if (!NT_STATUS_IS_OK(status) || secdesc == NULL) {
return false;
diff --git
a/source3/smbd/nttrans.c
b/source3/smbd/nttrans.c
index 1b34b6ce80322a5a70cc5ce125eee058ac417200..04c32260a9830a6513764c53312a1fb14cbd7aec 100644
(file)
--- a/
source3/smbd/nttrans.c
+++ b/
source3/smbd/nttrans.c
@@
-1809,7
+1809,7
@@
NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
security_info_wanted & SECINFO_SACL)
psd->type |= SEC_DESC_SACL_PRESENT;
if (psd->dacl == NULL &&
security_info_wanted & SECINFO_SACL)
psd->type |= SEC_DESC_SACL_PRESENT;
if (psd->dacl == NULL &&
- security_info_wanted &
DACL_SECURITY_INFORMATION
)
+ security_info_wanted &
SECINFO_DACL
)
psd->type |= SEC_DESC_DACL_PRESENT;
*psd_size = ndr_size_security_descriptor(psd, 0);
psd->type |= SEC_DESC_DACL_PRESENT;
*psd_size = ndr_size_security_descriptor(psd, 0);
diff --git
a/source3/smbd/open.c
b/source3/smbd/open.c
index f6905eaaa108ff6841f10eb2a3b11b07ece93772..4fc464d8abdb119c28ea55057b92cf706813d2f8 100644
(file)
--- a/
source3/smbd/open.c
+++ b/
source3/smbd/open.c
@@
-91,7
+91,7
@@
NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),&sd);
+
SECINFO_DACL
),&sd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("smbd_check_open_rights: Could not get acl "
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("smbd_check_open_rights: Could not get acl "
@@
-1415,7
+1415,7
@@
static NTSTATUS calculate_access_mask(connection_struct *conn,
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
-
DACL_SECURITY_INFORMATION
),&sd);
+
SECINFO_DACL
),&sd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("calculate_access_mask: Could not get acl "
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("calculate_access_mask: Could not get acl "
@@
-3211,7
+3211,7
@@
static NTSTATUS create_file_unixpath(connection_struct *conn,
if (sec_info_sent & (SECINFO_OWNER|
SECINFO_GROUP|
if (sec_info_sent & (SECINFO_OWNER|
SECINFO_GROUP|
-
DACL_SECURITY_INFORMATION
|
+
SECINFO_DACL
|
SECINFO_SACL)) {
status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
}
SECINFO_SACL)) {
status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
}
diff --git
a/source3/smbd/posix_acls.c
b/source3/smbd/posix_acls.c
index c6b0cfdeeb8beb143f1d7e0a9e58e3764089d2c6..a809b909b3b3ad74c6ee0e926a4b3e4c237d8665 100644
(file)
--- a/
source3/smbd/posix_acls.c
+++ b/
source3/smbd/posix_acls.c
@@
-2337,7
+2337,7
@@
static bool unpack_canon_ace(files_struct *fsp,
* If no DACL then this is a chown only security descriptor.
*/
* If no DACL then this is a chown only security descriptor.
*/
- if(!(security_info_sent &
DACL_SECURITY_INFORMATION
) || !psd->dacl)
+ if(!(security_info_sent &
SECINFO_DACL
) || !psd->dacl)
return True;
/*
return True;
/*
@@
-3206,7
+3206,7
@@
static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
num_profile_acls = 3;
}
num_profile_acls = 3;
}
- if ((security_info &
DACL_SECURITY_INFORMATION
) && !(security_info & PROTECTED_DACL_SECURITY_INFORMATION)) {
+ if ((security_info &
SECINFO_DACL
) && !(security_info & PROTECTED_DACL_SECURITY_INFORMATION)) {
/*
* In the optimum case Creator Owner and Creator Group would be used for
/*
* In the optimum case Creator Owner and Creator Group would be used for
@@
-3385,7
+3385,7
@@
static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
goto done;
}
}
goto done;
}
}
- } /* security_info &
DACL_SECURITY_INFORMATION
*/
+ } /* security_info &
SECINFO_DACL
*/
psd = make_standard_sec_desc( talloc_tos(),
(security_info & SECINFO_OWNER) ? &owner_sid : NULL,
psd = make_standard_sec_desc( talloc_tos(),
(security_info & SECINFO_OWNER) ? &owner_sid : NULL,
@@
-3682,7
+3682,7
@@
NTSTATUS append_parent_acl(files_struct *fsp,
}
status = SMB_VFS_GET_NT_ACL(parent_fsp->conn, smb_dname->base_name,
}
status = SMB_VFS_GET_NT_ACL(parent_fsp->conn, smb_dname->base_name,
-
DACL_SECURITY_INFORMATION
, &parent_sd );
+
SECINFO_DACL
, &parent_sd );
close_file(NULL, parent_fsp, NORMAL_CLOSE);
TALLOC_FREE(smb_dname);
close_file(NULL, parent_fsp, NORMAL_CLOSE);
TALLOC_FREE(smb_dname);
@@
-3937,7
+3937,7
@@
NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const struct s
* Only change security if we got a DACL.
*/
* Only change security if we got a DACL.
*/
- if(!(security_info_sent &
DACL_SECURITY_INFORMATION
) || (psd->dacl == NULL)) {
+ if(!(security_info_sent &
SECINFO_DACL
) || (psd->dacl == NULL)) {
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
return NT_STATUS_OK;
free_canon_ace_list(file_ace_list);
free_canon_ace_list(dir_ace_list);
return NT_STATUS_OK;
@@
-4747,7
+4747,7
@@
struct security_descriptor *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fna
return NULL;
}
return NULL;
}
- if (!NT_STATUS_IS_OK(SMB_VFS_FGET_NT_ACL( &finfo,
DACL_SECURITY_INFORMATION
, &psd))) {
+ if (!NT_STATUS_IS_OK(SMB_VFS_FGET_NT_ACL( &finfo,
SECINFO_DACL
, &psd))) {
DEBUG(0,("get_nt_acl_no_snum: get_nt_acl returned zero.\n"));
TALLOC_FREE(finfo.fsp_name);
conn_free(conn);
DEBUG(0,("get_nt_acl_no_snum: get_nt_acl returned zero.\n"));
TALLOC_FREE(finfo.fsp_name);
conn_free(conn);
diff --git
a/source3/utils/net_ads_gpo.c
b/source3/utils/net_ads_gpo.c
index e47efe768ed34c2b4263b82482a70d58c335cfb3..b120ca597b6f626f6955028d2b9a7834f0f1badf 100644
(file)
--- a/
source3/utils/net_ads_gpo.c
+++ b/
source3/utils/net_ads_gpo.c
@@
-248,7
+248,7
@@
static int net_ads_gpo_list_all(struct net_context *c, int argc, const char **ar
LDAP_SCOPE_SUBTREE,
"(objectclass=groupPolicyContainer)",
attrs,
LDAP_SCOPE_SUBTREE,
"(objectclass=groupPolicyContainer)",
attrs,
-
DACL_SECURITY_INFORMATION
,
+
SECINFO_DACL
,
&res);
if (!ADS_ERR_OK(status)) {
&res);
if (!ADS_ERR_OK(status)) {