svn commit: samba r3840 - in trunk/source/modules: .
vlendec at samba.org
vlendec at samba.org
Thu Nov 18 08:17:17 GMT 2004
Author: vlendec
Date: 2004-11-18 08:17:16 +0000 (Thu, 18 Nov 2004)
New Revision: 3840
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=3840
Log:
Some more specific NT security descriptors we've come across. Map them to
defined AFS acls. Thanks to Horst Birthelmer.
Volker
Modified:
trunk/source/modules/vfs_afsacl.c
Changeset:
Modified: trunk/source/modules/vfs_afsacl.c
===================================================================
--- trunk/source/modules/vfs_afsacl.c 2004-11-18 08:16:59 UTC (rev 3839)
+++ trunk/source/modules/vfs_afsacl.c 2004-11-18 08:17:16 UTC (rev 3840)
@@ -488,6 +488,17 @@
{ 0, SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT,
0x00120089, 8 /* l */ },
+ /* some stupid workaround for preventing fallbacks */
+ { 0, 0x3, 0x0012019F, 9 /* rl */ },
+ { 0, 0x13, PERMS_FULL, 127 /* full */ },
+
+ /* read, delete and execute access plus synchronize */
+ { 0, 0x3, 0x001300A9, 9 /* should be rdl, set to rl */},
+ /* classical read list */
+ { 0, 0x13, 0x001200A9, 9 /* rl */},
+ /* almost full control, no delete */
+ { 0, 0x13, PERMS_CHANGE, 63 /* rwidlk */},
+
/* List folder */
{ 0, SEC_ACE_FLAG_CONTAINER_INHERIT,
PERMS_READ, 8 /* l */ },
@@ -527,8 +538,8 @@
return m->afs_rights;
}
- DEBUG(1, ("AFSACL FALLBACK: 0x%X 0x%X 0x%X %s\n",
- ace->type, ace->flags, ace->info.mask, filename));
+ DEBUG(1, ("AFSACL FALLBACK: 0x%X 0x%X 0x%X %s %X\n",
+ ace->type, ace->flags, ace->info.mask, filename, rights));
if (rights & (GENERIC_ALL_ACCESS|WRITE_DAC_ACCESS)) {
result |= PRSFS_READ | PRSFS_WRITE | PRSFS_INSERT |
More information about the samba-cvs
mailing list