[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-188-gd0bf0ad

Günther Deschner gd at samba.org
Mon Nov 5 02:41:49 GMT 2007 

The branch, v3-2-test has been updated
       via  d0bf0ad2ae9a2bff4cec8c7e801a22c624b874ae (commit)
       via  52bf835c5e9b2fa759c61bf4a7a364eeaeae6043 (commit)
       via  62d4cce4562b77403f9353d333b9553352bdf1d8 (commit)
      from  4cdebda39b9b1790fc5c7df3dc81bfb46b047ad7 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit d0bf0ad2ae9a2bff4cec8c7e801a22c624b874ae
Merge: 52bf835c5e9b2fa759c61bf4a7a364eeaeae6043 4cdebda39b9b1790fc5c7df3dc81bfb46b047ad7
Author: Günther Deschner <gd at samba.org>
Date:   Mon Nov 5 03:39:18 2007 +0100

    Merge commit 'origin/v3-2-test' into branches/upstream

commit 52bf835c5e9b2fa759c61bf4a7a364eeaeae6043
Author: Günther Deschner <gd at samba.org>
Date:   Fri Oct 26 12:58:01 2007 +0200

    Display sec ace flags.
    
    Guenther

commit 62d4cce4562b77403f9353d333b9553352bdf1d8
Author: Günther Deschner <gd at samba.org>
Date:   Mon Nov 5 02:33:58 2007 +0100

    Make sure we can read SACLs from the registry.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/lib/display_sec.c        |   34 +++++++++++++++++++++++++++++++---
 source/utils/net_rpc_registry.c |    6 +++++-
 2 files changed, 36 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/lib/display_sec.c b/source/lib/display_sec.c
index 487ac8f..8e92c84 100644
--- a/source/lib/display_sec.c
+++ b/source/lib/display_sec.c
@@ -66,6 +66,31 @@ void display_sec_access(SEC_ACCESS *info)
 }
 
 /****************************************************************************
+ display sec_ace flags
+ ****************************************************************************/
+void display_sec_ace_flags(uint8_t flags)
+{
+	if (flags & SEC_ACE_FLAG_OBJECT_INHERIT)
+		printf("SEC_ACE_FLAG_OBJECT_INHERIT ");
+	if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT)
+		printf(" SEC_ACE_FLAG_CONTAINER_INHERIT ");
+	if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT)
+		printf("SEC_ACE_FLAG_NO_PROPAGATE_INHERIT ");
+	if (flags & SEC_ACE_FLAG_INHERIT_ONLY)
+		printf("SEC_ACE_FLAG_INHERIT_ONLY ");
+	if (flags & SEC_ACE_FLAG_INHERITED_ACE)
+		printf("SEC_ACE_FLAG_INHERITED_ACE ");
+/*	if (flags & SEC_ACE_FLAG_VALID_INHERIT)
+		printf("SEC_ACE_FLAG_VALID_INHERIT "); */
+	if (flags & SEC_ACE_FLAG_SUCCESSFUL_ACCESS)
+		printf("SEC_ACE_FLAG_SUCCESSFUL_ACCESS ");
+	if (flags & SEC_ACE_FLAG_FAILED_ACCESS)
+		printf("SEC_ACE_FLAG_FAILED_ACCESS ");
+
+	printf("\n");
+}
+
+/****************************************************************************
  display sec_ace object
  ****************************************************************************/
 static void disp_sec_ace_object(struct security_ace_object *object)
@@ -123,7 +148,8 @@ void display_sec_ace(SEC_ACE *ace)
 			break;
 	}
 
-	printf(" (%d) flags: %d\n", ace->type, ace->flags);
+	printf(" (%d) flags: 0x%02x ", ace->type, ace->flags);
+	display_sec_ace_flags(ace->flags);
 	display_sec_access(&ace->access_mask);
 	sid_to_string(sid_str, &ace->trustee);
 	printf("\t\tSID: %s\n\n", sid_str);
@@ -145,9 +171,11 @@ void display_sec_acl(SEC_ACL *sec_acl)
 			 sec_acl->num_aces, sec_acl->revision); 
 	printf("\t---\n");
 
-	if (sec_acl->size != 0 && sec_acl->num_aces != 0)
-		for (i = 0; i < sec_acl->num_aces; i++)
+	if (sec_acl->size != 0 && sec_acl->num_aces != 0) {
+		for (i = 0; i < sec_acl->num_aces; i++) {
 			display_sec_ace(&sec_acl->aces[i]);
+		}
+	}
 }
 
 void display_acl_type(uint16 type)
diff --git a/source/utils/net_rpc_registry.c b/source/utils/net_rpc_registry.c
index 915ce5f..e1d65fb 100644
--- a/source/utils/net_rpc_registry.c
+++ b/source/utils/net_rpc_registry.c
@@ -990,6 +990,9 @@ static NTSTATUS rpc_registry_getsd_internal(const DOM_SID *domain_sid,
 	uint32_t sec_info;
 	DATA_BLOB blob;
 	struct security_descriptor sec_desc;
+	uint32_t access_mask = REG_KEY_READ |
+			       SEC_RIGHT_MAXIMUM_ALLOWED |
+			       SEC_RIGHT_SYSTEM_SECURITY;
 
 	if (argc <1 || argc > 2) {
 		d_printf("Usage:    net rpc registry getsd <path> <secinfo>\n");
@@ -997,7 +1000,8 @@ static NTSTATUS rpc_registry_getsd_internal(const DOM_SID *domain_sid,
 		return NT_STATUS_OK;
 	}
 
-	status = registry_openkey(mem_ctx, pipe_hnd, argv[0], REG_KEY_READ,
+	status = registry_openkey(mem_ctx, pipe_hnd, argv[0],
+				  access_mask,
 				  &pol_hive, &pol_key);
 	if (!NT_STATUS_IS_OK(status)) {
 		d_fprintf(stderr, "registry_openkey failed: %s\n",


-- 
Samba Shared Repository

More information about the samba-cvs mailing list