[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-572-gae56b0f

Nadezhda Ivanova nivanova at samba.org
Sun Sep 20 15:09:34 MDT 2009


The branch, master has been updated
       via  ae56b0f2f96cea7a77b0a19c0d16d94ad971fb3f (commit)
      from  3c5d7639624f6a82e75328e30dfd89e8ae728c55 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit ae56b0f2f96cea7a77b0a19c0d16d94ad971fb3f
Author: Nadezhda Ivanova <nadezhda.ivanova at postpath.com>
Date:   Sat Sep 19 21:45:07 2009 -0700

    Disable descriptor module unless enabled in smb.conf
    
    Since this code may still have some problems, it is not executed by default.
    To enable descriptor inheritance add:
    acl:inheritance = true
    in your smb.conf

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/samdb/ldb_modules/descriptor.c |   29 +++++++++++++++++++++++++++
 1 files changed, 29 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index e74a93c..7b5b700 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -42,6 +42,10 @@
 #include "auth/auth.h"
 #include "param/param.h"
 
+struct descriptor_data {
+	bool inherit;
+};
+
 struct descriptor_context {
 		struct ldb_module *module;
 		struct ldb_request *req;
@@ -395,10 +399,15 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
 	struct descriptor_context *ac;
 	struct ldb_dn *parent_dn;
 	int ret;
+	struct descriptor_data *data;
 	static const char * const descr_attrs[] = { "nTSecurityDescriptor", NULL };
 
+	data = talloc_get_type(ldb_module_get_private(module), struct descriptor_data);
 	ldb = ldb_module_get_ctx(module);
 
+	if (!data->inherit)
+		return ldb_next_request(module, req);
+
 	ldb_debug(ldb, LDB_DEBUG_TRACE, "descriptor_add\n");
 
 	if (ldb_dn_is_special(req->op.add.message->dn)) {
@@ -452,11 +461,31 @@ static int descriptor_rename(struct ldb_module *module, struct ldb_request *req)
 	return ldb_next_request(module, req);
 }
 
+static int descriptor_init(struct ldb_module *module)
+{
+	struct ldb_context *ldb;
+	struct descriptor_data *data;
+
+	ldb = ldb_module_get_ctx(module);
+	data = talloc(module, struct descriptor_data);
+	if (data == NULL) {
+		ldb_oom(ldb);
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	data->inherit = lp_parm_bool(ldb_get_opaque(ldb, "loadparm"),
+				  NULL, "acl", "inheritance", false);
+	ldb_module_set_private(module, data);
+	return ldb_next_init(module);
+}
+
+
 _PUBLIC_ const struct ldb_module_ops ldb_descriptor_module_ops = {
 	.name		   = "descriptor",
 	.add           = descriptor_add,
 	.modify        = descriptor_modify,
 	.rename        = descriptor_rename,
+	.init_context  = descriptor_init
 };
 
 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list