[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Tue Sep 4 03:31:02 MDT 2012 

The branch, master has been updated
       via  4437547 s4-selftest: Try a more complex ACL - this example from a GPO
       via  97a1f8d s4-selftest: Try to make ntacl unit tests better match their names
       via  6c9d22d file_server: Clarify code by avoiding a goto
       via  30253c1 s4-samba-tool: Ensure we also sync the SACL as well as the DACL during sysvolreset
      from  9983ad7 s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4437547afab2def2b53f2be1b10ac7b376f5ee8f
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Sep 4 17:56:38 2012 +1000

    s4-selftest: Try a more complex ACL - this example from a GPO
    
    Andrew Bartlett
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Tue Sep  4 11:30:17 CEST 2012 on sn-devel-104

commit 97a1f8d20be2068e3214361f844a6282e10ab28d
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Sep 4 17:54:34 2012 +1000

    s4-selftest: Try to make ntacl unit tests better match their names
    
    We are trying to test combinations of setting and getting via the VFS
    and directly to the underlying DB.
    
    Andrew Bartlett

commit 6c9d22d1ed5cc886b7a7c886f7298fea8c60089c
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Sep 4 17:18:45 2012 +1000

    file_server: Clarify code by avoiding a goto
    
    As suggested by Ricky Nance <ricky.nance at weaubleau.k12.mo.us>
    
    Andrew Bartlett

commit 30253c11cca5be8b5eaddeb12f1a749315928679
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Sep 4 17:17:34 2012 +1000

    s4-samba-tool: Ensure we also sync the SACL as well as the DACL during sysvolreset

-----------------------------------------------------------------------

Summary of changes:
 file_server/file_server.c                        |    6 +---
 source4/scripting/python/samba/ntacls.py         |    2 +-
 source4/scripting/python/samba/tests/posixacl.py |   24 +++++++++++++++++----
 3 files changed, 22 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/file_server/file_server.c b/file_server/file_server.c
index a3efcb2..e1560c2 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -117,15 +117,13 @@ static void s3fs_task_init(struct task_server *task)
 				NULL);
 	if (req == NULL) {
 		DEBUG(0, ("Failed to start smbd as child daemon\n"));
-		goto failed;
+		task_server_terminate(task, "Failed to startup s3fs smb task", true);
+		return;
 	}
 
 	tevent_req_set_callback(req, file_server_smbd_done, task);
 
 	DEBUG(1,("Started file server smbd with config %s\n", fileserver_conf));
-	return;
-failed:
-	task_server_terminate(task, "Failed to startup s3fs smb task", true);
 }
 
 /* called at smbd startup - register ourselves as a server service */
diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py
index ac4aad0..38c31c6 100644
--- a/source4/scripting/python/samba/ntacls.py
+++ b/source4/scripting/python/samba/ntacls.py
@@ -105,7 +105,7 @@ def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None, use_ntvfs=True
             samba.xattr_native.wrap_setxattr(file, xattr.XATTR_NTACL_NAME,
                                              ndr_pack(ntacl))
     else:
-        smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL, sd)
+        smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd)
 
 
 def ldapmask2filemask(ldm):
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py
index 64c997d..ba0911d 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -59,7 +59,7 @@ class PosixAclMappingTests(TestCase):
         tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
         open(tempf, 'w').write("empty")
         setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
-        facl = getntacl(lp,tempf)
+        facl = getntacl(lp,tempf, direct_db_access=True)
         anysid = security.dom_sid(security.SID_NT_SELF)
         self.assertEquals(facl.as_sddl(anysid),acl)
         os.unlink(tempf)
@@ -72,8 +72,8 @@ class PosixAclMappingTests(TestCase):
         acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
         tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
         open(tempf, 'w').write("empty")
-        setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
-        facl = getntacl(lp,tempf, direct_db_access=True)
+        setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+        facl = getntacl(lp,tempf, direct_db_access=False)
         anysid = security.dom_sid(security.SID_NT_SELF)
         self.assertEquals(facl.as_sddl(anysid),acl)
         os.unlink(tempf)
@@ -86,12 +86,26 @@ class PosixAclMappingTests(TestCase):
         acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
         tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
         open(tempf, 'w').write("empty")
-        setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
-        facl = getntacl(lp,tempf, direct_db_access=True)
+        setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+        facl = getntacl(lp,tempf, direct_db_access=False)
         anysid = security.dom_sid(security.SID_NT_SELF)
         self.assertEquals(facl.as_sddl(anysid),acl)
         os.unlink(tempf)
 
+    def test_setntacl_smbd_getntacl_smbd_gpo(self):
+        random.seed()
+        lp = LoadParm()
+        path = None
+        path = os.environ['SELFTEST_PREFIX']
+        acl = "O:DAG:DUD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)"
+        tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
+        open(tempf, 'w').write("empty")
+        setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+        facl = getntacl(lp,tempf, direct_db_access=False)
+        domsid = security.dom_sid("S-1-5-21-2212615479-2695158682-2101375467")
+        self.assertEquals(facl.as_sddl(domsid),acl)
+        os.unlink(tempf)
+
     def test_setntacl_getposixacl(self):
         random.seed()
         lp = LoadParm()


-- 
Samba Shared Repository

More information about the samba-cvs mailing list