generic ACL interface (RFC)
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Jul 28 17:57:08 GMT 1999
> What else isn't representable (take ownership, for one)? If it
in the unix world? or the nt world? yes, in nt, you can "take ownership".
you mean in unix? hm, i would say that only root could "take ownership".
> Finally, EXEC may not be an NT acl
exec. assume execute. yes it is.
> and failure, but that raises the question of how to identify errors.
> Some folks return 0 for success and errno values for errors, so calls
> have to look like
> if (get_acl(fsp,entries, n_entries) == 0) {
> do success code
> This is not common in samba source, so it may not be a good idea!
we rely on the unix filesystem call to fail, or the access to the password
database API requiring root privileges (because private/smbpasswd is owned
by root) to generate the error message at the unix level, which is
converted to ENOACCESS or NT_STATUS_ACCESS_DENIED.
More information about the samba-technical
mailing list