[PATCH] allowing smbcacls to modify the acl when it's not allowed to modify the owner

[Martin Dorey]

As before:

source/libsmb/clitrans.c:
o  check for NT errors as well as DOS ones in cli_receive_nt_trans()

source/utils/smbcacls.c:
o  don't apply an identity transformation to the owner and group
   when modifying the dacl - leave them alone as we may not be allowed
   to set the owner to its current value, even if we have WRITE_OWNER_ACCESS

Additional changes:

source/utils/smbcacls.c:
o  only change the group, not the owner too, if we're chgrp()ing - we may
not
   be allowed to set the owner to its current value, even if we have
   WRITE_OWNER_ACCESS
o  only change the owner (not the group) if we're chown()ing - for
consistency
o  only ask for WRITE_OWNER_ACCESS, not WRITE_DAC_ACCESS, if we're
chown()ing
   - Domain Admins only have WRITE_OWNER_ACCESS implicitly to all files,
   not WRITE_DAC_ACCESS
o  only ask for WRITE_DAC_ACCESS, not WRITE_OWNER_ACCESS, if we're changing
   the permissions - it's common to be granted the one without the other

-- 



*********************************************************************
This e-mail and any attachment is confidential. It may only be read, copied and used by the intended recipient(s). If you are not the intended recipient(s), you may not copy, use, distribute, forward, store or disclose this e-mail or any attachment. If you are not the intended recipient(s) or have otherwise received this e-mail in error, you should destroy it and any attachment and notify the sender by reply e-mail or send a message to sysadmin at bluearc.com
*********************************************************************

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smbcacls.patch
Type: application/octet-stream
Size: 2833 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030617/61d0158b/smbcacls.obj