PATCHS: manipulation of NT ACL in command line
jelmer at samba.org
Wed Nov 18 12:00:08 MST 2009
Some quick comments.
On Tue, 2009-11-10 at 00:29 +0300, Matthieu Patou wrote:
> Please find attached a huge serie of patchs related to NTACL
> manipulation in command line or in python scripts.
> 0001-s4-utils-recreate-setntacl-and-improve-setntacl.patch: Creation of
> the setntacl utils which allow to set the NTACL from commandline from
> its SDDL representation. It also add the option to export the NTACL as a
> 0002-s4-Create-torture-test-for-samba-utils.patch: This patch a simple
> torture test for getntacl and setntacl.
> 0003-S4-Allow-an-optional-parameter-in-generated-python-b.patch: This
> patch for the PIDL generator. With this patch the generated python code
> allow the specification of a "notallflag" so that either
> ndr_pull_struct_blob or ndr_pull_struct_blob_all can be used. This patch
> follow the talk that I had with metze today on IRC about on how to
> workaround the wrong calculation of consumed bytes when unpacking an
> xattr.NTACL object
Please do this in a separate function that also returns how much data
was left rather than abusing the existing function that is supposed to
parse the full text.
> 0004-s4-Create-a-library-for-xattr-python-bindings.patch: This patch
> allow to create a .so with the python binding generated code for xattr.idl
> 0005-s4-add-python-bindings-for-wrap_-s-g-etxattr.patch: This patch add
> the python bindings for wrap_getxattr and wrap_setxattr
Please put the xattr stuff in a separate python module. pyglue is a big
hack and catchall for things not appropriate elsewhere, it shouldn't be
increased in size unless really necessary.
> 0006-s4-Create-unit-tests-for-python-glue-module.patch: This patch add
> torture test for the
Please add your own copyright for code you have written, not mine :-)
> 0007-s4-regroup-gpo-modification-in-one-function-set-acl-.patch: This
> patch regroup GPO related stuff in provision (and remove them from setup
> samdb) it also make provision to set NT ACL on GPO files with rights
> synchronized with those in the AD.
> Please let me know ...
More information about the samba-technical