smbcacls

[matthew at jenika.com]

I'm working on adding support to smbcacls for the equivalent of unsetting or setting the windows file Properties check box:

"Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here."

The checkbox has 3 basic functions depending on what the user desires.

a) Enables inheritable permissions
b) Removes inherited permissions
c) Removes inherited permissions but transfers all currently inherited permissions

What I have done so far is add support for a new flag to smbcacls:  [ -I allow|remove|copy ]

The three possible values for -I correspond two the three different possible behaviors of the windows checkbox.

Attached is a copy of smbcacls.c that supports much of the above functionality. While working with this I have ran into the following issues:

1) smbcacls in  general seems to have a side effect on control flags. If I make any ace changes to a file using windows the control flags generally either stay as 0x9404 or 0x8404. However anytime I use smbcacls to make changes to aces I will end up with control flags of 0x9004 or 0x8004. So far I have been unable to track down what in cli_set_secdesc is causing this behavior.

Any suggestions help or recommendations for this functionality would be appreciated.

Working with samba 3.5.2 on fc 2.6.30.10-105.2.23.fc11.i686.PAE changing permissions on a Windows 2003 Server SP2

Thanks,
Matthew

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smbcacls.c
Type: application/octet-stream
Size: 31902 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100419/043ab105/attachment.obj>