granting SeSecurityPrivilege to user
Jeremy Allison
jra at samba.org
Fri Oct 22 12:01:27 MDT 2010
On Tue, Oct 19, 2010 at 05:34:35PM -0700, Nagaraj Shyam wrote:
> Hi,
>
>
>
> I get the error NT_STATUS_PRIVILEGE_NOT_HELD - returned from the function
> create_file_unixpath() from the following block of code:
>
>
>
> /* We need to support SeSecurityPrivilege for this. */
>
> if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
>
> status = NT_STATUS_PRIVILEGE_NOT_HELD;
>
> goto fail;
>
> }
>
>
>
> This is while using samba 3.5.3 on suse linux and trying to migrate files from
> a windows machine to samba share. SeSecurityPrivelege is not one of the
> recognized/supported privileges for it to be granted to the user.
>
>
>
> net rpc share migrate files also seems to have issues copying folders from the
> windows share if any acl is present on a directory that has a ACE with “deny
> everyone else rule”, the migrate prints the error:
>
>
>
> could not handle dir \foldername: NT_STATUS_ACCESS_DENIED
>
> I used the above command with --acls --attrs –timestamps option.
>
>
>
> thanks for any info on how to workaround acl/ea these issues during file
> migration.
FYI. I've implemented the SEC_FLAG_SYSTEM_SECURITY in v3-6-test and
master (not yet in 3.5.x). If you want to give either of those code
bases a test I'd appreciate it.
You'll need to add the SeSystemSecurity privilege using 'net rpc rights'
first.
Jeremy.
More information about the samba-technical
mailing list