ACL formats used by sharesec in 4.2

[Christof Schmitt]

Hi,

i noticed that the ACL output printed by sharesec has been changed
through this commit:

commit 4a9d64e37a72cd1384c1e8db54532b8e850715cd
Author: David Disseldorp <ddiss at samba.org>
Date:   Mon May 26 14:38:24 2014 +0200

    sharesec: use NDR security descriptor print fns
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

While i understand the goal to share code, now the input format of
sharesec is different than the output format:

Setting a share-level ACL uses the old format:
# sharesec test -a S-1-5-21-1866488690-1365729215-3963860297-17724:ALLOWED/0/FULL

Quering it returns the NDR dump:
# sharesec test -v
    : struct security_descriptor
        revision                 : SECURITY_DESCRIPTOR_REVISION_1 (1)
        type                     : 0x8004 (32772)
               0: SEC_DESC_OWNER_DEFAULTED 
               0: SEC_DESC_GROUP_DEFAULTED 
               1: SEC_DESC_DACL_PRESENT    
               0: SEC_DESC_DACL_DEFAULTED  
               0: SEC_DESC_SACL_PRESENT    
               0: SEC_DESC_SACL_DEFAULTED  
               0: SEC_DESC_DACL_TRUSTED    
...

This is probably not very useful. Should we revert the patches to return
to the old output format?

The manpage still lists the old output, but updating the manpage would
be a minor issue after deciding how the output should look like.

The other option would be using the sddl format, but that is difficult
to input manually:

# sharesec test -S 'D:(A;;0x001f01ff;;;WD)(A;;0x001f01ff;;;S-1-5-21-1866488690-1365729215-3963860297-17724)'
# sharesec test -V
D:(A;;0x001f01ff;;;WD)(A;;0x001f01ff;;;S-1-5-21-1866488690-1365729215-3963860297-17724)

Christof