samba.smb.SMB:set_acl seems to generate a bad nttrans:SET_SD request

[Richard Sharpe]

Hi folks,

I was playing with set_acl and was getting:

     RuntimeError: (-1073741811, 'Unexpected information received')

When I look at the on-the-wire traffic I see that the SD is there but
that the Security Info field is zero.

So, then I looked at source4/libcli/pysmb.c and see this:

        fio.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
        fio.set_secdesc.in.file.fnum = fnum;
        fio.set_secdesc.in.secinfo_flags = 0;
        fio.set_secdesc.in.sd = sd;

        status = smb_raw_set_secdesc(spdata->tree, &fio);

It seems that we are setting the seconfo to 0. Perhaps we should be
passing secinfo into set_acl, or perhaps it should scan the SD, or
maybe I am just doing something wrong.

Here is the code I am using:

    if sd_sddl.find("S-1-3-4") < 0:
        sd_sddl = sd_sddl + "(A;OICIIO;0x00060000;;;S-1-3-4)"

        root_sd = security.descriptor.from_sddl(sd_sddl,
security.dom_sid("S-2-0-0"))
        print "New SD: ", root_sd.as_sddl()

        conn.set_acl("\\", root_sd)

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)