Author: jra Date: 2005-11-02 02:35:48 +0000 (Wed, 02 Nov 2005) New Revision: 11464
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11464 Log: Allow smbcacls to modify a SD on W2K3. This may fix several bugzilla bugs - I need to go through and check. I also need to test against WNT/W2K and WXP. Jeremy. Modified: branches/SAMBA_3_0/source/utils/smbcacls.c Changeset: Modified: branches/SAMBA_3_0/source/utils/smbcacls.c =================================================================== --- branches/SAMBA_3_0/source/utils/smbcacls.c 2005-11-02 02:32:25 UTC (rev 11463) +++ branches/SAMBA_3_0/source/utils/smbcacls.c 2005-11-02 02:35:48 UTC (rev 11464) @@ -718,11 +718,24 @@ sort_acl(old->dacl); /* Create new security descriptor and set it */ +#if 0 + /* We used to just have "WRITE_DAC_ACCESS" without WRITE_OWNER. + But if we're sending an owner, even if it's the same as the one + that already exists then W2K3 insists we open with WRITE_OWNER access. + I need to check that setting a SD with no owner set works against WNT + and W2K. JRA. + */ + sd = make_sec_desc(ctx,old->revision, old->type, old->owner_sid, old->grp_sid, NULL, old->dacl, &sd_size); + fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS); +#else + sd = make_sec_desc(ctx,old->revision, old->type, NULL, NULL, + NULL, old->dacl, &sd_size); + fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS); - +#endif if (fnum == -1) { printf("cacl_set failed to open %s: %s\n", filename, cli_errstr(cli)); return EXIT_FAILED;
