Skip to content

Commit

Permalink
samba-tool: gpo: Fix creation of filesystem ACL from directory ACL
Browse files Browse the repository at this point in the history 
Autobuild-User(master): Amitay Isaacs <[email protected]>
Autobuild-Date(master): Thu Jun 21 03:25:57 CEST 2012 on sn-devel-104
  • Loading branch information
@amitay
amitay authored and Amitay Isaacs committed Jun 21, 2012
1 parent 0c29804 commit 17ad62b
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions source4/scripting/python/samba/netcmd/gpo.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -910,10 +910,16 @@ def run(self, displayname, H=None, tmpdir=None, sambaopts=None, credopts=None,
ds_sd = ndr_unpack(security.descriptor, ds_sd_ndr).as_sddl()

# Create a file system security descriptor
fs_sd = security.descriptor(dsacl2fsacl(ds_sd, self.samdb.get_domain_sid()))
domain_sid = self.samdb.get_domain_sid()
sddl = dsacl2fsacl(ds_sd, domain_sid)
fs_sd = security.descriptor.from_sddl(sddl, security.dom_sid(domain_sid))

# Set ACL
conn.set_acl(sharepath, fs_sd)
sio = ( security.SECINFO_OWNER |
security.SECINFO_GROUP |
security.SECINFO_DACL |
security.SECINFO_PROTECTED_DACL )
conn.set_acl(sharepath, fs_sd, sio)
except:
self.samdb.transaction_cancel()
raise
Expand Down

0 comments on commit 17ad62b

Please sign in to comment.