The Samba-Bugzilla – Attachment 2818 Details for
Bug 4308
Excel save operation corrupts file ACLs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Samba ACL fix backport from 3.0.26 trunk.
samba-acl-cte.patch (text/plain), 18.15 KB, created by
Carwyn Edwards
on 2007-07-13 06:48:06 UTC
(
hide
)
Description:
Samba ACL fix backport from 3.0.26 trunk.
Filename:
MIME Type:
Creator:
Carwyn Edwards
Created:
2007-07-13 06:48:06 UTC
Size:
18.15 KB
patch
obsolete
>--- branches/SAMBA_3_0_26/source/smbd/posix_acls.c 2007/05/03 16:59:58 22651 >+++ branches/SAMBA_3_0_26/source/smbd/posix_acls.c 2007/06/30 00:22:59 23664 >@@ -47,7 +47,7 @@ > DOM_SID trustee; > enum ace_owner owner_type; > enum ace_attribute attr; >- posix_id unix_ug; >+ posix_id unix_ug; > BOOL inherited; > } canon_ace; > >@@ -828,20 +828,23 @@ > not get. Deny entries are implicit on get with ace->perms = 0. > ****************************************************************************/ > >-static SEC_ACCESS map_canon_ace_perms(int snum, int *pacl_type, DOM_SID *powner_sid, canon_ace *ace, BOOL directory_ace) >+static SEC_ACCESS map_canon_ace_perms(int snum, >+ int *pacl_type, >+ mode_t perms, >+ BOOL directory_ace) > { > SEC_ACCESS sa; > uint32 nt_mask = 0; > > *pacl_type = SEC_ACE_TYPE_ACCESS_ALLOWED; > >- if (lp_acl_map_full_control(snum) && ((ace->perms & ALL_ACE_PERMS) == ALL_ACE_PERMS)) { >+ if (lp_acl_map_full_control(snum) && ((perms & ALL_ACE_PERMS) == ALL_ACE_PERMS)) { > if (directory_ace) { > nt_mask = UNIX_DIRECTORY_ACCESS_RWX; > } else { > nt_mask = UNIX_ACCESS_RWX; > } >- } else if ((ace->perms & ALL_ACE_PERMS) == (mode_t)0) { >+ } else if ((perms & ALL_ACE_PERMS) == (mode_t)0) { > /* > * Windows NT refuses to display ACEs with no permissions in them (but > * they are perfectly legal with Windows 2000). If the ACE has empty >@@ -857,18 +860,18 @@ > nt_mask = 0; > } else { > if (directory_ace) { >- nt_mask |= ((ace->perms & S_IRUSR) ? UNIX_DIRECTORY_ACCESS_R : 0 ); >- nt_mask |= ((ace->perms & S_IWUSR) ? UNIX_DIRECTORY_ACCESS_W : 0 ); >- nt_mask |= ((ace->perms & S_IXUSR) ? UNIX_DIRECTORY_ACCESS_X : 0 ); >+ nt_mask |= ((perms & S_IRUSR) ? UNIX_DIRECTORY_ACCESS_R : 0 ); >+ nt_mask |= ((perms & S_IWUSR) ? UNIX_DIRECTORY_ACCESS_W : 0 ); >+ nt_mask |= ((perms & S_IXUSR) ? UNIX_DIRECTORY_ACCESS_X : 0 ); > } else { >- nt_mask |= ((ace->perms & S_IRUSR) ? UNIX_ACCESS_R : 0 ); >- nt_mask |= ((ace->perms & S_IWUSR) ? UNIX_ACCESS_W : 0 ); >- nt_mask |= ((ace->perms & S_IXUSR) ? UNIX_ACCESS_X : 0 ); >+ nt_mask |= ((perms & S_IRUSR) ? UNIX_ACCESS_R : 0 ); >+ nt_mask |= ((perms & S_IWUSR) ? UNIX_ACCESS_W : 0 ); >+ nt_mask |= ((perms & S_IXUSR) ? UNIX_ACCESS_X : 0 ); > } > } > > DEBUG(10,("map_canon_ace_perms: Mapped (UNIX) %x to (NT) %x\n", >- (unsigned int)ace->perms, (unsigned int)nt_mask )); >+ (unsigned int)perms, (unsigned int)nt_mask )); > > init_sec_access(&sa,nt_mask); > return sa; >@@ -923,7 +926,7 @@ > Unpack a SEC_DESC into a UNIX owner and group. > ****************************************************************************/ > >-BOOL unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd) >+NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd) > { > DOM_SID owner_sid; > DOM_SID grp_sid; >@@ -933,7 +936,7 @@ > > if(security_info_sent == 0) { > DEBUG(0,("unpack_nt_owners: no security info sent !\n")); >- return True; >+ return NT_STATUS_OK; > } > > /* >@@ -961,9 +964,11 @@ > DEBUG(3,("unpack_nt_owners: unable to validate" > " owner sid for %s\n", > sid_string_static(&owner_sid))); >- return False; >+ return NT_STATUS_INVALID_OWNER; > } > } >+ DEBUG(3,("unpack_nt_owners: owner sid mapped to uid %u\n", >+ (unsigned int)*puser )); > } > > /* >@@ -981,14 +986,16 @@ > } else { > DEBUG(3,("unpack_nt_owners: unable to validate" > " group sid.\n")); >- return False; >+ return NT_STATUS_INVALID_OWNER; > } > } >- } >+ DEBUG(3,("unpack_nt_owners: group sid mapped to gid %u\n", >+ (unsigned int)*pgrp)); >+ } > > DEBUG(5,("unpack_nt_owners: owner_sids validated.\n")); > >- return True; >+ return NT_STATUS_OK; > } > > /**************************************************************************** >@@ -2889,26 +2896,37 @@ > } > > memset(nt_ace_list, '\0', (num_acls + num_def_acls) * sizeof(SEC_ACE) ); >- >+ > /* > * Create the NT ACE list from the canonical ace lists. > */ >- >+ > ace = file_ace; > > for (i = 0; i < num_acls; i++, ace = ace->next) { > SEC_ACCESS acc; > >- acc = map_canon_ace_perms(SNUM(conn), &nt_acl_type, &owner_sid, ace, fsp->is_directory); >- init_sec_ace(&nt_ace_list[num_aces++], &ace->trustee, nt_acl_type, acc, ace->inherited ? SEC_ACE_FLAG_INHERITED_ACE : 0); >+ acc = map_canon_ace_perms(SNUM(conn), >+ &nt_acl_type, >+ ace->perms, >+ fsp->is_directory); >+ init_sec_ace(&nt_ace_list[num_aces++], >+ &ace->trustee, >+ nt_acl_type, >+ acc, >+ ace->inherited ? >+ SEC_ACE_FLAG_INHERITED_ACE : 0); > } > >- /* The User must have access to a profile share - even if we can't map the SID. */ >+ /* The User must have access to a profile share - even >+ * if we can't map the SID. */ > if (lp_profile_acls(SNUM(conn))) { > SEC_ACCESS acc; > > init_sec_access(&acc,FILE_GENERIC_ALL); >- init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, >+ init_sec_ace(&nt_ace_list[num_aces++], >+ &global_sid_Builtin_Users, >+ SEC_ACE_TYPE_ACCESS_ALLOWED, > acc, 0); > } > >@@ -2916,18 +2934,27 @@ > > for (i = 0; i < num_def_acls; i++, ace = ace->next) { > SEC_ACCESS acc; >- >- acc = map_canon_ace_perms(SNUM(conn), &nt_acl_type, &owner_sid, ace, fsp->is_directory); >- init_sec_ace(&nt_ace_list[num_aces++], &ace->trustee, nt_acl_type, acc, >- SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT| >- SEC_ACE_FLAG_INHERIT_ONLY| >- (ace->inherited ? SEC_ACE_FLAG_INHERITED_ACE : 0)); >+ >+ acc = map_canon_ace_perms(SNUM(conn), >+ &nt_acl_type, >+ ace->perms, >+ fsp->is_directory); >+ init_sec_ace(&nt_ace_list[num_aces++], >+ &ace->trustee, >+ nt_acl_type, >+ acc, >+ SEC_ACE_FLAG_OBJECT_INHERIT| >+ SEC_ACE_FLAG_CONTAINER_INHERIT| >+ SEC_ACE_FLAG_INHERIT_ONLY| >+ (ace->inherited ? >+ SEC_ACE_FLAG_INHERITED_ACE : 0)); > } > >- /* The User must have access to a profile share - even if we can't map the SID. */ >+ /* The User must have access to a profile share - even >+ * if we can't map the SID. */ > if (lp_profile_acls(SNUM(conn))) { > SEC_ACCESS acc; >- >+ > init_sec_access(&acc,FILE_GENERIC_ALL); > init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, acc, > SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT| >@@ -3049,6 +3076,7 @@ > > /* Case (4). */ > if (!lp_dos_filemode(SNUM(conn))) { >+ errno = EPERM; > return -1; > } > >@@ -3076,33 +3104,223 @@ > return ret; > } > >+static NTSTATUS append_ugw_ace(files_struct *fsp, >+ SMB_STRUCT_STAT *psbuf, >+ mode_t unx_mode, >+ int ugw, >+ SEC_ACE *se) >+{ >+ mode_t perms; >+ SEC_ACCESS acc; >+ int acl_type; >+ DOM_SID trustee; >+ >+ switch (ugw) { >+ case S_IRUSR: >+ perms = unix_perms_to_acl_perms(unx_mode, >+ S_IRUSR, >+ S_IWUSR, >+ S_IXUSR); >+ uid_to_sid(&trustee, psbuf->st_uid ); >+ break; >+ case S_IRGRP: >+ perms = unix_perms_to_acl_perms(unx_mode, >+ S_IRGRP, >+ S_IWGRP, >+ S_IXGRP); >+ gid_to_sid(&trustee, psbuf->st_gid ); >+ break; >+ case S_IROTH: >+ perms = unix_perms_to_acl_perms(unx_mode, >+ S_IROTH, >+ S_IWOTH, >+ S_IXOTH); >+ sid_copy(&trustee, &global_sid_World); >+ break; >+ default: >+ return NT_STATUS_INVALID_PARAMETER; >+ } >+ acc = map_canon_ace_perms(SNUM(fsp->conn), >+ &acl_type, >+ perms, >+ fsp->is_directory); >+ >+ init_sec_ace(se, >+ &trustee, >+ acl_type, >+ acc, >+ 0); >+ return NT_STATUS_OK; >+} >+ >+/**************************************************************************** >+ If this is an >+****************************************************************************/ >+ >+static NTSTATUS append_parent_acl(files_struct *fsp, >+ SMB_STRUCT_STAT *psbuf, >+ SEC_DESC *psd, >+ SEC_DESC **pp_new_sd) >+{ >+ SEC_DESC *parent_sd = NULL; >+ files_struct *parent_fsp = NULL; >+ TALLOC_CTX *mem_ctx = talloc_parent(psd); >+ char *parent_name = NULL; >+ SEC_ACE *new_ace = NULL; >+ unsigned int num_aces = psd->dacl->num_aces; >+ SMB_STRUCT_STAT sbuf; >+ NTSTATUS status; >+ int info; >+ size_t sd_size; >+ unsigned int i, j; >+ mode_t unx_mode; >+ >+ ZERO_STRUCT(sbuf); >+ >+ if (mem_ctx == NULL) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ >+ if (!parent_dirname_talloc(mem_ctx, >+ fsp->fsp_name, >+ &parent_name, >+ NULL)) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ >+ /* Create a default mode for u/g/w. */ >+ unx_mode = unix_mode(fsp->conn, >+ aARCH | (fsp->is_directory ? aDIR : 0), >+ fsp->fsp_name, >+ parent_name); >+ >+ status = open_directory(fsp->conn, >+ parent_name, >+ &sbuf, >+ FILE_READ_ATTRIBUTES, /* Just a stat open */ >+ FILE_SHARE_NONE, /* Ignored for stat opens */ >+ FILE_OPEN, >+ 0, >+ 0, >+ &info, >+ &parent_fsp); >+ >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } >+ >+ sd_size = SMB_VFS_GET_NT_ACL(parent_fsp, parent_fsp->fsp_name, >+ DACL_SECURITY_INFORMATION, &parent_sd ); >+ >+ close_file(parent_fsp, NORMAL_CLOSE); >+ >+ if (!sd_size) { >+ return NT_STATUS_ACCESS_DENIED; >+ } >+ >+ /* >+ * Make room for potentially all the ACLs from >+ * the parent, plus the user/group/other triple. >+ */ >+ >+ num_aces += parent_sd->dacl->num_aces + 3; >+ >+ if((new_ace = TALLOC_ZERO_ARRAY(mem_ctx, SEC_ACE, >+ num_aces)) == NULL) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ >+ DEBUG(10,("append_parent_acl: parent ACL has %u entries. New " >+ "ACL has %u entries\n", >+ parent_sd->dacl->num_aces, num_aces )); >+ >+ /* Start by copying in all the given ACE entries. */ >+ for (i = 0; i < psd->dacl->num_aces; i++) { >+ sec_ace_copy(&new_ace[i], &psd->dacl->aces[i]); >+ } >+ >+ /* >+ * Note that we're ignoring "inherit permissions" here >+ * as that really only applies to newly created files. JRA. >+ */ >+ >+ /* >+ * Append u/g/w. >+ */ >+ >+ status = append_ugw_ace(fsp, psbuf, unx_mode, S_IRUSR, &new_ace[i++]); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } >+ status = append_ugw_ace(fsp, psbuf, unx_mode, S_IRGRP, &new_ace[i++]); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } >+ status = append_ugw_ace(fsp, psbuf, unx_mode, S_IROTH, &new_ace[i++]); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } >+ >+ /* Finally append any inherited ACEs. */ >+ for (j = 0; j < parent_sd->dacl->num_aces; j++) { >+ SEC_ACE *se = &parent_sd->dacl->aces[j]; >+ uint32 i_flags = se->flags & (SEC_ACE_FLAG_OBJECT_INHERIT| >+ SEC_ACE_FLAG_CONTAINER_INHERIT| >+ SEC_ACE_FLAG_INHERIT_ONLY); >+ >+ if (fsp->is_directory) { >+ if (i_flags == SEC_ACE_FLAG_OBJECT_INHERIT) { >+ /* Should only apply to a file - ignore. */ >+ continue; >+ } >+ } else { >+ if ((i_flags & (SEC_ACE_FLAG_OBJECT_INHERIT| >+ SEC_ACE_FLAG_INHERIT_ONLY)) != >+ SEC_ACE_FLAG_OBJECT_INHERIT) { >+ /* Should not apply to a file - ignore. */ >+ continue; >+ } >+ } >+ sec_ace_copy(&new_ace[i], se); >+ if (se->flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) { >+ new_ace[i].flags &= ~(SEC_ACE_FLAG_VALID_INHERIT); >+ } >+ new_ace[i].flags |= SEC_ACE_FLAG_INHERITED_ACE; >+ i++; >+ } >+ >+ parent_sd->dacl->aces = new_ace; >+ parent_sd->dacl->num_aces = i; >+ >+ *pp_new_sd = parent_sd; >+ return status; >+} >+ > /**************************************************************************** > Reply to set a security descriptor on an fsp. security_info_sent is the > description of the following NT ACL. > This should be the only external function needed for the UNIX style set ACL. > ****************************************************************************/ > >-BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) >+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd) > { > connection_struct *conn = fsp->conn; > uid_t user = (uid_t)-1; > gid_t grp = (gid_t)-1; >- SMB_STRUCT_STAT sbuf; >+ SMB_STRUCT_STAT sbuf; > DOM_SID file_owner_sid; > DOM_SID file_grp_sid; > canon_ace *file_ace_list = NULL; > canon_ace *dir_ace_list = NULL; > BOOL acl_perms = False; > mode_t orig_mode = (mode_t)0; >- uid_t orig_uid; >- gid_t orig_gid; >- BOOL need_chown = False; >+ NTSTATUS status; > > DEBUG(10,("set_nt_acl: called for file %s\n", fsp->fsp_name )); > > if (!CAN_WRITE(conn)) { > DEBUG(10,("set acl rejected on read-only share\n")); >- return False; >+ return NT_STATUS_MEDIA_WRITE_PROTECTED; > } > > /* >@@ -3111,40 +3329,29 @@ > > if(fsp->is_directory || fsp->fh->fd == -1) { > if(SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf) != 0) >- return False; >+ return map_nt_error_from_unix(errno); > } else { > if(SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) != 0) >- return False; >+ return map_nt_error_from_unix(errno); > } > > /* Save the original elements we check against. */ > orig_mode = sbuf.st_mode; >- orig_uid = sbuf.st_uid; >- orig_gid = sbuf.st_gid; > > /* > * Unpack the user/group/world id's. > */ > >- if (!unpack_nt_owners( SNUM(conn), &user, &grp, security_info_sent, psd)) { >- return False; >+ status = unpack_nt_owners( SNUM(conn), &user, &grp, security_info_sent, psd); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; > } > > /* > * Do we need to chown ? > */ > >- if (((user != (uid_t)-1) && (orig_uid != user)) || (( grp != (gid_t)-1) && (orig_gid != grp))) { >- need_chown = True; >- } >- >- /* >- * Chown before setting ACL only if we don't change the user, or >- * if we change to the current user, but not if we want to give away >- * the file. >- */ >- >- if (need_chown && (user == (uid_t)-1 || user == current_user.ut.uid)) { >+ if (((user != (uid_t)-1) && (sbuf.st_uid != user)) || (( grp != (gid_t)-1) && (sbuf.st_gid != grp))) { > > DEBUG(3,("set_nt_acl: chown %s. uid = %u, gid = %u.\n", > fsp->fsp_name, (unsigned int)user, (unsigned int)grp )); >@@ -3152,7 +3359,10 @@ > if(try_chown( fsp->conn, fsp->fsp_name, user, grp) == -1) { > DEBUG(3,("set_nt_acl: chown %s, %u, %u failed. Error = %s.\n", > fsp->fsp_name, (unsigned int)user, (unsigned int)grp, strerror(errno) )); >- return False; >+ if (errno == EPERM) { >+ return NT_STATUS_INVALID_OWNER; >+ } >+ return map_nt_error_from_unix(errno); > } > > /* >@@ -3162,32 +3372,39 @@ > > if(fsp->is_directory) { > if(SMB_VFS_STAT(fsp->conn, fsp->fsp_name, &sbuf) != 0) { >- return False; >+ return map_nt_error_from_unix(errno); > } > } else { > > int ret; >- >+ > if(fsp->fh->fd == -1) > ret = SMB_VFS_STAT(fsp->conn, fsp->fsp_name, &sbuf); > else > ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf); >- >+ > if(ret != 0) >- return False; >+ return map_nt_error_from_unix(errno); > } > > /* Save the original elements we check against. */ > orig_mode = sbuf.st_mode; >- orig_uid = sbuf.st_uid; >- orig_gid = sbuf.st_gid; >- >- /* We did it, don't try again */ >- need_chown = False; > } > > create_file_sids(&sbuf, &file_owner_sid, &file_grp_sid); > >+ if ((security_info_sent & DACL_SECURITY_INFORMATION) && >+ psd->dacl != NULL && >+ (psd->type & (SE_DESC_DACL_AUTO_INHERITED| >+ SE_DESC_DACL_AUTO_INHERIT_REQ))== >+ (SE_DESC_DACL_AUTO_INHERITED| >+ SE_DESC_DACL_AUTO_INHERIT_REQ) ) { >+ status = append_parent_acl(fsp, &sbuf, psd, &psd); >+ if (!NT_STATUS_IS_OK(status)) { >+ return status; >+ } >+ } >+ > acl_perms = unpack_canon_ace( fsp, &sbuf, &file_owner_sid, &file_grp_sid, > &file_ace_list, &dir_ace_list, security_info_sent, psd); > >@@ -3198,7 +3415,7 @@ > DEBUG(3,("set_nt_acl: cannot set permissions\n")); > free_canon_ace_list(file_ace_list); > free_canon_ace_list(dir_ace_list); >- return False; >+ return NT_STATUS_ACCESS_DENIED; > } > > /* >@@ -3221,7 +3438,7 @@ > DEBUG(3,("set_nt_acl: failed to set file acl on file %s (%s).\n", fsp->fsp_name, strerror(errno) )); > free_canon_ace_list(file_ace_list); > free_canon_ace_list(dir_ace_list); >- return False; >+ return map_nt_error_from_unix(errno); > } > } > >@@ -3231,7 +3448,7 @@ > DEBUG(3,("set_nt_acl: failed to set default acl on directory %s (%s).\n", fsp->fsp_name, strerror(errno) )); > free_canon_ace_list(file_ace_list); > free_canon_ace_list(dir_ace_list); >- return False; >+ return map_nt_error_from_unix(errno); > } > } else { > >@@ -3256,7 +3473,7 @@ > DEBUG(3,("set_nt_acl: sys_acl_delete_def_file failed (%s)\n", strerror(errno))); > free_canon_ace_list(file_ace_list); > free_canon_ace_list(dir_ace_list); >- return False; >+ return map_nt_error_from_unix(errno); > } > } > } >@@ -3279,7 +3496,7 @@ > free_canon_ace_list(dir_ace_list); > DEBUG(3,("set_nt_acl: failed to convert file acl to posix permissions for file %s.\n", > fsp->fsp_name )); >- return False; >+ return NT_STATUS_ACCESS_DENIED; > } > > if (orig_mode != posix_perms) { >@@ -3304,7 +3521,7 @@ > fsp->fsp_name, (unsigned int)posix_perms, strerror(errno) )); > free_canon_ace_list(file_ace_list); > free_canon_ace_list(dir_ace_list); >- return False; >+ return map_nt_error_from_unix(errno); > } > } > } >@@ -3315,20 +3532,7 @@ > free_canon_ace_list(dir_ace_list); > } > >- /* Any chown pending? */ >- if (need_chown) { >- >- DEBUG(3,("set_nt_acl: chown %s. uid = %u, gid = %u.\n", >- fsp->fsp_name, (unsigned int)user, (unsigned int)grp )); >- >- if(try_chown( fsp->conn, fsp->fsp_name, user, grp) == -1) { >- DEBUG(3,("set_nt_acl: chown %s, %u, %u failed. Error = %s.\n", >- fsp->fsp_name, (unsigned int)user, (unsigned int)grp, strerror(errno) )); >- return False; >- } >- } >- >- return True; >+ return NT_STATUS_OK; > } > > /**************************************************************************** > >--- branches/SAMBA_3_0_26/source/modules/vfs_default.c 2007/05/23 23:55:12 23105 >+++ branches/SAMBA_3_0_26/source/modules/vfs_default.c 2007/06/26 22:49:10 23620 >@@ -943,9 +943,9 @@ > return result; > } > >-static BOOL vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd) >+static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info_sent, SEC_DESC *psd) > { >- BOOL result; >+ NTSTATUS result; > > START_PROFILE(fset_nt_acl); > result = set_nt_acl(fsp, security_info_sent, psd); >@@ -953,9 +953,9 @@ > return result; > } > >-static BOOL vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd) >+static NTSTATUS vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd) > { >- BOOL result; >+ NTSTATUS result; > > START_PROFILE(set_nt_acl); > result = set_nt_acl(fsp, security_info_sent, psd); > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2818">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 4308
:
2780
|
2814
| 2818 |
2957
|
3733
|
3750
|
3751
|
3882
|
3883
|
3884
|
3885
|
3886
|
3887