diff options
author | Ralph Boehme <slow@samba.org> | 2014-10-14 13:54:05 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2014-12-04 22:11:08 +0100 |
commit | 2ab6b43da63715350db8675bd3804e64f4241bca (patch) | |
tree | 08a91de64345110ae75aabcc3a167f2feb461190 /libcli | |
parent | 549ee51674a3a50f866bcf37b3ae58f5e8a9080e (diff) | |
download | samba-2ab6b43da63715350db8675bd3804e64f4241bca.tar.gz |
libcli/security: add a function that checks for MS NFS ACEs
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/security/security_descriptor.c | 22 | ||||
-rw-r--r-- | libcli/security/security_descriptor.h | 2 |
2 files changed, 24 insertions, 0 deletions
diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c index 8304b208528..a75942c0770 100644 --- a/libcli/security/security_descriptor.c +++ b/libcli/security/security_descriptor.c @@ -595,3 +595,25 @@ struct security_ace *security_ace_create(TALLOC_CTX *mem_ctx, return ace; } + +/******************************************************************* + Check for MS NFS ACEs in a sd +*******************************************************************/ +bool security_descriptor_with_ms_nfs(const struct security_descriptor *psd) +{ + int i; + + if (psd->dacl == NULL) { + return false; + } + + for (i = 0; i < psd->dacl->num_aces; i++) { + if (dom_sid_compare_domain( + &global_sid_Unix_NFS, + &psd->dacl->aces[i].trustee) == 0) { + return true; + } + } + + return false; +} diff --git a/libcli/security/security_descriptor.h b/libcli/security/security_descriptor.h index 1c7f893ead8..87643bc945a 100644 --- a/libcli/security/security_descriptor.h +++ b/libcli/security/security_descriptor.h @@ -81,4 +81,6 @@ struct security_descriptor *create_security_descriptor(TALLOC_CTX *mem_ctx, struct dom_sid *default_group, /* valid only for DS, NULL for the other RSs */ uint32_t (*generic_map)(uint32_t access_mask)); +bool security_descriptor_with_ms_nfs(const struct security_descriptor *psd); + #endif /* __SECURITY_DESCRIPTOR_H__ */ |