From 2d647173bb2056dfd87a184ac2b6e5ded660a466 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Thu, 9 Apr 2009 09:19:03 +0000
Subject: 	* fhandler_disk_file.cc (fhandler_disk_file::fchown): Catch an
 	error when changing the user account on a standalone Samba server. 
 Explain why. 	* sec_acl.cc (setacl): Accommodate additional parameter to
 set_file_sd. 	* sec_helper.cc (SECURITY_SAMBA_UNIX_AUTHORITY): Define. 
 (well_known_samba_unix_user_fake_sid): Define. 	* security.cc
 (set_file_sd): Take additional parameter if ownership 	should be changed. 
 Restrict requested permissions accordingly. 	(set_file_attribute):
 Accommodate additional parameter to set_file_sd. 	* security.h
 (well_known_samba_unix_user_fake_sid): Declare. 	(set_file_sd): Align
 declaration to above change.

---
 winsup/cygwin/sec_helper.cc | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'winsup/cygwin/sec_helper.cc')

diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc
index 1e1657e01..63be25c5d 100644
--- a/winsup/cygwin/sec_helper.cc
+++ b/winsup/cygwin/sec_helper.cc
@@ -67,6 +67,10 @@ MKSID (mandatory_high_integrity_sid, "S-1-16-12288",
        SECURITY_MANDATORY_LABEL_AUTHORITY, 1, SECURITY_MANDATORY_HIGH_RID);
 MKSID (mandatory_system_integrity_sid, "S-1-16-16384",
        SECURITY_MANDATORY_LABEL_AUTHORITY, 1, SECURITY_MANDATORY_SYSTEM_RID);
+/* UNIX accounts on a Samba server have the SID prefix "S-1-22-1" */
+#define SECURITY_SAMBA_UNIX_AUTHORITY {0,0,0,0,0,22}
+MKSID (well_known_samba_unix_user_fake_sid, "S-1-22-1-0",
+       SECURITY_SAMBA_UNIX_AUTHORITY, 2, 1, 0);
 
 bool
 cygpsid::operator== (const char *nsidstr) const
-- 
cgit v1.2.3