Add in a version2 of the NT security descriptor store

that can store a timestamp along with the SD. Allows
us to check for validity against the POSIX st_ctime.
Keeps the IDL consistent with Samba3.3 IDL.
Jeremy.

diff --git a/source/librpc/idl/xattr.idl b/source/librpc/idl/xattr.idl
index 520341e6aaf1ddb9592aa46ccfbfbe3875889da1..5b3ad3aa91067ae65cb8f990c234b9613f6ff510 100644 (file)
--- a/source/librpc/idl/xattr.idl
+++ b/source/librpc/idl/xattr.idl
@@ -104,19 +104,29 @@ interface xattr
 
        /* we store the NT ACL a NTACL xattr. It is versioned so we
           can later add other acl attribs (such as posix acl mapping)
-          
+
           we put this xattr in the security namespace to ensure that
           only trusted users can write to the ACL
+
+          stored in "security.NTACL"
+
+          Version 1. raw SD stored as Samba4 does it.
+          Version 2. raw SD + last changed timestamp so we
+                     can discard if this doesn't match the POSIX st_ctime.
        */
-       const char *XATTR_NTACL_NAME = "security.NTACL";
+
+       typedef [public] struct {
+               security_descriptor *sd;
+               NTTIME last_changed;
+       } security_descriptor_timestamp;
 
        typedef [switch_type(uint16)] union {
                [case(1)] security_descriptor *sd;
+               [case(2)] security_descriptor_timestamp *sd_ts;
        } xattr_NTACL_Info;
 
        typedef [public] struct {
                uint16 version;
                [switch_is(version)] xattr_NTACL_Info info;
        } xattr_NTACL;
-
 }