+ if (!secdesc_ctr->sec->owner_sid || !secdesc_ctr->sec->grp_sid) {
+ SEC_DESC_BUF *old_secdesc_ctr = NULL;
+ DOM_SID *owner_sid, *group_sid;
+ SEC_DESC *psd = NULL;
+ size_t size;
+
+ /* Get old security descriptor */
+
+ if (!nt_printing_getsec(printername, &old_secdesc_ctr)) {
+ DEBUG(0, ("could not get old security descriptor for "
+ "printer %s", printername));
+ return ERROR_INVALID_FUNCTION;
+ }
+
+ /* Pick out correct owner and group sids */
+
+ owner_sid = secdesc_ctr->sec->owner_sid ?
+ secdesc_ctr->sec->owner_sid :
+ old_secdesc_ctr->sec->owner_sid;
+
+ group_sid = secdesc_ctr->sec->grp_sid ?
+ secdesc_ctr->sec->grp_sid :
+ old_secdesc_ctr->sec->grp_sid;
+
+ /* Make a deep copy of the security descriptor */
+
+ psd = make_sec_desc(secdesc_ctr->sec->revision,
+ secdesc_ctr->sec->type,
+ owner_sid, group_sid,
+ secdesc_ctr->sec->sacl,
+ secdesc_ctr->sec->dacl,
+ &size);
+
+ new_secdesc_ctr = make_sec_desc_buf(size, psd);
+
+ /* Free up memory */
+
+ free_sec_desc(&psd);
+ free_sec_desc_buf(&old_secdesc_ctr);
+ }
+
+ if (!new_secdesc_ctr) {
+ new_secdesc_ctr = secdesc_ctr;
+ }
+
+ /* Store the security descriptor in a tdb */
+
+ prs_init(&ps, (uint32)sec_desc_size(new_secdesc_ctr->sec) +
+ sizeof(SEC_DESC_BUF), 4, MARSHALL);
+
+ if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr,
+ &ps, 1)) {
git.samba.org / kai / samba.git / commitdiff