diff options
| author | Jeremy Allison <jra@samba.org> | 2010-01-12 21:06:09 -0800 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2010-01-12 21:06:09 -0800 |
| commit | 33ee8b5a4e390f9aa43cceeec137c0ed82171340 (patch) | |
| tree | fc6031cb48ca183fcd08881a5567bf6ade6c4a49 /source3 | |
| parent | 105f876eb447e6839b9b19c2d264c4a168cf0cc9 (diff) | |
| download | samba-33ee8b5a4e390f9aa43cceeec137c0ed82171340.tar.gz samba-33ee8b5a4e390f9aa43cceeec137c0ed82171340.tar.xz samba-33ee8b5a4e390f9aa43cceeec137c0ed82171340.zip | |
Make file access control decisions a lot easier to debug (at level 10).
Jeremy.
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/smbd/file_access.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index 7d0a552956e..631efce677d 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -54,6 +54,17 @@ bool can_access_file_acl(struct connection_struct *conn, status = se_access_check(secdesc, conn->server_info->ptok, access_mask, &access_granted); ret = NT_STATUS_IS_OK(status); + + if (DEBUGLEVEL >= 10) { + DEBUG(10,("can_access_file_acl for file %s " + "access_mask 0x%x, access_granted 0x%x " + "access %s\n", + smb_fname_str_dbg(smb_fname), + (unsigned int)access_mask, + (unsigned int)access_granted, + ret ? "ALLOWED" : "DENIED" )); + NDR_PRINT_DEBUG(security_descriptor, secdesc); + } out: TALLOC_FREE(secdesc); return ret; |