class Puppet::Util::Windows::SecurityDescriptor

Windows Security Descriptor

Represents a security descriptor that can be applied to any Windows securable object, e.g. file, registry key, service, etc. It consists of an owner, group, flags, DACL, and SACL. The SACL is not currently supported, though it has the same layout as a DACL.

@see msdn.microsoft.com/en-us/library/windows/desktop/aa379563(v=vs.85).aspx @api private

Attributes

dacl[R]
group[R]
owner[R]
protect[RW]

Public Class Methods

new(owner, group, dacl, protect = false) click to toggle source

Construct a security descriptor

@param owner [String] The SID of the owner, e.g. 'S-1-5-18' @param group [String] The SID of the group @param dacl [AccessControlList] The ACL specifying the rights granted to each user for accessing the object that the security descriptor refers to. @param protect [Boolean] If true, then inheritable access control entries will be blocked, and not applied to the object.

   # File lib/puppet/util/windows/security_descriptor.rb
25 def initialize(owner, group, dacl, protect = false)
26   @owner = owner
27   @group = group
28   @dacl = dacl
29   @protect = protect
30 end

Public Instance Methods

group=(new_group) click to toggle source

Set the group. Non-inherited access control entries assigned to the current group will be assigned to the new group.

@param new_group [String] The SID of the new group, e.g. 'S-1-0-0'

   # File lib/puppet/util/windows/security_descriptor.rb
47 def group=(new_group)
48   if @group != new_group
49     @dacl.reassign!(@group, new_group)
50     @group = new_group
51   end
52 end
inspect() click to toggle source
   # File lib/puppet/util/windows/security_descriptor.rb
54 def inspect
55   str = sid_to_name(owner)
56   str << "\n"
57   str << sid_to_name(group)
58   str << "\n"
59   str << @dacl.inspect
60   str
61 end
owner=(new_owner) click to toggle source

Set the owner. Non-inherited access control entries assigned to the current owner will be assigned to the new owner.

@param new_owner [String] The SID of the new owner, e.g. 'S-1-5-18'

   # File lib/puppet/util/windows/security_descriptor.rb
36 def owner=(new_owner)
37   if @owner != new_owner
38     @dacl.reassign!(@owner, new_owner)
39     @owner = new_owner
40   end
41 end