Class: Puppet::Util::Windows::SecurityDescriptor Private

Inherits:

Object

• Object
• Puppet::Util::Windows::SecurityDescriptor

Includes:

SID

Defined in:

lib/puppet/util/windows/security_descriptor.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Windows Security Descriptor

Represents a security descriptor that can be applied to any Windows securable object, e.g. file, registry key, service, etc. It consists of an owner, group, flags, DACL, and SACL. The SACL is not currently supported, though it has the same layout as a DACL.

See Also:

• https://msdn.microsoft.com/en-us/library/windows/desktop/aa379563(v=vs.85).aspx

Constant Summary

Constants included from SID

Puppet::Util::Windows::SID::AccountOperators, Puppet::Util::Windows::SID::Anonymous, Puppet::Util::Windows::SID::AuthenticatedUsers, Puppet::Util::Windows::SID::BackupOperators, Puppet::Util::Windows::SID::Batch, Puppet::Util::Windows::SID::BuiltinAdministrators, Puppet::Util::Windows::SID::BuiltinUsers, Puppet::Util::Windows::SID::Creator, Puppet::Util::Windows::SID::CreatorGroup, Puppet::Util::Windows::SID::CreatorGroupServer, Puppet::Util::Windows::SID::CreatorOwner, Puppet::Util::Windows::SID::CreatorOwnerServer, Puppet::Util::Windows::SID::Dialup, Puppet::Util::Windows::SID::ERROR_INVALID_SID_STRUCTURE, Puppet::Util::Windows::SID::ERROR_NONE_MAPPED, Puppet::Util::Windows::SID::EnterpriseDomainControllers, Puppet::Util::Windows::SID::Everyone, Puppet::Util::Windows::SID::Guests, Puppet::Util::Windows::SID::Interactive, Puppet::Util::Windows::SID::Local, Puppet::Util::Windows::SID::LocalSystem, Puppet::Util::Windows::SID::MAXIMUM_SID_STRING_LENGTH, Puppet::Util::Windows::SID::Network, Puppet::Util::Windows::SID::Nobody, Puppet::Util::Windows::SID::NonUnique, Puppet::Util::Windows::SID::Nt, Puppet::Util::Windows::SID::NtLocal, Puppet::Util::Windows::SID::NtNetwork, Puppet::Util::Windows::SID::Null, Puppet::Util::Windows::SID::PowerUsers, Puppet::Util::Windows::SID::PrincipalSelf, Puppet::Util::Windows::SID::PrintOperators, Puppet::Util::Windows::SID::Proxy, Puppet::Util::Windows::SID::Replicators, Puppet::Util::Windows::SID::RestrictedCode, Puppet::Util::Windows::SID::ServerOperators, Puppet::Util::Windows::SID::Service, Puppet::Util::Windows::SID::TerminalServerUsers, Puppet::Util::Windows::SID::World

Instance Attribute Summary

• #dacl ⇒ Object readonly private
• #group ⇒ Object private
• #owner ⇒ Object private
• #protect ⇒ Object private

Instance Method Summary

• #initialize(owner, group, dacl, protect = false) ⇒ SecurityDescriptor constructor private

  Construct a security descriptor.

• #inspect ⇒ Object private

Methods included from SID

get_length_sid, name_to_sid, name_to_sid_object, octet_string_to_sid_object, sid_ptr_to_string, sid_to_name, string_to_sid_ptr, valid_sid?

Methods included from FFI::Library

#attach_function_private

Constructor Details

#initialize(owner, group, dacl, protect = false) ⇒ SecurityDescriptor

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Construct a security descriptor

each user for accessing the object that the security descriptor refers to. entries will be blocked, and not applied to the object.

Parameters:

• owner (String) —

  The SID of the owner, e.g. ‘S-1-5-18’

• group (String) —

  The SID of the group

• dacl (AccessControlList) —

  The ACL specifying the rights granted to

• protect (Boolean) (defaults to: false) —

  If true, then inheritable access control

# File 'lib/puppet/util/windows/security_descriptor.rb', line 25

def initialize(owner, group, dacl, protect = false)
  @owner = owner
  @group = group
  @dacl = dacl
  @protect = protect
end

Instance Attribute Details

#dacl ⇒ Object (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 14

def dacl
  @dacl
end

#group ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 14

def group
  @group
end

#owner ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 14

def owner
  @owner
end

#protect ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 15

def protect
  @protect
end

Instance Method Details

#inspect ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 54

def inspect
  str = sid_to_name(owner)
  str << "\n"
  str << sid_to_name(group)
  str << "\n"
  str << @dacl.inspect
  str
end