Class: Puppet::Util::Windows::SecurityDescriptor Private

Inherits:

Object

• Object
• Puppet::Util::Windows::SecurityDescriptor

Includes:

SID

Defined in:

lib/puppet/util/windows/security_descriptor.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Windows Security Descriptor

Represents a security descriptor that can be applied to any Windows securable object, e.g. file, registry key, service, etc. It consists of an owner, group, flags, DACL, and SACL. The SACL is not currently supported, though it has the same layout as a DACL.

See Also:

• https://msdn.microsoft.com/en-us/library/windows/desktop/aa379563(v=vs.85).aspx

Constant Summary

Constants included from SID

Puppet::Util::Windows::SID::AccountOperators, Puppet::Util::Windows::SID::AllAppPackages, Puppet::Util::Windows::SID::Anonymous, Puppet::Util::Windows::SID::AuthenticatedUsers, Puppet::Util::Windows::SID::BackupOperators, Puppet::Util::Windows::SID::Batch, Puppet::Util::Windows::SID::BuiltinAdministrators, Puppet::Util::Windows::SID::BuiltinUsers, Puppet::Util::Windows::SID::Creator, Puppet::Util::Windows::SID::CreatorGroup, Puppet::Util::Windows::SID::CreatorGroupServer, Puppet::Util::Windows::SID::CreatorOwner, Puppet::Util::Windows::SID::CreatorOwnerServer, Puppet::Util::Windows::SID::Dialup, Puppet::Util::Windows::SID::ERROR_INVALID_SID_STRUCTURE, Puppet::Util::Windows::SID::ERROR_NONE_MAPPED, Puppet::Util::Windows::SID::ERROR_TRUSTED_DOMAIN_FAILURE, Puppet::Util::Windows::SID::ERROR_TRUSTED_RELATIONSHIP_FAILURE, Puppet::Util::Windows::SID::EnterpriseDomainControllers, Puppet::Util::Windows::SID::Everyone, Puppet::Util::Windows::SID::Guests, Puppet::Util::Windows::SID::Interactive, Puppet::Util::Windows::SID::Local, Puppet::Util::Windows::SID::LocalSystem, Puppet::Util::Windows::SID::MAXIMUM_SID_STRING_LENGTH, Puppet::Util::Windows::SID::Network, Puppet::Util::Windows::SID::Nobody, Puppet::Util::Windows::SID::NonUnique, Puppet::Util::Windows::SID::Nt, Puppet::Util::Windows::SID::NtLocal, Puppet::Util::Windows::SID::NtNetwork, Puppet::Util::Windows::SID::Null, Puppet::Util::Windows::SID::PowerUsers, Puppet::Util::Windows::SID::PrincipalSelf, Puppet::Util::Windows::SID::PrintOperators, Puppet::Util::Windows::SID::Proxy, Puppet::Util::Windows::SID::Replicators, Puppet::Util::Windows::SID::RestrictedCode, Puppet::Util::Windows::SID::ServerOperators, Puppet::Util::Windows::SID::Service, Puppet::Util::Windows::SID::TerminalServerUsers, Puppet::Util::Windows::SID::World

Instance Attribute Summary

• #dacl ⇒ Object readonly private
• #group ⇒ Object private
• #owner ⇒ Object private
• #protect ⇒ Object private

Instance Method Summary

• #initialize(owner, group, dacl, protect = false) ⇒ SecurityDescriptor constructor private

  Construct a security descriptor.

• #inspect ⇒ Object private

Methods included from SID

ads_to_principal, get_length_sid, name_to_principal, name_to_sid, octet_string_to_principal, octet_string_to_sid_string, sid_ptr_to_string, sid_to_name, string_to_sid_ptr, unresolved_principal, valid_sid?

Constructor Details

#initialize(owner, group, dacl, protect = false) ⇒ SecurityDescriptor

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Construct a security descriptor

each user for accessing the object that the security descriptor refers to. entries will be blocked, and not applied to the object.

Parameters:

• owner (String) —

  The SID of the owner, e.g. ‘S-1-5-18’

• group (String) —

  The SID of the group

• dacl (AccessControlList) —

  The ACL specifying the rights granted to

• protect (Boolean) (defaults to: false) —

  If true, then inheritable access control

# File 'lib/puppet/util/windows/security_descriptor.rb', line 27

def initialize(owner, group, dacl, protect = false)
  @owner = owner
  @group = group
  @dacl = dacl
  @protect = protect
end

Instance Attribute Details

#dacl ⇒ Object (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def dacl
  @dacl
end

#group ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def group
  @group
end

#owner ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def owner
  @owner
end

#protect ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 17

def protect
  @protect
end

Instance Method Details

#inspect ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/util/windows/security_descriptor.rb', line 56

def inspect
  str = sid_to_name(owner)
  str << "\n"
  str << sid_to_name(group)
  str << "\n"
  str << @dacl.inspect
  str
end