Fix for issue 888, 880 (#211)

fix for PowerShell/Win32-OpenSSH#888
Add systemid as FullAccessNeeded
fix for PowerShell/Win32-OpenSSH#880
This commit is contained in:
Yanbing 2017-09-28 14:55:40 -07:00 committed by Manoj Ampalam
parent afb81c082d
commit e649e8f926
2 changed files with 10 additions and 10 deletions

View File

@ -112,7 +112,7 @@ function Repair-SshdConfigPermission
[ValidateNotNullOrEmpty()]
[string]$FilePath)
Repair-FilePermission -Owners $systemSid,$adminsSid -ReadAccessNeeded $sshdSid @psBoundParameters
Repair-FilePermission -Owners $systemSid,$adminsSid -FullAccessNeeded $systemSid -ReadAccessNeeded $sshdSid @psBoundParameters
}
<#
@ -175,7 +175,7 @@ function Repair-AuthorizedKeyPermission
if($profileItem)
{
$userSid = $profileItem.PSChildName
Repair-FilePermission -Owners $userSid,$adminsSid,$systemSid -AnyAccessOK $userSid -ReadAccessNeeded $sshdSid @psBoundParameters
Repair-FilePermission -Owners $userSid,$adminsSid,$systemSid -AnyAccessOK $userSid -FullAccessNeeded $systemSid -ReadAccessNeeded $sshdSid @psBoundParameters
}
else
@ -332,7 +332,7 @@ function Repair-FilePermissionInternal {
{
$realReadAccessNeeded = @($everyoneSid)
}
#this is orginal list requested by the user, the account will be removed from the list if they already part of the dacl
#this is original list requested by the user, the account will be removed from the list if they already part of the dacl
if($realReadAccessNeeded)
{
$realReadAccessNeeded = $realReadAccessNeeded | ? { ($_ -ne $null) -and ($realFullAccessNeeded -notcontains $_) }

View File

@ -220,20 +220,20 @@ namespace MyLsaWrapper
}
}
'@
$references = @()
if(($psversiontable.Containskey("psedition")) -and ($psversiontable.PSEdition -ieq "core"))
{
$references = "System.Security.Principal.Windows", "Microsoft.Win32.Primitives"
}
$references = @("System.Security.Principal.Windows", "Microsoft.Win32.Primitives")
try {
$null = [MyLsaWrapper.LsaWrapperCaller]
}
catch {
$types = Add-Type $definition -ref $references -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
try {
$types = Add-Type $definition -ref $references -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
}
catch {
$types = Add-Type $definition -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
}
}
function Add-Privilege
{
param(