-again:
- if (securityInformation == 0)
- return 0;
- if (SetSecurityInfo(hFile, SE_FILE_OBJECT,
- securityInformation, owner, group, dacl, sacl))
- return 0;
- err = GetLastError();
- if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS)
- goto fail;
- switch (err) {
- case ERROR_PRIVILEGE_NOT_HELD:
- if (securityInformation & SACL_SECURITY_INFORMATION) {
- n = args->num_set_sacl_priv_notheld++;
- securityInformation &= ~SACL_SECURITY_INFORMATION;
- sacl = NULL;
- if (n < MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
- WARNING(
-"We don't have enough privileges to set the full security\n"
-" descriptor on \"%ls\"!\n", path);
- if (args->num_set_sd_access_denied +
- args->num_set_sacl_priv_notheld == 1)
- {
- WARNING("%ls", apply_access_denied_msg);
- }
- WARNING("Re-trying with SACL omitted.\n", path);
- } else if (n == MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
- WARNING(
-"Suppressing further 'privileges not held' error messages when setting\n"
-" security descriptors.");
- }
- goto again;
- }
- /* Fall through */
- case ERROR_INVALID_OWNER:
- case ERROR_ACCESS_DENIED:
- n = args->num_set_sd_access_denied++;
- if (n < MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
- WARNING("Failed to set security descriptor on \"%ls\": "
- "Access denied!\n", path);
- if (args->num_set_sd_access_denied +
- args->num_set_sacl_priv_notheld == 1)
- {
- WARNING("%ls", apply_access_denied_msg);
- }
- } else if (n == MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
- WARNING(
-"Suppressing further access denied error messages when setting\n"
-" security descriptors");
- }
- return 0;
- default:
-fail:
- ERROR("Failed to set security descriptor on \"%ls\"", path);
- win32_error(err);
- if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
- return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
- else
- return WIMLIB_ERR_WRITE;
- }