The branch, v3-4-ctdb has been updated via d6fd406056bc92641a2da3576952e71294f4ffe4 (commit) from d78f5d205ca8ae8d0aa85bdf3eb4c1a748b35f00 (commit)
http://gitweb.samba.org/?p=obnox/samba-ctdb.git;a=shortlog;h=v3-4-ctdb - Log ----------------------------------------------------------------- commit d6fd406056bc92641a2da3576952e71294f4ffe4 Author: Christian Ambach <christian.amb...@de.ibm.com> Date: Sun Jul 5 16:03:15 2009 +0200 do not merge ACEs with different SMB_ACE4_INHERIT_ONLY_ACE flag, this leads to wrong inheritance flags in the ACL e.g. (on GPFS) user:10000036:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED group:10000005:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED would be merged to user:10000036:rwxc:allow:FileInherit:DirInherit:InheritOnly (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED group:10000005:rwxc:allow:FileInherit:DirInherit:InheritOnly (X)READ/LIST (X)WRITE/CREATE (X)MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (X)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED so the explicit right for the user on the parent directory will be gone (the InheritOnly flag only accounts to subdirectories) thus leaving the user without access to the directory itself Signed-off-by: Christian Ambach <christian.amb...@de.ibm.com> (cherry picked from commit 5e7da42f6ea768a1e2eeeb15b8b2c41cdfcac94f) Signed-off-by: Michael Adam <ob...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/modules/nfs4_acls.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index a31d8de..01691a8 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -433,8 +433,15 @@ static SMB_ACE4PROP_T *smbacl4_find_equal_special( for(aceint = aclint->first; aceint!=NULL; aceint=(SMB_ACE4_INT_T *)aceint->next) { SMB_ACE4PROP_T *ace = &aceint->prop; + DEBUG(10,("ace type:0x%x flags:0x%x aceFlags:0x%x " + "new type:0x%x flags:0x%x aceFlags:0x%x\n", + ace->aceType, ace->flags, ace->aceFlags, + aceNew->aceType, aceNew->flags,aceNew->aceFlags)); + if (ace->flags == aceNew->flags && ace->aceType==aceNew->aceType && + ((ace->aceFlags&SMB_ACE4_INHERIT_ONLY_ACE)== + (aceNew->aceFlags&SMB_ACE4_INHERIT_ONLY_ACE)) && (ace->aceFlags&SMB_ACE4_IDENTIFIER_GROUP)== (aceNew->aceFlags&SMB_ACE4_IDENTIFIER_GROUP) ) { -- SAMBA-CTDB repository