The branch, master has been updated
via de710ce Revert "Part 4 of bugfix for bug #7509 - smb_acl_to_posix:
ACL is invalid for set (Invalid argument)"
from e0c5f1c s4-cracknames: use consistent search for crossRef objects
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit de710cee37dafba74ee16e5aa529f39560ecae0c
Author: Jeremy Allison <[email protected]>
Date: Wed Sep 7 22:18:18 2011 -0700
Revert "Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid
for set (Invalid argument)"
This belongs as part of the bugfix for bug #8443 - Default user entry is
set to minimal permissions on incoming ACL change with no user specified.
Not as part of #7509.
This reverts commit 2a1453e2318af77a79180f3137f8a8d3f1240233.
Autobuild-User: Jeremy Allison <[email protected]>
Autobuild-Date: Thu Sep 8 08:50:12 CEST 2011 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/posix_acls.c | 19 ++++++++-----------
1 files changed, 8 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 0be7bec..5c9c4b8 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1409,32 +1409,29 @@ static bool ensure_canon_entry_valid(connection_struct
*conn, canon_ace **pp_ace
pace->unix_ug.uid = pst->st_ex_uid;
pace->trustee = *pfile_owner_sid;
pace->attr = ALLOW_ACE;
- /* Start with existing permissions, principle of least
- surprises for the user. */
- pace->perms = pst->st_ex_mode;
if (setting_acl) {
/* See if the owning user is in any of the other groups
in
- the ACE, or if there's a matching user entry.
- If so, OR in the permissions from that entry. */
+ the ACE. If so, OR in the permissions from that
group. */
+ bool group_matched = False;
canon_ace *pace_iter;
for (pace_iter = *pp_ace; pace_iter; pace_iter =
pace_iter->next) {
- if (pace_iter->type == SMB_ACL_USER &&
- pace_iter->unix_ug.uid ==
pace->unix_ug.uid) {
- pace->perms |= pace_iter->perms;
- } else if (pace_iter->type == SMB_ACL_GROUP_OBJ
|| pace_iter->type == SMB_ACL_GROUP) {
+ if (pace_iter->type == SMB_ACL_GROUP_OBJ ||
pace_iter->type == SMB_ACL_GROUP) {
if (uid_entry_in_group(conn, pace,
pace_iter)) {
pace->perms |= pace_iter->perms;
+ group_matched = True;
}
}
}
- if (pace->perms == 0) {
- /* If we only got an "everyone" perm, just use
that. */
+ /* If we only got an "everyone" perm, just use that. */
+ if (!group_matched) {
if (got_other)
pace->perms = pace_other->perms;
+ else
+ pace->perms = 0;
}
apply_default_perms(params, is_directory, pace,
S_IRUSR);
--
Samba Shared Repository
