summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xsource3/configure4
-rw-r--r--source3/configure.in4
-rw-r--r--source3/include/config.h.in6
-rw-r--r--source3/include/includes.h8
-rw-r--r--source3/param/loadparm.c4
-rw-r--r--source3/profile/profile.c2
-rw-r--r--source3/smbd/posix_acls.c6
-rw-r--r--source3/utils/torture.c2
8 files changed, 28 insertions, 8 deletions
diff --git a/source3/configure b/source3/configure
index 8f0863d9c9..33cb805bb6 100755
--- a/source3/configure
+++ b/source3/configure
@@ -2456,7 +2456,7 @@ else
fi
done
-for ac_hdr in sys/param.h ctype.h sys/un.h sys/wait.h sys/resource.h sys/ioctl.h sys/mode.h
+for ac_hdr in sys/param.h ctype.h sys/un.h sys/wait.h sys/resource.h sys/ioctl.h sys/ipc.h sys/mode.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
@@ -2496,7 +2496,7 @@ else
fi
done
-for ac_hdr in sys/mman.h sys/filio.h sys/priv.h string.h strings.h stdlib.h sys/socket.h
+for ac_hdr in sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
diff --git a/source3/configure.in b/source3/configure.in
index 3083901f72..82b30b562a 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -248,8 +248,8 @@ AC_HEADER_SYS_WAIT
AC_CHECK_HEADERS(arpa/inet.h sys/fcntl.h sys/select.h fcntl.h sys/time.h sys/unistd.h)
AC_CHECK_HEADERS(unistd.h utime.h grp.h sys/id.h limits.h memory.h net/if.h)
AC_CHECK_HEADERS(compat.h rpc/rpc.h rpcsvc/nis.h rpcsvc/yp_prot.h rpcsvc/ypclnt.h)
-AC_CHECK_HEADERS(sys/param.h ctype.h sys/un.h sys/wait.h sys/resource.h sys/ioctl.h sys/mode.h)
-AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h string.h strings.h stdlib.h sys/socket.h)
+AC_CHECK_HEADERS(sys/param.h ctype.h sys/un.h sys/wait.h sys/resource.h sys/ioctl.h sys/ipc.h sys/mode.h)
+AC_CHECK_HEADERS(sys/mman.h sys/filio.h sys/priv.h sys/shm.h string.h strings.h stdlib.h sys/socket.h)
AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h termio.h)
AC_CHECK_HEADERS(sys/termio.h sys/statfs.h sys/dustat.h sys/statvfs.h stdarg.h sys/sockio.h)
#
diff --git a/source3/include/config.h.in b/source3/include/config.h.in
index 5904cece6d..ce57f968d2 100644
--- a/source3/include/config.h.in
+++ b/source3/include/config.h.in
@@ -876,6 +876,9 @@
/* Define if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
+/* Define if you have the <sys/ipc.h> header file. */
+#undef HAVE_SYS_IPC_H
+
/* Define if you have the <sys/mman.h> header file. */
#undef HAVE_SYS_MMAN_H
@@ -903,6 +906,9 @@
/* Define if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
+/* Define if you have the <sys/shm.h> header file. */
+#undef HAVE_SYS_SHM_H
+
/* Define if you have the <sys/socket.h> header file. */
#undef HAVE_SYS_SOCKET_H
diff --git a/source3/include/includes.h b/source3/include/includes.h
index e2edb512ae..5988393588 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -357,6 +357,14 @@
#endif
#endif /* HAVE_NETGROUP */
+#if defined(HAVE_SYS_IPC_H)
+#include <sys/ipc.h>
+#endif /* HAVE_SYS_IPC_H */
+
+#if defined(HAVE_SYS_SHM_H)
+#include <sys/shm.h>
+#endif /* HAVE_SYS_SHM_H */
+
/*
* Define VOLATILE if needed.
*/
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 75468ab074..50e2450684 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -395,6 +395,7 @@ typedef struct
BOOL bBlockingLocks;
BOOL bInheritPerms;
BOOL bMSDfsRoot;
+ BOOL bRestrictAclWithMask;
char dummy[3]; /* for alignment */
}
@@ -508,6 +509,7 @@ static service sDefault = {
True, /* bBlockingLocks */
False, /* bInheritPerms */
False, /* bMSDfsRoot */
+ False, /* bRestrictAclWithMask */
"" /* dummy */
};
@@ -791,6 +793,7 @@ static struct parm_struct parm_table[] = {
{"nt smb support", P_BOOL, P_GLOBAL, &Globals.bNTSmbSupport, NULL, NULL, 0},
{"nt pipe support", P_BOOL, P_GLOBAL, &Globals.bNTPipeSupport, NULL, NULL, 0},
{"nt acl support", P_BOOL, P_GLOBAL, &Globals.bNTAclSupport, NULL, NULL, 0},
+ {"restrict acl with mask", P_BOOL, P_LOCAL, &sDefault.bRestrictAclWithMask, NULL, NULL, FLAG_SHARE},
{"announce version", P_STRING, P_GLOBAL, &Globals.szAnnounceVersion, NULL, NULL, 0},
{"announce as", P_ENUM, P_GLOBAL, &Globals.announce_as, NULL, enum_announce_as, 0},
{"max mux", P_INTEGER, P_GLOBAL, &Globals.max_mux, NULL, NULL, 0},
@@ -1674,6 +1677,7 @@ FN_LOCAL_BOOL(lp_dos_filetime_resolution, bDosFiletimeResolution)
FN_LOCAL_BOOL(lp_fake_dir_create_times, bFakeDirCreateTimes)
FN_LOCAL_BOOL(lp_blocking_locks, bBlockingLocks)
FN_LOCAL_BOOL(lp_inherit_perms, bInheritPerms)
+FN_LOCAL_BOOL(lp_restrict_acl_with_mask, bRestrictAclWithMask)
FN_LOCAL_INTEGER(lp_create_mask, iCreate_mask)
FN_LOCAL_INTEGER(lp_force_create_mode, iCreate_force_mode)
FN_LOCAL_INTEGER(_lp_security_mask, iSecurity_mask)
diff --git a/source3/profile/profile.c b/source3/profile/profile.c
index a00769cb46..20ad8531d8 100644
--- a/source3/profile/profile.c
+++ b/source3/profile/profile.c
@@ -22,8 +22,6 @@
#include "includes.h"
-#include <sys/shm.h>
-
extern int DEBUGLEVEL;
#define IPC_PERMS ((SHM_R | SHM_W) | (SHM_R>>3) | (SHM_R>>6))
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 0c613e8835..bf8716d713 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -468,6 +468,9 @@ static mode_t apply_default_perms(files_struct *fsp, mode_t perms, mode_t type)
mode_t and_bits = (mode_t)0;
mode_t or_bits = (mode_t)0;
+ if (!lp_restrict_acl_with_mask(snum))
+ return perms;
+
/* Get the initial bits to apply. */
if (fsp->is_directory) {
@@ -1173,6 +1176,9 @@ static mode_t create_default_mode(files_struct *fsp, BOOL interitable_mode)
if (fsp->is_directory)
mode |= (S_IWUSR|S_IXUSR);
+ if (!lp_restrict_acl_with_mask(snum))
+ return mode;
+
/*
* Now AND with the create mode/directory mode bits then OR with the
* force create mode/force directory mode bits.
diff --git a/source3/utils/torture.c b/source3/utils/torture.c
index 871e2adfc3..fe22b60a89 100644
--- a/source3/utils/torture.c
+++ b/source3/utils/torture.c
@@ -22,8 +22,6 @@
#define NO_SYSLOG
#include "includes.h"
-#include <sys/ipc.h>
-#include <sys/shm.h>
static fstring host, workgroup, share, password, username, myname;
static int max_protocol = PROTOCOL_NT1;