diff options
| author | Jeremy Allison <jra@samba.org> | 2011-09-02 14:59:31 -0700 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2011-10-08 19:53:15 +0200 |
| commit | cd5d9a5c8fb0660835d60479fb783e4f7cae743f (patch) | |
| tree | 46e975f8b851c5fae10b113d762acc61c486f4a5 | |
| parent | 4b26ffd1ea430b2cc612884c8ba194498a64932b (diff) | |
| download | samba-cd5d9a5c8fb0660835d60479fb783e4f7cae743f.tar.gz samba-cd5d9a5c8fb0660835d60479fb783e4f7cae743f.tar.xz samba-cd5d9a5c8fb0660835d60479fb783e4f7cae743f.zip | |
Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect
and causes the POSIX ACL ACL_USER_OBJ duplication.
| -rw-r--r-- | source3/smbd/posix_acls.c | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 714a4d34996..6f51e31ad63 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -1526,50 +1526,6 @@ static void check_owning_objs(canon_ace *ace, DOM_SID *pfile_owner_sid, DOM_SID } /**************************************************************************** - If an ACE entry is SMB_ACL_USER_OBJ and not CREATOR_OWNER, map to SMB_ACL_USER. - If an ACE entry is SMB_ACL_GROUP_OBJ and not CREATOR_GROUP, map to SMB_ACL_GROUP -****************************************************************************/ - -static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace) -{ - /* dir ace must be followings. - SMB_ACL_USER_OBJ : trustee(CREATOR_OWNER) -> Posix ACL d:u::perm - SMB_ACL_USER : not trustee -> Posix ACL u:user:perm - SMB_ACL_USER_OBJ : trustee -> convert to SMB_ACL_USER : trustee - Posix ACL u:trustee:perm - - SMB_ACL_GROUP_OBJ: trustee(CREATOR_GROUP) -> Posix ACL d:g::perm - SMB_ACL_GROUP : not trustee -> Posix ACL g:group:perm - SMB_ACL_GROUP_OBJ: trustee -> convert to SMB_ACL_GROUP : trustee - Posix ACL g:trustee:perm - */ - - if (ace->type == SMB_ACL_USER_OBJ && - !(sid_equal(&ace->trustee, &global_sid_Creator_Owner))) { - canon_ace *dup_ace = dup_canon_ace(ace); - - if (dup_ace == NULL) { - return false; - } - dup_ace->type = SMB_ACL_USER; - DLIST_ADD_END(dir_ace, dup_ace, canon_ace *); - } - - if (ace->type == SMB_ACL_GROUP_OBJ && - !(sid_equal(&ace->trustee, &global_sid_Creator_Group))) { - canon_ace *dup_ace = dup_canon_ace(ace); - - if (dup_ace == NULL) { - return false; - } - dup_ace->type = SMB_ACL_GROUP; - DLIST_ADD_END(dir_ace, dup_ace, canon_ace *); - } - - return true; -} - -/**************************************************************************** Unpack a SEC_DESC into two canonical ace lists. ****************************************************************************/ @@ -1820,34 +1776,6 @@ static bool create_canon_ace_lists(files_struct *fsp, } /* - * We have a lossy mapping: directory ACE entries - * CREATOR_OWNER ------\ - * (map to) +---> SMB_ACL_USER_OBJ - * owning sid ------/ - * - * CREATOR_GROUP ------\ - * (map to) +---> SMB_ACL_GROUP_OBJ - * primary group sid --/ - * - * on set. And on read of a directory ACL - * - * SMB_ACL_USER_OBJ ----> CREATOR_OWNER - * SMB_ACL_GROUP_OBJ ---> CREATOR_GROUP. - * - * Deal with this on set by duplicating - * owning sid and primary group sid ACE - * entries into the directory ACL. - * Fix from Tsukasa Hamano <hamano@osstech.co.jp>. - */ - - if (!dup_owning_ace(dir_ace, current_ace)) { - DEBUG(0,("create_canon_ace_lists: malloc fail !\n")); - free_canon_ace_list(file_ace); - free_canon_ace_list(dir_ace); - return false; - } - - /* * If this is not an inherit only ACE we need to add a duplicate * to the file acl. */ |