diff options
| author | Jeremy Allison <jra@samba.org> | 2007-02-07 19:43:44 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:17:48 -0500 |
| commit | 470a4dc30874b00c599806cb6dbc06fe2775144c (patch) | |
| tree | 92a7df27f096efefb57b861fbefefbb37b2790be /source/smbd/posix_acls.c | |
| parent | 92fdb1193de8e7c857603e4fcd4a92b9a0a0f3bd (diff) | |
| download | samba-470a4dc30874b00c599806cb6dbc06fe2775144c.tar.gz samba-470a4dc30874b00c599806cb6dbc06fe2775144c.tar.xz samba-470a4dc30874b00c599806cb6dbc06fe2775144c.zip | |
r21223: Try and fix bug #4361 - Vista backup fails.
Based on work from Joe Meadows <jameadows@webopolis.com>.
One for the Vista patchset.
Jeremy.
Diffstat (limited to 'source/smbd/posix_acls.c')
| -rw-r--r-- | source/smbd/posix_acls.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c index 630e270de35..50038dd464c 100644 --- a/source/smbd/posix_acls.c +++ b/source/smbd/posix_acls.c @@ -658,6 +658,7 @@ static int map_acl_perms_to_permset(connection_struct *conn, mode_t mode, SMB_AC } return 0; } + /**************************************************************************** Function to create owner and group SIDs from a SMB_STRUCT_STAT. ****************************************************************************/ @@ -669,6 +670,27 @@ static void create_file_sids(SMB_STRUCT_STAT *psbuf, DOM_SID *powner_sid, DOM_SI } /**************************************************************************** + Is the identity in two ACEs equal ? Check both SID and uid/gid. +****************************************************************************/ + +static BOOL identity_in_ace_equal(canon_ace *ace1, canon_ace *ace2) +{ + if (sid_equal(&ace1->trustee, &ace2->trustee)) { + return True; + } + if (ace1->owner_type == ace2->owner_type) { + if (ace1->owner_type == UID_ACE && + ace1->unix_ug.uid == ace2->unix_ug.uid) { + return True; + } else if (ace1->owner_type == GID_ACE && + ace1->unix_ug.gid == ace2->unix_ug.gid) { + return True; + } + } + return False; +} + +/**************************************************************************** Merge aces with a common sid - if both are allow or deny, OR the permissions together and delete the second one. If the first is deny, mask the permissions off and delete the allow if the permissions become zero, delete the deny if the permissions are non zero. @@ -695,7 +717,7 @@ static void merge_aces( canon_ace **pp_list_head ) curr_ace_next = curr_ace->next; /* Save the link in case of delete. */ - if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) && + if (identity_in_ace_equal(curr_ace, curr_ace_outer) && (curr_ace->attr == curr_ace_outer->attr)) { if( DEBUGLVL( 10 )) { @@ -735,7 +757,7 @@ static void merge_aces( canon_ace **pp_list_head ) * we've put on the ACL, we know the deny must be the first one. */ - if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) && + if (identity_in_ace_equal(curr_ace, curr_ace_outer) && (curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) { if( DEBUGLVL( 10 )) { |