r3995: improved the default ACL mapping from unix perms

(This used to be commit 01e89697fe837ee76fedda149e1e2b389a7d3889)

1 files changed, 11 insertions, 7 deletions

diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c
index f079857821..2ff873fd78 100644
--- a/source4/ntvfs/posix/pvfs_acl.c
+++ b/source4/ntvfs/posix/pvfs_acl.c
@@ -83,15 +83,17 @@ static NTSTATUS pvfs_default_acl(struct pvfs_state *pvfs,
 			SA_RIGHT_FILE_READ_DATA | 
 			SA_RIGHT_FILE_READ_EA |
 			SA_RIGHT_FILE_READ_ATTRIBUTES |
-			SA_RIGHT_FILE_EXECUTE;
+			SA_RIGHT_FILE_EXECUTE |
+			STD_RIGHT_SYNCHRONIZE_ACCESS |
+			STD_RIGHT_READ_CONTROL_ACCESS;
 	}
 	if (mode & S_IWUSR) {
 		access_masks[1] |= 
 			SA_RIGHT_FILE_WRITE_DATA | 
 			SA_RIGHT_FILE_APPEND_DATA |
 			SA_RIGHT_FILE_WRITE_EA |
-			SA_RIGHT_FILE_DELETE_CHILD |
-			SA_RIGHT_FILE_WRITE_ATTRIBUTES;
+			SA_RIGHT_FILE_WRITE_ATTRIBUTES |
+			STD_RIGHT_DELETE_ACCESS;
 	}
 
 	if (mode & S_IRGRP) {
@@ -99,14 +101,15 @@ static NTSTATUS pvfs_default_acl(struct pvfs_state *pvfs,
 			SA_RIGHT_FILE_READ_DATA | 
 			SA_RIGHT_FILE_READ_EA |
 			SA_RIGHT_FILE_READ_ATTRIBUTES |
-			SA_RIGHT_FILE_EXECUTE;
+			SA_RIGHT_FILE_EXECUTE |
+			STD_RIGHT_SYNCHRONIZE_ACCESS |
+			STD_RIGHT_READ_CONTROL_ACCESS;
 	}
 	if (mode & S_IWGRP) {
 		access_masks[2] |= 
 			SA_RIGHT_FILE_WRITE_DATA | 
 			SA_RIGHT_FILE_APPEND_DATA |
 			SA_RIGHT_FILE_WRITE_EA |
-			SA_RIGHT_FILE_DELETE_CHILD |
 			SA_RIGHT_FILE_WRITE_ATTRIBUTES;
 	}
 
@@ -115,14 +118,15 @@ static NTSTATUS pvfs_default_acl(struct pvfs_state *pvfs,
 			SA_RIGHT_FILE_READ_DATA | 
 			SA_RIGHT_FILE_READ_EA |
 			SA_RIGHT_FILE_READ_ATTRIBUTES |
-			SA_RIGHT_FILE_EXECUTE;
+			SA_RIGHT_FILE_EXECUTE |
+			STD_RIGHT_SYNCHRONIZE_ACCESS |
+			STD_RIGHT_READ_CONTROL_ACCESS;
 	}
 	if (mode & S_IWOTH) {
 		access_masks[3] |= 
 			SA_RIGHT_FILE_WRITE_DATA | 
 			SA_RIGHT_FILE_APPEND_DATA |
 			SA_RIGHT_FILE_WRITE_EA |
-			SA_RIGHT_FILE_DELETE_CHILD |
 			SA_RIGHT_FILE_WRITE_ATTRIBUTES;
 	}