summaryrefslogtreecommitdiff
path: root/source3/modules
diff options
context:
space:
mode:
authorAlexander Werth <alexander.werth@de.ibm.com>2012-05-10 14:19:41 +0200
committerAndrew Bartlett <abartlet@samba.org>2013-05-09 06:18:21 +0200
commit877f833af4a03116daa76e6317a0675b24be972c (patch)
treef9b0d7c9ad41cde65afdac6b423766058337243b /source3/modules
parent83774a8bc23e59837181bc155d90b162008c6407 (diff)
downloadsamba-877f833af4a03116daa76e6317a0675b24be972c.tar.gz
samba-877f833af4a03116daa76e6317a0675b24be972c.tar.bz2
samba-877f833af4a03116daa76e6317a0675b24be972c.zip
s3: Mapping of cifs creator owner to nfs owner@ ace.
This is ignored in nfs4mode special for compatibility. Also ensure that we drop non inheriting creator owner aces since these don't contribute to who can access a file. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/modules')
-rw-r--r--source3/modules/nfs4_acls.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 3214a28cf0..d3b9aff8e4 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -694,6 +694,30 @@ static bool smbacl4_fill_ace4(
if (dom_sid_equal(&ace_nt->trustee, &global_sid_World)) {
ace_v4->who.special_id = SMB_ACE4_WHO_EVERYONE;
ace_v4->flags |= SMB_ACE4_ID_SPECIAL;
+ } else if (params->mode!=e_special &&
+ dom_sid_equal(&ace_nt->trustee,
+ &global_sid_Creator_Owner)) {
+ DEBUG(10, ("Map creator owner\n"));
+ ace_v4->who.special_id = SMB_ACE4_WHO_OWNER;
+ ace_v4->flags |= SMB_ACE4_ID_SPECIAL;
+ /* A non inheriting creator owner entry has no effect. */
+ ace_v4->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE;
+ if (!(ace_v4->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)
+ && !(ace_v4->aceFlags & SMB_ACE4_FILE_INHERIT_ACE)) {
+ return False;
+ }
+ } else if (params->mode!=e_special &&
+ dom_sid_equal(&ace_nt->trustee,
+ &global_sid_Creator_Group)) {
+ DEBUG(10, ("Map creator owner group\n"));
+ ace_v4->who.special_id = SMB_ACE4_WHO_GROUP;
+ ace_v4->flags |= SMB_ACE4_ID_SPECIAL;
+ /* A non inheriting creator group entry has no effect. */
+ ace_v4->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE;
+ if (!(ace_v4->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)
+ && !(ace_v4->aceFlags & SMB_ACE4_FILE_INHERIT_ACE)) {
+ return False;
+ }
} else {
uid_t uid;
gid_t gid;