diff options
| author | Andrew Tridgell <tridge@samba.org> | 1998-08-25 06:40:42 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 1998-08-25 06:40:42 +0000 |
| commit | 2c065107b149797e2a42a6c119f883d30be411eb (patch) | |
| tree | 8bc6207a508911fa09f8651fd60dfce4e63c4eac /source3/param | |
| parent | 5ae06b99c06313d1465b03d5120e7fbf6a87b9e5 (diff) | |
| download | samba-2c065107b149797e2a42a6c119f883d30be411eb.tar.gz samba-2c065107b149797e2a42a6c119f883d30be411eb.tar.bz2 samba-2c065107b149797e2a42a6c119f883d30be411eb.zip | |
changed the default permissions code to do this:
if ((sbuf->st_mode & S_IWUSR) == 0)
result |= aRONLY;
rather than the very complex user/group permissions checks we do
currently. This is equivalent ot setting "alternate permissions = yes"
in the old code. The change is motivated by three main reasons:
1) it's basically impossible to second guess whether a file is
writeable without trying to open it for writing. ACLs, root squash etc
just make it too hard.
2) setting it not RONLY if the owner can write is closer to what NT
does (eg. look at a cdrom - files are not marked read only).
3) it prevents the silly problem of copying files from a read only
share to a writeable share and then finding you can't write to them as
windows preserves the RONLY flag. Lots of people get bitten by this
when they drag a folder from a Samba drive. It also hurts some install
programs.
I have also added a new flag type for loadparm.c called
FLAG_DEPRECATED which I've set for "alternate permissions". I'll soon
add code to testparm to give a warning about deprecated options.
(This used to be commit c4363a12fdc0be329ca2bfeb1d7b89bfe90031dc)
Diffstat (limited to 'source3/param')
| -rw-r--r-- | source3/param/loadparm.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c2f7837aa8..6056187066 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -496,7 +496,7 @@ static struct parm_struct parm_table[] = {"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, 0}, {"username level", P_INTEGER, P_GLOBAL, &Globals.unamelevel, NULL, NULL, 0}, {"unix password sync", P_BOOL, P_GLOBAL, &Globals.bUnixPasswdSync, NULL, NULL, 0}, - {"alternate permissions",P_BOOL,P_LOCAL, &sDefault.bAlternatePerm, NULL, NULL, FLAG_GLOBAL}, + {"alternate permissions",P_BOOL,P_LOCAL, &sDefault.bAlternatePerm, NULL, NULL, FLAG_GLOBAL|FLAG_DEPRECATED}, {"revalidate", P_BOOL, P_LOCAL, &sDefault.bRevalidate, NULL, NULL, FLAG_GLOBAL}, {"username", P_STRING, P_LOCAL, &sDefault.szUsername, NULL, NULL, FLAG_GLOBAL}, {"user", P_STRING, P_LOCAL, &sDefault.szUsername, NULL, NULL, 0}, @@ -1205,7 +1205,6 @@ FN_LOCAL_STRING(lp_hide_files,szHideFiles) FN_LOCAL_STRING(lp_veto_oplocks,szVetoOplockFiles) FN_LOCAL_STRING(lp_driverlocation,szPrinterDriverLocation) -FN_LOCAL_BOOL(lp_alternate_permissions,bAlternatePerm) FN_LOCAL_BOOL(lp_revalidate,bRevalidate) FN_LOCAL_BOOL(lp_casesensitive,bCaseSensitive) FN_LOCAL_BOOL(lp_preservecase,bCasePreserve) |