summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2011-09-06 14:08:01 -0700
committerJeremy Allison <jra@samba.org>2011-09-07 03:50:21 +0200
commit9646d802b72fcb42423960ae73aa919ba47cc823 (patch)
tree7ddc8a1f6679a6e78ceff6315a05af79747a3df6 /source3/smbd
parenta9a3a79767401ba1165fde9aeb8820c012ef5470 (diff)
downloadsamba-9646d802b72fcb42423960ae73aa919ba47cc823.tar.gz
samba-9646d802b72fcb42423960ae73aa919ba47cc823.tar.bz2
samba-9646d802b72fcb42423960ae73aa919ba47cc823.zip
Revert "Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)"
This reverts commit 17f6e0272370f764d4a0053c8e74f20b0444c721. Using the existing default permissions for group access is incorrect when no such permissions are given in the incoming ACL. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Sep 7 03:50:21 CEST 2011 on sn-devel-104
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c25
1 files changed, 4 insertions, 21 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 0d0b5da630..0be7bec47f 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1457,29 +1457,12 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
pace->unix_ug.uid = pst->st_ex_gid;
pace->trustee = *pfile_grp_sid;
pace->attr = ALLOW_ACE;
- /* Start with existing permissions, principle of least
- surprises for the user. */
- pace->perms = pst->st_ex_mode;
-
if (setting_acl) {
- /* See if there's a matching group entry.
- If so, OR in the permissions from that entry. */
-
- canon_ace *pace_iter;
-
- for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
- if (pace_iter->type == SMB_ACL_GROUP &&
- pace_iter->unix_ug.gid == pace->unix_ug.gid) {
- pace->perms |= pace_iter->perms;
- break;
- }
- }
-
/* If we only got an "everyone" perm, just use that. */
- if (pace->perms == 0) {
- if (got_other)
- pace->perms = pace_other->perms;
- }
+ if (got_other)
+ pace->perms = pace_other->perms;
+ else
+ pace->perms = 0;
apply_default_perms(params, is_directory, pace, S_IRGRP);
} else {
pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRGRP, S_IWGRP, S_IXGRP);