summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-02-07 19:43:44 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:17:48 -0500
commit255177d2b9c1ad358728ac15626523b5bb0ac244 (patch)
treecebcc91dd14ac7d5f0fd0bbce3e490981fe13cba /source3/smbd
parent08bf58d8fcd69f58489f8d3932d60dbd44d6d662 (diff)
downloadsamba-255177d2b9c1ad358728ac15626523b5bb0ac244.tar.gz
samba-255177d2b9c1ad358728ac15626523b5bb0ac244.tar.bz2
samba-255177d2b9c1ad358728ac15626523b5bb0ac244.zip
r21223: Try and fix bug #4361 - Vista backup fails.
Based on work from Joe Meadows <jameadows@webopolis.com>. One for the Vista patchset. Jeremy. (This used to be commit 470a4dc30874b00c599806cb6dbc06fe2775144c)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c26
1 files changed, 24 insertions, 2 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 630e270de3..50038dd464 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -658,6 +658,7 @@ static int map_acl_perms_to_permset(connection_struct *conn, mode_t mode, SMB_AC
}
return 0;
}
+
/****************************************************************************
Function to create owner and group SIDs from a SMB_STRUCT_STAT.
****************************************************************************/
@@ -669,6 +670,27 @@ static void create_file_sids(SMB_STRUCT_STAT *psbuf, DOM_SID *powner_sid, DOM_SI
}
/****************************************************************************
+ Is the identity in two ACEs equal ? Check both SID and uid/gid.
+****************************************************************************/
+
+static BOOL identity_in_ace_equal(canon_ace *ace1, canon_ace *ace2)
+{
+ if (sid_equal(&ace1->trustee, &ace2->trustee)) {
+ return True;
+ }
+ if (ace1->owner_type == ace2->owner_type) {
+ if (ace1->owner_type == UID_ACE &&
+ ace1->unix_ug.uid == ace2->unix_ug.uid) {
+ return True;
+ } else if (ace1->owner_type == GID_ACE &&
+ ace1->unix_ug.gid == ace2->unix_ug.gid) {
+ return True;
+ }
+ }
+ return False;
+}
+
+/****************************************************************************
Merge aces with a common sid - if both are allow or deny, OR the permissions together and
delete the second one. If the first is deny, mask the permissions off and delete the allow
if the permissions become zero, delete the deny if the permissions are non zero.
@@ -695,7 +717,7 @@ static void merge_aces( canon_ace **pp_list_head )
curr_ace_next = curr_ace->next; /* Save the link in case of delete. */
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace->attr == curr_ace_outer->attr)) {
if( DEBUGLVL( 10 )) {
@@ -735,7 +757,7 @@ static void merge_aces( canon_ace **pp_list_head )
* we've put on the ACL, we know the deny must be the first one.
*/
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
if( DEBUGLVL( 10 )) {