Revert "Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)"

This reverts commit 17f6e0272370f764d4a0053c8e74f20b0444c721.

Using the existing default permissions for group access is incorrect
when no such permissions are given in the incoming ACL.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Sep  7 03:50:21 CEST 2011 on sn-devel-104

1 files changed, 4 insertions, 21 deletions

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 0d0b5da630..0be7bec47f 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1457,29 +1457,12 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
 		pace->unix_ug.uid = pst->st_ex_gid;
 		pace->trustee = *pfile_grp_sid;
 		pace->attr = ALLOW_ACE;
-		/* Start with existing permissions, principle of least
-		   surprises for the user. */
-		pace->perms = pst->st_ex_mode;
-
 		if (setting_acl) {
-			/* See if there's a matching group entry.
-			   If so, OR in the permissions from that entry. */
-
-			canon_ace *pace_iter;
-
-			for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
-				if (pace_iter->type == SMB_ACL_GROUP &&
-							pace_iter->unix_ug.gid == pace->unix_ug.gid) {
-					pace->perms |= pace_iter->perms;
-					break;
-				}
-			}
-
 			/* If we only got an "everyone" perm, just use that. */
-			if (pace->perms == 0) {
-				if (got_other)
-					pace->perms = pace_other->perms;
-			}
+			if (got_other)
+				pace->perms = pace_other->perms;
+			else
+				pace->perms = 0;
 			apply_default_perms(params, is_directory, pace, S_IRGRP);
 		} else {
 			pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRGRP, S_IWGRP, S_IXGRP);