summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2010-10-15 15:28:23 -0700
committerJeremy Allison <jra@samba.org>2010-10-15 17:38:22 -0700
commite031f8ae6aee266c0ebf0b53465906e215ac9561 (patch)
tree0091149d08d3f72de11a2b4fb0125b39c3de78cc /source3/smbd
parentf4a9d25cfc70e79f476d01ae3234f2155bbcf39e (diff)
downloadsamba-e031f8ae6aee266c0ebf0b53465906e215ac9561.tar.gz
samba-e031f8ae6aee266c0ebf0b53465906e215ac9561.tar.bz2
samba-e031f8ae6aee266c0ebf0b53465906e215ac9561.zip
Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if they can't be mapped.
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index fa715fb673..05f6439957 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1753,6 +1753,14 @@ static bool create_canon_ace_lists(files_struct *fsp,
continue;
}
+ if (lp_force_unknown_acl_user(SNUM(fsp->conn))) {
+ DEBUG(10, ("create_canon_ace_lists: ignoring "
+ "unknown or foreign SID %s\n",
+ sid_string_dbg(&psa->trustee)));
+ SAFE_FREE(current_ace);
+ continue;
+ }
+
free_canon_ace_list(file_ace);
free_canon_ace_list(dir_ace);
DEBUG(0, ("create_canon_ace_lists: unable to map SID "