summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-10-30 23:29:14 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-10-30 23:29:14 +0100
commit6acd90998803c28fa12ff0d1f47056c64b7d8d8d (patch)
tree11d0df3327f71e02cecafd79ec98af0fd2409438 /source3
parent0ab0373a97114b2911ed5f38e3548676f196a2c0 (diff)
parent782f309df35cba41c9e5b65db242b961bacbbf87 (diff)
downloadsamba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.tar.gz
samba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.tar.bz2
samba-6acd90998803c28fa12ff0d1f47056c64b7d8d8d.zip
Merge branch 'master' of git://git.samba.org/samba
Diffstat (limited to 'source3')
-rw-r--r--source3/configure.in2
-rw-r--r--source3/lib/secdesc.c6
-rw-r--r--source3/modules/vfs_acl_xattr.c68
-rw-r--r--source3/smbd/notify_inotify.c6
4 files changed, 64 insertions, 18 deletions
diff --git a/source3/configure.in b/source3/configure.in
index a37e97c9da..a59fe32aff 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -2489,7 +2489,7 @@ if test x"$samba_cv_HAVE_KERNEL_CHANGE_NOTIFY" = x"yes"; then
fi
AC_CACHE_CHECK([for inotify support],samba_cv_HAVE_INOTIFY,[
-AC_CHECK_HEADERS(linux/inotify.h asm/unistd.h)
+AC_CHECK_HEADERS(linux/inotify.h asm/unistd.h sys/inotify.h)
AC_CHECK_FUNCS(inotify_init)
AC_HAVE_DECL(__NR_inotify_init, [#include <asm/unistd.h>])
],
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index 6afc165c0f..1da2b3ec93 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -527,9 +527,9 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
if (creator && container &&
(new_flags & SEC_ACE_FLAG_CONTAINER_INHERIT)) {
- /* First add the regular ACE entry with flags = 0. */
+ /* First add the regular ACE entry. */
init_sec_ace(new_ace, ptrustee, ace->type,
- ace->access_mask, 0);
+ ace->access_mask, SEC_ACE_FLAG_INHERITED_ACE);
DEBUG(5,("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x"
" inherited as %s:%d/0x%02x/0x%08x\n",
@@ -549,7 +549,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
}
init_sec_ace(new_ace, ptrustee, ace->type,
- ace->access_mask, new_flags);
+ ace->access_mask, new_flags | SEC_ACE_FLAG_INHERITED_ACE);
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
" inherited as %s:%d/0x%02x/0x%08x\n",
diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index a802dac554..0baa990ad6 100644
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -182,13 +182,13 @@ static NTSTATUS create_acl_blob(const SEC_DESC *psd, DATA_BLOB *pblob)
return NT_STATUS_OK;
}
-static NTSTATUS store_acl_blob(files_struct *fsp,
+static NTSTATUS store_acl_blob_fsp(files_struct *fsp,
DATA_BLOB *pblob)
{
int ret;
int saved_errno = 0;
- DEBUG(10,("store_acl_blob: storing blob length %u on file %s\n",
+ DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n",
(unsigned int)pblob->length, fsp->fsp_name));
become_root();
@@ -206,7 +206,7 @@ static NTSTATUS store_acl_blob(files_struct *fsp,
unbecome_root();
if (ret) {
errno = saved_errno;
- DEBUG(5, ("store_acl_blob: setting attr failed for file %s"
+ DEBUG(5, ("store_acl_blob_fsp: setting attr failed for file %s"
"with error %s\n",
fsp->fsp_name,
strerror(errno) ));
@@ -215,6 +215,36 @@ static NTSTATUS store_acl_blob(files_struct *fsp,
return NT_STATUS_OK;
}
+static NTSTATUS store_acl_blob_pathname(connection_struct *conn,
+ const char *fname,
+ DATA_BLOB *pblob)
+{
+ int ret;
+ int saved_errno = 0;
+
+ DEBUG(10,("store_acl_blob_pathname: storing blob "
+ "length %u on file %s\n",
+ (unsigned int)pblob->length, fname));
+
+ become_root();
+ ret = SMB_VFS_SETXATTR(conn, fname,
+ XATTR_NTACL_NAME,
+ pblob->data, pblob->length, 0);
+ if (ret) {
+ saved_errno = errno;
+ }
+ unbecome_root();
+ if (ret) {
+ errno = saved_errno;
+ DEBUG(5, ("store_acl_blob_pathname: setting attr failed "
+ "for file %s with error %s\n",
+ fname,
+ strerror(errno) ));
+ return map_nt_error_from_unix(errno);
+ }
+ return NT_STATUS_OK;
+}
+
static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle,
files_struct *fsp,
@@ -261,11 +291,6 @@ static NTSTATUS get_nt_acl_xattr_internal(vfs_handle_struct *handle,
return status;
}
-static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode)
-{
- return SMB_VFS_NEXT_MKDIR(handle, path, mode);
-}
-
/*********************************************************************
* Currently this only works for existing files. Need to work on
* inheritance for new files.
@@ -273,7 +298,8 @@ static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t
static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
const char *fname,
- files_struct *fsp)
+ files_struct *fsp,
+ bool container)
{
TALLOC_CTX *ctx = talloc_tos();
NTSTATUS status;
@@ -313,7 +339,7 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
parent_desc,
&handle->conn->server_info->ptok->user_sids[PRIMARY_USER_SID_INDEX],
&handle->conn->server_info->ptok->user_sids[PRIMARY_GROUP_SID_INDEX],
- false);
+ container);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -321,7 +347,11 @@ static NTSTATUS inherit_new_acl(vfs_handle_struct *handle,
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- return store_acl_blob(fsp, &blob);
+ if (fsp) {
+ return store_acl_blob_fsp(fsp, &blob);
+ } else {
+ return store_acl_blob_pathname(handle->conn, fname, &blob);
+ }
}
/*********************************************************************
@@ -368,12 +398,24 @@ static int open_acl_xattr(vfs_handle_struct *handle,
if (!file_existed && fsp->fh->fd != -1) {
/* File was created. Inherit from parent directory. */
string_set(&fsp->fsp_name, fname);
- inherit_new_acl(handle, fname, fsp);
+ inherit_new_acl(handle, fname, fsp, false);
}
return fsp->fh->fd;
}
+static int mkdir_acl_xattr(vfs_handle_struct *handle, const char *path, mode_t mode)
+{
+ int ret = SMB_VFS_NEXT_MKDIR(handle, path, mode);
+
+ if (ret == -1) {
+ return ret;
+ }
+ /* New directory - inherit from parent. */
+ inherit_new_acl(handle, path, NULL, true);
+ return ret;
+}
+
static NTSTATUS fget_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp,
uint32 security_info, SEC_DESC **ppdesc)
{
@@ -426,7 +468,7 @@ static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp,
}
create_acl_blob(psd, &blob);
- store_acl_blob(fsp, &blob);
+ store_acl_blob_fsp(fsp, &blob);
return NT_STATUS_OK;
}
diff --git a/source3/smbd/notify_inotify.c b/source3/smbd/notify_inotify.c
index c6c12a9cd2..8237e4ab0b 100644
--- a/source3/smbd/notify_inotify.c
+++ b/source3/smbd/notify_inotify.c
@@ -25,6 +25,10 @@
#ifdef HAVE_INOTIFY
+#if HAVE_SYS_INOTIFY_H
+#include <sys/inotify.h>
+#else
+
#ifdef HAVE_ASM_TYPES_H
#include <asm/types.h>
#endif
@@ -57,7 +61,7 @@ static int inotify_rm_watch(int fd, int wd)
#include <sys/inotify.h>
#endif
-
+#endif
/* older glibc headers don't have these defines either */
#ifndef IN_ONLYDIR