This is a proposed patch for Bug #5023.

The three can_* access check functions in smbd/posix_acls.c that are used in
smbd/open.c and smbd/nttrans.c explicitly called check_posix_acl_group_access()

This lead to errors with nfsv4 acls (ZFS and GPFS).

This changes the can_* functions to get the nt_acl via VFS layer and call
se_access_check on that. It also removes check_posix_acl_group_access()
which has no more callers.

NOTE: The can_* functions should really not be in smbd/posix_acls.c but
in a separate file (I propose smbd/access.c).

Michael
(This used to be commit 6f961a23de745aba5dcd4585b731e651b8cbeef4)

0 files changed, 0 insertions, 0 deletions