summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/posix_acls.c43
1 files changed, 40 insertions, 3 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 8890d54da0..4791375851 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -841,9 +841,11 @@ static canon_ace *canonicalise_acl( SMB_ACL_T posix_acl, SMB_STRUCT_STAT *psbuf)
static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL default_ace)
{
BOOL ret = False;
- SMB_ACL_T the_acl = sys_acl_init((int)count_canon_ace_list(the_ace));
+ SMB_ACL_T the_acl = sys_acl_init((int)count_canon_ace_list(the_ace) + 1);
canon_ace *p_ace;
int i;
+ SMB_ACL_ENTRY_T mask_entry;
+ SMB_ACL_PERMSET_T mask_permset;
SMB_ACL_TYPE_T the_acl_type = (default_ace ? SMB_ACL_TYPE_DEFAULT : SMB_ACL_TYPE_ACCESS);
if (the_acl == NULL) {
@@ -903,12 +905,18 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
* Convert the mode_t perms in the canon_ace to a POSIX permset.
*/
- if (map_acl_perms_to_permset(p_ace->perms, &the_permset) == -1) {
- DEBUG(0,("set_canon_ace_list: Failed to create permset on entry %d. (%s)\n",
+ if (sys_acl_get_permset(the_entry, &the_permset) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to get permset on entry %d. (%s)\n",
i, strerror(errno) ));
goto done;
}
+ if (map_acl_perms_to_permset(p_ace->perms, &the_permset) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to create permset for mode (%u) on entry %d. (%s)\n",
+ p_ace->perms, i, strerror(errno) ));
+ goto done;
+ }
+
/*
* ..and apply them to the entry.
*/
@@ -921,6 +929,35 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
}
/*
+ * Add in a mask of rwx.
+ */
+
+ if (sys_acl_create_entry( &the_acl, &mask_entry) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to create mask entry. (%s)\n", strerror(errno) ));
+ goto done;
+ }
+
+ if (sys_acl_set_tag_type(mask_entry, SMB_ACL_MASK) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to set tag type on mask entry. (%s)\n",strerror(errno) ));
+ goto done;
+ }
+
+ if (sys_acl_get_permset(mask_entry, &mask_permset) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to get mask permset. (%s)\n", strerror(errno) ));
+ goto done;
+ }
+
+ if (map_acl_perms_to_permset(S_IRUSR|S_IWUSR|S_IXUSR, &mask_permset) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to create mask permset. (%s)\n", strerror(errno) ));
+ goto done;
+ }
+
+ if (sys_acl_set_permset(mask_entry, mask_permset) == -1) {
+ DEBUG(0,("set_canon_ace_list: Failed to add mask permset. (%s)\n", strerror(errno) ));
+ goto done;
+ }
+
+ /*
* Check if the ACL is valid.
*/