diff options
-rw-r--r-- | source3/smbd/open.c | 4 | ||||
-rw-r--r-- | source3/smbd/posix_acls.c | 6 | ||||
-rw-r--r-- | source3/smbd/trans2.c | 5 | ||||
-rw-r--r-- | source3/smbd/vfs.c | 4 |
4 files changed, 13 insertions, 6 deletions
diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 3d5dd849b6..d916609769 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -283,7 +283,9 @@ static NTSTATUS open_file(files_struct *fsp, } /* Inherit the ACL if the file was created. */ - if ((local_flags & O_CREAT) && !file_existed) { + if ((local_flags & O_CREAT) + && !file_existed + && lp_inherit_perms(SNUM(conn))) { inherit_access_acl(conn, fname, unx_mode); } diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index f17594c079..75605ace8a 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3457,8 +3457,8 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode) } /**************************************************************************** - If "inherit permissions" is set and the parent directory has no default - ACL but it does have an Access ACL, inherit this Access ACL to file name. + If the parent directory has no default ACL but it does have an Access ACL, + inherit this Access ACL to file name. ****************************************************************************/ int inherit_access_acl(connection_struct *conn, const char *name, mode_t mode) @@ -3466,7 +3466,7 @@ int inherit_access_acl(connection_struct *conn, const char *name, mode_t mode) pstring dirname; pstrcpy(dirname, parent_dirname(name)); - if (!lp_inherit_perms(SNUM(conn)) || directory_has_default_acl(conn, dirname)) + if (directory_has_default_acl(conn, dirname)) return 0; return copy_access_acl(conn, dirname, name, mode); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 2f4bcb414f..d15ca6d327 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -4307,7 +4307,10 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n", if (SMB_VFS_MKNOD(conn,fname, unixmode, dev) != 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); - inherit_access_acl(conn, fname, unixmode); + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_acl(conn, fname, + unixmode); + } SSVAL(params,0,0); send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes); diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index ab9ddef9ff..b6a7d477bd 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -319,7 +319,9 @@ int vfs_MkDir(connection_struct *conn, const char *name, mode_t mode) return ret; } - inherit_access_acl(conn, name, mode); + if (lp_inherit_perms(SNUM(conn))) { + inherit_access_acl(conn, name, mode); + } /* * Check if high bits should have been set, |