summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/open.c4
-rw-r--r--source3/smbd/posix_acls.c6
-rw-r--r--source3/smbd/trans2.c5
-rw-r--r--source3/smbd/vfs.c4
4 files changed, 13 insertions, 6 deletions
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 3d5dd849b6..d916609769 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -283,7 +283,9 @@ static NTSTATUS open_file(files_struct *fsp,
}
/* Inherit the ACL if the file was created. */
- if ((local_flags & O_CREAT) && !file_existed) {
+ if ((local_flags & O_CREAT)
+ && !file_existed
+ && lp_inherit_perms(SNUM(conn))) {
inherit_access_acl(conn, fname, unx_mode);
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index f17594c079..75605ace8a 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3457,8 +3457,8 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode)
}
/****************************************************************************
- If "inherit permissions" is set and the parent directory has no default
- ACL but it does have an Access ACL, inherit this Access ACL to file name.
+ If the parent directory has no default ACL but it does have an Access ACL,
+ inherit this Access ACL to file name.
****************************************************************************/
int inherit_access_acl(connection_struct *conn, const char *name, mode_t mode)
@@ -3466,7 +3466,7 @@ int inherit_access_acl(connection_struct *conn, const char *name, mode_t mode)
pstring dirname;
pstrcpy(dirname, parent_dirname(name));
- if (!lp_inherit_perms(SNUM(conn)) || directory_has_default_acl(conn, dirname))
+ if (directory_has_default_acl(conn, dirname))
return 0;
return copy_access_acl(conn, dirname, name, mode);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 2f4bcb414f..d15ca6d327 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -4307,7 +4307,10 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
if (SMB_VFS_MKNOD(conn,fname, unixmode, dev) != 0)
return(UNIXERROR(ERRDOS,ERRnoaccess));
- inherit_access_acl(conn, fname, unixmode);
+ if (lp_inherit_perms(SNUM(conn))) {
+ inherit_access_acl(conn, fname,
+ unixmode);
+ }
SSVAL(params,0,0);
send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index ab9ddef9ff..b6a7d477bd 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -319,7 +319,9 @@ int vfs_MkDir(connection_struct *conn, const char *name, mode_t mode)
return ret;
}
- inherit_access_acl(conn, name, mode);
+ if (lp_inherit_perms(SNUM(conn))) {
+ inherit_access_acl(conn, name, mode);
+ }
/*
* Check if high bits should have been set,