diff options
| -rw-r--r-- | source3/modules/nfs4_acls.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index e906fcd161..3f6d8d8258 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -820,6 +820,48 @@ static int smbacl4_substitute_special( return True; /* OK */ } +static int smbacl4_substitute_simple( + SMB4ACL_T *theacl, + uid_t ownerUID, + gid_t ownerGID +) +{ + SMB_ACL4_INT_T *aclint = get_validated_aclint(theacl); + SMB_ACE4_INT_T *aceint; + + for(aceint = aclint->first; aceint!=NULL; aceint=(SMB_ACE4_INT_T *)aceint->next) { + SMB_ACE4PROP_T *ace = &aceint->prop; + + DEBUG(10,("ace type: %d, iflags: %x, flags: %x, " + "mask: %x, who: %d\n", + ace->aceType, ace->flags, ace->aceFlags, + ace->aceMask, ace->who.id)); + + if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && + !(ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) && + ace->who.uid == ownerUID && + !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE) && + !(ace->aceFlags & SMB_ACE4_FILE_INHERIT_ACE) && + !(ace->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)) { + ace->flags |= SMB_ACE4_ID_SPECIAL; + ace->who.special_id = SMB_ACE4_WHO_OWNER; + DEBUG(10,("replaced with special owner ace\n")); + } + + if (!(ace->flags & SMB_ACE4_ID_SPECIAL) && + ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP && + ace->who.uid == ownerGID && + !(ace->aceFlags & SMB_ACE4_INHERIT_ONLY_ACE) && + !(ace->aceFlags & SMB_ACE4_FILE_INHERIT_ACE) && + !(ace->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE)) { + ace->flags |= SMB_ACE4_ID_SPECIAL; + ace->who.special_id = SMB_ACE4_WHO_GROUP; + DEBUG(10,("replaced with special group ace\n")); + } + } + return True; /* OK */ +} + static SMB4ACL_T *smbacl4_win2nfs4( TALLOC_CTX *mem_ctx, const files_struct *fsp, @@ -862,6 +904,10 @@ static SMB4ACL_T *smbacl4_win2nfs4( smb_add_ace4(theacl, &ace_v4); } + if (pparams->mode==e_simple) { + smbacl4_substitute_simple(theacl, ownerUID, ownerGID); + } + if (pparams->mode==e_special) { smbacl4_substitute_special(theacl, ownerUID, ownerGID); } |