From 5f3160ce274cbe1832155012caaa90ccc77459f6 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 10 Sep 2008 16:22:51 -0700
Subject: Fix bug #5052 - not work cancel inheritance on share. We were using
 the parent security descriptor type and flags instead of using the passed in
 SD. Jeremy. (This used to be commit 0d824d7188518aaa7b4e890885e6bc42e94397c5)

---
 source3/smbd/posix_acls.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 427cfc9a0d..7479aea076 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3398,10 +3398,17 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
 			parent_name));
 	}
 
-	parent_sd->dacl->aces = new_ace;
-	parent_sd->dacl->num_aces = i;
+	/* This sucks. psd should be const and we should
+	 * be doing a deep-copy here. We're getting away
+	 * with is as we know parent_sd is talloced off
+	 * talloc_tos() as well as psd. JRA. */
 
-	*pp_new_sd = parent_sd;
+	psd->dacl->aces = new_ace;
+	psd->dacl->num_aces = i;
+	psd->type &= ~(SE_DESC_DACL_AUTO_INHERITED|
+                         SE_DESC_DACL_AUTO_INHERIT_REQ);
+
+	*pp_new_sd = psd;
 	return status;
 }
 
-- 
cgit