From 6af05f10c1626bbc6206c786af5ba0cec42ec3fa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Nov 2010 14:31:43 -0800 Subject: Fix bug #7812 - vfs_acl_xattr/vfs_acl_tdb: ACL inheritance cannot be disabled We were losing the incoming security descriptor revision number and most importantly the "type" field as sent by the client. Ensure we correctly store these in the xattr object. Jeremy. Autobuild-User: Jeremy Allison Autobuild-Date: Wed Nov 24 00:18:57 CET 2010 on sn-devel-104 --- source3/modules/vfs_acl_common.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index 5fbf686e6b..3296ddc55c 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -726,6 +726,10 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, return status; } + psd->revision = orig_psd->revision; + /* All our SD's are self relative. */ + psd->type = orig_psd->type | SEC_DESC_SELF_RELATIVE; + if ((security_info_sent & SECINFO_OWNER) && (orig_psd->owner_sid != NULL)) { psd->owner_sid = orig_psd->owner_sid; } @@ -734,9 +738,11 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, } if (security_info_sent & SECINFO_DACL) { psd->dacl = orig_psd->dacl; + psd->type |= SEC_DESC_DACL_PRESENT; } if (security_info_sent & SECINFO_SACL) { psd->sacl = orig_psd->sacl; + psd->type |= SEC_DESC_SACL_PRESENT; } status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd); -- cgit