From 877f833af4a03116daa76e6317a0675b24be972c Mon Sep 17 00:00:00 2001 From: Alexander Werth Date: Thu, 10 May 2012 14:19:41 +0200 Subject: s3: Mapping of cifs creator owner to nfs owner@ ace. This is ignored in nfs4mode special for compatibility. Also ensure that we drop non inheriting creator owner aces since these don't contribute to who can access a file. Reviewed-by: Andrew Bartlett Reviewed-by: Jeremy Allison --- source3/modules/nfs4_acls.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 3214a28cf0..d3b9aff8e4 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -694,6 +694,30 @@ static bool smbacl4_fill_ace4( if (dom_sid_equal(&ace_nt->trustee, &global_sid_World)) { ace_v4->who.special_id = SMB_ACE4_WHO_EVERYONE; ace_v4->flags |= SMB_ACE4_ID_SPECIAL; + } else if (params->mode!=e_special && + dom_sid_equal(&ace_nt->trustee, + &global_sid_Creator_Owner)) { + DEBUG(10, ("Map creator owner\n")); + ace_v4->who.special_id = SMB_ACE4_WHO_OWNER; + ace_v4->flags |= SMB_ACE4_ID_SPECIAL; + /* A non inheriting creator owner entry has no effect. */ + ace_v4->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE; + if (!(ace_v4->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE) + && !(ace_v4->aceFlags & SMB_ACE4_FILE_INHERIT_ACE)) { + return False; + } + } else if (params->mode!=e_special && + dom_sid_equal(&ace_nt->trustee, + &global_sid_Creator_Group)) { + DEBUG(10, ("Map creator owner group\n")); + ace_v4->who.special_id = SMB_ACE4_WHO_GROUP; + ace_v4->flags |= SMB_ACE4_ID_SPECIAL; + /* A non inheriting creator group entry has no effect. */ + ace_v4->aceFlags |= SMB_ACE4_INHERIT_ONLY_ACE; + if (!(ace_v4->aceFlags & SMB_ACE4_DIRECTORY_INHERIT_ACE) + && !(ace_v4->aceFlags & SMB_ACE4_FILE_INHERIT_ACE)) { + return False; + } } else { uid_t uid; gid_t gid; -- cgit