From 47c1d9b39f292772e8d8f7a737ddff6c8bdfdeae Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 12 Jan 2010 16:04:44 -0800
Subject: Fix bug #6876 - Delete of an object whose parent folder does not have
 delete rights fails even if the delete right is set on the object.

Final fix for the vfs_acl_xattr and vfs_acl_tdb code.
Ensure we can delete a file even if the underlying POSIX
permissions don't allow it, if the Windows permissions do.

Jeremy.
---
 source3/smbd/close.c      | 3 +++
 source3/smbd/posix_acls.c | 7 ++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'source3/smbd')

diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 05c3c709a1..e81a2fdff6 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -336,6 +336,7 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
 			become_user(conn, fsp->vuid);
 			became_user = True;
 		}
+		fsp->delete_on_close = true;
 		set_delete_on_close_lck(lck, True, &current_user.ut);
 		if (became_user) {
 			unbecome_user();
@@ -481,6 +482,7 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
  	 * the delete on close flag. JRA.
  	 */
 
+	fsp->delete_on_close = false;
 	set_delete_on_close_lck(lck, False, NULL);
 
  done:
@@ -958,6 +960,7 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
 		}
 		send_stat_cache_delete_message(fsp->fsp_name->base_name);
 		set_delete_on_close_lck(lck, True, &current_user.ut);
+		fsp->delete_on_close = true;
 		if (became_user) {
 			unbecome_user();
 		}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 8d66bf1059..7342420a89 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1107,9 +1107,10 @@ uint32_t map_canon_ace_perms(int snum,
 			nt_mask |= ((perms & S_IWUSR) ? UNIX_ACCESS_W : 0 );
 			nt_mask |= ((perms & S_IXUSR) ? UNIX_ACCESS_X : 0 );
 		}
-		if ((perms & S_IWUSR) && lp_dos_filemode(snum)) {
-			nt_mask |= (SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER);
-		}
+	}
+
+	if ((perms & S_IWUSR) && lp_dos_filemode(snum)) {
+		nt_mask |= (SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|DELETE_ACCESS);
 	}
 
 	DEBUG(10,("map_canon_ace_perms: Mapped (UNIX) %x to (NT) %x\n",
-- 
cgit