svn commit: samba r21223 - in branches: SAMBA_3_0/source/smbd
SAMBA_3_0_25/source/smbd
jra at samba.org
jra at samba.org
Wed Feb 7 19:43:44 GMT 2007
Author: jra
Date: 2007-02-07 19:43:44 +0000 (Wed, 07 Feb 2007)
New Revision: 21223
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21223
Log:
Try and fix bug #4361 - Vista backup fails.
Based on work from Joe Meadows <jameadows at webopolis.com>.
One for the Vista patchset.
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/posix_acls.c
branches/SAMBA_3_0_25/source/smbd/posix_acls.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-02-07 19:03:19 UTC (rev 21222)
+++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-02-07 19:43:44 UTC (rev 21223)
@@ -658,6 +658,7 @@
}
return 0;
}
+
/****************************************************************************
Function to create owner and group SIDs from a SMB_STRUCT_STAT.
****************************************************************************/
@@ -669,6 +670,27 @@
}
/****************************************************************************
+ Is the identity in two ACEs equal ? Check both SID and uid/gid.
+****************************************************************************/
+
+static BOOL identity_in_ace_equal(canon_ace *ace1, canon_ace *ace2)
+{
+ if (sid_equal(&ace1->trustee, &ace2->trustee)) {
+ return True;
+ }
+ if (ace1->owner_type == ace2->owner_type) {
+ if (ace1->owner_type == UID_ACE &&
+ ace1->unix_ug.uid == ace2->unix_ug.uid) {
+ return True;
+ } else if (ace1->owner_type == GID_ACE &&
+ ace1->unix_ug.gid == ace2->unix_ug.gid) {
+ return True;
+ }
+ }
+ return False;
+}
+
+/****************************************************************************
Merge aces with a common sid - if both are allow or deny, OR the permissions together and
delete the second one. If the first is deny, mask the permissions off and delete the allow
if the permissions become zero, delete the deny if the permissions are non zero.
@@ -695,7 +717,7 @@
curr_ace_next = curr_ace->next; /* Save the link in case of delete. */
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace->attr == curr_ace_outer->attr)) {
if( DEBUGLVL( 10 )) {
@@ -735,7 +757,7 @@
* we've put on the ACL, we know the deny must be the first one.
*/
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
if( DEBUGLVL( 10 )) {
Modified: branches/SAMBA_3_0_25/source/smbd/posix_acls.c
===================================================================
--- branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-02-07 19:03:19 UTC (rev 21222)
+++ branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-02-07 19:43:44 UTC (rev 21223)
@@ -658,6 +658,7 @@
}
return 0;
}
+
/****************************************************************************
Function to create owner and group SIDs from a SMB_STRUCT_STAT.
****************************************************************************/
@@ -669,6 +670,27 @@
}
/****************************************************************************
+ Is the identity in two ACEs equal ? Check both SID and uid/gid.
+****************************************************************************/
+
+static BOOL identity_in_ace_equal(canon_ace *ace1, canon_ace *ace2)
+{
+ if (sid_equal(&ace1->trustee, &ace2->trustee)) {
+ return True;
+ }
+ if (ace1->owner_type == ace2->owner_type) {
+ if (ace1->owner_type == UID_ACE &&
+ ace1->unix_ug.uid == ace2->unix_ug.uid) {
+ return True;
+ } else if (ace1->owner_type == GID_ACE &&
+ ace1->unix_ug.gid == ace2->unix_ug.gid) {
+ return True;
+ }
+ }
+ return False;
+}
+
+/****************************************************************************
Merge aces with a common sid - if both are allow or deny, OR the permissions together and
delete the second one. If the first is deny, mask the permissions off and delete the allow
if the permissions become zero, delete the deny if the permissions are non zero.
@@ -695,7 +717,7 @@
curr_ace_next = curr_ace->next; /* Save the link in case of delete. */
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace->attr == curr_ace_outer->attr)) {
if( DEBUGLVL( 10 )) {
@@ -735,7 +757,7 @@
* we've put on the ACL, we know the deny must be the first one.
*/
- if (sid_equal(&curr_ace->trustee, &curr_ace_outer->trustee) &&
+ if (identity_in_ace_equal(curr_ace, curr_ace_outer) &&
(curr_ace_outer->attr == DENY_ACE) && (curr_ace->attr == ALLOW_ACE)) {
if( DEBUGLVL( 10 )) {
More information about the samba-cvs
mailing list