[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-2267-gb08ea48
Jeremy Allison
jra at samba.org
Fri May 2 00:02:12 GMT 2008
The branch, v3-3-test has been updated
via b08ea48f883d1b000f6364c1ff8f62bc25741244 (commit)
from 818fbc9889af8c9fb6e7978e8ed2269a78f14404 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit b08ea48f883d1b000f6364c1ff8f62bc25741244
Author: Jeremy Allison <jra at samba.org>
Date: Thu May 1 17:01:37 2008 -0700
Start to ensure we use the NT ACL interface, keep the POSIX
ACL interface inside the VFS modules. Will help when moving
to storing NT ACLs.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/smbd/posix_acls.c | 67 +++++++++++++++++++++++++++++++--------------
1 files changed, 46 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index c3c9d2e..d422746 100644
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -3814,6 +3814,26 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode)
}
/****************************************************************************
+ Check for an existing default POSIX ACL on a directory.
+****************************************************************************/
+
+static bool directory_has_default_posix_acl(connection_struct *conn, const char *fname)
+{
+ SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT);
+ bool has_acl = False;
+ SMB_ACL_ENTRY_T entry;
+
+ if (def_acl != NULL && (SMB_VFS_SYS_ACL_GET_ENTRY(conn, def_acl, SMB_ACL_FIRST_ENTRY, &entry) == 1)) {
+ has_acl = True;
+ }
+
+ if (def_acl) {
+ SMB_VFS_SYS_ACL_FREE_ACL(conn, def_acl);
+ }
+ return has_acl;
+}
+
+/****************************************************************************
If the parent directory has no default ACL but it does have an Access ACL,
inherit this Access ACL to file name.
****************************************************************************/
@@ -3821,7 +3841,7 @@ int chmod_acl(connection_struct *conn, const char *name, mode_t mode)
int inherit_access_acl(connection_struct *conn, const char *inherit_from_dir,
const char *name, mode_t mode)
{
- if (directory_has_default_acl(conn, inherit_from_dir))
+ if (directory_has_default_posix_acl(conn, inherit_from_dir))
return 0;
return copy_access_acl(conn, inherit_from_dir, name, mode);
@@ -3853,26 +3873,6 @@ int fchmod_acl(files_struct *fsp, mode_t mode)
}
/****************************************************************************
- Check for an existing default POSIX ACL on a directory.
-****************************************************************************/
-
-bool directory_has_default_acl(connection_struct *conn, const char *fname)
-{
- SMB_ACL_T def_acl = SMB_VFS_SYS_ACL_GET_FILE( conn, fname, SMB_ACL_TYPE_DEFAULT);
- bool has_acl = False;
- SMB_ACL_ENTRY_T entry;
-
- if (def_acl != NULL && (SMB_VFS_SYS_ACL_GET_ENTRY(conn, def_acl, SMB_ACL_FIRST_ENTRY, &entry) == 1)) {
- has_acl = True;
- }
-
- if (def_acl) {
- SMB_VFS_SYS_ACL_FREE_ACL(conn, def_acl);
- }
- return has_acl;
-}
-
-/****************************************************************************
Map from wire type to permset.
****************************************************************************/
@@ -4310,3 +4310,28 @@ SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
return ret_sd;
}
+
+/****************************************************************************
+ Check for an existing default Windows ACL on a directory.
+****************************************************************************/
+
+bool directory_has_default_acl(connection_struct *conn, const char *fname)
+{
+ SEC_DESC *psd = NULL; /* returns talloced off tos. */
+ unsigned int i;
+ NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname,
+ DACL_SECURITY_INFORMATION, &psd);
+
+ if (!NT_STATUS_IS_OK(status) || psd == NULL) {
+ return false;
+ }
+
+ for (i = 0; i < psd->dacl->num_aces; i++) {
+ SEC_ACE *psa = &psd->dacl->aces[i];
+ if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT|
+ SEC_ACE_FLAG_CONTAINER_INHERIT)) {
+ return true;
+ }
+ }
+ return false;
+}
--
Samba Shared Repository
More information about the samba-cvs
mailing list