[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Wed Nov 25 11:21:48 MST 2009


The branch, master has been updated
       via  7ed6f9f... Fix bug 6892 - When a chown operation is issued via Windows Explorer, all ACLS are wiped out. Merges existing DACLs when a ACL set operation comes in with only owner or group values set. Jeremy.
      from  947c47f... Fix crash due to uninitialized pointer (not a problem in 3.4.x or below). Jeremy.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 7ed6f9f0960885366800b1ca2ce9558414b62d54
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Nov 25 10:20:38 2009 -0800

    Fix bug 6892 - When a chown operation is issued via Windows Explorer, all ACLS are wiped out.
    Merges existing DACLs when a ACL set operation comes in with only owner or group values set.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/modules/vfs_acl_common.c |   51 ++++++++++++++++++++++++++-----------
 1 files changed, 36 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index a12f105..0bb0bca 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -617,25 +617,46 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp,
 			CONST_DISCARD(struct security_descriptor *,psd));
 	}
 
-	/* Ensure owner and group are set. */
-	if (!psd->owner_sid || !psd->group_sid) {
-		DOM_SID owner_sid, group_sid;
-		struct security_descriptor *nc_psd = dup_sec_desc(talloc_tos(), psd);
+        /* Ensure we have OWNER/GROUP/DACL set. */
+
+	if ((security_info_sent & (OWNER_SECURITY_INFORMATION|
+				GROUP_SECURITY_INFORMATION|
+				DACL_SECURITY_INFORMATION)) !=
+				(OWNER_SECURITY_INFORMATION|
+				 GROUP_SECURITY_INFORMATION|
+				 DACL_SECURITY_INFORMATION)) {
+		/* No we don't - read from the existing SD. */
+		struct security_descriptor *nc_psd = NULL;
+
+		status = get_nt_acl_internal(handle, fsp,
+				NULL,
+				(OWNER_SECURITY_INFORMATION|
+				 GROUP_SECURITY_INFORMATION|
+				 DACL_SECURITY_INFORMATION),
+				&nc_psd);
 
-		if (!nc_psd) {
-			return NT_STATUS_OK;
-		}
-		status = vfs_stat_fsp(fsp);
 		if (!NT_STATUS_IS_OK(status)) {
-			/* Lower level acl set succeeded,
-			 * so still return OK. */
-			return NT_STATUS_OK;
+			return status;
 		}
-		create_file_sids(&fsp->fsp_name->st, &owner_sid, &group_sid);
+
 		/* This is safe as nc_psd is discarded at fn exit. */
-		nc_psd->owner_sid = &owner_sid;
-		nc_psd->group_sid = &group_sid;
-		security_info_sent |= (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION);
+		if (security_info_sent & OWNER_SECURITY_INFORMATION) {
+			nc_psd->owner_sid = psd->owner_sid;
+		}
+		security_info_sent |= OWNER_SECURITY_INFORMATION;
+
+		if (security_info_sent & GROUP_SECURITY_INFORMATION) {
+			nc_psd->group_sid = psd->group_sid;
+		}
+		security_info_sent |= GROUP_SECURITY_INFORMATION;
+
+		if (security_info_sent & DACL_SECURITY_INFORMATION) {
+			nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
+			if (nc_psd->dacl == NULL) {
+				return NT_STATUS_NO_MEMORY;
+			}
+		}
+		security_info_sent |= DACL_SECURITY_INFORMATION;
 		psd = nc_psd;
 	}
 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list