[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Sep 2 16:17:02 MDT 2011
The branch, master has been updated
via 17f6e02 Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
via 2a1453e Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
via c528fc5 Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
via a5038ac Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
via 2b935b4 Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
from dfbffac s3:registry: fix a debug message typo
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 17f6e0272370f764d4a0053c8e74f20b0444c721
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 2 13:41:24 2011 -0700
Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the
principle of least surprises for the user.
Autobuild-User: Jeremy Allison <jra at samba.org>
Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
commit 2a1453e2318af77a79180f3137f8a8d3f1240233
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 2 13:36:10 2011 -0700
Part 4 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Be smarter about setting default permissions when a ACL_USER_OBJ isn't given. Use the
principle of least surprises for the user.
commit c528fc5cacaae7e0e83041eb98150052b436071e
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 2 12:22:34 2011 -0700
Part 3 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and
AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately
inside ensure_canon_entry_valid().
commit a5038ace24559bb02eec8262d3af5b5e78634d16
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 2 11:58:56 2011 -0700
Part 2 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Only map CREATOR_OWNER/CREATOR_GROUP to ACL_USER_OBJ/ACL_GROUP_OBJ in
a default(directory) ACL set.
commit 2b935b49f3d975759eb1cbcf2b11bf7c9d982804
Author: Jeremy Allison <jra at samba.org>
Date: Fri Sep 2 11:21:08 2011 -0700
Part 1 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)
Remove the code I added for bug "6878 - Cannot change ACL's inherit flag". It is incorrect
and causes the POSIX ACL ACL_USER_OBJ duplication.
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/posix_acls.c | 167 ++++++++++++++++++++------------------------
1 files changed, 76 insertions(+), 91 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index da25a52..0d0b5da 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1409,29 +1409,32 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
pace->unix_ug.uid = pst->st_ex_uid;
pace->trustee = *pfile_owner_sid;
pace->attr = ALLOW_ACE;
+ /* Start with existing permissions, principle of least
+ surprises for the user. */
+ pace->perms = pst->st_ex_mode;
if (setting_acl) {
/* See if the owning user is in any of the other groups in
- the ACE. If so, OR in the permissions from that group. */
+ the ACE, or if there's a matching user entry.
+ If so, OR in the permissions from that entry. */
- bool group_matched = False;
canon_ace *pace_iter;
for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
- if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
+ if (pace_iter->type == SMB_ACL_USER &&
+ pace_iter->unix_ug.uid == pace->unix_ug.uid) {
+ pace->perms |= pace_iter->perms;
+ } else if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
if (uid_entry_in_group(conn, pace, pace_iter)) {
pace->perms |= pace_iter->perms;
- group_matched = True;
}
}
}
- /* If we only got an "everyone" perm, just use that. */
- if (!group_matched) {
+ if (pace->perms == 0) {
+ /* If we only got an "everyone" perm, just use that. */
if (got_other)
pace->perms = pace_other->perms;
- else
- pace->perms = 0;
}
apply_default_perms(params, is_directory, pace, S_IRUSR);
@@ -1454,12 +1457,29 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
pace->unix_ug.uid = pst->st_ex_gid;
pace->trustee = *pfile_grp_sid;
pace->attr = ALLOW_ACE;
+ /* Start with existing permissions, principle of least
+ surprises for the user. */
+ pace->perms = pst->st_ex_mode;
+
if (setting_acl) {
+ /* See if there's a matching group entry.
+ If so, OR in the permissions from that entry. */
+
+ canon_ace *pace_iter;
+
+ for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
+ if (pace_iter->type == SMB_ACL_GROUP &&
+ pace_iter->unix_ug.gid == pace->unix_ug.gid) {
+ pace->perms |= pace_iter->perms;
+ break;
+ }
+ }
+
/* If we only got an "everyone" perm, just use that. */
- if (got_other)
- pace->perms = pace_other->perms;
- else
- pace->perms = 0;
+ if (pace->perms == 0) {
+ if (got_other)
+ pace->perms = pace_other->perms;
+ }
apply_default_perms(params, is_directory, pace, S_IRGRP);
} else {
pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRGRP, S_IWGRP, S_IXGRP);
@@ -1496,6 +1516,7 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
Check if a POSIX ACL has the required SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ entries.
If it does not have them, check if there are any entries where the trustee is the
file owner or the owning group, and map these to SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ.
+ Note we must not do this to default directory ACLs.
****************************************************************************/
static void check_owning_objs(canon_ace *ace, struct dom_sid *pfile_owner_sid, struct dom_sid *pfile_grp_sid)
@@ -1538,50 +1559,6 @@ static void check_owning_objs(canon_ace *ace, struct dom_sid *pfile_owner_sid, s
}
/****************************************************************************
- If an ACE entry is SMB_ACL_USER_OBJ and not CREATOR_OWNER, map to SMB_ACL_USER.
- If an ACE entry is SMB_ACL_GROUP_OBJ and not CREATOR_GROUP, map to SMB_ACL_GROUP
-****************************************************************************/
-
-static bool dup_owning_ace(canon_ace *dir_ace, canon_ace *ace)
-{
- /* dir ace must be followings.
- SMB_ACL_USER_OBJ : trustee(CREATOR_OWNER) -> Posix ACL d:u::perm
- SMB_ACL_USER : not trustee -> Posix ACL u:user:perm
- SMB_ACL_USER_OBJ : trustee -> convert to SMB_ACL_USER : trustee
- Posix ACL u:trustee:perm
-
- SMB_ACL_GROUP_OBJ: trustee(CREATOR_GROUP) -> Posix ACL d:g::perm
- SMB_ACL_GROUP : not trustee -> Posix ACL g:group:perm
- SMB_ACL_GROUP_OBJ: trustee -> convert to SMB_ACL_GROUP : trustee
- Posix ACL g:trustee:perm
- */
-
- if (ace->type == SMB_ACL_USER_OBJ &&
- !(dom_sid_equal(&ace->trustee, &global_sid_Creator_Owner))) {
- canon_ace *dup_ace = dup_canon_ace(ace);
-
- if (dup_ace == NULL) {
- return false;
- }
- dup_ace->type = SMB_ACL_USER;
- DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);
- }
-
- if (ace->type == SMB_ACL_GROUP_OBJ &&
- !(dom_sid_equal(&ace->trustee, &global_sid_Creator_Group))) {
- canon_ace *dup_ace = dup_canon_ace(ace);
-
- if (dup_ace == NULL) {
- return false;
- }
- dup_ace->type = SMB_ACL_GROUP;
- DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);
- }
-
- return true;
-}
-
-/****************************************************************************
Unpack a struct security_descriptor into two canonical ace lists.
****************************************************************************/
@@ -1804,6 +1781,7 @@ static bool create_canon_ace_lists(files_struct *fsp,
if ((psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT)) ==
(SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT)) {
+ canon_ace *current_dir_ace = current_ace;
DLIST_ADD_END(dir_ace, current_ace, canon_ace *);
/*
@@ -1832,34 +1810,6 @@ static bool create_canon_ace_lists(files_struct *fsp,
}
/*
- * We have a lossy mapping: directory ACE entries
- * CREATOR_OWNER ------\
- * (map to) +---> SMB_ACL_USER_OBJ
- * owning sid ------/
- *
- * CREATOR_GROUP ------\
- * (map to) +---> SMB_ACL_GROUP_OBJ
- * primary group sid --/
- *
- * on set. And on read of a directory ACL
- *
- * SMB_ACL_USER_OBJ ----> CREATOR_OWNER
- * SMB_ACL_GROUP_OBJ ---> CREATOR_GROUP.
- *
- * Deal with this on set by duplicating
- * owning sid and primary group sid ACE
- * entries into the directory ACL.
- * Fix from Tsukasa Hamano <hamano at osstech.co.jp>.
- */
-
- if (!dup_owning_ace(dir_ace, current_ace)) {
- DEBUG(0,("create_canon_ace_lists: malloc fail !\n"));
- free_canon_ace_list(file_ace);
- free_canon_ace_list(dir_ace);
- return false;
- }
-
- /*
* If this is not an inherit only ACE we need to add a duplicate
* to the file acl.
*/
@@ -1893,6 +1843,43 @@ static bool create_canon_ace_lists(files_struct *fsp,
*/
current_ace = NULL;
}
+
+ /*
+ * current_ace is now either owned by file_ace
+ * or is NULL. We can safely operate on current_dir_ace
+ * to treat mapping for default acl entries differently
+ * than access acl entries.
+ */
+
+ if (current_dir_ace->owner_type == UID_ACE) {
+ /*
+ * We already decided above this is a uid,
+ * for default acls ace's only CREATOR_OWNER
+ * maps to ACL_USER_OBJ. All other uid
+ * ace's are ACL_USER.
+ */
+ if (dom_sid_equal(¤t_dir_ace->trustee,
+ &global_sid_Creator_Owner)) {
+ current_dir_ace->type = SMB_ACL_USER_OBJ;
+ } else {
+ current_dir_ace->type = SMB_ACL_USER;
+ }
+ }
+
+ if (current_dir_ace->owner_type == GID_ACE) {
+ /*
+ * We already decided above this is a gid,
+ * for default acls ace's only CREATOR_GROUP
+ * maps to ACL_GROUP_OBJ. All other uid
+ * ace's are ACL_GROUP.
+ */
+ if (dom_sid_equal(¤t_dir_ace->trustee,
+ &global_sid_Creator_Group)) {
+ current_dir_ace->type = SMB_ACL_GROUP_OBJ;
+ } else {
+ current_dir_ace->type = SMB_ACL_GROUP;
+ }
+ }
}
}
@@ -1954,17 +1941,15 @@ static bool create_canon_ace_lists(files_struct *fsp,
dir_ace = NULL;
} else {
/*
- * Check if we have SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ entries in each
- * ACL. If we don't have them, check if any SMB_ACL_USER/SMB_ACL_GROUP
- * entries can be converted to *_OBJ. Usually we will already have these
- * entries in the Default ACL, and the Access ACL will not have them.
+ * Check if we have SMB_ACL_USER_OBJ and SMB_ACL_GROUP_OBJ entries in
+ * the file ACL. If we don't have them, check if any SMB_ACL_USER/SMB_ACL_GROUP
+ * entries can be converted to *_OBJ. Don't do this for the default
+ * ACL, we will create them separately for this if needed inside
+ * ensure_canon_entry_valid().
*/
if (file_ace) {
check_owning_objs(file_ace, pfile_owner_sid, pfile_grp_sid);
}
- if (dir_ace) {
- check_owning_objs(dir_ace, pfile_owner_sid, pfile_grp_sid);
- }
}
*ppfile_ace = file_ace;
--
Samba Shared Repository
More information about the samba-cvs
mailing list