[SCM] Samba Shared Repository - branch v4-0-test updated
Karolin Seeger
kseeger at samba.org
Fri Dec 7 03:27:08 MST 2012
The branch, v4-0-test has been updated
via 1cd24d5 build: Install .po files for SWAT intl support
via e2db48e Documentation fixes for bug #9462 - Users can not be given write permissions any more by default
via d007f60 s3:smbd: don't apply create/directory mask and modes in apply_default_perms()
via 9e48899 Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs.
via 373b3a5 s3:smbd: Fix typo in got_duplicate_group check
via 26b2d2b Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - makes the logic clearer.
via 8b41f78 Revert "Fix bug 9376 - ensure_canon_entry_valid generates duplicate SMB_ACL_GROUP, acl_valid fails."
via b35add2 Revert "Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs."
from 9339c45 Fix bug #9460 - Samba 3.6.x and Master respond incorrectly to FILE_STREAM_INFO requests.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 1cd24d51b1ad9b0a4ac7def0981a3aa582a7ca8f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Dec 5 12:52:22 2012 +1100
build: Install .po files for SWAT intl support
(cherry picked from commit 171c63c3c45743f215ad360f928d9506951ddcd8)
Fix bug #9415 - SWAT *.msg files not installed with waf.
Autobuild-User(v4-0-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-0-test): Fri Dec 7 11:26:47 CET 2012 on sn-devel-104
commit e2db48e3c11da2bd653982e055b404fde8f5b174
Author: Jeremy Allison <jra at samba.org>
Date: Tue Dec 4 15:47:06 2012 -0800
Documentation fixes for bug #9462 - Users can not be given write permissions any more by default
Ensure we don't apply the masks + force modes on security setting
changes, only on create.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
(cherry picked from commit 1ff1597e1feb45fd54b0d8dc6d8eabc7ace9073a)
The last 7 patches address bug #9462 - Users can not be given write permissions
any more by default.
commit d007f60d10f46c4dd9cc94e177267c718d931198
Author: Michael Adam <obnox at samba.org>
Date: Wed Dec 5 15:04:01 2012 +0100
s3:smbd: don't apply create/directory mask and modes in apply_default_perms()
The mask/mode parameters should only apply to a situation with only
pure posix permissions.
Once we are dealing with ACLs and inheritance, we need to do it correctly.
This fixes bug #9462: Users can not be given write permissions any more by default
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2013bb9b4dbed747921df2591068e2765428f57d)
commit 9e4889928b495625c8f2c6141a4875ccca8ad9b4
Author: Jeremy Allison <jra at samba.org>
Date: Tue Nov 13 11:22:15 2012 -0800
Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs.
Not caught by make test as it's an extreme edge case for strange
incoming ACLs. I only found this as I'm making raw.acls and smb2.acls
pass against 3.6.x and 4.0.0 with acl_xattr mapped onto a POSIX backend.
An incoming inheritable ACE entry containing only one permission,
WRITE_DATA maps into a POSIX owner perm of "-w-", which violates
the principle that the owner of a file/directory can always read.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Michael Adam <obnox at samba.org>
Autobuild-Date(master): Thu Nov 15 19:52:52 CET 2012 on sn-devel-104
(cherry picked from commit cf1540b73714fac6b25de5942cbd821e5f4f6ffc)
commit 373b3a5d6cbee5d64c8b0abd374bb82a403ec8f4
Author: Arvid Requate <requate at univention.de>
Date: Sat Nov 10 10:40:32 2012 +0100
s3:smbd: Fix typo in got_duplicate_group check
Reviewed by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Nov 10 20:25:48 CET 2012 on sn-devel-104
(cherry picked from commit c06d602d7f3b8d3da972071a1b5392c6b145133f)
commit 26b2d2b29063b2b7f1368fb3710c255780f3e3ba
Author: Jeremy Allison <jra at samba.org>
Date: Fri Oct 5 15:48:07 2012 -0700
Modify ensure_canon_entry_valid() into ensure_canon_entry_valid_on_set() - makes the logic clearer.
(cherry picked from commit 47ebc8fbc93ee1eb9640d9ca30275fcfc3b50026)
commit 8b41f780e8cce9dd2b19c23489037f5db6b0c504
Author: Michael Adam <obnox at samba.org>
Date: Thu Dec 6 10:38:40 2012 +0100
Revert "Fix bug 9376 - ensure_canon_entry_valid generates duplicate SMB_ACL_GROUP, acl_valid fails."
This reverts commit e122c7d24b10119c9ea4d65e0099ff1690394457.
The patch will be picked again from master in the proper order
to reduce the need for conflict resolution.
Signed-off-by: Michael Adam <obnox at samba.org>
commit b35add2e069fe07e29b8dbd41358b7d9284271b9
Author: Michael Adam <obnox at samba.org>
Date: Thu Dec 6 10:38:11 2012 +0100
Revert "Another fix needed for bug #9236 - ACL masks incorrectly applied when setting ACLs."
This reverts commit ce8beb781f7456e53262bd331ab3fbb8a100356b.
The patch will be picked again from master in the proper order
to reduce the need for conflict resolution.
Signed-off-by: Michael Adam <obnox at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/security/createmask.xml | 5 -
docs-xml/smbdotconf/security/directorymask.xml | 5 -
.../smbdotconf/security/directorysecuritymask.xml | 4 +-
docs-xml/smbdotconf/security/forcecreatemode.xml | 6 -
.../smbdotconf/security/forcedirectorymode.xml | 6 -
.../security/forcedirectorysecuritymode.xml | 5 +-
docs-xml/smbdotconf/security/forcesecuritymode.xml | 5 +-
docs-xml/smbdotconf/security/securitymask.xml | 4 +-
source3/smbd/posix_acls.c | 370 ++++++++------------
source3/wscript_build | 3 +
10 files changed, 151 insertions(+), 262 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/security/createmask.xml b/docs-xml/smbdotconf/security/createmask.xml
index 59e208d..5df0718 100644
--- a/docs-xml/smbdotconf/security/createmask.xml
+++ b/docs-xml/smbdotconf/security/createmask.xml
@@ -26,11 +26,6 @@
This parameter does not affect directory masks. See the parameter <smbconfoption name="directory mask"/>
for details.
</para>
-
- <para>
- New in Samba 4.0.0. This mask is applied whenever permissions are changed on a file. To allow clients full control
- over permission changes it should be set to 0777.
- </para>
</description>
<related>force create mode</related>
diff --git a/docs-xml/smbdotconf/security/directorymask.xml b/docs-xml/smbdotconf/security/directorymask.xml
index 2ebfc16..b17625c 100644
--- a/docs-xml/smbdotconf/security/directorymask.xml
+++ b/docs-xml/smbdotconf/security/directorymask.xml
@@ -23,11 +23,6 @@
<para>Following this Samba will bit-wise 'OR' the UNIX mode
created from this parameter with the value of the <smbconfoption name="force directory mode"/> parameter.
This parameter is set to 000 by default (i.e. no extra mode bits are added).</para>
-
- <para>
- New in Samba 4.0.0. This mask is applied whenever permissions are changed on a directory. To allow clients full control
- over permission changes it should be set to 0777.
- </para>
</description>
<related>force directory mode</related>
diff --git a/docs-xml/smbdotconf/security/directorysecuritymask.xml b/docs-xml/smbdotconf/security/directorysecuritymask.xml
index c5c8c65..ad208f4 100644
--- a/docs-xml/smbdotconf/security/directorysecuritymask.xml
+++ b/docs-xml/smbdotconf/security/directorysecuritymask.xml
@@ -5,9 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter has been removed for Samba 4.0.0. The parameter
- <smbconfoption name="directory mask"/> is now used instead to mask
- any permission bit changes on directories.
+ This parameter has been removed for Samba 4.0.0.
</para>
</description>
diff --git a/docs-xml/smbdotconf/security/forcecreatemode.xml b/docs-xml/smbdotconf/security/forcecreatemode.xml
index 5a57a29..a3f1c2c 100644
--- a/docs-xml/smbdotconf/security/forcecreatemode.xml
+++ b/docs-xml/smbdotconf/security/forcecreatemode.xml
@@ -10,12 +10,6 @@
mode after the mask set in the <parameter moreinfo="none">create mask</parameter>
parameter is applied.</para>
- <para>
- New in Samba 4.0.0. This mode is also 'OR'ed into the mode bits whenever
- permissions are changed on a file, not just when the file is created.
- This replaces the now removed <parameter moreinfo="none">force security mode</parameter>.
- </para>
-
<para>The example below would force all newly created files to have read and execute
permissions set for 'group' and 'other' as well as the
read/write/execute bits set for the 'user'.</para>
diff --git a/docs-xml/smbdotconf/security/forcedirectorymode.xml b/docs-xml/smbdotconf/security/forcedirectorymode.xml
index e5b37ea..7effc0e 100644
--- a/docs-xml/smbdotconf/security/forcedirectorymode.xml
+++ b/docs-xml/smbdotconf/security/forcedirectorymode.xml
@@ -12,12 +12,6 @@
mask in the parameter <parameter moreinfo="none">directory mask</parameter> is
applied.</para>
- <para>
- New in Samba 4.0.0. This mode is also 'OR'ed into the mode bits whenever
- permissions are changed on a directory, not just when the file is created.
- This replaces the now removed <parameter moreinfo="none">force directory security mode</parameter>.
- </para>
-
<para>The example below would force all created directories to have read and execute
permissions set for 'group' and 'other' as well as the
read/write/execute bits set for the 'user'.</para>
diff --git a/docs-xml/smbdotconf/security/forcedirectorysecuritymode.xml b/docs-xml/smbdotconf/security/forcedirectorysecuritymode.xml
index 3ea3b5c..a45395d 100644
--- a/docs-xml/smbdotconf/security/forcedirectorysecuritymode.xml
+++ b/docs-xml/smbdotconf/security/forcedirectorysecuritymode.xml
@@ -5,10 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter has been removed for Samba 4.0.0. The parameter
- <smbconfoption name="force directory mode"/> is now used instead to
- force any permission changes on directories to include specific UNIX
- permission bits.
+ This parameter has been removed for Samba 4.0.0.
</para>
</description>
</samba:parameter>
diff --git a/docs-xml/smbdotconf/security/forcesecuritymode.xml b/docs-xml/smbdotconf/security/forcesecuritymode.xml
index 2568bcc..5a9479e 100644
--- a/docs-xml/smbdotconf/security/forcesecuritymode.xml
+++ b/docs-xml/smbdotconf/security/forcesecuritymode.xml
@@ -5,10 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter has been removed for Samba 4.0.0. The parameter
- <smbconfoption name="force create mode"/> is now used instead to
- force any permission changes on files to include specific UNIX
- permission bits.
+ This parameter has been removed for Samba 4.0.0.
</para>
</description>
</samba:parameter>
diff --git a/docs-xml/smbdotconf/security/securitymask.xml b/docs-xml/smbdotconf/security/securitymask.xml
index cb7fcfa..e535d32 100644
--- a/docs-xml/smbdotconf/security/securitymask.xml
+++ b/docs-xml/smbdotconf/security/securitymask.xml
@@ -5,9 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
- This parameter has been removed for Samba 4.0.0. The parameter
- <smbconfoption name="create mask"/> is now used instead to mask
- any permission bit changes on files.
+ This parameter has been removed for Samba 4.0.0.
</para>
</description>
</samba:parameter>
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 4e93fef..bbc1eed 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1235,48 +1235,19 @@ NTSTATUS unpack_nt_owners(struct connection_struct *conn,
return NT_STATUS_OK;
}
-/****************************************************************************
- Ensure the enforced permissions for this share apply.
-****************************************************************************/
-static void apply_default_perms(const struct share_params *params,
- const bool is_directory, canon_ace *pace,
- mode_t type)
+static void trim_ace_perms(canon_ace *pace)
{
- mode_t and_bits = (mode_t)0;
- mode_t or_bits = (mode_t)0;
-
- /* Get the initial bits to apply. */
+ pace->perms = pace->perms & (S_IXUSR|S_IWUSR|S_IRUSR);
+}
+static void ensure_minimal_owner_ace_perms(const bool is_directory,
+ canon_ace *pace)
+{
+ pace->perms |= S_IRUSR;
if (is_directory) {
- and_bits = lp_dir_mask(params->service);
- or_bits = lp_force_dir_mode(params->service);
- } else {
- and_bits = lp_create_mask(params->service);
- or_bits = lp_force_create_mode(params->service);
+ pace->perms |= (S_IWUSR|S_IXUSR);
}
-
- /* Now bounce them into the S_USR space. */
- switch(type) {
- case S_IRUSR:
- /* Ensure owner has read access. */
- pace->perms |= S_IRUSR;
- if (is_directory)
- pace->perms |= (S_IWUSR|S_IXUSR);
- and_bits = unix_perms_to_acl_perms(and_bits, S_IRUSR, S_IWUSR, S_IXUSR);
- or_bits = unix_perms_to_acl_perms(or_bits, S_IRUSR, S_IWUSR, S_IXUSR);
- break;
- case S_IRGRP:
- and_bits = unix_perms_to_acl_perms(and_bits, S_IRGRP, S_IWGRP, S_IXGRP);
- or_bits = unix_perms_to_acl_perms(or_bits, S_IRGRP, S_IWGRP, S_IXGRP);
- break;
- case S_IROTH:
- and_bits = unix_perms_to_acl_perms(and_bits, S_IROTH, S_IWOTH, S_IXOTH);
- or_bits = unix_perms_to_acl_perms(or_bits, S_IROTH, S_IWOTH, S_IXOTH);
- break;
- }
-
- pace->perms = ((pace->perms & and_bits)|or_bits);
}
/****************************************************************************
@@ -1404,80 +1375,48 @@ static bool ensure_canon_entry_valid_on_get(connection_struct *conn,
}
/****************************************************************************
- A well formed POSIX file or default ACL has at least 3 entries, a
+ A well formed POSIX file or default ACL has at least 3 entries, a
SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, SMB_ACL_OTHER_OBJ.
In addition, the owner must always have at least read access.
- When using this call on get_acl, the pst struct is valid and contains
- the mode of the file. When using this call on set_acl, the pst struct has
+ When using this call on set_acl, the pst struct has
been modified to have a mode containing the default for this file or directory
type.
****************************************************************************/
-static bool ensure_canon_entry_valid(connection_struct *conn,
+static bool ensure_canon_entry_valid_on_set(connection_struct *conn,
canon_ace **pp_ace,
bool is_default_acl,
const struct share_params *params,
const bool is_directory,
const struct dom_sid *pfile_owner_sid,
const struct dom_sid *pfile_grp_sid,
- const SMB_STRUCT_STAT *pst,
- bool setting_acl)
+ const SMB_STRUCT_STAT *pst)
{
canon_ace *pace;
canon_ace *pace_user = NULL;
canon_ace *pace_group = NULL;
canon_ace *pace_other = NULL;
+ bool got_duplicate_user = false;
+ bool got_duplicate_group = false;
for (pace = *pp_ace; pace; pace = pace->next) {
+ trim_ace_perms(pace);
if (pace->type == SMB_ACL_USER_OBJ) {
-
- if (setting_acl) {
- /*
- * Ensure we have default parameters for the
- * user (owner) even on default ACLs.
- */
- apply_default_perms(params, is_directory, pace, S_IRUSR);
- }
+ ensure_minimal_owner_ace_perms(is_directory, pace);
pace_user = pace;
-
} else if (pace->type == SMB_ACL_GROUP_OBJ) {
-
- /*
- * Ensure create mask/force create mode is respected on set.
- */
-
- if (setting_acl && !is_default_acl) {
- apply_default_perms(params, is_directory, pace, S_IRGRP);
- }
pace_group = pace;
-
} else if (pace->type == SMB_ACL_OTHER) {
-
- /*
- * Ensure create mask/force create mode is respected on set.
- */
-
- if (setting_acl && !is_default_acl) {
- apply_default_perms(params, is_directory, pace, S_IROTH);
- }
pace_other = pace;
-
- } else if (pace->type == SMB_ACL_USER || pace->type == SMB_ACL_GROUP) {
-
- /*
- * Ensure create mask/force create mode is respected on set.
- */
-
- if (setting_acl && !is_default_acl) {
- apply_default_perms(params, is_directory, pace, S_IRGRP);
- }
}
}
if (!pace_user) {
+ canon_ace *pace_iter;
+
if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
- DEBUG(0,("ensure_canon_entry_valid: malloc fail.\n"));
- return False;
+ DEBUG(0,("talloc fail.\n"));
+ return false;
}
ZERO_STRUCTP(pace);
@@ -1491,50 +1430,45 @@ static bool ensure_canon_entry_valid(connection_struct *conn,
surprises for the user. */
pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRUSR, S_IWUSR, S_IXUSR);
- if (setting_acl) {
- /* See if the owning user is in any of the other groups in
- the ACE, or if there's a matching user entry (by uid
- or in the case of ID_TYPE_BOTH by SID).
- If so, OR in the permissions from that entry. */
+ /* See if the owning user is in any of the other groups in
+ the ACE, or if there's a matching user entry (by uid
+ or in the case of ID_TYPE_BOTH by SID).
+ If so, OR in the permissions from that entry. */
- canon_ace *pace_iter;
- for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
- if (pace_iter->type == SMB_ACL_USER &&
- pace_iter->unix_ug.id == pace->unix_ug.id) {
+ for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
+ if (pace_iter->type == SMB_ACL_USER &&
+ pace_iter->unix_ug.id == pace->unix_ug.id) {
+ pace->perms |= pace_iter->perms;
+ } else if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
+ if (dom_sid_equal(&pace->trustee, &pace_iter->trustee)) {
+ pace->perms |= pace_iter->perms;
+ } else if (uid_entry_in_group(conn, pace, pace_iter)) {
pace->perms |= pace_iter->perms;
- } else if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
- if (dom_sid_equal(&pace->trustee, &pace_iter->trustee)) {
- pace->perms |= pace_iter->perms;
- } else if (uid_entry_in_group(conn, pace, pace_iter)) {
- pace->perms |= pace_iter->perms;
- }
}
}
+ }
- if (pace->perms == 0) {
- /* If we only got an "everyone" perm, just use that. */
- if (pace_other)
- pace->perms = pace_other->perms;
- }
-
- /*
- * Ensure we have default parameters for the
- * user (owner) even on default ACLs.
- */
- apply_default_perms(params, is_directory, pace, S_IRUSR);
- } else {
- pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRUSR, S_IWUSR, S_IXUSR);
+ if (pace->perms == 0) {
+ /* If we only got an "everyone" perm, just use that. */
+ if (pace_other)
+ pace->perms = pace_other->perms;
}
+ /*
+ * Ensure we have default parameters for the
+ * user (owner) even on default ACLs.
+ */
+ ensure_minimal_owner_ace_perms(is_directory, pace);
+
DLIST_ADD(*pp_ace, pace);
pace_user = pace;
}
if (!pace_group) {
if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
- DEBUG(0,("ensure_canon_entry_valid: malloc fail.\n"));
- return False;
+ DEBUG(0,("talloc fail.\n"));
+ return false;
}
ZERO_STRUCTP(pace);
@@ -1544,17 +1478,12 @@ static bool ensure_canon_entry_valid(connection_struct *conn,
pace->unix_ug.id = pst->st_ex_gid;
pace->trustee = *pfile_grp_sid;
pace->attr = ALLOW_ACE;
- if (setting_acl) {
- /* If we only got an "everyone" perm, just use that. */
- if (pace_other)
- pace->perms = pace_other->perms;
- else
- pace->perms = 0;
- if (!is_default_acl) {
- apply_default_perms(params, is_directory, pace, S_IRGRP);
- }
+
+ /* If we only got an "everyone" perm, just use that. */
+ if (pace_other) {
+ pace->perms = pace_other->perms;
} else {
- pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRGRP, S_IWGRP, S_IXGRP);
+ pace->perms = 0;
}
DLIST_ADD(*pp_ace, pace);
@@ -1563,8 +1492,8 @@ static bool ensure_canon_entry_valid(connection_struct *conn,
if (!pace_other) {
if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
- DEBUG(0,("ensure_canon_entry_valid: malloc fail.\n"));
- return False;
+ DEBUG(0,("talloc fail.\n"));
+ return false;
}
ZERO_STRUCTP(pace);
@@ -1574,126 +1503,115 @@ static bool ensure_canon_entry_valid(connection_struct *conn,
pace->unix_ug.id = -1;
pace->trustee = global_sid_World;
pace->attr = ALLOW_ACE;
- if (setting_acl) {
- pace->perms = 0;
- if (!is_default_acl) {
- apply_default_perms(params, is_directory, pace, S_IROTH);
- }
- } else
- pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IROTH, S_IWOTH, S_IXOTH);
+ pace->perms = 0;
DLIST_ADD(*pp_ace, pace);
pace_other = pace;
}
- if (setting_acl) {
- /* Ensure when setting a POSIX ACL, that the uid for a
- SMB_ACL_USER_OBJ ACE (the owner ACE entry) has a duplicate
- permission entry as an SMB_ACL_USER, and a gid for a
- SMB_ACL_GROUP_OBJ ACE (the primary group ACE entry) also has
- a duplicate permission entry as an SMB_ACL_GROUP. If not,
- then if the ownership or group ownership of this file or
- directory gets changed, the user or group can lose their
- access. */
- bool got_duplicate_user = false;
- bool got_duplicate_group = false;
-
- for (pace = *pp_ace; pace; pace = pace->next) {
- if (pace->type == SMB_ACL_USER &&
- pace->unix_ug.id == pace_user->unix_ug.id) {
- /* Already got one. */
- got_duplicate_user = true;
- } else if (pace->type == SMB_ACL_GROUP &&
- pace->unix_ug.id == pace_group->unix_ug.id) {
- /* Already got one. */
- got_duplicate_group = true;
- } else if ((pace->type == SMB_ACL_GROUP)
- && (dom_sid_equal(&pace->trustee, &pace_user->trustee))) {
- /* If the SID owning the file appears
- * in a group entry, then we have
- * enough duplication, they will still
- * have access */
- got_duplicate_user = true;
- }
- }
-
- /* If the SID is equal for the user and group that we need
- to add the duplicate for, add only the group */
- if (!got_duplicate_user && !got_duplicate_group
- && dom_sid_equal(&pace_group->trustee,
- &pace_user->trustee)) {
- /* Add a duplicate SMB_ACL_GROUP entry, this
- * will cover the owning SID as well, as it
- * will always be mapped to both a uid and
- * gid. */
-
- if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
- DEBUG(0,("ensure_canon_entry_valid: talloc fail.\n"));
- return false;
- }
+ /* Ensure when setting a POSIX ACL, that the uid for a
+ SMB_ACL_USER_OBJ ACE (the owner ACE entry) has a duplicate
+ permission entry as an SMB_ACL_USER, and a gid for a
+ SMB_ACL_GROUP_OBJ ACE (the primary group ACE entry) also has
+ a duplicate permission entry as an SMB_ACL_GROUP. If not,
+ then if the ownership or group ownership of this file or
+ directory gets changed, the user or group can lose their
+ access. */
- ZERO_STRUCTP(pace);
- pace->type = SMB_ACL_GROUP;;
- pace->owner_type = GID_ACE;
- pace->unix_ug.type = ID_TYPE_GID;
- pace->unix_ug.id = pace_group->unix_ug.id;
- pace->trustee = pace_group->trustee;
- pace->attr = pace_group->attr;
- pace->perms = pace_group->perms;
-
- DLIST_ADD(*pp_ace, pace);
-
- /* We're done here, make sure the
- statements below are not executed. */
+ for (pace = *pp_ace; pace; pace = pace->next) {
+ if (pace->type == SMB_ACL_USER &&
+ pace->unix_ug.id == pace_user->unix_ug.id) {
+ /* Already got one. */
got_duplicate_user = true;
+ } else if (pace->type == SMB_ACL_GROUP &&
+ pace->unix_ug.id == pace_group->unix_ug.id) {
+ /* Already got one. */
got_duplicate_group = true;
+ } else if ((pace->type == SMB_ACL_GROUP)
+ && (dom_sid_equal(&pace->trustee, &pace_user->trustee))) {
+ /* If the SID owning the file appears
+ * in a group entry, then we have
+ * enough duplication, they will still
+ * have access */
+ got_duplicate_user = true;
}
+ }
- if (!got_duplicate_user) {
- /* Add a duplicate SMB_ACL_USER entry. */
- if ((pace = talloc(talloc_tos(), canon_ace)) == NULL) {
- DEBUG(0,("ensure_canon_entry_valid: talloc fail.\n"));
- return false;
--
Samba Shared Repository
More information about the samba-cvs
mailing list