[SCM] Samba Shared Repository - branch v4-1-test updated

Karolin Seeger kseeger at samba.org
Mon Sep 23 11:20:07 CEST 2013 

The branch, v4-1-test has been updated
       via  7f066b2 Fix bug 10162 - POSIX ACL mapping failing when setting DENY ACE's from Windows.
       via  9343c99 docs: point out side-effects of global "valid users" setting.
      from  78240de VERSION: Set version to 4.1.0rc4.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test


- Log -----------------------------------------------------------------
commit 7f066b216695eb720a4799ed10b849fede05bd5b
Author: Daniel Liberman <danielvl at gmail.com>
Date:   Thu Sep 19 20:28:33 2013 -0300

    Fix bug 10162 - POSIX ACL mapping failing when setting DENY ACE's from Windows.
    
    Fix for ACL problem - not accepting DENY. Code was checking for pointer and not for content.
    
    Reviewed-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    
    Autobuild-User(master): Michael Adam <obnox at samba.org>
    Autobuild-Date(master): Sat Sep 21 05:24:07 CEST 2013 on sn-devel-104
    (cherry picked from commit e24fcf0f3e1b5b19d97a13786b09f069393b06d8)
    
    Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-1-test): Mon Sep 23 11:19:50 CEST 2013 on sn-devel-104

commit 9343c99a48cc35b122b5dc1d58fd25f4ea2ea9a4
Author: Günther Deschner <gd at samba.org>
Date:   Tue Sep 17 12:47:58 2013 +0200

    docs: point out side-effects of global "valid users" setting.
    
    Guenther
    
    Signed-off-by: Günther Deschner <gd at samba.org>
    
    Fix bug #10147 - Better document potential implications of a globally used
    "valid users".

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/smbdotconf/security/validusers.xml |   10 ++++++++++
 source3/smbd/posix_acls.c                   |    2 +-
 2 files changed, 11 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/smbdotconf/security/validusers.xml b/docs-xml/smbdotconf/security/validusers.xml
index 313739d..ec3e11e 100644
--- a/docs-xml/smbdotconf/security/validusers.xml
+++ b/docs-xml/smbdotconf/security/validusers.xml
@@ -19,6 +19,16 @@
     The current servicename is substituted for <parameter moreinfo="none">%S</parameter>. 
     This is useful in the [homes] section.
     </para>
+
+    <para><emphasis>Note: </emphasis>When used in the [global] section this
+    parameter may have unwanted side effects. For example: If samba is configured as a MASTER BROWSER (see
+    <parameter moreinfo="none">local master</parameter>,
+    <parameter moreinfo="none">os level</parameter>,
+    <parameter moreinfo="none">domain master</parameter>,
+    <parameter moreinfo="none">preferred master</parameter>) this option
+    will prevent workstations from being able to browse the network.
+    </para>
+
 </description>
 
 <related>invalid users</related>
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 3b9be9d..ad1431d 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -1808,7 +1808,7 @@ static bool add_current_ace_to_acl(files_struct *fsp, struct security_ace *psa,
 		if (current_ace->attr == ALLOW_ACE)
 			*got_file_allow = True;
 
-		if ((current_ace->attr == DENY_ACE) && got_file_allow) {
+		if ((current_ace->attr == DENY_ACE) && *got_file_allow) {
 			DEBUG(0,("add_current_ace_to_acl: malformed "
 				 "ACL in file ACL ! Deny entry after "
 				 "Allow entry. Failing to set on file "


-- 
Samba Shared Repository

More information about the samba-cvs mailing list