PATCH (was: Re: An extra 'executable' bit is seen when POSIX
ACL is used by Samba)
Dmitry Butskoy
buc at odusz.so-cdu.ru
Fri Sep 22 13:48:08 GMT 2006
Dmitry Butskoy wrote:
>@@ -3430,6 +3432,12 @@ static int chmod_acl_internals( connecti
> if ((num_entries == 3) || (num_entries == 0))
> return -1;
>
>+ /* set the mask calculated as ACL_MASK entry */
>+ if (map_acl_perms_to_permset(conn, mask, &permset) == -1)
>+ return -1;
>+ if (SMB_VFS_SYS_ACL_SET_PERMSET(conn, mask_entry, permset) == -1)
>+ return -1;
>+
> return 0;
> }
>
>
>
Surely forgotten something :), 'permset' should be obtained from
'mask_entry" first.
Corrected patch attached.
~buc
-------------- next part --------------
diff -Nrbup samba-3.0.23a/source/smbd/posix_acls.c samba-3.0.23a-OK/source/smbd/posix_acls.c
--- samba-3.0.23a/source/smbd/posix_acls.c 2006-07-21 20:22:56.000000000 +0400
+++ samba-3.0.23a-OK/source/smbd/posix_acls.c 2006-09-22 17:43:43.000000000 +0400
@@ -3372,12 +3372,13 @@ int get_acl_group_bits( connection_struc
static int chmod_acl_internals( connection_struct *conn, SMB_ACL_T posix_acl, mode_t mode)
{
int entry_id = SMB_ACL_FIRST_ENTRY;
- SMB_ACL_ENTRY_T entry;
+ SMB_ACL_ENTRY_T entry, mask_entry;
+ mode_t mask = 0;
+ SMB_ACL_PERMSET_T permset;
int num_entries = 0;
while ( SMB_VFS_SYS_ACL_GET_ENTRY(conn, posix_acl, entry_id, &entry) == 1) {
SMB_ACL_TAG_T tagtype;
- SMB_ACL_PERMSET_T permset;
mode_t perms;
/* get_next... */
@@ -3398,15 +3399,16 @@ static int chmod_acl_internals( connecti
break;
case SMB_ACL_GROUP_OBJ:
perms = unix_perms_to_acl_perms(mode, S_IRGRP, S_IWGRP, S_IXGRP);
+ mask |= perms;
+ break;
+ case SMB_ACL_USER:
+ case SMB_ACL_GROUP:
+ mask |= convert_permset_to_mode_t(conn, permset);
break;
case SMB_ACL_MASK:
- /*
- * FIXME: The ACL_MASK entry permissions should really be set to
- * the union of the permissions of all ACL_USER,
- * ACL_GROUP_OBJ, and ACL_GROUP entries. That's what
- * acl_calc_mask() does, but Samba ACLs doesn't provide it.
- */
- perms = S_IRUSR|S_IWUSR|S_IXUSR;
+ /* save it to set the actual mask later */
+ mask_entry = entry;
+ continue;
break;
case SMB_ACL_OTHER:
perms = unix_perms_to_acl_perms(mode, S_IROTH, S_IWOTH, S_IXOTH);
@@ -3430,6 +3432,14 @@ static int chmod_acl_internals( connecti
if ((num_entries == 3) || (num_entries == 0))
return -1;
+ /* set the mask calculated as ACL_MASK entry */
+ if (SMB_VFS_SYS_ACL_GET_PERMSET(conn, mask_entry, &permset) == -1)
+ return -1;
+ if (map_acl_perms_to_permset(conn, mask, &permset) == -1)
+ return -1;
+ if (SMB_VFS_SYS_ACL_SET_PERMSET(conn, mask_entry, permset) == -1)
+ return -1;
+
return 0;
}
More information about the samba-technical
mailing list