setfacl fix

Steve French smfrench at gmail.com
Fri Nov 15 19:53:12 MST 2013 

From: Steve French <smfrench at gmail.com>
Date: Fri, 15 Nov 2013 20:41:32 -0600
Subject: [PATCH] [CIFS] setfacl removes part of ACL when setting POSIX ACLs to
 Samba

setfacl over cifs mounts can remove the default ACL when setting the
(non-default part of) the ACL and vice versa (we were leaving at 0
rather than setting to -1 the count field for the unaffected
half of the ACL.  For example notice the setfacl removed
the default ACL in this sequence:

steven at steven-GA-970A-DS3:~/cifs-2.6$ getfacl /mnt/test-dir ; setfacl
-m default:user:test:rwx,user:test:rwx /mnt/test-dir
getfacl: Removing leading '/' from absolute path names
user::rwx
group::r-x
other::r-x
default:user::rwx
default:user:test:rwx
default:group::r-x
default:mask::rwx
default:other::r-x

steven at steven-GA-970A-DS3:~/cifs-2.6$ getfacl /mnt/test-dir
getfacl: Removing leading '/' from absolute path names
user::rwx
user:test:rwx
group::r-x
mask::rwx
other::r-x

CC: Stable <stable at kernel.org>
Signed-off-by: Steve French <smfrench at gmail.com>
Acked-by: Jeremy Allison <jra at samba.org>
---
 fs/cifs/cifssmb.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 93b2947..124aa02 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -3369,11 +3369,13 @@ static __u16 ACL_to_cifs_posix(char
*parm_data, const char *pACL,
         return 0;
     }
     cifs_acl->version = cpu_to_le16(1);
-    if (acl_type == ACL_TYPE_ACCESS)
+    if (acl_type == ACL_TYPE_ACCESS) {
         cifs_acl->access_entry_count = cpu_to_le16(count);
-    else if (acl_type == ACL_TYPE_DEFAULT)
+        cifs_acl->default_entry_count = __constant_cpu_to_le16(0xFFFF);
+    } else if (acl_type == ACL_TYPE_DEFAULT) {
         cifs_acl->default_entry_count = cpu_to_le16(count);
-    else {
+        cifs_acl->access_entry_count = __constant_cpu_to_le16(0xFFFF);
+    } else {
         cifs_dbg(FYI, "unknown ACL type %d\n", acl_type);
         return 0;
     }
-- 
1.8.3.1


-- 
Thanks,

Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-CIFS-setfacl-removes-part-of-ACL-when-setting-POSIX-.patch
Type: text/x-patch
Size: 1987 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20131115/ef6b48d4/attachment.bin>

More information about the samba-technical mailing list