[PATCH] smbcacls: Do not read old ACL for 'set' operation

Christof Schmitt cs at samba.org
Fri Apr 29 22:43:06 UTC 2016


From 50a324498a0d9637087a7ab101bfd66b1e45a980 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Fri, 29 Apr 2016 15:12:38 -0700
Subject: [PATCH] smbcacls: Do not read old ACL for 'set' operation

Signed-off-by: Christof Schmitt <cs at samba.org>
---
 source3/utils/smbcacls.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index d50219c..5cb707d 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -505,10 +505,16 @@ static int cacl_set(struct cli_state *cli, const char *filename,
 	if (!sd) return EXIT_PARSE_ERROR;
 	if (test_args) return EXIT_OK;
 
-	old = get_secdesc(cli, filename);
-
-	if (!old) {
-		return EXIT_FAILED;
+	if (mode != SMB_ACL_SET) {
+		/*
+		 * Do not fetch old ACL when it will be overwritten
+		 * completely with a new one.
+		 */
+		old = get_secdesc(cli, filename);
+
+		if (!old) {
+			return EXIT_FAILED;
+		}
 	}
 
 	/* the logic here is rather more complex than I would like */
-- 
1.8.3.1



More information about the samba-technical mailing list