[PATCH] vfs_acl_xattr: avoid setting POSIX acls if "ignore system acls" is set

Partha Sarathi parthasarathi.bl at gmail.com
Tue Mar 22 23:34:25 UTC 2016

A Minor comment, the debug statements in the new
routines(set_underlying_acl, store_v3_blob)  still refers the
"fset_nt_acl_common" function name as below,

+	DEBUG(10, ("fset_nt_acl_common: overriding chown


On Tue, Mar 22, 2016 at 1:19 AM, Uri Simchoni <uri at samba.org> wrote:

> Hi,
> Attached patch avoids setting the POSIX ACLs to match the NT ACLs, if
> "ignore system acls" is set.
> I believe this new behavior is more consistent with the vfs_acl_xattr man
> page. It also has the following benefits:
> - Avoid unnecessary sid->xid translations
> - Better compatibility with Windows, since by default Windows does not
> enforce existence of "traverse folder" right on parent folders, and
> modifying POSIX ACLs on parent folders could cause the kernel to deny
> access (dunno how RichACLs would handle this one :( ).
> Passes local make test.
> Please review,
> Uri.

Thanks & Regards

More information about the samba-technical mailing list