[PATCH] vfs_acl_xattr|tdb: set create mask to 0777 if ignore_system_acls is set
Uri Simchoni
uri at samba.org
Thu Apr 20 08:42:44 UTC 2017
On 04/19/2017 12:57 PM, Ralph Böhme via samba-technical wrote:
> On Fri, Feb 10, 2017 at 11:31:38AM -0800, Jeremy Allison wrote:
>> On Thu, Feb 09, 2017 at 11:03:21AM -0800, Jeremy Allison wrote:
>>> On Mon, Feb 06, 2017 at 01:19:48PM +0100, Ralph Böhme wrote:
>>>> Hi!
>>>>
>>>> Attached is a patch for bug
>>>> https://bugzilla.samba.org/show_bug.cgi?id=12562
>>>>
>>>> The fix for bug #12181 included a change that should ensure filesystem
>>>> permissions are out of the way when using VFS modules acl_xattr or acl_tdb with
>>>> "acl_xattr:ignore system acls = yes".
>>>>
>>>> At runtime, when the module is loaded, we set "create mask = 0666" which doesn't
>>>> contain executable rights files. This should really by "create mask = 0777"
>>>> instead.
>>>>
>>>> Please review & push if happy. Thanks!
>>>
>>> Hi Ralph,
>>>
>>> Can you explain the customer scenario that instigated
>>> this fix ?
>>>
>>> It's *probably* right, but I think Uri is asking the
>>> right questions about defauling files to 'x' access
>>> and I want to understand the exact failure case before
>>> I OK this :-).
>>
>> Ping Ralph, I'd love to get this sorted asap.
>
> well, the customer scenario is "support *some* legacy scenario", I don't have
> more details. :)
>
> But I have a rewored patch that should work for all of us: it ensures "create
> mask" is *at least* 0666. Customer can set "create mask = 0777" and be happy, we
> keep the default 0666, Uri is happy. :)
>
> Ok?
>
> Cheerio!
> -slow
>
Happy :)
RB+ me. I don't have time right now for push logistics, will push later
if none does.
Thanks,
Uri.
More information about the samba-technical
mailing list