Behaviour mismatch between "store dos attributes" and "map archive" from man smb.conf(5)
Jeremy Allison
jra at samba.org
Mon May 18 18:59:03 UTC 2020
On Mon, May 18, 2020 at 05:47:00PM +0530, Anoop C S wrote:
>
> Seems like we have two different mapping methods.
>
> When vfs_acl_xattr is used along with 'ignore system acls' we have
> special kind of treatment as follows inside make_default_acl_posix():
>
> if (mode & S_IRUSR) {
> if (mode & S_IWUSR) {
> access_mask |= SEC_RIGHTS_FILE_ALL;
> } else {
> access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
> }
> }
> if (mode & S_IWUSR) {
> access_mask |= SEC_RIGHTS_FILE_WRITE | SEC_STD_DELETE;
> }
>
> This might be the reason why smb2.read.position is always passing with
> vfs_acl_xattr + "ignore system acls = yes".
Yes, "ignore system acls = yes" special cases a lot of stuff.
> Here comes the default mapping method, invoked all the way from
> smbd_check_access_rights() we have the following in
> map_canon_ace_perms():
>
> if (directory_ace) {
> nt_mask |= ((perms & S_IRUSR) ? UNIX_DIRECTORY_ACCESS_R : 0 );
> nt_mask |= ((perms & S_IWUSR) ? UNIX_DIRECTORY_ACCESS_W : 0 );
> nt_mask |= ((perms & S_IXUSR) ? UNIX_DIRECTORY_ACCESS_X : 0 );
> } else {
> nt_mask |= ((perms & S_IRUSR) ? UNIX_ACCESS_R : 0 );
> nt_mask |= ((perms & S_IWUSR) ? UNIX_ACCESS_W : 0 );
> nt_mask |= ((perms & S_IXUSR) ? UNIX_ACCESS_X : 0 );
> }
>
> Thus an existing file created without 'x' bit will end up with a
> access_mask without SEC_FILE_EXECUTE.
An access_mask in the reported Windows ACL, yes.
> Difference in behaviour is because of different mapping methods
> resulting in different access_mask when used with and without
> vfs_acl_xattr. Why is it so? Why shouldn't vfs_acl_xattr just deal with
> setting "security.NTACL" with a value obtained out of a common mapping
> method?
It's probably so due to historical reasons.
Can you write up a comprehensive "how I think this
should behave" and then we can discuss, make changes ?
Thanks,
Jeremy.
More information about the samba-technical
mailing list