[PATCHSET] Fix regression for a directory dropbox (dir with perm -wx).

[Jeremy Allison]

On Wed, Dec 04, 2013 at 12:11:01PM +0100, Andreas Schneider wrote:
> On Tuesday 03 December 2013 13:49:15 Jeremy Allison wrote:
> > On Tue, Dec 03, 2013 at 01:20:15PM +0100, Andreas Schneider wrote:
> > > Hi Jeremy,
> > > 
> > > with Samba 4.0 we introduced a regression. We are not able to write to a
> > > dropbox (directory with permission -wx, 0733). I've debugged the code and
> > > discussed it with Volker. We came up with the attached patches. We need
> > > your input to this code, please review and comment!
> > 
> > Ok, here is the modified version of the patch.
> > 
> > The key change to the previous version is that we
> > now ignore ACCESS_DENIED returned from a filename_convert()
> > call in any of the SMB_VFS_CREATE_FILE() paths, allowing
> > the real underlying open call to catch any access
> > denieds that should be returned here.
> > 
> > Removing a 'r' permission on a directory should
> > only prohibit the reading of the filenames inside
> > a directory, not any other activity (such as
> > creating or opening files) - creating a file
> > is controlled by the 'w' bit on the directory,
> > and opening a file is controlled by the ACL
> > on the underlying file itself.
> > 
> > So the core of the patch is changing UCF_CREATING_FILE
> > to UCF_OPENING_FILE, and ensuring this is passed
> > into filename_convert() on any path that leads
> > to a SMB_VFS_CREATE_FILE() call.
> > 
> > This patch passes make test for me, and also the
> > hand crafted tests I've done with smbclient over
> > SMB1 and SMB2/3.
> 
> It looks good for me. I've tested it with smbclient from 3.6 and master.
> 
> Volker, what do you think?

Ping ! Volker, are you OK with this changeset ?

Jeremy.