[PATCH] Fix for XDR Backend of NFS4ACL_XATTR module to get it working with NFS4.0 ACL Spec
Ralph Böhme
slow at samba.org
Mon Nov 26 19:12:50 UTC 2018
On Mon, Nov 26, 2018 at 04:05:13PM +0100, Ralph Böhme via samba-technical wrote:
>On Mon, Nov 26, 2018 at 12:40:14PM +0000, Sandeep Nashikkar via samba-technical wrote:
>>What if we split such ACE into two? We add 2 NFS4 ACEs in
>>smbacl4_win2nfs4 if we determine that the SID maps to both uid and
>>gid in call to smbacl4_fill_ace4? Only one ACE will have
>>SMB_ACE4_IDENTIFIER_GROUP bit set in aceFlags. Will that work in
>>other environments you are talking about? I tested the fix for basic
>>cases and it worked for domain user access case.
>
>the ID_TYPE_BOTH still lets my head explode, not sure if I get the
>semantics right, but afaict what would be needed would be code similar
>to what we have in create_canon_ace_lists() to POSIX ACLs. That is,
>call sids_to_unixids(), not sid_to_uid() and friends and work from
>there.
cf commit 5b1c42228b8badbc7e7a4446c33f590bd1257f1f
-slow
--
Ralph Boehme, Samba Team https://samba.org/
Samba Developer, SerNet GmbH https://sernet.de/en/samba/
GPG-Fingerprint FAE2C6088A24252051C559E4AA1E9B7126399E46
More information about the samba-technical
mailing list