From d3cddc148ef67899859c538b9882406bcbc3856b Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Wed, 6 Sep 2017 16:28:10 +0200 Subject: [PATCH] vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl Commit 99a74ff5e6a9f87ad7a650cb44e0f925f834b3a1 added special handling of SMB_ACE4_SYNCHRONIZE, always setting it in the access_mask when fabricating an ACL. While at the same time removing it from the access_mask when setting an ACL, but this is done direclty in vfs_zfsacl, not it the common code. Forcing SMB_ACE4_SYNCHRONIZE to be always set is only needed on ZFS, the other VFS modules using the common NFSv4 infrastructure should not be made victims of the special ZFS behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7909 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit 4591a91c4aa9e631fb8696ed8f6e53343e773895) --- source3/modules/nfs4_acls.c | 7 ------- source3/modules/vfs_zfsacl.c | 9 +++++++++ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 7488b1c9606..78861f5df62 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -386,13 +386,6 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, ace->aceFlags, win_ace_flags)); mask = ace->aceMask; - /* Windows clients expect SYNC on acls to - correctly allow rename. See bug #7909. */ - /* But not on DENY ace entries. See - bug #8442. */ - if(ace->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { - mask = ace->aceMask | SMB_ACE4_SYNCHRONIZE; - } /* Mapping of owner@ and group@ to creator owner and creator group. Keep old behavior in mode special. */ diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index 76cf5281af7..4cb1b98f01b 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -84,6 +84,15 @@ static NTSTATUS zfs_get_nt_acl_common(TALLOC_CTX *mem_ctx, aceprop.aceMask = (uint32_t) acebuf[i].a_access_mask; aceprop.who.id = (uint32_t) acebuf[i].a_who; + /* + * Windows clients expect SYNC on acls to correctly allow + * rename, cf bug #7909. But not on DENY ace entries, cf bug + * #8442. + */ + if (aceprop.aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { + aceprop.aceMask |= SMB_ACE4_SYNCHRONIZE; + } + if(aceprop.aceFlags & ACE_OWNER) { aceprop.flags = SMB_ACE4_ID_SPECIAL; aceprop.who.special_id = SMB_ACE4_WHO_OWNER; -- 2.13.5