diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 8d172e1..53bfaa1 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -2547,24 +2547,22 @@ static bool current_user_in_group(gid_t gid) ****************************************************************************/ static bool acl_group_override(connection_struct *conn, - gid_t prim_gid, + SMB_STRUCT_STAT *psbuf, const char *fname) { - SMB_STRUCT_STAT sbuf; - if ((errno != EPERM) && (errno != EACCES)) { return false; } /* file primary group == user primary or supplementary group */ if (lp_acl_group_control(SNUM(conn)) && - current_user_in_group(prim_gid)) { + current_user_in_group(psbuf->st_gid)) { return true; } /* user has writeable permission */ if (lp_dos_filemode(SNUM(conn)) && - can_write_to_file(conn, fname, &sbuf)) { + can_write_to_file(conn, fname, psbuf)) { return true; } @@ -2575,7 +2573,7 @@ static bool acl_group_override(connection_struct *conn, Attempt to apply an ACL to a file or directory. ****************************************************************************/ -static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, gid_t prim_gid, bool *pacl_set_support) +static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool default_ace, SMB_STRUCT_STAT *psbuf, bool *pacl_set_support) { connection_struct *conn = fsp->conn; bool ret = False; @@ -2754,7 +2752,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau *pacl_set_support = False; } - if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { + if (acl_group_override(conn, psbuf, fsp->fsp_name)) { int sret; DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n", @@ -2785,7 +2783,7 @@ static bool set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, bool defau *pacl_set_support = False; } - if (acl_group_override(conn, prim_gid, fsp->fsp_name)) { + if (acl_group_override(conn, psbuf, fsp->fsp_name)) { int sret; DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n", @@ -3785,7 +3783,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC if (set_acl_as_root) { become_root(); } - ret = set_canon_ace_list(fsp, file_ace_list, False, sbuf.st_gid, &acl_set_support); + ret = set_canon_ace_list(fsp, file_ace_list, False, &sbuf, &acl_set_support); if (set_acl_as_root) { unbecome_root(); } @@ -3802,7 +3800,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC if (set_acl_as_root) { become_root(); } - ret = set_canon_ace_list(fsp, dir_ace_list, True, sbuf.st_gid, &acl_set_support); + ret = set_canon_ace_list(fsp, dir_ace_list, True, &sbuf, &acl_set_support); if (set_acl_as_root) { unbecome_root(); } @@ -3827,7 +3825,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC unbecome_root(); } if (sret == -1) { - if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { + if (acl_group_override(conn, &sbuf, fsp->fsp_name)) { DEBUG(5,("set_nt_acl: acl group control on and " "current user in file %s primary group. Override delete_def_acl\n", fsp->fsp_name )); @@ -3889,7 +3887,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC unbecome_root(); } if(sret == -1) { - if (acl_group_override(conn, sbuf.st_gid, fsp->fsp_name)) { + if (acl_group_override(conn, &sbuf, fsp->fsp_name)) { DEBUG(5,("set_nt_acl: acl group control on and " "current user in file %s primary group. Override chmod\n", fsp->fsp_name ));