Attachment 4932 Details for Bug 6878 – Patch for 3.4.3

[patch] Patch for 3.4.3

samba-3.4.3-inheritflag_problem.patch (text/plain), 3.08 KB, created by Tsukasa HAMANO on 2009-11-08 22:31:56 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Tsukasa HAMANO

Created: 2009-11-08 22:31:56 UTC

Size: 3.08 KB

patch

obsolete

>diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
>index 766c7b0..f2efa3e 100644
>--- a/source3/smbd/posix_acls.c
>+++ b/source3/smbd/posix_acls.c
>@@ -946,10 +946,21 @@ static void merge_aces( canon_ace **pp_list_head )
> 				}
> 
> 				/* Merge two allow or two deny ACE's. */
>+				if (curr_ace_outer->type == SMB_ACL_USER_OBJ ||
>+					curr_ace_outer->type == SMB_ACL_GROUP_OBJ) {
>+					curr_ace_outer->perms = curr_ace->perms;
>+				}else if(curr_ace->type == SMB_ACL_USER_OBJ ||
>+						 curr_ace->type == SMB_ACL_GROUP_OBJ) {
>+					curr_ace->perms = curr_ace_outer->perms;
>+				}else{
>+					/* merge permission(original code) */
>+					curr_ace_outer->perms |= curr_ace->perms;
>+				}
>+				if (curr_ace->type == curr_ace_outer->type) {
>+					DLIST_REMOVE(l_head, curr_ace);
>+					SAFE_FREE(curr_ace);
>+				}
> 
>-				curr_ace_outer->perms |= curr_ace->perms;
>-				DLIST_REMOVE(l_head, curr_ace);
>-				SAFE_FREE(curr_ace);
> 				curr_ace_outer_next = curr_ace_outer->next; /* We may have deleted the link. */
> 			}
> 		}
>@@ -1500,6 +1511,36 @@ static void check_owning_objs(canon_ace *ace, DOM_SID *pfile_owner_sid, DOM_SID
> 		DEBUG(10,("check_owning_objs: ACL is missing an owning group entry.\n"));
> }
> 
>+static void dup_creatorown_ace(canon_ace *dir_ace, canon_ace *ace)
>+{
>+	/* dir ace must be followings.
>+	   SMB_ACL_USER_OBJ : trustee(CREATOR_OWNER) -> Posix ACL d:u::perm
>+	   SMB_ACL_USER     : not trustee    -> Posix ACL u:user:perm
>+	   SMB_ACL_USER_OBJ : trustee -> convert to SMB_ACL_USER : trustee
>+	   Posix ACL u:trustee:perm
>+
>+	   SMB_ACL_GROUP_OBJ: trustee(CREATOR_GROUP) -> Posix ACL d:g::perm
>+	   SMB_ACL_GROUP    : not trustee   -> Posix ACL g:group:perm
>+	   SMB_ACL_GROUP_OBJ: trustee -> convert to SMB_ACL_GROUP : trustee
>+	   Posix ACL g:trustee:perm
>+	*/
>+
>+	if (ace->type == SMB_ACL_USER_OBJ &&
>+		!(sid_equal(&ace->trustee, &global_sid_Creator_Owner))) {
>+		canon_ace *dup_ace = dup_canon_ace(ace);
>+		dup_ace->type = SMB_ACL_USER;
>+		DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);
>+	}
>+
>+	if (ace->type == SMB_ACL_GROUP_OBJ &&
>+		!(sid_equal(&ace->trustee, &global_sid_Creator_Group))) {
>+		canon_ace *dup_ace = dup_canon_ace(ace);
>+		dup_ace->type = SMB_ACL_GROUP;
>+		DLIST_ADD_END(dir_ace, dup_ace, canon_ace *);
>+	}
>+}
>+
>+
> /****************************************************************************
>  Unpack a SEC_DESC into two canonical ace lists.
> ****************************************************************************/
>@@ -1754,12 +1795,22 @@ Deny entry after Allow entry. Failing to set on file %s.\n", fsp->fsp_name ));
> 						return False;
> 					}
> 
>+					/* duplicate ace of
>+					   SMB_ACL_USER_OBJ and
>+					   SMB_ACL_GROUP_OBJ */
>+					dup_creatorown_ace(dir_ace, current_ace);
>+
> 					/*
> 					 * We must not free current_ace here as its
> 					 * pointer is now owned by the dir_ace list.
> 					 */
> 					current_ace = dup_ace;
> 				} else {
>+					/* duplicate ace of
>+					   SMB_ACL_USER_OBJ and
>+					   SMB_ACL_GROUP_OBJ */
>+					dup_creatorown_ace(dir_ace, current_ace);
>+
> 					/*
> 					 * We must not free current_ace here as its
> 					 * pointer is now owned by the dir_ace list.

Actions: View

Attachments on bug 6878: 4932 | 4951