The Samba-Bugzilla – Attachment 4973 Details for
Bug 6892
When a chown operation is issued via Windows Explorer, all ACLS are wiped out
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for 3.5.0 and master
look1 (text/plain), 2.14 KB, created by
Jeremy Allison
on 2009-11-20 19:32:15 UTC
(
hide
)
Description:
Patch for 3.5.0 and master
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2009-11-20 19:32:15 UTC
Size:
2.14 KB
patch
obsolete
>diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c >index a12f105..0bb0bca 100644 >--- a/source3/modules/vfs_acl_common.c >+++ b/source3/modules/vfs_acl_common.c >@@ -617,25 +617,46 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct *handle, files_struct *fsp, > CONST_DISCARD(struct security_descriptor *,psd)); > } > >- /* Ensure owner and group are set. */ >- if (!psd->owner_sid || !psd->group_sid) { >- DOM_SID owner_sid, group_sid; >- struct security_descriptor *nc_psd = dup_sec_desc(talloc_tos(), psd); >+ /* Ensure we have OWNER/GROUP/DACL set. */ >+ >+ if ((security_info_sent & (OWNER_SECURITY_INFORMATION| >+ GROUP_SECURITY_INFORMATION| >+ DACL_SECURITY_INFORMATION)) != >+ (OWNER_SECURITY_INFORMATION| >+ GROUP_SECURITY_INFORMATION| >+ DACL_SECURITY_INFORMATION)) { >+ /* No we don't - read from the existing SD. */ >+ struct security_descriptor *nc_psd = NULL; >+ >+ status = get_nt_acl_internal(handle, fsp, >+ NULL, >+ (OWNER_SECURITY_INFORMATION| >+ GROUP_SECURITY_INFORMATION| >+ DACL_SECURITY_INFORMATION), >+ &nc_psd); > >- if (!nc_psd) { >- return NT_STATUS_OK; >- } >- status = vfs_stat_fsp(fsp); > if (!NT_STATUS_IS_OK(status)) { >- /* Lower level acl set succeeded, >- * so still return OK. */ >- return NT_STATUS_OK; >+ return status; > } >- create_file_sids(&fsp->fsp_name->st, &owner_sid, &group_sid); >+ > /* This is safe as nc_psd is discarded at fn exit. */ >- nc_psd->owner_sid = &owner_sid; >- nc_psd->group_sid = &group_sid; >- security_info_sent |= (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION); >+ if (security_info_sent & OWNER_SECURITY_INFORMATION) { >+ nc_psd->owner_sid = psd->owner_sid; >+ } >+ security_info_sent |= OWNER_SECURITY_INFORMATION; >+ >+ if (security_info_sent & GROUP_SECURITY_INFORMATION) { >+ nc_psd->group_sid = psd->group_sid; >+ } >+ security_info_sent |= GROUP_SECURITY_INFORMATION; >+ >+ if (security_info_sent & DACL_SECURITY_INFORMATION) { >+ nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl); >+ if (nc_psd->dacl == NULL) { >+ return NT_STATUS_NO_MEMORY; >+ } >+ } >+ security_info_sent |= DACL_SECURITY_INFORMATION; > psd = nc_psd; > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=4973">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 6892
: 4973