Bug 10072 - If an Allow permission proceeds a Deny permission on a folder then Posix ACLs are not set correctly
If an Allow permission proceeds a Deny permission on a folder then Posix ACLs...
Status: NEEDINFO
Product: Samba 3.6
Classification: Unclassified
Component: File services
3.6.16
All Windows 7
: P5 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-07 14:53 UTC by Joe Mann
Modified: 2014-08-05 20:42 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Joe Mann 2013-08-07 14:53:09 UTC
If a folder that has inherited deny permissions from its parent is given allow permissions, the following error is seen in the samba logs:
create_canon_ace_lists: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file <FILE>

This is easily reproducible by creating a folder, setting deny permissions for a specific user, creating another folder inside the previous one and setting allow permissions for the same user. Windows will throw a warning but will allow it, samba should be able to handle this condition.
Comment 1 Joe Mann 2013-08-07 15:04:10 UTC
This is seen when using vfc_acl_xattr.
Comment 2 Jeremy Allison 2014-08-05 20:42:03 UTC
Argh. Comment for #10489 should have been added here:

More info needed. A wireshark capture showing the ACL sent by the client would
help I think.

Jeremy.