Bug 14587 - vfs_zfsacl doesn't set inherited flag on hidden "magic" everyone@ ACE
Summary: vfs_zfsacl doesn't set inherited flag on hidden "magic" everyone@ ACE
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: VFS Modules (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-11-30 11:55 UTC by Ralph Böhme
Modified: 2021-01-14 08:34 UTC (History)
1 user (show)

See Also:


Attachments
Patch for 4.12 and 4.13 cherry-picked from master (2.36 KB, patch)
2020-12-08 17:25 UTC, Ralph Böhme
jra: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ralph Böhme 2020-11-30 11:55:10 UTC
Looks like the fixes for bug #14470 have an issue: when a Windows client modifies an ACL of a directory that has a special magic everyone@:

         everyone@:--------------:fd----I:allow

the new ACL shows the ACE as

         everyone@:--------------:fd-----:allow

iow the "I" (inherited) flag is missing.

Looking at the code it is clear that this is a problem in the changes done as part of bug #14470:


        if (must_add_empty_ace) {
                acebuf[i].a_type = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
                acebuf[i].a_flags = SMB_ACE4_DIRECTORY_INHERIT_ACE |
                           SMB_ACE4_FILE_INHERIT_ACE | ACE_EVERYONE;
                acebuf[i].a_access_mask = 0;
                i++;
        }

This misses to add the ACE_INHERITED_ACE flag.

Have patch, need bugnumber.
Comment 1 Samba QA Contact 2020-12-01 20:30:24 UTC
This bug was referenced in samba master:

a8457ac3c80e22588e33a343c2306b702734ca88
936f74daed0d6221312f651f35c4ed357bbf1414
Comment 2 Ralph Böhme 2020-12-08 17:25:32 UTC
Created attachment 16364 [details]
Patch for 4.12 and 4.13 cherry-picked from master
Comment 3 Jeremy Allison 2020-12-08 20:24:39 UTC
Re-assigning to Karolin for inclusion in 4.13.next, 4.12.next.
Comment 4 Karolin Seeger 2020-12-09 07:53:14 UTC
(In reply to Jeremy Allison from comment #3)
Pushed to autobuild-v4-{13,12}-test.
Comment 5 Samba QA Contact 2020-12-09 08:57:13 UTC
This bug was referenced in samba v4-13-test:

67d42392a31781296936f7de74a4622874586084
670c33fe9cbfe033feb785bf82e0540b1d95d762
Comment 6 Samba QA Contact 2020-12-09 11:46:20 UTC
This bug was referenced in samba v4-12-test:

eaa736faf676fac706d841d41be4b5c9c0732a31
86d4448396b9cb715e5dd9cb3d34eb0e5f0d5a76
Comment 7 Karolin Seeger 2020-12-09 13:16:35 UTC
Pushed to both branches.
Closing out bug report.

Thanks!
Comment 8 Samba QA Contact 2020-12-16 12:22:34 UTC
This bug was referenced in samba v4-13-stable (Release samba-4.13.3):

67d42392a31781296936f7de74a4622874586084
670c33fe9cbfe033feb785bf82e0540b1d95d762
Comment 9 Samba QA Contact 2021-01-14 08:34:43 UTC
This bug was referenced in samba v4-12-stable (Release samba-4.12.11):

eaa736faf676fac706d841d41be4b5c9c0732a31
86d4448396b9cb715e5dd9cb3d34eb0e5f0d5a76