Bug 901 - smbcacls ignores a mask value of an ACL format.
smbcacls ignores a mask value of an ACL format.
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.0
All Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-12-18 03:06 UTC by kakuma
Modified: 2005-08-24 10:28 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description kakuma 2003-12-18 03:06:24 UTC
The smbcacls command can specify various access right granted for a mask in
the format of an ACL.
But when I specified, for example, R or W for the mask value using smbcacls,
the smbcacls command always shows FULL for mask value.

example:

# smbcacls //samba-server/xpub /user1-6.txt -U user1%samba
REVISION:1
OWNER:SAMBA1\user1
GROUP:SAMBA1\group1
ACL:SAMBA1\user1:ALLOWED/0/RW
ACL:SAMBA1\group1:ALLOWED/0/RW
ACL:\Everyone:ALLOWED/0/R
# smbcacls //samba-server/xpub /user1-6.txt -U user1%samba -a 'ACL:Domain 
Admins:ALLOWED/0/R'
# smbcacls //samba-server/xpub /user1-6.txt -U user1%samba
REVISION:1
OWNER:SAMBA1\user1
GROUP:SAMBA1\group1
ACL:SAMBA1\user1:ALLOWED/0/RW
ACL:SAMBA1\Domain Admins:ALLOWED/0/FULL
ACL:SAMBA1\group1:ALLOWED/0/RW
ACL:\Everyone:ALLOWED/0/R
#

I think that this occurs because of a code on parse_ace() function,
smbcacls.c is'nt initialize automatic variable atype, aflags and amask.

show the patch.

--- source/utils/smbcacls.c.orig        Tue Sep  9 01:04:36 2003
+++ source/utils/smbcacls.c     Fri Dec  5 14:50:55 2003
@@ -228,7 +228,7 @@
        char *p;
        const char *cp;
        fstring tok;
-       unsigned atype, aflags, amask;
+       unsigned atype = 0, aflags = 0, amask = 0;
        DOM_SID sid;
        SEC_ACCESS mask;
        const struct perm_value *v;
Comment 1 Guenther Deschner 2004-11-24 17:31:53 UTC
This possibly was a samba-server bug. This is fixed now at least with 3.0.9, I
can correctly set RW-permissions. Please reopen if it is still a problem for you.
Comment 2 Gerald (Jerry) Carter 2005-08-24 10:28:13 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.