Part 5 of bugfix for bug #7509 - smb_acl_to_posix: ACL is invalid for set (Invalid argument)

Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the
principle of least surprises for the user.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Sep  3 00:16:05 CEST 2011 on sn-devel-104

source3/smbd/posix_acls.c

@@ -1457,12 +1457,29 @@ static bool ensure_canon_entry_valid(connection_struct *conn, canon_ace **pp_ace
 		pace->unix_ug.uid = pst->st_ex_gid;
 		pace->trustee = *pfile_grp_sid;
 		pace->attr = ALLOW_ACE;
+		/* Start with existing permissions, principle of least
+		   surprises for the user. */
+		pace->perms = pst->st_ex_mode;
+
 		if (setting_acl) {
+			/* See if there's a matching group entry.
+			   If so, OR in the permissions from that entry. */
+
+			canon_ace *pace_iter;
+
+			for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
+				if (pace_iter->type == SMB_ACL_GROUP &&
+							pace_iter->unix_ug.gid == pace->unix_ug.gid) {
+					pace->perms |= pace_iter->perms;
+					break;
+				}
+			}
+
 			/* If we only got an "everyone" perm, just use that. */
-			if (got_other)
-				pace->perms = pace_other->perms;
-			else
-				pace->perms = 0;
+			if (pace->perms == 0) {
+				if (got_other)
+					pace->perms = pace_other->perms;
+			}
 			apply_default_perms(params, is_directory, pace, S_IRGRP);
 		} else {
 			pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRGRP, S_IWGRP, S_IXGRP);