mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
Revert "vfs_acl_xattr: objects without NT ACL xattr"
This reverts commit 961c4b591b
.
Subsequent commits will add the same functionality as an optional
feature.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12177
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
parent
faa3bef690
commit
590b80490c
@ -379,10 +379,12 @@ static NTSTATUS make_default_filesystem_acl(TALLOC_CTX *ctx,
|
|||||||
gid_to_sid(&group_sid, psbuf->st_ex_gid);
|
gid_to_sid(&group_sid, psbuf->st_ex_gid);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We provide 2 ACEs:
|
We provide up to 4 ACEs
|
||||||
* - Owner
|
- Owner
|
||||||
* - NT System
|
- Group
|
||||||
*/
|
- Everyone
|
||||||
|
- NT System
|
||||||
|
*/
|
||||||
|
|
||||||
if (mode & S_IRUSR) {
|
if (mode & S_IRUSR) {
|
||||||
if (mode & S_IWUSR) {
|
if (mode & S_IWUSR) {
|
||||||
@ -402,6 +404,39 @@ static NTSTATUS make_default_filesystem_acl(TALLOC_CTX *ctx,
|
|||||||
0);
|
0);
|
||||||
idx++;
|
idx++;
|
||||||
|
|
||||||
|
access_mask = 0;
|
||||||
|
if (mode & S_IRGRP) {
|
||||||
|
access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
|
||||||
|
}
|
||||||
|
if (mode & S_IWGRP) {
|
||||||
|
/* note that delete is not granted - this matches posix behaviour */
|
||||||
|
access_mask |= SEC_RIGHTS_FILE_WRITE;
|
||||||
|
}
|
||||||
|
if (access_mask) {
|
||||||
|
init_sec_ace(&aces[idx],
|
||||||
|
&group_sid,
|
||||||
|
SEC_ACE_TYPE_ACCESS_ALLOWED,
|
||||||
|
access_mask,
|
||||||
|
0);
|
||||||
|
idx++;
|
||||||
|
}
|
||||||
|
|
||||||
|
access_mask = 0;
|
||||||
|
if (mode & S_IROTH) {
|
||||||
|
access_mask |= SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE;
|
||||||
|
}
|
||||||
|
if (mode & S_IWOTH) {
|
||||||
|
access_mask |= SEC_RIGHTS_FILE_WRITE;
|
||||||
|
}
|
||||||
|
if (access_mask) {
|
||||||
|
init_sec_ace(&aces[idx],
|
||||||
|
&global_sid_World,
|
||||||
|
SEC_ACE_TYPE_ACCESS_ALLOWED,
|
||||||
|
access_mask,
|
||||||
|
0);
|
||||||
|
idx++;
|
||||||
|
}
|
||||||
|
|
||||||
init_sec_ace(&aces[idx],
|
init_sec_ace(&aces[idx],
|
||||||
&global_sid_System,
|
&global_sid_System,
|
||||||
SEC_ACE_TYPE_ACCESS_ALLOWED,
|
SEC_ACE_TYPE_ACCESS_ALLOWED,
|
||||||
|
Loading…
Reference in New Issue
Block a user