2025-01-11 05:18:09 +03:00 · 2012-11-18 18:57:03 +01:00 · 2012-11-18 18:57:03 +01:00 · 990448b499
commit 990448b499
parent fa676769e0
4 changed files with 2 additions and 13 deletions
--- a/selftest/knownfail
+++ b/selftest/knownfail
@ -133,7 +133,6 @@
 ^samba4.smb2.acls.*.generic
 ^samba4.smb2.acls.*.inheritflags
 ^samba4.smb2.acls.*.owner
-^samba4.ldap.acl.*.ntSecurityDescriptor.* # ACL extended checks on search not enabled by default
 ^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
 #^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.*
 ^samba4.drs.fsmo.python
@ -158,13 +157,6 @@
 ^samba4.smb2.oplock.stream1 # samba 4 oplocks are a mess
 ^samba4.smb2.getinfo.getinfo # streams on directories does not work
 ^samba4.ntvfs.cifs.krb5.base.createx_access.createx_access\(.*\)$
-^samba4.ldap.acl.*.AclSearchTests.test_search_anonymous3\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search1\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search2\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search3\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search4\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search5\(.*\)$  # ACL search behaviour not enabled by default
-^samba4.ldap.acl.*.AclSearchTests.test_search6\(.*\)$  # ACL search behaviour not enabled by default
 ^samba4.rpc.lsa.forest.trust #Not fully provided by Samba4
 ^samba4.blackbox.kinit\(.*\).kinit with user password for expired password\(.*\) # We need to work out why this fails only during the pw change
 ^samba4.blackbox.dbcheck\(vampire_dc\).dbcheck\(vampire_dc:local\) # Due to replicating with --domain-critical-only we fail dbcheck on this database
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@ -559,11 +559,8 @@ sub provision_raw_step1($$)
 		warn("can't open $ctx->{smb_conf}$?");
 		return undef;
 	}
-	my $acl = "false";
-	$acl = "true" if (defined $ENV{WITH_ACL});
 	print CONFFILE "
 [global]
-	acl:search = $acl
 	netbios name = $ctx->{netbiosname}
 	posix:eadb = $ctx->{statedir}/eadb.tdb
 	workgroup = $ctx->{domain}
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@ -101,7 +101,7 @@ static int acl_module_init(struct ldb_module *module)
 	}

 	data->acl_search = lpcfg_parm_bool(ldb_get_opaque(ldb, "loadparm"),
-					NULL, "acl", "search", false);
+					NULL, "acl", "search", true);
 	ldb_module_set_private(module, data);

 	mem_ctx = talloc_new(module);
--- a/source4/dsdb/samdb/ldb_modules/acl_read.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_read.c
@ -397,7 +397,7 @@ static int aclread_init(struct ldb_module *module)
 	if (p == NULL) {
 		return ldb_module_oom(module);
 	}
-	p->enabled = lpcfg_parm_bool(ldb_get_opaque(ldb, "loadparm"), NULL, "acl", "search", false);
+	p->enabled = lpcfg_parm_bool(ldb_get_opaque(ldb, "loadparm"), NULL, "acl", "search", true);
 	ldb_module_set_private(module, p);
 	return ldb_next_init(module);
 }