sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code

pysmbd: fix use of sysacl API

Browse Source 
Fix pysmbd to use the sysacl (POSIX ACL support) as intended, and
not assume too much about the inner structure and implementation
of the permissions in the sysacl API.

This will allow the inner structure to change in a following commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13176

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d6f5ee6707fa5404e2bef6fc81ae06b393ebd8ff)
This commit is contained in:
Uri Simchoni 2017-12-05 20:49:03 +02:00 committed by Karolin Seeger
parent f502340923
commit e64528a915
1 changed files with 38 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
source3/smbd/pysmbd.c
View File

@ -224,6 +224,39 @@ static NTSTATUS get_nt_acl_conn(TALLOC_CTX *mem_ctx,
return status;
}
static int set_acl_entry_perms(SMB_ACL_ENTRY_T entry, mode_t perm_mask)
{
SMB_ACL_PERMSET_T perms = NULL;
if (sys_acl_get_permset(entry, &perms) != 0) {
return -1;
}
if (sys_acl_clear_perms(perms) != 0) {
return -1;
}
if ((perm_mask & SMB_ACL_READ) != 0 &&
sys_acl_add_perm(perms, SMB_ACL_READ) != 0) {
return -1;
}
if ((perm_mask & SMB_ACL_WRITE) != 0 &&
sys_acl_add_perm(perms, SMB_ACL_WRITE) != 0) {
return -1;
}
if ((perm_mask & SMB_ACL_EXECUTE) != 0 &&
sys_acl_add_perm(perms, SMB_ACL_EXECUTE) != 0) {
return -1;
}
if (sys_acl_set_permset(entry, perms) != 0) {
return -1;
}
return 0;
}
static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
{
@ -251,7 +284,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
return NULL;
}
if (sys_acl_set_permset(entry, &mode_user) != 0) {
if (set_acl_entry_perms(entry, mode_user) != 0) {
TALLOC_FREE(frame);
return NULL;
}
@ -266,7 +299,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
return NULL;
}
if (sys_acl_set_permset(entry, &mode_group) != 0) {
if (set_acl_entry_perms(entry, mode_group) != 0) {
TALLOC_FREE(frame);
return NULL;
}
@ -281,7 +314,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
return NULL;
}
if (sys_acl_set_permset(entry, &mode_other) != 0) {
if (set_acl_entry_perms(entry, mode_other) != 0) {
TALLOC_FREE(frame);
return NULL;
}
@ -302,7 +335,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
return NULL;
}
if (sys_acl_set_permset(entry, &mode_group) != 0) {
if (set_acl_entry_perms(entry, mode_group) != 0) {
TALLOC_FREE(frame);
return NULL;
}
@ -318,7 +351,7 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode)
return NULL;
}
if (sys_acl_set_permset(entry, &mode) != 0) {
if (set_acl_entry_perms(entry, mode) != 0) {
TALLOC_FREE(frame);
return NULL;
}