The branch, v3-5-test has been updated
via db4fd2b... Fix bug 6892 - When a chown operation is issued via
Windows Explorer, all ACLS are wiped out. Merges existing DACLs when a ACL set
operation comes in with only owner or group values set. Jeremy. (cherry picked
from commit 7ed6f9f0960885366800b1ca2ce9558414b62d54)
from 6a13107... Fix crash due to uninitialized pointer (not a problem in
3.4.x or below). Jeremy. (cherry picked from commit
947c47f2819ff30d3c69bfbeb4b1932467b36cce)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit db4fd2b1d351be42978c48c2f5cfc61ee50ecebc
Author: Jeremy Allison <j...@samba.org>
Date: Wed Nov 25 10:20:38 2009 -0800
Fix bug 6892 - When a chown operation is issued via Windows Explorer, all
ACLS are wiped out.
Merges existing DACLs when a ACL set operation comes in with only owner or
group values set.
Jeremy.
(cherry picked from commit 7ed6f9f0960885366800b1ca2ce9558414b62d54)
-----------------------------------------------------------------------
Summary of changes:
source3/modules/vfs_acl_common.c | 51 ++++++++++++++++++++++++++-----------
1 files changed, 36 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index a12f105..0bb0bca 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -617,25 +617,46 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
CONST_DISCARD(struct security_descriptor *,psd));
}
- /* Ensure owner and group are set. */
- if (!psd->owner_sid || !psd->group_sid) {
- DOM_SID owner_sid, group_sid;
- struct security_descriptor *nc_psd = dup_sec_desc(talloc_tos(),
psd);
+ /* Ensure we have OWNER/GROUP/DACL set. */
+
+ if ((security_info_sent & (OWNER_SECURITY_INFORMATION|
+ GROUP_SECURITY_INFORMATION|
+ DACL_SECURITY_INFORMATION)) !=
+ (OWNER_SECURITY_INFORMATION|
+ GROUP_SECURITY_INFORMATION|
+ DACL_SECURITY_INFORMATION)) {
+ /* No we don't - read from the existing SD. */
+ struct security_descriptor *nc_psd = NULL;
+
+ status = get_nt_acl_internal(handle, fsp,
+ NULL,
+ (OWNER_SECURITY_INFORMATION|
+ GROUP_SECURITY_INFORMATION|
+ DACL_SECURITY_INFORMATION),
+ &nc_psd);
- if (!nc_psd) {
- return NT_STATUS_OK;
- }
- status = vfs_stat_fsp(fsp);
if (!NT_STATUS_IS_OK(status)) {
- /* Lower level acl set succeeded,
- * so still return OK. */
- return NT_STATUS_OK;
+ return status;
}
- create_file_sids(&fsp->fsp_name->st, &owner_sid, &group_sid);
+
/* This is safe as nc_psd is discarded at fn exit. */
- nc_psd->owner_sid = &owner_sid;
- nc_psd->group_sid = &group_sid;
- security_info_sent |=
(OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION);
+ if (security_info_sent & OWNER_SECURITY_INFORMATION) {
+ nc_psd->owner_sid = psd->owner_sid;
+ }
+ security_info_sent |= OWNER_SECURITY_INFORMATION;
+
+ if (security_info_sent & GROUP_SECURITY_INFORMATION) {
+ nc_psd->group_sid = psd->group_sid;
+ }
+ security_info_sent |= GROUP_SECURITY_INFORMATION;
+
+ if (security_info_sent & DACL_SECURITY_INFORMATION) {
+ nc_psd->dacl = dup_sec_acl(talloc_tos(), psd->dacl);
+ if (nc_psd->dacl == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
+ security_info_sent |= DACL_SECURITY_INFORMATION;
psd = nc_psd;
}
--
Samba Shared Repository
