s3: Add a zfsacl:denymissingspecial parameter

[samba.git] / source3 / modules / vfs_zfsacl.c

diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
index 312160c0267e62489aae61ac81c16b708d253989..a3de30e8085a3c65d50c7320472ebd9bf54810ab 100644 (file)
--- a/source3/modules/vfs_zfsacl.c
+++ b/source3/modules/vfs_zfsacl.c
@@ -106,6 +106,7 @@ static bool zfs_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
        ace_t *acebuf;
        SMB4ACE_T *smbace;
        TALLOC_CTX      *mem_ctx;
+       bool have_special_id = false;
 
        /* allocate the field of ZFS aces */
        mem_ctx = talloc_tos();
@@ -140,8 +141,17 @@ static bool zfs_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
                                        aceprop->who.special_id));
                                continue; /* don't add it !!! */
                        }
+                       have_special_id = true;
                }
        }
+
+       if (!have_special_id
+           && lp_parm_bool(fsp->conn->params->service, "zfsacl",
+                           "denymissingspecial", false)) {
+               errno = EACCES;
+               return false;
+       }
+
        SMB_ASSERT(i == naces);
 
        /* store acl */