smbcacls: Do not read old ACL for 'set' operation

author Christof Schmitt <cs@samba.org>

Fri, 29 Apr 2016 22:12:38 +0000 (15:12 -0700)

committer Jeremy Allison <jra@samba.org>

Fri, 29 Apr 2016 23:01:42 +0000 (01:01 +0200)
author Christof Schmitt <cs@samba.org>
Fri, 29 Apr 2016 22:12:38 +0000 (15:12 -0700)
committer Jeremy Allison <jra@samba.org>
Fri, 29 Apr 2016 23:01:42 +0000 (01:01 +0200)
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c

index d50219cf74a29d643f7f545aca4abc69d0e1c19f..5cb707d2d7d7c581fe24f5d48d95ea9074adb9c5 100644 (file)
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -505,10 +505,16 @@ static int cacl_set(struct cli_state *cli, const char *filename,
         if (!sd) return EXIT_PARSE_ERROR;
         if (test_args) return EXIT_OK;
  
-       old = get_secdesc(cli, filename);
-
-       if (!old) {
-               return EXIT_FAILED;
+       if (mode != SMB_ACL_SET) {
+               /*
+                * Do not fetch old ACL when it will be overwritten
+                * completely with a new one.
+                */
+               old = get_secdesc(cli, filename);
+
+               if (!old) {
+                       return EXIT_FAILED;
+               }
         }
  
         /* the logic here is rather more complex than I would like */
author	Christof Schmitt <cs@samba.org>
	Fri, 29 Apr 2016 22:12:38 +0000 (15:12 -0700)
committer	Jeremy Allison <jra@samba.org>
	Fri, 29 Apr 2016 23:01:42 +0000 (01:01 +0200)