Fix bug #5873 - ACL inheritance cannot be broken. This regresses #4308, but that...

be fixed another way.
Jeremy.

diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index b4f8ad585217578c29f67a48003a9ad048186cf0..09165e7d7b9bb4aa256a707a8ca86dc3227f5bfd 100644 (file)
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -3221,6 +3221,9 @@ int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid)
        return ret;
 }
 
+#if 0
+/* Disable this - prevents ACL inheritance from the ACL editor. JRA. */
+
 /****************************************************************************
  Take care of parent ACL inheritance.
 ****************************************************************************/
@@ -3413,6 +3416,7 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
        *pp_new_sd = psd;
        return status;
 }
+#endif
 
 /****************************************************************************
  Reply to set a security descriptor on an fsp. security_info_sent is the
@@ -3525,6 +3529,9 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
 
        create_file_sids(&sbuf, &file_owner_sid, &file_grp_sid);
 
+#if 0
+       /* Disable this - prevents ACL inheritance from the ACL editor. JRA. */
+
        /* See here: http://www.codeproject.com/KB/winsdk/accessctrl2.aspx
         * for details and also the log trace in bug #4308. JRA.
         */
@@ -3540,6 +3547,7 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
                        return status;
                }
        }
+#endif
 
        acl_perms = unpack_canon_ace( fsp, &sbuf, &file_owner_sid, &file_grp_sid,
                                        &file_ace_list, &dir_ace_list, security_info_sent, psd);