git.samba.org / obnox / samba / samba-obnox.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8fde2a8)
r6696: Another attempt to fix the (unreproducible for me) bug #2346 (read-only
authorJeremy Allison <jra@samba.org>
Tue, 10 May 2005 04:25:11 +0000 (04:25 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 15:56:52 +0000 (10:56 -0500)
excel files). Ensures that any missing user ACL entry will be generated
from a union of all group permissions that contain the user.
Awaiting feedback from the reporters.
Jeremy.

source/smbd/posix_acls.c patch | blob | history

diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index 1e68900bd3b97f4ccf99d44b91e81bb564bbde6e..b31e97c76f827a2676701e869cdeb59ceb5ccba3 100644 (file)
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -1097,13 +1097,28 @@ static BOOL ensure_canon_entry_valid(canon_ace **pp_ace,
                pace->attr = ALLOW_ACE;
 
                if (setting_acl) {
+                       /* See if the owning user is in any of the other groups in
+                          the ACE. If so, OR in the permissions from that group. */
+
+                       BOOL group_matched = False;
+                       canon_ace *pace_iter;
+
+                       for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
+                               if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
+                                       if (uid_entry_in_group(pace, pace_iter)) {
+                                               pace->perms |= pace_iter->perms;
+                                               group_matched = True;
+                                       }
+                               }
+                       }
+
                        /* If we only got an "everyone" perm, just use that. */
-                       if (!got_grp && got_other)
-                               pace->perms = pace_other->perms;
-                       else if (got_grp && uid_entry_in_group(pace, pace_group))
-                               pace->perms = pace_group->perms;
-                       else
-                               pace->perms = 0;
+                       if (!group_matched) {
+                               if (got_other)
+                                       pace->perms = pace_other->perms;
+                               else
+                                       pace->perms = 0;
+                       }
 
                        apply_default_perms(fsp, pace, S_IRUSR);
                } else {
Michael's Samba GIT