Fix bug #5873 - ACL inheritance cannot be broken. This regresses #4308, but that...

be fixed another way.
Jeremy.

diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index 2242405d413f378acd23c9184de4a50e0353738d..33cba6aeb7ef5f2ec25222d97c3d3340e33a58f6 100644 (file)
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -3119,6 +3119,9 @@ int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid)
        return ret;
 }
 
+#if 0
+/* Disable this - prevents ACL inheritance from the ACL editor. JRA. */
+
 /****************************************************************************
  Take care of parent ACL inheritance.
 ****************************************************************************/
@@ -3313,6 +3316,7 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
        *pp_new_sd = psd;
        return status;
 }
+#endif
 
 /****************************************************************************
  Reply to set a security descriptor on an fsp. security_info_sent is the
@@ -3426,6 +3430,9 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
 
        create_file_sids(&sbuf, &file_owner_sid, &file_grp_sid);
 
+#if 0
+       /* Disable this - prevents ACL inheritance from the ACL editor. JRA. */
+
        /* See here: http://www.codeproject.com/KB/winsdk/accessctrl2.aspx
         * for details and also the log trace in bug #4308. JRA.
        */
@@ -3441,6 +3448,7 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
                        return False;
                }
        }
+#endif
 
        acl_perms = unpack_canon_ace( fsp, &sbuf, &file_owner_sid, &file_grp_sid,
                                        &file_ace_list, &dir_ace_list, security_info_sent, psd);