nfs4_acls.c: prefer capabilities over become_root

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 44c4718d3e4e40345789d80d5a650ec4f948a873..cc9233da87d5d5a2bf235e2be0de954e78176ea9 100644 (file)
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -1201,12 +1201,12 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp,
        smbacl4_dump_nfs4acl(10, theacl);
 
        if (set_acl_as_root) {
-               become_root();
+               set_effective_capability(DAC_OVERRIDE_CAPABILITY);
        }
        result = set_nfs4_native(handle, fsp, theacl);
        saved_errno = errno;
        if (set_acl_as_root) {
-               unbecome_root();
+               drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
        }
 
        TALLOC_FREE(frame);