smbd:posix_acls Remove incorrectly added lp_create_mask() and lp_dir_mask() calls

When 6adc7dad96b8c7366da042f0d93b28c1ecb092eb removed the calls to
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode
these calls were replaced with lp_create_mask() and lp_dir_mask()

The issue is that while lp_security_mask() and lp_dir_security_mask defaulted to
0777, the replacement calls did not.  This changes behaviour, and incorrectly
prevents a posix mode being specified by the client from being applied to
the disk in the non-ACL enabled case.

Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit fc496ef323c908a6b621198d9dc8076f6857385e)

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index bbc1eedb0cf10920ee76088211058b52d0f6d799..3ff34fc4eb3522e854d5dd2aa0b575b0d01aa4c3 100644 (file)
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3083,14 +3083,11 @@ SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl)
 
 static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file_ace_list, mode_t *posix_perms)
 {
-       int snum = SNUM(fsp->conn);
        size_t ace_count = count_canon_ace_list(file_ace_list);
        canon_ace *ace_p;
        canon_ace *owner_ace = NULL;
        canon_ace *group_ace = NULL;
        canon_ace *other_ace = NULL;
-       mode_t and_bits;
-       mode_t or_bits;
 
        if (ace_count != 3) {
                DEBUG(3,("convert_canon_ace_to_posix_perms: Too many ACE "
@@ -3130,20 +3127,6 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
        if (fsp->is_directory)
                *posix_perms |= (S_IWUSR|S_IXUSR);
 
-       /* If requested apply the masks. */
-
-       /* Get the initial bits to apply. */
-
-       if (fsp->is_directory) {
-               and_bits = lp_dir_mask(snum);
-               or_bits = lp_force_dir_mode(snum);
-       } else {
-               and_bits = lp_create_mask(snum);
-               or_bits = lp_force_create_mode(snum);
-       }
-
-       *posix_perms = (((*posix_perms) & and_bits)|or_bits);
-
        DEBUG(10,("convert_canon_ace_to_posix_perms: converted u=%o,g=%o,w=%o "
                  "to perm=0%o for file %s.\n", (int)owner_ace->perms,
                  (int)group_ace->perms, (int)other_ace->perms,