diff options
| author | Jeremy Allison <jra@samba.org> | 2018-03-15 09:57:09 -0700 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2018-03-22 22:03:26 +0100 |
| commit | 389341799c676cf8ee8a8416c4ee4212307d7796 (patch) | |
| tree | cd8e78ea333078f971f1d0d46a0cb189daa73d49 /source3/modules | |
| parent | 85553b7e6f5516108de61ba606f9b8267d14d540 (diff) | |
| download | samba-389341799c676cf8ee8a8416c4ee4212307d7796.tar.gz | |
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 875ff2575feb96d06cf2290e5b6a226b32ef9758)
Diffstat (limited to 'source3/modules')
| -rw-r--r-- | source3/modules/vfs_fruit.c | 35 |
1 files changed, 7 insertions, 28 deletions
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index b2ff8f434b5..c05ce7ed0c8 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -5704,7 +5704,6 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle, struct security_ace ace; struct dom_sid sid; struct fruit_config_data *config; - bool remove_ok = false; SMB_VFS_HANDLE_GET_DATA(handle, config, struct fruit_config_data, @@ -5726,18 +5725,16 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle, return NT_STATUS_OK; } + /* First remove any existing ACE's with NFS style mode/uid/gid SIDs. */ + status = remove_virtual_nfs_aces(*ppdesc); + if (!NT_STATUS_IS_OK(status)) { + DBG_WARNING("failed to remove MS NFS style ACEs\n"); + return status; + } + /* MS NFS style mode */ sid_compose(&sid, &global_sid_Unix_NFS_Mode, fsp->fsp_name->st.st_ex_mode); init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0); - - /* First remove any existing ACE's with this SID. */ - status = security_descriptor_dacl_del(*ppdesc, &sid); - remove_ok = (NT_STATUS_IS_OK(status) || - NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)); - if (!remove_ok) { - DBG_WARNING("failed to remove MS NFS_mode style ACE\n"); - return status; - } status = security_descriptor_dacl_add(*ppdesc, &ace); if (!NT_STATUS_IS_OK(status)) { DEBUG(1,("failed to add MS NFS style ACE\n")); @@ -5747,15 +5744,6 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle, /* MS NFS style uid */ sid_compose(&sid, &global_sid_Unix_NFS_Users, fsp->fsp_name->st.st_ex_uid); init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0); - - /* First remove any existing ACE's with this SID. */ - status = security_descriptor_dacl_del(*ppdesc, &sid); - remove_ok = (NT_STATUS_IS_OK(status) || - NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)); - if (!remove_ok) { - DBG_WARNING("failed to remove MS NFS_users style ACE\n"); - return status; - } status = security_descriptor_dacl_add(*ppdesc, &ace); if (!NT_STATUS_IS_OK(status)) { DEBUG(1,("failed to add MS NFS style ACE\n")); @@ -5765,15 +5753,6 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle, /* MS NFS style gid */ sid_compose(&sid, &global_sid_Unix_NFS_Groups, fsp->fsp_name->st.st_ex_gid); init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0); - - /* First remove any existing ACE's with this SID. */ - status = security_descriptor_dacl_del(*ppdesc, &sid); - remove_ok = (NT_STATUS_IS_OK(status) || - NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)); - if (!remove_ok) { - DBG_WARNING("failed to remove MS NFS_groups style ACE\n"); - return status; - } status = security_descriptor_dacl_add(*ppdesc, &ace); if (!NT_STATUS_IS_OK(status)) { DEBUG(1,("failed to add MS NFS style ACE\n")); |