diff options
author | Christof Schmitt <cs@samba.org> | 2019-07-02 15:08:11 -0700 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2019-08-26 10:23:29 +0000 |
commit | 1f10af9fb98c4e6c8565fb46161acd643c42acee (patch) | |
tree | 856f26fb64dabaaaa91cda6d8894b30af3d3305b /source3/modules | |
parent | b4b61724550c2022ebb0e212aff4c844a2862f22 (diff) | |
download | samba-1f10af9fb98c4e6c8565fb46161acd643c42acee.tar.gz |
nfs4_acls: Remove duplicate entries when mapping from NFS4 ACL to DACL
The previous patch added an additional entry for IDMAP_TYPE_BOTH. When
mapping back to a DACL, there should be no additional entry. Add a loop
that will check and remove entries that are exact duplicates.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9c88602128592ddad537bf70cbe3c51f0b2cebe5)
Diffstat (limited to 'source3/modules')
-rw-r--r-- | source3/modules/nfs4_acls.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 663fcba67aa..74b66a2c392 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -297,6 +297,35 @@ static int smbacl4_fGetFileOwner(files_struct *fsp, SMB_STRUCT_STAT *psbuf) return 0; } +static void check_for_duplicate_sec_ace(struct security_ace *nt_ace_list, + int *good_aces) +{ + struct security_ace *last = NULL; + int i; + + if (*good_aces < 2) { + return; + } + + last = &nt_ace_list[(*good_aces) - 1]; + + for (i = 0; i < (*good_aces) - 1; i++) { + struct security_ace *cur = &nt_ace_list[i]; + + if (cur->type == last->type && + cur->flags == last->flags && + cur->access_mask == last->access_mask && + dom_sid_equal(&cur->trustee, &last->trustee)) + { + struct dom_sid_buf sid_buf; + + DBG_INFO("Removing duplicate entry for SID %s.\n", + dom_sid_str_buf(&last->trustee, &sid_buf)); + (*good_aces)--; + } + } +} + static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, const struct smbacl4_vfs_params *params, struct SMB4ACL_T *acl, /* in */ @@ -438,6 +467,8 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, ace->aceType, mask, win_ace_flags); } + + check_for_duplicate_sec_ace(nt_ace_list, &good_aces); } nt_ace_list = talloc_realloc(mem_ctx, nt_ace_list, struct security_ace, |