From 1b5028a4b6c4548b3f53586eea83809033565180 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Mon, 6 Feb 2017 12:47:41 +0100 Subject: [PATCH] vfs_acl_xattr|tdb: ensure create mask is at least 0666 if ignore_system_acls is set MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug: https://bugzilla.samba.org/show_bug.cgi?id=12562 Signed-off-by: Ralph Boehme Reviewed-by: Uri Simchoni Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Apr 20 20:50:10 CEST 2017 on sn-devel-144 (cherry picked from commit 375d772d04338861d92e683ae3c6c9d7ecb846ad) --- source3/modules/vfs_acl_tdb.c | 24 +++++++++++++++++++++--- source3/modules/vfs_acl_xattr.c | 24 +++++++++++++++++++++--- 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c index 174affe..a71bfdc 100644 --- a/source3/modules/vfs_acl_tdb.c +++ b/source3/modules/vfs_acl_tdb.c @@ -342,12 +342,30 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle, return -1); if (config->ignore_system_acls) { - DBG_NOTICE("setting 'create mask = 0666', " - "'directory mask = 0777', " + mode_t create_mask = lp_create_mask(SNUM(handle->conn)); + char *create_mask_str = NULL; + + if ((create_mask & 0666) != 0666) { + create_mask |= 0666; + create_mask_str = talloc_asprintf(handle, "0%o", + create_mask); + if (create_mask_str == NULL) { + DBG_ERR("talloc_asprintf failed\n"); + return -1; + } + + DBG_NOTICE("setting 'create mask = %s'\n", create_mask_str); + + lp_do_parameter (SNUM(handle->conn), + "create mask", create_mask_str); + + TALLOC_FREE(create_mask_str); + } + + DBG_NOTICE("setting 'directory mask = 0777', " "'store dos attributes = yes' and all " "'map ...' options to 'no'\n"); - lp_do_parameter(SNUM(handle->conn), "create mask", "0666"); lp_do_parameter(SNUM(handle->conn), "directory mask", "0777"); lp_do_parameter(SNUM(handle->conn), "map archive", "no"); lp_do_parameter(SNUM(handle->conn), "map hidden", "no"); diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c index 421860b..bb2e565 100644 --- a/source3/modules/vfs_acl_xattr.c +++ b/source3/modules/vfs_acl_xattr.c @@ -243,12 +243,30 @@ static int connect_acl_xattr(struct vfs_handle_struct *handle, return -1); if (config->ignore_system_acls) { - DBG_NOTICE("setting 'create mask = 0666', " - "'directory mask = 0777', " + mode_t create_mask = lp_create_mask(SNUM(handle->conn)); + char *create_mask_str = NULL; + + if ((create_mask & 0666) != 0666) { + create_mask |= 0666; + create_mask_str = talloc_asprintf(handle, "0%o", + create_mask); + if (create_mask_str == NULL) { + DBG_ERR("talloc_asprintf failed\n"); + return -1; + } + + DBG_NOTICE("setting 'create mask = %s'\n", create_mask_str); + + lp_do_parameter (SNUM(handle->conn), + "create mask", create_mask_str); + + TALLOC_FREE(create_mask_str); + } + + DBG_NOTICE("setting 'directory mask = 0777', " "'store dos attributes = yes' and all " "'map ...' options to 'no'\n"); - lp_do_parameter(SNUM(handle->conn), "create mask", "0666"); lp_do_parameter(SNUM(handle->conn), "directory mask", "0777"); lp_do_parameter(SNUM(handle->conn), "map archive", "no"); lp_do_parameter(SNUM(handle->conn), "map hidden", "no"); -- 2.9.3