From e0ae0c2ec86e74416ae94c13f02714803cbcf72f Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Mon, 23 May 2011 14:27:11 +0200 Subject: [PATCH 1/2] nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client Signed-off-by: Michael Adam (cherry picked from commit b0471303ba50caab7da5f50e6f7d8c4b1c664238) Fix bug #8191 --- source3/modules/nfs4_acls.c | 3 +++ source3/modules/nfs4_acls.h | 3 ++- 2 files changed, 5 insertions(+), 1 deletions(-) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 91e98f6..0548729 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -272,6 +272,9 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ } mapped_ace_flags = ace->aceFlags & 0xf; + if (ace->aceFlags & SMB_ACE4_INHERITED_ACE) { + mapped_ace_flags |= SEC_ACE_FLAG_INHERITED_ACE; + } if (!is_directory && (mapped_ace_flags & (SMB_ACE4_FILE_INHERIT_ACE|SMB_ACE4_DIRECTORY_INHERIT_ACE))) { /* * GPFS sets inherits dir_inhert and file_inherit flags diff --git a/source3/modules/nfs4_acls.h b/source3/modules/nfs4_acls.h index f4576b0..fcab635 100644 --- a/source3/modules/nfs4_acls.h +++ b/source3/modules/nfs4_acls.h @@ -76,9 +76,10 @@ typedef struct _SMB_ACE4PROP_T { #define SMB_ACE4_SUCCESSFUL_ACCESS_ACE_FLAG 0x00000010 #define SMB_ACE4_FAILED_ACCESS_ACE_FLAG 0x00000020 #define SMB_ACE4_IDENTIFIER_GROUP 0x00000040 +#define SMB_ACE4_INHERITED_ACE 0x00000080 #define SMB_ACE4_ALL_FLAGS ( SMB_ACE4_FILE_INHERIT_ACE | SMB_ACE4_DIRECTORY_INHERIT_ACE \ | SMB_ACE4_NO_PROPAGATE_INHERIT_ACE | SMB_ACE4_INHERIT_ONLY_ACE | SMB_ACE4_SUCCESSFUL_ACCESS_ACE_FLAG \ -| SMB_ACE4_FAILED_ACCESS_ACE_FLAG | SMB_ACE4_IDENTIFIER_GROUP ) +| SMB_ACE4_FAILED_ACCESS_ACE_FLAG | SMB_ACE4_IDENTIFIER_GROUP | SMB_ACE4_INHERITED_ACE) uint32 aceMask; /* Access rights */ /*The bitmask constants used for the access mask field are as follows: */ -- 1.7.5.2 From 7cfef851113cc3aa09b53a334c6b4291479be204 Mon Sep 17 00:00:00 2001 From: Gregor Beck Date: Mon, 23 May 2011 14:45:57 +0200 Subject: [PATCH 2/2] nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client Signed-off-by: Michael Adam (cherry picked from commit 817c64f5de65c6ba7cc535446279f769d6552618) Fix bug #8191 --- source3/modules/nfs4_acls.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 0548729..2e7d806 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -565,6 +565,9 @@ static bool smbacl4_fill_ace4( memset(ace_v4, 0, sizeof(SMB_ACE4PROP_T)); ace_v4->aceType = ace_nt->type; /* only ACCESS|DENY supported right now */ ace_v4->aceFlags = ace_nt->flags & SEC_ACE_FLAG_VALID_INHERIT; + if (ace_nt->flags & SEC_ACE_FLAG_INHERITED_ACE) { + ace_v4->aceFlags |= SMB_ACE4_INHERITED_ACE; + } ace_v4->aceMask = ace_nt->access_mask & (SEC_STD_ALL | SEC_FILE_ALL); -- 1.7.5.2