The default setting for nfs4:acedup is "dontcare". The only
recommendation i could find is setting this to "merge". The setting of
"ignore" is dangerous as it would silently drop ACEs. "reject" also
seems less useful as it would disallow setting of ACLs that can easily
be stored.
Report "ignore" and "reject" as deprecated. Maybe these can be removed
in the future to simplify the code.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
acedup = [dontcare|reject|ignore|merge]
- dontcare: copy ACEs as they come, don't care with "duplicate" records. Default.
-- reject: stop operation, exit acl setter operation with an error
-- ignore: don't include the second matching ACE
+- reject: stop operation, exit acl setter operation with an error. (deprecated)
+- ignore: don't include the second matching ACE. (deprecated)
- merge: OR 2 ace.flag fields and 2 ace.mask fields of the 2 duplicate ACEs into 1 ACE
Two ACEs are considered here "duplicate" when their type and id fields are matching.
return -1;
}
params->acedup = (enum smbacl4_acedup_enum)enumval;
+ if (params->acedup == e_ignore) {
+ DBG_WARNING("nfs4:acedup ignore is deprecated.\n");
+ }
+ if (params->acedup == e_reject) {
+ DBG_WARNING("nfs4:acedup ignore is deprecated.\n");
+ }
params->map_full_control = lp_acl_map_full_control(SNUM(conn));