From: Jeremy Allison Date: Sat, 7 Nov 2009 05:53:07 +0000 (-0800) Subject: Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs... X-Git-Tag: tdb-1.2.0~260 X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=bd2ffb1c7a70ef9063b99a9318b3e185ddda84fe;p=samba.git Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs are removed. Jeremy. --- diff --git a/docs-xml/smbdotconf/security/inheritacls.xml b/docs-xml/smbdotconf/security/inheritacls.xml index 44afa8a3e2e..e2552e32fff 100644 --- a/docs-xml/smbdotconf/security/inheritacls.xml +++ b/docs-xml/smbdotconf/security/inheritacls.xml @@ -9,6 +9,11 @@ behavior is to use the unix mode specified when creating the directory. Enabling this option sets the unix mode to 0777, thus guaranteeing that default directory acls are propagated. + + Note that using the VFS modules acl_xattr or acl_tdb which store native + Windows as meta-data will automatically turn this option on for any + share for which they are loaded, as they require this option to emulate + Windows ACLs correctly. diff --git a/source3/include/proto.h b/source3/include/proto.h index 0dbc1c7fed9..49d01003b58 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4373,6 +4373,7 @@ void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val); int lp_min_receive_file_size(void); char* lp_perfcount_module(void); void lp_set_passdb_backend(const char *backend); +bool set_inherit_acls(int i); /* The following definitions come from param/util.c */ diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c index 424ecbf65b8..3d06e520e87 100644 --- a/source3/modules/vfs_acl_tdb.c +++ b/source3/modules/vfs_acl_tdb.c @@ -382,6 +382,12 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle, SMB_VFS_HANDLE_SET_DATA(handle, db, free_acl_tdb_data, struct db_context, return -1); + /* Ensure we have "inherit acls = yes" if we're + * using this module. */ + DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' for service %s\n", + service )); + set_inherit_acls(SNUM(handle->conn)); + return 0; } diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c index 7a9cd27e5fc..11ca8902c09 100644 --- a/source3/modules/vfs_acl_xattr.c +++ b/source3/modules/vfs_acl_xattr.c @@ -208,8 +208,20 @@ static int sys_acl_set_fd_xattr(vfs_handle_struct *handle, return ret; } +static int connect_acl_xattr(struct vfs_handle_struct *handle, + const char *service, + const char *user) +{ + /* Ensure we have "inherit acls = yes" if we're + * using this module. */ + DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' for service %s\n", + service )); + set_inherit_acls(SNUM(handle->conn)); + return 0; +} static struct vfs_fn_pointers vfs_acl_xattr_fns = { + .connect_fn = connect_acl_xattr, .mkdir = mkdir_acl_common, .open = open_acl_common, .fget_nt_acl = fget_nt_acl_common, diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c62deb5eda5..b317dc6c8a7 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -9843,3 +9843,11 @@ void lp_set_passdb_backend(const char *backend) { string_set(&Globals.szPassdbBackend, backend); } + +bool set_inherit_acls(int i) +{ + if (!LP_SNUM_OK(i)) { + return false; + } + ServicePtrs[(i)]->bInheritACLS = true; +}