Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or xattrs...
authorJeremy Allison <jra@samba.org>
Sat, 7 Nov 2009 05:53:07 +0000 (21:53 -0800)
committerJeremy Allison <jra@samba.org>
Sat, 7 Nov 2009 05:53:07 +0000 (21:53 -0800)
Jeremy.

docs-xml/smbdotconf/security/inheritacls.xml
source3/include/proto.h
source3/modules/vfs_acl_tdb.c
source3/modules/vfs_acl_xattr.c
source3/param/loadparm.c

index 44afa8a..e2552e3 100644 (file)
@@ -9,6 +9,11 @@
     behavior is to use the unix mode specified when creating the directory. 
     Enabling this option sets the unix mode to 0777, thus guaranteeing that 
     default directory acls are propagated.
+
+    Note that using the VFS modules acl_xattr or acl_tdb which store native
+    Windows as meta-data will automatically turn this option on for any
+    share for which they are loaded, as they require this option to emulate
+    Windows ACLs correctly.
 </para>
 </description>
 
index 0dbc1c7..49d0100 100644 (file)
@@ -4373,6 +4373,7 @@ void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val);
 int lp_min_receive_file_size(void);
 char* lp_perfcount_module(void);
 void lp_set_passdb_backend(const char *backend);
+bool set_inherit_acls(int i);
 
 /* The following definitions come from param/util.c  */
 
index 424ecbf..3d06e52 100644 (file)
@@ -382,6 +382,12 @@ static int connect_acl_tdb(struct vfs_handle_struct *handle,
        SMB_VFS_HANDLE_SET_DATA(handle, db, free_acl_tdb_data,
                                struct db_context, return -1);
 
+       /* Ensure we have "inherit acls = yes" if we're
+        * using this module. */
+       DEBUG(2,("connect_acl_tdb: setting 'inherit acls = true' for service %s\n",
+               service ));
+       set_inherit_acls(SNUM(handle->conn));
+
        return 0;
 }
 
index 7a9cd27..11ca890 100644 (file)
@@ -208,8 +208,20 @@ static int sys_acl_set_fd_xattr(vfs_handle_struct *handle,
        return ret;
 }
 
+static int connect_acl_xattr(struct vfs_handle_struct *handle,
+                               const char *service,
+                               const char *user)
+{
+       /* Ensure we have "inherit acls = yes" if we're
+        * using this module. */
+       DEBUG(2,("connect_acl_xattr: setting 'inherit acls = true' for service %s\n",
+               service ));
+       set_inherit_acls(SNUM(handle->conn));
+       return 0;
+}
 
 static struct vfs_fn_pointers vfs_acl_xattr_fns = {
+       .connect_fn = connect_acl_xattr,
        .mkdir = mkdir_acl_common,
        .open = open_acl_common,
        .fget_nt_acl = fget_nt_acl_common,
index c62deb5..b317dc6 100644 (file)
@@ -9843,3 +9843,11 @@ void lp_set_passdb_backend(const char *backend)
 {
        string_set(&Globals.szPassdbBackend, backend);
 }
+
+bool set_inherit_acls(int i)
+{
+       if (!LP_SNUM_OK(i)) {
+               return false;
+       }
+       ServicePtrs[(i)]->bInheritACLS = true;
+}