ace_t *acebuf;
SMB4ACE_T *smbace;
TALLOC_CTX *mem_ctx;
+ bool have_special_id = false;
/* allocate the field of ZFS aces */
mem_ctx = talloc_tos();
aceprop->who.special_id));
continue; /* don't add it !!! */
}
+ have_special_id = true;
}
}
+
+ if (!have_special_id
+ && lp_parm_bool(fsp->conn->params->service, "zfsacl",
+ "denymissingspecial", false)) {
+ errno = EACCES;
+ return false;
+ }
+
SMB_ASSERT(i == naces);
/* store acl */
/* VFS operations structure */
-static vfs_op_tuple zfsacl_ops[] = {
- /* invalidate conflicting VFS methods */
- {SMB_VFS_OP(zfsacl_fail__sys_acl_get_file),
- SMB_VFS_OP_SYS_ACL_GET_FILE,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_fail__sys_acl_get_fd),
- SMB_VFS_OP_SYS_ACL_GET_FD,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_fail__sys_acl_set_file),
- SMB_VFS_OP_SYS_ACL_SET_FILE,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_fail__sys_acl_set_fd),
- SMB_VFS_OP_SYS_ACL_SET_FD,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_fail__sys_acl_delete_def_file),
- SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE,
- SMB_VFS_LAYER_OPAQUE},
-
- /* actual methods */
- {SMB_VFS_OP(zfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(zfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
- SMB_VFS_LAYER_OPAQUE},
- {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
+static struct vfs_fn_pointers zfsacl_fns = {
+ .sys_acl_get_file = zfsacl_fail__sys_acl_get_file,
+ .sys_acl_get_fd = zfsacl_fail__sys_acl_get_fd,
+ .sys_acl_set_file = zfsacl_fail__sys_acl_set_file,
+ .sys_acl_set_fd = zfsacl_fail__sys_acl_set_fd,
+ .sys_acl_delete_def_file = zfsacl_fail__sys_acl_delete_def_file,
+ .fget_nt_acl = zfsacl_fget_nt_acl,
+ .get_nt_acl = zfsacl_get_nt_acl,
+ .fset_nt_acl = zfsacl_fset_nt_acl,
};
NTSTATUS vfs_zfsacl_init(void);
NTSTATUS vfs_zfsacl_init(void)
{
return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "zfsacl",
- zfsacl_ops);
+ &zfsacl_fns);
}
git.samba.org / ira / wip.git / blobdiff