From 00b2cdf75e9bea25034440054b4acd91a179c86d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 8 May 2008 18:09:07 -0700 Subject: [PATCH] Yay ! Remove a VFS entry. Removed the set_nt_acl() call, this can only be done via fset_nt_acl() using an open file/directory handle. I'd like to do the same with get_nt_acl() but am concerned about efficiency problems with "hide unreadable/hide unwritable" when doing a directory listing (this would mean opening every file in the dir on list). Moving closer to rationalizing the ACL model and maybe moving the POSIX calls into a posix_acl VFS module rather than having them as first class citizens of the VFS. Jeremy. (This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed) --- examples/VFS/skel_opaque.c | 8 -------- examples/VFS/skel_transparent.c | 7 ------- source3/include/smbprofile.h | 4 ---- source3/include/vfs.h | 11 +++-------- source3/include/vfs_macros.h | 3 --- source3/modules/vfs_afsacl.c | 10 ---------- source3/modules/vfs_aixacl2.c | 9 --------- source3/modules/vfs_cap.c | 15 --------------- source3/modules/vfs_catia.c | 10 ---------- source3/modules/vfs_default.c | 12 ------------ source3/modules/vfs_full_audit.c | 20 -------------------- source3/modules/vfs_gpfs.c | 9 --------- source3/modules/vfs_shadow_copy2.c | 8 -------- source3/modules/vfs_zfsacl.c | 10 ---------- source3/profile/profile.c | 1 - source3/rpc_server/srv_srvsvc_nt.c | 2 +- source3/smbd/nttrans.c | 8 +------- source3/utils/status_profile.c | 2 -- 18 files changed, 5 insertions(+), 144 deletions(-) diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c index eb49f35c042..bac035a8216 100644 --- a/examples/VFS/skel_opaque.c +++ b/examples/VFS/skel_opaque.c @@ -321,13 +321,6 @@ static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, return NT_STATUS_NOT_IMPLEMENTED; } -static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const - char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - errno = ENOSYS; - return NT_STATUS_NOT_IMPLEMENTED; -} - static int skel_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode) { errno = ENOSYS; @@ -662,7 +655,6 @@ static vfs_op_tuple skel_op_tuples[] = { {SMB_VFS_OP(skel_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(skel_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(skel_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, - {SMB_VFS_OP(skel_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, /* POSIX ACL operations */ diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c index 7102d4d4db1..ea8530d855e 100644 --- a/examples/VFS/skel_transparent.c +++ b/examples/VFS/skel_transparent.c @@ -307,12 +307,6 @@ static NTSTATUS skel_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd); } -static NTSTATUS skel_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, psd); -} - static int skel_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode) { /* If the underlying VFS doesn't have ACL support... */ @@ -624,7 +618,6 @@ static vfs_op_tuple skel_op_tuples[] = { {SMB_VFS_OP(skel_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(skel_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(skel_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(skel_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, /* POSIX ACL operations */ diff --git a/source3/include/smbprofile.h b/source3/include/smbprofile.h index 864f2bf90f8..f58a6452bfe 100644 --- a/source3/include/smbprofile.h +++ b/source3/include/smbprofile.h @@ -631,10 +631,6 @@ enum profile_stats_values #define fget_nt_acl_count __profile_stats_value(PR_VALUE_FGET_NT_ACL, count) #define fget_nt_acl_time __profile_stats_value(PR_VALUE_FGET_NT_ACL, time) - PR_VALUE_SET_NT_ACL, -#define set_nt_acl_count __profile_stats_value(PR_VALUE_SET_NT_ACL, count) -#define set_nt_acl_time __profile_stats_value(PR_VALUE_SET_NT_ACL, time) - PR_VALUE_FSET_NT_ACL, #define fset_nt_acl_count __profile_stats_value(PR_VALUE_FSET_NT_ACL, count) #define fset_nt_acl_time __profile_stats_value(PR_VALUE_FSET_NT_ACL, time) diff --git a/source3/include/vfs.h b/source3/include/vfs.h index c8397164bc3..7f285b7770d 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -106,8 +106,10 @@ /* Leave at 22 - not yet released. Additional change: add operations for offline files -- ab */ /* Leave at 22 - not yet released. Add the streaminfo call. -- jpeach, vl */ /* Leave at 22 - not yet released. Remove parameter fd from close_fn. - obnox */ +/* Changed to version 23 - remove set_nt_acl call. This can only be done via an + open handle. JRA. */ -#define SMB_VFS_INTERFACE_VERSION 22 +#define SMB_VFS_INTERFACE_VERSION 23 /* to bug old modules which are trying to compile with the old functions */ @@ -208,7 +210,6 @@ typedef enum _vfs_op_type { SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_OP_GET_NT_ACL, SMB_VFS_OP_FSET_NT_ACL, - SMB_VFS_OP_SET_NT_ACL, /* POSIX ACL operations. */ @@ -365,11 +366,6 @@ struct vfs_ops { struct files_struct *fsp, uint32 security_info_sent, struct security_descriptor *psd); - NTSTATUS (*set_nt_acl)(struct vfs_handle_struct *handle, - struct files_struct *fsp, - const char *name, - uint32 security_info_sent, - struct security_descriptor *psd); /* POSIX ACL operations. */ @@ -496,7 +492,6 @@ struct vfs_ops { struct vfs_handle_struct *fget_nt_acl; struct vfs_handle_struct *get_nt_acl; struct vfs_handle_struct *fset_nt_acl; - struct vfs_handle_struct *set_nt_acl; /* POSIX ACL operations. */ diff --git a/source3/include/vfs_macros.h b/source3/include/vfs_macros.h index f0a9809ecc6..bb3aeba77b4 100644 --- a/source3/include/vfs_macros.h +++ b/source3/include/vfs_macros.h @@ -89,7 +89,6 @@ #define SMB_VFS_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs.ops.fget_nt_acl((fsp)->conn->vfs.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) #define SMB_VFS_GET_NT_ACL(conn, name, security_info, ppdesc) ((conn)->vfs.ops.get_nt_acl((conn)->vfs.handles.get_nt_acl, (name), (security_info), (ppdesc))) #define SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd) ((fsp)->conn->vfs.ops.fset_nt_acl((fsp)->conn->vfs.handles.fset_nt_acl, (fsp), (security_info_sent), (psd))) -#define SMB_VFS_SET_NT_ACL(fsp, name, security_info_sent, psd) ((fsp)->conn->vfs.ops.set_nt_acl((fsp)->conn->vfs.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd))) /* POSIX ACL operations. */ #define SMB_VFS_CHMOD_ACL(conn, name, mode) ((conn)->vfs.ops.chmod_acl((conn)->vfs.handles.chmod_acl, (name), (mode))) @@ -215,7 +214,6 @@ #define SMB_VFS_OPAQUE_FGET_NT_ACL(fsp, security_info, ppdesc) ((fsp)->conn->vfs_opaque.ops.fget_nt_acl((fsp)->conn->vfs_opaque.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) #define SMB_VFS_OPAQUE_GET_NT_ACL(conn, name, security_info, ppdesc) ((conn)->vfs_opaque.ops.get_nt_acl((conn)->vfs_opaque.handles.get_nt_acl, (name), (security_info), (ppdesc))) #define SMB_VFS_OPAQUE_FSET_NT_ACL(fsp, security_info_sent, psd) ((fsp)->conn->vfs_opaque.ops.fset_nt_acl((fsp)->conn->vfs_opaque.handles.fset_nt_acl, (fsp), (security_info_sent), (psd))) -#define SMB_VFS_OPAQUE_SET_NT_ACL(fsp, name, security_info_sent, psd) ((fsp)->conn->vfs_opaque.ops.set_nt_acl((fsp)->conn->vfs_opaque.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd))) /* POSIX ACL operations. */ #define SMB_VFS_OPAQUE_CHMOD_ACL(conn, name, mode) ((conn)->vfs_opaque.ops.chmod_acl((conn)->vfs_opaque.handles.chmod_acl, (name), (mode))) @@ -342,7 +340,6 @@ #define SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info, ppdesc) ((handle)->vfs_next.ops.fget_nt_acl((handle)->vfs_next.handles.fget_nt_acl, (fsp), (security_info), (ppdesc))) #define SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc) ((handle)->vfs_next.ops.get_nt_acl((handle)->vfs_next.handles.get_nt_acl, (name), (security_info), (ppdesc))) #define SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd) ((handle)->vfs_next.ops.fset_nt_acl((handle)->vfs_next.handles.fset_nt_acl, (fsp), (security_info_sent), (psd))) -#define SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, psd) ((handle)->vfs_next.ops.set_nt_acl((handle)->vfs_next.handles.set_nt_acl, (fsp), (name), (security_info_sent), (psd))) /* POSIX ACL operations. */ #define SMB_VFS_NEXT_CHMOD_ACL(handle, name, mode) ((handle)->vfs_next.ops.chmod_acl((handle)->vfs_next.handles.chmod_acl, (name), (mode))) diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c index e35bfabb8c7..9409f3fa203 100644 --- a/source3/modules/vfs_afsacl.c +++ b/source3/modules/vfs_afsacl.c @@ -1045,14 +1045,6 @@ NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle, return afs_set_nt_acl(handle, fsp, security_info_sent, psd); } -NTSTATUS afsacl_set_nt_acl(vfs_handle_struct *handle, - files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd) -{ - return afs_set_nt_acl(handle, fsp, security_info_sent, psd); -} - static int afsacl_connect(vfs_handle_struct *handle, const char *service, const char *user) @@ -1078,8 +1070,6 @@ static vfs_op_tuple afsacl_ops[] = { SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(afsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(afsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP} }; diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c index 996adbbdfe3..62675ae631e 100644 --- a/source3/modules/vfs_aixacl2.c +++ b/source3/modules/vfs_aixacl2.c @@ -403,11 +403,6 @@ NTSTATUS aixjfs2_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint3 return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); } -NTSTATUS aixjfs2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - return aixjfs2_set_nt_acl_common(fsp, security_info_sent, psd); -} - int aixjfs2_sys_acl_set_file(vfs_handle_struct *handle, const char *name, SMB_ACL_TYPE_T type, @@ -509,10 +504,6 @@ static vfs_op_tuple aixjfs2_ops[] = SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(aixjfs2_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(aixjfs2_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT}, diff --git a/source3/modules/vfs_cap.c b/source3/modules/vfs_cap.c index 2f2d6a71826..79537367d69 100644 --- a/source3/modules/vfs_cap.c +++ b/source3/modules/vfs_cap.c @@ -278,17 +278,6 @@ static char *cap_realpath(vfs_handle_struct *handle, const char *path, char *res return SMB_VFS_NEXT_REALPATH(handle, path, resolved_path); } -static NTSTATUS cap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *path, uint32 security_info_sent, struct security_descriptor *psd) -{ - char *cappath = capencode(talloc_tos(), path); - - if (!cappath) { - errno = ENOMEM; - return NT_STATUS_NO_MEMORY; - } - return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, cappath, security_info_sent, psd); -} - static int cap_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mode) { char *cappath = capencode(talloc_tos(), path); @@ -499,10 +488,6 @@ static vfs_op_tuple cap_op_tuples[] = { {SMB_VFS_OP(cap_mknod), SMB_VFS_OP_MKNOD, SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(cap_realpath), SMB_VFS_OP_REALPATH, SMB_VFS_LAYER_TRANSPARENT}, - /* NT File ACL operations */ - - {SMB_VFS_OP(cap_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - /* POSIX ACL operations */ {SMB_VFS_OP(cap_chmod_acl), SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT}, diff --git a/source3/modules/vfs_catia.c b/source3/modules/vfs_catia.c index ab48c963ec4..8b56be6ceac 100644 --- a/source3/modules/vfs_catia.c +++ b/source3/modules/vfs_catia.c @@ -293,14 +293,6 @@ static NTSTATUS catia_get_nt_acl(vfs_handle_struct *handle, files_struct *fsp, return SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info, ppdesc); } -static NTSTATUS catia_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, - struct security_descriptor *psd) -{ - return SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, - psd); -} - static int catia_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode) { @@ -362,8 +354,6 @@ SMB_VFS_LAYER_TRANSPARENT}, {SMB_VFS_OP(catia_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(catia_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, -SMB_VFS_LAYER_TRANSPARENT}, /* POSIX ACL operations */ diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index de801a20414..6ee677e3765 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1042,16 +1042,6 @@ static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return result; } -static NTSTATUS vfswrap_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, const char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - NTSTATUS result; - - START_PROFILE(set_nt_acl); - result = set_nt_acl(fsp, security_info_sent, psd); - END_PROFILE(set_nt_acl); - return result; -} - static int vfswrap_chmod_acl(vfs_handle_struct *handle, const char *name, mode_t mode) { #ifdef HAVE_NO_ACL @@ -1446,8 +1436,6 @@ static vfs_op_tuple vfs_default_ops[] = { SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(vfswrap_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, - {SMB_VFS_OP(vfswrap_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_OPAQUE}, /* POSIX ACL operations. */ diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index 2f8098de9b6..19a1d02de47 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -199,9 +199,6 @@ static NTSTATUS smb_full_audit_get_nt_acl(vfs_handle_struct *handle, files_struc static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); -static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd); static int smb_full_audit_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mode); static int smb_full_audit_fchmod_acl(vfs_handle_struct *handle, files_struct *fsp, @@ -431,8 +428,6 @@ static vfs_op_tuple audit_op_tuples[] = { SMB_VFS_LAYER_LOGGER}, {SMB_VFS_OP(smb_full_audit_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(smb_full_audit_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_LOGGER}, /* POSIX ACL operations. */ @@ -593,7 +588,6 @@ static struct { { SMB_VFS_OP_FGET_NT_ACL, "fget_nt_acl" }, { SMB_VFS_OP_GET_NT_ACL, "get_nt_acl" }, { SMB_VFS_OP_FSET_NT_ACL, "fset_nt_acl" }, - { SMB_VFS_OP_SET_NT_ACL, "set_nt_acl" }, { SMB_VFS_OP_CHMOD_ACL, "chmod_acl" }, { SMB_VFS_OP_FCHMOD_ACL, "fchmod_acl" }, { SMB_VFS_OP_SYS_ACL_GET_ENTRY, "sys_acl_get_entry" }, @@ -1572,20 +1566,6 @@ static NTSTATUS smb_full_audit_fset_nt_acl(vfs_handle_struct *handle, files_stru return result; } -static NTSTATUS smb_full_audit_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd) -{ - NTSTATUS result; - - result = SMB_VFS_NEXT_SET_NT_ACL(handle, fsp, name, security_info_sent, - psd); - - do_log(SMB_VFS_OP_SET_NT_ACL, NT_STATUS_IS_OK(result), handle, "%s", fsp->fsp_name); - - return result; -} - static int smb_full_audit_chmod_acl(vfs_handle_struct *handle, const char *path, mode_t mode) { diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index d10906dfb1e..39d2bb6c38c 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -391,11 +391,6 @@ static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); } -static NTSTATUS gpfsacl_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd) -{ - return gpfsacl_set_nt_acl_internal(fsp, security_info_sent, psd); -} - static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl) { SMB_ACL_T result; @@ -839,10 +834,6 @@ static vfs_op_tuple gpfs_op_tuples[] = { SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_set_nt_acl), - SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_TRANSPARENT }, - { SMB_VFS_OP(gpfsacl_sys_acl_get_file), SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT }, diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index ddbc5aab181..c95600b642f 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -423,13 +423,6 @@ static NTSTATUS shadow_copy2_get_nt_acl(vfs_handle_struct *handle, SHADOW2_NTSTATUS_NEXT(GET_NT_ACL, (handle, name, security_info, ppdesc), NT_STATUS_ACCESS_DENIED); } -static NTSTATUS shadow_copy2_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, - const char *fname, uint32 security_info_sent, - struct security_descriptor *psd) -{ - SHADOW2_NTSTATUS_NEXT(SET_NT_ACL, (handle, fsp, name, security_info_sent, psd), NT_STATUS_ACCESS_DENIED); -} - static int shadow_copy2_mkdir(vfs_handle_struct *handle, const char *fname, mode_t mode) { SHADOW2_NEXT(MKDIR, (handle, name, mode), int, -1); @@ -601,7 +594,6 @@ static vfs_op_tuple shadow_copy2_ops[] = { /* NT File ACL operations */ {SMB_VFS_OP(shadow_copy2_get_nt_acl), SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, - {SMB_VFS_OP(shadow_copy2_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT}, /* POSIX ACL operations */ {SMB_VFS_OP(shadow_copy2_chmod_acl), SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT}, diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index ce2e28771f7..e8a0507aa4e 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -212,14 +212,6 @@ static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle, return zfs_set_nt_acl(handle, fsp, security_info_sent, psd); } -static NTSTATUS zfsacl_set_nt_acl(vfs_handle_struct *handle, - files_struct *fsp, - const char *name, uint32 security_info_sent, - SEC_DESC *psd) -{ - return zfs_set_nt_acl(handle, fsp, security_info_sent, psd); -} - /* VFS operations structure */ static vfs_op_tuple zfsacl_ops[] = { @@ -229,8 +221,6 @@ static vfs_op_tuple zfsacl_ops[] = { SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(zfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_OPAQUE}, - {SMB_VFS_OP(zfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL, - SMB_VFS_LAYER_OPAQUE}, {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP} }; diff --git a/source3/profile/profile.c b/source3/profile/profile.c index e9c7c7bb7cd..bdbd8057183 100644 --- a/source3/profile/profile.c +++ b/source3/profile/profile.c @@ -426,7 +426,6 @@ bool profile_setup(struct messaging_context *msg_ctx, bool rdonly) "NT_transact_set_user_quota",/* PR_VALUE_NT_TRANSACT_SET_USER_QUOTA */ "get_nt_acl", /* PR_VALUE_GET_NT_ACL */ "fget_nt_acl", /* PR_VALUE_FGET_NT_ACL */ - "set_nt_acl", /* PR_VALUE_SET_NT_ACL */ "fset_nt_acl", /* PR_VALUE_FSET_NT_ACL */ "chmod_acl", /* PR_VALUE_CHMOD_ACL */ "fchmod_acl", /* PR_VALUE_FCHMOD_ACL */ diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 1b578cc9f87..18c6f4de530 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2233,7 +2233,7 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, } } - nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, + nt_status = SMB_VFS_FSET_NT_ACL(fsp, r->in.securityinformation, r->in.sd_buf->sd); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index ec4126c1f74..362823d78a5 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -770,13 +770,7 @@ static NTSTATUS set_sd(files_struct *fsp, uint8 *data, uint32 sd_len, security_info_sent &= ~DACL_SECURITY_INFORMATION; } - if (fsp->fh->fd != -1) { - status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd); - } - else { - status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, - security_info_sent, psd); - } + status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd); TALLOC_FREE(psd); diff --git a/source3/utils/status_profile.c b/source3/utils/status_profile.c index 6e75f99d35d..48814fedeab 100644 --- a/source3/utils/status_profile.c +++ b/source3/utils/status_profile.c @@ -356,8 +356,6 @@ bool status_profile_dump(bool verbose) d_printf("get_nt_acl_time: %u\n", profile_p->get_nt_acl_time); d_printf("fget_nt_acl_count: %u\n", profile_p->fget_nt_acl_count); d_printf("fget_nt_acl_time: %u\n", profile_p->fget_nt_acl_time); - d_printf("set_nt_acl_count: %u\n", profile_p->set_nt_acl_count); - d_printf("set_nt_acl_time: %u\n", profile_p->set_nt_acl_time); d_printf("fset_nt_acl_count: %u\n", profile_p->fset_nt_acl_count); d_printf("fset_nt_acl_time: %u\n", profile_p->fset_nt_acl_time); d_printf("chmod_acl_count: %u\n", profile_p->chmod_acl_count); -- 2.34.1