Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

Fix ACLs with inheritance when ACL user==current_user
Posted by Anonymous on Thu 20th Jun 2024 16:11
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
diff --git a/daemon/acl.c b/daemon/acl.c index 7ebc8ab..b8777fd 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -768,16 +768,18 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o DPRINTF(ACLLVL, ("--> map_nfs4ace_who(sid=0x%p,owner_sid=0x%p, group_sid=0x%p)\n")); + if (DPRINTF_LEVEL_ENABLED(ACLLVL)) { + print_sid("sid", sid); + print_sid("owner_sid", owner_sid); + print_sid("group_sid", group_sid); + } + /* for ace mapping, we want to map owner's sid into "owner@" * but for set_owner attribute we want to map owner into a user name * same applies to group */ status = 0; if (owner_sid) { - if (DPRINTF_LEVEL_ENABLED(ACLLVL)) { - print_sid("owner_sid", owner_sid); - } - if (EqualSid(sid, owner_sid)) { DPRINTF(ACLLVL, ("map_nfs4ace_who: this is owner's sid\n")); memcpy(who_out, ACE4_OWNER, strlen(ACE4_OWNER)+1); @@ -787,10 +789,6 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o } } if (group_sid) { - if (DPRINTF_LEVEL_ENABLED(ACLLVL)) { - print_sid("group_sid", group_sid); - } - if (EqualSid(sid, group_sid)) { DPRINTF(ACLLVL, ("map_nfs4ace_who: this is group's sid\n")); memcpy(who_out, ACE4_GROUP, strlen(ACE4_GROUP)+1); @@ -961,8 +959,22 @@ static int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, tmp_pointer += sizeof(ACCESS_MASK) + sizeof(ACE_HEADER); - status = map_nfs4ace_who(tmp_pointer, sid, gsid, nfs4_acl->aces[i].who, - domain, &who_sid_type); + PSID acl_sid = tmp_pointer; + + /* + * Only use NFSv4 special ACE names (e.g. "OWNER@", + * "GROUP@") if |ace->AceFlags| does not use any + * inheritance flags + */ + if (ace->AceFlags) { + status = map_nfs4ace_who(acl_sid, NULL, NULL, + nfs4_acl->aces[i].who, domain, &who_sid_type); + } + else { + status = map_nfs4ace_who(acl_sid, sid, gsid, + nfs4_acl->aces[i].who, domain, &who_sid_type); + } + if (status) goto out_free;

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at