Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41client: Remove Linux ACL workaround
Posted by Anonymous on Thu 16th Apr 2026 17:04
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
diff --git a/daemon/acl.c b/daemon/acl.c index 8afa9b0..9e5a68f 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -284,8 +284,8 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) nfs41_file_info info = { 0 }; stateid_arg stateid; nfsacl41 nfs4_acl = { 0 }; - PSID sid = NULL, gsid = NULL; - BOOL sid_default, gsid_default; + PSID sid = NULL; + BOOL sid_default; char ownerbuf[NFS4_FATTR4_OWNER_LIMIT+1]; char groupbuf[NFS4_FATTR4_OWNER_LIMIT+1]; @@ -307,7 +307,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) goto out; } - status = map_sid2nfs4ace_who(sid, NULL, NULL, ownerbuf, + status = map_sid2nfs4ace_who(sid, ownerbuf, nfs41dg->localdomain_name, NULL); if (status) goto out; @@ -329,7 +329,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) goto out; } - status = map_sid2nfs4ace_who(sid, NULL, NULL, groupbuf, + status = map_sid2nfs4ace_who(sid, groupbuf, nfs41dg->localdomain_name, NULL); if (status) goto out; @@ -353,20 +353,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) eprintf("GetSecurityDescriptorDacl failed with %d\n", status); goto out; } - status = GetSecurityDescriptorOwner(args->sec_desc, &sid, &sid_default); - if (!status) { - status = GetLastError(); - eprintf("GetSecurityDescriptorOwner failed with %d\n", status); - goto out; - } - status = GetSecurityDescriptorGroup(args->sec_desc, &gsid, &gsid_default); - if (!status) { - status = GetLastError(); - eprintf("GetSecurityDescriptorOwner failed with %d\n", status); - goto out; - } - status = map_dacl_2_nfs4acl(acl, sid, gsid, &nfs4_acl, - state->type, + status = map_dacl_2_nfs4acl(acl, &nfs4_acl, state->type, state->file.fh.superblock->nfs_namedattr_support?true:false, nfs41dg->localdomain_name); if (status) diff --git a/daemon/aclutil.c b/daemon/aclutil.c index 6e93ba1..4c82148 100644 --- a/daemon/aclutil.c +++ b/daemon/aclutil.c @@ -827,8 +827,11 @@ void map_nfs4acemask2winaccessmask(uint32_t nfs4_mask, #endif } -int map_sid2nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, - char *who_out, const char *domain, SID_NAME_USE *sid_type_out) +int map_sid2nfs4ace_who( + PSID sid, + char *who_out, + const char *domain, + SID_NAME_USE *sid_type_out) { int status; BOOL success; @@ -841,39 +844,16 @@ int map_sid2nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, /* fixme: This should be a function argument */ extern nfs41_daemon_globals nfs41_dg; - DPRINTF(ACLLVL2, ("--> map_sid2nfs4ace_who(" - "sid=0x%p,owner_sid=0x%p, group_sid=0x%p)\n", - sid, owner_sid, group_sid)); + DPRINTF(ACLLVL2, + ("--> map_sid2nfs4ace_who(sid=0x%p)\n", + sid)); if (DPRINTF_LEVEL_ENABLED(ACLLVL2)) { print_sid("sid", sid); - print_sid("owner_sid", owner_sid); - print_sid("group_sid", group_sid); } - /* for ace mapping, we want to map owner's sid into "owner@" - * but for set_owner attribute we want to map owner into a user name - * same applies to group - */ status = ERROR_SUCCESS; - if (owner_sid) { - if (EqualSid(sid, owner_sid)) { - DPRINTF(ACLLVL2, ("this is owner's sid\n")); - (void)memcpy(who_out, ACE4_OWNER, ACE4_OWNER_LEN+1); - sid_type = SidTypeUser; - status = ERROR_SUCCESS; - goto out; - } - } - if (group_sid) { - if (EqualSid(sid, group_sid)) { - DPRINTF(ACLLVL2, ("this is group's sid\n")); - memcpy(who_out, ACE4_GROUP, ACE4_GROUP_LEN+1); - sid_type = SidTypeGroup; - status = ERROR_SUCCESS; - goto out; - } - } + success = is_well_known_sid(sid, who_out, &sid_type); if (success) { if (!strncmp(who_out, ACE4_NOBODY, ACE4_NOBODY_LEN)) { @@ -1149,7 +1129,7 @@ out: return status; } -int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, +int map_dacl_2_nfs4acl(PACL acl, nfsacl41 *nfs4_acl, int file_type, bool nfs_namedattr_support, const char *domain) { int status; @@ -1267,7 +1247,7 @@ int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, } #endif /* NFS41_DRIVER_ACLS_SETACL_SKIP_WINNULLSID_ACES */ - status = map_sid2nfs4ace_who(ace_sid, sid, gsid, + status = map_sid2nfs4ace_who(ace_sid, curr_nfsace->who, domain, &who_sid_type); if (status != ERROR_SUCCESS) goto out_free; diff --git a/daemon/aclutil.h b/daemon/aclutil.h index 2c2c74f..a973d4d 100644 --- a/daemon/aclutil.h +++ b/daemon/aclutil.h @@ -36,12 +36,15 @@ void free_sids(PSID *sids, int count); #ifdef NFS41_DRIVER_WS2022_HACKS char *build_well_known_localised_nfs_grouplist(struct idmap_context *context); #endif /* NFS41_DRIVER_WS2022_HACKS */ -int map_sid2nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, - char *who_out, const char *domain, SID_NAME_USE *sid_type_out); +int map_sid2nfs4ace_who( + PSID sid, + char *who_out, + const char *domain, + SID_NAME_USE *sid_type_out); int convert_nfs4acl_2_dacl(nfs41_daemon_globals *nfs41dg, nfsacl41 *acl, int file_type, PACL *dacl_out, PSID **sids_out, bool named_attr_support); -int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, +int map_dacl_2_nfs4acl(PACL acl, nfsacl41 *nfs4_acl, int file_type, bool named_attr_support, const char *domain); #endif /* !__NFS41_DAEMON_ACLUTIL_H__ */ diff --git a/daemon/open.c b/daemon/open.c index 0d18b31..09388fd 100644 --- a/daemon/open.c +++ b/daemon/open.c @@ -979,41 +979,22 @@ static int handle_open(void *daemon_context, nfs41_upcall *upcall) #ifdef NFS41_DRIVER_ALLOW_CREATEFILE_ACLS if (args->sec_desc_len) { - PSID sid = NULL, gsid = NULL; - BOOL sid_default, gsid_default; + BOOL success; BOOL dacl_present, dacl_default; - PACL acl; + PACL acl = NULL; DPRINTF(0, ("handle_open: args->sec_desc=0x%p args->sec_desc_len=%ld\n", args->sec_desc, (long)args->sec_desc_len)); - status = GetSecurityDescriptorDacl(args->sec_desc, &dacl_present, + success = GetSecurityDescriptorDacl(args->sec_desc, &dacl_present, &acl, &dacl_default); - if (!status) { + if (!success) { status = GetLastError(); eprintf("handle_open: " "GetSecurityDescriptorDacl() failed, lasterr=%d\n", status); goto out_free_state; } - status = GetSecurityDescriptorOwner(args->sec_desc, - &sid, &sid_default); - if (!status) { - status = GetLastError(); - eprintf("handle_open: " - "GetSecurityDescriptorOwner() failed, lasterr=%d\n", - status); - goto out_free_state; - } - status = GetSecurityDescriptorGroup(args->sec_desc, - &gsid, &gsid_default); - if (!status) { - status = GetLastError(); - eprintf("handle_open: " - "GetSecurityDescriptorOwner() failed, lasterr=%d\n", - status); - goto out_free_state; - } - status = map_dacl_2_nfs4acl(acl, sid, gsid, &create_nfs4_acl, + status = map_dacl_2_nfs4acl(acl, &create_nfs4_acl, state->type, false /* FIXME!! */, nfs41dg->localdomain_name);

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at