Revert "nfs4acl: Fix owner mapping with ID_TYPE_BOTH"

This reverts commit 5d4f7bfda579cecb123cfb1d7130688f1d1c98b7.

That patch broke the case with ID_TYPE_BOTH where a file is owned by a
group (e.g. using autorid and having a file owned by
BUILTIN\Administrators). In this case, the ACE entry for the group gets
mapped a to a user ACL entry and the group no longer has access (as in
the user's token the group is not mapped to a uid).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 42bd3a72a2525aa8a918f4bf7067b30ce8e0e197)

diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 7776caa16d29c3027728438336d540ca7a2ed0bb..6db5a6db6d945ffc415a12d3a2907fc4de308423 100644 (file)
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -723,14 +723,7 @@ static bool smbacl4_fill_ace4(
                uid_t uid;
                gid_t gid;
 
-               /*
-                * ID_TYPE_BOTH returns both uid and gid. Explicitly
-                * check for ownerUID to allow the mapping of the
-                * owner to a special entry in this idmap config.
-                */
-               if (sid_to_uid(&ace_nt->trustee, &uid) && uid == ownerUID) {
-                       ace_v4->who.uid = uid;
-               } else if (sid_to_gid(&ace_nt->trustee, &gid)) {
+               if (sid_to_gid(&ace_nt->trustee, &gid)) {
                        ace_v4->aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
                        ace_v4->who.gid = gid;
                } else if (sid_to_uid(&ace_nt->trustee, &uid)) {