s3: smbd: Add default ACLS can only be set on directory check to smb_set_posix_acl().

This was already being checked in the lower layer,
so no change in behavior, just an efficiency and
clarity change.

Just move an extra check here so we refuse the
set if a default ACL is sent on a file object
before we go into the lower layers.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index cc5af63201faf87e8d66ccad78eef58a777642d1..7abf9bcfce0abc7814978f994cd0e2836d209bab 100644 (file)
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -7452,6 +7452,14 @@ static NTSTATUS smb_set_posix_acl(connection_struct *conn,
                goto out;
        }
 
+       /* If we have a default acl, this *must* be a directory. */
+       if (valid_def_acls && !fsp->is_directory) {
+               DBG_INFO("Can't set default acls on "
+                        "non-directory %s\n",
+                        fsp_str_dbg(fsp));
+               return NT_STATUS_INVALID_HANDLE;
+       }
+
        DBG_DEBUG("file %s num_file_acls = %"PRIu16", "
                  "num_def_acls = %"PRIu16"\n",
                  fsp_str_dbg(fsp),