From: Ralph Boehme <slow@samba.org>
Date: Wed, 16 Dec 2020 14:41:07 +0000 (+0100)
Subject: vfs_acl_tdb: avoid deleting the NT ACL from the tdb
X-Git-Tag: samba-4.14.0rc1~182
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a77de71ced013604382e5c62a904db0fbf1cdd81;p=thirdparty%2Fsamba.git

vfs_acl_tdb: avoid deleting the NT ACL from the tdb

...when called as part of setting a new NT ACL. This implements the same logic
added to vfs_acl_xattr in the previous commit, to make sure both modules behave
identically.

This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 17 20:04:22 UTC 2020 on sn-devel-184
---

diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index b70429473dd..4439a92557e 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -374,6 +374,8 @@ static int sys_acl_set_fd_tdb(vfs_handle_struct *handle,
 			    SMB_ACL_TYPE_T type,
                             SMB_ACL_T theacl)
 {
+	struct acl_common_fsp_ext *ext = (struct acl_common_fsp_ext *)
+		VFS_FETCH_FSP_EXTENSION(handle, fsp);
 	struct db_context *db = acl_db;
 	NTSTATUS status;
 	int ret;
@@ -391,6 +393,10 @@ static int sys_acl_set_fd_tdb(vfs_handle_struct *handle,
 		return -1;
 	}
 
+	if (ext != NULL && ext->setting_nt_acl) {
+		return 0;
+	}
+
 	acl_tdb_delete(handle, db, &fsp->fsp_name->st);
 	return 0;
 }