From b7f62e13933da14c381f70cd46ad13849b108e68 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 17 May 2021 15:34:55 -0700
Subject: [PATCH] s3: smbd: Ensure POSIX default ACL is mapped into returned
 Windows ACL for directory handles.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14708

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed May 19 09:22:56 UTC 2021 on sn-devel-184
---
 selftest/knownfail.d/posix_dir_default_acl |  2 --
 source3/smbd/posix_acls.c                  | 12 +++++++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)
 delete mode 100644 selftest/knownfail.d/posix_dir_default_acl

diff --git a/selftest/knownfail.d/posix_dir_default_acl b/selftest/knownfail.d/posix_dir_default_acl
deleted file mode 100644
index 5c8a5d9af4e..00000000000
--- a/selftest/knownfail.d/posix_dir_default_acl
+++ /dev/null
@@ -1,2 +0,0 @@
-^samba3.smbtorture_s3.plain.POSIX-DIR-DEFAULT-ACL.smbtorture\(nt4_dc_smb1\)
-^samba3.smbtorture_s3.crypt.POSIX-DIR-DEFAULT-ACL.smbtorture\(nt4_dc_smb1\)
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index c3e00fa2475..489a4695ba1 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3426,6 +3426,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
 {
 	SMB_STRUCT_STAT sbuf;
 	SMB_ACL_T posix_acl = NULL;
+	SMB_ACL_T def_acl = NULL;
 	struct pai_val *pal;
 	TALLOC_CTX *frame = talloc_stackframe();
 	NTSTATUS status;
@@ -3444,10 +3445,19 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
 	/* Get the ACL from the fd. */
 	posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, frame);
 
+	/* If it's a directory get the default POSIX ACL. */
+	if(fsp->fsp_flags.is_directory) {
+		def_acl = SMB_VFS_SYS_ACL_GET_FILE(fsp->conn,
+						   fsp->fsp_name,
+						   SMB_ACL_TYPE_DEFAULT,
+						   frame);
+		def_acl = free_empty_sys_acl(fsp->conn, def_acl);
+	}
+
 	pal = fload_inherited_info(fsp);
 
 	status = posix_get_nt_acl_common(fsp->conn, fsp->fsp_name->base_name,
-					 &sbuf, pal, posix_acl, NULL,
+					 &sbuf, pal, posix_acl, def_acl,
 					 security_info, mem_ctx, ppdesc);
 	TALLOC_FREE(frame);
 	return status;
-- 
2.47.3