X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=etc%2Fafpd%2Facls.c;h=43e91042f10e0ee3850a2d3cc312b7b51ee7a038;hb=4054f4b3c85ecab060dafd46c0d3632cadbb5803;hp=a82d326fe2ff9211b58151617e037272ff45e814;hpb=ea69ab373272be653573c37b2b22d48d1e7ac794;p=netatalk.git diff --git a/etc/afpd/acls.c b/etc/afpd/acls.c index a82d326f..43e91042 100644 --- a/etc/afpd/acls.c +++ b/etc/afpd/acls.c @@ -128,9 +128,9 @@ static int solaris_acl_rights(const char *path, || ((flags & ACE_OWNER) && (uuid == sb->st_uid)) || - ((flags & ACE_GROUP) && gmem(sb->st_gid)) + ((flags & ACE_GROUP) && !(uuid == sb->st_uid) && gmem(sb->st_gid)) || - (flags & ACE_EVERYONE) + (flags & ACE_EVERYONE && !(uuid == sb->st_uid) && !gmem(sb->st_gid)) ) { /* Found an applicable ACE */ if (type == ACE_ACCESS_ALLOWED_ACE_TYPE) @@ -438,14 +438,16 @@ static int posix_acl_rights(const char *path, gid = NULL; break; case ACL_GROUP_OBJ: - if (gmem(sb->st_gid)) { + if (!(sb->st_uid == uuid) && gmem(sb->st_gid)) { LOG(log_maxdebug, logtype_afpd, "ACL_GROUP_OBJ: %u", sb->st_gid); rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode)); } break; case ACL_OTHER: - LOG(log_maxdebug, logtype_afpd, "ACL_OTHER"); - rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode)); + if (!(sb->st_uid == uuid) && !gmem(sb->st_gid)) { + LOG(log_maxdebug, logtype_afpd, "ACL_OTHER"); + rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode)); + } break; default: continue; @@ -1293,11 +1295,14 @@ int afp_getacl(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size /* Shall we return owner UUID ? */ if (bitmap & kFileSec_UUID) { LOG(log_debug, logtype_afpd, "afp_getacl: client requested files owner user UUID"); - if (NULL == (pw = getpwuid(s_path->st.st_uid))) - return AFPERR_MISC; - LOG(log_debug, logtype_afpd, "afp_getacl: got uid: %d, name: %s", s_path->st.st_uid, pw->pw_name); - if ((ret = getuuidfromname(pw->pw_name, UUID_USER, rbuf)) != 0) - return AFPERR_MISC; + if (NULL == (pw = getpwuid(s_path->st.st_uid))) { + LOG(log_debug, logtype_afpd, "afp_getacl: local uid: %u", s_path->st.st_uid); + localuuid_from_id(rbuf, UUID_USER, s_path->st.st_uid); + } else { + LOG(log_debug, logtype_afpd, "afp_getacl: got uid: %d, name: %s", s_path->st.st_uid, pw->pw_name); + if ((ret = getuuidfromname(pw->pw_name, UUID_USER, rbuf)) != 0) + return AFPERR_MISC; + } rbuf += UUID_BINSIZE; *rbuflen += UUID_BINSIZE; } @@ -1305,11 +1310,14 @@ int afp_getacl(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size /* Shall we return group UUID ? */ if (bitmap & kFileSec_GRPUUID) { LOG(log_debug, logtype_afpd, "afp_getacl: client requested files owner group UUID"); - if (NULL == (gr = getgrgid(s_path->st.st_gid))) - return AFPERR_MISC; - LOG(log_debug, logtype_afpd, "afp_getacl: got gid: %d, name: %s", s_path->st.st_gid, gr->gr_name); - if ((ret = getuuidfromname(gr->gr_name, UUID_GROUP, rbuf)) != 0) - return AFPERR_MISC; + if (NULL == (gr = getgrgid(s_path->st.st_gid))) { + LOG(log_debug, logtype_afpd, "afp_getacl: local gid: %u", s_path->st.st_gid); + localuuid_from_id(rbuf, UUID_GROUP, s_path->st.st_gid); + } else { + LOG(log_debug, logtype_afpd, "afp_getacl: got gid: %d, name: %s", s_path->st.st_gid, gr->gr_name); + if ((ret = getuuidfromname(gr->gr_name, UUID_GROUP, rbuf)) != 0) + return AFPERR_MISC; + } rbuf += UUID_BINSIZE; *rbuflen += UUID_BINSIZE; }