ACLs now usable (though not visible on the client) without common directory service

diff --git a/etc/afpd/acls.c b/etc/afpd/acls.c
index 69b1802792db07ba9a19d4eed5d82a70d9237504..8e2807fa72f1de92aef054ea3640196dd1e48dbd 100644 (file)
--- a/etc/afpd/acls.c
+++ b/etc/afpd/acls.c
@@ -1421,21 +1421,25 @@ int afp_setacl(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size
     return ret;
 }
 
-/*
-  unix.c/accessmode calls this: map ACL to OS 9 mode
-*/
+/*!
+ * map ACL to user maccess
+ *
+ * This is the magic function that makes ACLs usable by calculating
+ * the access granted by ACEs to the logged in user.
+ */
 int acltoownermode(char *path, struct stat *st, uid_t uid, struct maccess *ma)
 {
     EC_INIT;
     struct passwd *pw;
     uint32_t rights = 0;
 
-    if ( ! (AFPobj->options.flags & OPTION_UUID)
-         ||
-         ! (AFPobj->options.flags & OPTION_ACL2MACCESS))
-        return 0;
+    if ( ! (AFPobj->options.flags & OPTION_ACL2MACCESS)
+         || (current_vol == NULL)
+         || ! (current_vol->v_flags & AFPVOL_ACLS))
+         return 0;
 
-    LOG(log_maxdebug, logtype_afpd, "acltoownermode('%s')", path);
+    LOG(log_error, logtype_afpd, "acltoownermode(\"%s/%s\", 0x%02x)",
+        getcwdpath(), path, ma->ma_user);
 
     EC_NULL_LOG(pw = getpwuid(uid));
 
@@ -1443,18 +1447,19 @@ int acltoownermode(char *path, struct stat *st, uid_t uid, struct maccess *ma)
     EC_ZERO_LOG(solaris_acl_rights(path, st, pw, &rights));
 #endif
 #ifdef HAVE_POSIX_ACLS
+    EC_ZERO_LOG(posix_acl_rights(path, st, pw, &rights));
 #endif
 
-    LOG(log_debug, logtype_afpd, "rights: 0x%08x", rights);
+    LOG(log_error, logtype_afpd, "rights: 0x%08x", rights);
 
-    LOG(log_maxdebug, logtype_afpd, "acltoownermode: ma_user before: %04o",ma->ma_user);
     if (rights & DARWIN_ACE_READ_DATA)
         ma->ma_user |= AR_UREAD;
     if (rights & DARWIN_ACE_WRITE_DATA)
         ma->ma_user |= AR_UWRITE;
     if (rights & (DARWIN_ACE_EXECUTE | DARWIN_ACE_SEARCH))
         ma->ma_user |= AR_USEARCH;
-    LOG(log_maxdebug, logtype_afpd, "acltoownermode: ma_user after: %04o", ma->ma_user);
+
+    LOG(log_error, logtype_afpd, "resulting user maccess: 0x%02x", ma->ma_user);
 
 EC_CLEANUP:
     EC_EXIT;

diff --git a/etc/afpd/volume.c b/etc/afpd/volume.c
index bf90e9a6008997bde965d3dd053c6a8c945ffe71..4c7ed7b78a77036c5928e55e9b378cd53589d99a 100644 (file)
--- a/etc/afpd/volume.c
+++ b/etc/afpd/volume.c
@@ -81,6 +81,9 @@ extern int afprun(int root, char *cmd, int *outfd);
 #define UUID_PRINTABLE_STRING_LENGTH 37
 #endif
 
+/* Globals */
+struct vol *current_vol;        /* last volume from getvolbyvid() */
+
 static struct vol *Volumes = NULL;
 static u_int16_t    lastvid = 0;
 static char     *Trash = "\02\024Network Trash Folder";
@@ -2314,6 +2317,7 @@ int afp_closevol(AFPObj *obj _U_, char *ibuf, size_t ibuflen _U_, char *rbuf _U_
     }
 
     deletevol(vol);
+    current_vol = NULL;
 
     return( AFP_OK );
 }
@@ -2336,6 +2340,8 @@ struct vol *getvolbyvid(const u_int16_t vid )
     set_uidgid ( vol );
 #endif /* FORCE_UIDGID */
 
+    current_vol = vol;
+
     return( vol );
 }
 

diff --git a/etc/afpd/volume.h b/etc/afpd/volume.h
index 7402a9a450c9793c9d3119664175e5ba855704b1..b33e9c313cf22713ccf738efcb3758b4b07a1dea 100644 (file)
--- a/etc/afpd/volume.h
+++ b/etc/afpd/volume.h
@@ -1,6 +1,4 @@
 /*
- * $Id: volume.h,v 1.36 2009-10-15 10:43:13 didg Exp $
- *
  * Copyright (c) 1990,1994 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
  */
@@ -47,4 +45,6 @@ int afp_closevol     (AFPObj *obj, char *ibuf, size_t ibuflen, char *rbuf,  size
 /* netatalk functions */
 extern void     close_all_vol   (void);
 
+struct vol *current_vol;        /* last volume from getvolbyvid() */
+
 #endif