If you try to use
nfs4_setfacl -R -a A:d:........ directory
to recursively set an inheritance ACE on all directories in a tree, it
will fail on the first non-directory as setting an inheritance ACE
there is not permitted (and as it aborts on the first sign of an error).
So use the is_dir flag to avoid doing that, just as is done with the
DELETE_CHILD permission.
Signed-off-by: NeilBrown <neilb@xxxxxxxx>
---
Hi Bruce,
are you still maintaining nfsv4-acl-tools? Last commit was over
a year ago!! I guess that means it is nearly perfect :-)
A customer came across this problem and it seems simple to fix,
but if I'm missing something important, please let me know.
NeilBrown
libnfs4acl/nfs4_ace_from_string.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/libnfs4acl/nfs4_ace_from_string.c b/libnfs4acl/nfs4_ace_from_string.c
index 510ffee35d32..a7a30360d860 100644
--- a/libnfs4acl/nfs4_ace_from_string.c
+++ b/libnfs4acl/nfs4_ace_from_string.c
@@ -185,16 +185,20 @@ struct nfs4_ace * nfs4_ace_from_string(char *ace_buf, int is_dir)
for (buflen = strlen(field); buflen > 0; buflen--) {
switch (*field) {
case FLAG_FILE_INHERIT:
- flags |= NFS4_ACE_FILE_INHERIT_ACE;
+ if (is_dir)
+ flags |= NFS4_ACE_FILE_INHERIT_ACE;
break;
case FLAG_DIR_INHERIT:
- flags |= NFS4_ACE_DIRECTORY_INHERIT_ACE;
+ if (is_dir)
+ flags |= NFS4_ACE_DIRECTORY_INHERIT_ACE;
break;
case FLAG_NO_PROPAGATE_INHERIT:
- flags |= NFS4_ACE_NO_PROPAGATE_INHERIT_ACE;
+ if (is_dir)
+ flags |= NFS4_ACE_NO_PROPAGATE_INHERIT_ACE;
break;
case FLAG_INHERIT_ONLY:
- flags |= NFS4_ACE_INHERIT_ONLY_ACE;
+ if (is_dir)
+ flags |= NFS4_ACE_INHERIT_ONLY_ACE;
break;
case FLAG_SUCCESSFUL_ACCESS:
flags |= NFS4_ACE_SUCCESSFUL_ACCESS_ACE_FLAG;
--
2.7.1
Attachment:
signature.asc
Description: PGP signature
