Partially remove advapi32-Revert_DACL patches.

2024-11-21 16:46:54 -08:00 · 2015-04-05 06:02:38 +02:00 · 2015-04-05 06:02:38 +02:00 · c931ff9dad
commit c931ff9dad
parent 9e0bb28fcb
8 changed files with 67 additions and 175 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,7 @@
+wine-staging (1.7.41) UNRELEASED; urgency=low
+  * Partially remove advapi32-Revert_DACL patches.
+ -- Sebastian Lackner <sebastian@fds-team.de>  Sun, 05 Apr 2015 03:11:58 +0200
+
 wine-staging (1.7.40) unstable; urgency=low
  * Update dsound fast mixer patchset to use integer math.
  * Various improvements to Debian packaging files, pull request #310.
--- a/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch
+++ b/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch
@ -1,67 +0,0 @@
-From 41ffec5994a45a7f18cd77e98d8cf7bedecfd9a4 Mon Sep 17 00:00:00 2001
-From: Sebastian Lackner <sebastian@fds-team.de>
-Date: Fri, 27 Mar 2015 15:32:44 +0100
-Subject: Revert "server: Make directory DACL entries inheritable."
-
-This reverts commit 3eb448cf33b6b6635bac4e06ea7fddd190e26450.
---
- dlls/advapi32/tests/security.c | 2 +-
- server/file.c                  | 8 ++++----
- 2 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index b19dbe8..a757c22 100644
--- a/dlls/advapi32/tests/security.c
-+++ b/dlls/advapi32/tests/security.c
-@@ -3262,7 +3262,7 @@ static void test_CreateDirectoryA(void)
-     }
-     ok(!error, "GetNamedSecurityInfo failed with error %d\n", error);
-     test_inherited_dacl(pDacl, admin_sid, user_sid, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE,
-                        0x1f01ff, FALSE, TRUE, FALSE, __LINE__);
-+                        0x1f01ff, FALSE, TRUE, TRUE, __LINE__);
-     LocalFree(pSD);
- 
-     /* Test inheritance of ACLs in CreateFile without security descriptor */
-diff --git a/server/file.c b/server/file.c
-index aa5ff01..c8c880b 100644
--- a/server/file.c
-+++ b/server/file.c
-@@ -367,7 +367,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
-     aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
-     current_ace = &aaa->Header;
-     aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-    aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
-+    aaa->Header.AceFlags = 0;
-     aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( local_system_sid );
-     aaa->Mask = FILE_ALL_ACCESS;
-     sid = (SID *)&aaa->SidStart;
-@@ -379,7 +379,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
-         aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
-         current_ace = &aaa->Header;
-         aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
-+        aaa->Header.AceFlags = 0;
-         aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user );
-         aaa->Mask = WRITE_DAC | WRITE_OWNER;
-         if (mode & S_IRUSR)
-@@ -397,7 +397,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
-         ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace );
-         current_ace = &ada->Header;
-         ada->Header.AceType = ACCESS_DENIED_ACE_TYPE;
-        ada->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
-+        ada->Header.AceFlags = 0;
-         ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user );
-         ada->Mask = 0;
-         if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
-@@ -414,7 +414,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
-         aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
-         current_ace = &aaa->Header;
-         aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
-        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
-+        aaa->Header.AceFlags = 0;
-         aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( world_sid );
-         aaa->Mask = 0;
-         if (mode & S_IROTH)
-- 
-2.3.3
-
--- a/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch
+++ b/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch
@ -1,77 +0,0 @@
-From 59067deb0ad4afb77deca29300133bff9d49f9f7 Mon Sep 17 00:00:00 2001
-From: Sebastian Lackner <sebastian@fds-team.de>
-Date: Fri, 27 Mar 2015 15:32:56 +0100
-Subject: Revert "advapi: Don't use CreateFile when opening file with possibly
- empty DACL."
-
-This reverts commit f956bb4caa442ccde1ddaf483c5cb619bbf4049a.
---
- dlls/advapi32/security.c | 22 +++++++++-------------
- 1 file changed, 9 insertions(+), 13 deletions(-)
-
-diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
-index e8cdcc5..097b0da 100644
--- a/dlls/advapi32/security.c
-+++ b/dlls/advapi32/security.c
-@@ -397,7 +397,7 @@ static inline BOOL set_ntstatus( NTSTATUS status )
- }
- 
- /* helper function for SE_FILE_OBJECT objects in [Get|Set]NamedSecurityInfo */
-static inline DWORD get_security_file( LPCWSTR full_file_name, DWORD access, HANDLE *file )
-+static inline DWORD get_security_file( LPWSTR full_file_name, DWORD access, HANDLE *file )
- {
-     UNICODE_STRING file_nameW;
-     OBJECT_ATTRIBUTES attr;
-@@ -2029,7 +2029,7 @@ GetFileSecurityW( LPCWSTR lpFileName,
- {
-     HANDLE hfile;
-     NTSTATUS status;
-    DWORD access = 0, err;
-+    DWORD access = 0;
- 
-     TRACE("(%s,%d,%p,%d,%p)\n", debugstr_w(lpFileName),
-           RequestedInformation, pSecurityDescriptor,
-@@ -2041,12 +2041,10 @@ GetFileSecurityW( LPCWSTR lpFileName,
-     if (RequestedInformation & SACL_SECURITY_INFORMATION)
-         access |= ACCESS_SYSTEM_SECURITY;
- 
-    err = get_security_file( lpFileName, access, &hfile);
-    if (err)
-    {
-        SetLastError(err);
-+    hfile = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
-+                         NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0 );
-+    if ( hfile == INVALID_HANDLE_VALUE )
-         return FALSE;
-    }
- 
-     status = NtQuerySecurityObject( hfile, RequestedInformation, pSecurityDescriptor,
-                                     nLength, lpnLengthNeeded );
-@@ -2327,7 +2325,7 @@ SetFileSecurityW( LPCWSTR lpFileName,
-                     PSECURITY_DESCRIPTOR pSecurityDescriptor )
- {
-     HANDLE file;
-    DWORD access = 0, err;
-+    DWORD access = 0;
-     NTSTATUS status;
- 
-     TRACE("(%s, 0x%x, %p)\n", debugstr_w(lpFileName), RequestedInformation,
-@@ -2341,12 +2339,10 @@ SetFileSecurityW( LPCWSTR lpFileName,
-     if (RequestedInformation & DACL_SECURITY_INFORMATION)
-         access |= WRITE_DAC;
- 
-    err = get_security_file( lpFileName, access, &file);
-    if (err)
-    {
-        SetLastError(err);
-+    file = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
-+                        NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL );
-+    if (file == INVALID_HANDLE_VALUE)
-         return FALSE;
-    }
- 
-     status = NtSetSecurityObject( file, RequestedInformation, pSecurityDescriptor );
-     CloseHandle( file );
-- 
-2.3.3
-
--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@ -1105,13 +1105,9 @@ if test "$enable_server_ACL_Compat" -eq 1; then
 fi

 if test "$enable_server_Inherited_ACLs" -eq 1; then
-	if test "$enable_server_File_Permissions" -gt 1; then
-		abort "Patchset server-File_Permissions disabled, but server-Inherited_ACLs depends on that."
-	fi
 	if test "$enable_server_Stored_ACLs" -gt 1; then
 		abort "Patchset server-Stored_ACLs disabled, but server-Inherited_ACLs depends on that."
 	fi
-	enable_server_File_Permissions=1
 	enable_server_Stored_ACLs=1
 fi

@ -1122,8 +1118,12 @@ if test "$enable_server_Stored_ACLs" -eq 1; then
 	if test "$enable_ntdll_DOS_Attributes" -gt 1; then
 		abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that."
 	fi
+	if test "$enable_server_File_Permissions" -gt 1; then
+		abort "Patchset server-File_Permissions disabled, but server-Stored_ACLs depends on that."
+	fi
 	enable_advapi32_Revert_DACL=1
 	enable_ntdll_DOS_Attributes=1
+	enable_server_File_Permissions=1
 fi

 if test "$enable_nvencodeapi_Video_Encoder" -eq 1; then
@ -1421,20 +1421,16 @@ fi
 # Patchset advapi32-Revert_DACL
 # |
 # | Modified files:
-# |   *	dlls/advapi32/security.c, dlls/advapi32/tests/security.c, server/file.c
+# |   *	dlls/advapi32/security.c, dlls/advapi32/tests/security.c
 # |
 if test "$enable_advapi32_Revert_DACL" -eq 1; then
 	patch_apply advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch
 	patch_apply advapi32-Revert_DACL/0002-Revert-advapi32-tests-Add-test-for-mapping-DACL-to-p.patch
 	patch_apply advapi32-Revert_DACL/0003-Revert-advapi32-Add-SetNamedSecurityInfo-test-with-e.patch
-	patch_apply advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch
-	patch_apply advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch
 	(
 		echo '+    { "Sebastian Lackner", "Revert \"advapi32: Add DACL inheritance support in SetSecurityInfo.\".", 1 },';
 		echo '+    { "Sebastian Lackner", "Revert \"advapi32/tests: Add test for mapping DACL to permission.\".", 1 },';
 		echo '+    { "Sebastian Lackner", "Revert \"advapi32: Add SetNamedSecurityInfo test with empty DACL.\".", 1 },';
-		echo '+    { "Sebastian Lackner", "Revert \"server: Make directory DACL entries inheritable.\".", 1 },';
-		echo '+    { "Sebastian Lackner", "Revert \"advapi: Don'\''t use CreateFile when opening file with possibly empty DACL.\".", 1 },';
 	) >> "$patchlist"
 fi

--- a/patches/server-Inherited_ACLs/definition
+++ b/patches/server-Inherited_ACLs/definition
@ -1,3 +1,2 @@
 Depends: server-Stored_ACLs
-Depends: server-File_Permissions
 Fixes: [34406] Support for inherited file ACLs
--- a/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch
+++ b/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch
@ -1,16 +1,16 @@
-From 148550ffa4aeae7903d6654373011ad282ce59dc Mon Sep 17 00:00:00 2001
+From fabc68cb1fd383d6f4eb31885a7aafbc572198af Mon Sep 17 00:00:00 2001
 From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
 Date: Fri, 18 Apr 2014 14:01:35 -0600
 Subject: server: Retrieve file security attributes with extended file
 attributes. (try 7)

 ---
- dlls/advapi32/tests/security.c | 57 +++++++++++++++++++++++++-----------------
- server/file.c                  | 26 ++++++++++++++++---
- 2 files changed, 57 insertions(+), 26 deletions(-)
+ dlls/advapi32/tests/security.c | 61 +++++++++++++++++++++++++-----------------
+ server/file.c                  | 26 +++++++++++++++---
+ 2 files changed, 59 insertions(+), 28 deletions(-)

 diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index a757c22..3f97a82 100644
+index d13e54d..29daf60 100644
 --- a/dlls/advapi32/tests/security.c
 +++ b/dlls/advapi32/tests/security.c
@@ -3109,7 +3109,7 @@ static void get_nt_pathW(const char *name, UNICODE_STRING *nameW)
@ -64,7 +64,7 @@ index a757c22..3f97a82 100644
     }
     ok(!error, "GetNamedSecurityInfo failed with error %d\n", error);
     test_inherited_dacl(pDacl, admin_sid, user_sid, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE,
-                        0x1f01ff, FALSE, TRUE, TRUE, __LINE__);
+-                        0x1f01ff, FALSE, TRUE, FALSE, __LINE__);
 +                        0x1f01ff, FALSE, FALSE, FALSE, TRUE, __LINE__);
     LocalFree(pSD);
 
@ -78,7 +78,7 @@ index a757c22..3f97a82 100644
     LocalFree(pSD);
     CloseHandle(hTemp);
 
-@@ -3352,7 +3364,7 @@ static void test_CreateDirectoryA(void)
+@@ -3348,7 +3360,7 @@ static void test_CreateDirectoryA(void)
                                    (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
     test_inherited_dacl(pDacl, admin_sid, user_sid, INHERITED_ACE,
@ -87,7 +87,25 @@ index a757c22..3f97a82 100644
     LocalFree(pSD);
     CloseHandle(hTemp);
 
-@@ -3581,23 +3593,22 @@ static void test_GetNamedSecurityInfoA(void)
+@@ -3414,7 +3426,7 @@ static void test_CreateDirectoryA(void)
+     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+     test_inherited_dacl(pDacl, admin_sid, user_sid,
+                         OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+-                        0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+                        0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__);
+     LocalFree(pSD);
+     bret = RemoveDirectoryA(tmpfile);
+     ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
+@@ -3495,7 +3507,7 @@ static void test_CreateDirectoryA(void)
+     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+     test_inherited_dacl(pDacl, admin_sid, user_sid,
+                         OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+-                        0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+                        0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__);
+     LocalFree(pSD);
+     CloseHandle(hTemp);
+ 
+@@ -3719,23 +3731,22 @@ static void test_GetNamedSecurityInfoA(void)
         bret = pGetAce(pDacl, 0, (VOID **)&ace);
         ok(bret, "Failed to get Current User ACE.\n");
         bret = EqualSid(&ace->SidStart, user_sid);
@ -117,7 +135,7 @@ index a757c22..3f97a82 100644
     }
     LocalFree(pSD);
     HeapFree(GetProcessHeap(), 0, user);
-@@ -4247,22 +4258,22 @@ static void test_GetSecurityInfo(void)
+@@ -4385,22 +4396,22 @@ static void test_GetSecurityInfo(void)
         bret = pGetAce(pDacl, 0, (VOID **)&ace);
         ok(bret, "Failed to get Current User ACE.\n");
         bret = EqualSid(&ace->SidStart, user_sid);
@ -147,7 +165,7 @@ index a757c22..3f97a82 100644
     LocalFree(pSD);
     CloseHandle(obj);
 diff --git a/server/file.c b/server/file.c
-index a1455ff..e84331d 100644
+index 07971a1..828bd86 100644
 --- a/server/file.c
 +++ b/server/file.c
@@ -503,6 +503,25 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
--- a/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch
+++ b/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch
@ -1,16 +1,16 @@
-From 3779a55c15d92da1974ff1520e20bc5accc8e4b6 Mon Sep 17 00:00:00 2001
+From 0538266bd0f5f7c181b483da803dc6b84d53ec48 Mon Sep 17 00:00:00 2001
 From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
 Date: Fri, 18 Apr 2014 14:05:32 -0600
 Subject: server: Convert return of file security masks with generic access
 mappings. (try 7)

 ---
- dlls/advapi32/tests/security.c | 48 ++++++++++++++++--------------------------
- server/file.c                  | 22 +++++++++++++++++++
- 2 files changed, 40 insertions(+), 30 deletions(-)
+ dlls/advapi32/tests/security.c | 52 ++++++++++++++++--------------------------
+ server/file.c                  | 22 ++++++++++++++++++
+ 2 files changed, 42 insertions(+), 32 deletions(-)

 diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
-index 3f97a82..a530a3f 100644
+index 29daf60..4db46f5 100644
 --- a/dlls/advapi32/tests/security.c
 +++ b/dlls/advapi32/tests/security.c
@@ -3109,7 +3109,7 @@ static void get_nt_pathW(const char *name, UNICODE_STRING *nameW)
@ -78,7 +78,7 @@ index 3f97a82..a530a3f 100644
     LocalFree(pSD);
     CloseHandle(hTemp);
 
-@@ -3364,7 +3352,7 @@ static void test_CreateDirectoryA(void)
+@@ -3360,7 +3348,7 @@ static void test_CreateDirectoryA(void)
                                    (PSID *)&owner, NULL, &pDacl, NULL, &pSD);
     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
     test_inherited_dacl(pDacl, admin_sid, user_sid, INHERITED_ACE,
@ -87,7 +87,25 @@ index 3f97a82..a530a3f 100644
     LocalFree(pSD);
     CloseHandle(hTemp);
 
-@@ -3596,8 +3584,8 @@ static void test_GetNamedSecurityInfoA(void)
+@@ -3426,7 +3414,7 @@ static void test_CreateDirectoryA(void)
+     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+     test_inherited_dacl(pDacl, admin_sid, user_sid,
+                         OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+-                        0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__);
+                        0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+     LocalFree(pSD);
+     bret = RemoveDirectoryA(tmpfile);
+     ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError());
+@@ -3507,7 +3495,7 @@ static void test_CreateDirectoryA(void)
+     ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n");
+     test_inherited_dacl(pDacl, admin_sid, user_sid,
+                         OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE,
+-                        0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__);
+                        0x1f01ff, TRUE, TRUE, TRUE, __LINE__);
+     LocalFree(pSD);
+     CloseHandle(hTemp);
+ 
+@@ -3734,8 +3722,8 @@ static void test_GetNamedSecurityInfoA(void)
         ok(bret, "Current User ACE != Current User SID.\n");
         ok(((ACE_HEADER *)ace)->AceFlags == 0,
            "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -98,7 +116,7 @@ index 3f97a82..a530a3f 100644
     }
     if (acl_size.AceCount > 1)
     {
-@@ -3607,8 +3595,8 @@ static void test_GetNamedSecurityInfoA(void)
+@@ -3745,8 +3733,8 @@ static void test_GetNamedSecurityInfoA(void)
         ok(bret || broken(!bret) /* win2k */, "Administators Group ACE != Administators Group SID.\n");
         ok(((ACE_HEADER *)ace)->AceFlags == 0,
            "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -109,7 +127,7 @@ index 3f97a82..a530a3f 100644
     }
     LocalFree(pSD);
     HeapFree(GetProcessHeap(), 0, user);
-@@ -4261,8 +4249,8 @@ static void test_GetSecurityInfo(void)
+@@ -4399,8 +4387,8 @@ static void test_GetSecurityInfo(void)
         ok(bret, "Current User ACE != Current User SID.\n");
         ok(((ACE_HEADER *)ace)->AceFlags == 0,
            "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -120,7 +138,7 @@ index 3f97a82..a530a3f 100644
     }
     if (acl_size.AceCount > 1)
     {
-@@ -4272,8 +4260,8 @@ static void test_GetSecurityInfo(void)
+@@ -4410,8 +4398,8 @@ static void test_GetSecurityInfo(void)
         ok(bret, "Administators Group ACE != Administators Group SID.\n");
         ok(((ACE_HEADER *)ace)->AceFlags == 0,
            "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -132,7 +150,7 @@ index 3f97a82..a530a3f 100644
     LocalFree(pSD);
     CloseHandle(obj);
 diff --git a/server/file.c b/server/file.c
-index e84331d..b6435d1 100644
+index 828bd86..1a1ffa9 100644
 --- a/server/file.c
 +++ b/server/file.c
@@ -522,6 +522,27 @@ struct security_descriptor *get_xattr_sd( int fd )
--- a/patches/server-Stored_ACLs/definition
+++ b/patches/server-Stored_ACLs/definition
@ -1,3 +1,4 @@
 Depends: advapi32-Revert_DACL
 Depends: ntdll-DOS_Attributes
+Depends: server-File_Permissions
 Fixes: [33576] Support for stored file ACLs