From c931ff9dad00fc05d4aed2ed329bf464d09a8c23 Mon Sep 17 00:00:00 2001 From: Sebastian Lackner Date: Sun, 5 Apr 2015 06:02:38 +0200 Subject: [PATCH] Partially remove advapi32-Revert_DACL patches. --- debian/changelog | 4 + ...ke-directory-DACL-entries-inheritabl.patch | 67 ---------------- ...n-t-use-CreateFile-when-opening-file.patch | 77 ------------------- patches/patchinstall.sh | 14 ++-- patches/server-Inherited_ACLs/definition | 1 - ...file-security-attributes-with-extend.patch | 38 ++++++--- ...eturn-of-file-security-masks-with-ge.patch | 40 +++++++--- patches/server-Stored_ACLs/definition | 1 + 8 files changed, 67 insertions(+), 175 deletions(-) delete mode 100644 patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch delete mode 100644 patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch diff --git a/debian/changelog b/debian/changelog index d9290631..7d595e2d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,7 @@ +wine-staging (1.7.41) UNRELEASED; urgency=low + * Partially remove advapi32-Revert_DACL patches. + -- Sebastian Lackner Sun, 05 Apr 2015 03:11:58 +0200 + wine-staging (1.7.40) unstable; urgency=low * Update dsound fast mixer patchset to use integer math. * Various improvements to Debian packaging files, pull request #310. diff --git a/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch b/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch deleted file mode 100644 index 1cb6b26f..00000000 --- a/patches/advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 41ffec5994a45a7f18cd77e98d8cf7bedecfd9a4 Mon Sep 17 00:00:00 2001 -From: Sebastian Lackner -Date: Fri, 27 Mar 2015 15:32:44 +0100 -Subject: Revert "server: Make directory DACL entries inheritable." - -This reverts commit 3eb448cf33b6b6635bac4e06ea7fddd190e26450. ---- - dlls/advapi32/tests/security.c | 2 +- - server/file.c | 8 ++++---- - 2 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index b19dbe8..a757c22 100644 ---- a/dlls/advapi32/tests/security.c -+++ b/dlls/advapi32/tests/security.c -@@ -3262,7 +3262,7 @@ static void test_CreateDirectoryA(void) - } - ok(!error, "GetNamedSecurityInfo failed with error %d\n", error); - test_inherited_dacl(pDacl, admin_sid, user_sid, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE, -- 0x1f01ff, FALSE, TRUE, FALSE, __LINE__); -+ 0x1f01ff, FALSE, TRUE, TRUE, __LINE__); - LocalFree(pSD); - - /* Test inheritance of ACLs in CreateFile without security descriptor */ -diff --git a/server/file.c b/server/file.c -index aa5ff01..c8c880b 100644 ---- a/server/file.c -+++ b/server/file.c -@@ -367,7 +367,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID - aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1); - current_ace = &aaa->Header; - aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; -- aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0; -+ aaa->Header.AceFlags = 0; - aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( local_system_sid ); - aaa->Mask = FILE_ALL_ACCESS; - sid = (SID *)&aaa->SidStart; -@@ -379,7 +379,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID - aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace ); - current_ace = &aaa->Header; - aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; -- aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0; -+ aaa->Header.AceFlags = 0; - aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user ); - aaa->Mask = WRITE_DAC | WRITE_OWNER; - if (mode & S_IRUSR) -@@ -397,7 +397,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID - ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace ); - current_ace = &ada->Header; - ada->Header.AceType = ACCESS_DENIED_ACE_TYPE; -- ada->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0; -+ ada->Header.AceFlags = 0; - ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user ); - ada->Mask = 0; - if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) -@@ -414,7 +414,7 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID - aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace ); - current_ace = &aaa->Header; - aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE; -- aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0; -+ aaa->Header.AceFlags = 0; - aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( world_sid ); - aaa->Mask = 0; - if (mode & S_IROTH) --- -2.3.3 - diff --git a/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch b/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch deleted file mode 100644 index 9df79b54..00000000 --- a/patches/advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 59067deb0ad4afb77deca29300133bff9d49f9f7 Mon Sep 17 00:00:00 2001 -From: Sebastian Lackner -Date: Fri, 27 Mar 2015 15:32:56 +0100 -Subject: Revert "advapi: Don't use CreateFile when opening file with possibly - empty DACL." - -This reverts commit f956bb4caa442ccde1ddaf483c5cb619bbf4049a. ---- - dlls/advapi32/security.c | 22 +++++++++------------- - 1 file changed, 9 insertions(+), 13 deletions(-) - -diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c -index e8cdcc5..097b0da 100644 ---- a/dlls/advapi32/security.c -+++ b/dlls/advapi32/security.c -@@ -397,7 +397,7 @@ static inline BOOL set_ntstatus( NTSTATUS status ) - } - - /* helper function for SE_FILE_OBJECT objects in [Get|Set]NamedSecurityInfo */ --static inline DWORD get_security_file( LPCWSTR full_file_name, DWORD access, HANDLE *file ) -+static inline DWORD get_security_file( LPWSTR full_file_name, DWORD access, HANDLE *file ) - { - UNICODE_STRING file_nameW; - OBJECT_ATTRIBUTES attr; -@@ -2029,7 +2029,7 @@ GetFileSecurityW( LPCWSTR lpFileName, - { - HANDLE hfile; - NTSTATUS status; -- DWORD access = 0, err; -+ DWORD access = 0; - - TRACE("(%s,%d,%p,%d,%p)\n", debugstr_w(lpFileName), - RequestedInformation, pSecurityDescriptor, -@@ -2041,12 +2041,10 @@ GetFileSecurityW( LPCWSTR lpFileName, - if (RequestedInformation & SACL_SECURITY_INFORMATION) - access |= ACCESS_SYSTEM_SECURITY; - -- err = get_security_file( lpFileName, access, &hfile); -- if (err) -- { -- SetLastError(err); -+ hfile = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, -+ NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0 ); -+ if ( hfile == INVALID_HANDLE_VALUE ) - return FALSE; -- } - - status = NtQuerySecurityObject( hfile, RequestedInformation, pSecurityDescriptor, - nLength, lpnLengthNeeded ); -@@ -2327,7 +2325,7 @@ SetFileSecurityW( LPCWSTR lpFileName, - PSECURITY_DESCRIPTOR pSecurityDescriptor ) - { - HANDLE file; -- DWORD access = 0, err; -+ DWORD access = 0; - NTSTATUS status; - - TRACE("(%s, 0x%x, %p)\n", debugstr_w(lpFileName), RequestedInformation, -@@ -2341,12 +2339,10 @@ SetFileSecurityW( LPCWSTR lpFileName, - if (RequestedInformation & DACL_SECURITY_INFORMATION) - access |= WRITE_DAC; - -- err = get_security_file( lpFileName, access, &file); -- if (err) -- { -- SetLastError(err); -+ file = CreateFileW( lpFileName, access, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, -+ NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL ); -+ if (file == INVALID_HANDLE_VALUE) - return FALSE; -- } - - status = NtSetSecurityObject( file, RequestedInformation, pSecurityDescriptor ); - CloseHandle( file ); --- -2.3.3 - diff --git a/patches/patchinstall.sh b/patches/patchinstall.sh index 6216b8c6..a979011a 100755 --- a/patches/patchinstall.sh +++ b/patches/patchinstall.sh @@ -1105,13 +1105,9 @@ if test "$enable_server_ACL_Compat" -eq 1; then fi if test "$enable_server_Inherited_ACLs" -eq 1; then - if test "$enable_server_File_Permissions" -gt 1; then - abort "Patchset server-File_Permissions disabled, but server-Inherited_ACLs depends on that." - fi if test "$enable_server_Stored_ACLs" -gt 1; then abort "Patchset server-Stored_ACLs disabled, but server-Inherited_ACLs depends on that." fi - enable_server_File_Permissions=1 enable_server_Stored_ACLs=1 fi @@ -1122,8 +1118,12 @@ if test "$enable_server_Stored_ACLs" -eq 1; then if test "$enable_ntdll_DOS_Attributes" -gt 1; then abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that." fi + if test "$enable_server_File_Permissions" -gt 1; then + abort "Patchset server-File_Permissions disabled, but server-Stored_ACLs depends on that." + fi enable_advapi32_Revert_DACL=1 enable_ntdll_DOS_Attributes=1 + enable_server_File_Permissions=1 fi if test "$enable_nvencodeapi_Video_Encoder" -eq 1; then @@ -1421,20 +1421,16 @@ fi # Patchset advapi32-Revert_DACL # | # | Modified files: -# | * dlls/advapi32/security.c, dlls/advapi32/tests/security.c, server/file.c +# | * dlls/advapi32/security.c, dlls/advapi32/tests/security.c # | if test "$enable_advapi32_Revert_DACL" -eq 1; then patch_apply advapi32-Revert_DACL/0001-Revert-advapi32-Add-DACL-inheritance-support-in-SetS.patch patch_apply advapi32-Revert_DACL/0002-Revert-advapi32-tests-Add-test-for-mapping-DACL-to-p.patch patch_apply advapi32-Revert_DACL/0003-Revert-advapi32-Add-SetNamedSecurityInfo-test-with-e.patch - patch_apply advapi32-Revert_DACL/0004-Revert-server-Make-directory-DACL-entries-inheritabl.patch - patch_apply advapi32-Revert_DACL/0005-Revert-advapi-Don-t-use-CreateFile-when-opening-file.patch ( echo '+ { "Sebastian Lackner", "Revert \"advapi32: Add DACL inheritance support in SetSecurityInfo.\".", 1 },'; echo '+ { "Sebastian Lackner", "Revert \"advapi32/tests: Add test for mapping DACL to permission.\".", 1 },'; echo '+ { "Sebastian Lackner", "Revert \"advapi32: Add SetNamedSecurityInfo test with empty DACL.\".", 1 },'; - echo '+ { "Sebastian Lackner", "Revert \"server: Make directory DACL entries inheritable.\".", 1 },'; - echo '+ { "Sebastian Lackner", "Revert \"advapi: Don'\''t use CreateFile when opening file with possibly empty DACL.\".", 1 },'; ) >> "$patchlist" fi diff --git a/patches/server-Inherited_ACLs/definition b/patches/server-Inherited_ACLs/definition index 2c7fa699..548d7437 100644 --- a/patches/server-Inherited_ACLs/definition +++ b/patches/server-Inherited_ACLs/definition @@ -1,3 +1,2 @@ Depends: server-Stored_ACLs -Depends: server-File_Permissions Fixes: [34406] Support for inherited file ACLs diff --git a/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch b/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch index bf82ec12..81997f5a 100644 --- a/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch +++ b/patches/server-Stored_ACLs/0005-server-Retrieve-file-security-attributes-with-extend.patch @@ -1,16 +1,16 @@ -From 148550ffa4aeae7903d6654373011ad282ce59dc Mon Sep 17 00:00:00 2001 +From fabc68cb1fd383d6f4eb31885a7aafbc572198af Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" Date: Fri, 18 Apr 2014 14:01:35 -0600 Subject: server: Retrieve file security attributes with extended file attributes. (try 7) --- - dlls/advapi32/tests/security.c | 57 +++++++++++++++++++++++++----------------- - server/file.c | 26 ++++++++++++++++--- - 2 files changed, 57 insertions(+), 26 deletions(-) + dlls/advapi32/tests/security.c | 61 +++++++++++++++++++++++++----------------- + server/file.c | 26 +++++++++++++++--- + 2 files changed, 59 insertions(+), 28 deletions(-) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index a757c22..3f97a82 100644 +index d13e54d..29daf60 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -3109,7 +3109,7 @@ static void get_nt_pathW(const char *name, UNICODE_STRING *nameW) @@ -64,7 +64,7 @@ index a757c22..3f97a82 100644 } ok(!error, "GetNamedSecurityInfo failed with error %d\n", error); test_inherited_dacl(pDacl, admin_sid, user_sid, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE, -- 0x1f01ff, FALSE, TRUE, TRUE, __LINE__); +- 0x1f01ff, FALSE, TRUE, FALSE, __LINE__); + 0x1f01ff, FALSE, FALSE, FALSE, TRUE, __LINE__); LocalFree(pSD); @@ -78,7 +78,7 @@ index a757c22..3f97a82 100644 LocalFree(pSD); CloseHandle(hTemp); -@@ -3352,7 +3364,7 @@ static void test_CreateDirectoryA(void) +@@ -3348,7 +3360,7 @@ static void test_CreateDirectoryA(void) (PSID *)&owner, NULL, &pDacl, NULL, &pSD); ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); test_inherited_dacl(pDacl, admin_sid, user_sid, INHERITED_ACE, @@ -87,7 +87,25 @@ index a757c22..3f97a82 100644 LocalFree(pSD); CloseHandle(hTemp); -@@ -3581,23 +3593,22 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3414,7 +3426,7 @@ static void test_CreateDirectoryA(void) + ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); + test_inherited_dacl(pDacl, admin_sid, user_sid, + OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE, +- 0x1f01ff, TRUE, TRUE, TRUE, __LINE__); ++ 0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__); + LocalFree(pSD); + bret = RemoveDirectoryA(tmpfile); + ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError()); +@@ -3495,7 +3507,7 @@ static void test_CreateDirectoryA(void) + ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); + test_inherited_dacl(pDacl, admin_sid, user_sid, + OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE, +- 0x1f01ff, TRUE, TRUE, TRUE, __LINE__); ++ 0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__); + LocalFree(pSD); + CloseHandle(hTemp); + +@@ -3719,23 +3731,22 @@ static void test_GetNamedSecurityInfoA(void) bret = pGetAce(pDacl, 0, (VOID **)&ace); ok(bret, "Failed to get Current User ACE.\n"); bret = EqualSid(&ace->SidStart, user_sid); @@ -117,7 +135,7 @@ index a757c22..3f97a82 100644 } LocalFree(pSD); HeapFree(GetProcessHeap(), 0, user); -@@ -4247,22 +4258,22 @@ static void test_GetSecurityInfo(void) +@@ -4385,22 +4396,22 @@ static void test_GetSecurityInfo(void) bret = pGetAce(pDacl, 0, (VOID **)&ace); ok(bret, "Failed to get Current User ACE.\n"); bret = EqualSid(&ace->SidStart, user_sid); @@ -147,7 +165,7 @@ index a757c22..3f97a82 100644 LocalFree(pSD); CloseHandle(obj); diff --git a/server/file.c b/server/file.c -index a1455ff..e84331d 100644 +index 07971a1..828bd86 100644 --- a/server/file.c +++ b/server/file.c @@ -503,6 +503,25 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID diff --git a/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch b/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch index beb2219a..3f8465f8 100644 --- a/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch +++ b/patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch @@ -1,16 +1,16 @@ -From 3779a55c15d92da1974ff1520e20bc5accc8e4b6 Mon Sep 17 00:00:00 2001 +From 0538266bd0f5f7c181b483da803dc6b84d53ec48 Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" Date: Fri, 18 Apr 2014 14:05:32 -0600 Subject: server: Convert return of file security masks with generic access mappings. (try 7) --- - dlls/advapi32/tests/security.c | 48 ++++++++++++++++-------------------------- - server/file.c | 22 +++++++++++++++++++ - 2 files changed, 40 insertions(+), 30 deletions(-) + dlls/advapi32/tests/security.c | 52 ++++++++++++++++-------------------------- + server/file.c | 22 ++++++++++++++++++ + 2 files changed, 42 insertions(+), 32 deletions(-) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index 3f97a82..a530a3f 100644 +index 29daf60..4db46f5 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -3109,7 +3109,7 @@ static void get_nt_pathW(const char *name, UNICODE_STRING *nameW) @@ -78,7 +78,7 @@ index 3f97a82..a530a3f 100644 LocalFree(pSD); CloseHandle(hTemp); -@@ -3364,7 +3352,7 @@ static void test_CreateDirectoryA(void) +@@ -3360,7 +3348,7 @@ static void test_CreateDirectoryA(void) (PSID *)&owner, NULL, &pDacl, NULL, &pSD); ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); test_inherited_dacl(pDacl, admin_sid, user_sid, INHERITED_ACE, @@ -87,7 +87,25 @@ index 3f97a82..a530a3f 100644 LocalFree(pSD); CloseHandle(hTemp); -@@ -3596,8 +3584,8 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3426,7 +3414,7 @@ static void test_CreateDirectoryA(void) + ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); + test_inherited_dacl(pDacl, admin_sid, user_sid, + OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE, +- 0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__); ++ 0x1f01ff, TRUE, TRUE, TRUE, __LINE__); + LocalFree(pSD); + bret = RemoveDirectoryA(tmpfile); + ok(bret == TRUE, "RemoveDirectoryA failed with error %u\n", GetLastError()); +@@ -3507,7 +3495,7 @@ static void test_CreateDirectoryA(void) + ok(error == ERROR_SUCCESS, "Failed to get permissions on file\n"); + test_inherited_dacl(pDacl, admin_sid, user_sid, + OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERITED_ACE, +- 0x1f01ff, TRUE, TRUE, TRUE, FALSE, __LINE__); ++ 0x1f01ff, TRUE, TRUE, TRUE, __LINE__); + LocalFree(pSD); + CloseHandle(hTemp); + +@@ -3734,8 +3722,8 @@ static void test_GetNamedSecurityInfoA(void) ok(bret, "Current User ACE != Current User SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -98,7 +116,7 @@ index 3f97a82..a530a3f 100644 } if (acl_size.AceCount > 1) { -@@ -3607,8 +3595,8 @@ static void test_GetNamedSecurityInfoA(void) +@@ -3745,8 +3733,8 @@ static void test_GetNamedSecurityInfoA(void) ok(bret || broken(!bret) /* win2k */, "Administators Group ACE != Administators Group SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -109,7 +127,7 @@ index 3f97a82..a530a3f 100644 } LocalFree(pSD); HeapFree(GetProcessHeap(), 0, user); -@@ -4261,8 +4249,8 @@ static void test_GetSecurityInfo(void) +@@ -4399,8 +4387,8 @@ static void test_GetSecurityInfo(void) ok(bret, "Current User ACE != Current User SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -120,7 +138,7 @@ index 3f97a82..a530a3f 100644 } if (acl_size.AceCount > 1) { -@@ -4272,8 +4260,8 @@ static void test_GetSecurityInfo(void) +@@ -4410,8 +4398,8 @@ static void test_GetSecurityInfo(void) ok(bret, "Administators Group ACE != Administators Group SID.\n"); ok(((ACE_HEADER *)ace)->AceFlags == 0, "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); @@ -132,7 +150,7 @@ index 3f97a82..a530a3f 100644 LocalFree(pSD); CloseHandle(obj); diff --git a/server/file.c b/server/file.c -index e84331d..b6435d1 100644 +index 828bd86..1a1ffa9 100644 --- a/server/file.c +++ b/server/file.c @@ -522,6 +522,27 @@ struct security_descriptor *get_xattr_sd( int fd ) diff --git a/patches/server-Stored_ACLs/definition b/patches/server-Stored_ACLs/definition index be80f6b9..e9ce2ce0 100644 --- a/patches/server-Stored_ACLs/definition +++ b/patches/server-Stored_ACLs/definition @@ -1,3 +1,4 @@ Depends: advapi32-Revert_DACL Depends: ntdll-DOS_Attributes +Depends: server-File_Permissions Fixes: [33576] Support for stored file ACLs