From ef02629fc59eab307b90ab6db482a4c3da8a2671 Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" Date: Thu, 21 Nov 2013 13:40:27 -0700 Subject: [PATCH] Rebase ACL extended attribute patches against latest git. --- ...rectories-with-the-specified-securit.patch | 205 ------------------ ...return-security-attributes-with-ext.patch} | 148 +++++++------ ...urity-attributes-from-parent-direct.patch} | 26 +-- 3 files changed, 91 insertions(+), 288 deletions(-) delete mode 100644 patches/0004-server-Create-directories-with-the-specified-securit.patch rename patches/{0005-server-Store-and-return-security-attributes-with-ext.patch => 0004-server-Store-and-return-security-attributes-with-ext.patch} (88%) rename patches/{0006-ntdll-Inherit-security-attributes-from-parent-direct.patch => 0005-ntdll-Inherit-security-attributes-from-parent-direct.patch} (91%) diff --git a/patches/0004-server-Create-directories-with-the-specified-securit.patch b/patches/0004-server-Create-directories-with-the-specified-securit.patch deleted file mode 100644 index a2a65618..00000000 --- a/patches/0004-server-Create-directories-with-the-specified-securit.patch +++ /dev/null @@ -1,205 +0,0 @@ -From 8ffcfda480ef0475910eee359c8e447571b078cf Mon Sep 17 00:00:00 2001 -From: "Erich E. Hoover" -Date: Fri, 9 Aug 2013 20:56:15 -0600 -Subject: server: Create directories with the specified security attributes. - ---- - dlls/kernel32/tests/directory.c | 135 +++++++++++++++++++++++++++++++++++++++ - server/fd.c | 2 +- - server/file.c | 7 +- - 3 files changed, 142 insertions(+), 2 deletions(-) - -diff --git a/dlls/kernel32/tests/directory.c b/dlls/kernel32/tests/directory.c -index 9baae47..df434b6 100644 ---- a/dlls/kernel32/tests/directory.c -+++ b/dlls/kernel32/tests/directory.c -@@ -24,6 +24,15 @@ - #include "windef.h" - #include "winbase.h" - #include "winerror.h" -+#include "aclapi.h" -+ -+static DWORD (WINAPI *pGetNamedSecurityInfoA)(LPSTR, SE_OBJECT_TYPE, SECURITY_INFORMATION, -+ PSID*, PSID*, PACL*, PACL*, -+ PSECURITY_DESCRIPTOR*); -+static BOOL (WINAPI *pGetAclInformation)(PACL,LPVOID,DWORD,ACL_INFORMATION_CLASS); -+static BOOL (WINAPI *pCreateWellKnownSid)(WELL_KNOWN_SID_TYPE,PSID,PSID,DWORD*); -+static BOOL (WINAPI *pAddAccessAllowedAceEx)(PACL, DWORD, DWORD, DWORD, PSID); -+static BOOL (WINAPI *pGetAce)(PACL,DWORD,LPVOID*); - - /* If you change something in these tests, please do the same - * for GetSystemDirectory tests. -@@ -486,8 +495,132 @@ static void test_SetCurrentDirectoryA(void) - ok( GetLastError() == ERROR_PATH_NOT_FOUND, "wrong error %d\n", GetLastError() ); - } - -+static void test_security_attributes(void) -+{ -+ char admin_ptr[sizeof(SID)+sizeof(ULONG)*SID_MAX_SUB_AUTHORITIES], *user; -+ DWORD sid_size = sizeof(admin_ptr), user_size; -+ PSID admin_sid = (PSID) admin_ptr, user_sid; -+ char sd[SECURITY_DESCRIPTOR_MIN_LENGTH]; -+ PSECURITY_DESCRIPTOR pSD = &sd; -+ ACL_SIZE_INFORMATION acl_size; -+ ACCESS_ALLOWED_ACE *ace; -+ SECURITY_ATTRIBUTES sa; -+ char tmpdir[MAX_PATH]; -+ struct _SID *owner; -+ BOOL bret = TRUE; -+ HANDLE token; -+ DWORD error; -+ PACL pDacl; -+ -+ if (!pGetNamedSecurityInfoA || !pCreateWellKnownSid) -+ { -+ win_skip("Required functions are not available\n"); -+ return; -+ } -+ -+ if (!OpenThreadToken(GetCurrentThread(), TOKEN_READ, TRUE, &token)) -+ { -+ if (GetLastError() != ERROR_NO_TOKEN) bret = FALSE; -+ else if (!OpenProcessToken(GetCurrentProcess(), TOKEN_READ, &token)) bret = FALSE; -+ } -+ if (!bret) -+ { -+ win_skip("Failed to get current user token\n"); -+ return; -+ } -+ bret = GetTokenInformation(token, TokenUser, NULL, 0, &user_size); -+ ok(!bret && (GetLastError() == ERROR_INSUFFICIENT_BUFFER), -+ "GetTokenInformation(TokenUser) failed with error %d\n", GetLastError()); -+ user = HeapAlloc(GetProcessHeap(), 0, user_size); -+ bret = GetTokenInformation(token, TokenUser, user, user_size, &user_size); -+ ok(bret, "GetTokenInformation(TokenUser) failed with error %d\n", GetLastError()); -+ CloseHandle( token ); -+ user_sid = ((TOKEN_USER *)user)->User.Sid; -+ -+ sa.nLength = sizeof(sa); -+ sa.lpSecurityDescriptor = pSD; -+ sa.bInheritHandle = TRUE; -+ InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION); -+ pCreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, admin_sid, &sid_size); -+ pDacl = HeapAlloc(GetProcessHeap(), 0, 100); -+ bret = InitializeAcl(pDacl, 100, ACL_REVISION); -+ ok(bret, "Failed to initialize ACL.\n"); -+ bret = pAddAccessAllowedAceEx(pDacl, ACL_REVISION, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE, -+ GENERIC_ALL, user_sid); -+ ok(bret, "Failed to add Current User to ACL.\n"); -+ bret = pAddAccessAllowedAceEx(pDacl, ACL_REVISION, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE, -+ GENERIC_ALL, admin_sid); -+ ok(bret, "Failed to add Administrator Group to ACL.\n"); -+ bret = SetSecurityDescriptorDacl(pSD, TRUE, pDacl, FALSE); -+ ok(bret, "Failed to add ACL to security desciptor.\n"); -+ -+ GetTempPathA(MAX_PATH, tmpdir); -+ lstrcatA(tmpdir, "Please Remove Me"); -+ bret = CreateDirectoryA(tmpdir, &sa); -+ ok(bret == TRUE, "CreateDirectoryA(%s) failed err=%d\n", tmpdir, GetLastError()); -+ HeapFree(GetProcessHeap(), 0, pDacl); -+ -+ SetLastError(0xdeadbeef); -+ error = pGetNamedSecurityInfoA(tmpdir, SE_FILE_OBJECT, -+ OWNER_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION, (PSID*)&owner, -+ NULL, &pDacl, NULL, &pSD); -+ if (error != ERROR_SUCCESS && (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)) -+ { -+ win_skip("GetNamedSecurityInfoA is not implemented\n"); -+ goto done; -+ } -+ ok(!error, "GetNamedSecurityInfo failed with error %d\n", error); -+ -+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation); -+ ok(bret, "GetAclInformation failed\n"); -+ ok(acl_size.AceCount == 2, "GetAclInformation returned unexpected entry count (%d != 2).\n", -+ acl_size.AceCount); -+ if (acl_size.AceCount > 0) -+ { -+ bret = pGetAce(pDacl, 0, (VOID **)&ace); -+ ok(bret, "Failed to get Current User ACE.\n"); -+ bret = EqualSid(&ace->SidStart, user_sid); -+ todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Current User ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); -+ ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", -+ ace->Mask); -+ } -+ if (acl_size.AceCount > 1) -+ { -+ bret = pGetAce(pDacl, 1, (VOID **)&ace); -+ ok(bret, "Failed to get Administators Group ACE.\n"); -+ bret = EqualSid(&ace->SidStart, admin_sid); -+ todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); -+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Administators Group ACE has unexpected flags (0x%x != 0x03)\n", -+ ((ACE_HEADER *)ace)->AceFlags); -+ ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", -+ ace->Mask); -+ } -+ -+done: -+ HeapFree(GetProcessHeap(), 0, user); -+ bret = RemoveDirectoryA(tmpdir); -+ ok(bret == TRUE, "RemoveDirectoryA should always succeed\n"); -+} -+ -+void init(void) -+{ -+ HMODULE hmod = GetModuleHandle("advapi32.dll"); -+ -+ pGetNamedSecurityInfoA = (void *)GetProcAddress(hmod, "GetNamedSecurityInfoA"); -+ pAddAccessAllowedAceEx = (void *)GetProcAddress(hmod, "AddAccessAllowedAceEx"); -+ pCreateWellKnownSid = (void *)GetProcAddress(hmod, "CreateWellKnownSid"); -+ pGetAclInformation = (void *)GetProcAddress(hmod, "GetAclInformation"); -+ pGetAce = (void *)GetProcAddress(hmod, "GetAce"); -+} -+ - START_TEST(directory) - { -+ init(); -+ - test_GetWindowsDirectoryA(); - test_GetWindowsDirectoryW(); - -@@ -501,4 +634,6 @@ START_TEST(directory) - test_RemoveDirectoryW(); - - test_SetCurrentDirectoryA(); -+ -+ test_security_attributes(); - } -diff --git a/server/fd.c b/server/fd.c -index f3e42bd..248f15a 100644 ---- a/server/fd.c -+++ b/server/fd.c -@@ -1765,7 +1765,7 @@ struct fd *open_fd( struct fd *root, const char *name, int flags, mode_t *mode, - /* create the directory if needed */ - if ((options & FILE_DIRECTORY_FILE) && (flags & O_CREAT)) - { -- if (mkdir( name, 0777 ) == -1) -+ if (mkdir( name, *mode ) == -1) - { - if (errno != EEXIST || (flags & O_EXCL)) - { -diff --git a/server/file.c b/server/file.c -index 2ecf97c..9c6cb80 100644 ---- a/server/file.c -+++ b/server/file.c -@@ -219,7 +219,12 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si - mode = sd_to_mode( sd, owner ); - } - else -- mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0444 : 0666; -+ { -+ if (options & FILE_NON_DIRECTORY_FILE) -+ mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0444 : 0666; -+ else -+ mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0555 : 0777; -+ } - - if (len >= 4 && - (!strcasecmp( name + len - 4, ".exe" ) || !strcasecmp( name + len - 4, ".com" ))) --- -1.7.9.5 - diff --git a/patches/0005-server-Store-and-return-security-attributes-with-ext.patch b/patches/0004-server-Store-and-return-security-attributes-with-ext.patch similarity index 88% rename from patches/0005-server-Store-and-return-security-attributes-with-ext.patch rename to patches/0004-server-Store-and-return-security-attributes-with-ext.patch index 12872b69..a3bcadae 100644 --- a/patches/0005-server-Store-and-return-security-attributes-with-ext.patch +++ b/patches/0004-server-Store-and-return-security-attributes-with-ext.patch @@ -1,77 +1,47 @@ -From 1c8bf1825218528541076451f35b5c1f3c04add3 Mon Sep 17 00:00:00 2001 +From 78a5ebb94f3717bedd77f7c096e8fce1e9a640d1 Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" -Date: Thu, 3 Oct 2013 13:27:30 -0600 +Date: Mon, 18 Nov 2013 18:12:05 -0700 Subject: server: Store and return security attributes with extended file attributes. --- - configure.ac | 1 + - dlls/advapi32/tests/security.c | 9 +- - dlls/kernel32/tests/directory.c | 15 ++-- - server/change.c | 11 ++- - server/fd.c | 68 ++++++++++++++- - server/file.c | 176 ++++++++++++++++++++++++++++++++++++++- - server/file.h | 5 +- - 7 files changed, 263 insertions(+), 22 deletions(-) + configure.ac | 6 ++ + dlls/advapi32/tests/security.c | 25 +++--- + server/change.c | 11 ++- + server/fd.c | 68 +++++++++++++++- + server/file.c | 176 +++++++++++++++++++++++++++++++++++++++- + server/file.h | 5 +- + 6 files changed, 269 insertions(+), 22 deletions(-) diff --git a/configure.ac b/configure.ac -index 8ad29db..b7a3098 100644 +index 98a73f2..bb03667 100644 --- a/configure.ac +++ b/configure.ac -@@ -410,6 +410,7 @@ AC_CHECK_HEADERS(\ - arpa/nameser.h \ - asm/types.h \ - asm/user.h \ -+ attr/xattr.h \ - curses.h \ - direct.h \ - dirent.h \ +@@ -71,6 +71,7 @@ AC_ARG_WITH(pthread, AS_HELP_STRING([--without-pthread],[do not use the pthrea + AC_ARG_WITH(sane, AS_HELP_STRING([--without-sane],[do not use SANE (scanner support)])) + AC_ARG_WITH(tiff, AS_HELP_STRING([--without-tiff],[do not use TIFF])) + AC_ARG_WITH(v4l, AS_HELP_STRING([--without-v4l],[do not use v4l1 (v4l support)])) ++AC_ARG_WITH(xattr, AS_HELP_STRING([--without-xattr],[do not use xattr (security attributes support)])) + AC_ARG_WITH(xcomposite,AS_HELP_STRING([--without-xcomposite],[do not use the Xcomposite extension]), + [if test "x$withval" = "xno"; then ac_cv_header_X11_extensions_Xcomposite_h=no; fi]) + AC_ARG_WITH(xcursor, AS_HELP_STRING([--without-xcursor],[do not use the Xcursor extension]), +@@ -666,6 +667,11 @@ AC_CHECK_HEADERS([libprocstat.h],,, + #include + #endif]) + ++if test "x$with_xattr" != "xno" ++then ++ AC_CHECK_HEADERS(attr/xattr.h) ++fi ++ + dnl **** Check for working dll **** + + AC_SUBST(dlldir,"\${libdir}/wine") diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c -index c622bb2..4c9e8d4 100644 +index fe31b5c..7d28c05 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c -@@ -3166,7 +3166,7 @@ static void test_GetNamedSecurityInfoA(void) - bret = pGetAce(pDacl, 0, (VOID **)&ace); - ok(bret, "Failed to get Current User ACE.\n"); - bret = EqualSid(&ace->SidStart, user_sid); -- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -+ ok(bret, "Current User ACE != Current User SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", -@@ -3177,8 +3177,7 @@ static void test_GetNamedSecurityInfoA(void) - bret = pGetAce(pDacl, 1, (VOID **)&ace); - ok(bret, "Failed to get Administators Group ACE.\n"); - bret = EqualSid(&ace->SidStart, admin_sid); -- todo_wine ok(bret || broken(!bret) /* win2k */, -- "Administators Group ACE != Administators Group SID.\n"); -+ ok(bret || broken(!bret) /* win2k */, "Administators Group ACE != Administators Group SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff || broken(ace->Mask == GENERIC_ALL) /* win2k */, -@@ -3832,7 +3831,7 @@ static void test_GetSecurityInfo(void) - bret = pGetAce(pDacl, 0, (VOID **)&ace); - ok(bret, "Failed to get Current User ACE.\n"); - bret = EqualSid(&ace->SidStart, user_sid); -- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); -+ ok(bret, "Current User ACE != Current User SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", -@@ -3843,7 +3842,7 @@ static void test_GetSecurityInfo(void) - bret = pGetAce(pDacl, 1, (VOID **)&ace); - ok(bret, "Failed to get Administators Group ACE.\n"); - bret = EqualSid(&ace->SidStart, admin_sid); -- todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); -+ ok(bret, "Administators Group ACE != Administators Group SID.\n"); - ok(((ACE_HEADER *)ace)->AceFlags == 0, - "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); - ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", -diff --git a/dlls/kernel32/tests/directory.c b/dlls/kernel32/tests/directory.c -index df434b6..a8dfa81 100644 ---- a/dlls/kernel32/tests/directory.c -+++ b/dlls/kernel32/tests/directory.c -@@ -580,10 +580,9 @@ static void test_security_attributes(void) +@@ -3088,10 +3088,10 @@ static void test_CreateDirectoryA(void) bret = pGetAce(pDacl, 0, (VOID **)&ace); ok(bret, "Failed to get Current User ACE.\n"); bret = EqualSid(&ace->SidStart, user_sid); @@ -81,11 +51,12 @@ index df434b6..a8dfa81 100644 - ((ACE_HEADER *)ace)->AceFlags); + ok(bret, "Current User ACE != Current User SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE), -+ "Current User ACE has unexpected flags (0x%x != 0x03)\n", ((ACE_HEADER *)ace)->AceFlags); ++ "Current User ACE has unexpected flags (0x%x != 0x03)\n", ++ ((ACE_HEADER *)ace)->AceFlags); ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } -@@ -592,10 +591,10 @@ static void test_security_attributes(void) +@@ -3100,10 +3100,10 @@ static void test_CreateDirectoryA(void) bret = pGetAce(pDacl, 1, (VOID **)&ace); ok(bret, "Failed to get Administators Group ACE.\n"); bret = EqualSid(&ace->SidStart, admin_sid); @@ -100,6 +71,43 @@ index df434b6..a8dfa81 100644 ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", ace->Mask); } +@@ -3277,7 +3277,7 @@ static void test_GetNamedSecurityInfoA(void) + bret = pGetAce(pDacl, 0, (VOID **)&ace); + ok(bret, "Failed to get Current User ACE.\n"); + bret = EqualSid(&ace->SidStart, user_sid); +- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); ++ ok(bret, "Current User ACE != Current User SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", +@@ -3288,8 +3288,7 @@ static void test_GetNamedSecurityInfoA(void) + bret = pGetAce(pDacl, 1, (VOID **)&ace); + ok(bret, "Failed to get Administators Group ACE.\n"); + bret = EqualSid(&ace->SidStart, admin_sid); +- todo_wine ok(bret || broken(!bret) /* win2k */, +- "Administators Group ACE != Administators Group SID.\n"); ++ ok(bret || broken(!bret) /* win2k */, "Administators Group ACE != Administators Group SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff || broken(ace->Mask == GENERIC_ALL) /* win2k */, +@@ -3943,7 +3942,7 @@ static void test_GetSecurityInfo(void) + bret = pGetAce(pDacl, 0, (VOID **)&ace); + ok(bret, "Failed to get Current User ACE.\n"); + bret = EqualSid(&ace->SidStart, user_sid); +- todo_wine ok(bret, "Current User ACE != Current User SID.\n"); ++ ok(bret, "Current User ACE != Current User SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n", +@@ -3954,7 +3953,7 @@ static void test_GetSecurityInfo(void) + bret = pGetAce(pDacl, 1, (VOID **)&ace); + ok(bret, "Failed to get Administators Group ACE.\n"); + bret = EqualSid(&ace->SidStart, admin_sid); +- todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n"); ++ ok(bret, "Administators Group ACE != Administators Group SID.\n"); + ok(((ACE_HEADER *)ace)->AceFlags == 0, + "Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags); + ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n", diff --git a/server/change.c b/server/change.c index f6d56b0..022c780 100644 --- a/server/change.c @@ -239,7 +247,7 @@ index fa8874c..98e3eca 100644 closed_fd->unlink[0] = 0; fstat( fd->unix_fd, &st ); diff --git a/server/file.c b/server/file.c -index 9c6cb80..f4d97fd 100644 +index cceb8ad..9ac9188 100644 --- a/server/file.c +++ b/server/file.c @@ -32,6 +32,7 @@ @@ -260,7 +268,7 @@ index 9c6cb80..f4d97fd 100644 #include "ntstatus.h" #define WIN32_NO_STATUS -@@ -240,7 +244,7 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si +@@ -237,7 +241,7 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si access = generic_file_map_access( access ); /* FIXME: should set error to STATUS_OBJECT_NAME_COLLISION if file existed before */ @@ -269,7 +277,7 @@ index 9c6cb80..f4d97fd 100644 if (!fd) goto done; if (S_ISDIR(mode)) -@@ -427,9 +431,169 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID +@@ -424,9 +428,169 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID return sd; } @@ -439,7 +447,7 @@ index 9c6cb80..f4d97fd 100644 struct stat st; int unix_fd; struct security_descriptor *sd; -@@ -446,9 +610,11 @@ static struct security_descriptor *file_get_sd( struct object *obj ) +@@ -443,9 +607,11 @@ static struct security_descriptor *file_get_sd( struct object *obj ) (st.st_uid == file->uid)) return obj->sd; @@ -454,7 +462,7 @@ index 9c6cb80..f4d97fd 100644 if (!sd) return obj->sd; file->mode = st.st_mode; -@@ -578,6 +744,8 @@ static int file_set_sd( struct object *obj, const struct security_descriptor *sd +@@ -575,6 +741,8 @@ static int file_set_sd( struct object *obj, const struct security_descriptor *sd mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX); mode |= sd_to_mode( sd, owner ); @@ -464,7 +472,7 @@ index 9c6cb80..f4d97fd 100644 { file_set_error(); diff --git a/server/file.h b/server/file.h -index aae8b20..2d744eb 100644 +index 493d30b..721c087 100644 --- a/server/file.h +++ b/server/file.h @@ -56,7 +56,8 @@ extern struct fd *alloc_pseudo_fd( const struct fd_ops *fd_user_ops, struct obje diff --git a/patches/0006-ntdll-Inherit-security-attributes-from-parent-direct.patch b/patches/0005-ntdll-Inherit-security-attributes-from-parent-direct.patch similarity index 91% rename from patches/0006-ntdll-Inherit-security-attributes-from-parent-direct.patch rename to patches/0005-ntdll-Inherit-security-attributes-from-parent-direct.patch index c5c64d5d..5f4365dc 100644 --- a/patches/0006-ntdll-Inherit-security-attributes-from-parent-direct.patch +++ b/patches/0005-ntdll-Inherit-security-attributes-from-parent-direct.patch @@ -1,18 +1,18 @@ -From c4219ad0d05c2e61b4d3408b2b8c57d762a58c4b Mon Sep 17 00:00:00 2001 +From 5e49f53a4bd591e67c9b7c4fdaf46933e319f9aa Mon Sep 17 00:00:00 2001 From: "Erich E. Hoover" -Date: Fri, 9 Aug 2013 20:57:23 -0600 +Date: Mon, 18 Nov 2013 18:15:20 -0700 Subject: ntdll: Inherit security attributes from parent directories. --- - dlls/kernel32/tests/directory.c | 40 +++++++++++++++++- - dlls/ntdll/file.c | 85 ++++++++++++++++++++++++++++++++++++++- + dlls/advapi32/tests/security.c | 40 ++++++++++++++++++- + dlls/ntdll/file.c | 85 +++++++++++++++++++++++++++++++++++++++- 2 files changed, 123 insertions(+), 2 deletions(-) -diff --git a/dlls/kernel32/tests/directory.c b/dlls/kernel32/tests/directory.c -index a8dfa81..a3a9580 100644 ---- a/dlls/kernel32/tests/directory.c -+++ b/dlls/kernel32/tests/directory.c -@@ -505,10 +505,11 @@ static void test_security_attributes(void) +diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c +index 7d28c05..a8d136b 100644 +--- a/dlls/advapi32/tests/security.c ++++ b/dlls/advapi32/tests/security.c +@@ -3013,10 +3013,11 @@ static void test_CreateDirectoryA(void) ACL_SIZE_INFORMATION acl_size; ACCESS_ALLOWED_ACE *ace; SECURITY_ATTRIBUTES sa; @@ -25,7 +25,7 @@ index a8dfa81..a3a9580 100644 DWORD error; PACL pDacl; -@@ -599,6 +600,43 @@ static void test_security_attributes(void) +@@ -3108,6 +3109,43 @@ static void test_CreateDirectoryA(void) ace->Mask); } @@ -70,10 +70,10 @@ index a8dfa81..a3a9580 100644 HeapFree(GetProcessHeap(), 0, user); bret = RemoveDirectoryA(tmpdir); diff --git a/dlls/ntdll/file.c b/dlls/ntdll/file.c -index 5147ef5..79a700c 100644 +index 1de2c61..8948bb7 100644 --- a/dlls/ntdll/file.c +++ b/dlls/ntdll/file.c -@@ -94,6 +94,81 @@ mode_t FILE_umask = 0; +@@ -103,6 +103,81 @@ mode_t FILE_umask = 0; static const WCHAR ntfsW[] = {'N','T','F','S'}; @@ -155,7 +155,7 @@ index 5147ef5..79a700c 100644 /************************************************************************** * FILE_CreateFile (internal) * Open a file. -@@ -152,10 +227,18 @@ static NTSTATUS FILE_CreateFile( PHANDLE handle, ACCESS_MASK access, POBJECT_ATT +@@ -161,10 +236,18 @@ static NTSTATUS FILE_CreateFile( PHANDLE handle, ACCESS_MASK access, POBJECT_ATT { struct security_descriptor *sd; struct object_attributes objattr;