X-Git-Url: https://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=src%2Flibadacl.c;h=e75fdece6a36edd7ece544944ffa920a64970d04;hb=0ff54b9d02fab3c36c91d5e26d280417521fe198;hp=0d07f2c6d0126880b59e830011fcbbefc75e797f;hpb=45d4e8bba034c22c317fbd20c629589e35d97683;p=apply-default-acl.git diff --git a/src/libadacl.c b/src/libadacl.c index 0d07f2c..e75fdec 100644 --- a/src/libadacl.c +++ b/src/libadacl.c @@ -889,7 +889,13 @@ int apply_default_acl_ex(const char* path, */ /* Now we potentially need to mask the execute permissions in the - ACL on fd. First obtain the current one... */ + ACL on fd; or maybe now. */ + if (allow_exec) { + goto cleanup; + } + + /* OK, we need to mask some execute permissions. First obtain the + current ACL... */ new_acl = acl_get_fd(fd); if (new_acl == (acl_t)NULL) { perror("apply_default_acl_ex (acl_get_fd)"); @@ -933,21 +939,19 @@ int apply_default_acl_ex(const char* path, tag == ACL_GROUP_OBJ || tag == ACL_OTHER) { - if (!allow_exec) { - /* The mask doesn't affect acl_user_obj, acl_group_obj (in - minimal ACLs) or acl_other entries, so if execute should be - masked, we have to do it manually. */ - if (acl_delete_perm(permset, ACL_EXECUTE) == ACL_ERROR) { - perror("apply_default_acl_ex (acl_delete_perm)"); - result = ACL_ERROR; - goto cleanup; - } - - if (acl_set_permset(entry, permset) == ACL_ERROR) { - perror("apply_default_acl_ex (acl_set_permset)"); - result = ACL_ERROR; - goto cleanup; - } + /* The mask doesn't affect acl_user_obj, acl_group_obj (in + minimal ACLs) or acl_other entries, so if execute should be + masked, we have to do it manually. */ + if (acl_delete_perm(permset, ACL_EXECUTE) == ACL_ERROR) { + perror("apply_default_acl_ex (acl_delete_perm)"); + result = ACL_ERROR; + goto cleanup; + } + + if (acl_set_permset(entry, permset) == ACL_ERROR) { + perror("apply_default_acl_ex (acl_set_permset)"); + result = ACL_ERROR; + goto cleanup; } }