From 43c2b1ac0599963a3d794185c9cc372c3bc4a3a1 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 12 Nov 2012 16:17:19 -0800
Subject: [PATCH] First part of #9374 - Allow smb2.acls torture test to pass
 against smbd with a POSIX ACLs backend.

Use the requested access mask before making the fd_open request in
open_directory() rather than faking up an access mask of
FILE_READ_DATA | FILE_READ_ATTRIBUTES.

The underlying ACL may not permit FILE_READ_DATA.
(cherry picked from commit 1c7d00e8ef48c2cd57d79a00cb26bc56a2979241)
---
 source3/smbd/open.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 6b94a6d2473..10c2180194a 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2752,8 +2752,8 @@ static NTSTATUS open_directory(connection_struct *conn,
 
 	mtimespec = smb_dname->st.st_ex_mtime;
 
-	/* Temporary access mask used to open the directory fd. */
-	fsp->access_mask = FILE_READ_DATA | FILE_READ_ATTRIBUTES;
+	fsp->access_mask = access_mask;
+
 #ifdef O_DIRECTORY
 	status = fd_open(conn, fsp, O_RDONLY|O_DIRECTORY, 0);
 #else
-- 
2.11.4.GIT