Make setfacl(1) behave properly in situations like "setfacl -kd".

MFC after:	1 month

1 files changed, 15 insertions, 0 deletions

diff --git a/bin/setfacl/setfacl.c b/bin/setfacl/setfacl.c
index 7534794..41a37f2 100644
--- a/bin/setfacl/setfacl.c
+++ b/bin/setfacl/setfacl.c
@@ -73,6 +73,7 @@ main(int argc, char *argv[])
 {
 	acl_t acl;
 	acl_type_t acl_type;
+	acl_entry_t unused_entry;
 	char filename[PATH_MAX];
 	int local_error, carried_error, ch, i, entry_number, ret;
 	int h_flag;
@@ -296,6 +297,20 @@ main(int argc, char *argv[])
 			}
 		}
 
+		/*
+		 * Don't try to set an empty default ACL; it will always fail.
+		 * Use acl_delete_def_file(3) instead.
+		 */
+		if (acl_type == ACL_TYPE_DEFAULT &&
+		    acl_get_entry(acl, ACL_FIRST_ENTRY, &unused_entry) == 0) {
+			if (acl_delete_def_file(file->filename) == -1) {
+				warn("%s: acl_delete_def_file() failed",
+				    file->filename);
+				carried_error++;
+			}
+			continue;
+		}
+
 		/* don't bother setting the ACL if something is broken */
 		if (local_error) {
 			carried_error++;