From 847a5af3beea35af5f80078a8b24f01582f53824 Mon Sep 17 00:00:00 2001
From: Nickolai Zeldovich <kolya@mit.edu>
Date: Tue, 20 Aug 2002 22:39:31 +0000
Subject: [PATCH] Allow users with admin bits to store different user/group IDs
 along with a StoreData call; they can already do so anyway by using
 StoreStatus.  Fixes a spurious permission denied error with arla clients.

---
 src/viced/afsfileprocs.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c
index 571ff046e..1b28e108f 100644
--- a/src/viced/afsfileprocs.c
+++ b/src/viced/afsfileprocs.c
@@ -5619,8 +5619,14 @@ Check_PermissionRights(targetptr, client, rights, CallingRoutine, InStatus)
 	    }
 	    else {	/* store data or status */
 	      /* watch for chowns and chgrps */
-	      if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr))
-		return(EPERM);      /* Was EACCES */
+	      if (CHOWN(InStatus, targetptr) || CHGRP(InStatus, targetptr)) {
+		if (VanillaUser (client)) 
+		  return(EPERM);	/* Was EACCES */
+		else
+		  osi_audit(PrivilegeEvent, 0,
+			    AUD_INT, (client ? client->ViceId : 0), 
+			    AUD_INT, CallingRoutine, AUD_END);
+	      }
 	      /* must be sysadmin to set suid/sgid bits */
 	      if ((InStatus->Mask & AFS_SETMODE) &&
 #ifdef AFS_NT40_ENV
-- 
2.39.5