From 00b2b3a55dc4e16837ac70f6617d1151d437389e Mon Sep 17 00:00:00 2001
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
Date: Tue, 4 Sep 2012 11:43:00 +0000
Subject: [PATCH] Make setfacl(1) behave properly in situations like "setfacl
 -kd".

MFC after:	1 month
---
 bin/setfacl/setfacl.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/bin/setfacl/setfacl.c b/bin/setfacl/setfacl.c
index 75347945f7ba..41a37f21d10a 100644
--- a/bin/setfacl/setfacl.c
+++ b/bin/setfacl/setfacl.c
@@ -73,6 +73,7 @@ main(int argc, char *argv[])
 {
 	acl_t acl;
 	acl_type_t acl_type;
+	acl_entry_t unused_entry;
 	char filename[PATH_MAX];
 	int local_error, carried_error, ch, i, entry_number, ret;
 	int h_flag;
@@ -296,6 +297,20 @@ main(int argc, char *argv[])
 			}
 		}
 
+		/*
+		 * Don't try to set an empty default ACL; it will always fail.
+		 * Use acl_delete_def_file(3) instead.
+		 */
+		if (acl_type == ACL_TYPE_DEFAULT &&
+		    acl_get_entry(acl, ACL_FIRST_ENTRY, &unused_entry) == 0) {
+			if (acl_delete_def_file(file->filename) == -1) {
+				warn("%s: acl_delete_def_file() failed",
+				    file->filename);
+				carried_error++;
+			}
+			continue;
+		}
+
 		/* don't bother setting the ACL if something is broken */
 		if (local_error) {
 			carried_error++;