source-git / acl

Clone
Source Code
GIT

Blame tools/do_set.c

c8 master
  1.   fda2e260fdf7da7da8e701750f597eeaa698d7cb
  2.   tools
  3.   do_set.c
Blob History Raw
rpm-build 0a0c83 
/*
rpm-build 0a0c83 
  File: do_set.c
rpm-build 0a0c83 
  (Linux Access Control List Management)
rpm-build 0a0c83
rpm-build 0a0c83 
  Copyright (C) 1999, 2000
rpm-build 0a0c83 
  Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
rpm-build 0a0c83
rpm-build 0a0c83 
  This program is free software; you can redistribute it and/or
rpm-build 0a0c83 
  modify it under the terms of the GNU Lesser General Public
rpm-build 0a0c83 
  License as published by the Free Software Foundation; either
rpm-build 0a0c83 
  version 2.1 of the License, or (at your option) any later version.
rpm-build 0a0c83
rpm-build 0a0c83 
  This program is distributed in the hope that it will be useful,
rpm-build 0a0c83 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
rpm-build 0a0c83 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
rpm-build 0a0c83 
  Lesser General Public License for more details.
rpm-build 0a0c83
rpm-build 0a0c83 
  You should have received a copy of the GNU Lesser General Public
rpm-build 0a0c83 
  License along with this library; if not, write to the Free Software
rpm-build 0a0c83 
  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
rpm-build 0a0c83 
*/
rpm-build 0a0c83
rpm-build 0a0c83 
#include "config.h"
rpm-build 0a0c83 
#include <stdio.h>
rpm-build 0a0c83 
#include <errno.h>
rpm-build 0a0c83 
#include <sys/acl.h>
rpm-build 0a0c83 
#include <acl/libacl.h>
rpm-build 0a0c83
rpm-build 0a0c83 
#include <stdlib.h>
rpm-build 0a0c83 
#include <string.h>
rpm-build 0a0c83 
#include <getopt.h>
rpm-build 0a0c83 
#include <sys/types.h>
rpm-build 0a0c83 
#include <sys/stat.h>
rpm-build 0a0c83 
#include <unistd.h>
rpm-build 0a0c83 
#include <dirent.h>
rpm-build 0a0c83 
#include <ftw.h>
rpm-build 0a0c83 
#include "misc.h"
rpm-build 0a0c83 
#include "sequence.h"
rpm-build 0a0c83 
#include "do_set.h"
rpm-build 0a0c83 
#include "parse.h"
rpm-build 0a0c83 
#include "walk_tree.h"
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
extern const char *progname;
rpm-build 0a0c83 
extern int opt_recalculate;
rpm-build 0a0c83 
extern int opt_test;
rpm-build 0a0c83 
extern int print_options;
rpm-build 0a0c83
rpm-build 0a0c83 
acl_entry_t
rpm-build 0a0c83 
find_entry(
rpm-build 0a0c83 
	acl_t acl,
rpm-build 0a0c83 
	acl_tag_t type,
rpm-build 0a0c83 
	id_t id)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	acl_entry_t ent;
rpm-build 0a0c83 
	acl_tag_t e_type;
rpm-build 0a0c83 
	id_t *e_id_p;
rpm-build 0a0c83
rpm-build 0a0c83 
	if (acl_get_entry(acl, ACL_FIRST_ENTRY, &ent) != 1)
rpm-build 0a0c83 
		return NULL;
rpm-build 0a0c83
rpm-build 0a0c83 
	for(;;) {
rpm-build 0a0c83 
		acl_get_tag_type(ent, &e_type);
rpm-build 0a0c83 
		if (type == e_type) {
rpm-build 0a0c83 
			if (id != ACL_UNDEFINED_ID) {
rpm-build 0a0c83 
				e_id_p = acl_get_qualifier(ent);
rpm-build 0a0c83 
				if (e_id_p == NULL)
rpm-build 0a0c83 
					return NULL;
rpm-build 0a0c83 
				if (*e_id_p == id) {
rpm-build 0a0c83 
					acl_free(e_id_p);
rpm-build 0a0c83 
					return ent;
rpm-build 0a0c83 
				}
rpm-build 0a0c83 
				acl_free(e_id_p);
rpm-build 0a0c83 
			} else {
rpm-build 0a0c83 
				return ent;
rpm-build 0a0c83 
			}
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
		if (acl_get_entry(acl, ACL_NEXT_ENTRY, &ent) != 1)
rpm-build 0a0c83 
			return NULL;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83 
int
rpm-build 0a0c83 
has_execute_perms(
rpm-build 0a0c83 
	acl_t acl)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	acl_entry_t ent;
rpm-build 0a0c83
rpm-build 0a0c83 
	if (acl_get_entry(acl, ACL_FIRST_ENTRY, &ent) != 1)
rpm-build 0a0c83 
		return 0;
rpm-build 0a0c83
rpm-build 0a0c83 
	for(;;) {
rpm-build 0a0c83 
		acl_permset_t permset;
rpm-build 0a0c83
rpm-build 0a0c83 
		acl_get_permset(ent, &permset);
rpm-build 0a0c83 
		if (acl_get_perm(permset, ACL_EXECUTE) != 0)
rpm-build 0a0c83 
			return 1;
rpm-build 0a0c83
rpm-build 0a0c83 
		if (acl_get_entry(acl, ACL_NEXT_ENTRY, &ent) != 1)
rpm-build 0a0c83 
			return 0;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83 
int
rpm-build 0a0c83 
clone_entry(
rpm-build 0a0c83 
	acl_t from_acl,
rpm-build 0a0c83 
	acl_tag_t from_type,
rpm-build 0a0c83 
	acl_t *to_acl,
rpm-build 0a0c83 
	acl_tag_t to_type)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	acl_entry_t from_entry, to_entry;
rpm-build 0a0c83 
	from_entry = find_entry(from_acl, from_type, ACL_UNDEFINED_ID);
rpm-build 0a0c83 
	if (from_entry) {
rpm-build 0a0c83 
		if (acl_create_entry(to_acl, &to_entry) != 0)
rpm-build 0a0c83 
			return -1;
rpm-build 0a0c83 
		acl_copy_entry(to_entry, from_entry);
rpm-build 0a0c83 
		acl_set_tag_type(to_entry, to_type);
rpm-build 0a0c83 
		return 0;
rpm-build 0a0c83 
	} else {
rpm-build 0a0c83 
		return 1;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
void
rpm-build 0a0c83 
print_test(
rpm-build 0a0c83 
	FILE *file,
rpm-build 0a0c83 
	const char *path_p,
rpm-build 0a0c83 
	const struct stat *st,
rpm-build 0a0c83 
	const acl_t acl,
rpm-build 0a0c83 
	const acl_t default_acl)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	char *acl_text, *default_acl_text;
rpm-build 0a0c83
rpm-build 0a0c83 
	acl_text = acl_to_any_text(acl, NULL, ',', TEXT_ABBREVIATE);
rpm-build 0a0c83 
	default_acl_text =
rpm-build 0a0c83 
		acl_to_any_text(default_acl, "d:", ',', TEXT_ABBREVIATE);
rpm-build 0a0c83 
	fprintf(file, "%s: %s,%s\n", path_p,
rpm-build 0a0c83 
		acl_text ? acl_text : "*",
rpm-build 0a0c83 
		default_acl_text ? default_acl_text : "*");
rpm-build 0a0c83 
	acl_free(acl_text);
rpm-build 0a0c83 
	acl_free(default_acl_text);
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
static void
rpm-build 0a0c83 
set_perm(
rpm-build 0a0c83 
	acl_entry_t ent,
rpm-build 0a0c83 
	mode_t perm)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	acl_permset_t set;
rpm-build 0a0c83
rpm-build 0a0c83 
	acl_get_permset(ent, &set);
rpm-build 0a0c83 
	if (perm & CMD_PERM_READ)
rpm-build 0a0c83 
		acl_add_perm(set, ACL_READ);
rpm-build 0a0c83 
	else
rpm-build 0a0c83 
		acl_delete_perm(set, ACL_READ);
rpm-build 0a0c83 
	if (perm & CMD_PERM_WRITE)
rpm-build 0a0c83 
		acl_add_perm(set, ACL_WRITE);
rpm-build 0a0c83 
	else
rpm-build 0a0c83 
		acl_delete_perm(set, ACL_WRITE);
rpm-build 0a0c83 
	if (perm & CMD_PERM_EXECUTE)
rpm-build 0a0c83 
		acl_add_perm(set, ACL_EXECUTE);
rpm-build 0a0c83 
	else
rpm-build 0a0c83 
		acl_delete_perm(set, ACL_EXECUTE);
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
static int
rpm-build 0a0c83 
retrieve_acl(
rpm-build 0a0c83 
	const char *path_p,
rpm-build 0a0c83 
	acl_type_t type,
rpm-build 0a0c83 
	const struct stat *st,
rpm-build 0a0c83 
	acl_t *old_acl,
rpm-build 0a0c83 
	acl_t *acl)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	if (*acl)
rpm-build 0a0c83 
		return 0;
rpm-build 0a0c83 
	*acl = NULL;
rpm-build 0a0c83 
	if (type == ACL_TYPE_ACCESS || S_ISDIR(st->st_mode)) {
rpm-build 0a0c83 
		*old_acl = acl_get_file(path_p, type);
rpm-build 0a0c83 
		if (*old_acl == NULL && (errno == ENOSYS || errno == ENOTSUP)) {
rpm-build 0a0c83 
			if (type == ACL_TYPE_DEFAULT)
rpm-build 0a0c83 
				*old_acl = acl_init(0);
rpm-build 0a0c83 
			else
rpm-build 0a0c83 
				*old_acl = acl_from_mode(st->st_mode);
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	} else
rpm-build 0a0c83 
		*old_acl = acl_init(0);
rpm-build 0a0c83 
	if (*old_acl == NULL)
rpm-build 0a0c83 
		return -1;
rpm-build 0a0c83 
	*acl = acl_dup(*old_acl);
rpm-build 0a0c83 
	if (*acl == NULL)
rpm-build 0a0c83 
		return -1;
rpm-build 0a0c83 
	return 0;
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
static int
rpm-build 0a0c83 
remove_extended_entries(
rpm-build 0a0c83 
	acl_t acl)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	acl_entry_t ent, group_obj;
rpm-build 0a0c83 
	acl_permset_t mask_permset, group_obj_permset;
rpm-build 0a0c83 
	acl_tag_t tag;
rpm-build 0a0c83 
	int error;
rpm-build 0a0c83
rpm-build 0a0c83 
	/*
rpm-build 0a0c83 
	 * Removing the ACL_MASK entry from the ACL results in
rpm-build 0a0c83 
	 * increased permissions for the owning group if the
rpm-build 0a0c83 
	 * ACL_GROUP_OBJ entry contains permissions not contained
rpm-build 0a0c83 
	 * in the ACL_MASK entry. We remove these permissions from
rpm-build 0a0c83 
	 * the ACL_GROUP_OBJ entry to avoid that.
rpm-build 0a0c83 
	 *
rpm-build 0a0c83 
	 * After removing the ACL, the file owner and the owning group
rpm-build 0a0c83 
	 * therefore have the same permissions as before.
rpm-build 0a0c83 
	 */
rpm-build 0a0c83
rpm-build 0a0c83 
	ent = find_entry(acl, ACL_MASK, ACL_UNDEFINED_ID);
rpm-build 0a0c83 
	group_obj = find_entry(acl, ACL_GROUP_OBJ, ACL_UNDEFINED_ID);
rpm-build 0a0c83 
	if (ent && group_obj) {
rpm-build 0a0c83 
		if (!acl_get_permset(ent, &mask_permset) &&
rpm-build 0a0c83 
		    !acl_get_permset(group_obj, &group_obj_permset)) {
rpm-build 0a0c83 
			if (!acl_get_perm(mask_permset, ACL_READ))
rpm-build 0a0c83 
				acl_delete_perm(group_obj_permset, ACL_READ);
rpm-build 0a0c83 
			if (!acl_get_perm(mask_permset, ACL_WRITE))
rpm-build 0a0c83 
				acl_delete_perm(group_obj_permset, ACL_WRITE);
rpm-build 0a0c83 
			if (!acl_get_perm(mask_permset, ACL_EXECUTE))
rpm-build 0a0c83 
				acl_delete_perm(group_obj_permset, ACL_EXECUTE);
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	error = acl_get_entry(acl, ACL_FIRST_ENTRY, &ent;;
rpm-build 0a0c83 
	while (error == 1) {
rpm-build 0a0c83 
		acl_get_tag_type(ent, &tag;;
rpm-build 0a0c83 
		switch(tag) {
rpm-build 0a0c83 
			case ACL_USER:
rpm-build 0a0c83 
			case ACL_GROUP:
rpm-build 0a0c83 
			case ACL_MASK:
rpm-build 0a0c83 
				acl_delete_entry(acl, ent);
rpm-build 0a0c83 
				break;
rpm-build 0a0c83 
			default:
rpm-build 0a0c83 
				break;
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		error = acl_get_entry(acl, ACL_NEXT_ENTRY, &ent;;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
	if (error < 0)
rpm-build 0a0c83 
		return -1;
rpm-build 0a0c83 
	return 0;
rpm-build 0a0c83 
}
rpm-build 0a0c83
rpm-build 0a0c83
rpm-build 0a0c83 
#define RETRIEVE_ACL(type) do { \
rpm-build 0a0c83 
	error = retrieve_acl(path_p, type, st, old_xacl, xacl); \
rpm-build 0a0c83 
	if (error) \
rpm-build 0a0c83 
		goto fail; \
rpm-build 0a0c83 
	} while(0)
rpm-build 0a0c83
rpm-build 0a0c83 
int
rpm-build 0a0c83 
do_set(
rpm-build 0a0c83 
	const char *path_p,
rpm-build 0a0c83 
	const struct stat *st,
rpm-build 0a0c83 
	int walk_flags,
rpm-build 0a0c83 
	void *arg)
rpm-build 0a0c83 
{
rpm-build 0a0c83 
	struct do_set_args *args = arg;
rpm-build 0a0c83 
	acl_t old_acl = NULL, old_default_acl = NULL;
rpm-build 0a0c83 
	acl_t acl = NULL, default_acl = NULL;
rpm-build 0a0c83 
	acl_t *xacl, *old_xacl;
rpm-build 0a0c83 
	acl_entry_t ent;
rpm-build 0a0c83 
	cmd_t cmd;
rpm-build 0a0c83 
	int which_entry;
rpm-build 0a0c83 
	int errors = 0, error;
rpm-build 0a0c83 
	char *acl_text;
rpm-build 0a0c83 
	int acl_modified = 0, default_acl_modified = 0;
rpm-build 0a0c83 
	int acl_mask_provided = 0, default_acl_mask_provided = 0;
rpm-build 0a0c83
rpm-build 0a0c83 
	if (walk_flags & WALK_TREE_FAILED) {
rpm-build 0a0c83 
		fprintf(stderr, "%s: %s: %s\n", progname, path_p, strerror(errno));
rpm-build 0a0c83 
		return 1;
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	/*
rpm-build 0a0c83 
	 * Symlinks can never have ACLs, so when doing a physical walk, we
rpm-build 0a0c83 
	 * skip symlinks altogether, and when doing a half-logical walk, we
rpm-build 0a0c83 
	 * skip all non-toplevel symlinks.
rpm-build 0a0c83 
	 */
rpm-build 0a0c83 
	if ((walk_flags & WALK_TREE_SYMLINK) &&
rpm-build 0a0c83 
	    ((walk_flags & WALK_TREE_PHYSICAL) ||
rpm-build 0a0c83 
	     !(walk_flags & (WALK_TREE_TOPLEVEL | WALK_TREE_LOGICAL))))
rpm-build 0a0c83 
		return 0;
rpm-build 0a0c83
rpm-build 0a0c83 
	/* Execute the commands in seq (read ACLs on demand) */
rpm-build 0a0c83 
	error = seq_get_cmd(args->seq, SEQ_FIRST_CMD, &cmd);
rpm-build 0a0c83 
	if (error == 0)
rpm-build 0a0c83 
		return 0;
rpm-build 0a0c83 
	while (error == 1) {
rpm-build 0a0c83 
		mode_t perm = cmd->c_perm;
rpm-build 0a0c83
rpm-build 0a0c83 
		if (cmd->c_type == ACL_TYPE_ACCESS) {
rpm-build 0a0c83 
			xacl = &acl;
rpm-build 0a0c83 
			old_xacl = &old_acl;
rpm-build 0a0c83 
			acl_modified = 1;
rpm-build 0a0c83 
			if (cmd->c_tag == ACL_MASK)
rpm-build 0a0c83 
				acl_mask_provided = 1;
rpm-build 0a0c83 
		} else {
rpm-build 0a0c83 
			xacl = &default_acl;
rpm-build 0a0c83 
			old_xacl = &old_default_acl;
rpm-build 0a0c83 
			default_acl_modified = 1;
rpm-build 0a0c83 
			if (cmd->c_tag == ACL_MASK)
rpm-build 0a0c83 
				default_acl_mask_provided = 1;
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		RETRIEVE_ACL(cmd->c_type);
rpm-build 0a0c83
rpm-build 0a0c83 
		/* Check for `X', and replace with `x' as appropriate. */
rpm-build 0a0c83 
		if (perm & CMD_PERM_COND_EXECUTE) {
rpm-build 0a0c83 
			perm &= ~CMD_PERM_COND_EXECUTE;
rpm-build 0a0c83 
			if (S_ISDIR(st->st_mode) || has_execute_perms(*xacl))
rpm-build 0a0c83 
				perm |= CMD_PERM_EXECUTE;
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		switch(cmd->c_cmd) {
rpm-build 0a0c83 
			case CMD_ENTRY_REPLACE:
rpm-build 0a0c83 
				ent = find_entry(*xacl, cmd->c_tag, cmd->c_id);
rpm-build 0a0c83 
				if (!ent) {
rpm-build 0a0c83 
					if (acl_create_entry(xacl, &ent) != 0)
rpm-build 0a0c83 
						goto fail;
rpm-build 0a0c83 
					acl_set_tag_type(ent, cmd->c_tag);
rpm-build 0a0c83 
					if (cmd->c_id != ACL_UNDEFINED_ID)
rpm-build 0a0c83 
						acl_set_qualifier(ent,
rpm-build 0a0c83 
								  &cmd->c_id);
rpm-build 0a0c83 
				}
rpm-build 0a0c83 
				set_perm(ent, perm);
rpm-build 0a0c83 
				break;
rpm-build 0a0c83
rpm-build 0a0c83 
			case CMD_REMOVE_ENTRY:
rpm-build 0a0c83 
				ent = find_entry(*xacl, cmd->c_tag, cmd->c_id);
rpm-build 0a0c83 
				if (ent)
rpm-build 0a0c83 
					acl_delete_entry(*xacl, ent);
rpm-build 0a0c83 
				else
rpm-build 0a0c83 
					/* ignore */;
rpm-build 0a0c83 
				break;
rpm-build 0a0c83
rpm-build 0a0c83 
			case CMD_REMOVE_EXTENDED_ACL:
rpm-build 0a0c83 
				remove_extended_entries(acl);
rpm-build 0a0c83 
				break;
rpm-build 0a0c83
rpm-build 0a0c83 
			case CMD_REMOVE_ACL:
rpm-build 0a0c83 
				acl_free(*xacl);
rpm-build 0a0c83 
				*xacl = acl_init(5);
rpm-build 0a0c83 
				if (!*xacl)
rpm-build 0a0c83 
					goto fail;
rpm-build 0a0c83 
				break;
rpm-build 0a0c83
rpm-build 0a0c83 
			default:
rpm-build 0a0c83 
				errno = EINVAL;
rpm-build 0a0c83 
				goto fail;
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		error = seq_get_cmd(args->seq, SEQ_NEXT_CMD, &cmd);
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	if (error < 0)
rpm-build 0a0c83 
		goto fail;
rpm-build 0a0c83
rpm-build 0a0c83 
	/* Try to fill in missing entries */
rpm-build 0a0c83 
	if (default_acl && acl_entries(default_acl) != 0) {
rpm-build 0a0c83 
		xacl = &acl;
rpm-build 0a0c83 
		old_xacl = &old_acl;
rpm-build 0a0c83
rpm-build 0a0c83 
		if (!find_entry(default_acl, ACL_USER_OBJ, ACL_UNDEFINED_ID)) {
rpm-build 0a0c83 
			if (!acl)
rpm-build 0a0c83 
				RETRIEVE_ACL(ACL_TYPE_ACCESS);
rpm-build 0a0c83 
			clone_entry(acl, ACL_USER_OBJ,
rpm-build 0a0c83 
			            &default_acl, ACL_USER_OBJ);
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
		if (!find_entry(default_acl, ACL_GROUP_OBJ, ACL_UNDEFINED_ID)) {
rpm-build 0a0c83 
			if (!acl)
rpm-build 0a0c83 
				RETRIEVE_ACL(ACL_TYPE_ACCESS);
rpm-build 0a0c83 
			clone_entry(acl, ACL_GROUP_OBJ,
rpm-build 0a0c83 
			            &default_acl, ACL_GROUP_OBJ);
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
		if (!find_entry(default_acl, ACL_OTHER, ACL_UNDEFINED_ID)) {
rpm-build 0a0c83 
			if (!acl)
rpm-build 0a0c83 
				RETRIEVE_ACL(ACL_TYPE_ACCESS);
rpm-build 0a0c83 
			clone_entry(acl, ACL_OTHER,
rpm-build 0a0c83 
			            &default_acl, ACL_OTHER);
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	/* update mask entries and check if ACLs are valid */
rpm-build 0a0c83 
	if (acl && acl_modified) {
rpm-build 0a0c83 
		if (acl_equiv_mode(acl, NULL) != 0) {
rpm-build 0a0c83 
			if (!acl_mask_provided &&
rpm-build 0a0c83 
			    !find_entry(acl, ACL_MASK, ACL_UNDEFINED_ID))
rpm-build 0a0c83 
				clone_entry(acl, ACL_GROUP_OBJ,
rpm-build 0a0c83 
				            &acl, ACL_MASK);
rpm-build 0a0c83 
			if (opt_recalculate != -1 &&
rpm-build 0a0c83 
			    (!acl_mask_provided || opt_recalculate == 1))
rpm-build 0a0c83 
				acl_calc_mask(&acl;;
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		error = acl_check(acl, &which_entry);
rpm-build 0a0c83 
		if (error < 0)
rpm-build 0a0c83 
			goto fail;
rpm-build 0a0c83 
		if (error > 0) {
rpm-build 0a0c83 
			acl_text = acl_to_any_text(acl, NULL, ',', 0);
rpm-build 0a0c83 
			fprintf(stderr, _("%s: %s: Malformed access ACL "
rpm-build 0a0c83 
				"`%s': %s at entry %d\n"), progname, path_p,
rpm-build 0a0c83 
				acl_text, acl_error(error), which_entry+1);
rpm-build 0a0c83 
			acl_free(acl_text);
rpm-build 0a0c83 
			errors++;
rpm-build 0a0c83 
			goto cleanup;
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	if (default_acl && acl_entries(default_acl) != 0 &&
rpm-build 0a0c83 
	    default_acl_modified) {
rpm-build 0a0c83 
		if (acl_equiv_mode(default_acl, NULL) != 0) {
rpm-build 0a0c83 
			if (!default_acl_mask_provided &&
rpm-build 0a0c83 
			    !find_entry(default_acl,ACL_MASK,ACL_UNDEFINED_ID))
rpm-build 0a0c83 
				clone_entry(default_acl, ACL_GROUP_OBJ,
rpm-build 0a0c83 
				            &default_acl, ACL_MASK);
rpm-build 0a0c83 
			if (opt_recalculate != -1 &&
rpm-build 0a0c83 
			    (!default_acl_mask_provided ||
rpm-build 0a0c83 
			     opt_recalculate == 1))
rpm-build 0a0c83 
				acl_calc_mask(&default_acl);
rpm-build 0a0c83 
		}
rpm-build 0a0c83
rpm-build 0a0c83 
		error = acl_check(default_acl, &which_entry);
rpm-build 0a0c83 
		if (error < 0)
rpm-build 0a0c83 
			goto fail;
rpm-build 0a0c83 
		if (error > 0) {
rpm-build 0a0c83 
			acl_text = acl_to_any_text(default_acl, NULL, ',', 0);
rpm-build 0a0c83 
			fprintf(stderr, _("%s: %s: Malformed default ACL "
rpm-build 0a0c83 
			                  "`%s': %s at entry %d\n"),
rpm-build 0a0c83 
				progname, path_p, acl_text,
rpm-build 0a0c83 
				acl_error(error), which_entry+1);
rpm-build 0a0c83 
			acl_free(acl_text);
rpm-build 0a0c83 
			errors++;
rpm-build 0a0c83 
			goto cleanup;
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	/* Only directores can have default ACLs */
rpm-build 0a0c83 
	if (default_acl && !S_ISDIR(st->st_mode) && (walk_flags & WALK_TREE_RECURSIVE)) {
rpm-build 0a0c83 
		/* In recursive mode, ignore default ACLs for files */
rpm-build 0a0c83 
		acl_free(default_acl);
rpm-build 0a0c83 
		default_acl = NULL;
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	/* check which ACLs have changed */
rpm-build 0a0c83 
	if (acl && old_acl && acl_cmp(old_acl, acl) == 0) {
rpm-build 0a0c83 
		acl_free(acl);
rpm-build 0a0c83 
		acl = NULL;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
	if ((default_acl && old_default_acl &&
rpm-build 0a0c83 
	    acl_cmp(old_default_acl, default_acl) == 0)) {
rpm-build 0a0c83 
		acl_free(default_acl);
rpm-build 0a0c83 
		default_acl = NULL;
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	/* update the file system */
rpm-build 0a0c83 
	if (opt_test) {
rpm-build 0a0c83 
		print_test(stdout, path_p, st,
rpm-build 0a0c83 
		           acl, default_acl);
rpm-build 0a0c83 
		goto cleanup;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
	if (acl) {
rpm-build 0a0c83 
		int equiv_mode;
rpm-build 0a0c83 
		mode_t mode = 0;
rpm-build 0a0c83
rpm-build 0a0c83 
		equiv_mode = acl_equiv_mode(acl, &mode);
rpm-build 0a0c83
rpm-build 0a0c83 
		if (acl_set_file(path_p, ACL_TYPE_ACCESS, acl) != 0) {
rpm-build 0a0c83 
			if (errno == ENOSYS || errno == ENOTSUP) {
rpm-build 0a0c83 
				if (equiv_mode != 0)
rpm-build 0a0c83 
					goto fail;
rpm-build 0a0c83 
				else {
rpm-build 0a0c83 
					struct stat st;
rpm-build 0a0c83
rpm-build 0a0c83 
					if (stat(path_p, &st) != 0)
rpm-build 0a0c83 
						goto fail;
rpm-build 0a0c83 
					mode |= st.st_mode & 07000;
rpm-build 0a0c83 
					if (chmod(path_p, mode) != 0)
rpm-build 0a0c83 
						goto fail;
rpm-build 0a0c83 
				}
rpm-build 0a0c83 
			} else
rpm-build 0a0c83 
				goto fail;
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
		args->mode = mode;
rpm-build 0a0c83 
	}
rpm-build 0a0c83 
	if (default_acl) {
rpm-build 0a0c83 
		if (S_ISDIR(st->st_mode)) {
rpm-build 0a0c83 
			if (acl_entries(default_acl) == 0) {
rpm-build 0a0c83 
				if (acl_delete_def_file(path_p) != 0 &&
rpm-build 0a0c83 
				    errno != ENOSYS && errno != ENOTSUP)
rpm-build 0a0c83 
					goto fail;
rpm-build 0a0c83 
			} else {
rpm-build 0a0c83 
				if (acl_set_file(path_p, ACL_TYPE_DEFAULT,
rpm-build 0a0c83 
						 default_acl) != 0)
rpm-build 0a0c83 
					goto fail;
rpm-build 0a0c83 
			}
rpm-build 0a0c83 
		} else {
rpm-build 0a0c83 
			if (acl_entries(default_acl) != 0) {
rpm-build 0a0c83 
				fprintf(stderr, _("%s: %s: Only directories "
rpm-build 0a0c83 
						"can have default ACLs\n"),
rpm-build 0a0c83 
					progname, path_p);
rpm-build 0a0c83 
				errors++;
rpm-build 0a0c83 
				goto cleanup;
rpm-build 0a0c83 
			}
rpm-build 0a0c83 
		}
rpm-build 0a0c83 
	}
rpm-build 0a0c83
rpm-build 0a0c83 
	error = 0;
rpm-build 0a0c83
rpm-build 0a0c83 
cleanup:
rpm-build 0a0c83 
	if (acl)
rpm-build 0a0c83 
		acl_free(acl);
rpm-build 0a0c83 
	if (old_acl)
rpm-build 0a0c83 
		acl_free(old_acl);
rpm-build 0a0c83 
	if (default_acl)
rpm-build 0a0c83 
		acl_free(default_acl);
rpm-build 0a0c83 
	if (old_default_acl)
rpm-build 0a0c83 
		acl_free(old_default_acl);
rpm-build 0a0c83 
	return errors;
rpm-build 0a0c83
rpm-build 0a0c83 
fail:
rpm-build 0a0c83 
	fprintf(stderr, "%s: %s: %s\n", progname, path_p, strerror(errno));
rpm-build 0a0c83 
	errors++;
rpm-build 0a0c83 
	goto cleanup;
rpm-build 0a0c83 
}
rpm-build 0a0c83

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation