mirror of
https://git.savannah.gnu.org/git/emacs.git
synced 2024-11-24 07:20:37 +00:00
c40ea1328b
This incorporates: 2015-07-05 acl-permissions: Document FreeBSD ACL_TYPE_NFS4 acls 2015-07-05 acl-permissions: Fix on FreeBSD 2015-07-05 file-has-acl, acl-permissions: fix some more HP-UX typos * lib/acl-internal.c, lib/acl-internal.h, lib/get-permissions.c: * lib/set-permissions.c: Copy from gnulib.
847 lines
24 KiB
C
847 lines
24 KiB
C
/* set-permissions.c - set permissions of a file
|
|
|
|
Copyright (C) 2002-2003, 2005-2015 Free Software Foundation, Inc.
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
Written by Paul Eggert, Andreas Grünbacher, and Bruno Haible. */
|
|
|
|
#include <config.h>
|
|
|
|
#include "acl.h"
|
|
|
|
#include "acl-internal.h"
|
|
|
|
#if USE_ACL
|
|
# if ! defined HAVE_ACL_FROM_MODE && defined HAVE_ACL_FROM_TEXT /* FreeBSD, IRIX, Tru64 */
|
|
# if HAVE_ACL_GET_FILE && !HAVE_ACL_TYPE_EXTENDED
|
|
|
|
static acl_t
|
|
acl_from_mode (mode_t mode)
|
|
{
|
|
# if HAVE_ACL_FREE_TEXT /* Tru64 */
|
|
char acl_text[] = "u::---,g::---,o::---,";
|
|
# else /* FreeBSD, IRIX */
|
|
char acl_text[] = "u::---,g::---,o::---";
|
|
# endif
|
|
|
|
if (mode & S_IRUSR) acl_text[ 3] = 'r';
|
|
if (mode & S_IWUSR) acl_text[ 4] = 'w';
|
|
if (mode & S_IXUSR) acl_text[ 5] = 'x';
|
|
if (mode & S_IRGRP) acl_text[10] = 'r';
|
|
if (mode & S_IWGRP) acl_text[11] = 'w';
|
|
if (mode & S_IXGRP) acl_text[12] = 'x';
|
|
if (mode & S_IROTH) acl_text[17] = 'r';
|
|
if (mode & S_IWOTH) acl_text[18] = 'w';
|
|
if (mode & S_IXOTH) acl_text[19] = 'x';
|
|
|
|
return acl_from_text (acl_text);
|
|
}
|
|
# endif
|
|
# endif
|
|
|
|
# if HAVE_FACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
|
|
static int
|
|
set_acls_from_mode (const char *name, int desc, mode_t mode, bool *must_chmod)
|
|
{
|
|
# ifdef ACE_GETACL
|
|
/* Solaris also has a different variant of ACLs, used in ZFS and NFSv4
|
|
file systems (whereas the other ones are used in UFS file systems). */
|
|
|
|
/* The flags in the ace_t structure changed in a binary incompatible way
|
|
when ACL_NO_TRIVIAL etc. were introduced in <sys/acl.h> version 1.15.
|
|
How to distinguish the two conventions at runtime?
|
|
We fetch the existing ACL. In the old convention, usually three ACEs have
|
|
a_flags = ACE_OWNER / ACE_GROUP / ACE_OTHER, in the range 0x0100..0x0400.
|
|
In the new convention, these values are not used. */
|
|
int convention;
|
|
|
|
{
|
|
/* Initially, try to read the entries into a stack-allocated buffer.
|
|
Use malloc if it does not fit. */
|
|
enum
|
|
{
|
|
alloc_init = 4000 / sizeof (ace_t), /* >= 3 */
|
|
alloc_max = MIN (INT_MAX, SIZE_MAX / sizeof (ace_t))
|
|
};
|
|
ace_t buf[alloc_init];
|
|
size_t alloc = alloc_init;
|
|
ace_t *entries = buf;
|
|
ace_t *malloced = NULL;
|
|
int count;
|
|
|
|
for (;;)
|
|
{
|
|
count = (desc != -1
|
|
? facl (desc, ACE_GETACL, alloc, entries)
|
|
: acl (name, ACE_GETACL, alloc, entries));
|
|
if (count < 0 && errno == ENOSPC)
|
|
{
|
|
/* Increase the size of the buffer. */
|
|
free (malloced);
|
|
if (alloc > alloc_max / 2)
|
|
{
|
|
errno = ENOMEM;
|
|
return -1;
|
|
}
|
|
alloc = 2 * alloc; /* <= alloc_max */
|
|
entries = malloced = (ace_t *) malloc (alloc * sizeof (ace_t));
|
|
if (entries == NULL)
|
|
{
|
|
errno = ENOMEM;
|
|
return -1;
|
|
}
|
|
continue;
|
|
}
|
|
break;
|
|
}
|
|
|
|
if (count <= 0)
|
|
convention = -1;
|
|
else
|
|
{
|
|
int i;
|
|
|
|
convention = 0;
|
|
for (i = 0; i < count; i++)
|
|
if (entries[i].a_flags & (OLD_ACE_OWNER | OLD_ACE_GROUP | OLD_ACE_OTHER))
|
|
{
|
|
convention = 1;
|
|
break;
|
|
}
|
|
}
|
|
free (malloced);
|
|
}
|
|
|
|
if (convention >= 0)
|
|
{
|
|
ace_t entries[6];
|
|
int count;
|
|
int ret;
|
|
|
|
if (convention)
|
|
{
|
|
/* Running on Solaris 10. */
|
|
entries[0].a_type = OLD_ALLOW;
|
|
entries[0].a_flags = OLD_ACE_OWNER;
|
|
entries[0].a_who = 0; /* irrelevant */
|
|
entries[0].a_access_mask = (mode >> 6) & 7;
|
|
entries[1].a_type = OLD_ALLOW;
|
|
entries[1].a_flags = OLD_ACE_GROUP;
|
|
entries[1].a_who = 0; /* irrelevant */
|
|
entries[1].a_access_mask = (mode >> 3) & 7;
|
|
entries[2].a_type = OLD_ALLOW;
|
|
entries[2].a_flags = OLD_ACE_OTHER;
|
|
entries[2].a_who = 0;
|
|
entries[2].a_access_mask = mode & 7;
|
|
count = 3;
|
|
}
|
|
else
|
|
{
|
|
/* Running on Solaris 10 (newer version) or Solaris 11.
|
|
The details here were found through "/bin/ls -lvd somefiles". */
|
|
entries[0].a_type = NEW_ACE_ACCESS_DENIED_ACE_TYPE;
|
|
entries[0].a_flags = NEW_ACE_OWNER;
|
|
entries[0].a_who = 0; /* irrelevant */
|
|
entries[0].a_access_mask = 0;
|
|
entries[1].a_type = NEW_ACE_ACCESS_ALLOWED_ACE_TYPE;
|
|
entries[1].a_flags = NEW_ACE_OWNER;
|
|
entries[1].a_who = 0; /* irrelevant */
|
|
entries[1].a_access_mask = NEW_ACE_WRITE_NAMED_ATTRS
|
|
| NEW_ACE_WRITE_ATTRIBUTES
|
|
| NEW_ACE_WRITE_ACL
|
|
| NEW_ACE_WRITE_OWNER;
|
|
if (mode & 0400)
|
|
entries[1].a_access_mask |= NEW_ACE_READ_DATA;
|
|
else
|
|
entries[0].a_access_mask |= NEW_ACE_READ_DATA;
|
|
if (mode & 0200)
|
|
entries[1].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
else
|
|
entries[0].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
if (mode & 0100)
|
|
entries[1].a_access_mask |= NEW_ACE_EXECUTE;
|
|
else
|
|
entries[0].a_access_mask |= NEW_ACE_EXECUTE;
|
|
entries[2].a_type = NEW_ACE_ACCESS_DENIED_ACE_TYPE;
|
|
entries[2].a_flags = NEW_ACE_GROUP | NEW_ACE_IDENTIFIER_GROUP;
|
|
entries[2].a_who = 0; /* irrelevant */
|
|
entries[2].a_access_mask = 0;
|
|
entries[3].a_type = NEW_ACE_ACCESS_ALLOWED_ACE_TYPE;
|
|
entries[3].a_flags = NEW_ACE_GROUP | NEW_ACE_IDENTIFIER_GROUP;
|
|
entries[3].a_who = 0; /* irrelevant */
|
|
entries[3].a_access_mask = 0;
|
|
if (mode & 0040)
|
|
entries[3].a_access_mask |= NEW_ACE_READ_DATA;
|
|
else
|
|
entries[2].a_access_mask |= NEW_ACE_READ_DATA;
|
|
if (mode & 0020)
|
|
entries[3].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
else
|
|
entries[2].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
if (mode & 0010)
|
|
entries[3].a_access_mask |= NEW_ACE_EXECUTE;
|
|
else
|
|
entries[2].a_access_mask |= NEW_ACE_EXECUTE;
|
|
entries[4].a_type = NEW_ACE_ACCESS_DENIED_ACE_TYPE;
|
|
entries[4].a_flags = NEW_ACE_EVERYONE;
|
|
entries[4].a_who = 0;
|
|
entries[4].a_access_mask = NEW_ACE_WRITE_NAMED_ATTRS
|
|
| NEW_ACE_WRITE_ATTRIBUTES
|
|
| NEW_ACE_WRITE_ACL
|
|
| NEW_ACE_WRITE_OWNER;
|
|
entries[5].a_type = NEW_ACE_ACCESS_ALLOWED_ACE_TYPE;
|
|
entries[5].a_flags = NEW_ACE_EVERYONE;
|
|
entries[5].a_who = 0;
|
|
entries[5].a_access_mask = NEW_ACE_READ_NAMED_ATTRS
|
|
| NEW_ACE_READ_ATTRIBUTES
|
|
| NEW_ACE_READ_ACL
|
|
| NEW_ACE_SYNCHRONIZE;
|
|
if (mode & 0004)
|
|
entries[5].a_access_mask |= NEW_ACE_READ_DATA;
|
|
else
|
|
entries[4].a_access_mask |= NEW_ACE_READ_DATA;
|
|
if (mode & 0002)
|
|
entries[5].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
else
|
|
entries[4].a_access_mask |= NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA;
|
|
if (mode & 0001)
|
|
entries[5].a_access_mask |= NEW_ACE_EXECUTE;
|
|
else
|
|
entries[4].a_access_mask |= NEW_ACE_EXECUTE;
|
|
count = 6;
|
|
}
|
|
if (desc != -1)
|
|
ret = facl (desc, ACE_SETACL, count, entries);
|
|
else
|
|
ret = acl (name, ACE_SETACL, count, entries);
|
|
if (ret < 0 && errno != EINVAL && errno != ENOTSUP)
|
|
{
|
|
if (errno == ENOSYS)
|
|
{
|
|
*must_chmod = true;
|
|
return 0;
|
|
}
|
|
return -1;
|
|
}
|
|
if (ret == 0)
|
|
return 0;
|
|
}
|
|
# endif
|
|
|
|
{
|
|
aclent_t entries[3];
|
|
int ret;
|
|
|
|
entries[0].a_type = USER_OBJ;
|
|
entries[0].a_id = 0; /* irrelevant */
|
|
entries[0].a_perm = (mode >> 6) & 7;
|
|
entries[1].a_type = GROUP_OBJ;
|
|
entries[1].a_id = 0; /* irrelevant */
|
|
entries[1].a_perm = (mode >> 3) & 7;
|
|
entries[2].a_type = OTHER_OBJ;
|
|
entries[2].a_id = 0;
|
|
entries[2].a_perm = mode & 7;
|
|
|
|
if (desc != -1)
|
|
ret = facl (desc, SETACL,
|
|
sizeof (entries) / sizeof (aclent_t), entries);
|
|
else
|
|
ret = acl (name, SETACL,
|
|
sizeof (entries) / sizeof (aclent_t), entries);
|
|
if (ret < 0)
|
|
{
|
|
if (errno == ENOSYS || errno == EOPNOTSUPP)
|
|
{
|
|
*must_chmod = true;
|
|
return 0;
|
|
}
|
|
return -1;
|
|
}
|
|
}
|
|
}
|
|
|
|
# elif HAVE_GETACL /* HP-UX */
|
|
static int
|
|
context_acl_from_mode (struct permission_context *ctx, const char *name, int desc)
|
|
{
|
|
struct stat statbuf;
|
|
int ret;
|
|
|
|
if (desc != -1)
|
|
ret = fstat (desc, &statbuf);
|
|
else
|
|
ret = stat (name, &statbuf);
|
|
if (ret < 0)
|
|
return -1;
|
|
|
|
ctx->entries[0].uid = statbuf.st_uid;
|
|
ctx->entries[0].gid = ACL_NSGROUP;
|
|
ctx->entries[0].mode = (ctx->mode >> 6) & 7;
|
|
ctx->entries[1].uid = ACL_NSUSER;
|
|
ctx->entries[1].gid = statbuf.st_gid;
|
|
ctx->entries[1].mode = (ctx->mode >> 3) & 7;
|
|
ctx->entries[2].uid = ACL_NSUSER;
|
|
ctx->entries[2].gid = ACL_NSGROUP;
|
|
ctx->entries[2].mode = ctx->mode & 7;
|
|
ctx->count = 3;
|
|
return 0;
|
|
}
|
|
|
|
# if HAVE_ACLV_H /* HP-UX >= 11.11 */
|
|
static int
|
|
context_aclv_from_mode (struct permission_context *ctx)
|
|
{
|
|
int ret;
|
|
|
|
ctx->aclv_entries[0].a_type = USER_OBJ;
|
|
ctx->aclv_entries[0].a_id = 0; /* irrelevant */
|
|
ctx->aclv_entries[0].a_perm = (ctx->mode >> 6) & 7;
|
|
ctx->aclv_entries[1].a_type = GROUP_OBJ;
|
|
ctx->aclv_entries[1].a_id = 0; /* irrelevant */
|
|
ctx->aclv_entries[1].a_perm = (ctx->mode >> 3) & 7;
|
|
ctx->aclv_entries[2].a_type = CLASS_OBJ;
|
|
ctx->aclv_entries[2].a_id = 0;
|
|
ctx->aclv_entries[2].a_perm = (ctx->mode >> 3) & 7;
|
|
ctx->aclv_entries[3].a_type = OTHER_OBJ;
|
|
ctx->aclv_entries[3].a_id = 0;
|
|
ctx->aclv_entries[3].a_perm = ctx->mode & 7;
|
|
ctx->aclv_count = 4;
|
|
|
|
ret = aclsort (ctx->aclv_count, 1, ctx->aclv_entries);
|
|
if (ret > 0)
|
|
abort ();
|
|
return ret;
|
|
}
|
|
# endif
|
|
|
|
# elif HAVE_ACLX_GET && defined ACL_AIX_WIP /* AIX */
|
|
static int
|
|
set_acls_from_mode (const char *name, int desc, mode_t mode, bool *must_chmod)
|
|
{
|
|
acl_type_list_t types;
|
|
size_t types_size = sizeof (types);
|
|
acl_type_t type;
|
|
|
|
if (aclx_gettypes (name, &types, &types_size) < 0
|
|
|| types.num_entries == 0)
|
|
{
|
|
*must_chmod = true;
|
|
return 0;
|
|
}
|
|
|
|
/* XXX Do we need to clear all types of ACLs for the given file, or is it
|
|
sufficient to clear the first one? */
|
|
type = types.entries[0];
|
|
if (type.u64 == ACL_AIXC)
|
|
{
|
|
union { struct acl a; char room[128]; } u;
|
|
int ret;
|
|
|
|
u.a.acl_len = (char *) &u.a.acl_ext[0] - (char *) &u.a; /* no entries */
|
|
u.a.acl_mode = mode & ~(S_IXACL | 0777);
|
|
u.a.u_access = (mode >> 6) & 7;
|
|
u.a.g_access = (mode >> 3) & 7;
|
|
u.a.o_access = mode & 7;
|
|
|
|
if (desc != -1)
|
|
ret = aclx_fput (desc, SET_ACL | SET_MODE_S_BITS,
|
|
type, &u.a, u.a.acl_len, mode);
|
|
else
|
|
ret = aclx_put (name, SET_ACL | SET_MODE_S_BITS,
|
|
type, &u.a, u.a.acl_len, mode);
|
|
if (!(ret < 0 && errno == ENOSYS))
|
|
return ret;
|
|
}
|
|
else if (type.u64 == ACL_NFS4)
|
|
{
|
|
union { nfs4_acl_int_t a; char room[128]; } u;
|
|
nfs4_ace_int_t *ace;
|
|
int ret;
|
|
|
|
u.a.aclVersion = NFS4_ACL_INT_STRUCT_VERSION;
|
|
u.a.aclEntryN = 0;
|
|
ace = &u.a.aclEntry[0];
|
|
{
|
|
ace->flags = ACE4_ID_SPECIAL;
|
|
ace->aceWho.special_whoid = ACE4_WHO_OWNER;
|
|
ace->aceType = ACE4_ACCESS_ALLOWED_ACE_TYPE;
|
|
ace->aceFlags = 0;
|
|
ace->aceMask =
|
|
(mode & 0400 ? ACE4_READ_DATA | ACE4_LIST_DIRECTORY : 0)
|
|
| (mode & 0200
|
|
? ACE4_WRITE_DATA | ACE4_ADD_FILE | ACE4_APPEND_DATA
|
|
| ACE4_ADD_SUBDIRECTORY
|
|
: 0)
|
|
| (mode & 0100 ? ACE4_EXECUTE : 0);
|
|
ace->aceWhoString[0] = '\0';
|
|
ace->entryLen = (char *) &ace->aceWhoString[4] - (char *) ace;
|
|
ace = (nfs4_ace_int_t *) (char *) &ace->aceWhoString[4];
|
|
u.a.aclEntryN++;
|
|
}
|
|
{
|
|
ace->flags = ACE4_ID_SPECIAL;
|
|
ace->aceWho.special_whoid = ACE4_WHO_GROUP;
|
|
ace->aceType = ACE4_ACCESS_ALLOWED_ACE_TYPE;
|
|
ace->aceFlags = 0;
|
|
ace->aceMask =
|
|
(mode & 0040 ? ACE4_READ_DATA | ACE4_LIST_DIRECTORY : 0)
|
|
| (mode & 0020
|
|
? ACE4_WRITE_DATA | ACE4_ADD_FILE | ACE4_APPEND_DATA
|
|
| ACE4_ADD_SUBDIRECTORY
|
|
: 0)
|
|
| (mode & 0010 ? ACE4_EXECUTE : 0);
|
|
ace->aceWhoString[0] = '\0';
|
|
ace->entryLen = (char *) &ace->aceWhoString[4] - (char *) ace;
|
|
ace = (nfs4_ace_int_t *) (char *) &ace->aceWhoString[4];
|
|
u.a.aclEntryN++;
|
|
}
|
|
{
|
|
ace->flags = ACE4_ID_SPECIAL;
|
|
ace->aceWho.special_whoid = ACE4_WHO_EVERYONE;
|
|
ace->aceType = ACE4_ACCESS_ALLOWED_ACE_TYPE;
|
|
ace->aceFlags = 0;
|
|
ace->aceMask =
|
|
(mode & 0004 ? ACE4_READ_DATA | ACE4_LIST_DIRECTORY : 0)
|
|
| (mode & 0002
|
|
? ACE4_WRITE_DATA | ACE4_ADD_FILE | ACE4_APPEND_DATA
|
|
| ACE4_ADD_SUBDIRECTORY
|
|
: 0)
|
|
| (mode & 0001 ? ACE4_EXECUTE : 0);
|
|
ace->aceWhoString[0] = '\0';
|
|
ace->entryLen = (char *) &ace->aceWhoString[4] - (char *) ace;
|
|
ace = (nfs4_ace_int_t *) (char *) &ace->aceWhoString[4];
|
|
u.a.aclEntryN++;
|
|
}
|
|
u.a.aclLength = (char *) ace - (char *) &u.a;
|
|
|
|
if (desc != -1)
|
|
ret = aclx_fput (desc, SET_ACL | SET_MODE_S_BITS,
|
|
type, &u.a, u.a.aclLength, mode);
|
|
else
|
|
ret = aclx_put (name, SET_ACL | SET_MODE_S_BITS,
|
|
type, &u.a, u.a.aclLength, mode);
|
|
if (!(ret < 0 && errno == ENOSYS))
|
|
return ret;
|
|
}
|
|
|
|
*must_chmod = true;
|
|
return 0;
|
|
}
|
|
|
|
# elif HAVE_STATACL /* older AIX */
|
|
static int
|
|
context_acl_from_mode (struct permission_context *ctx)
|
|
{
|
|
ctx->u.a.acl_len = (char *) &ctx->u.a.acl_ext[0] - (char *) &ctx->u.a; /* no entries */
|
|
ctx->u.a.acl_mode = ctx->mode & ~(S_IXACL | 0777);
|
|
ctx->u.a.u_access = (ctx->mode >> 6) & 7;
|
|
ctx->u.a.g_access = (ctx->mode >> 3) & 7;
|
|
ctx->u.a.o_access = ctx->mode & 7;
|
|
ctx->have_u = true;
|
|
return 0;
|
|
}
|
|
|
|
# elif HAVE_ACLSORT /* NonStop Kernel */
|
|
static int
|
|
context_acl_from_mode (struct permission_context *ctx)
|
|
{
|
|
int ret;
|
|
|
|
ctx->entries[0].a_type = USER_OBJ;
|
|
ctx->entries[0].a_id = 0; /* irrelevant */
|
|
ctx->entries[0].a_perm = (ctx->mode >> 6) & 7;
|
|
ctx->entries[1].a_type = GROUP_OBJ;
|
|
ctx->entries[1].a_id = 0; /* irrelevant */
|
|
ctx->entries[1].a_perm = (ctx->mode >> 3) & 7;
|
|
ctx->entries[2].a_type = CLASS_OBJ;
|
|
ctx->entries[2].a_id = 0;
|
|
ctx->entries[2].a_perm = (ctx->mode >> 3) & 7;
|
|
ctx->entries[3].a_type = OTHER_OBJ;
|
|
ctx->entries[3].a_id = 0;
|
|
ctx->entries[3].a_perm = ctx->mode & 7;
|
|
ctx->count = 4;
|
|
|
|
ret = aclsort (ctx->count, 1, entries);
|
|
if (ret > 0)
|
|
abort ();
|
|
return ret;
|
|
}
|
|
# endif
|
|
|
|
static int
|
|
set_acls (struct permission_context *ctx, const char *name, int desc,
|
|
int from_mode, bool *must_chmod, bool *acls_set)
|
|
{
|
|
int ret = 0;
|
|
|
|
# if HAVE_ACL_GET_FILE
|
|
/* POSIX 1003.1e (draft 17 -- abandoned) specific version. */
|
|
/* Linux, FreeBSD, Mac OS X, IRIX, Tru64 */
|
|
# if !HAVE_ACL_TYPE_EXTENDED
|
|
/* Linux, FreeBSD, IRIX, Tru64 */
|
|
|
|
# ifndef HAVE_ACL_FROM_TEXT
|
|
# error Must have acl_from_text (see POSIX 1003.1e draft 17).
|
|
# endif
|
|
# ifndef HAVE_ACL_DELETE_DEF_FILE
|
|
# error Must have acl_delete_def_file (see POSIX 1003.1e draft 17).
|
|
# endif
|
|
|
|
if (! ctx->acls_not_supported)
|
|
{
|
|
if (ret == 0 && from_mode)
|
|
{
|
|
if (ctx->acl)
|
|
acl_free (ctx->acl);
|
|
ctx->acl = acl_from_mode (ctx->mode);
|
|
if (ctx->acl == NULL)
|
|
ret = -1;
|
|
}
|
|
|
|
if (ret == 0 && ctx->acl)
|
|
{
|
|
if (HAVE_ACL_SET_FD && desc != -1)
|
|
ret = acl_set_fd (desc, ctx->acl);
|
|
else
|
|
ret = acl_set_file (name, ACL_TYPE_ACCESS, ctx->acl);
|
|
if (ret != 0)
|
|
{
|
|
if (! acl_errno_valid (errno))
|
|
{
|
|
ctx->acls_not_supported = true;
|
|
if (from_mode || acl_access_nontrivial (ctx->acl) == 0)
|
|
ret = 0;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
*acls_set = true;
|
|
if (S_ISDIR(ctx->mode))
|
|
{
|
|
if (! from_mode && ctx->default_acl &&
|
|
acl_default_nontrivial (ctx->default_acl))
|
|
ret = acl_set_file (name, ACL_TYPE_DEFAULT,
|
|
ctx->default_acl);
|
|
else
|
|
ret = acl_delete_def_file (name);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
# if HAVE_ACL_TYPE_NFS4 /* FreeBSD */
|
|
|
|
/* File systems either support POSIX ACLs (for example, ufs) or NFS4 ACLs
|
|
(for example, zfs). */
|
|
|
|
/* TODO: Implement setting ACLs once get_permissions() reads them. */
|
|
|
|
# endif
|
|
|
|
# else /* HAVE_ACL_TYPE_EXTENDED */
|
|
/* Mac OS X */
|
|
|
|
/* On Mac OS X, acl_get_file (name, ACL_TYPE_ACCESS)
|
|
and acl_get_file (name, ACL_TYPE_DEFAULT)
|
|
always return NULL / EINVAL. You have to use
|
|
acl_get_file (name, ACL_TYPE_EXTENDED)
|
|
or acl_get_fd (open (name, ...))
|
|
to retrieve an ACL.
|
|
On the other hand,
|
|
acl_set_file (name, ACL_TYPE_ACCESS, acl)
|
|
and acl_set_file (name, ACL_TYPE_DEFAULT, acl)
|
|
have the same effect as
|
|
acl_set_file (name, ACL_TYPE_EXTENDED, acl):
|
|
Each of these calls sets the file's ACL. */
|
|
|
|
if (ctx->acl == NULL)
|
|
{
|
|
acl_t acl;
|
|
|
|
/* Remove ACLs if the file has ACLs. */
|
|
if (HAVE_ACL_GET_FD && desc != -1)
|
|
acl = acl_get_fd (desc);
|
|
else
|
|
acl = acl_get_file (name, ACL_TYPE_EXTENDED);
|
|
if (acl)
|
|
{
|
|
acl_free (acl);
|
|
|
|
acl = acl_init (0);
|
|
if (acl)
|
|
{
|
|
if (HAVE_ACL_SET_FD && desc != -1)
|
|
ret = acl_set_fd (desc, acl);
|
|
else
|
|
ret = acl_set_file (name, ACL_TYPE_EXTENDED, acl);
|
|
acl_free (acl);
|
|
}
|
|
else
|
|
ret = -1;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (HAVE_ACL_SET_FD && desc != -1)
|
|
ret = acl_set_fd (desc, ctx->acl);
|
|
else
|
|
ret = acl_set_file (name, ACL_TYPE_EXTENDED, ctx->acl);
|
|
if (ret != 0)
|
|
{
|
|
if (! acl_errno_valid (errno)
|
|
&& ! acl_extended_nontrivial (ctx->acl))
|
|
ret = 0;
|
|
}
|
|
}
|
|
*acls_set = true;
|
|
|
|
# endif
|
|
|
|
# elif defined GETACL /* Solaris, Cygwin, not HP-UX */
|
|
|
|
/* Solaris 2.5 through Solaris 10, Cygwin, and contemporaneous versions
|
|
of Unixware. The acl() call returns the access and default ACL both
|
|
at once. */
|
|
|
|
/* If both ace_entries and entries are available, try SETACL before
|
|
ACE_SETACL, because SETACL cannot fail with ENOTSUP whereas ACE_SETACL
|
|
can. */
|
|
|
|
if (from_mode)
|
|
return set_acls_from_mode (name, desc, ctx->mode, must_chmod);
|
|
|
|
if (ret == 0 && ctx->count)
|
|
{
|
|
if (desc != -1)
|
|
ret = facl (desc, SETACL, ctx->count, ctx->entries);
|
|
else
|
|
ret = acl (name, SETACL, ctx->count, ctx->entries);
|
|
if (ret < 0)
|
|
{
|
|
if ((errno == ENOSYS || errno == EOPNOTSUPP || errno == EINVAL)
|
|
&& acl_nontrivial (ctx->count, ctx->entries) == 0)
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
|
|
# ifdef ACE_GETACL
|
|
if (ret == 0 && ctx->ace_count)
|
|
{
|
|
if (desc != -1)
|
|
ret = facl (desc, ACE_SETACL, ctx->ace_count, ctx->ace_entries);
|
|
else
|
|
ret = acl (name, ACE_SETACL, ctx->ace_count, ctx->ace_entries);
|
|
if (ret < 0)
|
|
{
|
|
if ((errno == ENOSYS || errno == EINVAL || errno == ENOTSUP)
|
|
&& acl_ace_nontrivial (ctx->ace_count, ctx->ace_entries) == 0)
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
# endif
|
|
|
|
# elif HAVE_GETACL /* HP-UX */
|
|
|
|
if (from_mode)
|
|
ret = context_acl_from_mode (ctx, name, desc);
|
|
|
|
if (ret == 0 && ctx->count > 0)
|
|
{
|
|
if (desc != -1)
|
|
ret = fsetacl (desc, ctx->count, ctx->entries);
|
|
else
|
|
ret = setacl (name, ctx->count, ctx->entries);
|
|
if (ret < 0)
|
|
{
|
|
if ((errno == ENOSYS || errno == EOPNOTSUPP || errno == ENOTSUP)
|
|
&& (from_mode || !acl_nontrivial (ctx->count, ctx->entries)))
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
|
|
# if HAVE_ACLV_H
|
|
if (from_mode)
|
|
ret = context_aclv_from_mode (ctx);
|
|
|
|
if (ret == 0 && ctx->aclv_count > 0)
|
|
{
|
|
ret = acl ((char *) name, ACL_SET, ctx->aclv_count, ctx->aclv_entries);
|
|
if (ret < 0)
|
|
{
|
|
if ((errno == ENOSYS || errno == EOPNOTSUPP || errno == EINVAL)
|
|
&& (from_mode || !aclv_nontrivial (ctx->aclv_count, ctx->aclv_entries)))
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
# endif
|
|
|
|
# elif HAVE_ACLX_GET && ACL_AIX_WIP /* AIX */
|
|
|
|
/* TODO: Implement setting ACLs once get_permissions() reads them. */
|
|
|
|
if (from_mode)
|
|
ret = set_acls_from_mode (name, desc, mode, must_chmod);
|
|
|
|
# elif HAVE_STATACL /* older AIX */
|
|
|
|
if (from_mode)
|
|
ret = context_acl_from_mode (ctx);
|
|
|
|
if (ret == 0 && ctx->have_u)
|
|
{
|
|
if (desc != -1)
|
|
ret = fchacl (desc, &ctx->u.a, ctx->u.a.acl_len);
|
|
else
|
|
ret = chacl ((char *) name, &ctx->u.a, ctx->u.a.acl_len);
|
|
if (ret < 0)
|
|
{
|
|
if (errno == ENOSYS && from_mode)
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
|
|
# elif HAVE_ACLSORT /* NonStop Kernel */
|
|
|
|
if (from_mode)
|
|
ret = context_acl_from_mode (ctx);
|
|
|
|
if (ret == 0 && ctx->count)
|
|
{
|
|
ret = acl ((char *) name, ACL_SET, ctx->count, ctx->entries);
|
|
if (ret != 0)
|
|
{
|
|
if (!acl_nontrivial (ctx->count, ctx->entries))
|
|
ret = 0;
|
|
}
|
|
else
|
|
*acls_set = true;
|
|
}
|
|
|
|
# else /* No ACLs */
|
|
|
|
/* Nothing to do. */
|
|
|
|
# endif
|
|
|
|
return ret;
|
|
}
|
|
#endif
|
|
|
|
/* If DESC is a valid file descriptor use fchmod to change the
|
|
file's mode to MODE on systems that have fchmod. On systems
|
|
that don't have fchmod and if DESC is invalid, use chmod on
|
|
NAME instead.
|
|
Return 0 if successful. Return -1 and set errno upon failure. */
|
|
|
|
int
|
|
chmod_or_fchmod (const char *name, int desc, mode_t mode)
|
|
{
|
|
if (HAVE_FCHMOD && desc != -1)
|
|
return fchmod (desc, mode);
|
|
else
|
|
return chmod (name, mode);
|
|
}
|
|
|
|
/* Set the permissions in CTX on a file. If DESC is a valid file descriptor,
|
|
use file descriptor operations, else use filename based operations on NAME.
|
|
If access control lists are not available, fchmod the target file to the
|
|
mode in CTX. Also sets the non-permission bits of the destination file
|
|
(S_ISUID, S_ISGID, S_ISVTX) to those from the mode in CTX if any are set.
|
|
Return 0 if successful. Return -1 and set errno upon failure. */
|
|
|
|
int
|
|
set_permissions (struct permission_context *ctx, const char *name, int desc)
|
|
{
|
|
bool acls_set _GL_UNUSED = false;
|
|
bool early_chmod;
|
|
bool must_chmod = false;
|
|
int ret = 0;
|
|
|
|
#if USE_ACL
|
|
# if HAVE_STATACL
|
|
/* older AIX */
|
|
/* There is no need to call chmod_or_fchmod, since the mode
|
|
bits S_ISUID, S_ISGID, S_ISVTX are also stored in the ACL. */
|
|
|
|
early_chmod = false;
|
|
# else
|
|
/* All other platforms */
|
|
/* On Cygwin, it is necessary to call chmod before acl, because
|
|
chmod can change the contents of the ACL (in ways that don't
|
|
change the allowed accesses, but still visible). */
|
|
|
|
early_chmod = (! MODE_INSIDE_ACL || (ctx->mode & (S_ISUID | S_ISGID | S_ISVTX)));
|
|
# endif
|
|
#else
|
|
/* No ACLs */
|
|
|
|
early_chmod = true;
|
|
#endif
|
|
|
|
if (early_chmod)
|
|
{
|
|
ret = chmod_or_fchmod (name, desc, ctx->mode);
|
|
if (ret != 0)
|
|
return -1;
|
|
}
|
|
|
|
#if USE_ACL
|
|
ret = set_acls (ctx, name, desc, false, &must_chmod, &acls_set);
|
|
if (! acls_set)
|
|
{
|
|
int saved_errno = ret ? errno : 0;
|
|
|
|
/* If we can't set an acl which we expect to be able to set, try setting
|
|
the permissions to ctx->mode. Due to possible inherited permissions,
|
|
we cannot simply chmod. */
|
|
|
|
ret = set_acls (ctx, name, desc, true, &must_chmod, &acls_set);
|
|
if (! acls_set)
|
|
must_chmod = true;
|
|
|
|
if (saved_errno)
|
|
{
|
|
errno = saved_errno;
|
|
ret = -1;
|
|
}
|
|
}
|
|
#endif
|
|
|
|
if (must_chmod && ! early_chmod)
|
|
{
|
|
int saved_errno = ret ? errno : 0;
|
|
|
|
ret = chmod_or_fchmod (name, desc, ctx->mode);
|
|
|
|
if (saved_errno)
|
|
{
|
|
errno = saved_errno;
|
|
ret = -1;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|