コード例 #1
0
ファイル: krvfshandler.cpp プロジェクト: KDE/krusader
QString KrVfsHandler::getACL(const QString & path, int type)
{
    Q_UNUSED(path);
    Q_UNUSED(type);
#ifdef HAVE_POSIX_ACL
    acl_t acl = 0;
    // do we have an acl for the file, and/or a default acl for the dir, if it is one?
    if ((acl = acl_get_file(path.toLocal8Bit(), type)) != 0) {
        bool aclExtended = false;

#ifdef HAVE_NON_POSIX_ACL_EXTENSIONS
        aclExtended = acl_equiv_mode(acl, 0);
#else
        acl_entry_t entry;
        int ret = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
        while (ret == 1) {
            acl_tag_t currentTag;
            acl_get_tag_type(entry, &currentTag);
            if (currentTag != ACL_USER_OBJ &&
                    currentTag != ACL_GROUP_OBJ &&
                    currentTag != ACL_OTHER) {
                aclExtended = true;
                break;
            }
            ret = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
        }
#endif

        if (!aclExtended) {
            acl_free(acl);
            acl = 0;
        }
    }

    if (acl == 0)
        return QString();

    char *aclString = acl_to_text(acl, 0);
    QString ret = QString::fromLatin1(aclString);
    acl_free((void*)aclString);
    acl_free(acl);

    return ret;
#else
    return QString();
#endif
}
コード例 #2
0
ファイル: utils.c プロジェクト: jhbsz/OSI-OS
int preserve_fd_acls(int source_fd, int dest_fd) {
	acl_t acl;
	acl_type_t acl_type;
	int acl_supported = 0, ret, trivial;

	ret = fpathconf(source_fd, _PC_ACL_NFS4);
	if (ret > 0 ) {
		acl_supported = 1;
		acl_type = ACL_TYPE_NFS4;
	} else if (ret < 0 && errno != EINVAL) {
		warn("fpathconf(..., _PC_ACL_NFS4) failed for %s", to.p_path);
		return (1);
	}
	if (acl_supported == 0) {
		ret = fpathconf(source_fd, _PC_ACL_EXTENDED);
		if (ret > 0 ) {
			acl_supported = 1;
			acl_type = ACL_TYPE_ACCESS;
		} else if (ret < 0 && errno != EINVAL) {
			warn("fpathconf(..., _PC_ACL_EXTENDED) failed for %s", to.p_path);
			return (1);
		}
	}
	if (acl_supported == 0)
		return (0);
	acl = acl_get_fd_np(source_fd, acl_type);
	if (acl == NULL) {
		warn("failed to get acl entries while setting %s", to.p_path);
		return (1);
	}
	if (acl_is_trivial_np(acl, &trivial)) {
		warn("acl_is_trivial() failed for %s", to.p_path);
		acl_free(acl);
		return (1);
	}
	if (trivial) {
		acl_free(acl);
		return (0);
	}
	if (acl_set_fd_np(dest_fd, acl, acl_type) < 0) {
		warn("failed to set acl entries for %s", to.p_path);
		acl_free(acl);
		return (1);
	}
	acl_free(acl);
	return (0);
}
コード例 #3
0
/* Copy the permissions of src_path to dst_path. This includes the
   file mode permission bits and ACLs. File ownership is not copied.
 */
int
perm_copy_fd (const char *src_path, int src_fd,
	       const char *dst_path, int dst_fd,
	       struct error_context *ctx)
{
#if defined(HAVE_ACL_GET_FD) && defined(HAVE_ACL_SET_FD)
	acl_t acl;
#endif
	struct stat st;
	int ret = 0;

	ret = fstat(src_fd, &st);
	if (ret != 0) {
		const char *qpath = quote (ctx, src_path);
		error (ctx, "%s", qpath);
		quote_free (ctx, qpath);
		return -1;
	}
#if defined(HAVE_ACL_GET_FD) && defined(HAVE_ACL_SET_FD)
	/* POSIX 1003.1e draft 17 (abandoned) specific version.  */
	acl = acl_get_fd (src_fd);
	if (acl == NULL) {
		ret = -1;
		if (errno == ENOSYS || errno == ENOTSUP)
			ret = set_acl_fd (dst_path, dst_fd, st.st_mode, ctx);
		else {
			const char *qpath = quote (ctx, src_path);
			error (ctx, "%s", qpath);
			quote_free (ctx, qpath);
		}
		return ret;
	}

	if (acl_set_fd (dst_fd, acl) != 0) {
		int saved_errno = errno;
		__apply_mask_to_mode(&st.st_mode, acl);
		ret = fchmod (dst_fd, st.st_mode);
		if ((errno != ENOSYS && errno != ENOTSUP) ||
		    acl_entries (acl) != 3) {
			const char *qpath = quote (ctx, dst_path);
			errno = saved_errno;
			error (ctx, _("preserving permissions for %s"), qpath);
			quote_free (ctx, qpath);
			ret = -1;
		}
	}
	(void) acl_free (acl);
	return ret;
#else
	/* POSIX.1 version. */
	ret = fchmod (dst_fd, st.st_mode);
	if (ret != 0) {
		const char *qpath = quote (ctx, dst_path);
		error (ctx, _("setting permissions for %s"), qpath);
		quote_free (ctx, qpath);
	}
	return ret;
#endif
}
コード例 #4
0
ファイル: acl.c プロジェクト: vanElden/burp
static acl_t acl_contains_something(const char *path, int acl_type)
{
	acl_t acl=NULL;
	if(!(acl=acl_get_file(path, acl_type))) return NULL;
	if(!acl_is_trivial(acl)) return acl;
	acl_free(acl);
	return NULL;
}
コード例 #5
0
static int
setup_acls_posix1e(struct archive_read_disk *a,
    struct archive_entry *entry, int fd)
{
	const char	*accpath;
	acl_t		 acl;

	accpath = archive_entry_sourcepath(entry);
	if (accpath == NULL)
		accpath = archive_entry_pathname(entry);

	archive_entry_acl_clear(entry);

	/* Retrieve access ACL from file. */
	if (fd >= 0)
		acl = acl_get_fd(fd);
#if HAVE_ACL_GET_LINK_NP
	else if (!a->follow_symlinks)
		acl = acl_get_link_np(accpath, ACL_TYPE_ACCESS);
#else
	else if ((!a->follow_symlinks)
	    && (archive_entry_filetype(entry) == AE_IFLNK))
		/* We can't get the ACL of a symlink, so we assume it can't
		   have one. */
		acl = NULL;
#endif
	else
		acl = acl_get_file(accpath, ACL_TYPE_ACCESS);
	if (acl != NULL) {
		setup_acl_posix1e(a, entry, acl,
		    ARCHIVE_ENTRY_ACL_TYPE_ACCESS);
		acl_free(acl);
	}

	/* Only directories can have default ACLs. */
	if (S_ISDIR(archive_entry_mode(entry))) {
		acl = acl_get_file(accpath, ACL_TYPE_DEFAULT);
		if (acl != NULL) {
			setup_acl_posix1e(a, entry, acl,
			    ARCHIVE_ENTRY_ACL_TYPE_DEFAULT);
			acl_free(acl);
		}
	}
	return (ARCHIVE_OK);
}
コード例 #6
0
ファイル: uacl.c プロジェクト: nshrine/jfacl
int getacl(const char *pathp, aclent_t *aclpbuf)
{
	acl_t acl = NULL, default_acl = NULL;	
	struct stat st;
	
	if (stat(pathp, &st) != 0) {
		return -1;
	}
		
	acl = acl_get_file(pathp, ACL_TYPE_ACCESS);
	if(acl == NULL && (errno == ENOSYS || errno == ENOTSUP)) {
		acl = acl_from_mode(st.st_mode);
		if (acl == NULL) {
			return -1;
		}
	}	
	
	if (S_ISDIR(st.st_mode)) {
		default_acl = acl_get_file(pathp, ACL_TYPE_DEFAULT);
		if ((default_acl != NULL) && (acl_entries(default_acl) == 0)) {
			acl_free(default_acl);
			default_acl = NULL;
		} 
	}
	
	acl_entry_t acl_entry;
	int ret = acl_get_entry(acl, ACL_FIRST_ENTRY, &acl_entry);
	int i = 0;
	while(ret > 0) {
		aclpbuf[i++] = getentry(acl_entry, st, 0);
		ret = acl_get_entry(acl, ACL_NEXT_ENTRY, &acl_entry);
	}
	acl_free(acl);
	
	if((default_acl != NULL) && (ret != -1)) {
		ret = acl_get_entry(default_acl, ACL_FIRST_ENTRY, &acl_entry);
		while(ret > 0) {			
			aclpbuf[i++] = getentry(acl_entry, st, ACL_DEFAULT);
			ret = acl_get_entry(default_acl, ACL_NEXT_ENTRY, &acl_entry);
		}
		acl_free(default_acl);
	}
	
	return i;
}
コード例 #7
0
ファイル: fpm_unix.c プロジェクト: dayeshisir/php-annotation
int fpm_unix_free_socket_premissions(struct fpm_worker_pool_s *wp) /* {{{ */
{
#ifdef HAVE_FPM_ACL
    if (wp->socket_acl) {
        return acl_free(wp->socket_acl);
    }
#endif
    return 0;
}
コード例 #8
0
ファイル: acl.c プロジェクト: vanElden/burp
int has_acl(const char *path, enum cmd cmd)
{
	acl_t acl=NULL;
	if(!(acl=acl_contains_something(path, ACL_TYPE_ACCESS))
	  || (cmd==CMD_DIRECTORY
	    && !(acl=acl_contains_something(path, ACL_TYPE_DEFAULT))))
		return 0;
	acl_free(acl);
	return 1;
}
コード例 #9
0
ファイル: do_set.c プロジェクト: GunioRobot/rtn56u
void
print_test(
	FILE *file,
	const char *path_p,
	const struct stat *st,
	const acl_t acl,
	const acl_t default_acl)
{
	char *acl_text, *default_acl_text;

	acl_text = acl_to_any_text(acl, NULL, ',', TEXT_ABBREVIATE);
	default_acl_text =
		acl_to_any_text(default_acl, "d:", ',', TEXT_ABBREVIATE);
	fprintf(file, "%s: %s,%s\n", path_p,
		acl_text ? acl_text : "*",
		default_acl_text ? default_acl_text : "*");
	acl_free(acl_text);
	acl_free(default_acl_text);
}
コード例 #10
0
/*
 *    lists the acl for a file/dir in short text form
 *    return 0 on failure
 *    return 1 on success
 */
static int
list_acl(char *file)
{
	acl_t acl = NULL;
	acl_t dacl = NULL;
	char *acl_text, *dacl_text = NULL;

	if ((acl = acl_get_file(file, ACL_TYPE_ACCESS)) == NULL) {
		fprintf(stderr, _("%s: cannot get access ACL on '%s': %s\n"),
			program, file, strerror(errno));
		return 0;
	}
	if ((dacl = acl_get_file(file, ACL_TYPE_DEFAULT)) == NULL &&
	    (errno != EACCES)) {	/* EACCES given if not a directory */
		fprintf(stderr, _("%s: cannot get default ACL on '%s': %s\n"),
			program, file, strerror(errno));
		return 0;
	}
	acl_text = acl_to_any_text(acl, NULL, ',', TEXT_ABBREVIATE);
	if (acl_text == NULL) {
		fprintf(stderr, _("%s: cannot get access ACL text on "
			"'%s': %s\n"), program, file, strerror(errno));
		return 0;
	}
	if (acl_entries(dacl) > 0) {
		dacl_text = acl_to_any_text(dacl, NULL, ',', TEXT_ABBREVIATE);
		if (dacl_text == NULL) {
			fprintf(stderr, _("%s: cannot get default ACL text on "
				"'%s': %s\n"), program, file, strerror(errno));
			return 0;
		}
	}
	if (dacl_text) {
		printf("%s [%s/%s]\n", file, acl_text, dacl_text);
		acl_free(dacl_text);
	} else
		printf("%s [%s]\n", file, acl_text);
	acl_free(acl_text);
	acl_free(acl);
	acl_free(dacl);
	return 1;
}
コード例 #11
0
ファイル: merge.c プロジェクト: 0xbda2d2f8/freebsd
static int
merge_user_group(acl_entry_t *entry, acl_entry_t *entry_new, int acl_brand)
{
	acl_permset_t permset;
	acl_entry_type_t entry_type;
	acl_flagset_t flagset;
	int have_entry;
	uid_t *id, *id_new;

	have_entry = 0;

	id = acl_get_qualifier(*entry);
	if (id == NULL)
		err(1, "acl_get_qualifier() failed");
	id_new = acl_get_qualifier(*entry_new);
	if (id_new == NULL)
		err(1, "acl_get_qualifier() failed");
	if (*id == *id_new) {
		/* any other matches */
		if (acl_get_permset(*entry, &permset) == -1)
			err(1, "acl_get_permset() failed");
		if (acl_set_permset(*entry_new, permset) == -1)
			err(1, "acl_set_permset() failed");

		if (acl_brand == ACL_BRAND_NFS4) {
			if (acl_get_entry_type_np(*entry, &entry_type))
				err(1, "acl_get_entry_type_np() failed");
			if (acl_set_entry_type_np(*entry_new, entry_type))
				err(1, "acl_set_entry_type_np() failed");
			if (acl_get_flagset_np(*entry, &flagset))
				err(1, "acl_get_flagset_np() failed");
			if (acl_set_flagset_np(*entry_new, flagset))
				err(1, "acl_set_flagset_np() failed");
		}

		have_entry = 1;
	}
	acl_free(id);
	acl_free(id_new);

	return (have_entry);
}
コード例 #12
0
/*
 * remove default entries
 */
int
remove_default(acl_t *prev_acl, const char *filename)
{

	acl_free(*prev_acl);
	*prev_acl = acl_init(ACL_MAX_ENTRIES);
	if (*prev_acl == NULL)
		err(1, "%s: acl_init() failed", filename);

	return (0);
}
コード例 #13
0
ファイル: chmod_acl.c プロジェクト: carriercomm/osx-2
/* Compares two ACL entries for equality */
int
compare_acl_entries(acl_entry_t a, acl_entry_t b)
{
	acl_tag_t atag, btag;
	acl_permset_t aperms, bperms;
	acl_flagset_t aflags, bflags;
	int pcmp = 0, fcmp = 0;
	void *aqual, *bqual;

	aqual = acl_get_qualifier(a);
	bqual = acl_get_qualifier(b);

	int compare = compare_acl_qualifiers(aqual, bqual);
	acl_free(aqual);
	acl_free(bqual);

	if (compare != 0)
		return MATCH_NONE;

	if (0 != acl_get_tag_type(a, &atag))
		err(1, "No tag type present in entry");
	if (0!= acl_get_tag_type(b, &btag))
		err(1, "No tag type present in entry");

	if (atag != btag)
		return MATCH_NONE;

	if ((acl_get_permset(a, &aperms) != 0) ||
	    (acl_get_flagset_np(a, &aflags) != 0) ||
	    (acl_get_permset(b, &bperms) != 0) ||
	    (acl_get_flagset_np(b, &bflags) != 0))
		err(1, "error fetching permissions");

	pcmp = compare_acl_permsets(aperms, bperms);
	fcmp = compare_acl_flagsets(aflags, bflags);

	if ((pcmp == MATCH_NONE) || (fcmp == MATCH_NONE))
		return(MATCH_PARTIAL);
	else
		return(MATCH_EXACT);
}
コード例 #14
0
/*
 * remove extended entries
 */
void
remove_ext(acl_t *prev_acl, const char *filename)
{
	acl_t acl_new;

	acl_new = acl_strip_np(*prev_acl, !n_flag);
	if (acl_new == NULL)
		err(1, "%s: acl_strip_np() failed", filename);

	acl_free(*prev_acl);
	*prev_acl = acl_new;
}
コード例 #15
0
ファイル: set-acl.c プロジェクト: Distrotech/acl
int main(int argc, char *argv[])
{
	acl_t acl;
	int n, ret = 0;

	progname = basename(argv[0]);

	if (argc < 3) {
		printf("%s -- set access control list of files\n"
			"Usage: %s acl file ...\n",
			progname, progname);
		return 1;
	}

	acl = acl_from_text(argv[1]);
	if (!acl) {
		fprintf(stderr, "%s: `%s': %s\n",
			progname, argv[1], strerror(errno));
		return 1;
	}
	if (acl_valid(acl) != 0) {
		fprintf(stderr, "%s: `%s': invalid/incomplete acl\n",
			progname, argv[1]);
		acl_free(acl);
		return 1;
	}

	for (n = 2; n < argc; n++) {
		if (acl_set_file(argv[n], ACL_TYPE_ACCESS, acl) != 0) {
			fprintf(stderr, "%s: setting acl of %s: %s\n",
				progname, argv[n], strerror(errno));
			ret = 1;
		}
	}

	acl_free(acl);

	return ret;
}
コード例 #16
0
ファイル: vfs_posixacl.c プロジェクト: 0x24bin/winexe-1
int posixacl_sys_acl_set_fd(vfs_handle_struct *handle,
			    files_struct *fsp,
			    SMB_ACL_T theacl)
{
	int res;
	acl_t acl = smb_acl_to_posix(theacl);
	if (acl == NULL) {
		return -1;
	}
	res =  acl_set_fd(fsp->fh->fd, acl);
	acl_free(acl);
	return res;
}
コード例 #17
0
ファイル: file.c プロジェクト: mikelward/unixtools
/*
 * return true if file has ACLs beyond the traditional Unix owner/group/other ACLs
 */
bool hasacls(File *file)
{
    acl_type_t acl_types[] = { ACL_TYPE_ACCESS, ACL_TYPE_DEFAULT };
    for (int i = 0; i < sizeof(acl_types)/sizeof(acl_types[0]); i++) {
        if (!isdir(file) && acl_types[i] == ACL_TYPE_DEFAULT) continue;

        errno = 0;
        acl_t acl = acl_get_file(file->path, acl_types[i]);
        // XXX is this valid?
        if (!acl) {
            if (errno == EOPNOTSUPP) {
                /* file system does not support ACLs */
                return false;
            }
            errorf("Error getting ACLs for %s: %s\n", file->name, strerror(errno));
            // error = 1;
            break;
        }
        bool extended_found = 0;
        //bool error = 0;
        for (int entry_id = ACL_FIRST_ENTRY; ; entry_id = ACL_NEXT_ENTRY) {
            acl_entry_t entry;
            errno = 0;
            int status = acl_get_entry(acl, entry_id, &entry);
            if (status == -1) {
                errorf("Error getting ACLs for %s: %s\n", file->name, strerror(errno));
                // XXX return -1 or '?' or something
                //error = 1;
                break;
            } else if (status == 0) {
                /* no more ACL entries */
                break;
            }
            acl_tag_t tag_type;
            status = acl_get_tag_type(entry, &tag_type);
            switch (tag_type) {
            case ACL_USER_OBJ: case ACL_GROUP_OBJ: case ACL_OTHER:
                break;
            default:
                extended_found = 1;
                break;
            }
            /* no acl_free_entry? */
            if (extended_found) break;
        }
        acl_free(acl);
        if (extended_found) return 1;
    }

    return 0;
}
コード例 #18
0
/*
 * remove ACL entries from an ACL
 */
int
remove_acl(acl_t acl, acl_t *prev_acl, const char *filename)
{
	acl_entry_t	entry;
	acl_t		acl_new;
	acl_tag_t	tag;
	int		carried_error, entry_id, acl_brand, prev_acl_brand;

	carried_error = 0;

	acl_get_brand_np(acl, &acl_brand);
	acl_get_brand_np(*prev_acl, &prev_acl_brand);

	if (branding_mismatch(acl_brand, prev_acl_brand)) {
		warnx("%s: branding mismatch; existing ACL is %s, "
		    "entry to be removed is %s", filename,
		    brand_name(prev_acl_brand), brand_name(acl_brand));
		return (-1);
	}

	carried_error = 0;

	acl_new = acl_dup(*prev_acl);
	if (acl_new == NULL)
		err(1, "%s: acl_dup() failed", filename);

	tag = ACL_UNDEFINED_TAG;

	/* find and delete the entry */
	entry_id = ACL_FIRST_ENTRY;
	while (acl_get_entry(acl, entry_id, &entry) == 1) {
		entry_id = ACL_NEXT_ENTRY;
		if (acl_get_tag_type(entry, &tag) == -1)
			err(1, "%s: acl_get_tag_type() failed", filename);
		if (tag == ACL_MASK)
			have_mask++;
		if (acl_delete_entry(acl_new, entry) == -1) {
			carried_error++;
			warnx("%s: cannot remove non-existent ACL entry",
			    filename);
		}
	}

	acl_free(*prev_acl);
	*prev_acl = acl_new;

	if (carried_error)
		return (-1);

	return (0);
}
コード例 #19
0
ファイル: acl.c プロジェクト: Distrotech/netatalk
/*!
 * Remove any ACL_USER, ACL_GROUP, ACL_MASK or ACL_TYPE_DEFAULT ACEs from an object
 *
 * @param name  (r) filesystem object name
 *
 * @returns AFP error code, AFP_OK (= 0) on success, AFPERR_MISC on error
 */
int remove_acl_vfs(const char *name)
{
    EC_INIT;

    struct stat st;
    acl_t acl = NULL;
    acl_entry_t e;
    acl_tag_t tag;
    int entry_id = ACL_FIRST_ENTRY;


    /* Remove default ACL if it's a dir */
    EC_ZERO_ERR(stat(name, &st), AFPERR_MISC);
    if (S_ISDIR(st.st_mode)) {
        EC_NULL_LOG_ERR(acl = acl_init(0), AFPERR_MISC);
        EC_ZERO_LOG_ERR(acl_set_file(name, ACL_TYPE_DEFAULT, acl), AFPERR_MISC);
        EC_ZERO_LOG_ERR(acl_free(acl), AFPERR_MISC);
        acl = NULL;
    }

    /* Now get ACL and remove ACL_MASK, ACL_USER or ACL_GROUP entries, then re-set
     * the ACL again. acl_calc_mask() must not be called because there is no need
     * for an ACL_MASK entry in a basic ACL. */
    EC_NULL_LOG_ERR(acl = acl_get_file(name, ACL_TYPE_ACCESS), AFPERR_MISC);
    for ( ; acl_get_entry(acl, entry_id, &e) == 1; entry_id = ACL_NEXT_ENTRY) {
        EC_ZERO_LOG_ERR(acl_get_tag_type(e, &tag), AFPERR_MISC);
        if (tag == ACL_USER || tag == ACL_GROUP || tag == ACL_MASK)
            EC_ZERO_LOG_ERR(acl_delete_entry(acl, e), AFPERR_MISC);
    }
    EC_ZERO_LOG_ERR(acl_valid(acl), AFPERR_MISC);
    EC_ZERO_LOG_ERR(acl_set_file(name, ACL_TYPE_ACCESS, acl), AFPERR_MISC);

EC_CLEANUP:
    if (errno == ENOENT) EC_STATUS(0);
    if (acl) acl_free(acl);

    EC_EXIT;
}
コード例 #20
0
ファイル: winacl.c プロジェクト: Arcko/freenas
/* merge two acl entries together if the qualifier is the same */
static int
merge_user_group(acl_entry_t *entry1, acl_entry_t *entry2)
{
	acl_permset_t permset;
	acl_entry_type_t entry_type;
	acl_flagset_t flagset;
	uid_t *id1, *id2;
	int rval = 0;

	if ((id1 = acl_get_qualifier(*entry1)) == NULL)
		err(EX_OSERR, "acl_get_qualifier() failed");
	if ((id2 = acl_get_qualifier(*entry2)) == NULL)
		err(EX_OSERR, "acl_get_qualifier() failed");
	if (*id1 == *id2) {
		merge_acl_entries(entry1, entry2);
		rval = 1;
	}

	acl_free(id1);
	acl_free(id2);

	return (rval);
}
コード例 #21
0
ファイル: vfs_posixacl.c プロジェクト: 0x24bin/winexe-1
SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle,
				  files_struct *fsp)
{
	struct smb_acl_t *result;
	acl_t acl = acl_get_fd(fsp->fh->fd);

	if (acl == NULL) {
		return NULL;
	}

	result = smb_acl_to_internal(acl);
	acl_free(acl);
	return result;
}
コード例 #22
0
ファイル: remove.c プロジェクト: genua/anoubis_os
/*
 * remove default entries
 */
int
remove_default(acl_t *prev_acl)
{
	if (prev_acl[1]) {
		acl_free(prev_acl[1]);
		prev_acl[1] = acl_init(ACL_MAX_ENTRIES);
		if (prev_acl[1] == NULL)
			err(1, "acl_init() failed");
	} else {
		warn("cannot remove default ACL");
		return (-1);
	}

	return (0);
}
コード例 #23
0
/* Set the access control list of path to the permissions defined by mode.  */
static int
set_acl_fd (char const *path, int fd, mode_t mode, struct error_context *ctx)
{
	int ret = 0;
#if defined(HAVE_ACL_FROM_MODE) && defined(HAVE_ACL_SET_FD)
	/* POSIX 1003.1e draft 17 (abandoned) specific version.  */
	acl_t acl = acl_from_mode (mode);
	if (!acl) {
		error (ctx, "");
		return -1;
	}

	if (acl_set_fd (fd, acl) != 0) {
		ret = -1;
		if (errno == ENOTSUP || errno == ENOSYS) {
			(void) acl_free (acl);
			goto chmod_only;
		} else {
			const char *qpath = quote (ctx, path);
			error (ctx, _("setting permissions for %s"), qpath);
			quote_free (ctx, qpath);
		}
	}
	(void) acl_free (acl);
	return ret;
#endif

chmod_only:
	ret = fchmod (fd, mode);
	if (ret != 0) {
		const char *qpath = quote (ctx, path);
		error (ctx, _("setting permissions for %s"), qpath);
		quote_free (ctx, qpath);
	}
	return ret;
}
コード例 #24
0
int
remove_by_number(uint entry_number, acl_t *prev_acl, const char *filename)
{
	acl_entry_t	entry;
	acl_t		acl_new;
	acl_tag_t	tag;
	int		carried_error, entry_id;
	uint		i;

	carried_error = 0;

	acl_new = acl_dup(*prev_acl);
	if (acl_new == NULL)
		err(1, "%s: acl_dup() failed", filename);

	tag = ACL_UNDEFINED_TAG;

	/*
	 * Find out whether we're removing the mask entry,
	 * to behave the same as the routine above.
	 *
	 * XXX: Is this loop actually needed?
	 */
	entry_id = ACL_FIRST_ENTRY;
	i = 0;
	while (acl_get_entry(acl_new, entry_id, &entry) == 1) {
		entry_id = ACL_NEXT_ENTRY;
		if (i != entry_number)
			continue;
		if (acl_get_tag_type(entry, &tag) == -1)
			err(1, "%s: acl_get_tag_type() failed", filename);
		if (tag == ACL_MASK)
			have_mask++;
	}

	if (acl_delete_entry_np(acl_new, entry_number) == -1) {
		carried_error++;
		warn("%s: acl_delete_entry_np() failed", filename);
	}

	acl_free(*prev_acl);
	*prev_acl = acl_new;

	if (carried_error)
		return (-1);

	return (0);
}
コード例 #25
0
ファイル: uacl.c プロジェクト: nshrine/jfacl
aclent_t getentry(acl_entry_t acl_entry, struct stat st, int acl_default) 
{	
	aclent_t aclent;
	
	acl_tag_t e_type;
	acl_get_tag_type(acl_entry, &e_type);	
	acl_permset_t permset;
	acl_get_permset(acl_entry, &permset);
	void *qualifier = acl_get_qualifier(acl_entry);
	
	aclent.a_perm = getmode(permset);
	
	switch(e_type) {
		case ACL_USER_OBJ:
			aclent.a_id = st.st_uid;
			break;
			
		case ACL_USER:
			aclent.a_id = *(uid_t*)qualifier;			
			break;
			
		case ACL_GROUP_OBJ:
			aclent.a_id = st.st_gid;
			break;
			
		case ACL_GROUP:
			aclent.a_id = *(gid_t*)qualifier;
			break;
			
		case ACL_MASK:
			aclent.a_id = -1;
			break;
			
		case ACL_OTHER:
			aclent.a_id = -1;
			break;
	}
	
	aclent.a_type = e_type | acl_default;
	
	if(qualifier != NULL) {
		acl_free(qualifier);
	}
	
	return aclent;
}
コード例 #26
0
ファイル: winacl.c プロジェクト: Arcko/freenas
/* create directory and file ACL's */
static void
make_acls(struct windows_acl_info *w)
{
	char *ptr;
	char buf[8192];
	acl_t acl;

	/* set defaults if none specified */
	if (w->flags & WA_RESET) {
		if (w->owner_entry == NULL)
			setarg(&w->owner_entry, WA_ENTRY_OWNER);
		if (w->group_entry == NULL)
			setarg(&w->group_entry, WA_ENTRY_GROUP);
		if (w->everyone_entry == NULL)
			setarg(&w->everyone_entry, WA_ENTRY_EVERYONE);
	}

	/* create an acl string */
	ptr = &buf[0];
	if (w->owner_entry != NULL)
		copyarg(&ptr, w->owner_entry);
	if (w->group_entry != NULL)
		copyarg(&ptr, w->group_entry);
	if (w->everyone_entry != NULL)
		copyarg(&ptr, w->everyone_entry);

	/* turn our acl string into an acl */
	if ((acl = acl_from_text(buf)) == NULL)
		err(EX_OSERR, "acl_from_text() failed");

	/* create a directory acl */
	if (w->flags & WA_DIRECTORIES) {
		if ((w->dacl = acl_dup(acl)) == NULL)
			err(EX_OSERR, "acl_dup() failed");
	}

	/* create a file acl */
	if (w->flags & WA_FILES) {
		if ((w->facl = acl_dup(acl)) == NULL)
			err(EX_OSERR, "acl_dup() failed");
		remove_inherit_flags(&w->facl);
	}

	acl_free(acl);
}
コード例 #27
0
ファイル: acl_get.c プロジェクト: genua/anoubis_os
acl_t
acl_get_fd_np(int fd, acl_type_t type)
{
	acl_t	aclp;
	int	error;

	aclp = acl_init(ACL_MAX_ENTRIES);
	if (aclp == NULL)
		return (NULL);

	error = __acl_get_fd(fd, type, &aclp->ats_acl);
	if (error) {
		acl_free(aclp);
		return (NULL);
	}

	return (aclp);
}
コード例 #28
0
ファイル: acl_get.c プロジェクト: genua/anoubis_os
acl_t
acl_get_link_np(const char *path_p, acl_type_t type)
{
	acl_t	aclp;
	int	error;

	aclp = acl_init(ACL_MAX_ENTRIES);
	if (aclp == NULL)
		return (NULL);

	error = __acl_get_link(path_p, type, &aclp->ats_acl);
	if (error) {
		acl_free(aclp);
		return (NULL);
	}

	return (aclp);
}
コード例 #29
0
ファイル: acltext.c プロジェクト: apprisi/illumos-gate
aclent_t *
aclfromtext(char *aclstr, int *aclcnt)
{
	acl_t *aclp;
	aclent_t *aclentp;
	int error;

	error = acl_fromtext(aclstr, &aclp);
	if (error)
		return (NULL);

	aclentp = aclp->acl_aclp;
	aclp->acl_aclp = NULL;
	*aclcnt = aclp->acl_cnt;

	acl_free(aclp);
	return (aclentp);
}
コード例 #30
0
ファイル: acl_get.c プロジェクト: genua/anoubis_os
acl_t
acl_get_fd(int fd)
{
	acl_t	aclp;
	int	error;

	aclp = acl_init(ACL_MAX_ENTRIES);
	if (aclp == NULL)
		return (NULL);

	error = __acl_get_fd(fd, ACL_TYPE_ACCESS, &aclp->ats_acl);
	if (error) {
		acl_free(aclp);
		return (NULL);
	}

	return (aclp);
}