int
acl_readonly_example(uuid_t *uuid)
{
int fd;
acl_t acl;
acl_entry_t ace;
acl_permset_t perms;
filesec_t fsec;
/* initialize our ACL */
if (NULL == (acl = acl_init(32)))
err(1, "acl_init()");
/*
* create an ACE
*
* acl_create_entry_np() has a position capability via the
* 'entry_index' argument (ACL_FIRST_ENTRY or ACL_LAST_ENTRY)
*/
if (0 != acl_create_entry(&acl, &ace))
err(1, "acl_create_entry()");
/* allow or deny */
if (0 != acl_set_tag_type(ace, ACL_EXTENDED_ALLOW))
err(1, "acl_set_tag_type()");
/* associate this with our uuid */
if (0 != acl_set_qualifier(ace, uuid))
err(1, "acl_set_qualifier()");
/* grant "read only" permissions */
if (0 != acl_get_permset(ace, &perms))
err(1, "acl_get_permset()");
if (0 != acl_clear_perms(perms))
err(1, "acl_clear_perms()");
if (0 != acl_add_perm(perms, ROPERMS))
err(1, "acl_add_perm()");
if (0 != acl_set_permset(ace, perms))
err(1, "acl_set_permset()");
/* create a file security object */
fsec = filesec_init();
/* add the ACL to the security descriptor */
filesec_set_property(fsec, FILESEC_ACL, &acl);
acl_free(acl);
/* turn off all other permissions on the file */
filesec_set_property(fsec, FILESEC_MODE, 0);
/* create a file using our ACL */
fd = openx_np("foo", O_CREAT|O_EXCL|O_RDWR, fsec);
/* clean up */
filesec_free(fsec);
if (-1 != fd )
close(fd);
return(fd);
}
int
modify_file_acl(unsigned int optflags, const char *path, acl_t modifier, int position, int inheritance_level, int follow) {
acl_t oacl = NULL;
unsigned aindex = 0, flag_new_acl = 0;
acl_entry_t newent = NULL;
acl_entry_t entry = NULL;
unsigned retval = 0;
extern int chmod_fflag;
/* XXX acl_get_file() returns a zero entry ACL if an ACL was previously
* associated with the file, and has had its entries removed.
* However, POSIX 1003.1e states that a zero entry ACL should be
* returned if the caller asks for ACL_TYPE_DEFAULT, and no ACL is
* associated with the path; it
* does not specifically state that a request for ACL_TYPE_EXTENDED
* should not return a zero entry ACL, however.
*/
/* Determine if we've been given a zero entry ACL, or create an ACL if
* none exists. There are some issues to consider here: Should we create
* a zero-entry ACL for a delete or check canonicity operation?
*/
if (path == NULL)
chmod_usage();
if (optflags & ACL_CLEAR_FLAG) {
filesec_t fsec = filesec_init();
if (fsec == NULL) {
// err(1, "filesec_init() failed");
fprintf(stderr, "chmod: filesec_init() failed: %s\n", strerror(errno));
pthread_exit(NULL);
}
if (filesec_set_property(fsec, FILESEC_ACL, _FILESEC_REMOVE_ACL) != 0) {
// err(1, "filesec_set_property() failed");
fprintf(stderr, "chmod: filesec_set_property() failed: %s\n", strerror(errno));
pthread_exit(NULL);
}
if (follow) {
if (chmodx_np(path, fsec) != 0) {
if (!chmod_fflag) {
// warn("Failed to clear ACL on file %s", path);
fprintf(stderr, "chmod: Failed to clear ACL on file %s: %s\n", path, strerror(errno));
}
retval = 1;
}
} else {
int fd = open(path, O_SYMLINK);
if (fd != -1) {
if (fchmodx_np(fd, fsec) != 0) {
if (!chmod_fflag) {
fprintf(stderr, "chmod: Failed to clear ACL on file %s: %s\n", path, strerror(errno));
// warn("Failed to clear ACL on file %s", path);
}
retval = 1;
}
close(fd);
} else {
if (!chmod_fflag) {
// warn("Failed to open file %s", path);
fprintf(stderr, "chmod: Failed to open file %s: %s\n", path, strerror(errno));
}
retval = 1;
}
}
filesec_free(fsec);
return (retval);
}
if (optflags & ACL_FROM_STDIN) {
oacl = acl_dup(modifier);
} else {
if (follow) {
oacl = acl_get_file(path, ACL_TYPE_EXTENDED);
} else {
int fd = open(path, O_SYMLINK);
if (fd != -1) {
oacl = acl_get_fd_np(fd, ACL_TYPE_EXTENDED);
close(fd);
}
}
if ((oacl == NULL) ||
(acl_get_entry(oacl,ACL_FIRST_ENTRY, &newent) != 0)) {
if ((oacl = acl_init(1)) == NULL) {
// err(1, "acl_init() failed");
fprintf(stderr, "chmod: acl_init() failed: %s\n", strerror(errno));
pthread_exit(NULL);
}
flag_new_acl = 1;
position = 0;
}
if ((0 == flag_new_acl) && (optflags & (ACL_REMOVE_INHERIT_FLAG |
ACL_REMOVE_INHERITED_ENTRIES))) {
acl_t facl = NULL;
if ((facl = acl_init(1)) == NULL) {
//err(1, "acl_init() failed");
fprintf(stderr, "chmod: acl_init() failed: %s\n", strerror(errno));
pthread_exit(NULL);
}
for (aindex = 0;
acl_get_entry(oacl,
(entry == NULL ? ACL_FIRST_ENTRY :
ACL_NEXT_ENTRY), &entry) == 0;
aindex++) {
acl_flagset_t eflags;
acl_entry_t fent = NULL;
if (acl_get_flagset_np(entry, &eflags) != 0) {
fprintf(stderr, "chmod: Unable to obtain flagset: %s\n", strerror(errno));
pthread_exit(NULL);
// err(1, "Unable to obtain flagset");
}
if (acl_get_flag_np(eflags, ACL_ENTRY_INHERITED)) {
if (optflags & ACL_REMOVE_INHERIT_FLAG) {
acl_delete_flag_np(eflags, ACL_ENTRY_INHERITED);
acl_set_flagset_np(entry, eflags);
acl_create_entry(&facl, &fent);
acl_copy_entry(fent, entry);
}
}
else {
acl_create_entry(&facl, &fent);
acl_copy_entry(fent, entry);
}
}
if (oacl)
acl_free(oacl);
oacl = facl;
} else if (optflags & ACL_TO_STDOUT) {
ssize_t len; /* need to get printacl() from ls(1) */
char *text = acl_to_text(oacl, &len);
puts(text);
acl_free(text);
} else if (optflags & ACL_CHECK_CANONICITY) {
if (flag_new_acl) {
// warnx("No ACL currently associated with file '%s'", path);
fprintf(stderr, "chmod: No ACL currently associated with file '%s'\n", path);
}
retval = is_canonical(oacl);
} else if ((optflags & ACL_SET_FLAG) && (position == -1) &&
(!is_canonical(oacl))) {
// warnx("The specified file '%s' does not have an ACL in canonical order, please specify a position with +a# ", path);
fprintf(stderr, "chmod: The specified file '%s' does not have an ACL in canonical order, please specify a position with +a# \n", path);
retval = 1;
} else if (((optflags & ACL_DELETE_FLAG) && (position != -1))
|| (optflags & ACL_CHECK_CANONICITY)) {
retval = modify_acl(&oacl, NULL, optflags, position,
inheritance_level, flag_new_acl, path);
} else if ((optflags & (ACL_REMOVE_INHERIT_FLAG|ACL_REMOVE_INHERITED_ENTRIES)) && flag_new_acl) {
// warnx("No ACL currently associated with file '%s'", path);
fprintf(stderr, "chmod: No ACL currently associated with file '%s'\n", path);
retval = 1;
} else {
if (!modifier) { /* avoid bus error in acl_get_entry */
// errx(1, "Internal error: modifier should not be NULL");
fprintf(stderr, "Internal error: modifier should not be NULL\n");
pthread_exit(NULL);
}
for (aindex = 0;
acl_get_entry(modifier,
(entry == NULL ? ACL_FIRST_ENTRY :
ACL_NEXT_ENTRY), &entry) == 0;
aindex++) {
retval += modify_acl(&oacl, entry, optflags,
position, inheritance_level,
flag_new_acl, path);
}
}
}
/* XXX Potential race here, since someone else could've modified or
* read the ACL on this file (with the intention of modifying it) in
* the interval from acl_get_file() to acl_set_file(); we can
* minimize one aspect of this window by comparing the original acl
* to a fresh one from acl_get_file() but we could consider a
* "changeset" mechanism, common locking strategy, or kernel
* supplied reservation mechanism to prevent this race.
*/
if (!(optflags & (ACL_TO_STDOUT|ACL_CHECK_CANONICITY))) {
int status = -1;
if (follow) {
status = acl_set_file(path, ACL_TYPE_EXTENDED, oacl);
} else {
int fd = open(path, O_SYMLINK);
if (fd != -1) {
status = acl_set_fd_np(fd, oacl,
ACL_TYPE_EXTENDED);
close(fd);
}
}
if (status != 0) {
if (!chmod_fflag)
fprintf(stderr, "chmod: Failed to set ACL on file '%s': %s\n", path, strerror(errno));
// warn("Failed to set ACL on file '%s'", path);
retval = 1;
}
}
if (oacl)
acl_free(oacl);
return retval;
}
