Changeset View
Changeset View
Standalone View
Standalone View
bin/setfacl/setfacl.c
Show First 20 Lines • Show All 70 Lines • ▼ Show 20 Lines | |||||
static bool H_flag = false; | static bool H_flag = false; | ||||
static bool L_flag = false; | static bool L_flag = false; | ||||
static bool R_flag = false; | static bool R_flag = false; | ||||
static acl_type_t acl_type = ACL_TYPE_ACCESS; | static acl_type_t acl_type = ACL_TYPE_ACCESS; | ||||
static void usage(void); | static void usage(void); | ||||
static char **get_files_from_stdin(void); | static char **get_files_from_stdin(void); | ||||
static acl_t sanitize_inheritance(const FTSENT *file, acl_t acl); | |||||
static int handle_file(FTS *ftsp, FTSENT *file); | static int handle_file(FTS *ftsp, FTSENT *file); | ||||
static void | static void | ||||
usage(void) | usage(void) | ||||
{ | { | ||||
fprintf(stderr, "usage: setfacl [-R [-H | -L | -P]] [-bdhkn] " | fprintf(stderr, "usage: setfacl [-R [-H | -L | -P]] [-bdhkn] " | ||||
"[-a position entries] [-m entries] [-M file] " | "[-a position entries] [-m entries] [-M file] " | ||||
Show All 34 Lines | get_files_from_stdin(void) | ||||
} | } | ||||
/* fts_open() requires the last array element to be NULL. */ | /* fts_open() requires the last array element to be NULL. */ | ||||
files_list[i] = NULL; | files_list[i] = NULL; | ||||
return (files_list); | return (files_list); | ||||
} | } | ||||
static acl_t | |||||
sanitize_inheritance(const FTSENT *file, acl_t acl) | |||||
emaste: This should probably have a comment to give more information about what is meant by "sanitize". | |||||
{ | |||||
acl_t acl_new; | |||||
Not Done Inline ActionsThis should probably be documented in the man page. markj: This should probably be documented in the man page. | |||||
acl_entry_t acl_entry; | |||||
acl_flagset_t acl_flagset; | |||||
int acl_brand, entry_id; | |||||
acl_get_brand_np(acl, &acl_brand); | |||||
if (acl_brand != ACL_BRAND_NFS4) | |||||
return (acl); | |||||
if (file->fts_info == FTS_D) | |||||
return (acl); | |||||
acl_new = acl_dup(acl); | |||||
if (acl_new == (acl_t)NULL) | |||||
return ((acl_t)NULL); | |||||
Not Done Inline ActionsThe callers are already checking R_flag, this is redundant. markj: The callers are already checking R_flag, this is redundant. | |||||
entry_id = ACL_FIRST_ENTRY; | |||||
while (acl_get_entry(acl_new, entry_id, &acl_entry) == 1) { | |||||
entry_id = ACL_NEXT_ENTRY; | |||||
acl_get_flagset_np(acl_entry, &acl_flagset); | |||||
if (acl_get_flag_np(acl_flagset, ACL_ENTRY_INHERIT_ONLY)) { | |||||
Not Done Inline Actionsacl_flagset will be left uninitialized if an error occurs. This may not be possible in practice, but we should handle it anyway. markj: acl_flagset will be left uninitialized if an error occurs. This may not be possible in practice… | |||||
acl_delete_entry(acl_new, acl_entry); | |||||
continue; | |||||
} | |||||
acl_delete_flag_np(acl_flagset, ACL_ENTRY_FILE_INHERIT | |||||
| ACL_ENTRY_DIRECTORY_INHERIT | |||||
Not Done Inline ActionsDon't we also need to call acl_set_flagset_np()? This call is just modifying a stack-local variable. markj: Don't we also need to call acl_set_flagset_np()? This call is just modifying a stack-local… | |||||
Not Done Inline ActionsIgnore this, I misunderstood the API: acl_flagset_t is a uint16_t *, not a uint16_t. markj: Ignore this, I misunderstood the API: acl_flagset_t is a uint16_t *, not a uint16_t. | |||||
| ACL_ENTRY_NO_PROPAGATE_INHERIT); | |||||
Done Inline Actionsstyle(9) puts the operator at the end of the line when wrapping is necessary emaste: style(9) puts the operator at the end of the line when wrapping is necessary | |||||
} | |||||
return (acl_new); | |||||
} | |||||
static int | static int | ||||
handle_file(FTS *ftsp, FTSENT *file) | handle_file(FTS *ftsp, FTSENT *file) | ||||
{ | { | ||||
acl_t acl; | acl_t acl, acl_backup; | ||||
acl_entry_t unused_entry; | acl_entry_t unused_entry; | ||||
int local_error, ret; | int local_error, ret; | ||||
struct sf_entry *entry; | struct sf_entry *entry; | ||||
bool follow_symlink; | bool follow_symlink; | ||||
local_error = 0; | local_error = 0; | ||||
acl_backup = NULL; | |||||
switch (file->fts_info) { | switch (file->fts_info) { | ||||
case FTS_D: | case FTS_D: | ||||
/* Do not recurse if -R not specified. */ | /* Do not recurse if -R not specified. */ | ||||
if (!R_flag) | if (!R_flag) | ||||
fts_set(ftsp, file, FTS_SKIP); | fts_set(ftsp, file, FTS_SKIP); | ||||
break; | break; | ||||
case FTS_DP: | case FTS_DP: | ||||
/* Skip the second visit to a directory. */ | /* Skip the second visit to a directory. */ | ||||
▲ Show 20 Lines • Show All 48 Lines • ▼ Show 20 Lines | handle_file(FTS *ftsp, FTSENT *file) | ||||
/* Cycle through each option. */ | /* Cycle through each option. */ | ||||
TAILQ_FOREACH(entry, &entrylist, next) { | TAILQ_FOREACH(entry, &entrylist, next) { | ||||
if (local_error) | if (local_error) | ||||
continue; | continue; | ||||
switch(entry->op) { | switch(entry->op) { | ||||
case OP_ADD_ACL: | case OP_ADD_ACL: | ||||
acl_backup = entry->acl; | |||||
if (R_flag && acl_type == ACL_TYPE_NFS4) { | |||||
if ((entry->acl = sanitize_inheritance(file, | |||||
entry->acl)) == (acl_t)NULL) { | |||||
local_error++; | |||||
break; | |||||
} | |||||
} | |||||
local_error += add_acl(entry->acl, entry->entry_number, | local_error += add_acl(entry->acl, entry->entry_number, | ||||
&acl, file->fts_path); | &acl, file->fts_path); | ||||
if (entry->acl != acl_backup) { | |||||
acl_free(entry->acl); | |||||
entry->acl = acl_backup; | |||||
} | |||||
break; | break; | ||||
case OP_MERGE_ACL: | case OP_MERGE_ACL: | ||||
acl_backup = entry->acl; | |||||
if (R_flag && acl_type == ACL_TYPE_NFS4) { | |||||
if ((entry->acl = sanitize_inheritance(file, | |||||
entry->acl)) == (acl_t)NULL) { | |||||
local_error++; | |||||
break; | |||||
} | |||||
} | |||||
local_error += merge_acl(entry->acl, &acl, | local_error += merge_acl(entry->acl, &acl, | ||||
file->fts_path); | file->fts_path); | ||||
if (entry->acl != acl_backup) { | |||||
acl_free(entry->acl); | |||||
entry->acl = acl_backup; | |||||
} | |||||
need_mask = 1; | need_mask = 1; | ||||
break; | break; | ||||
case OP_REMOVE_EXT: | case OP_REMOVE_EXT: | ||||
/* | /* | ||||
* Don't try to call remove_ext() for empty | * Don't try to call remove_ext() for empty | ||||
* default ACL. | * default ACL. | ||||
*/ | */ | ||||
if (acl_type == ACL_TYPE_DEFAULT && | if (acl_type == ACL_TYPE_DEFAULT && | ||||
▲ Show 20 Lines • Show All 233 Lines • Show Last 20 Lines |
This should probably have a comment to give more information about what is meant by "sanitize".