JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* setfacl.c (addmissing): New function to add missing acl entries to

Browse Source 
a modified acl per the rules set by aclcheck.
	(setfacl): Call addmissing unless action is Delete.
This commit is contained in:
Corinna Vinschen
2014-09-03 12:44:05 +00:00
parent 3e61dde3f1
commit ef1e66cfbf
2 changed files with 71 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
winsup/utils/ChangeLog
View File

@@ -1,3 +1,9 @@
2014-09-03 Corinna Vinschen <corinna@vinschen.de>
* setfacl.c (addmissing): New function to add missing acl entries to
a modified acl per the rules set by aclcheck.
(setfacl): Call addmissing unless action is Delete.
2014-09-03 Corinna Vinschen <corinna@vinschen.de> 2014-09-03 Corinna Vinschen <corinna@vinschen.de>
* setfacl.c (getaclentry): Fix previous fix again. Allow lone 'm' as * setfacl.c (getaclentry): Fix previous fix again. Allow lone 'm' as

65
winsup/utils/setfacl.c
View File

@@ -266,6 +266,70 @@ modacl (aclent_t *tgt, int tcnt, aclent_t *src, int scnt)
return tcnt; return tcnt;
} }
int
addmissing (aclent_t *tgt, int tcnt)
{
int t;
int types = 0, def_types = 0;
int perm = 0, def_perm = 0;
/* Check if we have all the required entries now. */
for (t = 0; t < tcnt; ++t)
if (tgt[t].a_type & ACL_DEFAULT)
{
def_types |= tgt[t].a_type;
if (tgt[t].a_type & (USER | GROUP | GROUP_OBJ))
def_perm |= tgt[t].a_perm;
}
else
{
types |= tgt[t].a_type;
if (tgt[t].a_type & (USER | GROUP | GROUP_OBJ))
perm |= tgt[t].a_perm;
}
/* Add missing CLASS_OBJ */
if ((types & (USER | GROUP)) && !(types & CLASS_OBJ))
{
tgt[tcnt].a_type = CLASS_OBJ;
tgt[tcnt].a_id = (uid_t) -1;
tgt[tcnt++].a_perm = perm;
}
if (def_types)
{
/* Add missing default entries. */
if (!(def_types & USER_OBJ) && tcnt < MAX_ACL_ENTRIES)
{
t = searchace (tgt, tcnt, USER_OBJ, -1);
tgt[tcnt].a_type = DEF_USER_OBJ;
tgt[tcnt].a_id = (uid_t) -1;
tgt[tcnt++].a_perm = t >= 0 ? tgt[t].a_perm : S_IRWXO;
}
if (!(def_types & GROUP_OBJ) && tcnt < MAX_ACL_ENTRIES)
{
t = searchace (tgt, tcnt, GROUP_OBJ, -1);
tgt[tcnt].a_type = DEF_GROUP_OBJ;
tgt[tcnt].a_id = (uid_t) -1;
tgt[tcnt].a_perm = t >= 0 ? tgt[t].a_perm : (S_IROTH | S_IXOTH);
def_perm |= tgt[tcnt++].a_perm;
}
if (!(def_types & OTHER_OBJ) && tcnt < MAX_ACL_ENTRIES)
{
t = searchace (tgt, tcnt, OTHER_OBJ, -1);
tgt[tcnt].a_type = DEF_OTHER_OBJ;
tgt[tcnt].a_id = (uid_t) -1;
tgt[tcnt++].a_perm = t >= 0 ? tgt[t].a_perm : (S_IROTH | S_IXOTH);
}
/* Add missing DEF_CLASS_OBJ */
if ((def_types & (USER | GROUP)) && !(def_types & CLASS_OBJ))
{
tgt[tcnt].a_type = DEF_CLASS_OBJ;
tgt[tcnt].a_id = (uid_t) -1;
tgt[tcnt++].a_perm = def_perm;
}
}
return tcnt;
}
int int
setfacl (action_t action, char *path, aclent_t *acls, int cnt) setfacl (action_t action, char *path, aclent_t *acls, int cnt)
{ {
@@ -283,6 +347,7 @@ setfacl (action_t action, char *path, aclent_t *acls, int cnt)
} }
else if ((lcnt = acl (path, GETACL, MAX_ACL_ENTRIES, lacl)) < 0 else if ((lcnt = acl (path, GETACL, MAX_ACL_ENTRIES, lacl)) < 0
|| (lcnt = modacl (lacl, lcnt, acls, cnt)) < 0 || (lcnt = modacl (lacl, lcnt, acls, cnt)) < 0
|| (action != Delete && (lcnt = addmissing (lacl, lcnt)) < 0)
|| (lcnt = acl (path, SETACL, lcnt, lacl)) < 0) || (lcnt = acl (path, SETACL, lcnt, lacl)) < 0)
{ {
perror (prog_name); perror (prog_name);