+/*
+ Bacula® - The Network Backup Solution
+
+ Copyright (C) 2004-2008 Free Software Foundation Europe e.V.
+
+ The main author of Bacula is Kern Sibbald, with contributions from
+ many others, a complete list can be found in the file AUTHORS.
+ This program is Free Software; you can redistribute it and/or
+ modify it under the terms of version two of the GNU General Public
+ License as published by the Free Software Foundation and included
+ in the file LICENSE.
+
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301, USA.
+
+ Bacula® is a registered trademark of Kern Sibbald.
+ The licensor of Bacula is the Free Software Foundation Europe
+ (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
+ Switzerland, email:ftf@fsfeurope.org.
+*/
/*
* Functions to handle ACL for bacula.
*
* Version $Id$
*/
-#ifdef xxxxxxx
-
-Remove fprintf() and actuallyfree and fix POOLMEM coding
-
-Pass errmsg buffer and a length or a POOLMEM buffer
-into subroutine rather than malloc in
-subroutine and free() in higher level routine, which causes
-memory leaks if you forget to free.
#ifndef TEST_PROGRAM
+
#include "bacula.h"
#include "filed.h"
-#else
-/*
- * Compile and set up with eg. with eg.
- *
- * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c
- * $ ln -s acl aclcp
- *
- * You can then list ACLs with acl and copy them with aclcp.
- *
- * For a list of compiler flags, see the list preceding the big #if below.
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include "acl.h"
-#define POOLMEM char
-#define bstrdup strdup
-#define actuallyfree(x) free(x)
-int aclls(char *fname);
-int aclcp(char *src, char *dst);
+
#endif
/*
*/
#if !defined(HAVE_ACL) /* ACL support is required, of course */ \
|| !( defined(HAVE_AIX_OS) /* man page -- may need flags */ \
- || defined(HAVE_FREEBSD_OS) /* tested -- compile wihtout flags */ \
+ || defined(HAVE_FREEBSD_OS) /* tested -- compile without flags */ \
+ || defined(HAVE_DARWIN_OS) /* tested -- compile without flags */ \
|| defined(HAVE_IRIX_OS) /* man page -- compile without flags */ \
|| defined(HAVE_OSF1_OS) /* man page -- may need -lpacl */ \
|| defined(HAVE_LINUX_OS) /* tested -- compile with -lacl */ \
|| defined(HAVE_HPUX_OS) /* man page -- may need flags */ \
|| defined(HAVE_SUN_OS) /* tested -- compile with -lsec */ \
)
-POOLMEM *bacl_get(char *fname, int acltype)
+/*
+ * ***FIXME***
+ * For now we abandon this test and only test for Linux:
+ * 1. This is backwards compatible.
+ * 2. If we allow any of the other now, we may have to provide conversion
+ * routines if we ever want to distinguish them. Or just do our best
+ * with what we have and give all ACL streams a new number/type.
+ */
+#endif
+
+#if !defined(HAVE_ACL) \
+ || !( defined(HAVE_LINUX_OS) \
+ || defined(HAVE_FREEBSD_OS) \
+ || defined(HAVE_DARWIN_OS) \
+ || defined(HAVE_IRIX_OS) \
+ || defined(HAVE_OSF1_OS) \
+ || defined(HAVE_SUN_OS) \
+ )
+
+/* bacl_get() returns the lenght of the string, or -1 on error. */
+int bacl_get(JCR *jcr, int acltype)
{
- return NULL;
+ Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n"));
+ return -1;
}
-int bacl_set(char *fname, int acltype, char *acltext)
+int bacl_set(JCR *jcr, int acltype)
{
+ Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n"));
return -1;
}
+
#elif defined(HAVE_AIX_OS)
+
#include <sys/access.h>
-POOLMEM *bacl_get(char *fname, int acltype)
+int bacl_get(JCR *jcr, int acltype)
{
- char *tmp;
- POOLMEM *acltext = NULL;
+ char *acl_text;
+ int len;
- if ((tmp = acl_get(fname)) != NULL) {
- acltext = bstrdup(tmp);
- actuallyfree(tmp);
+ if ((acl_text = acl_get(jcr->last_fname)) != NULL) {
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+ return len;
}
- return acltext;
+ return -1;
}
-int bacl_set(char *fname, int acltype, char *acltext)
+int bacl_set(JCR *jcr, int acltype)
{
- if (acl_put(fname, acltext, 0) != 0) {
+ if (acl_put(jcr->last_fname, jcr->acl_text, 0) != 0) {
return -1;
}
return 0;
}
#elif defined(HAVE_FREEBSD_OS) \
+ || defined(HAVE_DARWIN_OS) \
|| defined(HAVE_IRIX_OS) \
|| defined(HAVE_OSF1_OS) \
|| defined(HAVE_LINUX_OS)
+
#include <sys/types.h>
#include <sys/acl.h>
/* On IRIX we can get shortened ACLs */
#if defined(HAVE_IRIX_OS) && defined(BACL_WANT_SHORT_ACLS)
-#define acl_to_text(acl,len) acl_to_short_text((acl), (len))
+#define acl_to_text(acl,len) acl_to_short_text((acl), (len))
#endif
/* In Linux we can get numeric and/or shorted ACLs */
#if defined(HAVE_LINUX_OS)
#if defined(BACL_WANT_SHORT_ACLS) && defined(BACL_WANT_NUMERIC_IDS)
-#define BACL_ALTERNATE_TEXT (TEXT_ABBREVIATE|TEXT_NUMERIC_IDS)
+#define BACL_ALTERNATE_TEXT (TEXT_ABBREVIATE|TEXT_NUMERIC_IDS)
#elif defined(BACL_WANT_SHORT_ACLS)
-#define BACL_ALTERNATE_TEXT TEXT_ABBREVIATE
+#define BACL_ALTERNATE_TEXT TEXT_ABBREVIATE
#elif defined(BACL_WANT_NUMERIC_IDS)
-#define BACL_ALTERNATE_TEXT TEXT_NUMERIC_IDS
+#define BACL_ALTERNATE_TEXT TEXT_NUMERIC_IDS
#endif
#ifdef BACL_ALTERNATE_TEXT
#include <acl/libacl.h>
-#define acl_to_text(acl,len) ((len), acl_to_any_text((acl), NULL, ',', BACL_ALTERNATE_TEXT))
+#define acl_to_text(acl,len) (acl_to_any_text((acl), NULL, ',', BACL_ALTERNATE_TEXT))
#endif
#endif
-POOLMEM *bacl_get(char *fname, int acltype)
+int bacl_get(JCR *jcr, int acltype)
{
acl_t acl;
- int ostype;
- char *tmp;
- POOLMEM *acltext = NULL;
+ int len;
+ acl_type_t ostype;
+ char *acl_text;
ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS;
- acl = acl_get_file(fname, ostype);
+ acl = acl_get_file(jcr->last_fname, ostype);
if (acl) {
- if ((tmp = acl_to_text(acl, NULL)) != NULL) {
- acltext = bstrdup(tmp);
- acl_free(tmp);
+#if defined(HAVE_IRIX_OS)
+ /*
+ * From observation, IRIX's acl_get_file() seems to return a
+ * non-NULL acl with a count field of -1 when a file has no ACL
+ * defined, while IRIX's acl_to_text() returns NULL when presented
+ * with such an ACL.
+ *
+ * Checking the count in the acl structure before calling
+ * acl_to_text() lets us avoid error messages about files
+ * with no ACLs, without modifying the flow of the code used for
+ * other operating systems, and it saves making some calls
+ * to acl_to_text() besides.
+ */
+ if (acl->acl_cnt <= 0) {
+ acl_free(acl);
+ return 0;
}
+#endif
+ if ((acl_text = acl_to_text(acl, NULL)) != NULL) {
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ acl_free(acl);
+ acl_free(acl_text);
+ return len;
+ }
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_to_text error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acl_to_text error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
acl_free(acl);
+#ifndef HAVE_OSF1_OS /* BACL_ENOTSUP not defined for OSF1 */
+ } else if (errno == BACL_ENOTSUP) {
+ /* Not supported, just pretend there is nothing to see */
+ return pm_strcpy(jcr->acl_text, "");
+#endif
}
- return acltext;
+ /***** Do we really want to silently ignore errors from acl_get_file
+ and acl_to_text? *****/
+ return 0;
}
-int bacl_set(char *fname, int acltype, char *acltext)
+int bacl_set(JCR *jcr, int acltype)
{
acl_t acl;
- int ostype, stat;
+ acl_type_t ostype;
ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS;
- acl = acl_from_text(acltext);
+ /* If we get empty default ACLs, clear ACLs now */
+ if (ostype == ACL_TYPE_DEFAULT && strlen(jcr->acl_text) == 0) {
+ if (acl_delete_def_file(jcr->last_fname) == 0) {
+ return 0;
+ }
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_delete_def_file error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ return -1;
+ }
+
+ acl = acl_from_text(jcr->acl_text);
if (acl == NULL) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_from_text error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acl_from_text error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
return -1;
}
*/
#ifndef HAVE_FREEBSD_OS
if (acl_valid(acl) != 0) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("ac_valid error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acl_valid error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
acl_free(acl);
return -1;
}
#endif
- stat = acl_set_file(fname, ostype, acl);
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (acl_set_file(jcr->last_fname, ostype, acl) != 0 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_set_file error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acl_set_file error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
+ acl_free(acl);
+ return -1;
+ }
acl_free(acl);
- return stat;
+ return 0;
}
#elif defined(HAVE_HPUX_OS)
#include <sys/acl.h>
#include <acllib.h>
-POOLMEM *bacl_get(char *fname, int acltype)
+int bacl_get(JCR *jcr, int acltype)
{
- int n;
+ int n, len;
struct acl_entry acls[NACLENTRIES];
- char *tmp;
- POOLMEM *acltext = NULL;
+ char *acl_text;
- if ((n = getacl(fname, 0, acls)) <= 0) {
- return NULL;
+ if ((n = getacl(jcr->last_fname, 0, acls)) <= 0) {
+ if (errno == BACL_ENOTSUP) {
+ return pm_strcpy(jcr->acl_text, "");
+ }
+ return -1;
}
- if ((n = getacl(fname, n, acls)) > 0) {
- if ((tmp = acltostr(n, acls, FORM_SHORT)) != NULL) {
- acltext = bstrdup(tmp);
- actuallyfree(tmp);
+ if ((n = getacl(jcr->last_fname, n, acls)) > 0) {
+ if ((acl_text = acltostr(n, acls, FORM_SHORT)) != NULL) {
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+ return len;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acltostr error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acltostr error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
+ return -1;
}
- return acltext;
+ return -1;
}
-int bacl_set(char *fname, int acltype, char *acltext)
+int bacl_set(JCR *jcr, int acltype)
{
int n, stat;
struct acl_entry acls[NACLENTRIES];
- n = strtoacl(acltext, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP);
+ n = strtoacl(jcr->acl_text, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP);
if (n <= 0) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
return -1;
}
- if (strtoacl(acltext, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) {
+ if (strtoacl(jcr->acl_text, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
return -1;
}
- if (setacl(fname, n, acls) != 0) {
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (setacl(jcr->last_fname, n, acls) != 0 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("setacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "setacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
return -1;
}
return 0;
#elif defined(HAVE_SUN_OS)
#include <sys/acl.h>
-POOLMEM *bacl_get(char *fname, int acltype)
+/*
+ * As the new libsec interface with acl_totext and acl_fromtext also handles
+ * the old format from acltotext we can use the new functions even
+ * for acls retrieved and stored in the database with older fd versions. If the
+ * new interface is not defined (Solaris 9 and older we fall back to the old code)
+ */
+#if defined(HAVE_EXTENDED_ACL)
+int bacl_get(JCR *jcr, int acltype)
{
- int n;
+ int len, flags;
+ acl_t *aclp;
+ char *acl_text;
+
+ /*
+ * Get ACL info: don't bother allocating space if there is only a trivial ACL.
+ */
+ if (acl_get(jcr->last_fname, ACL_NO_TRIVIAL, &aclp) != 0)
+ return -1;
+
+ if (aclp == NULL) {
+ /* The ACLs simply reflect the (already known) standard permissions */
+ return pm_strcpy(jcr->acl_text, "");
+ }
+
+#if defined(ACL_SID_FMT)
+ /*
+ * New format flag added in newer Solaris versions.
+ */
+ flags = ACL_APPEND_ID | ACL_COMPACT_FMT | ACL_SID_FMT;
+#else
+ flags = ACL_APPEND_ID | ACL_COMPACT_FMT;
+#endif /* ACL_SID_FMT */
+
+ if ((acl_text = acl_totext(aclp, flags)) != NULL) {
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+
+ acl_free(aclp);
+
+ return len;
+ }
+
+ acl_free(aclp);
+
+ return -1;
+}
+
+/*
+ * As the header acl.h doesn't seem to define this one we need to.
+ */
+extern "C" {
+char *acl_strerror(int);
+}
+
+int bacl_set(JCR *jcr, int acltype)
+{
+ acl_t *aclp;
+ int error;
+
+ if ((error = acl_fromtext(jcr->acl_text, &aclp)) != 0) {
+ Jmsg2(jcr, M_ERROR, 0, _("acl_fromtext error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, acl_strerror(error));
+ Dmsg3(100, "acl_fromtext error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, acl_strerror(error));
+ return -1;
+ }
+
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if ((error = acl_set(jcr->last_fname, aclp)) == -1 && jcr->last_type != FT_LNK) {
+ Jmsg2(jcr, M_ERROR, 0, _("acl_set error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, acl_strerror(error));
+ Dmsg3(100, "acl_set error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, acl_strerror(error));
+
+ acl_free(aclp);
+ return -1;
+ }
+
+ acl_free(aclp);
+ return 0;
+}
+
+#else /* HAVE_EXTENDED_ACL */
+
+int bacl_get(JCR *jcr, int acltype)
+{
+ int n, len;
aclent_t *acls;
- char *tmp;
- POOLMEM *acltext = NULL;
+ char *acl_text;
- n = acl(fname, GETACLCNT, 0, NULL);
- if (n <= 0) {
- return NULL;
+ n = acl(jcr->last_fname, GETACLCNT, 0, NULL);
+ if (n < MIN_ACL_ENTRIES) {
+ return -1;
+ } else if (n == MIN_ACL_ENTRIES) {
+ /* The ACLs simply reflect the (already known) standard permissions */
+ return pm_strcpy(jcr->acl_text, "");
}
if ((acls = (aclent_t *)malloc(n * sizeof(aclent_t))) == NULL) {
- return NULL;
+ return -1;
}
- if (acl(fname, GETACL, n, acls) == n) {
- if ((tmp = acltotext(acls, n)) != NULL) {
- acltext = bstrdup(tmp);
- actuallyfree(tmp);
+ if (acl(jcr->last_fname, GETACL, n, acls) == n) {
+ if ((acl_text = acltotext(acls, n)) != NULL) {
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+ free(acls);
+ return len;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acltotext error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acltotext error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
}
- actuallyfree(acls);
- return acltext;
+ free(acls);
+ return -1;
}
-int bacl_set(char *fname, int acltype, char *acltext)
+int bacl_set(JCR *jcr, int acltype)
{
- int n, stat;
+ int n;
aclent_t *acls;
- acls = aclfromtext(acltext, &n);
+ acls = aclfromtext(jcr->acl_text, &n);
if (!acls) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("aclfromtext error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "aclfromtext error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
+ return -1;
+ }
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (acl(jcr->last_fname, SETACL, n, acls) == -1 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl(SETACL) error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.bstrerror());
+ Dmsg3(100, "acl(SETACL) error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.bstrerror());
+ actuallyfree(acls);
return -1;
}
- stat = acl(fname, SETACL, n, acls);
actuallyfree(acls);
- return stat;
+ return 0;
}
-#endif
+#endif /* HAVE_EXTENDED_ACL */
+#endif /* HAVE_SUN_OS */
#ifdef TEST_PROGRAM
+
+/*
+ * Test program setup
+ *
+ * Compile and set up with eg. with eg.
+ *
+ * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c
+ * $ ln -s acl aclcp
+ *
+ * You can then list ACLs with acl and copy them with aclcp.
+ *
+ * For a list of compiler flags, see the list preceding the big #if below.
+ */
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include "acl.h"
+
+#define BACLLEN 65535
+#define pm_strcpy(d,s) (strncpy(d, s, BACLLEN - 1) == NULL ? -1 : (int)strlen(d))
+#define Dmsg0(n,s) fprintf(stderr, s)
+#define Dmsg1(n,s,a1) fprintf(stderr, s, a1)
+#define Dmsg2(n,s,a1,a2) fprintf(stderr, s, a1, a2)
+
+int aclls(char *fname);
+int aclcp(char *src, char *dst);
+
+struct JCRstruct {
+ char *last_fname;
+ char acl_text[BACLLEN];
+};
+typedef struct JCRstruct JCR;
+JCR jcr;
+
int main(int argc, char **argv)
{
char *prgname;
int status = 0;
if (argc < 1) {
- fprintf(stderr, "Cannot determine my own name\n");
+ Dmsg0(200, "Cannot determine my own name\n");
return EXIT_FAILURE;
}
- prgname = strrchr(argv[0], '/');
+ prgname = last_path_separator(argv[0]);
if (prgname == NULL || *++prgname == '\0') {
prgname = argv[0];
}
if (strcmp(prgname, "aclcp") == 0) {
int verbose = 0;
if (strcmp(*argv, "-v") == 0) {
- ++verbose;
- --argc;
- ++argv;
+ ++verbose;
+ --argc;
+ ++argv;
}
if (argc != 2) {
- fprintf(stderr, "%s: wrong number of arguments\n"
+ Dmsg2(200, "%s: wrong number of arguments\n"
"usage:\t%s [-v] source destination\n"
"\tCopies ACLs from source to destination.\n"
"\tSpecify -v to show ACLs after copy for verification.\n",
- prgname, prgname);
- return EXIT_FAILURE;
+ prgname, prgname);
+ return EXIT_FAILURE;
}
if (strcmp(argv[0], argv[1]) == 0) {
- fprintf(stderr, "%s: identical source and destination.\n"
+ Dmsg2(200, "%s: identical source and destination.\n"
"usage:\t%s [-v] source destination\n"
"\tCopies ACLs from source to destination.\n"
"\tSpecify -v to show ACLs after copy for verification.\n",
- prgname, prgname);
- return EXIT_FAILURE;
+ prgname, prgname);
+ return EXIT_FAILURE;
}
if (verbose) {
- aclls(argv[0]);
+ aclls(argv[0]);
}
status = aclcp(argv[0], argv[1]);
if (verbose && status == 0) {
- aclls(argv[1]);
+ aclls(argv[1]);
}
return status;
}
/* Default: just list ACLs */
if (argc < 1) {
- fprintf(stderr, "%s: missing arguments\n"
+ Dmsg2(200, "%s: missing arguments\n"
"usage:\t%s file ...\n"
"\tLists ACLs of specified files or directories.\n",
- prgname, prgname);
+ prgname, prgname);
return EXIT_FAILURE;
}
while (argc--) {
if (!aclls(*argv++)) {
- status = EXIT_FAILURE;
+ status = EXIT_FAILURE;
}
}
return status;
}
+/**** Test program *****/
int aclcp(char *src, char *dst)
{
struct stat st;
- POOLMEM *acltext;
if (lstat(dst, &st) != 0) {
- fprintf(stderr, "aclcp: destination does not exist\n");
+ Dmsg0(200, "aclcp: destination does not exist\n");
return EXIT_FAILURE;
}
if (S_ISLNK(st.st_mode)) {
- fprintf(stderr, "aclcp: cannot set ACL on symlinks\n");
+ Dmsg0(200, "aclcp: cannot set ACL on symlinks\n");
return EXIT_FAILURE;
}
if (lstat(src, &st) != 0) {
- fprintf(stderr, "aclcp: source does not exist\n");
+ Dmsg0(200, "aclcp: source does not exist\n");
return EXIT_FAILURE;
}
if (S_ISLNK(st.st_mode)) {
- fprintf(stderr, "aclcp: will not read ACL from symlinks\n");
+ Dmsg0(200, "aclcp: will not read ACL from symlinks\n");
return EXIT_FAILURE;
}
- acltext = bacl_get(src, BACL_TYPE_ACCESS);
- if (!acltext) {
- fprintf(stderr, "aclcp: could not read ACLs for %s\n", src);
+ jcr.last_fname = src;
+ if (bacl_get(&jcr, BACL_TYPE_ACCESS) < 0) {
+ Dmsg1(200, "aclcp: could not read ACLs for %s\n", jcr.last_fname);
return EXIT_FAILURE;
} else {
- if (bacl_set(dst, BACL_TYPE_ACCESS, acltext) != 0) {
- fprintf(stderr, "aclcp: could not set ACLs on %s\n", dst);
- actuallyfree(acltext);
- return EXIT_FAILURE;
+ jcr.last_fname = dst;
+ if (bacl_set(&jcr, BACL_TYPE_ACCESS) < 0) {
+ Dmsg1(200, "aclcp: could not set ACLs on %s\n", jcr.last_fname);
+ return EXIT_FAILURE;
}
- actuallyfree(acltext);
}
if (S_ISDIR(st.st_mode) && (BACL_CAP & BACL_CAP_DEFAULTS_DIR)) {
- acltext = bacl_get(src, BACL_TYPE_DEFAULT);
- if (acltext) {
- if (bacl_set(dst, BACL_TYPE_DEFAULT, acltext) != 0) {
- fprintf(stderr, "aclcp: could not set default ACLs on %s\n", dst);
- actuallyfree(acltext);
- return EXIT_FAILURE;
- }
- actuallyfree(acltext);
+ jcr.last_fname = src;
+ if (bacl_get(&jcr, BACL_TYPE_DEFAULT) < 0) {
+ Dmsg1(200, "aclcp: could not read default ACLs for %s\n", jcr.last_fname);
+ return EXIT_FAILURE;
+ } else {
+ jcr.last_fname = dst;
+ if (bacl_set(&jcr, BACL_TYPE_DEFAULT) < 0) {
+ Dmsg1(200, "aclcp: could not set default ACLs on %s\n", jcr.last_fname);
+ return EXIT_FAILURE;
+ }
}
}
return 0;
}
+/**** Test program *****/
int aclls(char *fname)
{
struct stat st;
- POOLMEM *acltext;
+ int len;
if (lstat(fname, &st) != 0) {
- fprintf(stderr, "acl: source does not exist\n");
+ Dmsg0(200, "acl: source does not exist\n");
return EXIT_FAILURE;
}
if (S_ISLNK(st.st_mode)) {
- fprintf(stderr, "acl: will not read ACL from symlinks\n");
+ Dmsg0(200, "acl: will not read ACL from symlinks\n");
return EXIT_FAILURE;
}
- acltext = bacl_get(fname, BACL_TYPE_ACCESS);
- if (!acltext) {
- fprintf(stderr, "acl: could not read ACLs for %s\n", fname);
+ jcr.last_fname = fname;
+
+ len = bacl_get(&jcr, BACL_TYPE_ACCESS);
+ if (len < 0) {
+ Dmsg1(200, "acl: could not read ACLs for %s\n", jcr.last_fname);
return EXIT_FAILURE;
+ } else if (len == 0) {
+ printf("#file: %s [standard permissions - or unsupported]\n\n", jcr.last_fname);
+ } else {
+ printf("#file: %s\n%s\n", jcr.last_fname, jcr.acl_text);
}
- printf("#file: %s\n%s\n", fname, acltext);
- actuallyfree(acltext);
if (S_ISDIR(st.st_mode) && (BACL_CAP & BACL_CAP_DEFAULTS_DIR)) {
- acltext = bacl_get(fname, BACL_TYPE_DEFAULT);
- if (!acltext) {
- fprintf(stderr, "acl: could not read default ACLs for %s\n", fname);
- return EXIT_FAILURE;
+ len = bacl_get(&jcr, BACL_TYPE_DEFAULT);
+ if (len < 0) {
+ Dmsg1(200, "acl: could not read default ACLs for %s\n", jcr.last_fname);
+ return EXIT_FAILURE;
+ } else if (len == 0) {
+ printf("#file: %s [default, none - or unsupported]\n\n", jcr.last_fname);
+ } else {
+ printf("#file: %s [default]\n%s\n", jcr.last_fname, jcr.acl_text);
}
- printf("#file: %s [default]\n%s\n", fname, acltext);
- actuallyfree(acltext);
}
return 0;
}
#endif
-#endif
projects / bacula / bacula / blobdiff