*
* Version $Id$
*/
+/*
+ Copyright (C) 2004-2006 Kern Sibbald
-#ifndef TEST_PROGRAM
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License
+ version 2 as amended with additional clauses defined in the
+ file LICENSE in the main source directory.
-#include "bacula.h"
-#include "filed.h"
-/* So we can free system allocated memory */
-#undef free
-#undef malloc
-#define malloc &* dont use malloc in this routine
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ the file LICENSE for additional details.
-#else
-/*
- * Test program setup
- *
- * Compile and set up with eg. with eg.
- *
- * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c
- * $ ln -s acl aclcp
- *
- * You can then list ACLs with acl and copy them with aclcp.
- *
- * For a list of compiler flags, see the list preceding the big #if below.
*/
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include "acl.h"
-#define BACLLEN 65535
-#define pm_strcpy(d,s) (strncpy(d, s, BACLLEN - 1) == NULL ? -1 : (int)strlen(d))
-#define Dmsg0(n,s) fprintf(stderr, s)
-#define Dmsg1(n,s,a1) fprintf(stderr, s, a1)
-#define Dmsg2(n,s,a1,a2) fprintf(stderr, s, a1, a2)
+#ifndef TEST_PROGRAM
-int aclls(char *fname);
-int aclcp(char *src, char *dst);
+#include "bacula.h"
+#include "filed.h"
-struct JCRstruct {
- char *last_fname;
- char acl_text[BACLLEN];
-};
-typedef struct JCRstruct JCR;
-JCR jcr;
#endif
/*
#if !defined(HAVE_ACL) /* ACL support is required, of course */ \
|| !( defined(HAVE_AIX_OS) /* man page -- may need flags */ \
|| defined(HAVE_FREEBSD_OS) /* tested -- compile wihtout flags */ \
+ || defined(HAVE_DARWIN_OS) /* tested -- compile wihtout flags */ \
|| defined(HAVE_IRIX_OS) /* man page -- compile without flags */ \
|| defined(HAVE_OSF1_OS) /* man page -- may need -lpacl */ \
|| defined(HAVE_LINUX_OS) /* tested -- compile with -lacl */ \
* with what we have and give all ACL streams a new number/type.
*/
#endif
-#if !defined(HAVE_ACL) || !defined(HAVE_LINUX_OS)
+#if !defined(HAVE_ACL) \
+ || !( defined(HAVE_LINUX_OS) \
+ || defined(HAVE_FREEBSD_OS) \
+ || defined(HAVE_DARWIN_OS) \
+ || defined(HAVE_IRIX_OS) \
+ || defined(HAVE_OSF1_OS) \
+ || defined(HAVE_SUN_OS) \
+ )
/* bacl_get() returns the lenght of the string, or -1 on error. */
int bacl_get(JCR *jcr, int acltype)
{
+ Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n"));
return -1;
}
int bacl_set(JCR *jcr, int acltype)
{
+ Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n"));
return -1;
}
if ((acl_text = acl_get(jcr->last_fname)) != NULL) {
len = pm_strcpy(jcr->acl_text, acl_text);
- free(acl_text);
+ actuallyfree(acl_text);
return len;
}
return -1;
}
#elif defined(HAVE_FREEBSD_OS) \
+ || defined(HAVE_DARWIN_OS) \
|| defined(HAVE_IRIX_OS) \
|| defined(HAVE_OSF1_OS) \
|| defined(HAVE_LINUX_OS)
/* On IRIX we can get shortened ACLs */
#if defined(HAVE_IRIX_OS) && defined(BACL_WANT_SHORT_ACLS)
-#define acl_to_text(acl,len) acl_to_short_text((acl), (len))
+#define acl_to_text(acl,len) acl_to_short_text((acl), (len))
#endif
/* In Linux we can get numeric and/or shorted ACLs */
#if defined(HAVE_LINUX_OS)
#if defined(BACL_WANT_SHORT_ACLS) && defined(BACL_WANT_NUMERIC_IDS)
-#define BACL_ALTERNATE_TEXT (TEXT_ABBREVIATE|TEXT_NUMERIC_IDS)
+#define BACL_ALTERNATE_TEXT (TEXT_ABBREVIATE|TEXT_NUMERIC_IDS)
#elif defined(BACL_WANT_SHORT_ACLS)
-#define BACL_ALTERNATE_TEXT TEXT_ABBREVIATE
+#define BACL_ALTERNATE_TEXT TEXT_ABBREVIATE
#elif defined(BACL_WANT_NUMERIC_IDS)
-#define BACL_ALTERNATE_TEXT TEXT_NUMERIC_IDS
+#define BACL_ALTERNATE_TEXT TEXT_NUMERIC_IDS
#endif
#ifdef BACL_ALTERNATE_TEXT
#include <acl/libacl.h>
int bacl_get(JCR *jcr, int acltype)
{
acl_t acl;
- int len, ostype;
+ int len;
+ acl_type_t ostype;
char *acl_text;
ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS;
acl = acl_get_file(jcr->last_fname, ostype);
if (acl) {
if ((acl_text = acl_to_text(acl, NULL)) != NULL) {
- len = pm_strcpy(jcr->acl_text, acl_text);
- acl_free(acl);
- acl_free(acl_text);
- return len;
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ acl_free(acl);
+ acl_free(acl_text);
+ return len;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_to_text error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acl_to_text error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
acl_free(acl);
-#ifndef HAVE_OSF1_OS /* BACL_ENOTSUP not defined for OSF1 */
+#ifndef HAVE_OSF1_OS /* BACL_ENOTSUP not defined for OSF1 */
} else if (errno == BACL_ENOTSUP) {
/* Not supported, just pretend there is nothing to see */
return pm_strcpy(jcr->acl_text, "");
int bacl_set(JCR *jcr, int acltype)
{
acl_t acl;
- int ostype;
+ acl_type_t ostype;
ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS;
/* If we get empty default ACLs, clear ACLs now */
if (ostype == ACL_TYPE_DEFAULT && strlen(jcr->acl_text) == 0) {
if (acl_delete_def_file(jcr->last_fname) == 0) {
- return 0;
+ return 0;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_delete_def_file error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
return -1;
}
acl = acl_from_text(jcr->acl_text);
if (acl == NULL) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_from_text error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acl_from_text error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
return -1;
}
*/
#ifndef HAVE_FREEBSD_OS
if (acl_valid(acl) != 0) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("ac_valid error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acl_valid error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
acl_free(acl);
return -1;
}
#endif
- if (acl_set_file(jcr->last_fname, ostype, acl) != 0) {
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (acl_set_file(jcr->last_fname, ostype, acl) != 0 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl_set_file error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acl_set_file error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
acl_free(acl);
return -1;
}
if ((n = getacl(jcr->last_fname, 0, acls)) <= 0) {
if (errno == BACL_ENOTSUP) {
- return pm_strcpy(jcr->acl_text, "");
+ return pm_strcpy(jcr->acl_text, "");
}
return -1;
}
if ((n = getacl(jcr->last_fname, n, acls)) > 0) {
if ((acl_text = acltostr(n, acls, FORM_SHORT)) != NULL) {
- len = pm_strcpy(jcr->acl_text, acl_text);
- free(acl_text);
- return len;
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+ return len;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acltostr error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acltostr error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
+ return -1;
}
return -1;
}
n = strtoacl(jcr->acl_text, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP);
if (n <= 0) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
return -1;
}
if (strtoacl(jcr->acl_text, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
return -1;
}
- if (setacl(jcr->last_fname, n, acls) != 0) {
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (setacl(jcr->last_fname, n, acls) != 0 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("setacl error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "setacl error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
return -1;
}
return 0;
}
if (acl(jcr->last_fname, GETACL, n, acls) == n) {
if ((acl_text = acltotext(acls, n)) != NULL) {
- len = pm_strcpy(jcr->acl_text, acl_text);
- free(acl_text);
- free(acls);
- return len;
+ len = pm_strcpy(jcr->acl_text, acl_text);
+ actuallyfree(acl_text);
+ free(acls);
+ return len;
}
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acltotext error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acltotext error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
}
free(acls);
return -1;
acls = aclfromtext(jcr->acl_text, &n);
if (!acls) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("aclfromtext error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "aclfromtext error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
return -1;
}
- if (acl(jcr->last_fname, SETACL, n, acls) != 0) {
- free(acls);
+ /*
+ * Restore the ACLs, but don't complain about links which really should
+ * not have attributes, and the file it is linked to may not yet be restored.
+ */
+ if (acl(jcr->last_fname, SETACL, n, acls) == -1 && jcr->last_type != FT_LNK) {
+ berrno be;
+ Jmsg2(jcr, M_ERROR, 0, _("acl(SETACL) error on file \"%s\": ERR=%s\n"),
+ jcr->last_fname, be.strerror());
+ Dmsg3(100, "acl(SETACL) error acl=%s file=%s ERR=%s\n",
+ jcr->acl_text, jcr->last_fname, be.strerror());
+ actuallyfree(acls);
return -1;
}
- free(acls);
+ actuallyfree(acls);
return 0;
}
#ifdef TEST_PROGRAM
+
+/*
+ * Test program setup
+ *
+ * Compile and set up with eg. with eg.
+ *
+ * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c
+ * $ ln -s acl aclcp
+ *
+ * You can then list ACLs with acl and copy them with aclcp.
+ *
+ * For a list of compiler flags, see the list preceding the big #if below.
+ */
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include "acl.h"
+
+#define BACLLEN 65535
+#define pm_strcpy(d,s) (strncpy(d, s, BACLLEN - 1) == NULL ? -1 : (int)strlen(d))
+#define Dmsg0(n,s) fprintf(stderr, s)
+#define Dmsg1(n,s,a1) fprintf(stderr, s, a1)
+#define Dmsg2(n,s,a1,a2) fprintf(stderr, s, a1, a2)
+
+int aclls(char *fname);
+int aclcp(char *src, char *dst);
+
+struct JCRstruct {
+ char *last_fname;
+ char acl_text[BACLLEN];
+};
+typedef struct JCRstruct JCR;
+JCR jcr;
+
int main(int argc, char **argv)
{
char *prgname;
if (strcmp(prgname, "aclcp") == 0) {
int verbose = 0;
if (strcmp(*argv, "-v") == 0) {
- ++verbose;
- --argc;
- ++argv;
+ ++verbose;
+ --argc;
+ ++argv;
}
if (argc != 2) {
Dmsg2(200, "%s: wrong number of arguments\n"
"usage:\t%s [-v] source destination\n"
"\tCopies ACLs from source to destination.\n"
"\tSpecify -v to show ACLs after copy for verification.\n",
- prgname, prgname);
- return EXIT_FAILURE;
+ prgname, prgname);
+ return EXIT_FAILURE;
}
if (strcmp(argv[0], argv[1]) == 0) {
Dmsg2(200, "%s: identical source and destination.\n"
"usage:\t%s [-v] source destination\n"
"\tCopies ACLs from source to destination.\n"
"\tSpecify -v to show ACLs after copy for verification.\n",
- prgname, prgname);
- return EXIT_FAILURE;
+ prgname, prgname);
+ return EXIT_FAILURE;
}
if (verbose) {
- aclls(argv[0]);
+ aclls(argv[0]);
}
status = aclcp(argv[0], argv[1]);
if (verbose && status == 0) {
- aclls(argv[1]);
+ aclls(argv[1]);
}
return status;
}
Dmsg2(200, "%s: missing arguments\n"
"usage:\t%s file ...\n"
"\tLists ACLs of specified files or directories.\n",
- prgname, prgname);
+ prgname, prgname);
return EXIT_FAILURE;
}
while (argc--) {
if (!aclls(*argv++)) {
- status = EXIT_FAILURE;
+ status = EXIT_FAILURE;
}
}
jcr.last_fname = dst;
if (bacl_set(&jcr, BACL_TYPE_ACCESS) < 0) {
Dmsg1(200, "aclcp: could not set ACLs on %s\n", jcr.last_fname);
- return EXIT_FAILURE;
+ return EXIT_FAILURE;
}
}
jcr.last_fname = src;
if (bacl_get(&jcr, BACL_TYPE_DEFAULT) < 0) {
Dmsg1(200, "aclcp: could not read default ACLs for %s\n", jcr.last_fname);
- return EXIT_FAILURE;
+ return EXIT_FAILURE;
} else {
- jcr.last_fname = dst;
- if (bacl_set(&jcr, BACL_TYPE_DEFAULT) < 0) {
+ jcr.last_fname = dst;
+ if (bacl_set(&jcr, BACL_TYPE_DEFAULT) < 0) {
Dmsg1(200, "aclcp: could not set default ACLs on %s\n", jcr.last_fname);
- return EXIT_FAILURE;
- }
+ return EXIT_FAILURE;
+ }
}
}
len = bacl_get(&jcr, BACL_TYPE_DEFAULT);
if (len < 0) {
Dmsg1(200, "acl: could not read default ACLs for %s\n", jcr.last_fname);
- return EXIT_FAILURE;
+ return EXIT_FAILURE;
} else if (len == 0) {
- printf("#file: %s [default, none - or unsupported]\n\n", jcr.last_fname);
+ printf("#file: %s [default, none - or unsupported]\n\n", jcr.last_fname);
} else {
- printf("#file: %s [default]\n%s\n", jcr.last_fname, jcr.acl_text);
+ printf("#file: %s [default]\n%s\n", jcr.last_fname, jcr.acl_text);
}
}