X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ffiled%2Facl.c;h=9eb017ebb00e99bb0f86ea4c986e5f575fad85cb;hb=6e637fce30a1fdbc2da43552f513f529db4d4e87;hp=f68de53dfa114fb77c2ca2459a6134419fb38a7b;hpb=c2c59c0761435ad6b196eea11878a2bcbfdf99d7;p=bacula%2Fbacula diff --git a/bacula/src/filed/acl.c b/bacula/src/filed/acl.c index f68de53dfa..9eb017ebb0 100644 --- a/bacula/src/filed/acl.c +++ b/bacula/src/filed/acl.c @@ -1,3 +1,30 @@ +/* + Bacula® - The Network Backup Solution + + Copyright (C) 2004-2008 Free Software Foundation Europe e.V. + + The main author of Bacula is Kern Sibbald, with contributions from + many others, a complete list can be found in the file AUTHORS. + This program is Free Software; you can redistribute it and/or + modify it under the terms of version two of the GNU General Public + License as published by the Free Software Foundation and included + in the file LICENSE. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301, USA. + + Bacula® is a registered trademark of John Walker. + The licensor of Bacula is the Free Software Foundation Europe + (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich, + Switzerland, email:ftf@fsfeurope.org. +*/ /* * Functions to handle ACL for bacula. * @@ -28,65 +55,13 @@ * * Version $Id$ */ -/* - Copyright (C) 2004-2005 Kern Sibbald - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - version 2 as amended with additional clauses defined in the - file LICENSE in the main source directory. - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - the file LICENSE for additional details. - - */ #ifndef TEST_PROGRAM #include "bacula.h" #include "filed.h" -/* So we can free system allocated memory */ -#undef free -#undef malloc -#define malloc &* dont use malloc in this routine -#else -/* - * Test program setup - * - * Compile and set up with eg. with eg. - * - * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c - * $ ln -s acl aclcp - * - * You can then list ACLs with acl and copy them with aclcp. - * - * For a list of compiler flags, see the list preceding the big #if below. - */ -#include -#include -#include -#include -#include -#include "acl.h" - -#define BACLLEN 65535 -#define pm_strcpy(d,s) (strncpy(d, s, BACLLEN - 1) == NULL ? -1 : (int)strlen(d)) -#define Dmsg0(n,s) fprintf(stderr, s) -#define Dmsg1(n,s,a1) fprintf(stderr, s, a1) -#define Dmsg2(n,s,a1,a2) fprintf(stderr, s, a1, a2) - -int aclls(char *fname); -int aclcp(char *src, char *dst); - -struct JCRstruct { - char *last_fname; - char acl_text[BACLLEN]; -}; -typedef struct JCRstruct JCR; -JCR jcr; #endif /* @@ -96,7 +71,8 @@ JCR jcr; */ #if !defined(HAVE_ACL) /* ACL support is required, of course */ \ || !( defined(HAVE_AIX_OS) /* man page -- may need flags */ \ - || defined(HAVE_FREEBSD_OS) /* tested -- compile wihtout flags */ \ + || defined(HAVE_FREEBSD_OS) /* tested -- compile without flags */ \ + || defined(HAVE_DARWIN_OS) /* tested -- compile without flags */ \ || defined(HAVE_IRIX_OS) /* man page -- compile without flags */ \ || defined(HAVE_OSF1_OS) /* man page -- may need -lpacl */ \ || defined(HAVE_LINUX_OS) /* tested -- compile with -lacl */ \ @@ -112,16 +88,26 @@ JCR jcr; * with what we have and give all ACL streams a new number/type. */ #endif -#if !defined(HAVE_ACL) || !defined(HAVE_LINUX_OS) + +#if !defined(HAVE_ACL) \ + || !( defined(HAVE_LINUX_OS) \ + || defined(HAVE_FREEBSD_OS) \ + || defined(HAVE_DARWIN_OS) \ + || defined(HAVE_IRIX_OS) \ + || defined(HAVE_OSF1_OS) \ + || defined(HAVE_SUN_OS) \ + ) /* bacl_get() returns the lenght of the string, or -1 on error. */ int bacl_get(JCR *jcr, int acltype) { + Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n")); return -1; } int bacl_set(JCR *jcr, int acltype) { + Jmsg(jcr, M_FATAL, 0, _("ACL support not configured for your machine.\n")); return -1; } @@ -136,7 +122,7 @@ int bacl_get(JCR *jcr, int acltype) if ((acl_text = acl_get(jcr->last_fname)) != NULL) { len = pm_strcpy(jcr->acl_text, acl_text); - free(acl_text); + actuallyfree(acl_text); return len; } return -1; @@ -151,6 +137,7 @@ int bacl_set(JCR *jcr, int acltype) } #elif defined(HAVE_FREEBSD_OS) \ + || defined(HAVE_DARWIN_OS) \ || defined(HAVE_IRIX_OS) \ || defined(HAVE_OSF1_OS) \ || defined(HAVE_LINUX_OS) @@ -174,26 +161,50 @@ int bacl_set(JCR *jcr, int acltype) #endif #ifdef BACL_ALTERNATE_TEXT #include -#define acl_to_text(acl,len) ((len), acl_to_any_text((acl), NULL, ',', BACL_ALTERNATE_TEXT)) +#define acl_to_text(acl,len) (acl_to_any_text((acl), NULL, ',', BACL_ALTERNATE_TEXT)) #endif #endif int bacl_get(JCR *jcr, int acltype) { acl_t acl; - int len, ostype; + int len; + acl_type_t ostype; char *acl_text; ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS; acl = acl_get_file(jcr->last_fname, ostype); if (acl) { +#if defined(HAVE_IRIX_OS) + /* + * From observation, IRIX's acl_get_file() seems to return a + * non-NULL acl with a count field of -1 when a file has no ACL + * defined, while IRIX's acl_to_text() returns NULL when presented + * with such an ACL. + * + * Checking the count in the acl structure before calling + * acl_to_text() lets us avoid error messages about files + * with no ACLs, without modifying the flow of the code used for + * other operating systems, and it saves making some calls + * to acl_to_text() besides. + */ + if (acl->acl_cnt <= 0) { + acl_free(acl); + return 0; + } +#endif if ((acl_text = acl_to_text(acl, NULL)) != NULL) { len = pm_strcpy(jcr->acl_text, acl_text); acl_free(acl); acl_free(acl_text); return len; } + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acl_to_text error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acl_to_text error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); acl_free(acl); #ifndef HAVE_OSF1_OS /* BACL_ENOTSUP not defined for OSF1 */ } else if (errno == BACL_ENOTSUP) { @@ -209,7 +220,7 @@ int bacl_get(JCR *jcr, int acltype) int bacl_set(JCR *jcr, int acltype) { acl_t acl; - int ostype; + acl_type_t ostype; ostype = (acltype & BACL_TYPE_DEFAULT) ? ACL_TYPE_DEFAULT : ACL_TYPE_ACCESS; @@ -218,11 +229,19 @@ int bacl_set(JCR *jcr, int acltype) if (acl_delete_def_file(jcr->last_fname) == 0) { return 0; } + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acl_delete_def_file error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); return -1; } acl = acl_from_text(jcr->acl_text); if (acl == NULL) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acl_from_text error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acl_from_text error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); return -1; } @@ -232,12 +251,26 @@ int bacl_set(JCR *jcr, int acltype) */ #ifndef HAVE_FREEBSD_OS if (acl_valid(acl) != 0) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("ac_valid error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acl_valid error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); acl_free(acl); return -1; } #endif - if (acl_set_file(jcr->last_fname, ostype, acl) != 0) { + /* + * Restore the ACLs, but don't complain about links which really should + * not have attributes, and the file it is linked to may not yet be restored. + */ + if (acl_set_file(jcr->last_fname, ostype, acl) != 0 && jcr->last_type != FT_LNK) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acl_set_file error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acl_set_file error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); acl_free(acl); return -1; } @@ -264,9 +297,15 @@ int bacl_get(JCR *jcr, int acltype) if ((n = getacl(jcr->last_fname, n, acls)) > 0) { if ((acl_text = acltostr(n, acls, FORM_SHORT)) != NULL) { len = pm_strcpy(jcr->acl_text, acl_text); - free(acl_text); + actuallyfree(acl_text); return len; } + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acltostr error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acltostr error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); + return -1; } return -1; } @@ -278,12 +317,31 @@ int bacl_set(JCR *jcr, int acltype) n = strtoacl(jcr->acl_text, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP); if (n <= 0) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); return -1; } if (strtoacl(jcr->acl_text, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("strtoacl error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); return -1; } - if (setacl(jcr->last_fname, n, acls) != 0) { + /* + * Restore the ACLs, but don't complain about links which really should + * not have attributes, and the file it is linked to may not yet be restored. + */ + if (setacl(jcr->last_fname, n, acls) != 0 && jcr->last_type != FT_LNK) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("setacl error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "setacl error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); return -1; } return 0; @@ -311,10 +369,15 @@ int bacl_get(JCR *jcr, int acltype) if (acl(jcr->last_fname, GETACL, n, acls) == n) { if ((acl_text = acltotext(acls, n)) != NULL) { len = pm_strcpy(jcr->acl_text, acl_text); - free(acl_text); + actuallyfree(acl_text); free(acls); return len; } + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acltotext error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acltotext error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); } free(acls); return -1; @@ -327,13 +390,27 @@ int bacl_set(JCR *jcr, int acltype) acls = aclfromtext(jcr->acl_text, &n); if (!acls) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("aclfromtext error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "aclfromtext error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); return -1; } - if (acl(jcr->last_fname, SETACL, n, acls) != 0) { - free(acls); + /* + * Restore the ACLs, but don't complain about links which really should + * not have attributes, and the file it is linked to may not yet be restored. + */ + if (acl(jcr->last_fname, SETACL, n, acls) == -1 && jcr->last_type != FT_LNK) { + berrno be; + Jmsg2(jcr, M_ERROR, 0, _("acl(SETACL) error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg3(100, "acl(SETACL) error acl=%s file=%s ERR=%s\n", + jcr->acl_text, jcr->last_fname, be.bstrerror()); + actuallyfree(acls); return -1; } - free(acls); + actuallyfree(acls); return 0; } @@ -341,6 +418,42 @@ int bacl_set(JCR *jcr, int acltype) #ifdef TEST_PROGRAM + +/* + * Test program setup + * + * Compile and set up with eg. with eg. + * + * $ cc -DTEST_PROGRAM -DHAVE_SUN_OS -lsec -o acl acl.c + * $ ln -s acl aclcp + * + * You can then list ACLs with acl and copy them with aclcp. + * + * For a list of compiler flags, see the list preceding the big #if below. + */ +#include +#include +#include +#include +#include +#include "acl.h" + +#define BACLLEN 65535 +#define pm_strcpy(d,s) (strncpy(d, s, BACLLEN - 1) == NULL ? -1 : (int)strlen(d)) +#define Dmsg0(n,s) fprintf(stderr, s) +#define Dmsg1(n,s,a1) fprintf(stderr, s, a1) +#define Dmsg2(n,s,a1,a2) fprintf(stderr, s, a1, a2) + +int aclls(char *fname); +int aclcp(char *src, char *dst); + +struct JCRstruct { + char *last_fname; + char acl_text[BACLLEN]; +}; +typedef struct JCRstruct JCR; +JCR jcr; + int main(int argc, char **argv) { char *prgname; @@ -351,7 +464,7 @@ int main(int argc, char **argv) return EXIT_FAILURE; } - prgname = strrchr(argv[0], '/'); + prgname = last_path_separator(argv[0]); if (prgname == NULL || *++prgname == '\0') { prgname = argv[0]; }