X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ffiled%2Facl.c;h=c26a4157e063045b34775495015a6bf88ded80fa;hb=8d7d30bafba8875b5ee313807d881d7da4b81ff6;hp=c1fbc3b9899c677a38fc4d71cb28b67078bb00bd;hpb=a2023b1db65ddf6ff16fdcf0f21ac9abc529b4e2;p=bacula%2Fbacula diff --git a/bacula/src/filed/acl.c b/bacula/src/filed/acl.c index c1fbc3b989..c26a4157e0 100644 --- a/bacula/src/filed/acl.c +++ b/bacula/src/filed/acl.c @@ -1,7 +1,7 @@ /* Bacula® - The Network Backup Solution - Copyright (C) 2004-2009 Free Software Foundation Europe e.V. + Copyright (C) 2004-2010 Free Software Foundation Europe e.V. The main author of Bacula is Kern Sibbald, with contributions from many others, a complete list can be found in the file AUTHORS. @@ -25,7 +25,7 @@ (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich, Switzerland, email:ftf@fsfeurope.org. */ -/* +/** * Functions to handle ACLs for bacula. * * We handle two different types of ACLs: access and default ACLS. @@ -47,67 +47,65 @@ * * Original written by Preben 'Peppe' Guldberg, December MMIV * Major rewrite by Marco van Wieringen, November MMVIII - * - * Version $Id$ */ #include "bacula.h" #include "filed.h" -#include "acl.h" -#if !defined(HAVE_ACL) -/* +#if !defined(HAVE_ACL) && !defined(HAVE_AFS_ACL) +/** * Entry points when compiled without support for ACLs or on an unsupported platform. */ -bsub_exit_code build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +bacl_exit_code build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { - return bsub_exit_fatal; + return bacl_exit_fatal; } -bsub_exit_code parse_acl_stream(JCR *jcr, int stream) +bacl_exit_code parse_acl_streams(JCR *jcr, int stream) { - return bsub_exit_fatal; + return bacl_exit_fatal; } #else -/* +/** * Send an ACL stream to the SD. */ -static bsub_exit_code send_acl_stream(JCR *jcr, int stream) +static bacl_exit_code send_acl_stream(JCR *jcr, int stream) { BSOCK *sd = jcr->store_bsock; POOLMEM *msgsave; #ifdef FD_NO_SEND_TEST - return bsub_exit_ok; + return bacl_exit_ok; #endif - /* + /** * Sanity check */ - if (jcr->acl_data_len <= 0) - return bsub_exit_ok; + if (jcr->acl_data->content_length <= 0) { + return bacl_exit_ok; + } - /* + /** * Send header */ if (!sd->fsend("%ld %d 0", jcr->JobFiles, stream)) { Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror()); - return bsub_exit_fatal; + return bacl_exit_fatal; } - /* + /** * Send the buffer to the storage deamon */ - Dmsg1(400, "Backing up ACL <%s>\n", jcr->acl_data); + Dmsg1(400, "Backing up ACL <%s>\n", jcr->acl_data->content); msgsave = sd->msg; - sd->msg = jcr->acl_data; - sd->msglen = jcr->acl_data_len + 1; + sd->msg = jcr->acl_data->content; + sd->msglen = jcr->acl_data->content_length + 1; if (!sd->send()) { sd->msg = msgsave; sd->msglen = 0; Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror()); - return bsub_exit_fatal; + return bacl_exit_fatal; } jcr->JobBytes += sd->msglen; @@ -115,48 +113,52 @@ static bsub_exit_code send_acl_stream(JCR *jcr, int stream) if (!sd->signal(BNET_EOD)) { Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror()); - return bsub_exit_fatal; + return bacl_exit_fatal; } Dmsg1(200, "ACL of file: %s successfully backed up!\n", jcr->last_fname); - return bsub_exit_ok; + return bacl_exit_ok; } +/** + * First the native ACLs. + */ +#if defined(HAVE_ACL) #if defined(HAVE_AIX_OS) #include -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[1] = { STREAM_ACL_AIX_TEXT }; static int os_default_acl_streams[1] = { -1 }; -static bsub_exit_code aix_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code aix_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { char *acl_text; if ((acl_text = acl_get(jcr->last_fname)) != NULL) { - jcr->acl_data_len = pm_strcpy(jcr->acl_data, acl_text); + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); actuallyfree(acl_text); return send_acl_stream(jcr, STREAM_ACL_AIX_TEXT); } - return bsub_exit_nok; + return bacl_exit_error; } -static bsub_exit_code aix_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code aix_parse_acl_streams(JCR *jcr, int stream) { - if (acl_put(jcr->last_fname, jcr->acl_data, 0) != 0) { - return bsub_exit_nok; + if (acl_put(jcr->last_fname, jcr->acl_data->content, 0) != 0) { + return bacl_exit_error; } - return bsub_exit_ok; + return bacl_exit_ok; } -/* +/** * For this OS setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = aix_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = aix_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = aix_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = aix_parse_acl_streams; #elif defined(HAVE_DARWIN_OS) || \ defined(HAVE_FREEBSD_OS) || \ @@ -172,12 +174,16 @@ static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = aix_parse_ #error "configure failed to detect availability of sys/acl.h" #endif -/* On IRIX we can get shortened ACLs */ +/** + * On IRIX we can get shortened ACLs + */ #if defined(HAVE_IRIX_OS) && defined(BACL_WANT_SHORT_ACLS) #define acl_to_text(acl,len) acl_to_short_text((acl), (len)) #endif -/* In Linux we can get numeric and/or shorted ACLs */ +/** + * In Linux we can get numeric and/or shorted ACLs + */ #if defined(HAVE_LINUX_OS) #if defined(BACL_WANT_SHORT_ACLS) && defined(BACL_WANT_NUMERIC_IDS) #define BACL_ALTERNATE_TEXT (TEXT_ABBREVIATE|TEXT_NUMERIC_IDS) @@ -192,7 +198,7 @@ static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = aix_parse_ #endif #endif -/* +/** * Some generic functions used by multiple OSes. */ static acl_type_t bac_to_os_acltype(bacl_type acltype) @@ -209,7 +215,7 @@ static acl_type_t bac_to_os_acltype(bacl_type acltype) #ifdef ACL_TYPE_DEFAULT_DIR case BACL_TYPE_DEFAULT_DIR: - /* + /** * OSF1 has an additional acl type named ACL_TYPE_DEFAULT_DIR. */ ostype = ACL_TYPE_DEFAULT_DIR; @@ -217,14 +223,14 @@ static acl_type_t bac_to_os_acltype(bacl_type acltype) #endif #ifdef ACL_TYPE_EXTENDED case BACL_TYPE_EXTENDED: - /* + /** * MacOSX has an additional acl type named ACL_TYPE_EXTENDED. */ ostype = ACL_TYPE_EXTENDED; break; #endif default: - /* + /** * This should never happen, as the per OS version function only tries acl * types supported on a certain platform. */ @@ -235,13 +241,13 @@ static acl_type_t bac_to_os_acltype(bacl_type acltype) } #if !defined(HAVE_DARWIN_OS) -/* +/** * See if an acl is a trivial one (e.g. just the stat bits encoded as acl.) * There is no need to store those acls as we already store the stat bits too. */ static bool acl_is_trivial(acl_t acl) { - /* + /** * acl is trivial if it has only the following entries: * "user::", * "group::", @@ -255,13 +261,13 @@ static bool acl_is_trivial(acl_t acl) entry_available = acl_get_entry(acl, ACL_FIRST_ENTRY, &ace); while (entry_available == 1) { - /* + /** * Get the tag type of this acl entry. * If we fail to get the tagtype we call the acl non-trivial. */ if (acl_get_tag_type(ace, &tag) < 0) return true; - /* + /** * Anything other the ACL_USER_OBJ, ACL_GROUP_OBJ or ACL_OTHER breaks the spell. */ if (tag != ACL_USER_OBJ && @@ -278,7 +284,7 @@ static bool acl_is_trivial(acl_t acl) ace = &acl->acl_entry[n]; tag = ace->ae_tag; - /* + /** * Anything other the ACL_USER_OBJ, ACL_GROUP_OBJ or ACL_OTHER breaks the spell. */ if (tag != ACL_USER_OBJ && @@ -295,14 +301,14 @@ static bool acl_is_trivial(acl_t acl) while (count > 0) { tag = ace->entry->acl_type; - /* + /** * Anything other the ACL_USER_OBJ, ACL_GROUP_OBJ or ACL_OTHER breaks the spell. */ if (tag != ACL_USER_OBJ && tag != ACL_GROUP_OBJ && tag != ACL_OTHER) return false; - /* + /** * On Tru64, perm can also contain non-standard bits such as * PERM_INSERT, PERM_DELETE, PERM_MODIFY, PERM_LOOKUP, ... */ @@ -316,10 +322,10 @@ static bool acl_is_trivial(acl_t acl) } #endif -/* +/** * Generic wrapper around acl_get_file call. */ -static bsub_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) +static bacl_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) { acl_t acl; acl_type_t ostype; @@ -330,7 +336,7 @@ static bsub_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) acl = acl_get_file(jcr->last_fname, ostype); if (acl) { #if defined(HAVE_IRIX_OS) - /* + /** * From observation, IRIX's acl_get_file() seems to return a * non-NULL acl with a count field of -1 when a file has no ACL * defined, while IRIX's acl_to_text() returns NULL when presented @@ -343,34 +349,34 @@ static bsub_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) * to acl_to_text() besides. */ if (acl->acl_cnt <= 0) { - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; acl_free(acl); - return bsub_exit_ok; + return bacl_exit_ok; } #endif #if !defined(HAVE_DARWIN_OS) - /* + /** * Make sure this is not just a trivial ACL. */ if (acltype == BACL_TYPE_ACCESS && acl_is_trivial(acl)) { - /* + /** * The ACLs simply reflect the (already known) standard permissions * So we don't send an ACL stream to the SD. */ - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; acl_free(acl); - return bsub_exit_ok; + return bacl_exit_ok; } #endif if ((acl_text = acl_to_text(acl, NULL)) != NULL) { - jcr->acl_data_len = pm_strcpy(jcr->acl_data, acl_text); + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); acl_free(acl); acl_free(acl_text); - return bsub_exit_ok; + return bacl_exit_ok; } Mmsg2(jcr->errmsg, _("acl_to_text error on file \"%s\": ERR=%s\n"), @@ -378,25 +384,32 @@ static bsub_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) Dmsg2(100, "acl_to_text error file=%s ERR=%s\n", jcr->last_fname, be.bstrerror()); - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; acl_free(acl); - return bsub_exit_nok; + return bacl_exit_error; } - /* + /** * Handle errors gracefully. */ if (acl == (acl_t)NULL) { switch (errno) { #if defined(BACL_ENOTSUP) case BACL_ENOTSUP: + /** + * If the filesystem reports it doesn't support ACLs we clear the + * BACL_FLAG_SAVE_NATIVE flag so we skip ACL saves on all other files + * on the same filesystem. The BACL_FLAG_SAVE_NATIVE flag gets set again + * when we change from one filesystem to an other. + */ + jcr->acl_data->flags &= ~BACL_FLAG_SAVE_NATIVE; break; /* not supported */ #endif case ENOENT: - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; default: /* Some real error */ Mmsg2(jcr->errmsg, _("acl_get_file error on file \"%s\": ERR=%s\n"), @@ -404,57 +417,58 @@ static bsub_exit_code generic_get_acl_from_os(JCR *jcr, bacl_type acltype) Dmsg2(100, "acl_get_file error file=%s ERR=%s\n", jcr->last_fname, be.bstrerror()); - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_nok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_error; } } - /* + + /** * Not supported, just pretend there is nothing to see */ - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; } -/* +/** * Generic wrapper around acl_set_file call. */ -static bsub_exit_code generic_set_acl_on_os(JCR *jcr, bacl_type acltype) +static bacl_exit_code generic_set_acl_on_os(JCR *jcr, bacl_type acltype) { acl_t acl; acl_type_t ostype; berrno be; - /* + /** * If we get empty default ACLs, clear ACLs now */ ostype = bac_to_os_acltype(acltype); - if (ostype == ACL_TYPE_DEFAULT && strlen(jcr->acl_data) == 0) { + if (ostype == ACL_TYPE_DEFAULT && strlen(jcr->acl_data->content) == 0) { if (acl_delete_def_file(jcr->last_fname) == 0) { - return bsub_exit_ok; + return bacl_exit_ok; } switch (errno) { case ENOENT: - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("acl_delete_def_file error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + return bacl_exit_error; } } - acl = acl_from_text(jcr->acl_data); + acl = acl_from_text(jcr->acl_data->content); if (acl == NULL) { Mmsg2(jcr->errmsg, _("acl_from_text error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acl_from_text error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } #ifndef HAVE_FREEBSD_OS - /* + /** * FreeBSD always fails acl_valid() - at least on valid input... * As it does the right thing, given valid input, just ignore acl_valid(). */ @@ -462,13 +476,13 @@ static bsub_exit_code generic_set_acl_on_os(JCR *jcr, bacl_type acltype) Mmsg2(jcr->errmsg, _("acl_valid error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acl_valid error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); acl_free(acl); - return bsub_exit_nok; + return bacl_exit_error; } #endif - /* + /** * Restore the ACLs, but don't complain about links which really should * not have attributes, and the file it is linked to may not yet be restored. * This is only true for the old acl streams as in the new implementation we @@ -478,34 +492,34 @@ static bsub_exit_code generic_set_acl_on_os(JCR *jcr, bacl_type acltype) switch (errno) { case ENOENT: acl_free(acl); - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("acl_set_file error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acl_set_file error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); acl_free(acl); - return bsub_exit_nok; + return bacl_exit_error; } } acl_free(acl); - return bsub_exit_ok; + return bacl_exit_ok; } -/* +/** * OS specific functions for handling different types of acl streams. */ #if defined(HAVE_DARWIN_OS) -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[1] = { STREAM_ACL_DARWIN_ACCESS_ACL }; static int os_default_acl_streams[1] = { -1 }; -static bsub_exit_code darwin_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code darwin_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { #if defined(ACL_TYPE_EXTENDED) - /* + /** * On MacOS X, acl_get_file (name, ACL_TYPE_ACCESS) * and acl_get_file (name, ACL_TYPE_DEFAULT) * always return NULL / EINVAL. There is no point in making @@ -514,23 +528,23 @@ static bsub_exit_code darwin_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) * * Read access ACLs for files, dirs and links */ - if (generic_get_acl_from_os(jcr, BACL_TYPE_EXTENDED) == bsub_exit_fatal) - return bsub_exit_fatal; + if (generic_get_acl_from_os(jcr, BACL_TYPE_EXTENDED) == bacl_exit_fatal) + return bacl_exit_fatal; #else - /* + /** * Read access ACLs for files, dirs and links */ - if (generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS) == bsub_exit_fatal) - return bsub_exit_fatal; + if (generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS) == bacl_exit_fatal) + return bacl_exit_fatal; #endif - if (jcr->acl_data_len > 0) { + if (jcr->acl_data->content_length > 0) { return send_acl_stream(jcr, STREAM_ACL_DARWIN_ACCESS_ACL); } - return bsub_exit_ok; + return bacl_exit_ok; } -static bsub_exit_code darwin_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code darwin_parse_acl_streams(JCR *jcr, int stream) { #if defined(ACL_TYPE_EXTENDED) return generic_set_acl_on_os(jcr, BACL_TYPE_EXTENDED); @@ -539,17 +553,17 @@ static bsub_exit_code darwin_parse_acl_streams(JCR *jcr, int stream) #endif } -/* +/** * For this OS setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = darwin_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = darwin_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = darwin_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = darwin_parse_acl_streams; #elif defined(HAVE_FREEBSD_OS) || \ defined(HAVE_IRIX_OS) || \ defined(HAVE_LINUX_OS) -/* +/** * Define the supported ACL streams for these OSes */ #if defined(HAVE_FREEBSD_OS) @@ -563,36 +577,36 @@ static int os_access_acl_streams[1] = { STREAM_ACL_LINUX_ACCESS_ACL }; static int os_default_acl_streams[1] = { STREAM_ACL_LINUX_DEFAULT_ACL }; #endif -static bsub_exit_code generic_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code generic_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { - /* + /** * Read access ACLs for files, dirs and links */ - if (generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS) == bsub_exit_fatal) - return bsub_exit_fatal; + if (generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS) == bacl_exit_fatal) + return bacl_exit_fatal; - if (jcr->acl_data_len > 0) { - if (send_acl_stream(jcr, os_access_acl_streams[0]) == bsub_exit_fatal) - return bsub_exit_fatal; + if (jcr->acl_data->content_length > 0) { + if (send_acl_stream(jcr, os_access_acl_streams[0]) == bacl_exit_fatal) + return bacl_exit_fatal; } - /* + /** * Directories can have default ACLs too */ if (ff_pkt->type == FT_DIREND) { - if (generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT) == bsub_exit_fatal) - return bsub_exit_fatal; - if (jcr->acl_data_len > 0) { - if (send_acl_stream(jcr, os_default_acl_streams[0]) == bsub_exit_fatal) - return bsub_exit_fatal; + if (generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT) == bacl_exit_fatal) + return bacl_exit_fatal; + if (jcr->acl_data->content_length > 0) { + if (send_acl_stream(jcr, os_default_acl_streams[0]) == bacl_exit_fatal) + return bacl_exit_fatal; } } - return bsub_exit_ok; + return bacl_exit_ok; } -static bsub_exit_code generic_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code generic_parse_acl_streams(JCR *jcr, int stream) { - int cnt; + unsigned int cnt; switch (stream) { case STREAM_UNIX_ACCESS_ACL: @@ -600,7 +614,7 @@ static bsub_exit_code generic_parse_acl_streams(JCR *jcr, int stream) case STREAM_UNIX_DEFAULT_ACL: return generic_set_acl_on_os(jcr, BACL_TYPE_DEFAULT); default: - /* + /** * See what type of acl it is. */ for (cnt = 0; cnt < sizeof(os_access_acl_streams) / sizeof(int); cnt++) { @@ -615,61 +629,61 @@ static bsub_exit_code generic_parse_acl_streams(JCR *jcr, int stream) } break; } - return bsub_exit_nok; + return bacl_exit_error; } -/* +/** * For this OSes setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = generic_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = generic_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = generic_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = generic_parse_acl_streams; #elif defined(HAVE_OSF1_OS) -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[1] = { STREAM_ACL_TRU64_ACCESS_ACL }; static int os_default_acl_streams[2] = { STREAM_ACL_TRU64_DEFAULT_ACL, STREAM_ACL_TRU64_DEFAULT_DIR_ACL }; -static bsub_exit_code tru64_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code tru64_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { - /* + /** * Read access ACLs for files, dirs and links */ - if ((jcr->acl_data_len = generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS)) < 0) - return bsub_exit_nok; - if (jcr->acl_data_len > 0) { + if ((jcr->acl_data->content_length = generic_get_acl_from_os(jcr, BACL_TYPE_ACCESS)) < 0) + return bacl_exit_error; + if (jcr->acl_data->content_length > 0) { if (!send_acl_stream(jcr, STREAM_ACL_TRU64_ACCESS_ACL)) - return bsub_exit_nok; + return bacl_exit_error; } - /* + /** * Directories can have default ACLs too */ if (ff_pkt->type == FT_DIREND) { - if ((jcr->acl_data_len = generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT)) < 0) - return bsub_exit_nok; - if (jcr->acl_data_len > 0) { + if ((jcr->acl_data->content_length = generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT)) < 0) + return bacl_exit_error; + if (jcr->acl_data->content_length > 0) { if (!send_acl_stream(jcr, STREAM_ACL_TRU64_DEFAULT_ACL)) - return bsub_exit_nok; + return bacl_exit_error; } - /* + /** * Tru64 has next to BACL_TYPE_DEFAULT also BACL_TYPE_DEFAULT_DIR acls. * This is an inherited acl for all subdirs. * See http://www.helsinki.fi/atk/unix/dec_manuals/DOC_40D/AQ0R2DTE/DOCU_018.HTM * Section 21.5 Default ACLs */ - if ((jcr->acl_data_len = generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT_DIR)) < 0) - return bsub_exit_nok; - if (jcr->acl_data_len > 0) { + if ((jcr->acl_data->content_length = generic_get_acl_from_os(jcr, BACL_TYPE_DEFAULT_DIR)) < 0) + return bacl_exit_error; + if (jcr->acl_data->content_length > 0) { if (!send_acl_stream(jcr, STREAM_ACL_TRU64_DEFAULT_DIR_ACL)) - return bsub_exit_nok; + return bacl_exit_error; } } - return bsub_exit_ok; + return bacl_exit_ok; } -static bsub_exit_code tru64_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code tru64_parse_acl_streams(JCR *jcr, int stream) { switch (stream) { case STREAM_UNIX_ACCESS_ACL: @@ -682,11 +696,11 @@ static bsub_exit_code tru64_parse_acl_streams(JCR *jcr, int stream) return generic_set_acl_on_os(jcr, BACL_TYPE_DEFAULT_DIR); } -/* +/** * For this OS setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = tru64_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = tru64_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = tru64_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = tru64_parse_acl_streams; #endif @@ -699,13 +713,13 @@ static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = tru64_pars #include -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[1] = { STREAM_ACL_HPUX_ACL_ENTRY }; static int os_default_acl_streams[1] = { -1 }; -/* +/** * See if an acl is a trivial one (e.g. just the stat bits encoded as acl.) * There is no need to store those acls as we already store the stat bits too. */ @@ -716,7 +730,7 @@ static bool acl_is_trivial(int count, struct acl_entry *entries, struct stat sb) for (n = 0; n < count; n++) { ace = entries[n]; - /* + /** * See if this acl just is the stat mode in acl form. */ if (!((ace.uid == sb.st_uid && ace.gid == ACL_NSGROUP) || @@ -727,10 +741,10 @@ static bool acl_is_trivial(int count, struct acl_entry *entries, struct stat sb) return true; } -/* +/** * OS specific functions for handling different types of acl streams. */ -static bsub_exit_code hpux_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code hpux_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { int n; struct acl_entry acls[NACLENTRIES]; @@ -741,45 +755,51 @@ static bsub_exit_code hpux_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) switch (errno) { #if defined(BACL_ENOTSUP) case BACL_ENOTSUP: - /* + /** * Not supported, just pretend there is nothing to see + * + * If the filesystem reports it doesn't support ACLs we clear the + * BACL_FLAG_SAVE_NATIVE flag so we skip ACL saves on all other files + * on the same filesystem. The BACL_FLAG_SAVE_NATIVE flag gets set again + * when we change from one filesystem to an other. */ - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + jcr->acl_data->flags &= ~BACL_FLAG_SAVE_NATIVE; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; #endif case ENOENT: - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("getacl error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg2(100, "getacl error file=%s ERR=%s\n", jcr->last_fname, be.bstrerror()); - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_nok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_error; } } if (n == 0) { - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; } if ((n = getacl(jcr->last_fname, n, acls)) > 0) { if (acl_is_trivial(n, acls, ff_pkt->statp)) { - /* + /** * The ACLs simply reflect the (already known) standard permissions * So we don't send an ACL stream to the SD. */ - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; } if ((acl_text = acltostr(n, acls, FORM_SHORT)) != NULL) { - jcr->acl_data_len = pm_strcpy(jcr->acl_data, acl_text); + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); actuallyfree(acl_text); return send_acl_stream(jcr, STREAM_ACL_HPUX_ACL_ENTRY); @@ -787,35 +807,35 @@ static bsub_exit_code hpux_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) Mmsg2(jcr->errmsg, _("acltostr error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acltostr error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } - return bsub_exit_nok; + return bacl_exit_error; } -static bsub_exit_code hpux_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code hpux_parse_acl_streams(JCR *jcr, int stream) { int n, stat; struct acl_entry acls[NACLENTRIES]; berrno be; - n = strtoacl(jcr->acl_data, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP); + n = strtoacl(jcr->acl_data->content, 0, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP); if (n <= 0) { Mmsg2(jcr->errmsg, _("strtoacl error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } - if (strtoacl(jcr->acl_data, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) { + if (strtoacl(jcr->acl_data->content, n, NACLENTRIES, acls, ACL_FILEOWNER, ACL_FILEGROUP) != n) { Mmsg2(jcr->errmsg, _("strtoacl error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "strtoacl error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + return bacl_exit_error; } - /* + /** * Restore the ACLs, but don't complain about links which really should * not have attributes, and the file it is linked to may not yet be restored. * This is only true for the old acl streams as in the new implementation we @@ -824,23 +844,23 @@ static bsub_exit_code hpux_parse_acl_streams(JCR *jcr, int stream) if (setacl(jcr->last_fname, n, acls) != 0 && jcr->last_type != FT_LNK) { switch (errno) { case ENOENT: - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("setacl error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "setacl error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } } - return bsub_exit_ok; + return bacl_exit_ok; } -/* +/** * For this OS setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = hpux_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = hpux_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = hpux_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = hpux_parse_acl_streams; #elif defined(HAVE_SUN_OS) #ifdef HAVE_SYS_ACL_H @@ -850,7 +870,7 @@ static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = hpux_parse #endif #if defined(HAVE_EXTENDED_ACL) -/* +/** * We define some internals of the Solaris acl libs here as those * are not exposed yet. Probably because they want us to see the * acls as opague data. But as we need to support different platforms @@ -869,7 +889,7 @@ typedef enum acl_type { } acl_type_t; #endif -/* +/** * Two external references to functions in the libsec library function not in current include files. */ extern "C" { @@ -877,78 +897,85 @@ int acl_type(acl_t *); char *acl_strerror(int); } -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[2] = { STREAM_ACL_SOLARIS_ACLENT, STREAM_ACL_SOLARIS_ACE }; static int os_default_acl_streams[1] = { -1 }; -/* +/** * As the new libsec interface with acl_totext and acl_fromtext also handles * the old format from acltotext we can use the new functions even * for acls retrieved and stored in the database with older fd versions. If the * new interface is not defined (Solaris 9 and older we fall back to the old code) */ -static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { int acl_enabled, flags; acl_t *aclp; char *acl_text; - bsub_exit_code stream_status = bsub_exit_nok; + bacl_exit_code stream_status = bacl_exit_error; berrno be; - /* + /** * See if filesystem supports acls. */ acl_enabled = pathconf(jcr->last_fname, _PC_ACL_ENABLED); switch (acl_enabled) { case 0: - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + /** + * If the filesystem reports it doesn't support ACLs we clear the + * BACL_FLAG_SAVE_NATIVE flag so we skip ACL saves on all other files + * on the same filesystem. The BACL_FLAG_SAVE_NATIVE flag gets set again + * when we change from one filesystem to an other. + */ + jcr->acl_data->flags &= ~BACL_FLAG_SAVE_NATIVE; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; case -1: switch (errno) { case ENOENT: - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("pathconf error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg2(100, "pathconf error file=%s ERR=%s\n", jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + return bacl_exit_error; } default: break; } - /* + /** * Get ACL info: don't bother allocating space if there is only a trivial ACL. */ if (acl_get(jcr->last_fname, ACL_NO_TRIVIAL, &aclp) != 0) { switch (errno) { case ENOENT: - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("acl_get error on file \"%s\": ERR=%s\n"), jcr->last_fname, acl_strerror(errno)); Dmsg2(100, "acl_get error file=%s ERR=%s\n", jcr->last_fname, acl_strerror(errno)); - return bsub_exit_nok; + return bacl_exit_error; } } if (!aclp) { - /* + /** * The ACLs simply reflect the (already known) standard permissions * So we don't send an ACL stream to the SD. */ - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; } #if defined(ACL_SID_FMT) - /* + /** * New format flag added in newer Solaris versions. */ flags = ACL_APPEND_ID | ACL_COMPACT_FMT | ACL_SID_FMT; @@ -957,7 +984,7 @@ static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) #endif /* ACL_SID_FMT */ if ((acl_text = acl_totext(aclp, flags)) != NULL) { - jcr->acl_data_len = pm_strcpy(jcr->acl_data, acl_text); + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); actuallyfree(acl_text); switch (acl_type(aclp)) { @@ -976,7 +1003,7 @@ static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) return stream_status; } -static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) { acl_t *aclp; int acl_enabled, error; @@ -986,7 +1013,7 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) case STREAM_UNIX_ACCESS_ACL: case STREAM_ACL_SOLARIS_ACLENT: case STREAM_ACL_SOLARIS_ACE: - /* + /** * First make sure the filesystem supports acls. */ acl_enabled = pathconf(jcr->last_fname, _PC_ACL_ENABLED); @@ -994,45 +1021,45 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) case 0: Mmsg1(jcr->errmsg, _("Trying to restore acl on file \"%s\" on filesystem without acl support\n"), jcr->last_fname); - return bsub_exit_nok; + return bacl_exit_error; case -1: switch (errno) { case ENOENT: - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("pathconf error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "pathconf error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } default: - /* + /** * On a filesystem with ACL support make sure this particilar ACL type can be restored. */ switch (stream) { case STREAM_ACL_SOLARIS_ACLENT: - /* + /** * An aclent can be restored on filesystems with _ACL_ACLENT_ENABLED or _ACL_ACE_ENABLED support. */ if ((acl_enabled & (_ACL_ACLENT_ENABLED | _ACL_ACE_ENABLED)) == 0) { Mmsg1(jcr->errmsg, _("Trying to restore acl on file \"%s\" on filesystem without aclent acl support\n"), jcr->last_fname); - return bsub_exit_nok; + return bacl_exit_error; } break; case STREAM_ACL_SOLARIS_ACE: - /* + /** * An ace can only be restored on a filesystem with _ACL_ACE_ENABLED support. */ if ((acl_enabled & _ACL_ACE_ENABLED) == 0) { Mmsg1(jcr->errmsg, _("Trying to restore acl on file \"%s\" on filesystem without ace acl support\n"), jcr->last_fname); - return bsub_exit_nok; + return bacl_exit_error; } break; default: - /* + /** * Stream id which doesn't describe the type of acl which is encoded. */ break; @@ -1040,15 +1067,15 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) break; } - if ((error = acl_fromtext(jcr->acl_data, &aclp)) != 0) { + if ((error = acl_fromtext(jcr->acl_data->content, &aclp)) != 0) { Mmsg2(jcr->errmsg, _("acl_fromtext error on file \"%s\": ERR=%s\n"), jcr->last_fname, acl_strerror(error)); Dmsg3(100, "acl_fromtext error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, acl_strerror(error)); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, acl_strerror(error)); + return bacl_exit_error; } - /* + /** * Validate that the conversion gave us the correct acl type. */ switch (stream) { @@ -1056,24 +1083,24 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) if (acl_type(aclp) != ACLENT_T) { Mmsg1(jcr->errmsg, _("wrong encoding of acl type in acl stream on file \"%s\"\n"), jcr->last_fname); - return bsub_exit_nok; + return bacl_exit_error; } break; case STREAM_ACL_SOLARIS_ACE: if (acl_type(aclp) != ACE_T) { Mmsg1(jcr->errmsg, _("wrong encoding of acl type in acl stream on file \"%s\"\n"), jcr->last_fname); - return bsub_exit_nok; + return bacl_exit_error; } break; default: - /* + /** * Stream id which doesn't describe the type of acl which is encoded. */ break; } - /* + /** * Restore the ACLs, but don't complain about links which really should * not have attributes, and the file it is linked to may not yet be restored. * This is only true for the old acl streams as in the new implementation we @@ -1083,33 +1110,33 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) switch (errno) { case ENOENT: acl_free(aclp); - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("acl_set error on file \"%s\": ERR=%s\n"), jcr->last_fname, acl_strerror(error)); Dmsg3(100, "acl_set error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, acl_strerror(error)); + jcr->acl_data->content, jcr->last_fname, acl_strerror(error)); acl_free(aclp); - return bsub_exit_nok; + return bacl_exit_error; } } acl_free(aclp); - return bsub_exit_ok; + return bacl_exit_ok; default: - return bsub_exit_nok; + return bacl_exit_error; } /* end switch (stream) */ } #else /* HAVE_EXTENDED_ACL */ -/* +/** * Define the supported ACL streams for this OS */ static int os_access_acl_streams[2] = { STREAM_ACL_SOLARIS_ACLENT }; static int os_default_acl_streams[1] = { -1 }; -/* +/** * See if an acl is a trivial one (e.g. just the stat bits encoded as acl.) * There is no need to store those acls as we already store the stat bits too. */ @@ -1130,10 +1157,10 @@ static bool acl_is_trivial(int count, aclent_t *entries) return true; } -/* +/** * OS specific functions for handling different types of acl streams. */ -static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +static bacl_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { int n; aclent_t *acls; @@ -1142,23 +1169,23 @@ static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) n = acl(jcr->last_fname, GETACLCNT, 0, NULL); if (n < MIN_ACL_ENTRIES) - return bsub_exit_nok; + return bacl_exit_error; acls = (aclent_t *)malloc(n * sizeof(aclent_t)); if (acl(jcr->last_fname, GETACL, n, acls) == n) { if (acl_is_trivial(n, acls)) { - /* + /** * The ACLs simply reflect the (already known) standard permissions * So we don't send an ACL stream to the SD. */ free(acls); - pm_strcpy(jcr->acl_data, ""); - jcr->acl_data_len = 0; - return bsub_exit_ok; + pm_strcpy(jcr->acl_data->content, ""); + jcr->acl_data->content_length = 0; + return bacl_exit_ok; } if ((acl_text = acltotext(acls, n)) != NULL) { - jcr->acl_data_len = pm_strcpy(jcr->acl_data, acl_text); + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); actuallyfree(acl_text); free(acls); return send_acl_stream(jcr, STREAM_ACL_SOLARIS_ACLENT); @@ -1167,29 +1194,29 @@ static bsub_exit_code solaris_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) Mmsg2(jcr->errmsg, _("acltotext error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acltotext error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); } free(acls); - return bsub_exit_nok; + return bacl_exit_error; } -static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) +static bacl_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) { int n; aclent_t *acls; berrno be; - acls = aclfromtext(jcr->acl_data, &n); + acls = aclfromtext(jcr->acl_data->content, &n); if (!acls) { Mmsg2(jcr->errmsg, _("aclfromtext error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "aclfromtext error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); - return bsub_exit_nok; + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); + return bacl_exit_error; } - /* + /** * Restore the ACLs, but don't complain about links which really should * not have attributes, and the file it is linked to may not yet be restored. */ @@ -1197,55 +1224,182 @@ static bsub_exit_code solaris_parse_acl_streams(JCR *jcr, int stream) switch (errno) { case ENOENT: actuallyfree(acls); - return bsub_exit_ok; + return bacl_exit_ok; default: Mmsg2(jcr->errmsg, _("acl(SETACL) error on file \"%s\": ERR=%s\n"), jcr->last_fname, be.bstrerror()); Dmsg3(100, "acl(SETACL) error acl=%s file=%s ERR=%s\n", - jcr->acl_data, jcr->last_fname, be.bstrerror()); + jcr->acl_data->content, jcr->last_fname, be.bstrerror()); actuallyfree(acls); - return bsub_exit_nok; + return bacl_exit_error; } } actuallyfree(acls); - return bsub_exit_ok; + return bacl_exit_ok; } #endif /* HAVE_EXTENDED_ACL */ -/* +/** * For this OS setup the build and parse function pointer to the OS specific functions. */ -static bsub_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = solaris_build_acl_streams; -static bsub_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = solaris_parse_acl_streams; +static bacl_exit_code (*os_build_acl_streams)(JCR *jcr, FF_PKT *ff_pkt) = solaris_build_acl_streams; +static bacl_exit_code (*os_parse_acl_streams)(JCR *jcr, int stream) = solaris_parse_acl_streams; #endif /* HAVE_SUN_OS */ +#endif /* HAVE_ACL */ -/* +#if defined(HAVE_AFS_ACL) + +#include +#include +#include +#include +#include + +/** + * External references to functions in the libsys library function not in current include files. + */ +extern "C" { +long pioctl(char *pathp, long opcode, struct ViceIoctl *blobp, int follow); +} + +static bacl_exit_code afs_build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +{ + int error; + struct ViceIoctl vip; + char acl_text[BUFSIZ]; + berrno be; + + /** + * AFS ACLs can only be set on a directory, so no need to try to + * request them for anything other then that. + */ + if (ff_pkt->type != FT_DIREND) { + return bacl_exit_ok; + } + + vip.in = NULL; + vip.in_size = 0; + vip.out = acl_text; + vip.out_size = sizeof(acl_text); + memset((caddr_t)acl_text, 0, sizeof(acl_text)); + + if ((error = pioctl(jcr->last_fname, VIOCGETAL, &vip, 0)) < 0) { + Mmsg2(jcr->errmsg, _("pioctl VIOCGETAL error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg2(100, "pioctl VIOCGETAL error file=%s ERR=%s\n", + jcr->last_fname, be.bstrerror()); + return bacl_exit_error; + } + jcr->acl_data->content_length = pm_strcpy(jcr->acl_data->content, acl_text); + return send_acl_stream(jcr, STREAM_ACL_AFS_TEXT); +} + +static bacl_exit_code afs_parse_acl_stream(JCR *jcr, int stream) +{ + int error; + struct ViceIoctl vip; + berrno be; + + vip.in = jcr->acl_data->content; + vip.in_size = jcr->acl_data->content_length; + vip.out = NULL; + vip.out_size = 0; + + if ((error = pioctl(jcr->last_fname, VIOCSETAL, &vip, 0)) < 0) { + Mmsg2(jcr->errmsg, _("pioctl VIOCSETAL error on file \"%s\": ERR=%s\n"), + jcr->last_fname, be.bstrerror()); + Dmsg2(100, "pioctl VIOCSETAL error file=%s ERR=%s\n", + jcr->last_fname, be.bstrerror()); + + return bacl_exit_error; + } + return bacl_exit_ok; +} +#endif /* HAVE_AFS_ACL */ + +/** * Entry points when compiled with support for ACLs on a supported platform. */ -/* +/** * Read and send an ACL for the last encountered file. */ -bsub_exit_code build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) +bacl_exit_code build_acl_streams(JCR *jcr, FF_PKT *ff_pkt) { - /* - * Call the appropriate function. + /** + * See if we are changing from one device to an other. + * We save the current device we are scanning and compare + * it with the current st_dev in the last stat performed on + * the file we are currently storing. */ - if (os_build_acl_streams) { - return (*os_build_acl_streams)(jcr, ff_pkt); + if (jcr->acl_data->current_dev != ff_pkt->statp.st_dev) { + /** + * Reset the acl save flags. + */ + jcr->acl_data->flags = 0; + +#if defined(HAVE_AFS_ACL) + /** + * AFS is a non OS specific filesystem so see if this path is on an AFS filesystem + * Set the BACL_FLAG_SAVE_AFS flag if it is. If not set the BACL_FLAG_SAVE_NATIVE flag. + */ + if (fstype_equals(jcr->last_fname, "afs")) { + jcr->acl_data->flags |= BACL_FLAG_SAVE_AFS; + } else { + jcr->acl_data->flags |= BACL_FLAG_SAVE_NATIVE; + } +#else + jcr->acl_data->flags |= BACL_FLAG_SAVE_NATIVE; +#endif + + /** + * Save that we started scanning a new filesystem. + */ + jcr->acl_data->current_dev = ff_pkt->statp.st_dev; + } + +#if defined(HAVE_AFS_ACL) + /** + * See if the BACL_FLAG_SAVE_AFS flag is set which lets us know if we should + * save AFS ACLs. + */ + if (jcr->acl_data->flags & BACL_FLAG_SAVE_AFS) { + return afs_build_acl_streams(jcr, ff_pkt); } - return bsub_exit_nok; +#endif +#if defined(HAVE_ACL) + /** + * See if the BACL_FLAG_SAVE_NATIVE flag is set which lets us know if we should + * save native ACLs. + */ + if (jcr->acl_data->flags & BACL_FLAG_SAVE_NATIVE) { + /** + * Call the appropriate function. + */ + if (os_build_acl_streams) { + return (*os_build_acl_streams)(jcr, ff_pkt); + } + } else { + return bacl_exit_ok; + } +#endif + return bacl_exit_error; } -bsub_exit_code parse_acl_streams(JCR *jcr, int stream) +bacl_exit_code parse_acl_streams(JCR *jcr, int stream) { - int cnt; + unsigned int cnt; switch (stream) { +#if defined(HAVE_AFS_ACL) + case STREAM_ACL_AFS_TEXT: + return afs_parse_acl_stream(jcr, stream); +#endif +#if defined(HAVE_ACL) case STREAM_UNIX_ACCESS_ACL: case STREAM_UNIX_DEFAULT_ACL: - /* + /** * Handle legacy ACL streams. */ if (os_parse_acl_streams) { @@ -1254,7 +1408,7 @@ bsub_exit_code parse_acl_streams(JCR *jcr, int stream) break; default: if (os_parse_acl_streams) { - /* + /** * Walk the os_access_acl_streams array with the supported Access ACL streams for this OS. */ for (cnt = 0; cnt < sizeof(os_access_acl_streams) / sizeof(int); cnt++) { @@ -1262,7 +1416,7 @@ bsub_exit_code parse_acl_streams(JCR *jcr, int stream) return (*os_parse_acl_streams)(jcr, stream); } } - /* + /** * Walk the os_default_acl_streams array with the supported Default ACL streams for this OS. */ for (cnt = 0; cnt < sizeof(os_default_acl_streams) / sizeof(int); cnt++) { @@ -1272,10 +1426,14 @@ bsub_exit_code parse_acl_streams(JCR *jcr, int stream) } } break; +#else + default: + break; +#endif } Qmsg2(jcr, M_WARNING, 0, _("Can't restore ACLs of %s - incompatible acl stream encountered - %d\n"), jcr->last_fname, stream); - return bsub_exit_nok; + return bacl_exit_error; } #endif