Date: Mon, 4 Aug 2008 14:47:26 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 146628 for review Message-ID: <200808041447.m74ElQ0f063429@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=146628 Change 146628 by trasz@trasz_traszkan on 2008/08/04 14:47:26 Make setfacl(1) report useful error when there is branding mismatch. Affected files ... .. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#6 edit .. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/remove.c#4 edit .. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#6 edit .. //depot/projects/soc2008/trasz_nfs4acl/lib/libc/posix1e/Symbol.map#6 edit .. //depot/projects/soc2008/trasz_nfs4acl/lib/libc/posix1e/acl_branding.c#5 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/sys/acl.h#15 edit Differences ... ==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#6 (text+ko) ==== @@ -94,6 +94,18 @@ acl_extended_t extended, extended_new; acl_flagset_t flagset; int entry_id, entry_id_new, have_entry, entry_number = 0; + int acl_brand, prev_acl_brand; + + acl_get_brand_np(acl, &acl_brand); + acl_get_brand_np(prev_acl[0], &prev_acl_brand); + + if (acl_brand != prev_acl_brand) { + warnx("branding mismatch; existing ACL is %s, " + "entry to be merged is %s", + prev_acl_brand == ACL_BRAND_NFS4 ? "NFS4" : "POSIX", + acl_brand == ACL_BRAND_NFS4 ? "NFS4" : "POSIX"); + return (-1); + } if (acl_type == ACL_TYPE_ACCESS || acl_type == ACL_TYPE_NFS4) acl_new = acl_dup(prev_acl[ACCESS_ACL]); @@ -226,13 +238,22 @@ { acl_entry_t entry, entry_new; acl_t acl_new; - int entry_id; + int entry_id, acl_brand; if (acl_type != ACL_TYPE_NFS4) { warnx("The '-a' option is only applicable to NFS4 ACLs"); return (-1); } + acl_get_brand_np(acl, &acl_brand); + + if (acl_brand != ACL_BRAND_NFS4) { + warnx("branding mismatch; existing ACL is %s, " + "entry to be added is NFS4", + acl_brand == ACL_BRAND_NFS4 ? "NFS4" : "POSIX"); + return (-1); + } + acl_new = acl_dup(prev_acl[ACCESS_ACL]); if (acl_new == NULL) err(1, "acl_dup() failed"); ==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/remove.c#4 (text+ko) ==== @@ -46,7 +46,20 @@ acl_entry_t entry; acl_t acl_new; acl_tag_t tag; - int carried_error, entry_id; + int carried_error, entry_id, acl_brand, prev_acl_brand; + + carried_error = 0; + + acl_get_brand_np(acl, &acl_brand); + acl_get_brand_np(prev_acl[0], &prev_acl_brand); + + if (acl_brand != prev_acl_brand) { + warnx("branding mismatch; existing ACL is %s, " + "entry to be removed is %s", + prev_acl_brand == ACL_BRAND_NFS4 ? "NFS4" : "POSIX", + acl_brand == ACL_BRAND_NFS4 ? "NFS4" : "POSIX"); + return (-1); + } carried_error = 0; ==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#6 (text+ko) ==== @@ -238,7 +238,10 @@ if (acl == NULL) continue; if ((acl_type == ACL_TYPE_DEFAULT) && !acl[1]) { - warnx("Default ACL not valid for %s", file->filename); + if (pathconf(file->filename, _PC_EXTENDED_SECURITY_NP)) + warnx("there are no default entries in NFS4 ACLs: %s", file->filename); + else + warnx("default ACL not valid for %s", file->filename); continue; } @@ -267,6 +270,11 @@ need_mask = 0; break; case OP_REMOVE_DEF: + if (acl_type == ACL_TYPE_NFS4) { + warnx("there are no default entries in NFS4 ACLs; cannot remove"); + local_error++; + break; + } if (acl_delete_def_file(file->filename) == -1) { warn("acl_delete_def_file() failed"); local_error++; ==== //depot/projects/soc2008/trasz_nfs4acl/lib/libc/posix1e/Symbol.map#6 (text) ==== @@ -16,6 +16,7 @@ acl_delete_entry_np; acl_create_entry; acl_create_entry_np; + acl_get_brand_np; acl_get_entry; acl_free; acl_from_text; ==== //depot/projects/soc2008/trasz_nfs4acl/lib/libc/posix1e/acl_branding.c#5 (text+ko) ==== @@ -26,6 +26,7 @@ */ #include <assert.h> +#include <errno.h> #include <sys/acl.h> #include "acl_support.h" @@ -158,3 +159,16 @@ } } +int +acl_get_brand_np(acl_t acl, int *brand_p) +{ + if (acl == NULL || brand_p == NULL) { + errno = EINVAL; + return (-1); + } + + *brand_p = _acl_brand(acl); + + return (0); +} + ==== //depot/projects/soc2008/trasz_nfs4acl/sys/sys/acl.h#15 (text+ko) ==== @@ -327,6 +327,7 @@ acl_t acl_dup(acl_t _acl); int acl_free(void *_obj_p); acl_t acl_from_text(const char *_buf_p); +int acl_get_brand_np(acl_t _acl, int *_brand_p); int acl_get_entry(acl_t _acl, int _entry_id, acl_entry_t *_entry_p); acl_t acl_get_fd(int _fd); acl_t acl_get_fd_np(int fd, acl_type_t _type);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808041447.m74ElQ0f063429>