Date: Thu, 10 Apr 2008 23:25:54 +0400 From: Andrew Pantyukhin <infofarmer@FreeBSD.org> To: hackers@FreeBSD.org Subject: mtree acl [patch] Message-ID: <20080410192552.GC81939@amilo.cenkes.org>
next in thread | raw e-mail | index | archive | help
--2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I was surprised to learn that ACL support in our mtree is limited to a shy mention here: http://www.freebsd.org/news/status/report-dec-2001-jan-2002.html#TrustedBSD-ACLs Would something like the patch attached be feasible? I can add support for default lists, maybe restoring, etc., if the overall idea does not seem wrong. Also here: http://heka.cenkes.org/sat/diffs/mtree_acl.diff Thanks for your time! --2oS5YaxWCcQjTEyO Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="mtree_acl.diff" Index: mtree/compare.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/compare.c,v retrieving revision 1.34 diff -u -r1.34 compare.c --- mtree/compare.c 29 Mar 2005 11:44:17 -0000 1.34 +++ mtree/compare.c 10 Apr 2008 19:13:42 -0000 @@ -38,6 +38,7 @@ #include <sys/param.h> #include <sys/stat.h> #include <sys/time.h> +#include <sys/acl.h> #include <err.h> #include <errno.h> @@ -315,6 +316,32 @@ } } #endif /* SHA256 */ + if (s->flags & F_ACL) { + char *new_acl_text; + acl_t acl; + size_t i; + + acl = acl_get_file(p->fts_accpath, ACL_TYPE_ACCESS); + new_acl_text = acl_to_text(acl, NULL); + for(i = 0; new_acl_text[++i] != '\0';){ + if (new_acl_text[i] == '\n') + new_acl_text[i] = ','; + } + new_acl_text[i-1] = '\0'; + if (!new_acl_text) { + LABEL; + printf("%sACL: %s: %s\n", tab, p->fts_accpath, + strerror(errno)); + tab = "\t"; + } else if (strcmp(new_acl_text, s->acl)) { + LABEL; + printf("%sACL expected %s found %s\n", + tab, s->acl, new_acl_text); + tab = "\t"; + } + acl_free(acl); + acl_free(new_acl_text); + } if (s->flags & F_SLINK && strcmp(cp = rlink(p->fts_accpath), s->slink)) { Index: mtree/create.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/create.c,v retrieving revision 1.37 diff -u -r1.37 create.c --- mtree/create.c 29 Mar 2005 11:44:17 -0000 1.37 +++ mtree/create.c 10 Apr 2008 19:13:42 -0000 @@ -37,6 +37,7 @@ #include <sys/param.h> #include <sys/stat.h> +#include <sys/acl.h> #include <dirent.h> #include <err.h> #include <errno.h> @@ -265,6 +266,24 @@ if (keys & F_SLINK && (p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE)) output(indent, &offset, "link=%s", rlink(p->fts_accpath)); + if (keys & F_ACL) { + char *acl_text; + acl_t acl; + size_t i; + + acl = acl_get_file(p->fts_accpath, ACL_TYPE_ACCESS); + acl_text = acl_to_text(acl, NULL); + if (!acl_text) + err(1, "%s", p->fts_accpath); + for(i = 0; acl_text[++i] != '\0';){ + if (acl_text[i] == '\n') + acl_text[i] = ','; + } + acl_text[i-1] = '\0'; + output(indent, &offset, "acl=%s", acl_text); + acl_free(acl); + acl_free(acl_text); + } if (keys & F_FLAGS && p->fts_statp->st_flags != flags) { fflags = flags_to_string(p->fts_statp->st_flags); output(indent, &offset, "flags=%s", fflags); Index: mtree/misc.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/misc.c,v retrieving revision 1.17 diff -u -r1.17 misc.c --- mtree/misc.c 3 Jul 2006 10:55:21 -0000 1.17 +++ mtree/misc.c 10 Apr 2008 19:13:42 -0000 @@ -54,6 +54,7 @@ /* NB: the following table must be sorted lexically. */ static KEY keylist[] = { + {"acl", F_ACL, NEEDVALUE}, {"cksum", F_CKSUM, NEEDVALUE}, {"flags", F_FLAGS, NEEDVALUE}, {"gid", F_GID, NEEDVALUE}, Index: mtree/mtree.5 =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/mtree.5,v retrieving revision 1.1 diff -u -r1.1 mtree.5 --- mtree/mtree.5 1 Jan 2008 06:15:57 -0000 1.1 +++ mtree/mtree.5 10 Apr 2008 19:13:42 -0000 @@ -184,6 +184,8 @@ .It Cm rmd160digest A synonym for .Cm ripemd160digest . +.It Cm acl +The current file's access control list in text format. .It Cm mode The current file's permissions as a numeric (octal) or symbolic value. Index: mtree/mtree.8 =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/mtree.8,v retrieving revision 1.56 diff -u -r1.56 mtree.8 --- mtree/mtree.8 16 Jun 2007 08:26:00 -0000 1.56 +++ mtree/mtree.8 10 Apr 2008 19:13:42 -0000 @@ -214,6 +214,8 @@ The .Tn RIPEMD160 message digest of the file. +.It Cm acl +The current file's access control list in text format. .It Cm mode The current file's permissions as a numeric (octal) or symbolic value. Index: mtree/mtree.h =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/mtree.h,v retrieving revision 1.8 diff -u -r1.8 mtree.h --- mtree/mtree.h 3 Jul 2006 10:55:21 -0000 1.8 +++ mtree/mtree.h 10 Apr 2008 19:13:42 -0000 @@ -49,6 +49,7 @@ char *sha256digest; /* SHA-256 digest */ char *rmd160digest; /* RIPEMD160 digest */ char *slink; /* symbolic link reference */ + char *acl; /* Access Control List */ uid_t st_uid; /* uid */ gid_t st_gid; /* gid */ #define MBITS (S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO) @@ -79,6 +80,7 @@ #define F_FLAGS 0x80000 /* file flags */ #define F_SHA256 0x100000 /* SHA-256 digest */ #define F_OPT 0x200000 /* existence optional */ +#define F_ACL 0x400000 /* SHA-256 digest */ u_int flags; /* items set */ #define F_BLOCK 0x001 /* block special */ Index: mtree/spec.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/spec.c,v retrieving revision 1.23 diff -u -r1.23 spec.c --- mtree/spec.c 3 Jul 2006 10:55:21 -0000 1.23 +++ mtree/spec.c 10 Apr 2008 19:13:42 -0000 @@ -210,6 +210,11 @@ else if (strtofflags(&val, &ip->st_flags, NULL) != 0) errx(1, "line %d: invalid flag %s",lineno, val); break; + case F_ACL: + ip->acl = strdup(val); + if(!ip->acl) + errx(1, "strdup"); + break; case F_GID: ip->st_gid = strtoul(val, &ep, 10); if (*ep) Index: mtree/specspec.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/specspec.c,v retrieving revision 1.6 diff -u -r1.6 specspec.c --- mtree/specspec.c 29 Mar 2005 11:44:17 -0000 1.6 +++ mtree/specspec.c 10 Apr 2008 19:13:42 -0000 @@ -84,6 +84,8 @@ printf(" rmd160digest=%s", n->rmd160digest); if (f & F_SHA256) printf(" sha256digest=%s", n->sha256digest); + if (f & F_ACL) + printf(" acl=%s", n->acl); if (f & F_FLAGS) printf(" flags=%s", flags_to_string(n->st_flags)); printf("\n"); Index: mtree/test/test03.sh =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/test/test03.sh,v retrieving revision 1.2 diff -u -r1.2 test03.sh --- mtree/test/test03.sh 29 Mar 2005 11:44:17 -0000 1.2 +++ mtree/test/test03.sh 10 Apr 2008 19:13:42 -0000 @@ -15,7 +15,7 @@ rm -rf ${TMP} mkdir -p ${TMP} -K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,sha256digest,cksum +K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,sha256digest,acl,cksum rm -rf _FOO mkdir _FOO --2oS5YaxWCcQjTEyO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080410192552.GC81939>