libacl: Add acl_extended_file_nofollow()

This function calls lgetxattr() instead of getxattr(), which helps ls(1)
to prevent unnecessary automatic mounts, which acl_extended_file()
triggers.  See the following bug report for more details:
https://bugzilla.redhat.com/692982

9 files changed, 105 insertions, 19 deletions

diff --git a/exports b/exports
index ef02842..b368c22 100644
--- a/exports
+++ b/exports
@@ -82,4 +82,5 @@ ACL_1.1 {
 	# Linux specific extensions
 	perm_copy_fd;
 	perm_copy_file;
+	acl_extended_file_nofollow;
 } ACL_1.0;
diff --git a/include/libacl.h b/include/libacl.h
index 41ec48e..d6a6650 100644
--- a/include/libacl.h
+++ b/include/libacl.h
@@ -59,6 +59,7 @@ extern int acl_check(acl_t acl, int *last);
 extern acl_t acl_from_mode(mode_t mode);
 extern int acl_equiv_mode(acl_t acl, mode_t *mode_p);
 int acl_extended_file(const char *path_p);
+int acl_extended_file_nofollow(const char *path_p);
 int acl_extended_fd(int fd);
 extern int acl_entries(acl_t acl);
 extern const char *acl_error(int code);
diff --git a/libacl/Makefile b/libacl/Makefile
index 1224b65..cfe3d3a 100644
--- a/libacl/Makefile
+++ b/libacl/Makefile
@@ -47,7 +47,8 @@ POSIX_CFILES = \
 
 LIBACL_CFILES = \
 	acl_to_any_text.c acl_entries.c acl_check.c acl_error.c acl_cmp.c \
-	acl_extended_fd.c acl_extended_file.c acl_equiv_mode.c acl_from_mode.c
+	acl_extended_fd.c acl_extended_file.c acl_equiv_mode.c acl_from_mode.c \
+	acl_extended_file_nofollow.c __acl_extended_file.c
 
 INTERNAL_CFILES = \
 	__acl_to_any_text.c __acl_to_xattr.c __acl_from_xattr.c \
diff --git a/libacl/__acl_extended_file.c b/libacl/__acl_extended_file.c
new file mode 100644
index 0000000..629afe9
--- /dev/null
+++ b/libacl/__acl_extended_file.c
@@ -0,0 +1,49 @@
+/*
+  File: acl_extended_file.c
+
+  Copyright (C) 2000, 2011
+  Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+*/
+
+#include <unistd.h>
+#include <attr/xattr.h>
+#include "libacl.h"
+
+#include "byteorder.h"
+#include "acl_ea.h"
+#include "__acl_extended_file.h"
+
+
+int
+__acl_extended_file(const char *path_p, getxattr_t fun)
+{
+	int base_size = sizeof(acl_ea_header) + 3 * sizeof(acl_ea_entry);
+	int retval;
+
+	retval = fun(path_p, ACL_EA_ACCESS, NULL, 0);
+	if (retval < 0 && errno != ENOATTR && errno != ENODATA)
+		return -1;
+	if (retval > base_size)
+		return 1;
+	retval = fun(path_p, ACL_EA_DEFAULT, NULL, 0);
+	if (retval < 0 && errno != ENOATTR && errno != ENODATA)
+		return -1;
+	if (retval >= base_size)
+		return 1;
+	return 0;
+}
+
diff --git a/libacl/__acl_extended_file.h b/libacl/__acl_extended_file.h
new file mode 100644
index 0000000..f8881a1
--- /dev/null
+++ b/libacl/__acl_extended_file.h
@@ -0,0 +1,4 @@
+typedef ssize_t (*getxattr_t)(const char *, const char *, void *value,
+        size_t size);
+
+int __acl_extended_file(const char *path_p, getxattr_t fun);
diff --git a/libacl/acl_extended_file.c b/libacl/acl_extended_file.c
index d1cb85d..f417784 100644
--- a/libacl/acl_extended_file.c
+++ b/libacl/acl_extended_file.c
@@ -1,7 +1,7 @@
 /*
   File: acl_extended_file.c
 
-  Copyright (C) 2000
+  Copyright (C) 2011
   Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
 
   This program is free software; you can redistribute it and/or
@@ -23,26 +23,12 @@
 #include <attr/xattr.h>
 #include "libacl.h"
 
-#include "byteorder.h"
-#include "acl_ea.h"
+#include "__acl_extended_file.h"
 
 
 int
 acl_extended_file(const char *path_p)
 {
-	int base_size = sizeof(acl_ea_header) + 3 * sizeof(acl_ea_entry);
-	int retval;
-
-	retval = getxattr(path_p, ACL_EA_ACCESS, NULL, 0);
-	if (retval < 0 && errno != ENOATTR && errno != ENODATA)
-		return -1;
-	if (retval > base_size)
-		return 1;
-	retval = getxattr(path_p, ACL_EA_DEFAULT, NULL, 0);
-	if (retval < 0 && errno != ENOATTR && errno != ENODATA)
-		return -1;
-	if (retval >= base_size)
-		return 1;
-	return 0;
+	return __acl_extended_file(path_p, getxattr);
 }
 
diff --git a/libacl/acl_extended_file_nofollow.c b/libacl/acl_extended_file_nofollow.c
new file mode 100644
index 0000000..8f4711f
--- /dev/null
+++ b/libacl/acl_extended_file_nofollow.c
@@ -0,0 +1,34 @@
+/*
+  File: acl_extended_file.c
+
+  Copyright (C) 2011
+  Andreas Gruenbacher, <a.gruenbacher@bestbits.at>
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU Lesser General Public
+  License as published by the Free Software Foundation; either
+  version 2.1 of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public
+  License along with this library; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+*/
+
+#include <unistd.h>
+#include <attr/xattr.h>
+#include "libacl.h"
+
+#include "__acl_extended_file.h"
+
+
+int
+acl_extended_file_nofollow(const char *path_p)
+{
+	return __acl_extended_file(path_p, lgetxattr);
+}
+
diff --git a/man/man3/acl_extended_file.3 b/man/man3/acl_extended_file.3
index 0ca7e0f..1f04331 100644
--- a/man/man3/acl_extended_file.3
+++ b/man/man3/acl_extended_file.3
@@ -25,7 +25,7 @@
 .Dt ACL_EXTENDED_FILE 3
 .Os "Linux ACL"
 .Sh NAME
-.Nm acl_extended_file
+.Nm acl_extended_file, acl_extended_file_nofollow
 .Nd test for information in ACLs by file name
 .Sh LIBRARY
 Linux Access Control Lists library (libacl, \-lacl).
@@ -34,6 +34,8 @@ Linux Access Control Lists library (libacl, \-lacl).
 .In acl/libacl.h
 .Ft int
 .Fn acl_extended_file "const char *path_p"
+.Ft int
+.Fn acl_extended_file_nofollow "const char *path_p"
 .Sh DESCRIPTION
 The
 .Fn acl_extended_file
@@ -61,6 +63,13 @@ mechanisms, such as Mandatory Access Control schemes. The
 .Xr access 2
 system call can be used to check whether a given type of access to a file
 object would be granted.
+.Pp
+.Fn acl_extended_file_nofollow
+is identical to 
+.Fn acl_extended_file ,
+except in the case of a symbolic link, where the link itself is interrogated,
+not the file that it refers to.  Since symbolic links have no ACL themselves,
+the operation is supposed to fail on them.
 .Sh RETURN VALUE
 If successful, the
 .Fn acl_extended_file
diff --git a/man/man5/acl.5 b/man/man5/acl.5
index 6b0f468..aec58aa 100644
--- a/man/man5/acl.5
+++ b/man/man5/acl.5
@@ -497,6 +497,7 @@ These non-portable extensions are available on Linux systems.
 .Xr acl_error 3 ,
 .Xr acl_extended_fd 3 ,
 .Xr acl_extended_file 3 ,
+.Xr acl_extended_file_nofollow 3 ,
 .Xr acl_from_mode 3 ,
 .Xr acl_get_perm 3 ,
 .Xr acl_to_any_text 3