diff options
author | Kamil Dudka <kdudka@redhat.com> | 2011-04-04 12:43:39 +0200 |
---|---|---|
committer | Andreas Gruenbacher <agruen@linbit.com> | 2011-04-04 18:40:55 +0200 |
commit | 6bf5e24d48077db58b389e90558100fc121b8134 (patch) | |
tree | fc760711729113152560c1aae6b9e800d935d80f | |
parent | cd31bafa745bb0603a26a39ad8d7e4abd2756c10 (diff) | |
download | acl-6bf5e24d48077db58b389e90558100fc121b8134.tar.gz |
libacl: Add acl_extended_file_nofollow()
This function calls lgetxattr() instead of getxattr(), which helps ls(1)
to prevent unnecessary automatic mounts, which acl_extended_file()
triggers. See the following bug report for more details:
https://bugzilla.redhat.com/692982
-rw-r--r-- | exports | 1 | ||||
-rw-r--r-- | include/libacl.h | 1 | ||||
-rw-r--r-- | libacl/Makefile | 3 | ||||
-rw-r--r-- | libacl/__acl_extended_file.c | 49 | ||||
-rw-r--r-- | libacl/__acl_extended_file.h | 4 | ||||
-rw-r--r-- | libacl/acl_extended_file.c | 20 | ||||
-rw-r--r-- | libacl/acl_extended_file_nofollow.c | 34 | ||||
-rw-r--r-- | man/man3/acl_extended_file.3 | 11 | ||||
-rw-r--r-- | man/man5/acl.5 | 1 |
9 files changed, 105 insertions, 19 deletions
@@ -82,4 +82,5 @@ ACL_1.1 { # Linux specific extensions perm_copy_fd; perm_copy_file; + acl_extended_file_nofollow; } ACL_1.0; diff --git a/include/libacl.h b/include/libacl.h index 41ec48e..d6a6650 100644 --- a/include/libacl.h +++ b/include/libacl.h @@ -59,6 +59,7 @@ extern int acl_check(acl_t acl, int *last); extern acl_t acl_from_mode(mode_t mode); extern int acl_equiv_mode(acl_t acl, mode_t *mode_p); int acl_extended_file(const char *path_p); +int acl_extended_file_nofollow(const char *path_p); int acl_extended_fd(int fd); extern int acl_entries(acl_t acl); extern const char *acl_error(int code); diff --git a/libacl/Makefile b/libacl/Makefile index 1224b65..cfe3d3a 100644 --- a/libacl/Makefile +++ b/libacl/Makefile @@ -47,7 +47,8 @@ POSIX_CFILES = \ LIBACL_CFILES = \ acl_to_any_text.c acl_entries.c acl_check.c acl_error.c acl_cmp.c \ - acl_extended_fd.c acl_extended_file.c acl_equiv_mode.c acl_from_mode.c + acl_extended_fd.c acl_extended_file.c acl_equiv_mode.c acl_from_mode.c \ + acl_extended_file_nofollow.c __acl_extended_file.c INTERNAL_CFILES = \ __acl_to_any_text.c __acl_to_xattr.c __acl_from_xattr.c \ diff --git a/libacl/__acl_extended_file.c b/libacl/__acl_extended_file.c new file mode 100644 index 0000000..629afe9 --- /dev/null +++ b/libacl/__acl_extended_file.c @@ -0,0 +1,49 @@ +/* + File: acl_extended_file.c + + Copyright (C) 2000, 2011 + Andreas Gruenbacher, <a.gruenbacher@bestbits.at> + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*/ + +#include <unistd.h> +#include <attr/xattr.h> +#include "libacl.h" + +#include "byteorder.h" +#include "acl_ea.h" +#include "__acl_extended_file.h" + + +int +__acl_extended_file(const char *path_p, getxattr_t fun) +{ + int base_size = sizeof(acl_ea_header) + 3 * sizeof(acl_ea_entry); + int retval; + + retval = fun(path_p, ACL_EA_ACCESS, NULL, 0); + if (retval < 0 && errno != ENOATTR && errno != ENODATA) + return -1; + if (retval > base_size) + return 1; + retval = fun(path_p, ACL_EA_DEFAULT, NULL, 0); + if (retval < 0 && errno != ENOATTR && errno != ENODATA) + return -1; + if (retval >= base_size) + return 1; + return 0; +} + diff --git a/libacl/__acl_extended_file.h b/libacl/__acl_extended_file.h new file mode 100644 index 0000000..f8881a1 --- /dev/null +++ b/libacl/__acl_extended_file.h @@ -0,0 +1,4 @@ +typedef ssize_t (*getxattr_t)(const char *, const char *, void *value, + size_t size); + +int __acl_extended_file(const char *path_p, getxattr_t fun); diff --git a/libacl/acl_extended_file.c b/libacl/acl_extended_file.c index d1cb85d..f417784 100644 --- a/libacl/acl_extended_file.c +++ b/libacl/acl_extended_file.c @@ -1,7 +1,7 @@ /* File: acl_extended_file.c - Copyright (C) 2000 + Copyright (C) 2011 Andreas Gruenbacher, <a.gruenbacher@bestbits.at> This program is free software; you can redistribute it and/or @@ -23,26 +23,12 @@ #include <attr/xattr.h> #include "libacl.h" -#include "byteorder.h" -#include "acl_ea.h" +#include "__acl_extended_file.h" int acl_extended_file(const char *path_p) { - int base_size = sizeof(acl_ea_header) + 3 * sizeof(acl_ea_entry); - int retval; - - retval = getxattr(path_p, ACL_EA_ACCESS, NULL, 0); - if (retval < 0 && errno != ENOATTR && errno != ENODATA) - return -1; - if (retval > base_size) - return 1; - retval = getxattr(path_p, ACL_EA_DEFAULT, NULL, 0); - if (retval < 0 && errno != ENOATTR && errno != ENODATA) - return -1; - if (retval >= base_size) - return 1; - return 0; + return __acl_extended_file(path_p, getxattr); } diff --git a/libacl/acl_extended_file_nofollow.c b/libacl/acl_extended_file_nofollow.c new file mode 100644 index 0000000..8f4711f --- /dev/null +++ b/libacl/acl_extended_file_nofollow.c @@ -0,0 +1,34 @@ +/* + File: acl_extended_file.c + + Copyright (C) 2011 + Andreas Gruenbacher, <a.gruenbacher@bestbits.at> + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +*/ + +#include <unistd.h> +#include <attr/xattr.h> +#include "libacl.h" + +#include "__acl_extended_file.h" + + +int +acl_extended_file_nofollow(const char *path_p) +{ + return __acl_extended_file(path_p, lgetxattr); +} + diff --git a/man/man3/acl_extended_file.3 b/man/man3/acl_extended_file.3 index 0ca7e0f..1f04331 100644 --- a/man/man3/acl_extended_file.3 +++ b/man/man3/acl_extended_file.3 @@ -25,7 +25,7 @@ .Dt ACL_EXTENDED_FILE 3 .Os "Linux ACL" .Sh NAME -.Nm acl_extended_file +.Nm acl_extended_file, acl_extended_file_nofollow .Nd test for information in ACLs by file name .Sh LIBRARY Linux Access Control Lists library (libacl, \-lacl). @@ -34,6 +34,8 @@ Linux Access Control Lists library (libacl, \-lacl). .In acl/libacl.h .Ft int .Fn acl_extended_file "const char *path_p" +.Ft int +.Fn acl_extended_file_nofollow "const char *path_p" .Sh DESCRIPTION The .Fn acl_extended_file @@ -61,6 +63,13 @@ mechanisms, such as Mandatory Access Control schemes. The .Xr access 2 system call can be used to check whether a given type of access to a file object would be granted. +.Pp +.Fn acl_extended_file_nofollow +is identical to +.Fn acl_extended_file , +except in the case of a symbolic link, where the link itself is interrogated, +not the file that it refers to. Since symbolic links have no ACL themselves, +the operation is supposed to fail on them. .Sh RETURN VALUE If successful, the .Fn acl_extended_file diff --git a/man/man5/acl.5 b/man/man5/acl.5 index 6b0f468..aec58aa 100644 --- a/man/man5/acl.5 +++ b/man/man5/acl.5 @@ -497,6 +497,7 @@ These non-portable extensions are available on Linux systems. .Xr acl_error 3 , .Xr acl_extended_fd 3 , .Xr acl_extended_file 3 , +.Xr acl_extended_file_nofollow 3 , .Xr acl_from_mode 3 , .Xr acl_get_perm 3 , .Xr acl_to_any_text 3 |