bin/setfacl/merge.c

74465Srwatson/*
74465Srwatson * Copyright (c) 2001 Chris D. Faulhaber
74465Srwatson * All rights reserved.
74465Srwatson *
74465Srwatson * Redistribution and use in source and binary forms, with or without
74465Srwatson * modification, are permitted provided that the following conditions
74465Srwatson * are met:
74465Srwatson * 1. Redistributions of source code must retain the above copyright
74465Srwatson *    notice, this list of conditions and the following disclaimer.
74465Srwatson * 2. Redistributions in binary form must reproduce the above copyright
74465Srwatson *    notice, this list of conditions and the following disclaimer in the
74465Srwatson *    documentation and/or other materials provided with the distribution.
74465Srwatson *
74465Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
74465Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
74465Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
74465Srwatson * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR THE VOICES IN HIS HEAD BE
74465Srwatson * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
74465Srwatson * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
74465Srwatson * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
74465Srwatson * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
74465Srwatson * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
74465Srwatson * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
74465Srwatson * POSSIBILITY OF SUCH DAMAGE.
74465Srwatson *
74465Srwatson * $FreeBSD: head/bin/setfacl/merge.c 87254 2001-12-03 00:51:36Z jedgar $
74465Srwatson */
74465Srwatson
74465Srwatson#include <sys/types.h>
74465Srwatson#include <sys/acl.h>
74465Srwatson#include <sys/stat.h>
74465Srwatson
74465Srwatson#include <err.h>
74465Srwatson#include <stdio.h>
74465Srwatson
74465Srwatson#include "setfacl.h"
74465Srwatson
87254Sjedgar/*
87254Sjedgar * merge an ACL into existing file's ACL
87254Sjedgar */
74465Srwatsonint
74465Srwatsonmerge_acl(acl_t acl, acl_t *prev_acl)
74465Srwatson{
75928Sjedgar	acl_entry_t entry, entry_new;
75928Sjedgar	acl_permset_t permset;
74465Srwatson	acl_t acl_new;
75928Sjedgar	acl_tag_t tag, tag_new;
75928Sjedgar	int entry_id, entry_id_new, have_entry;
75928Sjedgar	uid_t *id, *id_new;
74465Srwatson
74465Srwatson	if (acl_type == ACL_TYPE_ACCESS)
74465Srwatson		acl_new = acl_dup(prev_acl[0]);
74465Srwatson	else
74465Srwatson		acl_new = acl_dup(prev_acl[1]);
87254Sjedgar	if (acl_new == NULL)
87254Sjedgar		err(1, "acl_dup() failed");
74465Srwatson
75928Sjedgar	entry_id = ACL_FIRST_ENTRY;
75928Sjedgar
75928Sjedgar	while (acl_get_entry(acl, entry_id, &entry) == 1) {
75928Sjedgar		entry_id = ACL_NEXT_ENTRY;
74465Srwatson		have_entry = 0;
74465Srwatson
75928Sjedgar		/* keep track of existing ACL_MASK entries */
75928Sjedgar		if (acl_get_tag_type(entry, &tag) == -1)
87254Sjedgar			err(1, "acl_get_tag_type() failed - invalid ACL entry");
75928Sjedgar		if (tag == ACL_MASK)
74465Srwatson			have_mask = 1;
74465Srwatson
74465Srwatson		/* check against the existing ACL entries */
75928Sjedgar		entry_id_new = ACL_FIRST_ENTRY;
87254Sjedgar		while (have_entry == 0 &&
75928Sjedgar		    acl_get_entry(acl_new, entry_id_new, &entry_new) == 1) {
75928Sjedgar			entry_id_new = ACL_NEXT_ENTRY;
75928Sjedgar
75928Sjedgar			if (acl_get_tag_type(entry, &tag) == -1)
87254Sjedgar				err(1, "acl_get_tag_type() failed");
75928Sjedgar			if (acl_get_tag_type(entry_new, &tag_new) == -1)
87254Sjedgar				err(1, "acl_get_tag_type() failed");
75928Sjedgar			if (tag != tag_new)
75928Sjedgar				continue;
75928Sjedgar
75928Sjedgar			switch(tag) {
75928Sjedgar			case ACL_USER:
75928Sjedgar			case ACL_GROUP:
75928Sjedgar				id = acl_get_qualifier(entry);
75928Sjedgar				if (id == NULL)
87254Sjedgar					err(1, "acl_get_qualifier() failed");
75928Sjedgar				id_new = acl_get_qualifier(entry_new);
75928Sjedgar				if (id_new == NULL)
87254Sjedgar					err(1, "acl_get_qualifier() failed");
75928Sjedgar				if (*id == *id_new) {
75928Sjedgar					/* any other matches */
75928Sjedgar					if (acl_get_permset(entry, &permset)
75928Sjedgar					    == -1)
87254Sjedgar						err(1,
75928Sjedgar						    "acl_get_permset() failed");
75928Sjedgar					if (acl_set_permset(entry_new, permset)
75928Sjedgar					    == -1)
87254Sjedgar						err(1,
75928Sjedgar						    "acl_set_permset() failed");
74465Srwatson					have_entry = 1;
75928Sjedgar				}
75928Sjedgar				acl_free(id);
75928Sjedgar				acl_free(id_new);
87254Sjedgar				if (have_entry == 0)
74465Srwatson					break;
75928Sjedgar				/* FALLTHROUGH */
75928Sjedgar			case ACL_USER_OBJ:
75928Sjedgar			case ACL_GROUP_OBJ:
75928Sjedgar			case ACL_OTHER:
75928Sjedgar			case ACL_MASK:
75928Sjedgar				if (acl_get_permset(entry, &permset) == -1)
87254Sjedgar					err(1, "acl_get_permset() failed");
75928Sjedgar				if (acl_set_permset(entry_new, permset) == -1)
87254Sjedgar					err(1, "acl_set_permset() failed");
75928Sjedgar				have_entry = 1;
75928Sjedgar				break;
75928Sjedgar			default:
75928Sjedgar				/* should never be here */
87254Sjedgar				errx(1, "Invalid tag type: %i", tag);
75928Sjedgar				break;
74465Srwatson			}
74465Srwatson		}
74465Srwatson
74465Srwatson		/* if this entry has not been found, it must be new */
87254Sjedgar		if (have_entry == 0) {
75928Sjedgar			if (acl_create_entry(&acl_new, &entry_new) == -1) {
74465Srwatson				acl_free(acl_new);
87254Sjedgar				return (-1);
74465Srwatson			}
75928Sjedgar			if (acl_copy_entry(entry_new, entry) == -1)
87254Sjedgar				err(1, "acl_copy_entry() failed");
74465Srwatson		}
74465Srwatson	}
74465Srwatson
74465Srwatson
75928Sjedgar	if (acl_type == ACL_TYPE_ACCESS) {
75928Sjedgar		acl_free(prev_acl[0]);
75928Sjedgar		prev_acl[0] = acl_new;
75928Sjedgar	} else {
75928Sjedgar		acl_free(prev_acl[1]);
75928Sjedgar		prev_acl[1] = acl_new;
75928Sjedgar	}
75928Sjedgar
75928Sjedgar
87254Sjedgar	return (0);
74465Srwatson}