1/*	$NetBSD: remove.c,v 1.1 2020/05/16 18:31:45 christos Exp $	*/
2
3/*-
4 * Copyright (c) 2001 Chris D. Faulhaber
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include <sys/cdefs.h>
30#if 0
31__FBSDID("$FreeBSD: head/bin/setfacl/remove.c 333065 2018-04-27 15:25:24Z emaste $");
32#else
33__RCSID("$NetBSD: remove.c,v 1.1 2020/05/16 18:31:45 christos Exp $");
34#endif
35
36#include <sys/types.h>
37#include <sys/acl.h>
38#include <sys/stat.h>
39
40#include <err.h>
41#include <stdio.h>
42#include <string.h>
43
44#include "setfacl.h"
45
46/*
47 * remove ACL entries from an ACL
48 */
49int
50remove_acl(acl_t acl, acl_t *prev_acl, const char *filename)
51{
52	acl_entry_t	entry;
53	acl_t		acl_new;
54	acl_tag_t	tag;
55	int		carried_error, entry_id, acl_brand, prev_acl_brand;
56
57	carried_error = 0;
58
59	acl_get_brand_np(acl, &acl_brand);
60	acl_get_brand_np(*prev_acl, &prev_acl_brand);
61
62	if (branding_mismatch(acl_brand, prev_acl_brand)) {
63		warnx("%s: branding mismatch; existing ACL is %s, "
64		    "entry to be removed is %s", filename,
65		    brand_name(prev_acl_brand), brand_name(acl_brand));
66		return (-1);
67	}
68
69	carried_error = 0;
70
71	acl_new = acl_dup(*prev_acl);
72	if (acl_new == NULL)
73		err(1, "%s: acl_dup() failed", filename);
74
75	tag = ACL_UNDEFINED_TAG;
76
77	/* find and delete the entry */
78	entry_id = ACL_FIRST_ENTRY;
79	while (acl_get_entry(acl, entry_id, &entry) == 1) {
80		entry_id = ACL_NEXT_ENTRY;
81		if (acl_get_tag_type(entry, &tag) == -1)
82			err(1, "%s: acl_get_tag_type() failed", filename);
83		if (tag == ACL_MASK)
84			have_mask = true;
85		if (acl_delete_entry(acl_new, entry) == -1) {
86			carried_error++;
87			warnx("%s: cannot remove non-existent ACL entry",
88			    filename);
89		}
90	}
91
92	acl_free(*prev_acl);
93	*prev_acl = acl_new;
94
95	if (carried_error)
96		return (-1);
97
98	return (0);
99}
100
101int
102remove_by_number(uint entry_number, acl_t *prev_acl, const char *filename)
103{
104	acl_entry_t	entry;
105	acl_t		acl_new;
106	acl_tag_t	tag;
107	int		carried_error, entry_id;
108	uint		i;
109
110	carried_error = 0;
111
112	acl_new = acl_dup(*prev_acl);
113	if (acl_new == NULL)
114		err(1, "%s: acl_dup() failed", filename);
115
116	tag = ACL_UNDEFINED_TAG;
117
118	/*
119	 * Find out whether we're removing the mask entry,
120	 * to behave the same as the routine above.
121	 *
122	 * XXX: Is this loop actually needed?
123	 */
124	entry_id = ACL_FIRST_ENTRY;
125	i = 0;
126	while (acl_get_entry(acl_new, entry_id, &entry) == 1) {
127		entry_id = ACL_NEXT_ENTRY;
128		if (i != entry_number)
129			continue;
130		if (acl_get_tag_type(entry, &tag) == -1)
131			err(1, "%s: acl_get_tag_type() failed", filename);
132		if (tag == ACL_MASK)
133			have_mask = true;
134	}
135
136	if (acl_delete_entry_np(acl_new, entry_number) == -1) {
137		carried_error++;
138		warn("%s: acl_delete_entry_np() failed", filename);
139	}
140
141	acl_free(*prev_acl);
142	*prev_acl = acl_new;
143
144	if (carried_error)
145		return (-1);
146
147	return (0);
148}
149
150/*
151 * remove default entries
152 */
153int
154remove_default(acl_t *prev_acl, const char *filename)
155{
156
157	acl_free(*prev_acl);
158	*prev_acl = acl_init(ACL_MAX_ENTRIES);
159	if (*prev_acl == NULL)
160		err(1, "%s: acl_init() failed", filename);
161
162	return (0);
163}
164
165/*
166 * remove extended entries
167 */
168void
169remove_ext(acl_t *prev_acl, const char *filename)
170{
171	acl_t acl_new;
172
173	acl_new = acl_strip_np(*prev_acl, !n_flag);
174	if (acl_new == NULL)
175		err(1, "%s: acl_strip_np() failed", filename);
176
177	acl_free(*prev_acl);
178	*prev_acl = acl_new;
179}
180