X-Git-Url: https://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=src%2Faclq.c;h=0d09c5c1b4c22c440b8f1e2976888e411904011d;hb=60f8c02626369db69769474307a95caf61ec3d81;hp=eaeb2ede17e36d33f79925e3a6416f3a605259fa;hpb=d87d053c3183ccdbfe60a3c957cffa85212131c0;p=apply-default-acl.git

diff --git a/src/aclq.c b/src/aclq.c
index eaeb2ed..0d09c5c 100644
--- a/src/aclq.c
+++ b/src/aclq.c
@@ -143,21 +143,21 @@ int get_type_tag_entry(const char* path,
 		       acl_entry_t* entry) {
     /* Returns one if successful, zero when the ACL doesn't exist, and
      -1 on unexpected errors. */
-  acl_t defacl = acl_get_file(path, type);
+  acl_t acl = acl_get_file(path, type);
 
-  if (defacl == (acl_t)NULL) {
+  if (acl == (acl_t)NULL) {
     /* Follow the acl_foo convention of -1 == error. */
     return 0;
   }
 
-  int result = acl_get_entry(defacl, ACL_FIRST_ENTRY, entry);
+  int result = acl_get_entry(acl, ACL_FIRST_ENTRY, entry);
 
   while (result == 1) {
     acl_tag_t tag = ACL_UNDEFINED_TAG;
     int tag_result = acl_get_tag_type(*entry, &tag);
 
     if (tag_result == -1) {
-       perror("get_default_tag_entry (acl_get_tag_type)");
+       perror("get_type_tag_entry (acl_get_tag_type)");
        return -1;
     }
 
@@ -166,13 +166,13 @@ int get_type_tag_entry(const char* path,
       return 1;
     }
 
-    result = acl_get_entry(defacl, ACL_NEXT_ENTRY, entry);
+    result = acl_get_entry(acl, ACL_NEXT_ENTRY, entry);
   }
 
   /* This catches both the initial acl_get_entry and the ones at the
      end of the loop. */
   if (result == -1) {
-    perror("get_default_tag_entry (acl_get_entry)");
+    perror("get_type_tag_entry (acl_get_entry)");
     return -1;
   }
 
@@ -207,13 +207,13 @@ int get_type_tag_permset(const char* path,
   }
 
   acl_entry_t entry;
-  int result = get_default_tag_entry(path, desired_tag, &entry);
+  int result = get_type_tag_entry(path, type, desired_tag, &entry);
 
   if (result == 1) {
     /* We found the right tag, now get the permset. */
     int ps_result = acl_get_permset(entry, output_perms);
     if (ps_result == -1) {
-      perror("get_default_tag_permset (acl_get_permset)");
+      perror("get_type_tag_permset (acl_get_permset)");
     }
 
     if (ps_result == 0) {
@@ -231,12 +231,15 @@ int get_type_tag_permset(const char* path,
 int get_default_tag_permset(const char* path,
 			    acl_tag_t desired_tag,
 			    acl_permset_t* output_perms) {
-  return get_type_tag_permset(path, ACL_TYPE_DEFAULT, desired_tag, output_perms);
+  return get_type_tag_permset(path,
+			      ACL_TYPE_DEFAULT,
+			      desired_tag,
+			      output_perms);
 }
 
 int get_access_tag_permset(const char* path,
-			    acl_tag_t desired_tag,
-			    acl_permset_t* output_perms) {
+			   acl_tag_t desired_tag,
+			   acl_permset_t* output_perms) {
   return get_type_tag_permset(path, ACL_TYPE_ACCESS, desired_tag, output_perms);
 }
 
@@ -268,18 +271,18 @@ int has_default_tag_perm(const char* path,
 }
 
 int remove_access_tag_perm(const char* path,
-			   acl_tag_t tag,
+			   acl_tag_t desired_tag,
 			   acl_perm_t perm) {
   /* Attempt to remove perm from tag. Returns one if successful, zero
      if there was nothing to do, and -1 on errors. */
-  int hata = has_access_tag_acl(path, tag);
-  if (hata != 1) {
-    /* Failure or error. */
-    return hata;
+  acl_t acl = acl_get_file(path, ACL_TYPE_ACCESS);
+  if (acl == (acl_t)NULL) {
+    /* Error. */
+    return -1;
   }
 
   acl_permset_t permset;
-  bool ps_result = get_access_tag_permset(path, tag, &permset);
+  bool ps_result = get_access_tag_permset(path, desired_tag, &permset);
 
   if (ps_result != 1) {
     /* Failure or error. */
@@ -295,26 +298,45 @@ int remove_access_tag_perm(const char* path,
   /* We've only removed perm from the permset; now we have to replace
      the permset. */
   acl_entry_t entry;
-  int entry_result = get_access_tag_entry(path, tag, &entry);
+  int result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
 
-  if (entry_result == -1) {
-    perror("remove_access_tag_perm (get_access_tag_entry)");
-    return -1;
-  }
+  while (result == 1) {
+    acl_tag_t tag = ACL_UNDEFINED_TAG;
+    int tag_result = acl_get_tag_type(entry, &tag);
 
-  if (entry_result == 1) {
-    /* Success. */
-    int s_result = acl_set_permset(entry, permset);
-    if (s_result == -1) {
-      perror("remove_access_tag_perm (acl_set_permset)");
-      return -1;
+    if (tag_result == -1) {
+       perror("remove_access_tag_perm (acl_get_tag_type)");
+       return -1;
     }
 
-    return 1;
+    if (tag == desired_tag) {
+      /* We found the right tag. Update the permset. */
+      int s_result = acl_set_permset(entry, permset);
+      if (s_result == -1) {
+	perror("remove_access_tag_perm (acl_set_permset)");
+	return -1;
+      }
+
+      int sf_result = acl_set_file(path, ACL_TYPE_ACCESS, acl);
+      if (sf_result == -1) {
+	perror("remove_access_tag_perm (acl_set_file)");
+	return -1;
+      }
+
+      return 1;
+    }
+
+    result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
   }
-  else {
-    return 0;
+
+  /* This catches both the initial acl_get_entry and the ones at the
+     end of the loop. */
+  if (result == -1) {
+    perror("remove_access_tag_perm (acl_get_entry)");
+    return -1;
   }
+
+  return 0;
 }
 
 int remove_access_group_obj_execute(const char* path) {