X-Git-Url: https://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=src%2Fapply-default-acl.c;h=a3c28fb59ca963db23f2dcf79150a320cf40c947;hb=927c66a6c66bcbd69b62f07f4b937c5df9afab88;hp=b89a732d9251556357dc9d52396aa657af80e15d;hpb=e5d36040a86457ed66782496d79136d6bdc4d9a3;p=apply-default-acl.git

diff --git a/src/apply-default-acl.c b/src/apply-default-acl.c
index b89a732..a3c28fb 100644
--- a/src/apply-default-acl.c
+++ b/src/apply-default-acl.c
@@ -371,29 +371,17 @@ int acl_is_minimal(acl_t* acl) {
 
 
 /**
- * @brief Determine whether the given path has an ACL whose mask
- *   denies execute.
+ * @brief Determine whether the given ACL's mask denies execute.
  *
- * @param path
- *   The path to check.
+ * @param acl
+ *   The ACL whose mask we want to check.
  *
  * @return
- *   - @c ACL_SUCCESS - @c path has a mask which denies execute.
- *   - @c ACL_FAILURE - The ACL for @c path does not deny execute,
- *     or @c path has no extended ACL at all.
+ *   - @c ACL_SUCCESS - The @c acl has a mask which denies execute.
+ *   - @c ACL_FAILURE - The @c acl has a mask which does not deny execute.
  *   - @c ACL_ERROR - Unexpected library error.
  */
-int acl_execute_masked(const char* path) {
-
-  acl_t acl = acl_get_file(path, ACL_TYPE_ACCESS);
-
-  if (acl == (acl_t)NULL) {
-    perror("acl_execute_masked (acl_get_file)");
-    return ACL_ERROR;
-  }
-
-  /* Our return value. */
-  int result = ACL_FAILURE;
+int acl_execute_masked(acl_t acl) {
 
   acl_entry_t entry;
   int ge_result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
@@ -404,8 +392,7 @@ int acl_execute_masked(const char* path) {
 
     if (tag_result == ACL_ERROR) {
        perror("acl_execute_masked (acl_get_tag_type)");
-       result = ACL_ERROR;
-       goto cleanup;
+       return ACL_ERROR;
     }
 
     if (tag == ACL_MASK) {
@@ -416,15 +403,13 @@ int acl_execute_masked(const char* path) {
       int ps_result = acl_get_permset(entry, &permset);
       if (ps_result == ACL_ERROR) {
 	perror("acl_execute_masked (acl_get_permset)");
-	result = ACL_ERROR;
-	goto cleanup;
+	return ACL_ERROR;
       }
 
       int gp_result = acl_get_perm(permset, ACL_EXECUTE);
       if (gp_result == ACL_ERROR) {
 	perror("acl_execute_masked (acl_get_perm)");
-	result = ACL_ERROR;
-	goto cleanup;
+	return ACL_ERROR;
       }
 
       if (gp_result == ACL_FAILURE) {
@@ -436,9 +421,7 @@ int acl_execute_masked(const char* path) {
     ge_result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
   }
 
- cleanup:
-  acl_free(acl);
-  return result;
+  return ACL_FAILURE;
 }
 
 
@@ -533,7 +516,7 @@ int any_can_execute_or_dir(const char* path) {
 
     if (gp_result == ACL_SUCCESS) {
       /* Only return ACL_SUCCESS if this execute bit is not masked. */
-      if (acl_execute_masked(path) != ACL_SUCCESS) {
+      if (acl_execute_masked(acl) != ACL_SUCCESS) {
 	result = ACL_SUCCESS;
 	goto cleanup;
       }
@@ -556,59 +539,49 @@ int any_can_execute_or_dir(const char* path) {
 
 
 /**
- * @brief Inherit the default ACL from @c parent to @c path.
+ * @brief Set @c acl as the default ACL on @c path if it's a directory.
  *
- * The @c parent parameter does not necessarily need to be the parent
- * of @c path, although that will usually be the case. This overwrites
- * any existing default ACL on @c path.
- *
- * @param parent
- *   The parent directory whose ACL we want to inherit.
+ * This overwrites any existing default ACL on @c path. If no default
+ * ACL exists, then one is created. If @c path is not a directory, we
+ * return ACL_FAILURE but no error is raised.
  *
  * @param path
- *   The target directory whose ACL we wish to overwrite (or create).
+ *   The target directory whose ACL we wish to replace or create.
+ *
+  * @param acl
+ *   The ACL to set as default on @c path.
  *
  * @return
- *   - @c ACL_SUCCESS - The default ACL was inherited successfully.
- *   - @c ACL_FAILURE - Either @c parent or @c path is not a directory.
+ *   - @c ACL_SUCCESS - The default ACL was assigned successfully.
+ *   - @c ACL_FAILURE - If @c path is not a directory.
  *   - @c ACL_ERROR - Unexpected library error.
  */
-int inherit_default_acl(const char* path, const char* parent) {
-
-  /* Our return value. */
-  int result = ACL_SUCCESS;
+int assign_default_acl(const char* path, acl_t acl) {
 
   if (path == NULL) {
     errno = ENOENT;
     return ACL_ERROR;
   }
 
-  if (!is_directory(path) || !is_directory(parent)) {
+  if (!is_directory(path)) {
     return ACL_FAILURE;
   }
 
-  acl_t parent_acl = acl_get_file(parent, ACL_TYPE_DEFAULT);
-  if (parent_acl == (acl_t)NULL) {
-    perror("inherit_default_acl (acl_get_file)");
-    return ACL_ERROR;
-  }
-
-  acl_t path_acl = acl_dup(parent_acl);
+    /* Our return value; success unless something bad happens. */
+  int result = ACL_SUCCESS;
+  acl_t path_acl = acl_dup(acl);
 
   if (path_acl == (acl_t)NULL) {
     perror("inherit_default_acl (acl_dup)");
-    acl_free(parent_acl);
-    return ACL_ERROR;
+    return ACL_ERROR; /* Nothing to clean up in this case. */
   }
 
   int sf_result = acl_set_file(path, ACL_TYPE_DEFAULT, path_acl);
   if (sf_result == -1) {
     perror("inherit_default_acl (acl_set_file)");
     result = ACL_ERROR;
-    goto cleanup;
   }
 
- cleanup:
   acl_free(path_acl);
   return result;
 }
@@ -786,7 +759,7 @@ int apply_default_acl(const char* path, bool no_exec_mask) {
   }
 
   /* If it's a directory, inherit the parent's default. */
-  int inherit_result = inherit_default_acl(path, parent);
+  int inherit_result = assign_default_acl(path, defacl);
   if (inherit_result == ACL_ERROR) {
     perror("apply_default_acl (inherit_acls)");
     result = ACL_ERROR;