X-Git-Url: https://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=src%2Fapply-default-acl.c;h=fb472a58742c95016e7bbf6ad74e0ec19ac2f81a;hb=aeedc5826cb0594318031e35acaf8b4a1b6e7c32;hp=993b1f7649e14c50300174da1f5d87fcb534d20a;hpb=f22034c7b75b7096e6ef26de7a5bc8e12a3f0b07;p=apply-default-acl.git diff --git a/src/apply-default-acl.c b/src/apply-default-acl.c index 993b1f7..fb472a5 100644 --- a/src/apply-default-acl.c +++ b/src/apply-default-acl.c @@ -34,85 +34,6 @@ -/** - * @brief Get the mode bits from the given file descriptor. - * - * @param fd - * The file descriptor (which may reference a directory) whose - * mode we want. - * - * @return A mode_t (st_mode) structure containing the mode bits. - * See sys/stat.h for details. - */ -mode_t get_mode(int fd) { - if (fd <= 0) { - errno = ENOENT; - return ACL_ERROR; - } - - struct stat s; - int result = fstat(fd, &s); - - if (result == 0) { - return s.st_mode; - } - else { - /* errno will be set already by lstat() */ - return result; - } -} - - - -/** - * @brief Determine if the given file descriptor might refer to an - * (unsafe) hard link. - * - * @param fd - * The file descriptor whose link count we want to investigate. - * - * @return true if we are certain that @c fd does not describe a hard - * link, and false otherwise. In case of error, false is returned, - * because we are not sure that @c fd is not a hard link. - */ -bool is_hardlink_safe(int fd) { - if (fd <= 0) { - return false; - } - struct stat s; - if (fstat(fd, &s) == 0) { - return (s.st_nlink == 1 || S_ISDIR(s.st_mode)); - } - else { - return false; - } -} - - -/** - * @brief Determine whether or not the given file descriptor is for - * a regular file. - * - * @param fd - * The file descriptor to test for regular-fileness. - * - * @return true if @c fd describes a regular file, and false otherwise. - */ -bool is_regular_file(int fd) { - if (fd <= 0) { - return false; - } - - struct stat s; - if (fstat(fd, &s) == 0) { - return S_ISREG(s.st_mode); - } - else { - return false; - } -} - - /** * @brief Determine whether or not the given path is accessible. @@ -220,8 +141,7 @@ bool is_directory(int fd) { * returned. Otherwise, @c ACL_SUCCESS. * */ -int acl_set_entry(acl_t* aclp, - acl_entry_t entry) { +int acl_set_entry(acl_t* aclp, acl_entry_t entry) { acl_tag_t entry_tag; if (acl_get_tag_type(entry, &entry_tag) == ACL_ERROR) { @@ -482,8 +402,13 @@ int any_can_execute_or_dir(int fd) { int result = ACL_FAILURE; if (acl_is_minimal(acl)) { - mode_t mode = get_mode(fd); - if (mode & (S_IXUSR | S_IXOTH | S_IXGRP)) { + struct stat s; + if (fstat(fd, &s) == -1) { + perror("any_can_execute_or_dir (fstat)"); + result = ACL_ERROR; + goto cleanup; + } + if (s.st_mode & (S_IXUSR | S_IXOTH | S_IXGRP)) { result = ACL_SUCCESS; goto cleanup; } @@ -654,7 +579,8 @@ int wipe_acls(int fd) { int apply_default_acl(const char* path, bool no_exec_mask) { if (path == NULL) { - errno = ENOENT; + errno = EINVAL; + perror("apply_default_acl (args)"); return ACL_ERROR; } @@ -703,16 +629,21 @@ int apply_default_acl(const char* path, bool no_exec_mask) { * between when we open the file descriptor (look above) and when we * fstat it. */ - if (!is_hardlink_safe(fd)) { - result = ACL_FAILURE; + struct stat s; + if (fstat(fd, &s) == -1) { + perror("apply_default_acl (fstat)"); goto cleanup; } - - if (!is_regular_file(fd) && !is_directory(fd)) { - result = ACL_FAILURE; - goto cleanup; + if (!S_ISDIR(s.st_mode)) { + /* If it's not a directory, make sure it's a regular, + non-hard-linked file. */ + if (!S_ISREG(s.st_mode) || s.st_nlink != 1) { + result = ACL_FAILURE; + goto cleanup; + } } + /* Default to not masking the exec bit; i.e. applying the default ACL literally. If --no-exec-mask was not specified, then we try to "guess" whether or not to mask the exec bit. */