/* If we've made it this far, we need to add a new entry to the
ACL. */
acl_entry_t new_entry;
+
+ /* We allocate memory here that we should release! */
int c_result = acl_create_entry(aclp, &new_entry);
if (c_result == -1) {
perror("acl_set_entry (acl_create_entry)");
-1 on error. */
acl_t acl = acl_get_file(path, ACL_TYPE_ACCESS);
+ if (acl == (acl_t)NULL) {
+ return 0;
+ }
+
+ /* Our return value. */
+ int result = 0;
+
if (acl_is_minimal(&acl)) {
mode_t mode = get_mode(path);
if (mode & (S_IXUSR | S_IXOTH | S_IXGRP)) {
- return 1;
+ result = 1;
+ goto cleanup;
}
else {
- return 0;
+ result = 0;
+ goto cleanup;
}
}
-
- if (acl == (acl_t)NULL) {
- return 0;
- }
-
+
acl_entry_t entry;
- int result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
+ int ge_result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
- while (result == 1) {
+ while (ge_result == 1) {
acl_permset_t permset;
int ps_result = acl_get_permset(entry, &permset);
if (ps_result == -1) {
perror("any_can_execute (acl_get_permset)");
- return -1;
+ result = -1;
+ goto cleanup;
}
int gp_result = acl_get_perm(permset, ACL_EXECUTE);
if (gp_result == -1) {
perror("any_can_execute (acl_get_perm)");
- return -1;
+ result = -1;
+ goto cleanup;
}
if (gp_result == 1) {
- return 1;
+ result = 1;
+ goto cleanup;
}
- result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
+ ge_result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
}
- if (result == -1) {
+ if (ge_result == -1) {
perror("any_can_execute (acl_get_entry)");
- return -1;
+ result = -1;
+ goto cleanup;
}
- return 0;
+ cleanup:
+ acl_free(acl);
+ return result;
}
existing default ACL. Returns 1 for success, 0 for failure, and
-1 on error. */
+ /* Our return value. */
+ int result = 1;
+
if (path == NULL) {
errno = ENOENT;
return -1;
}
acl_t parent_acl = acl_get_file(parent, ACL_TYPE_DEFAULT);
+ if (parent_acl == (acl_t)NULL) {
+ return 0;
+ }
+
acl_t path_acl = acl_dup(parent_acl);
if (path_acl == (acl_t)NULL) {
perror("inherit_default_acl (acl_dup)");
+ acl_free(parent_acl);
return -1;
}
int sf_result = acl_set_file(path, ACL_TYPE_DEFAULT, path_acl);
if (sf_result == -1) {
perror("inherit_default_acl (acl_set_file)");
- return -1;
+ result = -1;
+ goto cleanup;
}
+ cleanup:
acl_free(path_acl);
- return 1;
+ return result;
}
return -1;
}
+ /* Our return value. */
+ int result = 1;
+
acl_entry_t entry;
- int result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
+ int ge_result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
- while (result == 1) {
+ while (ge_result == 1) {
int d_result = acl_delete_entry(acl, entry);
if (d_result == -1) {
perror("wipe_acls (acl_delete_entry)");
- return -1;
+ result = -1;
+ goto cleanup;
}
- result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
+ ge_result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
}
/* Catches the first acl_get_entry as well as the ones at the end of
the loop. */
- if (result == -1) {
+ if (ge_result == -1) {
perror("reapply_default_acl_ng (acl_get_entry)");
- return -1;
+ result = -1;
+ goto cleanup;
}
int sf_result = acl_set_file(path, ACL_TYPE_ACCESS, acl);
if (sf_result == -1) {
perror("wipe_acls (acl_set_file)");
- return -1;
+ result = -1;
+ goto cleanup;
}
- return 1;
+ cleanup:
+ acl_free(acl);
+ return result;
}
return -1;
}
+ /* Our return value. */
+ int result = 1;
+
int wipe_result = wipe_acls(path);
if (wipe_result == -1) {
perror("reapply_default_acl_ng (wipe_acls)");
- return -1;
+ result = -1;
+ goto cleanup;
}
/* Do this after wipe_acls(), otherwise we'll overwrite the wiped
int inherit_result = inherit_default_acl(path, parent);
if (inherit_result == -1) {
perror("reapply_default_acl_ng (inherit_acls)");
- return -1;
+ result = -1;
+ goto cleanup;
}
acl_entry_t entry;
- int result = acl_get_entry(defacl, ACL_FIRST_ENTRY, &entry);
+ int ge_result = acl_get_entry(defacl, ACL_FIRST_ENTRY, &entry);
- while (result == 1) {
+ while (ge_result == 1) {
acl_tag_t tag = ACL_UNDEFINED_TAG;
int tag_result = acl_get_tag_type(entry, &tag);
if (tag_result == -1) {
perror("has_default_tag_acl (acl_get_tag_type)");
- return -1;
+ result = -1;
+ goto cleanup;
}
int ps_result = acl_get_permset(entry, &permset);
if (ps_result == -1) {
perror("reapply_default_acl_ng (acl_get_permset)");
- return -1;
+ result = -1;
+ goto cleanup;
}
/* If this is a default mask, fix it up. */
int d_result = acl_delete_perm(permset, ACL_EXECUTE);
if (d_result == -1) {
perror("reapply_default_acl_ng (acl_delete_perm)");
- return -1;
+ result = -1;
+ goto cleanup;
}
int sp_result = acl_set_permset(entry, permset);
if (sp_result == -1) {
perror("reapply_default_acl_ng (acl_set_permset)");
- return -1;
+ result = -1;
+ goto cleanup;
}
}
}
int set_result = acl_set_entry(&acl, entry);
if (set_result == -1) {
perror("reapply_default_acl_ng (acl_set_entry)");
- return -1;
+ result = -1;
+ goto cleanup;
}
- result = acl_get_entry(defacl, ACL_NEXT_ENTRY, &entry);
+ ge_result = acl_get_entry(defacl, ACL_NEXT_ENTRY, &entry);
}
/* Catches the first acl_get_entry as well as the ones at the end of
the loop. */
- if (result == -1) {
+ if (ge_result == -1) {
perror("reapply_default_acl_ng (acl_get_entry)");
- return -1;
+ result = -1;
+ goto cleanup;
}
int sf_result = acl_set_file(path, ACL_TYPE_ACCESS, acl);
if (sf_result == -1) {
perror("reapply_default_acl_ng (acl_set_file)");
- return -1;
+ result = -1;
+ goto cleanup;
}
- return 1;
+ cleanup:
+ acl_free(defacl);
+ return result;
}
projects / apply-default-acl.git / commitdiff