/**
- * @brief Determine whether the given path has an ACL whose mask
- * denies execute.
+ * @brief Determine whether the given ACL's mask denies execute.
*
- * @param path
- * The path to check.
+ * @param acl
+ * The ACL whose mask we want to check.
*
* @return
- * - @c ACL_SUCCESS - @c path has a mask which denies execute.
- * - @c ACL_FAILURE - The ACL for @c path does not deny execute,
- * or @c path has no extended ACL at all.
+ * - @c ACL_SUCCESS - The @c acl has a mask which denies execute.
+ * - @c ACL_FAILURE - The @c acl has a mask which does not deny execute.
* - @c ACL_ERROR - Unexpected library error.
*/
-int acl_execute_masked(const char* path) {
-
- acl_t acl = acl_get_file(path, ACL_TYPE_ACCESS);
-
- if (acl == (acl_t)NULL) {
- perror("acl_execute_masked (acl_get_file)");
- return ACL_ERROR;
- }
-
- /* Our return value. */
- int result = ACL_FAILURE;
+int acl_execute_masked(acl_t acl) {
acl_entry_t entry;
int ge_result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
if (tag_result == ACL_ERROR) {
perror("acl_execute_masked (acl_get_tag_type)");
- result = ACL_ERROR;
- goto cleanup;
+ return ACL_ERROR;
}
if (tag == ACL_MASK) {
int ps_result = acl_get_permset(entry, &permset);
if (ps_result == ACL_ERROR) {
perror("acl_execute_masked (acl_get_permset)");
- result = ACL_ERROR;
- goto cleanup;
+ return ACL_ERROR;
}
int gp_result = acl_get_perm(permset, ACL_EXECUTE);
if (gp_result == ACL_ERROR) {
perror("acl_execute_masked (acl_get_perm)");
- result = ACL_ERROR;
- goto cleanup;
+ return ACL_ERROR;
}
if (gp_result == ACL_FAILURE) {
ge_result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
}
- cleanup:
- acl_free(acl);
- return result;
+ return ACL_FAILURE;
}
if (gp_result == ACL_SUCCESS) {
/* Only return ACL_SUCCESS if this execute bit is not masked. */
- if (acl_execute_masked(path) != ACL_SUCCESS) {
+ if (acl_execute_masked(acl) != ACL_SUCCESS) {
result = ACL_SUCCESS;
goto cleanup;
}
projects / apply-default-acl.git / commitdiff