]> Dogcows Code - chaz/tar/blob - src/xattrs.c
projects / chaz / tar / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Minor change.
[chaz/tar] / src / xattrs.c
1 /* Support for extended attributes.
2
3 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software
4 Foundation, Inc.
5
6 Written by James Antill, on 2006-07-27.
7
8 This program is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by the
10 Free Software Foundation; either version 3, or (at your option) any later
11 version.
12
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
16 Public License for more details.
17
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
21
22 #include <config.h>
23 #include <system.h>
24
25 #include <fnmatch.h>
26 #include <quotearg.h>
27
28 #include "common.h"
29
30 #include "xattr-at.h"
31 #include "selinux-at.h"
32
33 struct xattrs_mask_map
34 {
35 const char **masks;
36 int size;
37 int used;
38 };
39
40 /* list of fnmatch patterns */
41 static struct
42 {
43 /* lists of fnmatch patterns */
44 struct xattrs_mask_map incl;
45 struct xattrs_mask_map excl;
46 } xattrs_setup;
47
48 /* disable posix acls when problem found in gnulib script m4/acl.m4 */
49 #if ! USE_ACL
50 # undef HAVE_POSIX_ACLS
51 #endif
52
53 #ifdef HAVE_POSIX_ACLS
54 # include "acl.h"
55 # include <sys/acl.h>
56 #endif
57
58 #ifdef HAVE_POSIX_ACLS
59
60 /* acl-at wrappers, TODO: move to gnulib in future? */
61 acl_t acl_get_file_at (int dirfd, const char *file, acl_type_t type);
62 int acl_set_file_at (int dirfd, const char *file, acl_type_t type, acl_t acl);
63 int file_has_acl_at (int dirfd, char const *, struct stat const *);
64
65 /* acl_get_file_at */
66 #define AT_FUNC_NAME acl_get_file_at
67 #define AT_FUNC_RESULT acl_t
68 #define AT_FUNC_FAIL (acl_t)NULL
69 #define AT_FUNC_F1 acl_get_file
70 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type
71 #define AT_FUNC_POST_FILE_ARGS , type
72 #include "at-func.c"
73 #undef AT_FUNC_NAME
74 #undef AT_FUNC_F1
75 #undef AT_FUNC_RESULT
76 #undef AT_FUNC_FAIL
77 #undef AT_FUNC_POST_FILE_PARAM_DECLS
78 #undef AT_FUNC_POST_FILE_ARGS
79
80 /* acl_set_file_at */
81 #define AT_FUNC_NAME acl_set_file_at
82 #define AT_FUNC_F1 acl_set_file
83 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type, acl_t acl
84 #define AT_FUNC_POST_FILE_ARGS , type, acl
85 #include "at-func.c"
86 #undef AT_FUNC_NAME
87 #undef AT_FUNC_F1
88 #undef AT_FUNC_POST_FILE_PARAM_DECLS
89 #undef AT_FUNC_POST_FILE_ARGS
90
91 /* gnulib file_has_acl_at */
92 #define AT_FUNC_NAME file_has_acl_at
93 #define AT_FUNC_F1 file_has_acl
94 #define AT_FUNC_POST_FILE_PARAM_DECLS , struct stat const *st
95 #define AT_FUNC_POST_FILE_ARGS , st
96 #include "at-func.c"
97 #undef AT_FUNC_NAME
98 #undef AT_FUNC_F1
99 #undef AT_FUNC_POST_FILE_PARAM_DECLS
100 #undef AT_FUNC_POST_FILE_ARGS
101
102 /* convert unix permissions into an ACL ... needed due to "default" ACLs */
103 static acl_t
104 perms2acl (int perms)
105 {
106 char val[] = "user::---,group::---,other::---";
107 /* 0123456789 123456789 123456789 123456789 */
108
109 /* user */
110 if (perms & 0400)
111 val[6] = 'r';
112 if (perms & 0200)
113 val[7] = 'w';
114 if (perms & 0100)
115 val[8] = 'x';
116
117 /* group */
118 if (perms & 0040)
119 val[17] = 'r';
120 if (perms & 0020)
121 val[18] = 'w';
122 if (perms & 0010)
123 val[19] = 'x';
124
125 /* other */
126 if (perms & 0004)
127 val[28] = 'r';
128 if (perms & 0002)
129 val[29] = 'w';
130 if (perms & 0001)
131 val[30] = 'x';
132
133 return acl_from_text (val);
134 }
135
136 static char *
137 skip_to_ext_fields (char *ptr)
138 {
139 ptr += strcspn (ptr, ":,\n"); /* skip tag name. Ie. user/group/default/mask */
140
141 if (*ptr != ':')
142 return ptr; /* error? no user/group field */
143 ++ptr;
144
145 ptr += strcspn (ptr, ":,\n"); /* skip user/group name */
146
147 if (*ptr != ':')
148 return ptr; /* error? no perms field */
149 ++ptr;
150
151 ptr += strcspn (ptr, ":,\n"); /* skip perms */
152
153 if (*ptr != ':')
154 return ptr; /* no extra fields */
155
156 return ptr;
157 }
158
159 /* The POSIX draft allows extra fields after the three main ones. Star
160 uses this to add a fourth field for user/group which is the numeric ID.
161 We just skip all extra fields atm. */
162 static const char *
163 fixup_extra_acl_fields (const char *ptr)
164 {
165 char *src = (char *) ptr;
166 char *dst = (char *) ptr;
167
168 while (*src)
169 {
170 const char *old = src;
171 size_t len = 0;
172
173 src = skip_to_ext_fields (src);
174 len = src - old;
175 if (old != dst)
176 memmove (dst, old, len);
177 dst += len;
178
179 if (*src == ':') /* We have extra fields, skip them all */
180 src += strcspn (src, "\n,");
181
182 if ((*src == '\n') || (*src == ','))
183 *dst++ = *src++; /* also done when dst == src, but that's ok */
184 }
185 if (src != dst)
186 *dst = 0;
187
188 return ptr;
189 }
190
191 static void
192 xattrs__acls_set (struct tar_stat_info const *st,
193 char const *file_name, int type,
194 const char *ptr, size_t len, bool def)
195 { /* "system.posix_acl_access" */
196 acl_t acl;
197
198 if (ptr)
199 {
200 /* assert (strlen (ptr) == len); */
201 ptr = fixup_extra_acl_fields (ptr);
202
203 acl = acl_from_text (ptr);
204 acls_option = 1;
205 }
206 else if (acls_option > 0)
207 acl = perms2acl (st->stat.st_mode);
208 else
209 return; /* don't call acl functions unless we first hit an ACL, or
210 --acls was passed explicitly */
211
212 if (acl == (acl_t) NULL)
213 {
214 call_arg_warn ("acl_from_text", file_name);
215 return;
216 }
217
218 if (acl_set_file_at (chdir_fd, file_name, type, acl) == -1)
219 /* warn even if filesystem does not support acls */
220 WARNOPT (WARN_XATTR_WRITE,
221 (0, errno,
222 _("acl_set_file_at: Cannot set POSIX ACLs for file '%s'"),
223 file_name));
224
225 acl_free (acl);
226 }
227
228 static void
229 xattrs__acls_get_a (int parentfd, const char *file_name,
230 struct tar_stat_info *st,
231 char **ret_ptr, size_t * ret_len)
232 { /* "system.posix_acl_access" */
233 char *val = NULL;
234 ssize_t len;
235 acl_t acl;
236
237 if ((acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_ACCESS))
238 == (acl_t) NULL)
239 {
240 if (errno != ENOTSUP)
241 call_arg_warn ("acl_get_file_at", file_name);
242 return;
243 }
244
245 val = acl_to_text (acl, &len);
246 acl_free (acl);
247
248 if (val == NULL)
249 {
250 call_arg_warn ("acl_to_text", file_name);
251 return;
252 }
253
254 *ret_ptr = xstrdup (val);
255 *ret_len = len;
256
257 acl_free (val);
258 }
259
260 static void
261 xattrs__acls_get_d (int parentfd, char const *file_name,
262 struct tar_stat_info *st,
263 char **ret_ptr, size_t * ret_len)
264 { /* "system.posix_acl_default" */
265 char *val = NULL;
266 ssize_t len;
267 acl_t acl;
268
269 if ((acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_DEFAULT))
270 == (acl_t) NULL)
271 {
272 if (errno != ENOTSUP)
273 call_arg_warn ("acl_get_file_at", file_name);
274 return;
275 }
276
277 val = acl_to_text (acl, &len);
278 acl_free (acl);
279
280 if (val == NULL)
281 {
282 call_arg_warn ("acl_to_text", file_name);
283 return;
284 }
285
286 *ret_ptr = xstrdup (val);
287 *ret_len = len;
288
289 acl_free (val);
290 }
291 #endif /* HAVE_POSIX_ACLS */
292
293 static void
294 acls_one_line (const char *prefix, char delim,
295 const char *aclstring, size_t len)
296 {
297 /* support both long and short text representation of posix acls */
298 struct obstack stk;
299 obstack_init (&stk);
300 int pref_len = strlen (prefix);
301 const char *oldstring = aclstring;
302
303 if (!aclstring || !len)
304 return;
305
306 int pos = 0;
307 while (pos <= len)
308 {
309 int move = strcspn (aclstring, ",\n");
310 if (!move)
311 break;
312
313 if (oldstring != aclstring)
314 obstack_1grow (&stk, delim);
315
316 obstack_grow (&stk, prefix, pref_len);
317 obstack_grow (&stk, aclstring, move);
318
319 aclstring += move + 1;
320 }
321
322 obstack_1grow (&stk, '\0');
323 const char *toprint = obstack_finish (&stk);
324
325 fprintf (stdlis, "%s", toprint);
326
327 obstack_free (&stk, NULL);
328 }
329
330 void
331 xattrs_acls_get (int parentfd, char const *file_name,
332 struct tar_stat_info *st, int fd, int xisfile)
333 {
334 if (acls_option > 0)
335 {
336 #ifndef HAVE_POSIX_ACLS
337 static int done = 0;
338 if (!done)
339 WARN ((0, 0, _("POSIX ACL support is not available")));
340 done = 1;
341 #else
342 int err = file_has_acl_at (parentfd, file_name, &st->stat);
343 if (err == 0)
344 return;
345 if (err == -1)
346 {
347 call_arg_warn ("file_has_acl_at", file_name);
348 return;
349 }
350
351 xattrs__acls_get_a (parentfd, file_name, st,
352 &st->acls_a_ptr, &st->acls_a_len);
353 if (!xisfile)
354 xattrs__acls_get_d (parentfd, file_name, st,
355 &st->acls_d_ptr, &st->acls_d_len);
356 #endif
357 }
358 }
359
360 void
361 xattrs_acls_set (struct tar_stat_info const *st,
362 char const *file_name, char typeflag)
363 {
364 if ((acls_option > 0) && (typeflag != SYMTYPE))
365 {
366 #ifndef HAVE_POSIX_ACLS
367 static int done = 0;
368 if (!done)
369 WARN ((0, 0, _("POSIX ACL support is not available")));
370 done = 1;
371 #else
372 xattrs__acls_set (st, file_name, ACL_TYPE_ACCESS,
373 st->acls_a_ptr, st->acls_a_len, false);
374 if ((typeflag == DIRTYPE) || (typeflag == GNUTYPE_DUMPDIR))
375 xattrs__acls_set (st, file_name, ACL_TYPE_DEFAULT,
376 st->acls_d_ptr, st->acls_d_len, true);
377 #endif
378 }
379 }
380
381 static void
382 mask_map_realloc (struct xattrs_mask_map *map)
383 {
384 if (map->size == 0)
385 {
386 map->size = 4;
387 map->masks = xmalloc (16 * sizeof (char *));
388 return;
389 }
390
391 if (map->size <= map->used)
392 {
393 map->size *= 2;
394 map->masks = xrealloc (map->masks, map->size * sizeof (char *));
395 return;
396 }
397 }
398
399 void
400 xattrs_mask_add (const char *mask, bool incl)
401 {
402 struct xattrs_mask_map *mask_map = incl ? &xattrs_setup.incl
403 : &xattrs_setup.excl;
404 /* ensure there is enough space */
405 mask_map_realloc (mask_map);
406 /* just assign pointers -- we silently expect that pointer "mask" is valid
407 through the whole program (pointer to argv array) */
408 mask_map->masks[mask_map->used++] = mask;
409 }
410
411 static void
412 clear_mask_map (struct xattrs_mask_map *mask_map)
413 {
414 if (mask_map->size)
415 free (mask_map->masks);
416 }
417
418 void
419 xattrs_clear_setup ()
420 {
421 clear_mask_map (&xattrs_setup.incl);
422 clear_mask_map (&xattrs_setup.excl);
423 }
424
425 /* get all xattrs from file given by FILE_NAME or FD (when non-zero). This
426 includes all the user.*, security.*, system.*, etc. available domains */
427 void
428 xattrs_xattrs_get (int parentfd, char const *file_name,
429 struct tar_stat_info *st, int fd)
430 {
431 if (xattrs_option > 0)
432 {
433 #ifndef HAVE_XATTRS
434 static int done = 0;
435 if (!done)
436 WARN ((0, 0, _("XATTR support is not available")));
437 done = 1;
438 #else
439 static ssize_t xsz = 1024;
440 static char *xatrs = NULL;
441 ssize_t xret = -1;
442
443 if (!xatrs)
444 xatrs = xmalloc (xsz);
445
446 while (((fd == 0) ?
447 ((xret =
448 llistxattrat (parentfd, file_name, xatrs, xsz)) == -1) :
449 ((xret = flistxattr (fd, xatrs, xsz)) == -1))
450 && (errno == ERANGE))
451 {
452 xsz <<= 1;
453 xatrs = xrealloc (xatrs, xsz);
454 }
455
456 if (xret == -1)
457 call_arg_warn ((fd == 0) ? "llistxattrat" : "flistxattr", file_name);
458 else
459 {
460 const char *attr = xatrs;
461 static ssize_t asz = 1024;
462 static char *val = NULL;
463
464 if (!val)
465 val = xmalloc (asz);
466
467 while (xret > 0)
468 {
469 size_t len = strlen (attr);
470 ssize_t aret = 0;
471
472 /* Archive all xattrs during creation, decide at extraction time
473 * which ones are of interest/use for the target filesystem. */
474 while (((fd == 0)
475 ? ((aret = lgetxattrat (parentfd, file_name, attr,
476 val, asz)) == -1)
477 : ((aret = fgetxattr (fd, attr, val, asz)) == -1))
478 && (errno == ERANGE))
479 {
480 asz <<= 1;
481 val = xrealloc (val, asz);
482 }
483
484 if (aret != -1)
485 xheader_xattr_add (st, attr, val, aret);
486 else if (errno != ENOATTR)
487 call_arg_warn ((fd == 0) ? "lgetxattrat"
488 : "fgetxattr", file_name);
489
490 attr += len + 1;
491 xret -= len + 1;
492 }
493 }
494 #endif
495 }
496 }
497
498 static void
499 xattrs__fd_set (struct tar_stat_info const *st,
500 char const *file_name, char typeflag,
501 const char *attr, const char *ptr, size_t len)
502 {
503 if (ptr)
504 {
505 const char *sysname = "setxattrat";
506 int ret = -1;
507
508 if (typeflag != SYMTYPE)
509 ret = setxattrat (chdir_fd, file_name, attr, ptr, len, 0);
510 else
511 {
512 sysname = "lsetxattr";
513 ret = lsetxattrat (chdir_fd, file_name, attr, ptr, len, 0);
514 }
515
516 if (ret == -1)
517 WARNOPT (WARN_XATTR_WRITE,
518 (0, errno,
519 _("%s: Cannot set '%s' extended attribute for file '%s'"),
520 sysname, attr, file_name));
521 }
522 }
523
524 /* lgetfileconat is called against FILE_NAME iff the FD parameter is set to
525 zero, otherwise the fgetfileconat is used against correct file descriptor */
526 void
527 xattrs_selinux_get (int parentfd, char const *file_name,
528 struct tar_stat_info *st, int fd)
529 {
530 if (selinux_context_option > 0)
531 {
532 #if HAVE_SELINUX_SELINUX_H != 1
533 static int done = 0;
534 if (!done)
535 WARN ((0, 0, _("SELinux support is not available")));
536 done = 1;
537 #else
538 int result = (fd ? fgetfilecon (fd, &st->cntx_name)
539 : lgetfileconat (parentfd, file_name, &st->cntx_name));
540
541 if (result == -1 && errno != ENODATA && errno != ENOTSUP)
542 call_arg_warn (fd ? "fgetfilecon" : "lgetfileconat", file_name);
543 #endif
544 }
545 }
546
547 void
548 xattrs_selinux_set (struct tar_stat_info const *st,
549 char const *file_name, char typeflag)
550 {
551 if (selinux_context_option > 0)
552 {
553 #if HAVE_SELINUX_SELINUX_H != 1
554 static int done = 0;
555 if (!done)
556 WARN ((0, 0, _("SELinux support is not available")));
557 done = 1;
558 #else
559 const char *sysname = "setfilecon";
560 int ret;
561
562 if (!st->cntx_name)
563 return;
564
565 if (typeflag != SYMTYPE)
566 {
567 ret = setfileconat (chdir_fd, file_name, st->cntx_name);
568 sysname = "setfileconat";
569 }
570 else
571 {
572 ret = lsetfileconat (chdir_fd, file_name, st->cntx_name);
573 sysname = "lsetfileconat";
574 }
575
576 if (ret == -1)
577 WARNOPT (WARN_XATTR_WRITE,
578 (0, errno,
579 _("%s: Cannot set SELinux context for file '%s'"),
580 sysname, file_name));
581 #endif
582 }
583 }
584
585 static bool
586 xattrs_matches_mask (const char *kw, struct xattrs_mask_map *mm)
587 {
588 int i;
589
590 if (!mm->size)
591 return false;
592
593 for (i = 0; i < mm->used; i++)
594 if (fnmatch (mm->masks[i], kw, 0) == 0)
595 return true;
596
597 return false;
598 }
599
600 static bool
601 xattrs_kw_included (const char *kw, bool archiving)
602 {
603 if (xattrs_setup.incl.size)
604 return xattrs_matches_mask (kw, &xattrs_setup.incl);
605 else
606 {
607 if (archiving)
608 return true;
609 else
610 return strncmp (kw, "user.", strlen ("user.")) == 0;
611 }
612 }
613
614 static bool
615 xattrs_kw_excluded (const char *kw, bool archiving)
616 {
617 if (!xattrs_setup.excl.size)
618 return false;
619
620 return xattrs_matches_mask (kw, &xattrs_setup.excl);
621 }
622
623 /* Check whether the xattr with keyword KW should be discarded from list of
624 attributes that are going to be archived/excluded (set ARCHIVING=true for
625 archiving, false for excluding) */
626 static bool
627 xattrs_masked_out (const char *kw, bool archiving)
628 {
629 if (!xattrs_kw_included (kw, archiving))
630 return true;
631
632 return xattrs_kw_excluded (kw, archiving);
633 }
634
635 void
636 xattrs_xattrs_set (struct tar_stat_info const *st,
637 char const *file_name, char typeflag, int later_run)
638 {
639 if (xattrs_option > 0)
640 {
641 #ifndef HAVE_XATTRS
642 static int done = 0;
643 if (!done)
644 WARN ((0, 0, _("XATTR support is not available")));
645 done = 1;
646 #else
647 size_t scan = 0;
648
649 if (!st->xattr_map_size)
650 return;
651
652 for (; scan < st->xattr_map_size; ++scan)
653 {
654 char *keyword = st->xattr_map[scan].xkey;
655 keyword += strlen ("SCHILY.xattr.");
656
657 /* TODO: this 'later_run' workaround is temporary solution -> once
658 capabilities should become fully supported by it's API and there
659 should exist something like xattrs_capabilities_set() call.
660 For a regular files: all extended attributes are restored during
661 the first run except 'security.capability' which is restored in
662 'later_run == 1'. */
663 if (typeflag == REGTYPE
664 && later_run == !!strcmp (keyword, "security.capability"))
665 continue;
666
667 if (xattrs_masked_out (keyword, false /* extracting */ ))
668 /* we don't want to restore this keyword */
669 continue;
670
671 xattrs__fd_set (st, file_name, typeflag, keyword,
672 st->xattr_map[scan].xval_ptr,
673 st->xattr_map[scan].xval_len);
674 }
675 #endif
676 }
677 }
678
679 void
680 xattrs_print_char (struct tar_stat_info const *st, char *output)
681 {
682 int i;
683
684 if (verbose_option < 2)
685 {
686 *output = 0;
687 return;
688 }
689
690 if (xattrs_option > 0 || selinux_context_option > 0 || acls_option > 0)
691 {
692 /* placeholders */
693 *output = ' ';
694 *(output + 1) = 0;
695 }
696
697 if (xattrs_option > 0 && st->xattr_map_size)
698 for (i = 0; i < st->xattr_map_size; ++i)
699 {
700 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
701 if (xattrs_masked_out (keyword, false /* like extracting */ ))
702 continue;
703 *output = '*';
704 break;
705 }
706
707 if (selinux_context_option > 0 && st->cntx_name)
708 *output = '.';
709
710 if (acls_option && (st->acls_a_len || st->acls_d_len))
711 *output = '+';
712 }
713
714 void
715 xattrs_print (struct tar_stat_info const *st)
716 {
717 if (verbose_option < 3)
718 return;
719
720 /* selinux */
721 if (selinux_context_option && st->cntx_name)
722 fprintf (stdlis, " s: %s\n", st->cntx_name);
723
724 /* acls */
725 if (acls_option && (st->acls_a_len || st->acls_d_len))
726 {
727 fprintf (stdlis, " a: ");
728 acls_one_line ("", ',', st->acls_a_ptr, st->acls_a_len);
729 acls_one_line ("default:", ',', st->acls_d_ptr, st->acls_d_len);
730 fprintf (stdlis, "\n");
731 }
732
733 /* xattrs */
734 if (xattrs_option && st->xattr_map_size)
735 {
736 int i;
737 for (i = 0; i < st->xattr_map_size; ++i)
738 {
739 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
740 if (xattrs_masked_out (keyword, false /* like extracting */ ))
741 continue;
742 fprintf (stdlis, " x: %lu %s\n",
743 (unsigned long) st->xattr_map[i].xval_len, keyword);
744 }
745 }
746 }
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.060321 seconds and 5 git commands to generate.