]> Dogcows Code - chaz/tar/blob - src/xattrs.c
projects / chaz / tar / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
build: new configure option --enable-gcc-warnings
[chaz/tar] / src / xattrs.c
1 /* Support for extended attributes.
2
3 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software
4 Foundation, Inc.
5
6 Written by James Antill, on 2006-07-27.
7
8 This program is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by the
10 Free Software Foundation; either version 2, or (at your option) any later
11 version.
12
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
16 Public License for more details.
17
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
21
22 #include <config.h>
23 #include <system.h>
24
25 #include <fnmatch.h>
26 #include <quotearg.h>
27
28 #include "common.h"
29
30 #include "xattr-at.h"
31 #include "selinux-at.h"
32
33 struct xattrs_mask_map
34 {
35 const char **masks;
36 size_t size;
37 size_t used;
38 };
39
40 /* list of fnmatch patterns */
41 static struct
42 {
43 /* lists of fnmatch patterns */
44 struct xattrs_mask_map incl;
45 struct xattrs_mask_map excl;
46 } xattrs_setup;
47
48 /* disable posix acls when problem found in gnulib script m4/acl.m4 */
49 #if ! USE_ACL
50 # undef HAVE_POSIX_ACLS
51 #endif
52
53 #ifdef HAVE_POSIX_ACLS
54 # include "acl.h"
55 # include <sys/acl.h>
56 #endif
57
58 #ifdef HAVE_POSIX_ACLS
59
60 /* acl-at wrappers, TODO: move to gnulib in future? */
61 acl_t acl_get_file_at (int dirfd, const char *file, acl_type_t type);
62 int acl_set_file_at (int dirfd, const char *file, acl_type_t type, acl_t acl);
63 int file_has_acl_at (int dirfd, char const *, struct stat const *);
64
65 /* acl_get_file_at */
66 #define AT_FUNC_NAME acl_get_file_at
67 #define AT_FUNC_RESULT acl_t
68 #define AT_FUNC_FAIL (acl_t)NULL
69 #define AT_FUNC_F1 acl_get_file
70 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type
71 #define AT_FUNC_POST_FILE_ARGS , type
72 #include "at-func.c"
73 #undef AT_FUNC_NAME
74 #undef AT_FUNC_F1
75 #undef AT_FUNC_RESULT
76 #undef AT_FUNC_FAIL
77 #undef AT_FUNC_POST_FILE_PARAM_DECLS
78 #undef AT_FUNC_POST_FILE_ARGS
79
80 /* acl_set_file_at */
81 #define AT_FUNC_NAME acl_set_file_at
82 #define AT_FUNC_F1 acl_set_file
83 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type, acl_t acl
84 #define AT_FUNC_POST_FILE_ARGS , type, acl
85 #include "at-func.c"
86 #undef AT_FUNC_NAME
87 #undef AT_FUNC_F1
88 #undef AT_FUNC_POST_FILE_PARAM_DECLS
89 #undef AT_FUNC_POST_FILE_ARGS
90
91 /* gnulib file_has_acl_at */
92 #define AT_FUNC_NAME file_has_acl_at
93 #define AT_FUNC_F1 file_has_acl
94 #define AT_FUNC_POST_FILE_PARAM_DECLS , struct stat const *st
95 #define AT_FUNC_POST_FILE_ARGS , st
96 #include "at-func.c"
97 #undef AT_FUNC_NAME
98 #undef AT_FUNC_F1
99 #undef AT_FUNC_POST_FILE_PARAM_DECLS
100 #undef AT_FUNC_POST_FILE_ARGS
101
102 /* convert unix permissions into an ACL ... needed due to "default" ACLs */
103 static acl_t
104 perms2acl (int perms)
105 {
106 char val[] = "user::---,group::---,other::---";
107 /* 0123456789 123456789 123456789 123456789 */
108
109 /* user */
110 if (perms & 0400)
111 val[6] = 'r';
112 if (perms & 0200)
113 val[7] = 'w';
114 if (perms & 0100)
115 val[8] = 'x';
116
117 /* group */
118 if (perms & 0040)
119 val[17] = 'r';
120 if (perms & 0020)
121 val[18] = 'w';
122 if (perms & 0010)
123 val[19] = 'x';
124
125 /* other */
126 if (perms & 0004)
127 val[28] = 'r';
128 if (perms & 0002)
129 val[29] = 'w';
130 if (perms & 0001)
131 val[30] = 'x';
132
133 return acl_from_text (val);
134 }
135
136 static char *
137 skip_to_ext_fields (char *ptr)
138 {
139 /* skip tag name (user/group/default/mask) */
140 ptr += strcspn (ptr, ":,\n");
141
142 if (*ptr != ':')
143 return ptr;
144 ++ptr;
145
146 ptr += strcspn (ptr, ":,\n"); /* skip user/group name */
147
148 if (*ptr != ':')
149 return ptr;
150 ++ptr;
151
152 ptr += strcspn (ptr, ":,\n"); /* skip perms */
153
154 return ptr;
155 }
156
157 /* The POSIX draft allows extra fields after the three main ones. Star
158 uses this to add a fourth field for user/group which is the numeric ID.
159 This function removes such extra fields by overwriting them with the
160 characters that follow. */
161 static char *
162 fixup_extra_acl_fields (char *ptr)
163 {
164 char *src = ptr;
165 char *dst = ptr;
166
167 while (*src)
168 {
169 const char *old = src;
170 size_t len = 0;
171
172 src = skip_to_ext_fields (src);
173 len = src - old;
174 if (old != dst)
175 memmove (dst, old, len);
176 dst += len;
177
178 if (*src == ':') /* We have extra fields, skip them all */
179 src += strcspn (src, "\n,");
180
181 if ((*src == '\n') || (*src == ','))
182 *dst++ = *src++; /* also done when dst == src, but that's ok */
183 }
184 if (src != dst)
185 *dst = 0;
186
187 return ptr;
188 }
189
190 /* "system.posix_acl_access" */
191 static void
192 xattrs__acls_set (struct tar_stat_info const *st,
193 char const *file_name, int type,
194 char *ptr, size_t len, bool def)
195 {
196 acl_t acl;
197
198 if (ptr)
199 {
200 /* assert (strlen (ptr) == len); */
201 ptr = fixup_extra_acl_fields (ptr);
202
203 acl = acl_from_text (ptr);
204 acls_option = 1;
205 }
206 else if (acls_option > 0)
207 acl = perms2acl (st->stat.st_mode);
208 else
209 return; /* don't call acl functions unless we first hit an ACL, or
210 --acls was passed explicitly */
211
212 if (!acl)
213 {
214 call_arg_warn ("acl_from_text", file_name);
215 return;
216 }
217
218 if (acl_set_file_at (chdir_fd, file_name, type, acl) == -1)
219 /* warn even if filesystem does not support acls */
220 WARNOPT (WARN_XATTR_WRITE,
221 (0, errno,
222 _ ("acl_set_file_at: Cannot set POSIX ACLs for file '%s'"),
223 file_name));
224
225 acl_free (acl);
226 }
227
228 static void
229 xattrs__acls_get_a (int parentfd, const char *file_name,
230 struct tar_stat_info *st,
231 char **ret_ptr, size_t * ret_len)
232 {
233 char *val = NULL;
234 ssize_t len;
235 acl_t acl;
236
237 if (!(acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_ACCESS)))
238 {
239 if (errno != ENOTSUP)
240 call_arg_warn ("acl_get_file_at", file_name);
241 return;
242 }
243
244 val = acl_to_text (acl, &len);
245 acl_free (acl);
246
247 if (!val)
248 {
249 call_arg_warn ("acl_to_text", file_name);
250 return;
251 }
252
253 *ret_ptr = xstrdup (val);
254 *ret_len = len;
255
256 acl_free (val);
257 }
258
259 /* "system.posix_acl_default" */
260 static void
261 xattrs__acls_get_d (int parentfd, char const *file_name,
262 struct tar_stat_info *st,
263 char **ret_ptr, size_t * ret_len)
264 {
265 char *val = NULL;
266 ssize_t len;
267 acl_t acl;
268
269 if (!(acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_DEFAULT)))
270 {
271 if (errno != ENOTSUP)
272 call_arg_warn ("acl_get_file_at", file_name);
273 return;
274 }
275
276 val = acl_to_text (acl, &len);
277 acl_free (acl);
278
279 if (!val)
280 {
281 call_arg_warn ("acl_to_text", file_name);
282 return;
283 }
284
285 *ret_ptr = xstrdup (val);
286 *ret_len = len;
287
288 acl_free (val);
289 }
290 #endif /* HAVE_POSIX_ACLS */
291
292 static void
293 acls_one_line (const char *prefix, char delim,
294 const char *aclstring, size_t len)
295 {
296 /* support both long and short text representation of posix acls */
297 struct obstack stk;
298 int pref_len = strlen (prefix);
299 const char *oldstring = aclstring;
300 int pos = 0;
301
302 if (!aclstring || !len)
303 return;
304
305 obstack_init (&stk);
306 while (pos <= len)
307 {
308 int move = strcspn (aclstring, ",\n");
309 if (!move)
310 break;
311
312 if (oldstring != aclstring)
313 obstack_1grow (&stk, delim);
314
315 obstack_grow (&stk, prefix, pref_len);
316 obstack_grow (&stk, aclstring, move);
317
318 aclstring += move + 1;
319 }
320
321 obstack_1grow (&stk, '\0');
322
323 fprintf (stdlis, "%s", (char *) obstack_finish (&stk));
324
325 obstack_free (&stk, NULL);
326 }
327
328 void
329 xattrs_acls_get (int parentfd, char const *file_name,
330 struct tar_stat_info *st, int fd, int xisfile)
331 {
332 if (acls_option > 0)
333 {
334 #ifndef HAVE_POSIX_ACLS
335 static int done = 0;
336 if (!done)
337 WARN ((0, 0, _("POSIX ACL support is not available")));
338 done = 1;
339 #else
340 int err = file_has_acl_at (parentfd, file_name, &st->stat);
341 if (err == 0)
342 return;
343 if (err == -1)
344 {
345 call_arg_warn ("file_has_acl_at", file_name);
346 return;
347 }
348
349 xattrs__acls_get_a (parentfd, file_name, st,
350 &st->acls_a_ptr, &st->acls_a_len);
351 if (!xisfile)
352 xattrs__acls_get_d (parentfd, file_name, st,
353 &st->acls_d_ptr, &st->acls_d_len);
354 #endif
355 }
356 }
357
358 void
359 xattrs_acls_set (struct tar_stat_info const *st,
360 char const *file_name, char typeflag)
361 {
362 if (acls_option > 0 && typeflag != SYMTYPE)
363 {
364 #ifndef HAVE_POSIX_ACLS
365 static int done = 0;
366 if (!done)
367 WARN ((0, 0, _("POSIX ACL support is not available")));
368 done = 1;
369 #else
370 xattrs__acls_set (st, file_name, ACL_TYPE_ACCESS,
371 st->acls_a_ptr, st->acls_a_len, false);
372 if (typeflag == DIRTYPE || typeflag == GNUTYPE_DUMPDIR)
373 xattrs__acls_set (st, file_name, ACL_TYPE_DEFAULT,
374 st->acls_d_ptr, st->acls_d_len, true);
375 #endif
376 }
377 }
378
379 static void
380 mask_map_realloc (struct xattrs_mask_map *map)
381 {
382 if (map->used == map->size)
383 {
384 if (map->size == 0)
385 map->size = 4;
386 map->masks = x2nrealloc (map->masks, &map->size, sizeof (map->masks[0]));
387 }
388 }
389
390 void
391 xattrs_mask_add (const char *mask, bool incl)
392 {
393 struct xattrs_mask_map *mask_map =
394 incl ? &xattrs_setup.incl : &xattrs_setup.excl;
395 /* ensure there is enough space */
396 mask_map_realloc (mask_map);
397 /* just assign pointers -- we silently expect that pointer "mask" is valid
398 through the whole program (pointer to argv array) */
399 mask_map->masks[mask_map->used++] = mask;
400 }
401
402 static void
403 clear_mask_map (struct xattrs_mask_map *mask_map)
404 {
405 if (mask_map->size)
406 free (mask_map->masks);
407 }
408
409 void
410 xattrs_clear_setup (void)
411 {
412 clear_mask_map (&xattrs_setup.incl);
413 clear_mask_map (&xattrs_setup.excl);
414 }
415
416 /* get all xattrs from file given by FILE_NAME or FD (when non-zero). This
417 includes all the user.*, security.*, system.*, etc. available domains */
418 void
419 xattrs_xattrs_get (int parentfd, char const *file_name,
420 struct tar_stat_info *st, int fd)
421 {
422 if (xattrs_option > 0)
423 {
424 #ifndef HAVE_XATTRS
425 static int done = 0;
426 if (!done)
427 WARN ((0, 0, _("XATTR support is not available")));
428 done = 1;
429 #else
430 static size_t xsz = 1024;
431 static char *xatrs = NULL;
432 ssize_t xret = -1;
433
434 if (!xatrs)
435 xatrs = x2nrealloc (xatrs, &xsz, 1);
436
437 while (((fd == 0) ?
438 ((xret =
439 llistxattrat (parentfd, file_name, xatrs, xsz)) == -1) :
440 ((xret = flistxattr (fd, xatrs, xsz)) == -1))
441 && (errno == ERANGE))
442 {
443 xatrs = x2nrealloc (xatrs, &xsz, 1);
444 }
445
446 if (xret == -1)
447 call_arg_warn ((fd == 0) ? "llistxattrat" : "flistxattr", file_name);
448 else
449 {
450 const char *attr = xatrs;
451 static size_t asz = 1024;
452 static char *val = NULL;
453
454 if (!val)
455 val = x2nrealloc (val, &asz, 1);
456
457 while (xret > 0)
458 {
459 size_t len = strlen (attr);
460 ssize_t aret = 0;
461
462 /* Archive all xattrs during creation, decide at extraction time
463 * which ones are of interest/use for the target filesystem. */
464 while (((fd == 0)
465 ? ((aret = lgetxattrat (parentfd, file_name, attr,
466 val, asz)) == -1)
467 : ((aret = fgetxattr (fd, attr, val, asz)) == -1))
468 && (errno == ERANGE))
469 {
470 val = x2nrealloc (val, &asz, 1);
471 }
472
473 if (aret != -1)
474 xheader_xattr_add (st, attr, val, aret);
475 else if (errno != ENOATTR)
476 call_arg_warn ((fd == 0) ? "lgetxattrat"
477 : "fgetxattr", file_name);
478
479 attr += len + 1;
480 xret -= len + 1;
481 }
482 }
483 #endif
484 }
485 }
486
487 static void
488 xattrs__fd_set (struct tar_stat_info const *st,
489 char const *file_name, char typeflag,
490 const char *attr, const char *ptr, size_t len)
491 {
492 if (ptr)
493 {
494 const char *sysname = "setxattrat";
495 int ret = -1;
496
497 if (typeflag != SYMTYPE)
498 ret = setxattrat (chdir_fd, file_name, attr, ptr, len, 0);
499 else
500 {
501 sysname = "lsetxattr";
502 ret = lsetxattrat (chdir_fd, file_name, attr, ptr, len, 0);
503 }
504
505 if (ret == -1)
506 WARNOPT (WARN_XATTR_WRITE,
507 (0, errno,
508 _("%s: Cannot set '%s' extended attribute for file '%s'"),
509 sysname, attr, file_name));
510 }
511 }
512
513 /* lgetfileconat is called against FILE_NAME iff the FD parameter is set to
514 zero, otherwise the fgetfileconat is used against correct file descriptor */
515 void
516 xattrs_selinux_get (int parentfd, char const *file_name,
517 struct tar_stat_info *st, int fd)
518 {
519 if (selinux_context_option > 0)
520 {
521 #if HAVE_SELINUX_SELINUX_H != 1
522 static int done = 0;
523 if (!done)
524 WARN ((0, 0, _("SELinux support is not available")));
525 done = 1;
526 #else
527 int result = fd ?
528 fgetfilecon (fd, &st->cntx_name)
529 : lgetfileconat (parentfd, file_name, &st->cntx_name);
530
531 if (result == -1 && errno != ENODATA && errno != ENOTSUP)
532 call_arg_warn (fd ? "fgetfilecon" : "lgetfileconat", file_name);
533 #endif
534 }
535 }
536
537 void
538 xattrs_selinux_set (struct tar_stat_info const *st,
539 char const *file_name, char typeflag)
540 {
541 if (selinux_context_option > 0)
542 {
543 #if HAVE_SELINUX_SELINUX_H != 1
544 static int done = 0;
545 if (!done)
546 WARN ((0, 0, _("SELinux support is not available")));
547 done = 1;
548 #else
549 const char *sysname = "setfilecon";
550 int ret;
551
552 if (!st->cntx_name)
553 return;
554
555 if (typeflag != SYMTYPE)
556 {
557 ret = setfileconat (chdir_fd, file_name, st->cntx_name);
558 sysname = "setfileconat";
559 }
560 else
561 {
562 ret = lsetfileconat (chdir_fd, file_name, st->cntx_name);
563 sysname = "lsetfileconat";
564 }
565
566 if (ret == -1)
567 WARNOPT (WARN_XATTR_WRITE,
568 (0, errno,
569 _("%s: Cannot set SELinux context for file '%s'"),
570 sysname, file_name));
571 #endif
572 }
573 }
574
575 static bool
576 xattrs_matches_mask (const char *kw, struct xattrs_mask_map *mm)
577 {
578 int i;
579
580 if (!mm->size)
581 return false;
582
583 for (i = 0; i < mm->used; i++)
584 if (fnmatch (mm->masks[i], kw, 0) == 0)
585 return true;
586
587 return false;
588 }
589
590 #define USER_DOT_PFX "user."
591
592 static bool
593 xattrs_kw_included (const char *kw, bool archiving)
594 {
595 if (xattrs_setup.incl.size)
596 return xattrs_matches_mask (kw, &xattrs_setup.incl);
597 else if (archiving)
598 return true;
599 else
600 return strncmp (kw, USER_DOT_PFX, sizeof (USER_DOT_PFX) - 1) == 0;
601 }
602
603 static bool
604 xattrs_kw_excluded (const char *kw, bool archiving)
605 {
606 return xattrs_setup.excl.size ?
607 xattrs_matches_mask (kw, &xattrs_setup.excl) : false;
608 }
609
610 /* Check whether the xattr with keyword KW should be discarded from list of
611 attributes that are going to be archived/excluded (set ARCHIVING=true for
612 archiving, false for excluding) */
613 static bool
614 xattrs_masked_out (const char *kw, bool archiving)
615 {
616 return xattrs_kw_included (kw, archiving) ?
617 xattrs_kw_excluded (kw, archiving) : true;
618 }
619
620 void
621 xattrs_xattrs_set (struct tar_stat_info const *st,
622 char const *file_name, char typeflag, int later_run)
623 {
624 if (xattrs_option > 0)
625 {
626 #ifndef HAVE_XATTRS
627 static int done = 0;
628 if (!done)
629 WARN ((0, 0, _("XATTR support is not available")));
630 done = 1;
631 #else
632 size_t scan = 0;
633
634 if (!st->xattr_map_size)
635 return;
636
637 for (; scan < st->xattr_map_size; ++scan)
638 {
639 char *keyword = st->xattr_map[scan].xkey;
640 keyword += strlen ("SCHILY.xattr.");
641
642 /* TODO: this 'later_run' workaround is temporary solution -> once
643 capabilities should become fully supported by it's API and there
644 should exist something like xattrs_capabilities_set() call.
645 For a regular files: all extended attributes are restored during
646 the first run except 'security.capability' which is restored in
647 'later_run == 1'. */
648 if (typeflag == REGTYPE
649 && later_run == !!strcmp (keyword, "security.capability"))
650 continue;
651
652 if (xattrs_masked_out (keyword, false /* extracting */ ))
653 /* we don't want to restore this keyword */
654 continue;
655
656 xattrs__fd_set (st, file_name, typeflag, keyword,
657 st->xattr_map[scan].xval_ptr,
658 st->xattr_map[scan].xval_len);
659 }
660 #endif
661 }
662 }
663
664 void
665 xattrs_print_char (struct tar_stat_info const *st, char *output)
666 {
667 int i;
668
669 if (verbose_option < 2)
670 {
671 *output = 0;
672 return;
673 }
674
675 if (xattrs_option > 0 || selinux_context_option > 0 || acls_option > 0)
676 {
677 /* placeholders */
678 *output = ' ';
679 output[1] = 0;
680 }
681
682 if (xattrs_option > 0 && st->xattr_map_size)
683 for (i = 0; i < st->xattr_map_size; ++i)
684 {
685 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
686 if (!xattrs_masked_out (keyword, false /* like extracting */ ))
687 {
688 *output = '*';
689 break;
690 }
691 }
692
693 if (selinux_context_option > 0 && st->cntx_name)
694 *output = '.';
695
696 if (acls_option && (st->acls_a_len || st->acls_d_len))
697 *output = '+';
698 }
699
700 void
701 xattrs_print (struct tar_stat_info const *st)
702 {
703 if (verbose_option < 3)
704 return;
705
706 /* selinux */
707 if (selinux_context_option && st->cntx_name)
708 fprintf (stdlis, " s: %s\n", st->cntx_name);
709
710 /* acls */
711 if (acls_option && (st->acls_a_len || st->acls_d_len))
712 {
713 fprintf (stdlis, " a: ");
714 acls_one_line ("", ',', st->acls_a_ptr, st->acls_a_len);
715 acls_one_line ("default:", ',', st->acls_d_ptr, st->acls_d_len);
716 fprintf (stdlis, "\n");
717 }
718
719 /* xattrs */
720 if (xattrs_option && st->xattr_map_size)
721 {
722 int i;
723
724 for (i = 0; i < st->xattr_map_size; ++i)
725 {
726 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
727 if (!xattrs_masked_out (keyword, false /* like extracting */ ))
728 fprintf (stdlis, " x: %lu %s\n",
729 (unsigned long) st->xattr_map[i].xval_len, keyword);
730 }
731 }
732 }
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.069574 seconds and 5 git commands to generate.