X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=etc%2Fafpd%2Funix.c;h=6880f3a650826ece14b1ebf5889ddd1afc68b112;hb=edefad2f0703ed2f6a21025d615600ed18c83d18;hp=03be770315f9be3efeff822065fd156ea920b6f5;hpb=36943ffdcc8b26901d0daff88f490608ee34d4c8;p=netatalk.git diff --git a/etc/afpd/unix.c b/etc/afpd/unix.c index 03be7703..6880f3a6 100644 --- a/etc/afpd/unix.c +++ b/etc/afpd/unix.c @@ -1,5 +1,5 @@ /* - * $Id: unix.c,v 1.48 2005-06-02 12:32:18 didg Exp $ + * $Id: unix.c,v 1.59 2009-10-29 10:04:35 didg Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. @@ -30,14 +30,14 @@ char *strchr (), *strrchr (); #endif /* STDC_HEADERS */ #include -#include #include #include -#include #include #include +#include #include #include +#include #include "auth.h" #include "directory.h" @@ -45,13 +45,15 @@ char *strchr (), *strrchr (); #include "unix.h" #include "fork.h" +#ifdef HAVE_NFSv4_ACLS +extern void acltoownermode(char *path, struct stat *st,uid_t uid, struct maccess *ma); +#endif + + /* * Get the free space on a partition. */ -int ustatfs_getvolspace( vol, bfree, btotal, bsize ) -const struct vol *vol; -VolSpace *bfree, *btotal; -u_int32_t *bsize; +int ustatfs_getvolspace(const struct vol *vol, VolSpace *bfree, VolSpace *btotal, u_int32_t *bsize) { VolSpace maxVolSpace = (~(VolSpace)0); @@ -99,8 +101,7 @@ u_int32_t *bsize; return( AFP_OK ); } -static __inline__ int utombits( bits ) -mode_t bits; +static int utombits(mode_t bits) { int mbits; @@ -117,9 +118,7 @@ mode_t bits; /* -------------------------------- cf AFP 3.0 page 63 */ -void utommode( stat, ma ) -struct stat *stat; -struct maccess *ma; +void utommode(struct stat *stat, struct maccess *ma) { mode_t mode; @@ -169,15 +168,10 @@ mode_t mode; * * Note: the previous method, using access(), does not work correctly * over NFS. - * FIXME what about ACL? * * dir parameter is used by AFS */ -void accessmode( path, ma, dir, st ) -char *path; -struct maccess *ma; -struct dir *dir _U_; -struct stat *st; +void accessmode(char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st) { struct stat sb; @@ -189,10 +183,13 @@ struct stat sb; st = &sb; } utommode( st, ma ); +#ifdef HAVE_NFSv4_ACLS + /* 10.5 Finder looks at OS 9 mode, so we must do some mapping */ + acltoownermode( path, st, uuid, ma); +#endif } -int gmem( gid ) -const gid_t gid; +int gmem(const gid_t gid) { int i; @@ -204,8 +201,7 @@ const gid_t gid; return( 0 ); } -static __inline__ mode_t mtoubits( bits ) -u_char bits; +static mode_t mtoubits(u_char bits) { mode_t mode; @@ -224,8 +220,7 @@ u_char bits; and from AFP 3.0 spec page 63 the mac mode should be save somewhere */ -mode_t mtoumode( ma ) -struct maccess *ma; +mode_t mtoumode(struct maccess *ma) { mode_t mode; @@ -241,80 +236,9 @@ struct maccess *ma; return( mode ); } -/* ----------------------------- */ -char *fullpathname(const char *name) -{ - static char wd[ MAXPATHLEN + 1]; - - if ( getcwd( wd , MAXPATHLEN) ) { - strlcat(wd, "/", MAXPATHLEN); - strlcat(wd, name, MAXPATHLEN); - } - else { - strlcpy(wd, name, MAXPATHLEN); - } - return wd; -} - -/* ----------------------------- - a dropbox is a folder where w is set but not r eg: - rwx-wx-wx or rwx-wx-- - rwx----wx (is not asked by a Mac with OS >= 8.0 ?) -*/ -int stickydirmode(name, mode, dropbox) -const char * name; -const mode_t mode; -const int dropbox; -{ - int retval = 0; - -#ifdef DROPKLUDGE - /* Turn on the sticky bit if this is a drop box, also turn off the setgid bit */ - if (dropbox) { - int uid; - - if ( ( (mode & S_IWOTH) && !(mode & S_IROTH)) || - ( (mode & S_IWGRP) && !(mode & S_IRGRP)) ) - { - uid=geteuid(); - if ( seteuid(0) < 0) { - LOG(log_error, logtype_afpd, "stickydirmode: unable to seteuid root: %s", strerror(errno)); - } - if ( (retval=chmod( name, ( (DIRBITS | mode | S_ISVTX) & ~default_options.umask) )) < 0) { - LOG(log_error, logtype_afpd, "stickydirmode: chmod \"%s\": %s", fullpathname(name), strerror(errno) ); - } else { -#ifdef DEBUG - LOG(log_info, logtype_afpd, "stickydirmode: (debug) chmod \"%s\": %s", fullpathname(name), strerror(retval) ); -#endif /* DEBUG */ - } - seteuid(uid); - return retval; - } - } -#endif /* DROPKLUDGE */ - - /* - * Ignore EPERM errors: We may be dealing with a directory that is - * group writable, in which case chmod will fail. - */ - if ( (chmod( name, (DIRBITS | mode) & ~default_options.umask ) < 0) && errno != EPERM) { - LOG(log_error, logtype_afpd, "stickydirmode: chmod \"%s\": %s", fullpathname(name), strerror(errno) ); - retval = -1; - } - - return retval; -} - -/* ------------------------- */ -int dir_rx_set(mode_t mode) -{ - return (mode & (S_IXUSR | S_IRUSR)) == (S_IXUSR | S_IRUSR); -} - #define EXEC_MODE (S_IXGRP | S_IXUSR | S_IXOTH) -int setdeskmode( mode ) -const mode_t mode; +int setdeskmode(const mode_t mode) { char wd[ MAXPATHLEN + 1]; struct stat st; @@ -390,10 +314,7 @@ const mode_t mode; } /* --------------------- */ -int setfilunixmode (vol, path, mode) -const struct vol *vol; -struct path* path; -mode_t mode; +int setfilunixmode (const struct vol *vol, struct path* path, mode_t mode) { if (!path->st_valid) { of_stat(path); @@ -403,66 +324,39 @@ mode_t mode; return -1; } - mode |= vol->v_perm; + mode |= vol->v_fperm; - if (setfilmode( path->u_name, mode, &path->st) < 0) + if (setfilmode( path->u_name, mode, &path->st, vol->v_umask) < 0) return -1; /* we need to set write perm if read set for resource fork */ - return vol->vfs->rf_setfilmode(vol, path->u_name, mode, &path->st); + return vol->vfs->vfs_setfilmode(vol, path->u_name, mode, &path->st); } -/* --------------------- */ -int setfilmode(name, mode, st) -const char * name; -mode_t mode; -struct stat *st; -{ -struct stat sb; -mode_t mask = S_IRWXU | S_IRWXG | S_IRWXO; /* rwx for owner group and other, by default */ - - if (!st) { - if (stat(name, &sb) != 0) - return -1; - st = &sb; - } - - mode |= st->st_mode & ~mask; /* keep other bits from previous mode */ - if ( chmod( name, mode & ~default_options.umask ) < 0 && errno != EPERM ) { - return -1; - } - return 0; -} /* --------------------- */ -int setdirunixmode( vol, name, mode ) -const struct vol *vol; -const char *name; -mode_t mode; +int setdirunixmode(const struct vol *vol, const char *name, mode_t mode) { int dropbox = (vol->v_flags & AFPVOL_DROPBOX); - mode |= vol->v_perm; + mode |= vol->v_dperm; if (dir_rx_set(mode)) { /* extending right? dir first then .AppleDouble in rf_setdirmode */ - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } - if (vol->vfs->rf_setdirunixmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { + if (vol->vfs->vfs_setdirunixmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { return -1 ; } if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } return 0; } /* --------------------- */ -int setdirmode( vol, name, mode ) -const struct vol *vol; -const char *name; -mode_t mode; +int setdirmode(const struct vol *vol, const char *name, mode_t mode) { struct stat st; struct dirent *dirp; @@ -471,12 +365,12 @@ mode_t mode; int osx = vol->v_adouble == AD_VERSION2_OSX; int dropbox = (vol->v_flags & AFPVOL_DROPBOX); - mode |= vol->v_perm; + mode |= vol->v_dperm; hf_mode = ad_hf_mode(mode); if (dir_rx_set(mode)) { /* extending right? dir first */ - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } @@ -498,7 +392,7 @@ mode_t mode; if (!S_ISDIR(st.st_mode)) { int setmode = (osx && *dirp->d_name == '.')?hf_mode:mode; - if (setfilmode(dirp->d_name, setmode, &st) < 0) { + if (setfilmode(dirp->d_name, setmode, &st, vol->v_umask) < 0) { LOG(log_error, logtype_afpd, "setdirmode: chmod %s: %s",dirp->d_name, strerror(errno) ); return -1; } @@ -506,21 +400,19 @@ mode_t mode; } closedir( dir ); - if (vol->vfs->rf_setdirmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { + if (vol->vfs->vfs_setdirmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { return -1 ; } if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } return( 0 ); } /* ----------------------------- */ -int setdeskowner( uid, gid ) -const uid_t uid; -const gid_t gid; +int setdeskowner(const uid_t uid, const gid_t gid) { char wd[ MAXPATHLEN + 1]; char modbuf[12 + 1], *m; @@ -582,11 +474,7 @@ const gid_t gid; } /* ----------------------------- */ -int setfilowner(vol, uid, gid, path) -const struct vol *vol; -const uid_t uid; -const gid_t gid; -struct path* path; +int setfilowner(const struct vol *vol, const uid_t uid, const gid_t gid, struct path* path) { if (!path->st_valid) { @@ -603,7 +491,7 @@ struct path* path; return -1; } - if (vol->vfs->rf_chown(vol, path->u_name, uid, gid ) < 0 && errno != EPERM) { + if (vol->vfs->vfs_chown(vol, path->u_name, uid, gid ) < 0 && errno != EPERM) { LOG(log_debug, logtype_afpd, "setfilowner: rf_chown %d/%d %s: %s", uid, gid, path->u_name, strerror(errno) ); return -1; @@ -617,11 +505,7 @@ struct path* path; * that user/group should inherit from other, but that doesn't fit * into the unix permission scheme. we can get around this by * co-opting some bits. */ -int setdirowner(vol, name, uid, gid ) -const struct vol *vol; -const char *name; -const uid_t uid; -const gid_t gid; +int setdirowner(const struct vol *vol, const char *name, const uid_t uid, const gid_t gid) { struct stat st; struct dirent *dirp; @@ -650,7 +534,7 @@ const gid_t gid; } closedir( dir ); - if (vol->vfs->rf_setdirowner(vol, name, uid, gid) < 0) { + if (vol->vfs->vfs_setdirowner(vol, name, uid, gid) < 0) { return -1; } @@ -712,45 +596,3 @@ recursive_chown_end: } #endif -/* This is equivalent of unix rename(). */ -int unix_rename(const char *oldpath, const char *newpath) -{ -#if 0 - char pd_name[PATH_MAX+1]; - int i; - struct stat pd_stat; - uid_t uid; -#endif - - if (rename(oldpath, newpath) < 0) - return -1; -#if 0 - for (i = 0; i <= PATH_MAX && newpath[i] != '\0'; i++) - pd_name[i] = newpath[i]; - pd_name[i] = '\0'; - - while (i > 0 && pd_name[i] != '/') i--; - if (pd_name[i] == '/') i++; - - pd_name[i++] = '.'; pd_name[i++] = '\0'; - - if (stat(pd_name, &pd_stat) < 0) { - LOG(log_error, logtype_afpd, "stat() of parent dir failed: pd_name = %s, uid = %d: %s", - pd_name, geteuid(), strerror(errno)); - return 0; - } - - /* So we have SGID bit set... */ - if ((S_ISGID & pd_stat.st_mode) != 0) { - uid = geteuid(); - if (seteuid(0) < 0) - LOG(log_error, logtype_afpd, "seteuid() failed: %s", strerror(errno)); - if (recursive_chown(newpath, uid, pd_stat.st_gid) < 0) - LOG(log_error, logtype_afpd, "chown() of parent dir failed: newpath=%s, uid=%d: %s", - pd_name, geteuid(), strerror(errno)); - seteuid(uid); - } -#endif - return 0; -} -