X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=etc%2Fafpd%2Funix.c;h=f604d79b8258a44ccdb5b228d18c543f40bda77c;hb=4054f4b3c85ecab060dafd46c0d3632cadbb5803;hp=240bfd2a338ebe5e0c4c54677bdb48d9a2cd0db9;hpb=17fb54f23103badd9757b4ff1e057b0d4c4096e9;p=netatalk.git diff --git a/etc/afpd/unix.c b/etc/afpd/unix.c index 240bfd2a..f604d79b 100644 --- a/etc/afpd/unix.c +++ b/etc/afpd/unix.c @@ -1,6 +1,4 @@ /* - * $Id: unix.c,v 1.51 2009-01-30 04:57:42 didg Exp $ - * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. */ @@ -30,28 +28,29 @@ char *strchr (), *strrchr (); #endif /* STDC_HEADERS */ #include -#include #include #include -#include #include #include +#include #include #include +#include +#include #include "auth.h" #include "directory.h" #include "volume.h" #include "unix.h" #include "fork.h" +#ifdef HAVE_ACLS +#include "acls.h" +#endif /* * Get the free space on a partition. */ -int ustatfs_getvolspace( vol, bfree, btotal, bsize ) -const struct vol *vol; -VolSpace *bfree, *btotal; -u_int32_t *bsize; +int ustatfs_getvolspace(const struct vol *vol, VolSpace *bfree, VolSpace *btotal, u_int32_t *bsize) { VolSpace maxVolSpace = (~(VolSpace)0); @@ -99,8 +98,7 @@ u_int32_t *bsize; return( AFP_OK ); } -static int utombits( bits ) -mode_t bits; +static int utombits(mode_t bits) { int mbits; @@ -117,9 +115,7 @@ mode_t bits; /* -------------------------------- cf AFP 3.0 page 63 */ -void utommode( stat, ma ) -struct stat *stat; -struct maccess *ma; +void utommode(struct stat *stat, struct maccess *ma) { mode_t mode; @@ -161,6 +157,7 @@ mode_t mode; } #ifdef accessmode + #undef accessmode #endif /* @@ -169,30 +166,26 @@ mode_t mode; * * Note: the previous method, using access(), does not work correctly * over NFS. - * FIXME what about ACL? * * dir parameter is used by AFS */ -void accessmode( path, ma, dir, st ) -char *path; -struct maccess *ma; -struct dir *dir _U_; -struct stat *st; - +void accessmode(char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st) { -struct stat sb; + struct stat sb; ma->ma_user = ma->ma_owner = ma->ma_world = ma->ma_group = 0; if (!st) { - if (stat(path, &sb) != 0) + if (lstat(path, &sb) != 0) return; st = &sb; } utommode( st, ma ); +#ifdef HAVE_ACLS + acltoownermode(path, st, ma); +#endif } -int gmem( gid ) -const gid_t gid; +int gmem(const gid_t gid) { int i; @@ -204,8 +197,7 @@ const gid_t gid; return( 0 ); } -static mode_t mtoubits( bits ) -u_char bits; +static mode_t mtoubits(u_char bits) { mode_t mode; @@ -224,8 +216,7 @@ u_char bits; and from AFP 3.0 spec page 63 the mac mode should be save somewhere */ -mode_t mtoumode( ma ) -struct maccess *ma; +mode_t mtoumode(struct maccess *ma) { mode_t mode; @@ -241,82 +232,9 @@ struct maccess *ma; return( mode ); } -/* ----------------------------- */ -char *fullpathname(const char *name) -{ - static char wd[ MAXPATHLEN + 1]; - - if ( getcwd( wd , MAXPATHLEN) ) { - strlcat(wd, "/", MAXPATHLEN); - strlcat(wd, name, MAXPATHLEN); - } - else { - strlcpy(wd, name, MAXPATHLEN); - } - return wd; -} - -/* ----------------------------- - a dropbox is a folder where w is set but not r eg: - rwx-wx-wx or rwx-wx-- - rwx----wx (is not asked by a Mac with OS >= 8.0 ?) -*/ -int stickydirmode(name, mode, dropbox) -const char * name; -const mode_t mode; -const int dropbox; -{ - int retval = 0; - -#ifdef DROPKLUDGE - /* Turn on the sticky bit if this is a drop box, also turn off the setgid bit */ - if ((dropbox & AFPVOL_DROPBOX)) { - int uid; - - if ( ( (mode & S_IWOTH) && !(mode & S_IROTH)) || - ( (mode & S_IWGRP) && !(mode & S_IRGRP)) ) - { - uid=geteuid(); - if ( seteuid(0) < 0) { - LOG(log_error, logtype_afpd, "stickydirmode: unable to seteuid root: %s", strerror(errno)); - } - if ( (retval=chmod( name, ( (DIRBITS | mode | S_ISVTX) & ~default_options.umask) )) < 0) { - LOG(log_error, logtype_afpd, "stickydirmode: chmod \"%s\": %s", fullpathname(name), strerror(errno) ); - } else { -#ifdef DEBUG - LOG(log_info, logtype_afpd, "stickydirmode: (debug) chmod \"%s\": %s", fullpathname(name), strerror(retval) ); -#endif /* DEBUG */ - } - seteuid(uid); - return retval; - } - } -#endif /* DROPKLUDGE */ - - /* - * Ignore EPERM errors: We may be dealing with a directory that is - * group writable, in which case chmod will fail. - */ - if ( (chmod( name, (DIRBITS | mode) & ~default_options.umask ) < 0) && errno != EPERM && - !(errno == ENOENT && (dropbox & AFPVOL_NOADOUBLE)) ) - { - LOG(log_error, logtype_afpd, "stickydirmode: chmod \"%s\": %s", fullpathname(name), strerror(errno) ); - retval = -1; - } - - return retval; -} - -/* ------------------------- */ -int dir_rx_set(mode_t mode) -{ - return (mode & (S_IXUSR | S_IRUSR)) == (S_IXUSR | S_IRUSR); -} - #define EXEC_MODE (S_IXGRP | S_IXUSR | S_IXOTH) -int setdeskmode( mode ) -const mode_t mode; +int setdeskmode(const mode_t mode) { char wd[ MAXPATHLEN + 1]; struct stat st; @@ -359,7 +277,7 @@ const mode_t mode; *m = '\0'; strcat( modbuf, subp->d_name ); /* XXX: need to preserve special modes */ - if (stat(modbuf, &st) < 0) { + if (lstat(modbuf, &st) < 0) { LOG(log_error, logtype_afpd, "setdeskmode: stat %s: %s",fullpathname(modbuf), strerror(errno) ); continue; } @@ -392,10 +310,7 @@ const mode_t mode; } /* --------------------- */ -int setfilunixmode (vol, path, mode) -const struct vol *vol; -struct path* path; -mode_t mode; +int setfilunixmode (const struct vol *vol, struct path* path, mode_t mode) { if (!path->st_valid) { of_stat(path); @@ -407,64 +322,41 @@ mode_t mode; mode |= vol->v_fperm; - if (setfilmode( path->u_name, mode, &path->st) < 0) + if (setfilmode( path->u_name, mode, &path->st, vol->v_umask) < 0) return -1; /* we need to set write perm if read set for resource fork */ - return vol->vfs->rf_setfilmode(vol, path->u_name, mode, &path->st); + return vol->vfs->vfs_setfilmode(vol, path->u_name, mode, &path->st); } -/* --------------------- */ -int setfilmode(name, mode, st) -const char * name; -mode_t mode; -struct stat *st; -{ -struct stat sb; -mode_t mask = S_IRWXU | S_IRWXG | S_IRWXO; /* rwx for owner group and other, by default */ - - if (!st) { - if (stat(name, &sb) != 0) - return -1; - st = &sb; - } - - mode |= st->st_mode & ~mask; /* keep other bits from previous mode */ - if ( chmod( name, mode & ~default_options.umask ) < 0 && errno != EPERM ) { - return -1; - } - return 0; -} /* --------------------- */ -int setdirunixmode( vol, name, mode ) -const struct vol *vol; -const char *name; -mode_t mode; +int setdirunixmode(const struct vol *vol, const char *name, mode_t mode) { int dropbox = (vol->v_flags & AFPVOL_DROPBOX); + + LOG(log_debug, logtype_afpd, "setdirunixmode('%s', mode:%04o) {v_dperm:%04o}", + fullpathname(name), mode, vol->v_dperm); + mode |= vol->v_dperm; if (dir_rx_set(mode)) { /* extending right? dir first then .AppleDouble in rf_setdirmode */ - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } - if (vol->vfs->rf_setdirunixmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { + if (vol->vfs->vfs_setdirunixmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { return -1 ; } if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } return 0; } /* --------------------- */ -int setdirmode( vol, name, mode ) -const struct vol *vol; -const char *name; -mode_t mode; +int setdirmode(const struct vol *vol, const char *name, mode_t mode) { struct stat st; struct dirent *dirp; @@ -478,7 +370,7 @@ mode_t mode; if (dir_rx_set(mode)) { /* extending right? dir first */ - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } @@ -492,7 +384,7 @@ mode_t mode; if ( *dirp->d_name == '.' && (!osx || dirp->d_name[1] != '_')) { continue; } - if ( stat( dirp->d_name, &st ) < 0 ) { + if ( lstat( dirp->d_name, &st ) < 0 ) { LOG(log_error, logtype_afpd, "setdirmode: stat %s: %s",dirp->d_name, strerror(errno) ); continue; } @@ -500,7 +392,7 @@ mode_t mode; if (!S_ISDIR(st.st_mode)) { int setmode = (osx && *dirp->d_name == '.')?hf_mode:mode; - if (setfilmode(dirp->d_name, setmode, &st) < 0) { + if (setfilmode(dirp->d_name, setmode, &st, vol->v_umask) < 0) { LOG(log_error, logtype_afpd, "setdirmode: chmod %s: %s",dirp->d_name, strerror(errno) ); return -1; } @@ -508,21 +400,19 @@ mode_t mode; } closedir( dir ); - if (vol->vfs->rf_setdirmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { + if (vol->vfs->vfs_setdirmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { return -1 ; } if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, dropbox) < 0 ) + if ( stickydirmode(name, DIRBITS | mode, dropbox, vol->v_umask) < 0 ) return -1; } return( 0 ); } /* ----------------------------- */ -int setdeskowner( uid, gid ) -const uid_t uid; -const gid_t gid; +int setdeskowner(const uid_t uid, const gid_t gid) { char wd[ MAXPATHLEN + 1]; char modbuf[12 + 1], *m; @@ -584,11 +474,7 @@ const gid_t gid; } /* ----------------------------- */ -int setfilowner(vol, uid, gid, path) -const struct vol *vol; -const uid_t uid; -const gid_t gid; -struct path* path; +int setfilowner(const struct vol *vol, const uid_t uid, const gid_t gid, struct path* path) { if (!path->st_valid) { @@ -599,13 +485,13 @@ struct path* path; return -1; } - if ( chown( path->u_name, uid, gid ) < 0 && errno != EPERM ) { + if ( lchown( path->u_name, uid, gid ) < 0 && errno != EPERM ) { LOG(log_debug, logtype_afpd, "setfilowner: chown %d/%d %s: %s", uid, gid, path->u_name, strerror(errno) ); return -1; } - if (vol->vfs->rf_chown(vol, path->u_name, uid, gid ) < 0 && errno != EPERM) { + if (vol->vfs->vfs_chown(vol, path->u_name, uid, gid ) < 0 && errno != EPERM) { LOG(log_debug, logtype_afpd, "setfilowner: rf_chown %d/%d %s: %s", uid, gid, path->u_name, strerror(errno) ); return -1; @@ -619,11 +505,7 @@ struct path* path; * that user/group should inherit from other, but that doesn't fit * into the unix permission scheme. we can get around this by * co-opting some bits. */ -int setdirowner(vol, name, uid, gid ) -const struct vol *vol; -const char *name; -const uid_t uid; -const gid_t gid; +int setdirowner(const struct vol *vol, const char *name, const uid_t uid, const gid_t gid) { struct stat st; struct dirent *dirp; @@ -637,13 +519,13 @@ const gid_t gid; if ( *dirp->d_name == '.' && (!osx || dirp->d_name[1] != '_')) { continue; } - if ( stat( dirp->d_name, &st ) < 0 ) { + if ( lstat( dirp->d_name, &st ) < 0 ) { LOG(log_error, logtype_afpd, "setdirowner: stat %s: %s", fullpathname(dirp->d_name), strerror(errno) ); continue; } if (( st.st_mode & S_IFMT ) == S_IFREG ) { - if ( chown( dirp->d_name, uid, gid ) < 0 && errno != EPERM ) { + if ( lchown( dirp->d_name, uid, gid ) < 0 && errno != EPERM ) { LOG(log_debug, logtype_afpd, "setdirowner: chown %s: %s", fullpathname(dirp->d_name), strerror(errno) ); /* return ( -1 ); Sometimes this is okay */ @@ -652,14 +534,14 @@ const gid_t gid; } closedir( dir ); - if (vol->vfs->rf_setdirowner(vol, name, uid, gid) < 0) { + if (vol->vfs->vfs_setdirowner(vol, name, uid, gid) < 0) { return -1; } - if ( stat( ".", &st ) < 0 ) { + if ( lstat( ".", &st ) < 0 ) { return( -1 ); } - if ( gid && gid != st.st_gid && chown( ".", uid, gid ) < 0 && errno != EPERM ) { + if ( gid && gid != st.st_gid && lchown( ".", uid, gid ) < 0 && errno != EPERM ) { LOG(log_debug, logtype_afpd, "setdirowner: chown %d/%d %s: %s", uid, gid, fullpathname("."), strerror(errno) ); } @@ -683,7 +565,7 @@ static int recursive_chown(const char *path, uid_t uid, gid_t gid) { return -1; } - if (stat(path, &sbuf) < 0) { + if (lstat(path, &sbuf) < 0) { LOG(log_error, logtype_afpd, "cannot chown() file [%s] (uid = %d): %s", path, uid, strerror(errno)); return -1; } @@ -714,45 +596,3 @@ recursive_chown_end: } #endif -/* This is equivalent of unix rename(). */ -int unix_rename(const char *oldpath, const char *newpath) -{ -#if 0 - char pd_name[PATH_MAX+1]; - int i; - struct stat pd_stat; - uid_t uid; -#endif - - if (rename(oldpath, newpath) < 0) - return -1; -#if 0 - for (i = 0; i <= PATH_MAX && newpath[i] != '\0'; i++) - pd_name[i] = newpath[i]; - pd_name[i] = '\0'; - - while (i > 0 && pd_name[i] != '/') i--; - if (pd_name[i] == '/') i++; - - pd_name[i++] = '.'; pd_name[i++] = '\0'; - - if (stat(pd_name, &pd_stat) < 0) { - LOG(log_error, logtype_afpd, "stat() of parent dir failed: pd_name = %s, uid = %d: %s", - pd_name, geteuid(), strerror(errno)); - return 0; - } - - /* So we have SGID bit set... */ - if ((S_ISGID & pd_stat.st_mode) != 0) { - uid = geteuid(); - if (seteuid(0) < 0) - LOG(log_error, logtype_afpd, "seteuid() failed: %s", strerror(errno)); - if (recursive_chown(newpath, uid, pd_stat.st_gid) < 0) - LOG(log_error, logtype_afpd, "chown() of parent dir failed: newpath=%s, uid=%d: %s", - pd_name, geteuid(), strerror(errno)); - seteuid(uid); - } -#endif - return 0; -} -