X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=netatalk.git;a=blobdiff_plain;f=etc%2Fafpd%2Funix.c;h=a42a6ab9093fde4f923e43510474d52ad58334b4;hp=d692b11cbdab2c9d8e83cd6e622a2a8e49d80e2b;hb=c72d10d6f92fe81d040ab983768d7fdccea7fb2e;hpb=30bdec7c3396de87144d5f6d45f11ffa6dad116b diff --git a/etc/afpd/unix.c b/etc/afpd/unix.c index d692b11c..a42a6ab9 100644 --- a/etc/afpd/unix.c +++ b/etc/afpd/unix.c @@ -98,9 +98,9 @@ static int utombits(mode_t bits) /* -------------------------------- cf AFP 3.0 page 63 */ -void utommode(struct stat *stat, struct maccess *ma) +static void utommode(const AFPObj *obj, const struct stat *stat, struct maccess *ma) { -mode_t mode; + mode_t mode; mode = stat->st_mode; ma->ma_world = utombits( mode ); @@ -114,10 +114,10 @@ mode_t mode; /* ma_user is a union of all permissions but we must follow * unix perm */ - if ( (uuid == stat->st_uid) || (uuid == 0)) { + if ( (obj->uid == stat->st_uid) || (obj->uid == 0)) { ma->ma_user = ma->ma_owner | AR_UOWN; } - else if ( gmem( stat->st_gid )) { + else if (gmem(stat->st_gid, obj->ngroups, obj->groups)) { ma->ma_user = ma->ma_group; } else { @@ -152,34 +152,22 @@ mode_t mode; * * dir parameter is used by AFS */ -void accessmode(const struct vol *vol, char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st) +void accessmode(const AFPObj *obj, const struct vol *vol, char *path, struct maccess *ma, struct dir *dir _U_, struct stat *st) { struct stat sb; ma->ma_user = ma->ma_owner = ma->ma_world = ma->ma_group = 0; if (!st) { - if (lstat(path, &sb) != 0) + if (ostat(path, &sb, vol_syml_opt(vol)) != 0) return; st = &sb; } - utommode( st, ma ); + utommode(obj, st, ma ); #ifdef HAVE_ACLS - acltoownermode(vol, path, st, ma); + acltoownermode(obj, vol, path, st, ma); #endif } -int gmem(const gid_t gid) -{ - int i; - - for ( i = 0; i < ngroups; i++ ) { - if ( groups[ i ] == gid ) { - return( 1 ); - } - } - return( 0 ); -} - static mode_t mtoubits(u_char bits) { mode_t mode; @@ -215,88 +203,11 @@ mode_t mtoumode(struct maccess *ma) return( mode ); } -#define EXEC_MODE (S_IXGRP | S_IXUSR | S_IXOTH) - -int setdeskmode(const mode_t mode) -{ - char wd[ MAXPATHLEN + 1]; - struct stat st; - char modbuf[ 12 + 1], *m; - struct dirent *deskp, *subp; - DIR *desk, *sub; - - if (!dir_rx_set(mode)) { - /* want to remove read and search access to owner it will screw the volume */ - return -1 ; - } - if ( getcwd( wd , MAXPATHLEN) == NULL ) { - return( -1 ); - } - if ( chdir( ".AppleDesktop" ) < 0 ) { - return( -1 ); - } - if (( desk = opendir( "." )) == NULL ) { - if ( chdir( wd ) < 0 ) { - LOG(log_error, logtype_afpd, "setdeskmode: chdir %s: %s", wd, strerror(errno) ); - } - return( -1 ); - } - for ( deskp = readdir( desk ); deskp != NULL; deskp = readdir( desk )) { - if ( strcmp( deskp->d_name, "." ) == 0 || - strcmp( deskp->d_name, ".." ) == 0 || strlen( deskp->d_name ) > 2 ) { - continue; - } - strcpy( modbuf, deskp->d_name ); - strcat( modbuf, "/" ); - m = strchr( modbuf, '\0' ); - if (( sub = opendir( deskp->d_name )) == NULL ) { - continue; - } - for ( subp = readdir( sub ); subp != NULL; subp = readdir( sub )) { - if ( strcmp( subp->d_name, "." ) == 0 || - strcmp( subp->d_name, ".." ) == 0 ) { - continue; - } - *m = '\0'; - strcat( modbuf, subp->d_name ); - /* XXX: need to preserve special modes */ - if (lstat(modbuf, &st) < 0) { - LOG(log_error, logtype_afpd, "setdeskmode: stat %s: %s",fullpathname(modbuf), strerror(errno) ); - continue; - } - - if (S_ISDIR(st.st_mode)) { - if ( chmod_acl( modbuf, (DIRBITS | mode) & ~default_options.umask ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskmode: chmod %s: %s",fullpathname(modbuf), strerror(errno) ); - } - } else if ( chmod_acl( modbuf, mode & ~(default_options.umask | EXEC_MODE) ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskmode: chmod %s: %s",fullpathname(modbuf), strerror(errno) ); - } - - } - closedir( sub ); - /* XXX: need to preserve special modes */ - if ( chmod_acl( deskp->d_name, (DIRBITS | mode) & ~default_options.umask ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskmode: chmod %s: %s",fullpathname(deskp->d_name), strerror(errno) ); - } - } - closedir( desk ); - if ( chdir( wd ) < 0 ) { - LOG(log_error, logtype_afpd, "setdeskmode: chdir %s: %s", wd, strerror(errno) ); - return -1; - } - /* XXX: need to preserve special modes */ - if ( chmod_acl( ".AppleDesktop", (DIRBITS | mode) & ~default_options.umask ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskmode: chmod %s: %s", fullpathname(".AppleDesktop"),strerror(errno) ); - } - return( 0 ); -} - /* --------------------- */ int setfilunixmode (const struct vol *vol, struct path* path, mode_t mode) { if (!path->st_valid) { - of_stat(path); + of_stat(vol, path); } if (path->st_errno) { @@ -305,7 +216,7 @@ int setfilunixmode (const struct vol *vol, struct path* path, mode_t mode) mode |= vol->v_fperm; - if (setfilmode( path->u_name, mode, &path->st, vol->v_umask) < 0) + if (setfilmode(vol, path->u_name, mode, &path->st) < 0) return -1; /* we need to set write perm if read set for resource fork */ return vol->vfs->vfs_setfilmode(vol, path->u_name, mode, &path->st); @@ -313,160 +224,42 @@ int setfilunixmode (const struct vol *vol, struct path* path, mode_t mode) /* --------------------- */ -int setdirunixmode(const struct vol *vol, const char *name, mode_t mode) +int setdirunixmode(const struct vol *vol, char *name, mode_t mode) { LOG(log_debug, logtype_afpd, "setdirunixmode('%s', mode:%04o) {v_dperm:%04o}", fullpathname(name), mode, vol->v_dperm); - mode |= vol->v_dperm; + mode |= (vol->v_dperm | DIRBITS) & ~vol->v_umask; if (dir_rx_set(mode)) { /* extending right? dir first then .AppleDouble in rf_setdirmode */ - if ( stickydirmode(name, DIRBITS | mode, 0, vol->v_umask) < 0 ) + if (ochmod(name, mode, NULL, + vol_syml_opt(vol) | vol_chmod_opt(vol) + ) < 0) return -1; } - if (vol->vfs->vfs_setdirunixmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { + if (vol->vfs->vfs_setdirunixmode(vol, name, mode, NULL) < 0) { return -1 ; } if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, 0, vol->v_umask) < 0 ) + if (ochmod(name, mode, NULL, + vol_syml_opt(vol) | vol_chmod_opt(vol) + ) < 0) return -1; } return 0; } -/* --------------------- */ -int setdirmode(const struct vol *vol, const char *name, mode_t mode) -{ - struct stat st; - struct dirent *dirp; - DIR *dir; - - mode |= vol->v_dperm; - - if (dir_rx_set(mode)) { - /* extending right? dir first */ - if ( stickydirmode(name, DIRBITS | mode, 0, vol->v_umask) < 0 ) - return -1; - } - - if (( dir = opendir( name )) == NULL ) { - LOG(log_error, logtype_afpd, "setdirmode: opendir: %s", fullpathname(name), strerror(errno) ); - return( -1 ); - } - - for ( dirp = readdir( dir ); dirp != NULL; dirp = readdir( dir )) { - /* FIXME */ - if (*dirp->d_name == '.') { - continue; - } - if ( lstat( dirp->d_name, &st ) < 0 ) { - LOG(log_error, logtype_afpd, "setdirmode: stat %s: %s",dirp->d_name, strerror(errno) ); - continue; - } - - if (!S_ISDIR(st.st_mode)) { - if (setfilmode(dirp->d_name, mode, &st, vol->v_umask) < 0) { - closedir( dir ); - LOG(log_error, logtype_afpd, "setdirmode: chmod %s: %s",dirp->d_name, strerror(errno) ); - return -1; - } - } - } - closedir( dir ); - - if (vol->vfs->vfs_setdirmode(vol, name, mode, NULL) < 0 && !vol_noadouble(vol)) { - return -1 ; - } - - if (!dir_rx_set(mode)) { - if ( stickydirmode(name, DIRBITS | mode, 0, vol->v_umask) < 0 ) - return -1; - } - return( 0 ); -} - -/* ----------------------------- */ -int setdeskowner(const uid_t uid, const gid_t gid) -{ - char wd[ MAXPATHLEN + 1]; - char modbuf[12 + 1], *m; - struct dirent *deskp, *subp; - DIR *desk, *sub; - - if ( getcwd( wd, MAXPATHLEN ) == NULL ) { - return( -1 ); - } - if ( chdir( ".AppleDesktop" ) < 0 ) { - return( -1 ); - } - if (( desk = opendir( "." )) == NULL ) { - if ( chdir( wd ) < 0 ) { - LOG(log_error, logtype_afpd, "setdeskowner: chdir %s: %s", wd, strerror(errno) ); - } - return( -1 ); - } - for ( deskp = readdir( desk ); deskp != NULL; deskp = readdir( desk )) { - if ( strcmp( deskp->d_name, "." ) == 0 || - strcmp( deskp->d_name, ".." ) == 0 || - strlen( deskp->d_name ) > 2 ) { - continue; - } - strcpy( modbuf, deskp->d_name ); - strcat( modbuf, "/" ); - m = strchr( modbuf, '\0' ); - if (( sub = opendir( deskp->d_name )) == NULL ) { - continue; - } - for ( subp = readdir( sub ); subp != NULL; subp = readdir( sub )) { - if ( strcmp( subp->d_name, "." ) == 0 || - strcmp( subp->d_name, ".." ) == 0 ) { - continue; - } - *m = '\0'; - strcat( modbuf, subp->d_name ); - /* XXX: add special any uid, ignore group bits */ - if ( chown( modbuf, uid, gid ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskown: chown %s: %s", fullpathname(modbuf), strerror(errno) ); - } - } - closedir( sub ); - /* XXX: add special any uid, ignore group bits */ - if ( chown( deskp->d_name, uid, gid ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskowner: chown %s: %s", - deskp->d_name, strerror(errno) ); - } - } - closedir( desk ); - if ( chdir( wd ) < 0 ) { - LOG(log_error, logtype_afpd, "setdeskowner: chdir %s: %s", wd, strerror(errno) ); - return -1; - } - if ( chown( ".AppleDesktop", uid, gid ) < 0 && errno != EPERM ) { - LOG(log_error, logtype_afpd, "setdeskowner: chown %s: %s", fullpathname(".AppleDouble"), strerror(errno) ); - } - return( 0 ); -} - /* ----------------------------- */ int setfilowner(const struct vol *vol, const uid_t uid, const gid_t gid, struct path* path) { - - if (!path->st_valid) { - of_stat(path); - } - - if (path->st_errno) { - return -1; - } - - if ( lchown( path->u_name, uid, gid ) < 0 && errno != EPERM ) { + if (ochown( path->u_name, uid, gid, vol_syml_opt(vol)) < 0 && errno != EPERM ) { LOG(log_debug, logtype_afpd, "setfilowner: chown %d/%d %s: %s", - uid, gid, path->u_name, strerror(errno) ); - return -1; + uid, gid, path->u_name, strerror(errno)); + return -1; } - if (vol->vfs->vfs_chown(vol, path->u_name, uid, gid ) < 0 && errno != EPERM) { + if (vol->vfs->vfs_chown(vol, path->u_name, uid, gid) < 0 && errno != EPERM) { LOG(log_debug, logtype_afpd, "setfilowner: rf_chown %d/%d %s: %s", uid, gid, path->u_name, strerror(errno) ); return -1; @@ -482,91 +275,13 @@ int setfilowner(const struct vol *vol, const uid_t uid, const gid_t gid, struct * co-opting some bits. */ int setdirowner(const struct vol *vol, const char *name, const uid_t uid, const gid_t gid) { - struct stat st; - struct dirent *dirp; - DIR *dir; - - if (( dir = opendir( name )) == NULL ) { - return( -1 ); - } - for ( dirp = readdir( dir ); dirp != NULL; dirp = readdir( dir )) { - if ( *dirp->d_name == '.') { - continue; - } - if ( lstat( dirp->d_name, &st ) < 0 ) { - LOG(log_error, logtype_afpd, "setdirowner: stat %s: %s", - fullpathname(dirp->d_name), strerror(errno) ); - continue; - } - if (( st.st_mode & S_IFMT ) == S_IFREG ) { - if ( lchown( dirp->d_name, uid, gid ) < 0 && errno != EPERM ) { - LOG(log_debug, logtype_afpd, "setdirowner: chown %s: %s", - fullpathname(dirp->d_name), strerror(errno) ); - /* return ( -1 ); Sometimes this is okay */ - } - } + if (ochown(name, uid, gid, vol_syml_opt(vol)) < 0 && errno != EPERM ) { + LOG(log_debug, logtype_afpd, "setdirowner: chown %d/%d %s: %s", + uid, gid, fullpathname(name), strerror(errno) ); } - closedir( dir ); - if (vol->vfs->vfs_setdirowner(vol, name, uid, gid) < 0) { + if (vol->vfs->vfs_setdirowner(vol, name, uid, gid) < 0) return -1; - } - - if ( lstat( ".", &st ) < 0 ) { - return( -1 ); - } - if ( gid && gid != st.st_gid && lchown( ".", uid, gid ) < 0 && errno != EPERM ) { - LOG(log_debug, logtype_afpd, "setdirowner: chown %d/%d %s: %s", - uid, gid, fullpathname("."), strerror(errno) ); - } return( 0 ); } - -#if 0 -/* recursive chown()ing of a directory */ -static int recursive_chown(const char *path, uid_t uid, gid_t gid) { - struct stat sbuf; - DIR *odir = NULL; - struct dirent *entry; - char *name; - int ret = 0; - char newpath[PATH_MAX+1]; - newpath[PATH_MAX] = '\0'; - - if (chown(path, uid, gid) < 0) { - LOG(log_error, logtype_afpd, "cannot chown() file [%s] (uid = %d): %s", path, uid, strerror(errno)); - return -1; - } - - if (lstat(path, &sbuf) < 0) { - LOG(log_error, logtype_afpd, "cannot chown() file [%s] (uid = %d): %s", path, uid, strerror(errno)); - return -1; - } - - if (S_ISDIR(sbuf.st_mode)) { - odir = opendir(path); - if (odir == NULL) { - LOG(log_error, logtype_afpd, "cannot opendir() [%s] (uid = %d): %s", path, uid, strerror(errno)); - goto recursive_chown_end; - } - while (NULL != (entry=readdir(odir)) ) { - name = entry->d_name; - if (name[0] == '.' && name[1] == '\0') - continue; - if (name[0] == '.' && name[1] == '.' && name[2] == '\0') - continue; - sprintf(newpath, "%s/%s", path, name); - if (recursive_chown(newpath, uid, gid) < 0) - ret = -1; - } /* while */ - } /* if */ - -recursive_chown_end: - if (odir != NULL) { - closedir(odir); - } - return ret; -} -#endif -