chmod wrapper for onnv145+ to preserve ACL

diff --git a/etc/afpd/filedir.c b/etc/afpd/filedir.c
index 3e5cb2f5ee8048597a75d0552c971f7c769821f9..8b47cba7b51358a5ac1585c9dfe471071cca3754 100644 (file)
--- a/etc/afpd/filedir.c
+++ b/etc/afpd/filedir.c
@@ -1,6 +1,4 @@
 /*
- * $Id: filedir.c,v 1.73 2010-03-12 15:16:49 franklahm Exp $
- *
  * Copyright (c) 1990,1993 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
  */
@@ -39,6 +37,7 @@ char *strchr (), *strrchr ();
 #include <atalk/cnid.h>
 #include <atalk/logger.h>
 #include <atalk/unix.h>
+#include <atalk/acl.h>
 
 #include "directory.h"
 #include "desktop.h"

diff --git a/etc/afpd/unix.c b/etc/afpd/unix.c
index 57491a7184a200f17b48a2e5a1f9d9959e84f958..0df7ee54c7cf0fb19d05024ae5d1b8038ef06bcd 100644 (file)
--- a/etc/afpd/unix.c
+++ b/etc/afpd/unix.c
@@ -38,6 +38,7 @@ char *strchr (), *strrchr ();
 #include <atalk/afp.h>
 #include <atalk/util.h>
 #include <atalk/unix.h>
+#include <atalk/acl.h>
 
 #include "auth.h"
 #include "directory.h"

diff --git a/etc/cnid_dbd/cmd_dbd_scanvol.c b/etc/cnid_dbd/cmd_dbd_scanvol.c
index edc15bb4975eb86b56a7d06fdee0cc3244462ef8..45d67ae1bd5b2c5dcfc09ce618fa3f95fb768372 100644 (file)
--- a/etc/cnid_dbd/cmd_dbd_scanvol.c
+++ b/etc/cnid_dbd/cmd_dbd_scanvol.c
@@ -33,6 +33,7 @@
 #include <atalk/volume.h>
 #include <atalk/ea.h>
 #include <atalk/util.h>
+#include <atalk/acl.h>
 
 #include "cmd_dbd.h"
 #include "dbif.h"

diff --git a/etc/cnid_dbd/usockfd.c b/etc/cnid_dbd/usockfd.c
index 6c97fe73b56ea1925402720c9988523378b3fcf3..cdacb71fdbb20c9acf63fd1134bad4243c4ea21f 100644 (file)
--- a/etc/cnid_dbd/usockfd.c
+++ b/etc/cnid_dbd/usockfd.c
@@ -67,6 +67,9 @@ int usockfd_create(char *usock_fn, mode_t mode, int backlog)
         return -1;
     }
 
+#ifdef chmod
+#undef chmod
+#endif
     if (chmod(usock_fn, mode) < 0) {
         LOG(log_error, logtype_cnid, "error changing permissions for %s: %s",
             usock_fn, strerror(errno));

diff --git a/include/atalk/acl.h b/include/atalk/acl.h
index 44ea9655a3bcccaf820c11a340548bf222a9892b..c49ed0f49afdac9ace06dfb44c0f09f8d59b4a6d 100644 (file)
--- a/include/atalk/acl.h
+++ b/include/atalk/acl.h
@@ -26,6 +26,9 @@
 
 /* Solaris NFSv4 ACL stuff */
 #ifdef HAVE_NFSv4_ACLS
+
+#define chmod nfsv4_chmod
+
 extern int get_nfsv4_acl(const char *name, ace_t **retAces);
 extern int remove_acl(const char *name);
 extern int strip_trivial_aces(ace_t **saces, int sacecount);

diff --git a/libatalk/acl/unix.c b/libatalk/acl/unix.c
index 63b7dfddeb8aa564c39f54795b85b3d01efca967..b075ec6efcd1a5afc20a6e649731f39faa111571 100644 (file)
--- a/libatalk/acl/unix.c
+++ b/libatalk/acl/unix.c
@@ -75,6 +75,37 @@ int get_nfsv4_acl(const char *name, ace_t **retAces)
     return ace_count;
 }
 
+/*
+  Concatenate ACEs
+*/
+ace_t *concat_aces(ace_t *aces1, int ace1count, ace_t *aces2, int ace2count)
+{
+    ace_t *new_aces;
+    int i, j;
+
+    /* malloc buffer for new ACL */
+    if ((new_aces = malloc((ace1count + ace2count) * sizeof(ace_t))) == NULL) {
+        LOG(log_error, logtype_afpd, "combine_aces: malloc %s", strerror(errno));
+        return NULL;
+    }
+
+    /* Copy ACEs from buf1 */
+    for (i=0; i < ace1count; ) {
+        memcpy(&new_aces[i], &aces1[i], sizeof(ace_t));
+        i++;
+    }
+
+    j = i;
+
+    /* Copy ACEs from buf2 */
+    for (i=0; i < ace2count; ) {
+        memcpy(&new_aces[j], &aces2[i], sizeof(ace_t));
+        i++;
+        j++;
+    }
+    return new_aces;
+}
+
 /*
   Remove any trivial ACE "in-place". Returns no of non-trivial ACEs
 */
@@ -85,6 +116,9 @@ int strip_trivial_aces(ace_t **saces, int sacecount)
     ace_t *aces = *saces;
     ace_t *new_aces;
 
+    if (aces == NULL || sacecount <= 0)
+        return 0;
+
     /* Count non-trivial ACEs */
     for (i=0; i < sacecount; ) {
         if ( ! (aces[i].a_flags & (ACE_OWNER | ACE_GROUP | ACE_EVERYONE)))
@@ -114,37 +148,6 @@ int strip_trivial_aces(ace_t **saces, int sacecount)
     return nontrivaces;
 }
 
-/*
-  Concatenate ACEs
-*/
-ace_t *concat_aces(ace_t *aces1, int ace1count, ace_t *aces2, int ace2count)
-{
-    ace_t *new_aces;
-    int i, j;
-
-    /* malloc buffer for new ACL */
-    if ((new_aces = malloc((ace1count + ace2count) * sizeof(ace_t))) == NULL) {
-        LOG(log_error, logtype_afpd, "combine_aces: malloc %s", strerror(errno));
-        return NULL;
-    }
-
-    /* Copy ACEs from buf1 */
-    for (i=0; i < ace1count; ) {
-        memcpy(&new_aces[i], &aces1[i], sizeof(ace_t));
-        i++;
-    }
-
-    j = i;
-
-    /* Copy ACEs from buf2 */
-    for (i=0; i < ace2count; ) {
-        memcpy(&new_aces[j], &aces2[i], sizeof(ace_t));
-        i++;
-        j++;
-    }
-    return new_aces;
-}
-
 /*
   Remove non-trivial ACEs "in-place". Returns no of trivial ACEs.
 */
@@ -201,7 +204,37 @@ int strip_nontrivial_aces(ace_t **saces, int sacecount)
  */
 int nfsv4_chmod(char *name, mode_t mode)
 {
+    int ret = -1;
+    int noaces, nnaces;
+    ace_t *oacl = NULL, *nacl = NULL, *cacl;
+
+    if ((noaces = get_nfsv4_acl(name, &oacl)) == -1) /* (1) */
+        goto exit;
+    if ((noaces = strip_trivial_aces(&oacl, noaces)) == -1) /* (2) */
+        goto exit;
+
+    if (chmod(name, mode) != 0) /* (3) */
+        goto exit;
+
+    if ((nnaces = get_nfsv4_acl(name, &nacl)) == -1) /* (4) */
+        goto exit;
+    if ((nnaces = strip_nontrivial_aces(&nacl, nnaces)) == -1) /* (5) */
+        goto exit;
+
+    if ((cacl = concat_aces(oacl, noaces, nacl, nnaces)) == NULL) /* (6) */
+        goto exit;
 
+    if ((ret = acl(name, ACE_SETACL, noaces + nnaces, cacl)) != 0) {
+        LOG(log_error, logtype_afpd, "nfsv4_chmod: error setting acl: %s", strerror(errno));
+        goto exit;
+    }
+
+exit:
+    if (oacl) free(oacl);
+    if (nacl) free(nacl);
+    if (cacl) free(cacl);
+
+    return ret;
 }
 
 #if 0

diff --git a/libatalk/vfs/unix.c b/libatalk/vfs/unix.c
index 4812e96421ad49846bc501d042170ff332423bf0..a60b08a403ce1cbea5cb70e9b9cca5e6cb9ada3e 100644 (file)
--- a/libatalk/vfs/unix.c
+++ b/libatalk/vfs/unix.c
@@ -24,6 +24,7 @@
 #include <atalk/volume.h>
 #include <atalk/logger.h>
 #include <atalk/unix.h>
+#include <atalk/acl.h>
 
 /* -----------------------------
    a dropbox is a folder where w is set but not r eg: