extern int copy_file(int sfd, const char *src, const char *dst, mode_t mode);
extern int copy_file_fd(int sfd, int dfd);
extern int copy_ea(const char *ea, int sfd, const char *src, const char *dst, mode_t mode);
+
+extern void become_root(void);
+extern void unbecome_root(void);
+
#endif /* ATALK_UNIX_H */
#include <atalk/afp.h>
#include <atalk/util.h>
#include <atalk/acl.h>
+#include <atalk/unix.h>
#ifdef HAVE_SOLARIS_ACLS
if (chmod(name, mode) != 0) /* (3) */
goto exit;
- if ((nnaces = get_nfsv4_acl(name, &nacl)) == -1) /* (4) */
- goto exit;
+ if ((nnaces = get_nfsv4_acl(name, &nacl)) == -1) {/* (4) */
+ if (errno != EACCES)
+ goto exit;
+ become_root();
+ nnaces = get_nfsv4_acl(name, &nacl);
+ unbecome_root();
+ if (nnaces == -1)
+ goto exit;
+ }
+
if ((nnaces = strip_nontrivial_aces(&nacl, nnaces)) == -1) /* (5) */
goto exit;
goto exit;
if ((ret = acl(name, ACE_SETACL, noaces + nnaces, cacl)) != 0) {
- LOG(log_error, logtype_afpd, "nfsv4_chmod: error setting acl: %s", strerror(errno));
- goto exit;
+ if (errno != EACCES) {
+ LOG(log_error, logtype_afpd, "nfsv4_chmod: error setting acl: %s", strerror(errno));
+ goto exit;
+ }
+ become_root();
+ ret = acl(name, ACE_SETACL, noaces + nnaces, cacl);
+ unbecome_root();
+ if (ret != 0) {
+ LOG(log_error, logtype_afpd, "nfsv4_chmod: error setting acl: %s", strerror(errno));
+ goto exit;
+ }
}
exit:
if (nacl) free(nacl);
if (cacl) free(cacl);
- LOG(log_debug, logtype_afpd, "nfsv4_chmod(\"%s/%s\", %04o): result: %u",
+ LOG(log_debug, logtype_afpd, "nfsv4_chmod(\"%s/%s\", %04o): result: %d",
getcwdpath(), name, mode, ret);
return ret;
return 0;
}
+static uid_t saved_uid = -1;
+
+void become_root(void)
+{
+ saved_uid = geteuid();
+ if (seteuid(0) != 0)
+ AFP_PANIC("Can't seteuid(0)");
+}
+
+void unbecome_root(void)
+{
+ if (saved_uid == -1 || seteuid(saved_uid) < 0)
+ AFP_PANIC("Can't seteuid back");
+ saved_uid = -1;
+}
+
/*!
* @brief get cwd in static buffer
*