Author: vlendec Date: 2006-03-14 11:49:40 +0000 (Tue, 14 Mar 2006) New Revision: 14370
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14370 Log: Reading a test acl works via the posixacl module. Writing an ACL is due to testing now. Volker Modified: branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c Changeset: Modified: branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c =================================================================== --- branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c 2006-03-14 11:41:12 UTC (rev 14369) +++ branches/tmp/vl-posixacls/source/modules/vfs_posixacl.c 2006-03-14 11:49:40 UTC (rev 14370) @@ -20,20 +20,257 @@ #include "includes.h" +static BOOL smb_ace_to_internal(acl_entry_t posix_ace, + struct smb_acl_entry *ace) +{ + acl_tag_t tag; + acl_permset_t permset; + + if (acl_get_tag_type(posix_ace, &tag) != 0) { + DEBUG(0, ("smb_acl_get_tag_type failed\n")); + return False; + } + + switch(tag) { + case ACL_USER: + ace->a_type = SMB_ACL_USER; + break; + case ACL_USER_OBJ: + ace->a_type = SMB_ACL_USER_OBJ; + break; + case ACL_GROUP: + ace->a_type = SMB_ACL_GROUP; + break; + case ACL_GROUP_OBJ: + ace->a_type = SMB_ACL_GROUP_OBJ; + break; + case ACL_OTHER: + ace->a_type = SMB_ACL_OTHER; + break; + case ACL_MASK: + ace->a_type = SMB_ACL_MASK; + break; + default: + DEBUG(0, ("unknown tag type %d\n", (unsigned int)tag)); + return False; + } + switch(ace->a_type) { + case SMB_ACL_USER: { + uid_t *puid = acl_get_qualifier(posix_ace); + if (puid == NULL) { + DEBUG(0, ("smb_acl_get_qualifier failed\n")); + return False; + } + ace->uid = *puid; + acl_free(puid); + break; + } + + case SMB_ACL_GROUP: { + gid_t *pgid = acl_get_qualifier(posix_ace); + if (pgid == NULL) { + DEBUG(0, ("smb_acl_get_qualifier failed\n")); + return False; + } + ace->gid = *pgid; + acl_free(pgid); + break; + } + default: + break; + } + if (acl_get_permset(posix_ace, &permset) != 0) { + DEBUG(0, ("smb_acl_get_mode failed\n")); + return False; + } + ace->a_perm = 0; + ace->a_perm |= (acl_get_perm(permset, ACL_READ) ? S_IRUSR : 0); + ace->a_perm |= (acl_get_perm(permset, ACL_WRITE) ? S_IWUSR : 0); + ace->a_perm |= (acl_get_perm(permset, ACL_EXECUTE) ? S_IXUSR : 0); + return True; +} + +static struct smb_acl_t *smb_acl_to_internal(acl_t acl) +{ + struct smb_acl_t *result = SMB_MALLOC_P(struct smb_acl_t); + int entry_id = ACL_FIRST_ENTRY; + acl_entry_t e; + if (result == NULL) { + return NULL; + } + ZERO_STRUCTP(result); + while (acl_get_entry(acl, entry_id, &e) == 1) { + + entry_id = ACL_NEXT_ENTRY; + + result = SMB_REALLOC(result, sizeof(struct smb_acl_t) + + (sizeof(struct smb_acl_entry) * + (result->count+1))); + if (result == NULL) { + DEBUG(0, ("SMB_REALLOC failed\n")); + errno = ENOMEM; + return NULL; + } + + if (!smb_ace_to_internal(e, &result->acl[result->count])) { + SAFE_FREE(result); + return NULL; + } + + result->count += 1; + } + return result; +} + static SMB_ACL_T posixacl_sys_acl_get_file(vfs_handle_struct *handle, connection_struct *conn, const char *path_p, SMB_ACL_TYPE_T type) { - errno = ENOTSUP; - return NULL; + struct smb_acl_t *result; + acl_type_t acl_type; + acl_t acl; + + switch(type) { + case SMB_ACL_TYPE_ACCESS: + acl_type = ACL_TYPE_ACCESS; + break; + case SMB_ACL_TYPE_DEFAULT: + acl_type = ACL_TYPE_DEFAULT; + break; + default: + errno = EINVAL; + return NULL; + } + + acl = acl_get_file(path_p, acl_type); + + if (acl == NULL) { + return NULL; + } + + result = smb_acl_to_internal(acl); + acl_free(acl); + return result; } static SMB_ACL_T posixacl_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp, int fd) { - errno = ENOTSUP; + struct smb_acl_t *result; + acl_t acl = acl_get_fd(fd); + + if (acl == NULL) { + return NULL; + } + + result = smb_acl_to_internal(acl); + acl_free(acl); + return result; +} + +static int smb_acl_set_mode(acl_entry_t entry, mode_t mode) +{ + int ret; + acl_permset_t permset = NULL; + ret = acl_clear_perms(permset); + if (ret != 0) { + return ret; + } + if ((mode & S_IRUSR) && + ((ret = acl_add_perm(permset, ACL_READ)) != 0)) { + return ret; + } + if ((mode & S_IWUSR) && + ((ret = acl_add_perm(permset, ACL_WRITE)) != 0)) { + return ret; + } + if ((mode & S_IXUSR) && + ((ret = acl_add_perm(permset, ACL_EXECUTE)) != 0)) { + return ret; + } + return acl_set_permset(entry, permset); +} + +static acl_t smb_acl_to_posix(const struct smb_acl_t *acl) +{ + acl_t result; + int i; + + result = acl_init(acl->count); + if (result == NULL) { + return NULL; + } + + for (i=0; i<acl->count; i++) { + const struct smb_acl_entry *entry = &acl->acl[i]; + acl_entry_t e; + acl_tag_t tag; + + if (acl_create_entry(&result, &e) != 0) { + DEBUG(1, ("acl_create_entry failed: %s\n", + strerror(errno))); + goto fail; + } + + switch (entry->a_type) { + case SMB_ACL_USER: { + tag = ACL_USER; + if (acl_set_qualifier(e, &entry->uid) != 0) { + DEBUG(1, ("acl_set_qualifiier failed: %s\n", + strerror(errno))); + goto fail; + } + break; + } + case SMB_ACL_USER_OBJ: + tag = ACL_USER_OBJ; + break; + case SMB_ACL_GROUP: { + tag = ACL_GROUP; + if (acl_set_qualifier(e, &entry->gid) != 0) { + DEBUG(1, ("acl_set_qualifiier failed: %s\n", + strerror(errno))); + goto fail; + } + break; + } + case SMB_ACL_GROUP_OBJ: + tag = ACL_GROUP_OBJ; + break; + case SMB_ACL_OTHER: + tag = ACL_OTHER; + break; + case SMB_ACL_MASK: + tag = ACL_MASK; + break; + default: + DEBUG(1, ("Unknown tag value %d\n", entry->a_type)); + goto fail; + } + + if (acl_set_tag_type(e, tag) != 0) { + goto fail; + } + + if (smb_acl_set_mode(e, entry->a_perm) != 0) { + goto fail; + } + } + + if (acl_valid(result) != 0) { + DEBUG(0, ("smb_acl_to_posix: ACL is invalid for set (%s)\n", + strerror(errno))); + goto fail; + } + + return result; + + fail: + if (result != NULL) { + acl_free(result); + } return NULL; } @@ -51,24 +288,35 @@ SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + int res; + acl_t acl = smb_acl_to_posix(theacl); + if (acl == NULL) { + return -1; + } + res = acl_set_file(name, acltype, acl); + acl_free(acl); + return res; } static int posixacl_sys_acl_set_fd(vfs_handle_struct *handle, files_struct *fsp, int fd, SMB_ACL_T theacl) { - errno = ENOTSUP; - return -1; + int res; + acl_t acl = smb_acl_to_posix(theacl); + if (acl == NULL) { + return -1; + } + res = acl_set_fd(fd, acl); + acl_free(acl); + return res; } static int posixacl_sys_acl_delete_def_file(vfs_handle_struct *handle, connection_struct *conn, const char *path) { - errno = ENOTSUP; - return -1; + return acl_delete_def_file(path); } /* VFS operations structure */
