📄 sysacls.c
字号:
errno = ENOMEM; return NULL; } a->next = -1; a->freeaclp = False; a->aclp = (struct acl *)((char *)a + sizeof a[0]); a->aclp->acl_cnt = 0; return a;}int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p){ SMB_ACL_T acl_d; SMB_ACL_ENTRY_T entry_d; if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) { errno = EINVAL; return -1; } if (acl_d->aclp->acl_cnt >= ACL_MAX_ENTRIES) { errno = ENOSPC; return -1; } entry_d = &acl_d->aclp->acl_entry[acl_d->aclp->acl_cnt++]; entry_d->ae_tag = 0; entry_d->ae_id = 0; entry_d->ae_perm = 0; *entry_p = entry_d; return 0;}int sys_acl_set_info(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tag_type, uint32 bits, id_t u_g_id){ entry->ae_tag = tag_type; if (tag_type == SMB_ACL_USER || tag_type == SMB_ACL_GROUP) entry->ae_id = u_g_id; entry->ae_perm = bits; return 0;}int sys_acl_set_access_bits(SMB_ACL_ENTRY_T entry_d, uint32 bits){ entry_d->ae_perm = bits; return 0;}int sys_acl_valid(SMB_ACL_T acl_d){ return acl_valid(acl_d->aclp);}int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d){ return acl_set_file(name, type, acl_d->aclp);}#if 0int sys_acl_set_fd(int fd, SMB_ACL_T acl_d){ return acl_set_fd(fd, acl_d->aclp);}#endifint sys_acl_delete_def_file(const char *name){ return acl_delete_def_file(name);}int sys_acl_free_acl(SMB_ACL_T acl_d) { if (acl_d->freeaclp) { acl_free(acl_d->aclp); } acl_free(acl_d); return 0;}#elif defined(HAVE_AIX_ACLS) /*----------------------------------------------*//* Donated by Medha Date, mdate@austin.ibm.com, for IBM */int sys_acl_get_entry( SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p){ struct acl_entry_link *link; struct new_acl_entry *entry; int keep_going; if (entry_id == SMB_ACL_FIRST_ENTRY) theacl->count = 0; else if (entry_id != SMB_ACL_NEXT_ENTRY) { errno = EINVAL; return -1; } DEBUG(10,("This is the count: %d\n",theacl->count)); /* Check if count was previously set to -1. * * If it was, that means we reached the end * * of the acl last time. */ if(theacl->count == -1) return(0); link = theacl; /* To get to the next acl, traverse linked list until index * * of acl matches the count we are keeping. This count is * * incremented each time we return an acl entry. */ for(keep_going = 0; keep_going < theacl->count; keep_going++) link = link->nextp; entry = *entry_p = link->entryp; DEBUG(10,("*entry_p is %d\n",entry_p)); DEBUG(10,("*entry_p->ace_access is %d\n",entry->ace_access)); /* Increment count */ theacl->count++; if(link->nextp == NULL) theacl->count = -1; return(1);}int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p){ /* Initialize tag type */ *tag_type_p = -1; DEBUG(10,("the tagtype is %d\n",entry_d->ace_id->id_type)); /* Depending on what type of entry we have, * * return tag type. */ switch(entry_d->ace_id->id_type) { case ACEID_USER: *tag_type_p = SMB_ACL_USER; break; case ACEID_GROUP: *tag_type_p = SMB_ACL_GROUP; break; case SMB_ACL_USER_OBJ: case SMB_ACL_GROUP_OBJ: case SMB_ACL_OTHER: *tag_type_p = entry_d->ace_id->id_type; break; default: return(-1); } return(0);}SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type){ struct acl *file_acl = (struct acl *)NULL; struct acl_entry *acl_entry; struct new_acl_entry *new_acl_entry; struct ace_id *idp; struct acl_entry_link *acl_entry_link; struct acl_entry_link *acl_entry_link_head; int i; int rc = 0; /* AIX has no DEFAULT */ if ( type == SMB_ACL_TYPE_DEFAULT ) { errno = ENOTSUP; return NULL; } /* Get the acl using statacl */ DEBUG(10,("Entering sys_acl_get_file\n")); DEBUG(10,("path_p is %s\n",path_p)); file_acl = (struct acl *)SMB_MALLOC(BUFSIZ); if(file_acl == NULL) { errno=ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file: %d\n",errno)); return(NULL); } memset(file_acl,0,BUFSIZ); rc = statacl((char *)path_p,0,file_acl,BUFSIZ); if(rc == -1) { DEBUG(0,("statacl returned %d with errno %d\n",rc,errno)); SAFE_FREE(file_acl); return(NULL); } DEBUG(10,("Got facl and returned it\n")); /* Point to the first acl entry in the acl */ acl_entry = file_acl->acl_ext; /* Begin setting up the head of the linked list * * that will be used for the storing the acl * * in a way that is useful for the posix_acls.c * * code. */ acl_entry_link_head = acl_entry_link = sys_acl_init(0); if(acl_entry_link_head == NULL) return(NULL); acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry); if(acl_entry_link->entryp == NULL) { SAFE_FREE(file_acl); errno = ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); return(NULL); } DEBUG(10,("acl_entry is %d\n",acl_entry)); DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl))); /* Check if the extended acl bit is on. * * If it isn't, do not show the * * contents of the acl since AIX intends * * the extended info to remain unused */ if(file_acl->acl_mode & S_IXACL){ /* while we are not pointing to the very end */ while(acl_entry < acl_last(file_acl)) { /* before we malloc anything, make sure this is */ /* a valid acl entry and one that we want to map */ idp = id_nxt(acl_entry->ace_id); if((acl_entry->ace_type == ACC_SPECIFY || (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) { acl_entry = acl_nxt(acl_entry); continue; } idp = acl_entry->ace_id; /* Check if this is the first entry in the linked list. * * The first entry needs to keep prevp pointing to NULL * * and already has entryp allocated. */ if(acl_entry_link_head->count != 0) { acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link); if(acl_entry_link->nextp == NULL) { SAFE_FREE(file_acl); errno = ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); return(NULL); } acl_entry_link->nextp->prevp = acl_entry_link; acl_entry_link = acl_entry_link->nextp; acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry); if(acl_entry_link->entryp == NULL) { SAFE_FREE(file_acl); errno = ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); return(NULL); } acl_entry_link->nextp = NULL; } acl_entry_link->entryp->ace_len = acl_entry->ace_len; /* Don't really need this since all types are going * * to be specified but, it's better than leaving it 0 */ acl_entry_link->entryp->ace_type = acl_entry->ace_type; acl_entry_link->entryp->ace_access = acl_entry->ace_access; memcpy(acl_entry_link->entryp->ace_id,idp,sizeof(struct ace_id)); /* The access in the acl entries must be left shifted by * * three bites, because they will ultimately be compared * * to S_IRUSR, S_IWUSR, and S_IXUSR. */ switch(acl_entry->ace_type){ case ACC_PERMIT: case ACC_SPECIFY: acl_entry_link->entryp->ace_access = acl_entry->ace_access; acl_entry_link->entryp->ace_access <<= 6; acl_entry_link_head->count++; break; case ACC_DENY: /* Since there is no way to return a DENY acl entry * * change to PERMIT and then shift. */ DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access)); acl_entry_link->entryp->ace_access = ~acl_entry->ace_access & 7; DEBUG(10,("acl_entry_link->entryp->ace_access is %d\n",acl_entry_link->entryp->ace_access)); acl_entry_link->entryp->ace_access <<= 6; acl_entry_link_head->count++; break; default: return(0); } DEBUG(10,("acl_entry = %d\n",acl_entry)); DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type)); acl_entry = acl_nxt(acl_entry); } } /* end of if enabled */ /* Since owner, group, other acl entries are not * * part of the acl entries in an acl, they must * * be dummied up to become part of the list. */ for( i = 1; i < 4; i++) { DEBUG(10,("i is %d\n",i)); if(acl_entry_link_head->count != 0) { acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link); if(acl_entry_link->nextp == NULL) { SAFE_FREE(file_acl); errno = ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); return(NULL); } acl_entry_link->nextp->prevp = acl_entry_link; acl_entry_link = acl_entry_link->nextp; acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry); if(acl_entry_link->entryp == NULL) { SAFE_FREE(file_acl); errno = ENOMEM; DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno)); return(NULL); } } acl_entry_link->nextp = NULL; new_acl_entry = acl_entry_link->entryp; idp = new_acl_entry->ace_id; new_acl_entry->ace_len = sizeof(struct acl_entry); new_acl_entry->ace_type = ACC_PERMIT; idp->id_len = sizeof(struct ace_id); DEBUG(10,("idp->id_len = %d\n",idp->id_len)); memset(idp->id_data,0,sizeof(uid_t)); switch(i) { case 2: new_acl_entry->ace_access = file_acl->g_access << 6; idp->id_type = SMB_ACL_GROUP_OBJ; break; case 3: new_acl_entry->ace_access = file_acl->o_access << 6; idp->id_type = SMB_ACL_OTHER; break; case 1: new_acl_entry->ace_access = file_acl->u_access << 6; idp->id_type = SMB_ACL_USER_OBJ; break; default: return(NULL); } acl_entry_link_head->count++; DEBUG(10,("new_acl_entry->ace_access = %d\n",new_acl_entry->ace_access)); } acl_entry_link_head->count = 0; SAFE_FREE(file_acl); return(acl_entry_link_head);}#if 0SMB_ACL_T sys_acl_get_fd(int fd){ struct acl *file_acl = (struct acl *)NULL; struct acl_entry *acl_entry; struct new_acl_entry *new_acl_entry; struct ace_id *idp; struct acl_entry_link *acl_entry_link; struct acl_entry_link *acl_entry_link_head; int i; int rc = 0; /* Get the acl using fstatacl */ DEBUG(10,("Entering sys_acl_get_fd\n")); DEBUG(10,("fd is %d\n",fd)); file_acl = (struct acl *)SMB_MALLOC(BUFSIZ); if(file_acl == NULL) { errno=ENOMEM; DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno)); return(NULL); } memset(file_acl,0,BUFSIZ); rc = fstatacl(fd,0,file_acl,BUFSIZ); if(rc == -1) { DEBUG(0,("The fstatacl call returned %d with errno %d\n",rc,errno)); SAFE_FREE(file_acl); return(NULL); } DEBUG(10,("Got facl and returned it\n")); /* Point to the first acl entry in the acl */ acl_entry = file_acl->acl_ext; /* Begin setting up the head of the linked list * * that will be used for the storing the acl * * in a way that is useful for the posix_acls.c * * code. */ acl_entry_link_head = acl_entry_link = sys_acl_init(0); if(acl_entry_link_head == NULL){ SAFE_FREE(file_acl); return(NULL); } acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry); if(acl_entry_link->entryp == NULL) { errno = ENOMEM; DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno)); SAFE_FREE(file_acl); return(NULL); } DEBUG(10,("acl_entry is %d\n",acl_entry)); DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl))); /* Check if the extended acl bit is on. * * If it isn't, do not show the * * contents of the acl since AIX intends * * the extended info to remain unused */ if(file_acl->acl_mode & S_IXACL){ /* while we are not pointing to the very end */ while(acl_entry < acl_last(file_acl)) { /* before we malloc anything, make sure this is */ /* a valid acl entry and one that we want to map */ idp = id_nxt(acl_entry->ace_id); if((acl_entry->ace_type == ACC_SPECIFY || (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) { acl_entry = acl_nxt(acl_entry); continue; } idp = acl_entry->ace_id; /* Check if this is the first entry in the linked list. * * The first entry needs to keep prevp pointing to NULL * * and already has entryp allocated. */ if(acl_entry_link_head->count != 0) { acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link); if(acl_entry_link->nextp == NULL) { errno = ENOMEM; DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno)); SAFE_FREE(file_acl); return(NULL); } acl_entry_link->nextp->prevp = acl_entry_link; acl_entry_link = acl_entry_link->nextp; acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry); if(acl_entry_link->entryp == NULL) { errno = ENOMEM; DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno)); SAFE_FREE(file_acl); return(NULL); } acl_entry_link->nextp = NULL; } acl_entry_link->entryp->ace_len = acl_entry->ace_len; /* Don't really need this since all types are going * * to be specified but, it's better than leaving it 0 */ acl_entry_link->entryp->ace_type = acl_entry->ace_type; acl_entry_link->entryp->ace_access = acl_entry->ace_access; memcpy(acl_entry_link->entryp->ace_id, idp, sizeof(struct ace_id)); /* The access in the acl entries must be left shifted by * * three bites, because they will ultimately be compared * * to S_IRUSR, S_IWUSR, and S_IXUSR. */ switch(acl_entry->ace_type){ case ACC_PERMIT: case ACC_SPECIFY: acl_entry_link->entryp->ace_access = acl_entry->ace_access; acl_entry_link->entryp->ace_access <<= 6; acl_entry_link_head->count++; break; case ACC_DENY: /* Since there is no way to return a DENY acl entry * * change to PERMIT and then shift. */ DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access)); acl_entry_link->entryp->ace_access = ~acl_entry->ace_access & 7; DEBUG(10,("acl_entry_link->entryp->ace_access is %d\n",acl_entry_link->entryp->ace_access)); acl_entry_link->entryp->ace_access <<= 6; acl_entry_link_head->count++; break; default: return(0); } DEBUG(10,("acl_entry = %d\n",acl_entry)); DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type)); acl_entry = acl_nxt(acl_entry); } } /* end of if enabled */ /* Since owner, group, other acl entries are not * * part of the acl entries in an acl, they must * * be dummied up to become part of the list. */ for( i = 1; i < 4; i++) { DEBUG(10,("i is %d\n",i)); if(acl_entry_link_head->count != 0){ acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link); if(acl_entry_link->nextp == NULL) { errno = ENOMEM; DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno)); SAFE_FREE(file_acl); return(NULL); } acl_entry_link->nextp->prevp = acl_entry_link; acl_entry_link = acl_entry_link->nextp; acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -