PERFORCE change 146225 for review
Edward Tomasz Napierala
trasz at FreeBSD.org
Tue Jul 29 19:51:18 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=146225
Change 146225 by trasz at trasz_traszkan on 2008/07/29 19:50:49
Add "-a" option to setfacl(1).
Affected files ...
.. //depot/projects/soc2008/trasz_nfs4acl/TODO#20 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#5 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#5 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.h#3 edit
Differences ...
==== //depot/projects/soc2008/trasz_nfs4acl/TODO#20 (text+ko) ====
@@ -1,7 +1,5 @@
Things to do, in no particular order:
-- Add the ability to add ACE at a given position in ACL to setfacl(1),
-
- Add the ability to parse ACLs in verbose form, e.g. instead of
owner@:rwx:f:allow
==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#5 (text+ko) ====
@@ -93,7 +93,7 @@
acl_tag_t tag, tag_new;
acl_extended_t extended, extended_new;
acl_flagset_t flagset;
- int entry_id, entry_id_new, have_entry;
+ int entry_id, entry_id_new, have_entry, entry_number = 0;
if (acl_type == ACL_TYPE_ACCESS || acl_type == ACL_TYPE_NFS4)
acl_new = acl_dup(prev_acl[ACCESS_ACL]);
@@ -186,12 +186,21 @@
* in most cases they wouldn't even get evaluated.
*/
if (acl_type == ACL_TYPE_NFS4) {
- if (acl_create_entry_np(&acl_new, &entry_new, 0) == -1) {
+ if (acl_create_entry_np(&acl_new, &entry_new, entry_number) == -1) {
+ warnx("acl_create_entry_np() failed");
acl_free(acl_new);
return (-1);
}
+ /*
+ * Without this increment, adding several
+ * entries at once, for example
+ * "setfacl -m user:1:r:allow,user:2:r:allow",
+ * would make them appear in reverse order.
+ */
+ entry_number++;
} else {
if (acl_create_entry(&acl_new, &entry_new) == -1) {
+ warnx("acl_create_entry() failed");
acl_free(acl_new);
return (-1);
}
@@ -211,3 +220,48 @@
return (0);
}
+
+int
+add_acl(acl_t acl, uint entry_number, acl_t *prev_acl)
+{
+ acl_entry_t entry, entry_new;
+ acl_t acl_new;
+ int entry_id;
+
+ if (acl_type != ACL_TYPE_NFS4) {
+ warnx("The '-a' option is only applicable to NFS4 ACLs");
+ return (-1);
+ }
+
+ acl_new = acl_dup(prev_acl[ACCESS_ACL]);
+ if (acl_new == NULL)
+ err(1, "acl_dup() failed");
+
+ entry_id = ACL_FIRST_ENTRY;
+
+ while (acl_get_entry(acl, entry_id, &entry) == 1) {
+ entry_id = ACL_NEXT_ENTRY;
+
+ if (acl_create_entry_np(&acl_new, &entry_new, entry_number) == -1) {
+ warnx("acl_create_entry_np() failed");
+ acl_free(acl_new);
+ return (-1);
+ }
+
+ /*
+ * Without this increment, adding several
+ * entries at once, for example
+ * "setfacl -m user:1:r:allow,user:2:r:allow",
+ * would make them appear in reverse order.
+ */
+ entry_number++;
+
+ if (acl_copy_entry(entry_new, entry) == -1)
+ err(1, "acl_copy_entry() failed");
+ }
+
+ acl_free(prev_acl[ACCESS_ACL]);
+ prev_acl[ACCESS_ACL] = acl_new;
+
+ return (0);
+}
==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#5 (text+ko) ====
@@ -125,7 +125,7 @@
TAILQ_INIT(&entrylist);
TAILQ_INIT(&filelist);
- while ((ch = getopt(argc, argv, "M:X:bdhkm:nx:")) != -1)
+ while ((ch = getopt(argc, argv, "M:X:a:bdhkm:nx:")) != -1)
switch(ch) {
case 'M':
entry = zmalloc(sizeof(struct sf_entry));
@@ -141,6 +141,25 @@
entry->op = OP_REMOVE_ACL;
TAILQ_INSERT_TAIL(&entrylist, entry, next);
break;
+ case 'a':
+ entry = zmalloc(sizeof(struct sf_entry));
+
+ entry_number = strtol(optarg, &end, 10);
+ if (end - optarg != (int)strlen(optarg))
+ errx(1, "%s: Invalid entry number", optarg);
+ if (entry_number < 0)
+ errx(1, "%s: Entry number cannot be less than zero", optarg);
+ entry->entry_number = entry_number;
+
+ if (argv[optind] == NULL)
+ errx(1, "Missing ACL");
+ entry->acl = acl_from_text(argv[optind]);
+ if (entry->acl == NULL)
+ err(1, "%s", argv[optind]);
+ optind++;
+ entry->op = OP_ADD_ACL;
+ TAILQ_INSERT_TAIL(&entrylist, entry, next);
+ break;
case 'b':
entry = zmalloc(sizeof(struct sf_entry));
entry->op = OP_REMOVE_EXT;
@@ -173,7 +192,7 @@
entry_number = strtol(optarg, &end, 10);
if (end - optarg == (int)strlen(optarg)) {
if (entry_number < 0)
- errx(1, "Entry number cannot be less than zero");
+ errx(1, "%s: Entry number cannot be less than zero", optarg);
entry->entry_number = entry_number;
entry->op = OP_REMOVE_BY_NUMBER;
} else {
@@ -236,6 +255,9 @@
continue;
switch(entry->op) {
+ case OP_ADD_ACL:
+ local_error += add_acl(entry->acl, entry->entry_number, acl);
+ break;
case OP_MERGE_ACL:
local_error += merge_acl(entry->acl, acl);
need_mask = 1;
==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.h#3 (text+ko) ====
@@ -39,6 +39,7 @@
#define OP_REMOVE_EXT 0x02 /* remove extended acl's (-b) */
#define OP_REMOVE_ACL 0x03 /* remove acl's (-xX) */
#define OP_REMOVE_BY_NUMBER 0x04 /* remove acl's (-xX) by acl entry number */
+#define OP_ADD_ACL 0x05 /* add acls entries at a given position */
/* ACL types for the acl array */
#define ACCESS_ACL 0
@@ -64,6 +65,7 @@
acl_t get_acl_from_file(const char *filename);
/* merge.c */
int merge_acl(acl_t acl, acl_t *prev_acl);
+int add_acl(acl_t acl, uint entry_number, acl_t *prev_acl);
/* remove.c */
int remove_acl(acl_t acl, acl_t *prev_acl);
int remove_by_number(uint entry_number, acl_t *prev_acl);
More information about the p4-projects
mailing list