PERFORCE change 146225 for review

Tue Jul 29 19:51:18 UTC 2008

http://perforce.freebsd.org/chv.cgi?CH=146225

Change 146225 by trasz at trasz_traszkan on 2008/07/29 19:50:49

	Add "-a" option to setfacl(1).

Affected files ...

.. //depot/projects/soc2008/trasz_nfs4acl/TODO#20 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#5 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#5 edit
.. //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.h#3 edit

Differences ...

==== //depot/projects/soc2008/trasz_nfs4acl/TODO#20 (text+ko) ====

@@ -1,7 +1,5 @@
 Things to do, in no particular order:
 
-- Add the ability to add ACE at a given position in ACL to setfacl(1),
-
 - Add the ability to parse ACLs in verbose form, e.g. instead of
 
   owner@:rwx:f:allow

==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/merge.c#5 (text+ko) ====

@@ -93,7 +93,7 @@
 	acl_tag_t tag, tag_new;
 	acl_extended_t extended, extended_new;
 	acl_flagset_t flagset;
-	int entry_id, entry_id_new, have_entry;
+	int entry_id, entry_id_new, have_entry, entry_number = 0;
 
 	if (acl_type == ACL_TYPE_ACCESS || acl_type == ACL_TYPE_NFS4)
 		acl_new = acl_dup(prev_acl[ACCESS_ACL]);
@@ -186,12 +186,21 @@
 			 * in most cases they wouldn't even get evaluated.
 			 */
 			if (acl_type == ACL_TYPE_NFS4) {
-				if (acl_create_entry_np(&acl_new, &entry_new, 0) == -1) {
+				if (acl_create_entry_np(&acl_new, &entry_new, entry_number) == -1) {
+					warnx("acl_create_entry_np() failed"); 
 					acl_free(acl_new);
 					return (-1);
 				}
+				/*
+				 * Without this increment, adding several
+				 * entries at once, for example
+				 * "setfacl -m user:1:r:allow,user:2:r:allow",
+				 * would make them appear in reverse order.
+				 */
+				entry_number++;
 			} else {
 				if (acl_create_entry(&acl_new, &entry_new) == -1) {
+					warnx("acl_create_entry() failed"); 
 					acl_free(acl_new);
 					return (-1);
 				}
@@ -211,3 +220,48 @@
 
 	return (0);
 }
+
+int
+add_acl(acl_t acl, uint entry_number, acl_t *prev_acl)
+{
+	acl_entry_t entry, entry_new;
+	acl_t acl_new;
+	int entry_id;
+
+	if (acl_type != ACL_TYPE_NFS4) {
+		warnx("The '-a' option is only applicable to NFS4 ACLs");
+		return (-1);
+	}
+
+	acl_new = acl_dup(prev_acl[ACCESS_ACL]);
+	if (acl_new == NULL)
+		err(1, "acl_dup() failed");
+
+	entry_id = ACL_FIRST_ENTRY;
+
+	while (acl_get_entry(acl, entry_id, &entry) == 1) {
+		entry_id = ACL_NEXT_ENTRY;
+
+		if (acl_create_entry_np(&acl_new, &entry_new, entry_number) == -1) {
+			warnx("acl_create_entry_np() failed"); 
+			acl_free(acl_new);
+			return (-1);
+		}
+
+		/*
+		 * Without this increment, adding several
+		 * entries at once, for example
+		 * "setfacl -m user:1:r:allow,user:2:r:allow",
+		 * would make them appear in reverse order.
+		 */
+		entry_number++;
+
+		if (acl_copy_entry(entry_new, entry) == -1)
+			err(1, "acl_copy_entry() failed");
+	}
+
+	acl_free(prev_acl[ACCESS_ACL]);
+	prev_acl[ACCESS_ACL] = acl_new;
+
+	return (0);
+}

==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.c#5 (text+ko) ====

@@ -125,7 +125,7 @@
 	TAILQ_INIT(&entrylist);
 	TAILQ_INIT(&filelist);
 
-	while ((ch = getopt(argc, argv, "M:X:bdhkm:nx:")) != -1)
+	while ((ch = getopt(argc, argv, "M:X:a:bdhkm:nx:")) != -1)
 		switch(ch) {
 		case 'M':
 			entry = zmalloc(sizeof(struct sf_entry));
@@ -141,6 +141,25 @@
 			entry->op = OP_REMOVE_ACL;
 			TAILQ_INSERT_TAIL(&entrylist, entry, next);
 			break;
+		case 'a':
+			entry = zmalloc(sizeof(struct sf_entry));
+
+			entry_number = strtol(optarg, &end, 10);
+			if (end - optarg != (int)strlen(optarg))
+				errx(1, "%s: Invalid entry number", optarg);
+			if (entry_number < 0)
+				errx(1, "%s: Entry number cannot be less than zero", optarg);
+			entry->entry_number = entry_number;
+
+			if (argv[optind] == NULL)
+				errx(1, "Missing ACL");
+			entry->acl = acl_from_text(argv[optind]);
+			if (entry->acl == NULL)
+				err(1, "%s", argv[optind]);
+			optind++;
+			entry->op = OP_ADD_ACL;
+			TAILQ_INSERT_TAIL(&entrylist, entry, next);
+			break;
 		case 'b':
 			entry = zmalloc(sizeof(struct sf_entry));
 			entry->op = OP_REMOVE_EXT;
@@ -173,7 +192,7 @@
 			entry_number = strtol(optarg, &end, 10);
 			if (end - optarg == (int)strlen(optarg)) {
 				if (entry_number < 0)
-					errx(1, "Entry number cannot be less than zero");
+					errx(1, "%s: Entry number cannot be less than zero", optarg);
 				entry->entry_number = entry_number;
 				entry->op = OP_REMOVE_BY_NUMBER;
 			} else {
@@ -236,6 +255,9 @@
 				continue;
 
 			switch(entry->op) {
+			case OP_ADD_ACL:
+				local_error += add_acl(entry->acl, entry->entry_number, acl);
+				break;
 			case OP_MERGE_ACL:
 				local_error += merge_acl(entry->acl, acl);
 				need_mask = 1;

==== //depot/projects/soc2008/trasz_nfs4acl/bin/setfacl/setfacl.h#3 (text+ko) ====

@@ -39,6 +39,7 @@
 #define	OP_REMOVE_EXT		0x02	/* remove extended acl's (-b) */
 #define	OP_REMOVE_ACL		0x03	/* remove acl's (-xX) */
 #define OP_REMOVE_BY_NUMBER	0x04	/* remove acl's (-xX) by acl entry number */
+#define OP_ADD_ACL		0x05	/* add acls entries at a given position */
 
 /* ACL types for the acl array */
 #define ACCESS_ACL	0
@@ -64,6 +65,7 @@
 acl_t  get_acl_from_file(const char *filename);
 /* merge.c */
 int    merge_acl(acl_t acl, acl_t *prev_acl);
+int    add_acl(acl_t acl, uint entry_number, acl_t *prev_acl);
 /* remove.c */
 int    remove_acl(acl_t acl, acl_t *prev_acl);
 int    remove_by_number(uint entry_number, acl_t *prev_acl);
