test_option_acls.c [plain text]
#include "test.h"
__FBSDID("$FreeBSD$");
#if ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBACL
static const acl_perm_t acl_perms[] = {
#if ARCHIVE_ACL_DARWIN
ACL_READ_DATA,
ACL_LIST_DIRECTORY,
ACL_WRITE_DATA,
ACL_ADD_FILE,
ACL_EXECUTE,
ACL_SEARCH,
ACL_DELETE,
ACL_APPEND_DATA,
ACL_ADD_SUBDIRECTORY,
ACL_DELETE_CHILD,
ACL_READ_ATTRIBUTES,
ACL_WRITE_ATTRIBUTES,
ACL_READ_EXTATTRIBUTES,
ACL_WRITE_EXTATTRIBUTES,
ACL_READ_SECURITY,
ACL_WRITE_SECURITY,
ACL_CHANGE_OWNER,
ACL_SYNCHRONIZE
#else
ACL_EXECUTE,
ACL_WRITE,
ACL_READ,
#if ARCHIVE_ACL_FREEBSD_NFS4
ACL_READ_DATA,
ACL_LIST_DIRECTORY,
ACL_WRITE_DATA,
ACL_ADD_FILE,
ACL_APPEND_DATA,
ACL_ADD_SUBDIRECTORY,
ACL_READ_NAMED_ATTRS,
ACL_WRITE_NAMED_ATTRS,
ACL_DELETE_CHILD,
ACL_READ_ATTRIBUTES,
ACL_WRITE_ATTRIBUTES,
ACL_DELETE,
ACL_READ_ACL,
ACL_WRITE_ACL,
ACL_WRITE_OWNER,
ACL_SYNCHRONIZE
#endif
#endif
};
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD_NFS4
static const acl_flag_t acl_flags[] = {
#if ARCHIVE_ACL_DARWIN
ACL_ENTRY_INHERITED,
ACL_ENTRY_FILE_INHERIT,
ACL_ENTRY_DIRECTORY_INHERIT,
ACL_ENTRY_LIMIT_INHERIT,
ACL_ENTRY_ONLY_INHERIT
#else
ACL_ENTRY_FILE_INHERIT,
ACL_ENTRY_DIRECTORY_INHERIT,
ACL_ENTRY_NO_PROPAGATE_INHERIT,
ACL_ENTRY_INHERIT_ONLY,
ACL_ENTRY_SUCCESSFUL_ACCESS,
ACL_ENTRY_FAILED_ACCESS,
ACL_ENTRY_INHERITED
#endif
};
#endif
static int
compare_acl_entry(acl_entry_t ae_a, acl_entry_t ae_b, int is_nfs4)
{
acl_tag_t tag_a, tag_b;
acl_permset_t permset_a, permset_b;
int perm_a, perm_b, perm_start, perm_end;
void *qual_a, *qual_b;
#if ARCHIVE_ACL_FREEBSD_NFS4
acl_entry_type_t type_a, type_b;
#endif
#if ARCHIVE_ACL_FREEBSD_NFS4 || ARCHIVE_ACL_DARWIN
acl_flagset_t flagset_a, flagset_b;
int flag_a, flag_b;
#endif
int i, r;
r = acl_get_tag_type(ae_a, &tag_a);
failure("acl_get_tag_type() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
r = acl_get_tag_type(ae_b, &tag_b);
failure("acl_get_tag_type() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
if (tag_a != tag_b)
return (0);
#if ARCHIVE_ACL_DARWIN
if (tag_a == ACL_EXTENDED_ALLOW || tag_b == ACL_EXTENDED_DENY)
#else
if (tag_a == ACL_USER || tag_a == ACL_GROUP)
#endif
{
qual_a = acl_get_qualifier(ae_a);
failure("acl_get_qualifier() error: %s", strerror(errno));
if (assert(qual_a != NULL) == 0)
return (-1);
qual_b = acl_get_qualifier(ae_b);
failure("acl_get_qualifier() error: %s", strerror(errno));
if (assert(qual_b != NULL) == 0) {
acl_free(qual_a);
return (-1);
}
#if ARCHIVE_ACL_DARWIN
if (memcmp(((guid_t *)qual_a)->g_guid,
((guid_t *)qual_b)->g_guid, KAUTH_GUID_SIZE) != 0)
#else
if ((tag_a == ACL_USER &&
(*(uid_t *)qual_a != *(uid_t *)qual_b)) ||
(tag_a == ACL_GROUP &&
(*(gid_t *)qual_a != *(gid_t *)qual_b)))
#endif
{
acl_free(qual_a);
acl_free(qual_b);
return (0);
}
acl_free(qual_a);
acl_free(qual_b);
}
#if ARCHIVE_ACL_FREEBSD_NFS4
if (is_nfs4) {
r = acl_get_entry_type_np(ae_a, &type_a);
failure("acl_get_entry_type_np() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
r = acl_get_entry_type_np(ae_b, &type_b);
failure("acl_get_entry_type_np() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
if (type_a != type_b)
return (0);
}
#endif
r = acl_get_permset(ae_a, &permset_a);
failure("acl_get_permset() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
r = acl_get_permset(ae_b, &permset_b);
failure("acl_get_permset() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
perm_start = 0;
perm_end = (int)(sizeof(acl_perms) / sizeof(acl_perms[0]));
#if ARCHIVE_ACL_FREEBSD_NFS4
if (is_nfs4)
perm_start = 3;
else
perm_end = 3;
#endif
for (i = perm_start; i < perm_end; i++) {
#if ARCHIVE_ACL_LIBACL
perm_a = acl_get_perm(permset_a, acl_perms[i]);
perm_b = acl_get_perm(permset_b, acl_perms[i]);
#else
perm_a = acl_get_perm_np(permset_a, acl_perms[i]);
perm_b = acl_get_perm_np(permset_b, acl_perms[i]);
#endif
if (perm_a == -1 || perm_b == -1)
return (-1);
if (perm_a != perm_b)
return (0);
}
#if ARCHIVE_ACL_FREEBSD_NFS4 || ARCHIVE_ACL_DARWIN
if (is_nfs4) {
r = acl_get_flagset_np(ae_a, &flagset_a);
failure("acl_get_flagset_np() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
r = acl_get_flagset_np(ae_b, &flagset_b);
failure("acl_get_flagset_np() error: %s", strerror(errno));
if (assertEqualInt(r, 0) == 0)
return (-1);
for (i = 0; i < (int)(sizeof(acl_flags) / sizeof(acl_flags[0]));
i++) {
flag_a = acl_get_flag_np(flagset_a, acl_flags[i]);
flag_b = acl_get_flag_np(flagset_b, acl_flags[i]);
if (flag_a == -1 || flag_b == -1)
return (-1);
if (flag_a != flag_b)
return (0);
}
}
#else
(void)is_nfs4;
#endif
return (1);
}
#endif
#if ARCHIVE_ACL_SUPPORT
static void
clear_inheritance_flags(const char *path, int type)
{
switch (type) {
case ARCHIVE_TEST_ACL_TYPE_POSIX1E:
#if ARCHIVE_ACL_POSIX1E
#if !ARCHIVE_ACL_SUNOS
acl_delete_def_file(path);
#else
setTestAcl(path);
#endif
#endif
break;
case ARCHIVE_TEST_ACL_TYPE_NFS4:
#if ARCHIVE_ACL_NFS4
setTestAcl(path);
#endif
break;
default:
(void)path;
break;
}
}
static int
compare_acls(const char *path_a, const char *path_b)
{
int ret = 1;
int is_nfs4 = 0;
#if ARCHIVE_ACL_SUNOS
void *acl_a, *acl_b;
int aclcnt_a, aclcnt_b;
aclent_t *aclent_a, *aclent_b;
ace_t *ace_a, *ace_b;
int e;
#elif ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL
acl_t acl_a, acl_b;
acl_entry_t aclent_a, aclent_b;
int a, b, r;
#endif
#if ARCHIVE_ACL_LIBRICHACL
struct richacl *richacl_a, *richacl_b;
richacl_a = NULL;
richacl_b = NULL;
#endif
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL || \
ARCHIVE_ACL_SUNOS
acl_a = NULL;
acl_b = NULL;
#endif
#if ARCHIVE_ACL_SUNOS
acl_a = sunacl_get(GETACL, &aclcnt_a, 0, path_a);
if (acl_a == NULL) {
#if ARCHIVE_ACL_SUNOS_NFS4
is_nfs4 = 1;
acl_a = sunacl_get(ACE_GETACL, &aclcnt_a, 0, path_a);
#endif
failure("acl_get() error: %s", strerror(errno));
if (assert(acl_a != NULL) == 0)
return (-1);
#if ARCHIVE_ACL_SUNOS_NFS4
acl_b = sunacl_get(ACE_GETACL, &aclcnt_b, 0, path_b);
#endif
} else
acl_b = sunacl_get(GETACL, &aclcnt_b, 0, path_b);
if (acl_b == NULL && (errno == ENOSYS || errno == ENOTSUP)) {
free(acl_a);
return (0);
}
failure("acl_get() error: %s", strerror(errno));
if (assert(acl_b != NULL) == 0) {
free(acl_a);
return (-1);
}
if (aclcnt_a != aclcnt_b) {
ret = 0;
goto exit_free;
}
for (e = 0; e < aclcnt_a; e++) {
if (!is_nfs4) {
aclent_a = &((aclent_t *)acl_a)[e];
aclent_b = &((aclent_t *)acl_b)[e];
if (aclent_a->a_type != aclent_b->a_type ||
aclent_a->a_id != aclent_b->a_id ||
aclent_a->a_perm != aclent_b->a_perm) {
ret = 0;
goto exit_free;
}
}
#if ARCHIVE_ACL_SUNOS_NFS4
else {
ace_a = &((ace_t *)acl_a)[e];
ace_b = &((ace_t *)acl_b)[e];
if (ace_a->a_who != ace_b->a_who ||
ace_a->a_access_mask != ace_b->a_access_mask ||
ace_a->a_flags != ace_b->a_flags ||
ace_a->a_type != ace_b->a_type) {
ret = 0;
goto exit_free;
}
}
#endif
}
#else
#if ARCHIVE_ACL_LIBRICHACL
richacl_a = richacl_get_file(path_a);
#if !ARCHIVE_ACL_LIBACL
if (richacl_a == NULL &&
(errno == ENODATA || errno == ENOTSUP || errno == ENOSYS))
return (0);
failure("richacl_get_file() error: %s (%s)", path_a, strerror(errno));
if (assert(richacl_a != NULL) == 0)
return (-1);
#endif
if (richacl_a != NULL) {
richacl_b = richacl_get_file(path_b);
if (richacl_b == NULL &&
(errno == ENODATA || errno == ENOTSUP || errno == ENOSYS)) {
richacl_free(richacl_a);
return (0);
}
failure("richacl_get_file() error: %s (%s)", path_b,
strerror(errno));
if (assert(richacl_b != NULL) == 0) {
richacl_free(richacl_a);
return (-1);
}
if (richacl_compare(richacl_a, richacl_b) == 0)
ret = 0;
richacl_free(richacl_a);
richacl_free(richacl_b);
return (ret);
}
#endif
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL
#if ARCHIVE_ACL_DARWIN
is_nfs4 = 1;
acl_a = acl_get_file(path_a, ACL_TYPE_EXTENDED);
#elif ARCHIVE_ACL_FREEBSD_NFS4
acl_a = acl_get_file(path_a, ACL_TYPE_NFS4);
if (acl_a != NULL)
is_nfs4 = 1;
#endif
if (acl_a == NULL)
acl_a = acl_get_file(path_a, ACL_TYPE_ACCESS);
failure("acl_get_file() error: %s (%s)", path_a, strerror(errno));
if (assert(acl_a != NULL) == 0)
return (-1);
#if ARCHIVE_ACL_DARWIN
acl_b = acl_get_file(path_b, ACL_TYPE_EXTENDED);
#elif ARCHIVE_ACL_FREEBSD_NFS4
acl_b = acl_get_file(path_b, ACL_TYPE_NFS4);
#endif
#if !ARCHIVE_ACL_DARWIN
if (acl_b == NULL) {
#if ARCHIVE_ACL_FREEBSD_NFS4
if (is_nfs4) {
acl_free(acl_a);
return (0);
}
#endif
acl_b = acl_get_file(path_b, ACL_TYPE_ACCESS);
}
failure("acl_get_file() error: %s (%s)", path_b, strerror(errno));
if (assert(acl_b != NULL) == 0) {
acl_free(acl_a);
return (-1);
}
#endif
a = acl_get_entry(acl_a, ACL_FIRST_ENTRY, &aclent_a);
if (a == -1) {
ret = 0;
goto exit_free;
}
b = acl_get_entry(acl_b, ACL_FIRST_ENTRY, &aclent_b);
if (b == -1) {
ret = 0;
goto exit_free;
}
#if ARCHIVE_ACL_DARWIN
while (a == 0 && b == 0)
#else
while (a == 1 && b == 1)
#endif
{
r = compare_acl_entry(aclent_a, aclent_b, is_nfs4);
if (r != 1) {
ret = r;
goto exit_free;
}
a = acl_get_entry(acl_a, ACL_NEXT_ENTRY, &aclent_a);
b = acl_get_entry(acl_b, ACL_NEXT_ENTRY, &aclent_b);
}
if (a != b)
ret = 0;
#endif
#endif
exit_free:
#if ARCHIVE_ACL_SUNOS
free(acl_a);
free(acl_b);
#else
acl_free(acl_a);
acl_free(acl_b);
#endif
return (ret);
}
#endif
DEFINE_TEST(test_option_acls)
{
#if !ARCHIVE_ACL_SUPPORT
skipping("ACLs are not supported on this platform");
#else
int acltype, r;
assertMakeFile("f", 0644, "a");
acltype = setTestAcl("f");
if (acltype == 0) {
skipping("Can't write ACLs on the filesystem");
return;
}
r = systemf("%s -c --no-mac-metadata --acls -f acls.tar f >acls.out 2>acls.err", testprog);
assertEqualInt(r, 0);
r = systemf("%s -c --no-mac-metadata --no-acls -f noacls.tar f >noacls.out 2>noacls.err", testprog);
assertEqualInt(r, 0);
assertMakeDir("acls_acls", 0755);
clear_inheritance_flags("acls_acls", acltype);
r = systemf("%s -x -C acls_acls --no-same-permissions --acls -f acls.tar >acls_acls.out 2>acls_acls.err", testprog);
assertEqualInt(r, 0);
r = compare_acls("f", "acls_acls/f");
assertEqualInt(r, 1);
assertMakeDir("acls_noacls", 0755);
clear_inheritance_flags("acls_noacls", acltype);
r = systemf("%s -x -C acls_noacls -p --no-acls -f acls.tar >acls_noacls.out 2>acls_noacls.err", testprog);
assertEqualInt(r, 0);
r = compare_acls("f", "acls_noacls/f");
assertEqualInt(r, 0);
assertMakeDir("noacls_acls", 0755);
clear_inheritance_flags("noacls_acls", acltype);
r = systemf("%s -x -C noacls_acls --no-same-permissions --acls -f noacls.tar >noacls_acls.out 2>noacls_acls.err", testprog);
assertEqualInt(r, 0);
r = compare_acls("f", "noacls_acls/f");
assertEqualInt(r, 0);
assertMakeDir("noacls_noacls", 0755);
clear_inheritance_flags("noacls_noacls", acltype);
r = systemf("%s -x -C noacls_noacls -p --no-acls -f noacls.tar >noacls_noacls.out 2>noacls_noacls.err", testprog);
assertEqualInt(r, 0);
r = compare_acls("f", "noacls_noacls/f");
assertEqualInt(r, 0);
#endif
}