bin/getfacl/getfacl.c

   1 /*-
   2  * Copyright (c) 1999, 2001, 2002 Robert N M Watson
   3  * All rights reserved.
   4  *
   5  * This software was developed by Robert Watson for the TrustedBSD Project.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  26  * SUCH DAMAGE.
  27  */
  28 /*
  29  * getfacl -- POSIX.1e utility to extract ACLs from files and directories
  30  * and send the results to stdout
  31  */
  32
  33
  34 #include <sys/cdefs.h>
  35 __FBSDID("$FreeBSD$");
  36
  37 #include <sys/types.h>
  38 #include <sys/param.h>
  39 #include <sys/acl.h>
  40 #include <sys/stat.h>
  41
  42 #include <err.h>
  43 #include <errno.h>
  44 #include <grp.h>
  45 #include <pwd.h>
  46 #include <stdio.h>
  47 #include <stdlib.h>
  48 #include <string.h>
  49 #include <unistd.h>
  50
  51 static int more_than_one = 0;
  52
  53 static void
  54 usage(void)
  55 {
  56
  57         fprintf(stderr, "getfacl [-dhnqv] [file ...]\n");
  58 }
  59
  60 static char *
  61 getuname(uid_t uid)
  62 {
  63         struct passwd *pw;
  64         static char uids[10];
  65
  66         if ((pw = getpwuid(uid)) == NULL) {
  67                 (void)snprintf(uids, sizeof(uids), "%u", uid);
  68                 return (uids);
  69         } else
  70                 return (pw->pw_name);
  71 }
  72
  73 static char *
  74 getgname(gid_t gid)
  75 {
  76         struct group *gr;
  77         static char gids[10];
  78
  79         if ((gr = getgrgid(gid)) == NULL) {
  80                 (void)snprintf(gids, sizeof(gids), "%u", gid);
  81                 return (gids);
  82         } else
  83                 return (gr->gr_name);
  84 }
  85
  86 /*
  87  * return an ACL corresponding to the permissions
  88  * contained in struct stat
  89  */
  90 static acl_t
  91 acl_from_stat(struct stat sb)
  92 {
  93         acl_t acl;
  94         acl_entry_t entry;
  95         acl_permset_t perms;
  96
  97         /* create the ACL */
  98         acl = acl_init(3);
  99         if (!acl)
 100                 return NULL;
 101
 102         /* First entry: ACL_USER_OBJ */
 103         if (acl_create_entry(&acl, &entry) == -1)
 104                 return NULL;
 105         if (acl_set_tag_type(entry, ACL_USER_OBJ) == -1)
 106                 return NULL;
 107
 108         if (acl_get_permset(entry, &perms) == -1)
 109                 return NULL;
 110         if (acl_clear_perms(perms) == -1)
 111                 return NULL;
 112
 113         /* calculate user mode */
 114         if (sb.st_mode & S_IRUSR)
 115                 if (acl_add_perm(perms, ACL_READ) == -1)
 116                         return NULL;
 117         if (sb.st_mode & S_IWUSR)
 118                 if (acl_add_perm(perms, ACL_WRITE) == -1)
 119                         return NULL;
 120         if (sb.st_mode & S_IXUSR)
 121                 if (acl_add_perm(perms, ACL_EXECUTE) == -1)
 122                         return NULL;
 123         if (acl_set_permset(entry, perms) == -1)
 124                 return NULL;
 125
 126         /* Second entry: ACL_GROUP_OBJ */
 127         if (acl_create_entry(&acl, &entry) == -1)
 128                 return NULL;
 129         if (acl_set_tag_type(entry, ACL_GROUP_OBJ) == -1)
 130                 return NULL;
 131
 132         if (acl_get_permset(entry, &perms) == -1)
 133                 return NULL;
 134         if (acl_clear_perms(perms) == -1)
 135                 return NULL;
 136
 137         /* calculate group mode */
 138         if (sb.st_mode & S_IRGRP)
 139                 if (acl_add_perm(perms, ACL_READ) == -1)
 140                         return NULL;
 141         if (sb.st_mode & S_IWGRP)
 142                 if (acl_add_perm(perms, ACL_WRITE) == -1)
 143                         return NULL;
 144         if (sb.st_mode & S_IXGRP)
 145                 if (acl_add_perm(perms, ACL_EXECUTE) == -1)
 146                         return NULL;
 147         if (acl_set_permset(entry, perms) == -1)
 148                 return NULL;
 149
 150         /* Third entry: ACL_OTHER */
 151         if (acl_create_entry(&acl, &entry) == -1)
 152                 return NULL;
 153         if (acl_set_tag_type(entry, ACL_OTHER) == -1)
 154                 return NULL;
 155
 156         if (acl_get_permset(entry, &perms) == -1)
 157                 return NULL;
 158         if (acl_clear_perms(perms) == -1)
 159                 return NULL;
 160
 161         /* calculate other mode */
 162         if (sb.st_mode & S_IROTH)
 163                 if (acl_add_perm(perms, ACL_READ) == -1)
 164                         return NULL;
 165         if (sb.st_mode & S_IWOTH)
 166                 if (acl_add_perm(perms, ACL_WRITE) == -1)
 167                         return NULL;
 168         if (sb.st_mode & S_IXOTH)
 169                 if (acl_add_perm(perms, ACL_EXECUTE) == -1)
 170                         return NULL;
 171         if (acl_set_permset(entry, perms) == -1)
 172                 return NULL;
 173
 174         return(acl);
 175 }
 176
 177 static int
 178 print_acl(char *path, acl_type_t type, int hflag, int iflag, int nflag,
 179     int qflag, int vflag)
 180 {
 181         struct stat     sb;
 182         acl_t   acl;
 183         char    *acl_text;
 184         int     error, flags = 0, ret;
 185
 186         if (hflag)
 187                 error = lstat(path, &sb);
 188         else
 189                 error = stat(path, &sb);
 190         if (error == -1) {
 191                 warn("%s: stat() failed", path);
 192                 return(-1);
 193         }
 194
 195         if (hflag)
 196                 ret = lpathconf(path, _PC_ACL_NFS4);
 197         else
 198                 ret = pathconf(path, _PC_ACL_NFS4);
 199         if (ret > 0) {
 200                 if (type == ACL_TYPE_DEFAULT) {
 201                         warnx("%s: there are no default entries in NFSv4 ACLs",
 202                             path);
 203                         return (-1);
 204                 }
 205                 type = ACL_TYPE_NFS4;
 206         } else if (ret < 0 && errno != EINVAL) {
 207                 warn("%s: pathconf(..., _PC_ACL_NFS4) failed", path);
 208                 return (-1);
 209         }
 210
 211         if (more_than_one)
 212                 printf("\n");
 213         else
 214                 more_than_one++;
 215
 216         if (!qflag)
 217                 printf("# file: %s\n# owner: %s\n# group: %s\n", path,
 218                     getuname(sb.st_uid), getgname(sb.st_gid));
 219
 220         if (hflag)
 221                 acl = acl_get_link_np(path, type);
 222         else
 223                 acl = acl_get_file(path, type);
 224         if (!acl) {
 225                 if (errno != EOPNOTSUPP) {
 226                         warn("%s", path);
 227                         return(-1);
 228                 }
 229                 errno = 0;
 230                 if (type == ACL_TYPE_DEFAULT)
 231                         return(0);
 232                 acl = acl_from_stat(sb);
 233                 if (!acl) {
 234                         warn("%s: acl_from_stat() failed", path);
 235                         return(-1);
 236                 }
 237         }
 238
 239         if (iflag)
 240                 flags |= ACL_TEXT_APPEND_ID;
 241
 242         if (nflag)
 243                 flags |= ACL_TEXT_NUMERIC_IDS;
 244
 245         if (vflag)
 246                 flags |= ACL_TEXT_VERBOSE;
 247
 248         acl_text = acl_to_text_np(acl, 0, flags);
 249         if (!acl_text) {
 250                 warn("%s: acl_to_text_np() failed", path);
 251                 return(-1);
 252         }
 253
 254         printf("%s", acl_text);
 255
 256         (void)acl_free(acl);
 257         (void)acl_free(acl_text);
 258
 259         return(0);
 260 }
 261
 262 static int
 263 print_acl_from_stdin(acl_type_t type, int hflag, int iflag, int nflag,
 264     int qflag, int vflag)
 265 {
 266         char    *p, pathname[PATH_MAX];
 267         int     carried_error = 0;
 268
 269         while (fgets(pathname, (int)sizeof(pathname), stdin)) {
 270                 if ((p = strchr(pathname, '\n')) != NULL)
 271                         *p = '\0';
 272                 if (print_acl(pathname, type, hflag, iflag, nflag,
 273                     qflag, vflag) == -1) {
 274                         carried_error = -1;
 275                 }
 276         }
 277
 278         return(carried_error);
 279 }
 280
 281 int
 282 main(int argc, char *argv[])
 283 {
 284         acl_type_t      type = ACL_TYPE_ACCESS;
 285         int     carried_error = 0;
 286         int     ch, error, i;
 287         int     hflag, iflag, qflag, nflag, vflag;
 288
 289         hflag = 0;
 290         iflag = 0;
 291         qflag = 0;
 292         nflag = 0;
 293         vflag = 0;
 294         while ((ch = getopt(argc, argv, "dhinqv")) != -1)
 295                 switch(ch) {
 296                 case 'd':
 297                         type = ACL_TYPE_DEFAULT;
 298                         break;
 299                 case 'h':
 300                         hflag = 1;
 301                         break;
 302                 case 'i':
 303                         iflag = 1;
 304                         break;
 305                 case 'n':
 306                         nflag = 1;
 307                         break;
 308                 case 'q':
 309                         qflag = 1;
 310                         break;
 311                 case 'v':
 312                         vflag = 1;
 313                         break;
 314                 default:
 315                         usage();
 316                         return(-1);
 317                 }
 318         argc -= optind;
 319         argv += optind;
 320
 321         if (argc == 0) {
 322                 error = print_acl_from_stdin(type, hflag, iflag, nflag,
 323                     qflag, vflag);
 324                 return(error ? 1 : 0);
 325         }
 326
 327         for (i = 0; i < argc; i++) {
 328                 if (!strcmp(argv[i], "-")) {
 329                         error = print_acl_from_stdin(type, hflag, iflag, nflag,
 330                             qflag, vflag);
 331                         if (error == -1)
 332                                 carried_error = -1;
 333                 } else {
 334                         error = print_acl(argv[i], type, hflag, iflag, nflag,
 335                             qflag, vflag);
 336                         if (error == -1)
 337                                 carried_error = -1;
 338                 }
 339         }
 340
 341         return(carried_error ? 1 : 0);
 342 }