2 * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * acl_from_text: Convert a text-form ACL from a string to an acl_t.
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
33 #include <sys/types.h>
34 #include "namespace.h"
36 #include "un-namespace.h"
37 #include <sys/errno.h>
44 #include "acl_support.h"
46 static int _posix1e_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id);
47 static acl_tag_t acl_string_to_tag(char *tag, char *qualifier);
48 static char *string_skip_whitespace(char *string);
49 static void string_trim_trailing_whitespace(char *string);
52 string_skip_whitespace(char *string)
55 while (*string && ((*string == ' ') || (*string == '\t'))) {
62 string_trim_trailing_whitespace(char *string)
69 end = string + strlen(string) - 1;
71 while (end != string) {
72 if ((*end == ' ') || (*end == '\t')) {
84 acl_string_to_tag(char *tag, char *qualifier)
87 if (*qualifier == '\0') {
88 if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
89 return (ACL_USER_OBJ);
91 if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
92 return (ACL_GROUP_OBJ);
94 if ((!strcmp(tag, "mask")) || (!strcmp(tag, "m"))) {
97 if ((!strcmp(tag, "other")) || (!strcmp(tag, "o"))) {
102 if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
105 if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
113 * acl_from_text -- Convert a string into an ACL.
114 * Postpone most validity checking until the end and call acl_valid() to do
118 acl_from_text(const char *buf_p)
123 char *mybuf_p, *line, *cur, *notcomment, *comment, *entry;
124 char *tag, *qualifier, *permission;
128 /* Local copy we can mess up. */
129 mybuf_p = strdup(buf_p);
139 /* Outer loop: delimit at \n boundaries. */
141 while ((line = strsep(&cur, "\n"))) {
142 /* Now split the line on the first # to strip out comments. */
144 notcomment = strsep(&comment, "#");
146 /* Inner loop: delimit at ',' boundaries. */
147 while ((entry = strsep(¬comment, ","))) {
148 /* Now split into three ':' delimited fields. */
149 tag = strsep(&entry, ":");
154 tag = string_skip_whitespace(tag);
155 if ((*tag == '\0') && (!entry)) {
157 * Is an entirely comment line, skip to next
162 string_trim_trailing_whitespace(tag);
164 qualifier = strsep(&entry, ":");
165 if (qualifier == NULL) {
169 qualifier = string_skip_whitespace(qualifier);
170 string_trim_trailing_whitespace(qualifier);
172 permission = strsep(&entry, ":");
173 if (permission == NULL || entry) {
177 permission = string_skip_whitespace(permission);
178 string_trim_trailing_whitespace(permission);
180 t = acl_string_to_tag(tag, qualifier);
186 error = _posix1e_acl_string_to_perm(permission, &p);
197 if (*qualifier != '\0') {
206 error = _posix1e_acl_name_to_id(t, qualifier,
217 error = _posix1e_acl_add_entry(acl, t, id, p);
224 /* XXX Should we only return ACLs valid according to acl_valid? */
225 /* Verify validity of the ACL we read in. */
226 if (acl_valid(acl) == -1) {
241 * Given a username/groupname from a text form of an ACL, return the uid/gid
242 * XXX NOT THREAD SAFE, RELIES ON GETPWNAM, GETGRNAM
243 * XXX USES *PW* AND *GR* WHICH ARE STATEFUL AND THEREFORE THIS ROUTINE
244 * MAY HAVE SIDE-EFFECTS
246 * XXX currently doesn't deal correctly with a numeric uid being passed
247 * instead of a username. What is correct behavior here? Check chown.
250 _posix1e_acl_name_to_id(acl_tag_t tag, char *name, uid_t *id)
261 l = strtoul(name, &endp, 0);
262 if (*endp != '\0' || l != (unsigned long)(uid_t)l) {
275 l = strtoul(name, &endp, 0);
276 if (*endp != '\0' || l != (unsigned long)(gid_t)l) {