2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 2012, 2013 SRI International
5 * Copyright (c) 1987, 1993
6 * The Regents of the University of California. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 static const char copyright[] =
35 "@(#) Copyright (c) 1987, 1993\n\
36 The Regents of the University of California. All rights reserved.\n";
41 static char sccsid[] = "@(#)xinstall.c 8.1 (Berkeley) 7/21/93";
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
48 #include <sys/param.h>
50 #include <sys/mount.h>
78 #define MAX_CMP_SIZE (16 * 1024 * 1024)
80 #define LN_ABSOLUTE 0x01
81 #define LN_RELATIVE 0x02
83 #define LN_SYMBOLIC 0x08
86 #define DIRECTORY 0x01 /* Tell install it's a directory. */
87 #define SETFLAGS 0x02 /* Tell install to set flags. */
88 #define NOCHANGEBITS (UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND)
89 #define BACKUP_SUFFIX ".old"
93 RIPEMD160_CTX RIPEMD160;
106 } digesttype = DIGEST_NONE;
108 extern char **environ;
112 static int dobackup, docompare, dodir, dolink, dopreserve, dostrip, dounpriv,
114 static int haveopt_f, haveopt_g, haveopt_m, haveopt_o;
115 static mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
117 static const char *group, *owner;
118 static const char *suffix = BACKUP_SUFFIX;
119 static char *destdir, *digest, *fflags, *metafile, *tags;
121 static int compare(int, const char *, size_t, int, const char *, size_t,
123 static char *copy(int, const char *, int, const char *, off_t);
124 static int create_newfile(const char *, int, struct stat *);
125 static int create_tempfile(const char *, char *, size_t);
126 static char *quiet_mktemp(char *template);
127 static char *digest_file(const char *);
128 static void digest_init(DIGEST_CTX *);
129 static void digest_update(DIGEST_CTX *, const char *, size_t);
130 static char *digest_end(DIGEST_CTX *, char *);
131 static int do_link(const char *, const char *, const struct stat *);
132 static void do_symlink(const char *, const char *, const struct stat *);
133 static void makelink(const char *, const char *, const struct stat *);
134 static void install(const char *, const char *, u_long, u_int);
135 static void install_dir(char *);
136 static void metadata_log(const char *, const char *, struct timespec *,
137 const char *, const char *, off_t);
138 static int parseid(const char *, id_t *);
139 static int strip(const char *, int, const char *, char **);
140 static int trymmap(int);
141 static void usage(void);
144 main(int argc, char *argv[])
146 struct stat from_sb, to_sb;
156 group = owner = NULL;
157 while ((ch = getopt(argc, argv, "B:bCcD:df:g:h:l:M:m:N:o:pSsT:Uv")) !=
170 /* For backwards compatibility. */
190 for (p = optarg; *p != '\0'; p++)
193 dolink &= ~(LN_HARD|LN_MIXED);
194 dolink |= LN_SYMBOLIC;
197 dolink &= ~(LN_SYMBOLIC|LN_MIXED);
201 dolink &= ~(LN_SYMBOLIC|LN_HARD);
205 dolink &= ~LN_RELATIVE;
206 dolink |= LN_ABSOLUTE;
209 dolink &= ~LN_ABSOLUTE;
210 dolink |= LN_RELATIVE;
213 errx(1, "%c: invalid link type", *p);
222 if (!(set = setmode(optarg)))
223 errx(EX_USAGE, "invalid file mode: %s",
225 mode = getmode(set, 0);
229 if (!setup_getid(optarg))
230 err(EX_OSERR, "Unable to use user and group "
231 "databases in `%s'", optarg);
238 docompare = dopreserve = 1;
262 /* some options make no sense when creating directories */
263 if (dostrip && dodir) {
264 warnx("-d and -s may not be specified together");
268 if (getenv("DONTSTRIP") != NULL) {
269 warnx("DONTSTRIP set - will not strip installed binaries");
273 /* must have at least two arguments, except when creating directories */
274 if (argc == 0 || (argc == 1 && !dodir))
277 if (digest != NULL) {
278 if (strcmp(digest, "none") == 0) {
279 digesttype = DIGEST_NONE;
280 } else if (strcmp(digest, "md5") == 0) {
281 digesttype = DIGEST_MD5;
282 } else if (strcmp(digest, "rmd160") == 0) {
283 digesttype = DIGEST_RIPEMD160;
284 } else if (strcmp(digest, "sha1") == 0) {
285 digesttype = DIGEST_SHA1;
286 } else if (strcmp(digest, "sha256") == 0) {
287 digesttype = DIGEST_SHA256;
288 } else if (strcmp(digest, "sha512") == 0) {
289 digesttype = DIGEST_SHA512;
291 warnx("unknown digest `%s'", digest);
296 /* need to make a temp copy so we can compare stripped version */
297 if (docompare && dostrip)
300 /* get group and owner id's */
301 if (group != NULL && !dounpriv) {
302 if (gid_from_group(group, &gid) == -1) {
304 if (!parseid(group, &id))
305 errx(1, "unknown group %s", group);
311 if (owner != NULL && !dounpriv) {
312 if (uid_from_user(owner, &uid) == -1) {
314 if (!parseid(owner, &id))
315 errx(1, "unknown user %s", owner);
321 if (fflags != NULL && !dounpriv) {
322 if (strtofflags(&fflags, &fset, NULL))
323 errx(EX_USAGE, "%s: invalid flag", fflags);
327 if (metafile != NULL) {
328 if ((metafp = fopen(metafile, "a")) == NULL)
329 warn("open %s", metafile);
331 digesttype = DIGEST_NONE;
334 for (; *argv != NULL; ++argv)
340 to_name = argv[argc - 1];
341 no_target = stat(to_name, &to_sb);
342 if (!no_target && S_ISDIR(to_sb.st_mode)) {
343 if (dolink & LN_SYMBOLIC) {
344 if (lstat(to_name, &to_sb) != 0)
345 err(EX_OSERR, "%s vanished", to_name);
346 if (S_ISLNK(to_sb.st_mode)) {
349 err(EX_USAGE, "%s", to_name);
351 install(*argv, to_name, fset, iflags);
355 for (; *argv != to_name; ++argv)
356 install(*argv, to_name, fset, iflags | DIRECTORY);
361 /* can't do file1 file2 directory/file */
364 warnx("target directory `%s' does not exist",
367 warnx("target `%s' is not a directory",
372 if (!no_target && !dolink) {
373 if (stat(*argv, &from_sb))
374 err(EX_OSERR, "%s", *argv);
375 if (!S_ISREG(to_sb.st_mode)) {
377 err(EX_OSERR, "%s", to_name);
379 if (to_sb.st_dev == from_sb.st_dev &&
380 to_sb.st_ino == from_sb.st_ino)
382 "%s and %s are the same file", *argv, to_name);
384 install(*argv, to_name, fset, iflags);
390 digest_file(const char *name)
393 switch (digesttype) {
395 return (MD5File(name, NULL));
396 case DIGEST_RIPEMD160:
397 return (RIPEMD160_File(name, NULL));
399 return (SHA1_File(name, NULL));
401 return (SHA256_File(name, NULL));
403 return (SHA512_File(name, NULL));
410 digest_init(DIGEST_CTX *c)
413 switch (digesttype) {
419 case DIGEST_RIPEMD160:
420 RIPEMD160_Init(&(c->RIPEMD160));
423 SHA1_Init(&(c->SHA1));
426 SHA256_Init(&(c->SHA256));
429 SHA512_Init(&(c->SHA512));
435 digest_update(DIGEST_CTX *c, const char *data, size_t len)
438 switch (digesttype) {
442 MD5Update(&(c->MD5), data, len);
444 case DIGEST_RIPEMD160:
445 RIPEMD160_Update(&(c->RIPEMD160), data, len);
448 SHA1_Update(&(c->SHA1), data, len);
451 SHA256_Update(&(c->SHA256), data, len);
454 SHA512_Update(&(c->SHA512), data, len);
460 digest_end(DIGEST_CTX *c, char *buf)
463 switch (digesttype) {
465 return (MD5End(&(c->MD5), buf));
466 case DIGEST_RIPEMD160:
467 return (RIPEMD160_End(&(c->RIPEMD160), buf));
469 return (SHA1_End(&(c->SHA1), buf));
471 return (SHA256_End(&(c->SHA256), buf));
473 return (SHA512_End(&(c->SHA512), buf));
481 * parse uid or gid from arg into id, returning non-zero if successful
484 parseid(const char *name, id_t *id)
488 *id = (id_t)strtoul(name, &ep, 10);
489 if (errno || *ep != '\0')
496 * mktemp implementation used mkstemp to avoid mktemp warnings. We
497 * really do need mktemp semantics here as we will be creating a link.
500 quiet_mktemp(char *template)
504 if ((fd = mkstemp(template)) == -1)
507 if (unlink(template) == -1)
508 err(EX_OSERR, "unlink %s", template);
514 * make a hard link, obeying dorename if set
515 * return -1 on failure
518 do_link(const char *from_name, const char *to_name,
519 const struct stat *target_sb)
521 char tmpl[MAXPATHLEN];
524 if (safecopy && target_sb != NULL) {
525 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
526 /* This usage is safe. */
527 if (quiet_mktemp(tmpl) == NULL)
528 err(EX_OSERR, "%s: mktemp", tmpl);
529 ret = link(from_name, tmpl);
531 if (target_sb->st_mode & S_IFDIR && rmdir(to_name) ==
534 err(EX_OSERR, "%s", to_name);
536 #if HAVE_STRUCT_STAT_ST_FLAGS
537 if (target_sb->st_flags & NOCHANGEBITS)
538 (void)chflags(to_name, target_sb->st_flags &
542 printf("install: link %s -> %s\n",
544 ret = rename(tmpl, to_name);
546 * If rename has posix semantics, then the temporary
547 * file may still exist when from_name and to_name point
548 * to the same file, so unlink it unconditionally.
555 printf("install: link %s -> %s\n",
557 return (link(from_name, to_name));
563 * Make a symbolic link, obeying dorename if set. Exit on failure.
566 do_symlink(const char *from_name, const char *to_name,
567 const struct stat *target_sb)
569 char tmpl[MAXPATHLEN];
571 if (safecopy && target_sb != NULL) {
572 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
573 /* This usage is safe. */
574 if (quiet_mktemp(tmpl) == NULL)
575 err(EX_OSERR, "%s: mktemp", tmpl);
577 if (symlink(from_name, tmpl) == -1)
578 err(EX_OSERR, "symlink %s -> %s", from_name, tmpl);
580 if (target_sb->st_mode & S_IFDIR && rmdir(to_name) == -1) {
582 err(EX_OSERR, "%s", to_name);
584 #if HAVE_STRUCT_STAT_ST_FLAGS
585 if (target_sb->st_flags & NOCHANGEBITS)
586 (void)chflags(to_name, target_sb->st_flags &
590 printf("install: symlink %s -> %s\n",
592 if (rename(tmpl, to_name) == -1) {
593 /* Remove temporary link before exiting. */
595 err(EX_OSERR, "%s: rename", to_name);
599 printf("install: symlink %s -> %s\n",
601 if (symlink(from_name, to_name) == -1)
602 err(EX_OSERR, "symlink %s -> %s", from_name, to_name);
608 * make a link from source to destination
611 makelink(const char *from_name, const char *to_name,
612 const struct stat *target_sb)
614 char src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN];
617 /* Try hard links first. */
618 if (dolink & (LN_HARD|LN_MIXED)) {
619 if (do_link(from_name, to_name, target_sb) == -1) {
620 if ((dolink & LN_HARD) || errno != EXDEV)
621 err(EX_OSERR, "link %s -> %s", from_name, to_name);
623 if (stat(to_name, &to_sb))
624 err(EX_OSERR, "%s: stat", to_name);
625 if (S_ISREG(to_sb.st_mode)) {
627 * XXX: hard links to anything other than
628 * plain files are not metalogged
631 const char *oowner, *ogroup;
636 * XXX: use underlying perms, unless
637 * overridden on command line.
641 mode = (to_sb.st_mode & 0777);
651 dres = digest_file(from_name);
652 metadata_log(to_name, "file", NULL, NULL,
653 dres, to_sb.st_size);
664 /* Symbolic links. */
665 if (dolink & LN_ABSOLUTE) {
666 /* Convert source path to absolute. */
667 if (realpath(from_name, src) == NULL)
668 err(EX_OSERR, "%s: realpath", from_name);
669 do_symlink(src, to_name, target_sb);
670 /* XXX: src may point outside of destdir */
671 metadata_log(to_name, "link", NULL, src, NULL, 0);
675 if (dolink & LN_RELATIVE) {
676 char *to_name_copy, *cp, *d, *ld, *ls, *s;
678 if (*from_name != '/') {
679 /* this is already a relative link */
680 do_symlink(from_name, to_name, target_sb);
681 /* XXX: from_name may point outside of destdir. */
682 metadata_log(to_name, "link", NULL, from_name, NULL, 0);
686 /* Resolve pathnames. */
687 if (realpath(from_name, src) == NULL)
688 err(EX_OSERR, "%s: realpath", from_name);
691 * The last component of to_name may be a symlink,
692 * so use realpath to resolve only the directory.
694 to_name_copy = strdup(to_name);
695 if (to_name_copy == NULL)
696 err(EX_OSERR, "%s: strdup", to_name);
697 cp = dirname(to_name_copy);
698 if (realpath(cp, dst) == NULL)
699 err(EX_OSERR, "%s: realpath", cp);
700 /* .. and add the last component. */
701 if (strcmp(dst, "/") != 0) {
702 if (strlcat(dst, "/", sizeof(dst)) > sizeof(dst))
703 errx(1, "resolved pathname too long");
705 strcpy(to_name_copy, to_name);
706 cp = basename(to_name_copy);
707 if (strlcat(dst, cp, sizeof(dst)) > sizeof(dst))
708 errx(1, "resolved pathname too long");
711 /* Trim common path components. */
713 for (s = src, d = dst; *s == *d; ls = s, ld = d, s++, d++)
716 * If we didn't end after a directory separator, then we've
717 * falsely matched the last component. For example, if one
718 * invoked install -lrs /lib/foo.so /libexec/ then the source
719 * would terminate just after the separator while the
720 * destination would terminate in the middle of 'libexec',
721 * leading to a full directory getting falsely eaten.
723 if ((ls != NULL && *ls != '/') || (ld != NULL && *ld != '/'))
728 /* Count the number of directories we need to backtrack. */
729 for (++d, lnk[0] = '\0'; *d; d++)
731 (void)strlcat(lnk, "../", sizeof(lnk));
733 (void)strlcat(lnk, ++s, sizeof(lnk));
735 do_symlink(lnk, to_name, target_sb);
736 /* XXX: Link may point outside of destdir. */
737 metadata_log(to_name, "link", NULL, lnk, NULL, 0);
742 * If absolute or relative was not specified, try the names the
745 do_symlink(from_name, to_name, target_sb);
746 /* XXX: from_name may point outside of destdir. */
747 metadata_log(to_name, "link", NULL, from_name, NULL, 0);
752 * build a path name and install the file
755 install(const char *from_name, const char *to_name, u_long fset, u_int flags)
757 struct stat from_sb, temp_sb, to_sb;
758 struct timespec tsb[2];
759 int devnull, files_match, from_fd, serrno, stripped, target;
760 int tempcopy, temp_fd, to_fd;
761 char backup[MAXPATHLEN], *p, pathbuf[MAXPATHLEN], tempfile[MAXPATHLEN];
765 files_match = stripped = 0;
769 /* If try to install NULL file to a directory, fails. */
770 if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL)) {
772 if (stat(from_name, &from_sb))
773 err(EX_OSERR, "%s", from_name);
774 if (!S_ISREG(from_sb.st_mode)) {
776 err(EX_OSERR, "%s", from_name);
779 /* Build the target path. */
780 if (flags & DIRECTORY) {
781 (void)snprintf(pathbuf, sizeof(pathbuf), "%s%s%s",
783 to_name[strlen(to_name) - 1] == '/' ? "" : "/",
784 (p = strrchr(from_name, '/')) ? ++p : from_name);
792 target = (lstat(to_name, &to_sb) == 0);
795 if (target && !safecopy) {
796 if (to_sb.st_mode & S_IFDIR && rmdir(to_name) == -1)
797 err(EX_OSERR, "%s", to_name);
798 #if HAVE_STRUCT_STAT_ST_FLAGS
799 if (to_sb.st_flags & NOCHANGEBITS)
800 (void)chflags(to_name,
801 to_sb.st_flags & ~NOCHANGEBITS);
805 makelink(from_name, to_name, target ? &to_sb : NULL);
809 if (target && !S_ISREG(to_sb.st_mode) && !S_ISLNK(to_sb.st_mode)) {
815 /* Only copy safe if the target exists. */
816 tempcopy = safecopy && target;
818 if (!devnull && (from_fd = open(from_name, O_RDONLY, 0)) < 0)
819 err(EX_OSERR, "%s", from_name);
821 /* If we don't strip, we can compare first. */
822 if (docompare && !dostrip && target && S_ISREG(to_sb.st_mode)) {
823 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
824 err(EX_OSERR, "%s", to_name);
826 files_match = to_sb.st_size == 0;
828 files_match = !(compare(from_fd, from_name,
829 (size_t)from_sb.st_size, to_fd,
830 to_name, (size_t)to_sb.st_size, &digestresult));
832 /* Close "to" file unless we match. */
839 to_fd = create_tempfile(to_name, tempfile,
842 err(EX_OSERR, "%s", tempfile);
844 if ((to_fd = create_newfile(to_name, target,
846 err(EX_OSERR, "%s", to_name);
848 (void)printf("install: %s -> %s\n",
853 stripped = strip(tempcopy ? tempfile : to_name,
854 to_fd, from_name, &digestresult);
856 digestresult = copy(from_fd, from_name, to_fd,
857 tempcopy ? tempfile : to_name, from_sb.st_size);
863 (void)strip(tempcopy ? tempfile : to_name, to_fd,
864 NULL, &digestresult);
867 * Re-open our fd on the target, in case
868 * we did not strip in-place.
871 to_fd = open(tempcopy ? tempfile : to_name, O_RDONLY, 0);
873 err(EX_OSERR, "stripping %s", to_name);
877 * Compare the stripped temp file with the target.
879 if (docompare && dostrip && target && S_ISREG(to_sb.st_mode)) {
882 /* Re-open to_fd using the real target name. */
883 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
884 err(EX_OSERR, "%s", to_name);
886 if (fstat(temp_fd, &temp_sb)) {
888 (void)unlink(tempfile);
890 err(EX_OSERR, "%s", tempfile);
893 if (compare(temp_fd, tempfile, (size_t)temp_sb.st_size, to_fd,
894 to_name, (size_t)to_sb.st_size, &digestresult)
897 * If target has more than one link we need to
898 * replace it in order to snap the extra links.
899 * Need to preserve target file times, though.
901 if (to_sb.st_nlink != 1) {
902 tsb[0] = to_sb.st_atim;
903 tsb[1] = to_sb.st_mtim;
904 (void)utimensat(AT_FDCWD, tempfile, tsb, 0);
907 (void)unlink(tempfile);
909 (void) close(temp_fd);
912 digestresult = digest_file(tempfile);
915 * Move the new file into place if doing a safe copy
916 * and the files are different (or just not compared).
918 if (tempcopy && !files_match) {
919 #if HAVE_STRUCT_STAT_ST_FLAGS
920 /* Try to turn off the immutable bits. */
921 if (to_sb.st_flags & NOCHANGEBITS)
922 (void)chflags(to_name, to_sb.st_flags & ~NOCHANGEBITS);
925 if ((size_t)snprintf(backup, MAXPATHLEN, "%s%s", to_name,
926 suffix) != strlen(to_name) + strlen(suffix)) {
928 errx(EX_OSERR, "%s: backup filename too long",
932 (void)printf("install: %s -> %s\n", to_name, backup);
933 if (unlink(backup) < 0 && errno != ENOENT) {
935 #if HAVE_STRUCT_STAT_ST_FLAGS
936 if (to_sb.st_flags & NOCHANGEBITS)
937 (void)chflags(to_name, to_sb.st_flags);
941 err(EX_OSERR, "unlink: %s", backup);
943 if (link(to_name, backup) < 0) {
946 #if HAVE_STRUCT_STAT_ST_FLAGS
947 if (to_sb.st_flags & NOCHANGEBITS)
948 (void)chflags(to_name, to_sb.st_flags);
951 err(EX_OSERR, "link: %s to %s", to_name,
956 (void)printf("install: %s -> %s\n", from_name, to_name);
957 if (rename(tempfile, to_name) < 0) {
961 err(EX_OSERR, "rename: %s to %s",
965 /* Re-open to_fd so we aren't hosed by the rename(2). */
967 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
968 err(EX_OSERR, "%s", to_name);
972 * Preserve the timestamp of the source file if necessary.
974 if (dopreserve && !files_match && !devnull) {
975 tsb[0] = from_sb.st_atim;
976 tsb[1] = from_sb.st_mtim;
977 (void)utimensat(AT_FDCWD, to_name, tsb, 0);
980 if (fstat(to_fd, &to_sb) == -1) {
982 (void)unlink(to_name);
984 err(EX_OSERR, "%s", to_name);
988 * Set owner, group, mode for target; do the chown first,
989 * chown may lose the setuid bits.
991 if (!dounpriv && ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
992 (uid != (uid_t)-1 && uid != to_sb.st_uid) ||
993 (mode != (to_sb.st_mode & ALLPERMS)))) {
994 #if HAVE_STRUCT_STAT_ST_FLAGS
995 /* Try to turn off the immutable bits. */
996 if (to_sb.st_flags & NOCHANGEBITS)
997 (void)fchflags(to_fd, to_sb.st_flags & ~NOCHANGEBITS);
1002 (gid != (gid_t)-1 && gid != to_sb.st_gid) ||
1003 (uid != (uid_t)-1 && uid != to_sb.st_uid))
1004 if (fchown(to_fd, uid, gid) == -1) {
1006 (void)unlink(to_name);
1008 err(EX_OSERR,"%s: chown/chgrp", to_name);
1011 if (mode != (to_sb.st_mode & ALLPERMS)) {
1013 dounpriv ? mode & (S_IRWXU|S_IRWXG|S_IRWXO) : mode)) {
1015 (void)unlink(to_name);
1017 err(EX_OSERR, "%s: chmod", to_name);
1020 #if HAVE_STRUCT_STAT_ST_FLAGS
1022 * If provided a set of flags, set them, otherwise, preserve the
1023 * flags, except for the dump flag.
1024 * NFS does not support flags. Ignore EOPNOTSUPP flags if we're just
1025 * trying to turn off UF_NODUMP. If we're trying to set real flags,
1026 * then warn if the fs doesn't support it, otherwise fail.
1028 if (!dounpriv & !devnull && (flags & SETFLAGS ||
1029 (from_sb.st_flags & ~UF_NODUMP) != to_sb.st_flags) &&
1031 flags & SETFLAGS ? fset : from_sb.st_flags & ~UF_NODUMP)) {
1032 if (flags & SETFLAGS) {
1033 if (errno == EOPNOTSUPP)
1034 warn("%s: chflags", to_name);
1037 (void)unlink(to_name);
1039 err(EX_OSERR, "%s: chflags", to_name);
1047 (void)close(from_fd);
1049 metadata_log(to_name, "file", tsb, NULL, digestresult, to_sb.st_size);
1055 * Compare two files; non-zero means files differ.
1056 * Compute digest and return its address in *dresp
1057 * unless it points to pre-computed digest.
1060 compare(int from_fd, const char *from_name __unused, size_t from_len,
1061 int to_fd, const char *to_name __unused, size_t to_len,
1066 int do_digest, done_compare;
1070 if (from_len != to_len)
1073 do_digest = (digesttype != DIGEST_NONE && dresp != NULL &&
1075 if (from_len <= MAX_CMP_SIZE) {
1079 if (trymmap(from_fd) && trymmap(to_fd)) {
1080 p = mmap(NULL, from_len, PROT_READ, MAP_SHARED,
1082 if (p == MAP_FAILED)
1084 q = mmap(NULL, from_len, PROT_READ, MAP_SHARED,
1086 if (q == MAP_FAILED) {
1087 munmap(p, from_len);
1091 rv = memcmp(p, q, from_len);
1093 digest_update(&ctx, p, from_len);
1094 munmap(p, from_len);
1095 munmap(q, from_len);
1099 if (!done_compare) {
1100 char buf1[MAXBSIZE];
1101 char buf2[MAXBSIZE];
1105 lseek(from_fd, 0, SEEK_SET);
1106 lseek(to_fd, 0, SEEK_SET);
1108 n1 = read(from_fd, buf1, sizeof(buf1));
1112 n2 = read(to_fd, buf2, n1);
1114 rv = memcmp(buf1, buf2, n1);
1116 rv = 1; /* out of sync */
1118 rv = 1; /* read failure */
1120 digest_update(&ctx, buf1, n1);
1122 lseek(from_fd, 0, SEEK_SET);
1123 lseek(to_fd, 0, SEEK_SET);
1126 rv = 1; /* don't bother in this case */
1130 *dresp = digest_end(&ctx, NULL);
1132 (void)digest_end(&ctx, NULL);
1139 * create_tempfile --
1140 * create a temporary file based on path and open it
1143 create_tempfile(const char *path, char *temp, size_t tsize)
1147 (void)strncpy(temp, path, tsize);
1148 temp[tsize - 1] = '\0';
1149 if ((p = strrchr(temp, '/')) != NULL)
1153 (void)strncpy(p, "INS@XXXX", &temp[tsize - 1] - p);
1154 temp[tsize - 1] = '\0';
1155 return (mkstemp(temp));
1160 * create a new file, overwriting an existing one if necessary
1163 create_newfile(const char *path, int target, struct stat *sbp)
1165 char backup[MAXPATHLEN];
1166 int saved_errno = 0;
1171 * Unlink now... avoid ETXTBSY errors later. Try to turn
1172 * off the append/immutable bits -- if we fail, go ahead,
1175 #if HAVE_STRUCT_STAT_ST_FLAGS
1176 if (sbp->st_flags & NOCHANGEBITS)
1177 (void)chflags(path, sbp->st_flags & ~NOCHANGEBITS);
1181 if ((size_t)snprintf(backup, MAXPATHLEN, "%s%s",
1182 path, suffix) != strlen(path) + strlen(suffix)) {
1183 saved_errno = errno;
1184 #if HAVE_STRUCT_STAT_ST_FLAGS
1185 if (sbp->st_flags & NOCHANGEBITS)
1186 (void)chflags(path, sbp->st_flags);
1188 errno = saved_errno;
1189 errx(EX_OSERR, "%s: backup filename too long",
1192 (void)snprintf(backup, MAXPATHLEN, "%s%s",
1195 (void)printf("install: %s -> %s\n",
1197 if (rename(path, backup) < 0) {
1198 saved_errno = errno;
1199 #if HAVE_STRUCT_STAT_ST_FLAGS
1200 if (sbp->st_flags & NOCHANGEBITS)
1201 (void)chflags(path, sbp->st_flags);
1203 errno = saved_errno;
1204 err(EX_OSERR, "rename: %s to %s", path, backup);
1207 if (unlink(path) < 0)
1208 saved_errno = errno;
1211 newfd = open(path, O_CREAT | O_RDWR | O_TRUNC, S_IRUSR | S_IWUSR);
1212 if (newfd < 0 && saved_errno != 0)
1213 errno = saved_errno;
1219 * copy from one file to another
1222 copy(int from_fd, const char *from_name, int to_fd, const char *to_name,
1232 /* Rewind file descriptors. */
1233 if (lseek(from_fd, (off_t)0, SEEK_SET) == (off_t)-1)
1234 err(EX_OSERR, "lseek: %s", from_name);
1235 if (lseek(to_fd, (off_t)0, SEEK_SET) == (off_t)-1)
1236 err(EX_OSERR, "lseek: %s", to_name);
1241 * Mmap and write if less than 8M (the limit is so we don't totally
1242 * trash memory on big files. This is really a minor hack, but it
1243 * wins some CPU back.
1246 if (size <= 8 * 1048576 && trymmap(from_fd) &&
1247 (p = mmap(NULL, (size_t)size, PROT_READ, MAP_SHARED,
1248 from_fd, (off_t)0)) != MAP_FAILED) {
1249 nw = write(to_fd, p, size);
1252 (void)unlink(to_name);
1255 "short write to %s: %jd bytes written, %jd bytes asked to write",
1256 to_name, (uintmax_t)nw, (uintmax_t)size);
1259 err(EX_OSERR, "%s", to_name);
1262 digest_update(&ctx, p, size);
1263 (void)munmap(p, size);
1267 while ((nr = read(from_fd, buf, sizeof(buf))) > 0) {
1268 if ((nw = write(to_fd, buf, nr)) != nr) {
1270 (void)unlink(to_name);
1273 "short write to %s: %jd bytes written, %jd bytes asked to write",
1274 to_name, (uintmax_t)nw,
1278 err(EX_OSERR, "%s", to_name);
1281 digest_update(&ctx, buf, nr);
1285 (void)unlink(to_name);
1287 err(EX_OSERR, "%s", from_name);
1290 if (safecopy && fsync(to_fd) == -1) {
1292 (void)unlink(to_name);
1294 err(EX_OSERR, "fsync failed for %s", to_name);
1296 return (digest_end(&ctx, NULL));
1301 * Use strip(1) to strip the target file.
1302 * Just invoke strip(1) on to_name if from_name is NULL, else try
1303 * to run "strip -o to_name -- from_name" and return 0 on failure.
1304 * Return 1 on success and assign result of digest_file(to_name)
1308 strip(const char *to_name, int to_fd, const char *from_name, char **dresp)
1310 const char *stripbin;
1311 const char *args[6];
1313 int error, serrno, status;
1315 stripbin = getenv("STRIPBIN");
1316 if (stripbin == NULL)
1319 if (from_name == NULL) {
1326 args[4] = from_name;
1329 error = posix_spawnp(&pid, stripbin, NULL, NULL,
1330 __DECONST(char **, args), environ);
1332 (void)unlink(to_name);
1333 errc(error == EAGAIN || error == EPROCLIM || error == ENOMEM ?
1334 EX_TEMPFAIL : EX_OSERR, error, "spawn %s", stripbin);
1336 if (waitpid(pid, &status, 0) == -1) {
1338 (void)unlink(to_name);
1339 errc(EX_SOFTWARE, error, "wait");
1343 if (from_name != NULL)
1345 (void)unlink(to_name);
1346 errx(EX_SOFTWARE, "strip command %s failed on %s",
1349 if (from_name != NULL && safecopy && fsync(to_fd) == -1) {
1351 (void)unlink(to_name);
1353 err(EX_OSERR, "fsync failed for %s", to_name);
1356 *dresp = digest_file(to_name);
1362 * build directory hierarchy
1365 install_dir(char *path)
1369 int ch, tried_mkdir;
1371 for (p = path;; ++p)
1372 if (!*p || (p != path && *p == '/')) {
1377 if (stat(path, &sb) < 0) {
1378 if (errno != ENOENT || tried_mkdir)
1379 err(EX_OSERR, "stat %s", path);
1380 if (mkdir(path, 0755) < 0) {
1382 if (errno == EEXIST)
1384 err(EX_OSERR, "mkdir %s", path);
1387 (void)printf("install: mkdir %s\n",
1389 } else if (!S_ISDIR(sb.st_mode))
1390 errx(EX_OSERR, "%s exists but is not a directory", path);
1396 if ((gid != (gid_t)-1 || uid != (uid_t)-1) &&
1397 chown(path, uid, gid))
1398 warn("chown %u:%u %s", uid, gid, path);
1399 /* XXXBED: should we do the chmod in the dounpriv case? */
1400 if (chmod(path, mode))
1401 warn("chmod %o %s", mode, path);
1403 metadata_log(path, "dir", NULL, NULL, NULL, 0);
1408 * if metafp is not NULL, output mtree(8) full path name and settings to
1409 * metafp, to allow permissions to be set correctly by other tools,
1410 * or to allow integrity checks to be performed.
1413 metadata_log(const char *path, const char *type, struct timespec *ts,
1414 const char *slink, const char *digestresult, off_t size)
1416 static const char extra[] = { ' ', '\t', '\n', '\\', '#', '\0' };
1420 struct flock metalog_lock;
1424 /* Buffer for strsvis(3). */
1425 buf = (char *)malloc(4 * strlen(path) + 1);
1427 warnx("%s", strerror(ENOMEM));
1431 /* Lock log file. */
1432 metalog_lock.l_start = 0;
1433 metalog_lock.l_len = 0;
1434 metalog_lock.l_whence = SEEK_SET;
1435 metalog_lock.l_type = F_WRLCK;
1436 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) {
1437 warn("can't lock %s", metafile);
1442 /* Remove destdir. */
1445 destlen = strlen(destdir);
1446 if (strncmp(p, destdir, destlen) == 0 &&
1447 (p[destlen] == '/' || p[destlen] == '\0'))
1450 while (*p && *p == '/')
1452 strsvis(buf, p, VIS_OCTAL, extra);
1454 /* Print details. */
1455 fprintf(metafp, ".%s%s type=%s", *p ? "/" : "", p, type);
1457 fprintf(metafp, " uname=%s", owner);
1459 fprintf(metafp, " gname=%s", group);
1460 fprintf(metafp, " mode=%#o", mode);
1462 strsvis(buf, slink, VIS_CSTYLE, extra); /* encode link */
1463 fprintf(metafp, " link=%s", buf);
1465 if (*type == 'f') /* type=file */
1466 fprintf(metafp, " size=%lld", (long long)size);
1467 if (ts != NULL && dopreserve)
1468 fprintf(metafp, " time=%lld.%09ld",
1469 (long long)ts[1].tv_sec, ts[1].tv_nsec);
1470 if (digestresult && digest)
1471 fprintf(metafp, " %s=%s", digest, digestresult);
1473 fprintf(metafp, " flags=%s", fflags);
1475 fprintf(metafp, " tags=%s", tags);
1476 fputc('\n', metafp);
1480 /* Unlock log file. */
1481 metalog_lock.l_type = F_UNLCK;
1482 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1)
1483 warn("can't unlock %s", metafile);
1489 * print a usage message and die
1494 (void)fprintf(stderr,
1495 "usage: install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]\n"
1496 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1497 " [-B suffix] [-l linkflags] [-N dbdir]\n"
1499 " install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]\n"
1500 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1501 " [-B suffix] [-l linkflags] [-N dbdir]\n"
1502 " file1 ... fileN directory\n"
1503 " install -dU [-vU] [-g group] [-m mode] [-N dbdir] [-o owner]\n"
1504 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1505 " directory ...\n");
1512 * return true (1) if mmap should be tried, false (0) if not.
1518 * The ifdef is for bootstrapping - f_fstypename doesn't exist in
1519 * pre-Lite2-merge systems.
1524 if (fstatfs(fd, &stfs) != 0)
1526 if (strcmp(stfs.f_fstypename, "ufs") == 0 ||
1527 strcmp(stfs.f_fstypename, "cd9660") == 0)