diff options
Diffstat (limited to 'bin/getfacl')
| -rw-r--r-- | bin/getfacl/Makefile | 2 | ||||
| -rw-r--r-- | bin/getfacl/Makefile.depend | 2 | ||||
| -rw-r--r-- | bin/getfacl/getfacl.1 | 15 | ||||
| -rw-r--r-- | bin/getfacl/getfacl.c | 80 |
4 files changed, 67 insertions, 32 deletions
diff --git a/bin/getfacl/Makefile b/bin/getfacl/Makefile index 7b3f057fecca..6bc37f05b3fd 100644 --- a/bin/getfacl/Makefile +++ b/bin/getfacl/Makefile @@ -1,5 +1,3 @@ -# $FreeBSD$ - PACKAGE=runtime PROG= getfacl diff --git a/bin/getfacl/Makefile.depend b/bin/getfacl/Makefile.depend index 6cfaab1c3644..6ef78fac5cbf 100644 --- a/bin/getfacl/Makefile.depend +++ b/bin/getfacl/Makefile.depend @@ -1,8 +1,6 @@ -# $FreeBSD$ # Autogenerated - do NOT edit! DIRDEPS = \ - gnu/lib/csu \ include \ include/xlocale \ lib/${CSU_DIR} \ diff --git a/bin/getfacl/getfacl.1 b/bin/getfacl/getfacl.1 index c44974128be3..475c86e275bc 100644 --- a/bin/getfacl/getfacl.1 +++ b/bin/getfacl/getfacl.1 @@ -25,12 +25,10 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD$ -.\" .\" Developed by the TrustedBSD Project. .\" Support for POSIX.1e access control lists. .\" -.Dd September 4, 2009 +.Dd June 19, 2023 .Dt GETFACL 1 .Os .Sh NAME @@ -56,7 +54,7 @@ an ACL containing only the required ACL entries. .Pp The following option is available: .Bl -tag -width indent -.It Fl d +.It Fl d , Fl -default The operation applies to the default ACL of a directory instead of the access ACL. An error is generated if a default ACL cannot be associated with @@ -69,14 +67,19 @@ the symbolic link itself rather than following the link. For NFSv4 ACLs, append numerical ID at the end of each entry containing user or group name. Ignored for POSIX.1e ACLs. -.It Fl n +.It Fl n , Fl -numeric Display user and group IDs numerically rather than converting to a user or group name. Ignored for POSIX.1e ACLs. -.It Fl q +.It Fl q , Fl -omit-header Do not write commented information about file name and ownership. This is useful when dealing with filenames with unprintable characters. +.It Fl s , Fl -skip-base +Skip files that only have a trivial ACL, as defined by +.Xr acl_is_trivial_np 3 . +Notably, files with POSIX.1e ACLs that only represent the owner, group and other +to match the mode of the file will be skipped. .It Fl v For NFSv4 ACLs, display access mask and flags in a verbose form. Ignored for POSIX.1e ACLs. diff --git a/bin/getfacl/getfacl.c b/bin/getfacl/getfacl.c index ecdc73f74fbc..5f55819c81a1 100644 --- a/bin/getfacl/getfacl.c +++ b/bin/getfacl/getfacl.c @@ -30,10 +30,6 @@ * and send the results to stdout */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - #include <sys/types.h> #include <sys/param.h> #include <sys/acl.h> @@ -41,6 +37,7 @@ __FBSDID("$FreeBSD$"); #include <err.h> #include <errno.h> +#include <getopt.h> #include <grp.h> #include <pwd.h> #include <stdio.h> @@ -50,6 +47,15 @@ __FBSDID("$FreeBSD$"); static int more_than_one = 0; +static const struct option long_options[] = +{ + { "default", no_argument, NULL, 'd' }, + { "numeric", no_argument, NULL, 'n' }, + { "omit-header", no_argument, NULL, 'q' }, + { "skip-base", no_argument, NULL, 's' }, + { NULL, no_argument, NULL, 0 }, +}; + static void usage(void) { @@ -85,7 +91,7 @@ getgname(gid_t gid) static int print_acl(char *path, acl_type_t type, int hflag, int iflag, int nflag, - int qflag, int vflag) + int qflag, int vflag, int sflag) { struct stat sb; acl_t acl; @@ -117,25 +123,49 @@ print_acl(char *path, acl_type_t type, int hflag, int iflag, int nflag, return (-1); } + if (hflag) + acl = acl_get_link_np(path, type); + else + acl = acl_get_file(path, type); + + if (!acl && errno != EOPNOTSUPP) { + warn("%s", path); + return(-1); + } + + if (sflag) { + int trivial; + + /* + * With the -s flag, we shouldn't synthesize a trivial ACL if + * they aren't supported as we do below. + */ + if (!acl) + return(0); + + /* + * We also shouldn't render anything for this path if it's a + * trivial ACL. If we error out, we'll issue a warning but + * proceed with this file to err on the side of caution. + */ + error = acl_is_trivial_np(acl, &trivial); + if (error != 0) { + warn("%s: acl_is_trivial_np failed", path); + } else if (trivial) { + (void)acl_free(acl); + return(0); + } + } + if (more_than_one) printf("\n"); else more_than_one++; - if (!qflag) printf("# file: %s\n# owner: %s\n# group: %s\n", path, getuname(sb.st_uid), getgname(sb.st_gid)); - if (hflag) - acl = acl_get_link_np(path, type); - else - acl = acl_get_file(path, type); if (!acl) { - if (errno != EOPNOTSUPP) { - warn("%s", path); - return(-1); - } - errno = 0; if (type == ACL_TYPE_DEFAULT) return(0); acl = acl_from_mode_np(sb.st_mode); @@ -157,6 +187,7 @@ print_acl(char *path, acl_type_t type, int hflag, int iflag, int nflag, acl_text = acl_to_text_np(acl, 0, flags); if (!acl_text) { warn("%s: acl_to_text_np() failed", path); + (void)acl_free(acl); return(-1); } @@ -170,7 +201,7 @@ print_acl(char *path, acl_type_t type, int hflag, int iflag, int nflag, static int print_acl_from_stdin(acl_type_t type, int hflag, int iflag, int nflag, - int qflag, int vflag) + int qflag, int vflag, int sflag) { char *p, pathname[PATH_MAX]; int carried_error = 0; @@ -179,7 +210,7 @@ print_acl_from_stdin(acl_type_t type, int hflag, int iflag, int nflag, if ((p = strchr(pathname, '\n')) != NULL) *p = '\0'; if (print_acl(pathname, type, hflag, iflag, nflag, - qflag, vflag) == -1) { + qflag, vflag, sflag) == -1) { carried_error = -1; } } @@ -193,14 +224,16 @@ main(int argc, char *argv[]) acl_type_t type = ACL_TYPE_ACCESS; int carried_error = 0; int ch, error, i; - int hflag, iflag, qflag, nflag, vflag; + int hflag, iflag, qflag, nflag, sflag, vflag; hflag = 0; iflag = 0; qflag = 0; nflag = 0; + sflag = 0; vflag = 0; - while ((ch = getopt(argc, argv, "dhinqv")) != -1) + while ((ch = getopt_long(argc, argv, "+dhinqsv", long_options, + NULL)) != -1) switch(ch) { case 'd': type = ACL_TYPE_DEFAULT; @@ -217,6 +250,9 @@ main(int argc, char *argv[]) case 'q': qflag = 1; break; + case 's': + sflag = 1; + break; case 'v': vflag = 1; break; @@ -229,19 +265,19 @@ main(int argc, char *argv[]) if (argc == 0) { error = print_acl_from_stdin(type, hflag, iflag, nflag, - qflag, vflag); + qflag, vflag, sflag); return(error ? 1 : 0); } for (i = 0; i < argc; i++) { if (!strcmp(argv[i], "-")) { error = print_acl_from_stdin(type, hflag, iflag, nflag, - qflag, vflag); + qflag, vflag, sflag); if (error == -1) carried_error = -1; } else { error = print_acl(argv[i], type, hflag, iflag, nflag, - qflag, vflag); + qflag, vflag, sflag); if (error == -1) carried_error = -1; } |