1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 2012, 2013 SRI International
5 * Copyright (c) 1987, 1993
6 * The Regents of the University of California. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 #include <sys/stat.h>
34 #include <sys/time.h>
35 #include <sys/wait.h>
36
37 #include <err.h>
38 #include <errno.h>
39 #include <fcntl.h>
40 #include <grp.h>
41 #include <libgen.h>
42 #ifdef WITH_MD5
43 #include <md5.h>
44 #endif
45 #include <paths.h>
46 #include <pwd.h>
47 #ifdef WITH_RIPEMD160
48 #include <ripemd.h>
49 #endif
50 #include <sha.h>
51 #include <sha256.h>
52 #include <sha512.h>
53 #include <spawn.h>
54 #include <stdint.h>
55 #include <stdio.h>
56 #include <stdlib.h>
57 #include <string.h>
58 #include <sysexits.h>
59 #include <unistd.h>
60 #include <vis.h>
61
62 #include "mtree.h"
63
64 /*
65 * Memory strategy threshold, in pages: if physmem is larger than this, use a
66 * large buffer.
67 */
68 #define PHYSPAGES_THRESHOLD (32*1024)
69
70 /* Maximum buffer size in bytes - do not allow it to grow larger than this. */
71 #define BUFSIZE_MAX (2*1024*1024)
72
73 /*
74 * Small (default) buffer size in bytes. It's inefficient for this to be
75 * smaller than MAXPHYS.
76 */
77 #define BUFSIZE_SMALL (MAXPHYS)
78
79 /*
80 * We need to build xinstall during the bootstrap stage when building on a
81 * non-FreeBSD system. Linux does not have the st_flags and st_birthtime
82 * members in struct stat so we need to omit support for changing those fields.
83 */
84 #ifdef UF_SETTABLE
85 #define HAVE_STRUCT_STAT_ST_FLAGS 1
86 #else
87 #define HAVE_STRUCT_STAT_ST_FLAGS 0
88 #endif
89
90 #define MAX_CMP_SIZE (16 * 1024 * 1024)
91
92 #define LN_ABSOLUTE 0x01
93 #define LN_RELATIVE 0x02
94 #define LN_HARD 0x04
95 #define LN_SYMBOLIC 0x08
96 #define LN_MIXED 0x10
97
98 #define DIRECTORY 0x01 /* Tell install it's a directory. */
99 #define SETFLAGS 0x02 /* Tell install to set flags. */
100 #define NOCHANGEBITS (UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND)
101 #define BACKUP_SUFFIX ".old"
102
103 typedef union {
104 #ifdef WITH_MD5
105 MD5_CTX MD5;
106 #endif
107 #ifdef WITH_RIPEMD160
108 RIPEMD160_CTX RIPEMD160;
109 #endif
110 SHA1_CTX SHA1;
111 SHA256_CTX SHA256;
112 SHA512_CTX SHA512;
113 } DIGEST_CTX;
114
115 static enum {
116 DIGEST_NONE = 0,
117 #ifdef WITH_MD5
118 DIGEST_MD5,
119 #endif
120 #ifdef WITH_RIPEMD160
121 DIGEST_RIPEMD160,
122 #endif
123 DIGEST_SHA1,
124 DIGEST_SHA256,
125 DIGEST_SHA512,
126 } digesttype = DIGEST_NONE;
127
128 extern char **environ;
129
130 static gid_t gid;
131 static uid_t uid;
132 static int dobackup, docompare, dodir, dolink, dopreserve, dostrip, dounpriv,
133 safecopy, verbose;
134 static int haveopt_f, haveopt_g, haveopt_m, haveopt_o;
135 static mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
136 static FILE *metafp;
137 static const char *group, *owner;
138 static const char *suffix = BACKUP_SUFFIX;
139 static char *destdir, *digest, *fflags, *metafile, *tags;
140
141 static int compare(int, const char *, size_t, int, const char *, size_t,
142 char **);
143 static char *copy(int, const char *, int, const char *, off_t);
144 static int create_tempfile(const char *, char *, size_t);
145 static char *quiet_mktemp(char *template);
146 static char *digest_file(const char *);
147 static void digest_init(DIGEST_CTX *);
148 static void digest_update(DIGEST_CTX *, const char *, size_t);
149 static char *digest_end(DIGEST_CTX *, char *);
150 static int do_link(const char *, const char *, const struct stat *);
151 static void do_symlink(const char *, const char *, const struct stat *);
152 static void makelink(const char *, const char *, const struct stat *);
153 static void install(const char *, const char *, u_long, u_int);
154 static void install_dir(char *);
155 static void metadata_log(const char *, const char *, struct timespec *,
156 const char *, const char *, off_t);
157 static int parseid(const char *, id_t *);
158 static int strip(const char *, int, const char *, char **);
159 static void usage(void);
160
161 int
main(int argc,char * argv[])162 main(int argc, char *argv[])
163 {
164 struct stat from_sb, to_sb;
165 mode_t *set;
166 u_long fset;
167 int ch, no_target;
168 u_int iflags;
169 char *p;
170 const char *to_name;
171
172 fset = 0;
173 iflags = 0;
174 set = NULL;
175 group = owner = NULL;
176 while ((ch = getopt(argc, argv, "B:bCcD:df:g:h:l:M:m:N:o:pSsT:Uv")) !=
177 -1)
178 switch((char)ch) {
179 case 'B':
180 suffix = optarg;
181 /* FALLTHROUGH */
182 case 'b':
183 dobackup = 1;
184 break;
185 case 'C':
186 docompare = 1;
187 break;
188 case 'c':
189 /* For backwards compatibility. */
190 break;
191 case 'D':
192 destdir = optarg;
193 break;
194 case 'd':
195 dodir = 1;
196 break;
197 case 'f':
198 haveopt_f = 1;
199 fflags = optarg;
200 break;
201 case 'g':
202 haveopt_g = 1;
203 group = optarg;
204 break;
205 case 'h':
206 digest = optarg;
207 break;
208 case 'l':
209 for (p = optarg; *p != '\0'; p++)
210 switch (*p) {
211 case 's':
212 dolink &= ~(LN_HARD|LN_MIXED);
213 dolink |= LN_SYMBOLIC;
214 break;
215 case 'h':
216 dolink &= ~(LN_SYMBOLIC|LN_MIXED);
217 dolink |= LN_HARD;
218 break;
219 case 'm':
220 dolink &= ~(LN_SYMBOLIC|LN_HARD);
221 dolink |= LN_MIXED;
222 break;
223 case 'a':
224 dolink &= ~LN_RELATIVE;
225 dolink |= LN_ABSOLUTE;
226 break;
227 case 'r':
228 dolink &= ~LN_ABSOLUTE;
229 dolink |= LN_RELATIVE;
230 break;
231 default:
232 errx(1, "%c: invalid link type", *p);
233 /* NOTREACHED */
234 }
235 break;
236 case 'M':
237 metafile = optarg;
238 break;
239 case 'm':
240 haveopt_m = 1;
241 free(set);
242 if (!(set = setmode(optarg)))
243 errx(EX_USAGE, "invalid file mode: %s",
244 optarg);
245 break;
246 case 'N':
247 if (!setup_getid(optarg))
248 err(EX_OSERR, "Unable to use user and group "
249 "databases in `%s'", optarg);
250 break;
251 case 'o':
252 haveopt_o = 1;
253 owner = optarg;
254 break;
255 case 'p':
256 docompare = dopreserve = 1;
257 break;
258 case 'S':
259 safecopy = 1;
260 break;
261 case 's':
262 dostrip = 1;
263 break;
264 case 'T':
265 tags = optarg;
266 break;
267 case 'U':
268 dounpriv = 1;
269 break;
270 case 'v':
271 verbose = 1;
272 break;
273 case '?':
274 default:
275 usage();
276 }
277 argc -= optind;
278 argv += optind;
279
280 /* some options make no sense when creating directories */
281 if (dostrip && dodir) {
282 warnx("-d and -s may not be specified together");
283 usage();
284 }
285
286 /*
287 * Default permissions based on whether we're a directory or not, since
288 * an +X may mean that we need to set the execute bit.
289 */
290 if (set != NULL)
291 mode = getmode(set, dodir ? S_IFDIR : 0) & ~S_IFDIR;
292 free(set);
293
294 if (getenv("DONTSTRIP") != NULL) {
295 warnx("DONTSTRIP set - will not strip installed binaries");
296 dostrip = 0;
297 }
298
299 /* must have at least two arguments, except when creating directories */
300 if (argc == 0 || (argc == 1 && !dodir))
301 usage();
302
303 if (digest != NULL) {
304 if (strcmp(digest, "none") == 0) {
305 digesttype = DIGEST_NONE;
306 #ifdef WITH_MD5
307 } else if (strcmp(digest, "md5") == 0) {
308 digesttype = DIGEST_MD5;
309 #endif
310 #ifdef WITH_RIPEMD160
311 } else if (strcmp(digest, "rmd160") == 0) {
312 digesttype = DIGEST_RIPEMD160;
313 #endif
314 } else if (strcmp(digest, "sha1") == 0) {
315 digesttype = DIGEST_SHA1;
316 } else if (strcmp(digest, "sha256") == 0) {
317 digesttype = DIGEST_SHA256;
318 } else if (strcmp(digest, "sha512") == 0) {
319 digesttype = DIGEST_SHA512;
320 } else {
321 warnx("unknown digest `%s'", digest);
322 usage();
323 }
324 }
325
326 /* get group and owner id's */
327 if (group != NULL && !dounpriv) {
328 if (gid_from_group(group, &gid) == -1) {
329 id_t id;
330 if (!parseid(group, &id))
331 errx(1, "unknown group %s", group);
332 gid = id;
333 }
334 } else
335 gid = (gid_t)-1;
336
337 if (owner != NULL && !dounpriv) {
338 if (uid_from_user(owner, &uid) == -1) {
339 id_t id;
340 if (!parseid(owner, &id))
341 errx(1, "unknown user %s", owner);
342 uid = id;
343 }
344 } else
345 uid = (uid_t)-1;
346
347 if (fflags != NULL && !dounpriv) {
348 if (strtofflags(&fflags, &fset, NULL))
349 errx(EX_USAGE, "%s: invalid flag", fflags);
350 iflags |= SETFLAGS;
351 }
352
353 if (metafile != NULL) {
354 if ((metafp = fopen(metafile, "a")) == NULL)
355 warn("open %s", metafile);
356 } else
357 digesttype = DIGEST_NONE;
358
359 if (dodir) {
360 for (; *argv != NULL; ++argv)
361 install_dir(*argv);
362 exit(EX_OK);
363 /* NOTREACHED */
364 }
365
366 to_name = argv[argc - 1];
367 no_target = stat(to_name, &to_sb);
368 if (!no_target && S_ISDIR(to_sb.st_mode)) {
369 if (dolink & LN_SYMBOLIC) {
370 if (lstat(to_name, &to_sb) != 0)
371 err(EX_OSERR, "%s vanished", to_name);
372 if (S_ISLNK(to_sb.st_mode)) {
373 if (argc != 2) {
374 errc(EX_CANTCREAT, ENOTDIR, "%s",
375 to_name);
376 }
377 install(*argv, to_name, fset, iflags);
378 exit(EX_OK);
379 }
380 }
381 for (; *argv != to_name; ++argv)
382 install(*argv, to_name, fset, iflags | DIRECTORY);
383 exit(EX_OK);
384 /* NOTREACHED */
385 }
386
387 /* can't do file1 file2 directory/file */
388 if (argc != 2) {
389 if (no_target)
390 warnx("target directory `%s' does not exist",
391 argv[argc - 1]);
392 else
393 warnx("target `%s' is not a directory",
394 argv[argc - 1]);
395 usage();
396 }
397
398 if (!no_target && !dolink) {
399 if (stat(*argv, &from_sb))
400 err(EX_OSERR, "%s", *argv);
401 if (!S_ISREG(to_sb.st_mode))
402 errc(EX_CANTCREAT, EFTYPE, "%s", to_name);
403 if (to_sb.st_dev == from_sb.st_dev &&
404 to_sb.st_ino == from_sb.st_ino) {
405 errx(EX_USAGE, "%s and %s are the same file",
406 *argv, to_name);
407 }
408 }
409 install(*argv, to_name, fset, iflags);
410 exit(EX_OK);
411 /* NOTREACHED */
412 }
413
414 static char *
digest_file(const char * name)415 digest_file(const char *name)
416 {
417
418 switch (digesttype) {
419 #ifdef WITH_MD5
420 case DIGEST_MD5:
421 return (MD5File(name, NULL));
422 #endif
423 #ifdef WITH_RIPEMD160
424 case DIGEST_RIPEMD160:
425 return (RIPEMD160_File(name, NULL));
426 #endif
427 case DIGEST_SHA1:
428 return (SHA1_File(name, NULL));
429 case DIGEST_SHA256:
430 return (SHA256_File(name, NULL));
431 case DIGEST_SHA512:
432 return (SHA512_File(name, NULL));
433 default:
434 return (NULL);
435 }
436 }
437
438 static void
digest_init(DIGEST_CTX * c)439 digest_init(DIGEST_CTX *c)
440 {
441
442 switch (digesttype) {
443 case DIGEST_NONE:
444 break;
445 #ifdef WITH_MD5
446 case DIGEST_MD5:
447 MD5Init(&(c->MD5));
448 break;
449 #endif
450 #ifdef WITH_RIPEMD160
451 case DIGEST_RIPEMD160:
452 RIPEMD160_Init(&(c->RIPEMD160));
453 break;
454 #endif
455 case DIGEST_SHA1:
456 SHA1_Init(&(c->SHA1));
457 break;
458 case DIGEST_SHA256:
459 SHA256_Init(&(c->SHA256));
460 break;
461 case DIGEST_SHA512:
462 SHA512_Init(&(c->SHA512));
463 break;
464 }
465 }
466
467 static void
digest_update(DIGEST_CTX * c,const char * data,size_t len)468 digest_update(DIGEST_CTX *c, const char *data, size_t len)
469 {
470
471 switch (digesttype) {
472 case DIGEST_NONE:
473 break;
474 #ifdef WITH_MD5
475 case DIGEST_MD5:
476 MD5Update(&(c->MD5), data, len);
477 break;
478 #endif
479 #ifdef WITH_RIPEMD160
480 case DIGEST_RIPEMD160:
481 RIPEMD160_Update(&(c->RIPEMD160), data, len);
482 break;
483 #endif
484 case DIGEST_SHA1:
485 SHA1_Update(&(c->SHA1), data, len);
486 break;
487 case DIGEST_SHA256:
488 SHA256_Update(&(c->SHA256), data, len);
489 break;
490 case DIGEST_SHA512:
491 SHA512_Update(&(c->SHA512), data, len);
492 break;
493 }
494 }
495
496 static char *
digest_end(DIGEST_CTX * c,char * buf)497 digest_end(DIGEST_CTX *c, char *buf)
498 {
499
500 switch (digesttype) {
501 #ifdef WITH_MD5
502 case DIGEST_MD5:
503 return (MD5End(&(c->MD5), buf));
504 #endif
505 #ifdef WITH_RIPEMD160
506 case DIGEST_RIPEMD160:
507 return (RIPEMD160_End(&(c->RIPEMD160), buf));
508 #endif
509 case DIGEST_SHA1:
510 return (SHA1_End(&(c->SHA1), buf));
511 case DIGEST_SHA256:
512 return (SHA256_End(&(c->SHA256), buf));
513 case DIGEST_SHA512:
514 return (SHA512_End(&(c->SHA512), buf));
515 default:
516 return (NULL);
517 }
518 }
519
520 /*
521 * parseid --
522 * parse uid or gid from arg into id, returning non-zero if successful
523 */
524 static int
parseid(const char * name,id_t * id)525 parseid(const char *name, id_t *id)
526 {
527 char *ep;
528 errno = 0;
529 *id = (id_t)strtoul(name, &ep, 10);
530 if (errno || *ep != '\0')
531 return (0);
532 return (1);
533 }
534
535 /*
536 * quiet_mktemp --
537 * mktemp implementation used mkstemp to avoid mktemp warnings. We
538 * really do need mktemp semantics here as we will be creating a link.
539 */
540 static char *
quiet_mktemp(char * template)541 quiet_mktemp(char *template)
542 {
543 int fd;
544
545 if ((fd = mkstemp(template)) == -1)
546 return (NULL);
547 close (fd);
548 if (unlink(template) == -1)
549 err(EX_OSERR, "unlink %s", template);
550 return (template);
551 }
552
553 /*
554 * do_link --
555 * make a hard link, obeying dorename if set
556 * return -1 on failure
557 */
558 static int
do_link(const char * from_name,const char * to_name,const struct stat * target_sb)559 do_link(const char *from_name, const char *to_name,
560 const struct stat *target_sb)
561 {
562 char tmpl[MAXPATHLEN];
563 int ret;
564
565 if (target_sb != NULL) {
566 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
567 /* This usage is safe. */
568 if (quiet_mktemp(tmpl) == NULL)
569 err(EX_OSERR, "%s: mktemp", tmpl);
570 ret = link(from_name, tmpl);
571 if (ret == 0) {
572 if (target_sb->st_mode & S_IFDIR && rmdir(to_name) ==
573 -1) {
574 unlink(tmpl);
575 err(EX_OSERR, "%s", to_name);
576 }
577 #if HAVE_STRUCT_STAT_ST_FLAGS
578 if (target_sb->st_flags & NOCHANGEBITS)
579 (void)chflags(to_name, target_sb->st_flags &
580 ~NOCHANGEBITS);
581 #endif
582 if (verbose)
583 printf("install: link %s -> %s\n",
584 from_name, to_name);
585 ret = rename(tmpl, to_name);
586 /*
587 * If rename has posix semantics, then the temporary
588 * file may still exist when from_name and to_name point
589 * to the same file, so unlink it unconditionally.
590 */
591 (void)unlink(tmpl);
592 }
593 return (ret);
594 } else {
595 if (verbose)
596 printf("install: link %s -> %s\n",
597 from_name, to_name);
598 return (link(from_name, to_name));
599 }
600 }
601
602 /*
603 * do_symlink --
604 * Make a symbolic link, obeying dorename if set. Exit on failure.
605 */
606 static void
do_symlink(const char * from_name,const char * to_name,const struct stat * target_sb)607 do_symlink(const char *from_name, const char *to_name,
608 const struct stat *target_sb)
609 {
610 char tmpl[MAXPATHLEN];
611
612 if (target_sb != NULL) {
613 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
614 /* This usage is safe. */
615 if (quiet_mktemp(tmpl) == NULL)
616 err(EX_OSERR, "%s: mktemp", tmpl);
617
618 if (symlink(from_name, tmpl) == -1)
619 err(EX_OSERR, "symlink %s -> %s", from_name, tmpl);
620
621 if (target_sb->st_mode & S_IFDIR && rmdir(to_name) == -1) {
622 (void)unlink(tmpl);
623 err(EX_OSERR, "%s", to_name);
624 }
625 #if HAVE_STRUCT_STAT_ST_FLAGS
626 if (target_sb->st_flags & NOCHANGEBITS)
627 (void)chflags(to_name, target_sb->st_flags &
628 ~NOCHANGEBITS);
629 #endif
630 if (verbose)
631 printf("install: symlink %s -> %s\n",
632 from_name, to_name);
633 if (rename(tmpl, to_name) == -1) {
634 /* Remove temporary link before exiting. */
635 (void)unlink(tmpl);
636 err(EX_OSERR, "%s: rename", to_name);
637 }
638 } else {
639 if (verbose)
640 printf("install: symlink %s -> %s\n",
641 from_name, to_name);
642 if (symlink(from_name, to_name) == -1)
643 err(EX_OSERR, "symlink %s -> %s", from_name, to_name);
644 }
645 }
646
647 /*
648 * makelink --
649 * make a link from source to destination
650 */
651 static void
makelink(const char * from_name,const char * to_name,const struct stat * target_sb)652 makelink(const char *from_name, const char *to_name,
653 const struct stat *target_sb)
654 {
655 char src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN];
656 char *to_name_copy, *d, *ld, *ls, *s;
657 const char *base, *dir;
658 struct stat to_sb;
659
660 /* Try hard links first. */
661 if (dolink & (LN_HARD|LN_MIXED)) {
662 if (do_link(from_name, to_name, target_sb) == -1) {
663 if ((dolink & LN_HARD) || errno != EXDEV)
664 err(EX_OSERR, "link %s -> %s", from_name, to_name);
665 } else {
666 if (stat(to_name, &to_sb))
667 err(EX_OSERR, "%s: stat", to_name);
668 if (S_ISREG(to_sb.st_mode)) {
669 /*
670 * XXX: hard links to anything other than
671 * plain files are not metalogged
672 */
673 int omode;
674 const char *oowner, *ogroup;
675 char *offlags;
676 char *dres;
677
678 /*
679 * XXX: use underlying perms, unless
680 * overridden on command line.
681 */
682 omode = mode;
683 if (!haveopt_m)
684 mode = (to_sb.st_mode & 0777);
685 oowner = owner;
686 if (!haveopt_o)
687 owner = NULL;
688 ogroup = group;
689 if (!haveopt_g)
690 group = NULL;
691 offlags = fflags;
692 if (!haveopt_f)
693 fflags = NULL;
694 dres = digest_file(from_name);
695 metadata_log(to_name, "file", NULL, NULL,
696 dres, to_sb.st_size);
697 free(dres);
698 mode = omode;
699 owner = oowner;
700 group = ogroup;
701 fflags = offlags;
702 }
703 return;
704 }
705 }
706
707 /* Symbolic links. */
708 if (dolink & LN_ABSOLUTE) {
709 /* Convert source path to absolute. */
710 if (realpath(from_name, src) == NULL)
711 err(EX_OSERR, "%s: realpath", from_name);
712 do_symlink(src, to_name, target_sb);
713 /* XXX: src may point outside of destdir */
714 metadata_log(to_name, "link", NULL, src, NULL, 0);
715 return;
716 }
717
718 if (dolink & LN_RELATIVE) {
719 if (*from_name != '/') {
720 /* this is already a relative link */
721 do_symlink(from_name, to_name, target_sb);
722 /* XXX: from_name may point outside of destdir. */
723 metadata_log(to_name, "link", NULL, from_name, NULL, 0);
724 return;
725 }
726
727 /* Resolve pathnames. */
728 if (realpath(from_name, src) == NULL)
729 err(EX_OSERR, "%s: realpath", from_name);
730
731 /*
732 * The last component of to_name may be a symlink,
733 * so use realpath to resolve only the directory.
734 */
735 to_name_copy = strdup(to_name);
736 if (to_name_copy == NULL)
737 err(EX_OSERR, "%s: strdup", to_name);
738 base = basename(to_name_copy);
739 if (base == to_name_copy) {
740 /* destination is a file in cwd */
741 (void)strlcpy(dst, "./", sizeof(dst));
742 } else if (base == to_name_copy + 1) {
743 /* destination is a file in the root */
744 (void)strlcpy(dst, "/", sizeof(dst));
745 } else {
746 /* all other cases: safe to call dirname() */
747 dir = dirname(to_name_copy);
748 if (realpath(dir, dst) == NULL)
749 err(EX_OSERR, "%s: realpath", dir);
750 if (strcmp(dst, "/") != 0 &&
751 strlcat(dst, "/", sizeof(dst)) >= sizeof(dst))
752 errx(1, "resolved pathname too long");
753 }
754 if (strlcat(dst, base, sizeof(dst)) >= sizeof(dst))
755 errx(1, "resolved pathname too long");
756 free(to_name_copy);
757
758 /* Trim common path components. */
759 ls = ld = NULL;
760 for (s = src, d = dst; *s == *d; ls = s, ld = d, s++, d++)
761 continue;
762 /*
763 * If we didn't end after a directory separator, then we've
764 * falsely matched the last component. For example, if one
765 * invoked install -lrs /lib/foo.so /libexec/ then the source
766 * would terminate just after the separator while the
767 * destination would terminate in the middle of 'libexec',
768 * leading to a full directory getting falsely eaten.
769 */
770 if ((ls != NULL && *ls != '/') || (ld != NULL && *ld != '/'))
771 s--, d--;
772 while (*s != '/')
773 s--, d--;
774
775 /* Count the number of directories we need to backtrack. */
776 for (++d, lnk[0] = '\0'; *d; d++)
777 if (*d == '/')
778 (void)strlcat(lnk, "../", sizeof(lnk));
779
780 (void)strlcat(lnk, ++s, sizeof(lnk));
781
782 do_symlink(lnk, to_name, target_sb);
783 /* XXX: Link may point outside of destdir. */
784 metadata_log(to_name, "link", NULL, lnk, NULL, 0);
785 return;
786 }
787
788 /*
789 * If absolute or relative was not specified, try the names the
790 * user provided.
791 */
792 do_symlink(from_name, to_name, target_sb);
793 /* XXX: from_name may point outside of destdir. */
794 metadata_log(to_name, "link", NULL, from_name, NULL, 0);
795 }
796
797 /*
798 * install --
799 * build a path name and install the file
800 */
801 static void
install(const char * from_name,const char * to_name,u_long fset,u_int flags)802 install(const char *from_name, const char *to_name, u_long fset, u_int flags)
803 {
804 struct stat from_sb, temp_sb, to_sb;
805 struct timespec tsb[2];
806 int devnull, files_match, from_fd, serrno, stripped, target;
807 int temp_fd, to_fd;
808 char backup[MAXPATHLEN], *p, pathbuf[MAXPATHLEN], tempfile[MAXPATHLEN];
809 char *digestresult;
810
811 digestresult = NULL;
812 files_match = stripped = 0;
813 from_fd = -1;
814 to_fd = -1;
815
816 /* If try to install NULL file to a directory, fails. */
817 if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL)) {
818 if (!dolink) {
819 if (stat(from_name, &from_sb))
820 err(EX_OSERR, "%s", from_name);
821 if (!S_ISREG(from_sb.st_mode))
822 errc(EX_OSERR, EFTYPE, "%s", from_name);
823 }
824 /* Build the target path. */
825 if (flags & DIRECTORY) {
826 (void)snprintf(pathbuf, sizeof(pathbuf), "%s%s%s",
827 to_name,
828 to_name[strlen(to_name) - 1] == '/' ? "" : "/",
829 (p = strrchr(from_name, '/')) ? ++p : from_name);
830 to_name = pathbuf;
831 }
832 devnull = 0;
833 } else {
834 devnull = 1;
835 }
836 if (*to_name == '\0')
837 errx(EX_USAGE, "destination cannot be an empty string");
838
839 target = (lstat(to_name, &to_sb) == 0);
840
841 if (dolink) {
842 makelink(from_name, to_name, target ? &to_sb : NULL);
843 return;
844 }
845
846 if (target && !S_ISREG(to_sb.st_mode) && !S_ISLNK(to_sb.st_mode))
847 errc(EX_CANTCREAT, EFTYPE, "%s", to_name);
848
849 if (!devnull && (from_fd = open(from_name, O_RDONLY, 0)) < 0)
850 err(EX_OSERR, "%s", from_name);
851
852 /* If we don't strip, we can compare first. */
853 if (docompare && !dostrip && target && S_ISREG(to_sb.st_mode)) {
854 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
855 err(EX_OSERR, "%s", to_name);
856 if (devnull)
857 files_match = to_sb.st_size == 0;
858 else
859 files_match = !(compare(from_fd, from_name,
860 (size_t)from_sb.st_size, to_fd,
861 to_name, (size_t)to_sb.st_size, &digestresult));
862
863 /* Close "to" file unless we match. */
864 if (!files_match)
865 (void)close(to_fd);
866 }
867
868 if (!files_match) {
869 to_fd = create_tempfile(to_name, tempfile,
870 sizeof(tempfile));
871 if (to_fd < 0)
872 err(EX_OSERR, "%s", dirname(tempfile));
873 if (!devnull) {
874 if (dostrip) {
875 stripped = strip(tempfile, to_fd, from_name,
876 &digestresult);
877 }
878 if (!stripped) {
879 digestresult = copy(from_fd, from_name, to_fd,
880 tempfile, from_sb.st_size);
881 }
882 }
883 }
884
885 if (dostrip) {
886 if (!stripped)
887 (void)strip(tempfile, to_fd, NULL, &digestresult);
888
889 /*
890 * Re-open our fd on the target, in case
891 * we did not strip in-place.
892 */
893 close(to_fd);
894 to_fd = open(tempfile, O_RDONLY, 0);
895 if (to_fd < 0)
896 err(EX_OSERR, "stripping %s", to_name);
897 }
898
899 /*
900 * Compare the stripped temp file with the target.
901 */
902 if (docompare && dostrip && target && S_ISREG(to_sb.st_mode)) {
903 temp_fd = to_fd;
904
905 /* Re-open to_fd using the real target name. */
906 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
907 err(EX_OSERR, "%s", to_name);
908
909 if (fstat(temp_fd, &temp_sb)) {
910 serrno = errno;
911 (void)unlink(tempfile);
912 errno = serrno;
913 err(EX_OSERR, "%s", tempfile);
914 }
915
916 if (compare(temp_fd, tempfile, (size_t)temp_sb.st_size, to_fd,
917 to_name, (size_t)to_sb.st_size, &digestresult)
918 == 0) {
919 /*
920 * If target has more than one link we need to
921 * replace it in order to snap the extra links.
922 * Need to preserve target file times, though.
923 */
924 if (to_sb.st_nlink != 1) {
925 tsb[0] = to_sb.st_atim;
926 tsb[1] = to_sb.st_mtim;
927 (void)utimensat(AT_FDCWD, tempfile, tsb, 0);
928 } else {
929 files_match = 1;
930 (void)unlink(tempfile);
931 }
932 (void) close(temp_fd);
933 }
934 } else if (dostrip)
935 digestresult = digest_file(tempfile);
936
937 /*
938 * Move the new file into place if the files are different (or
939 * just not compared).
940 */
941 if (!files_match) {
942 #if HAVE_STRUCT_STAT_ST_FLAGS
943 /* Try to turn off the immutable bits. */
944 if (to_sb.st_flags & NOCHANGEBITS)
945 (void)chflags(to_name, to_sb.st_flags & ~NOCHANGEBITS);
946 #endif
947 if (target && dobackup) {
948 if ((size_t)snprintf(backup, MAXPATHLEN, "%s%s", to_name,
949 suffix) != strlen(to_name) + strlen(suffix)) {
950 unlink(tempfile);
951 errx(EX_OSERR, "%s: backup filename too long",
952 to_name);
953 }
954 if (verbose)
955 (void)printf("install: %s -> %s\n", to_name, backup);
956 if (unlink(backup) < 0 && errno != ENOENT) {
957 serrno = errno;
958 #if HAVE_STRUCT_STAT_ST_FLAGS
959 if (to_sb.st_flags & NOCHANGEBITS)
960 (void)chflags(to_name, to_sb.st_flags);
961 #endif
962 unlink(tempfile);
963 errno = serrno;
964 err(EX_OSERR, "unlink: %s", backup);
965 }
966 if (link(to_name, backup) < 0) {
967 serrno = errno;
968 unlink(tempfile);
969 #if HAVE_STRUCT_STAT_ST_FLAGS
970 if (to_sb.st_flags & NOCHANGEBITS)
971 (void)chflags(to_name, to_sb.st_flags);
972 #endif
973 errno = serrno;
974 err(EX_OSERR, "link: %s to %s", to_name,
975 backup);
976 }
977 }
978 if (verbose)
979 (void)printf("install: %s -> %s\n", from_name, to_name);
980 if (rename(tempfile, to_name) < 0) {
981 serrno = errno;
982 unlink(tempfile);
983 errno = serrno;
984 err(EX_OSERR, "rename: %s to %s",
985 tempfile, to_name);
986 }
987
988 /* Re-open to_fd so we aren't hosed by the rename(2). */
989 (void) close(to_fd);
990 if ((to_fd = open(to_name, O_RDONLY, 0)) < 0)
991 err(EX_OSERR, "%s", to_name);
992 }
993
994 /*
995 * Preserve the timestamp of the source file if necessary.
996 */
997 if (dopreserve && !files_match && !devnull) {
998 tsb[0] = from_sb.st_atim;
999 tsb[1] = from_sb.st_mtim;
1000 (void)utimensat(AT_FDCWD, to_name, tsb, 0);
1001 }
1002
1003 if (fstat(to_fd, &to_sb) == -1) {
1004 serrno = errno;
1005 (void)unlink(to_name);
1006 errno = serrno;
1007 err(EX_OSERR, "%s", to_name);
1008 }
1009
1010 /*
1011 * Set owner, group, mode for target; do the chown first,
1012 * chown may lose the setuid bits.
1013 */
1014 if (!dounpriv && ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
1015 (uid != (uid_t)-1 && uid != to_sb.st_uid) ||
1016 (mode != (to_sb.st_mode & ALLPERMS)))) {
1017 #if HAVE_STRUCT_STAT_ST_FLAGS
1018 /* Try to turn off the immutable bits. */
1019 if (to_sb.st_flags & NOCHANGEBITS)
1020 (void)fchflags(to_fd, to_sb.st_flags & ~NOCHANGEBITS);
1021 #endif
1022 }
1023
1024 if (!dounpriv && ((gid != (gid_t)-1 && gid != to_sb.st_gid) ||
1025 (uid != (uid_t)-1 && uid != to_sb.st_uid))) {
1026 if (fchown(to_fd, uid, gid) == -1) {
1027 serrno = errno;
1028 (void)unlink(to_name);
1029 errno = serrno;
1030 err(EX_OSERR,"%s: chown/chgrp", to_name);
1031 }
1032 }
1033 if (mode != (to_sb.st_mode & ALLPERMS)) {
1034 if (fchmod(to_fd,
1035 dounpriv ? mode & (S_IRWXU|S_IRWXG|S_IRWXO) : mode)) {
1036 serrno = errno;
1037 (void)unlink(to_name);
1038 errno = serrno;
1039 err(EX_OSERR, "%s: chmod", to_name);
1040 }
1041 }
1042 #if HAVE_STRUCT_STAT_ST_FLAGS
1043 /*
1044 * If provided a set of flags, set them, otherwise, preserve the
1045 * flags, except for the dump flag.
1046 * NFS does not support flags. Ignore EOPNOTSUPP flags if we're just
1047 * trying to turn off UF_NODUMP. If we're trying to set real flags,
1048 * then warn if the fs doesn't support it, otherwise fail.
1049 */
1050 if (!dounpriv && !devnull && (flags & SETFLAGS ||
1051 (from_sb.st_flags & ~UF_NODUMP) != to_sb.st_flags) &&
1052 fchflags(to_fd,
1053 flags & SETFLAGS ? fset : from_sb.st_flags & ~UF_NODUMP)) {
1054 if (flags & SETFLAGS) {
1055 if (errno == EOPNOTSUPP)
1056 warn("%s: chflags", to_name);
1057 else {
1058 serrno = errno;
1059 (void)unlink(to_name);
1060 errno = serrno;
1061 err(EX_OSERR, "%s: chflags", to_name);
1062 }
1063 }
1064 }
1065 #endif
1066
1067 (void)close(to_fd);
1068 if (!devnull)
1069 (void)close(from_fd);
1070
1071 metadata_log(to_name, "file", tsb, NULL, digestresult, to_sb.st_size);
1072 free(digestresult);
1073 }
1074
1075 /*
1076 * compare --
1077 * Compare two files; non-zero means files differ.
1078 * Compute digest and return its address in *dresp
1079 * unless it points to pre-computed digest.
1080 */
1081 static int
compare(int from_fd,const char * from_name __unused,size_t from_len,int to_fd,const char * to_name __unused,size_t to_len,char ** dresp)1082 compare(int from_fd, const char *from_name __unused, size_t from_len,
1083 int to_fd, const char *to_name __unused, size_t to_len,
1084 char **dresp)
1085 {
1086 int rv;
1087 int do_digest;
1088 DIGEST_CTX ctx;
1089
1090 if (from_len != to_len)
1091 return 1;
1092
1093 do_digest = (digesttype != DIGEST_NONE && dresp != NULL &&
1094 *dresp == NULL);
1095 if (from_len <= MAX_CMP_SIZE) {
1096 static char *buf, *buf1, *buf2;
1097 static size_t bufsize;
1098 int n1, n2;
1099
1100 if (do_digest)
1101 digest_init(&ctx);
1102
1103 if (buf == NULL) {
1104 /*
1105 * Note that buf and bufsize are static. If
1106 * malloc() fails, it will fail at the start
1107 * and not copy only some files.
1108 */
1109 if (sysconf(_SC_PHYS_PAGES) > PHYSPAGES_THRESHOLD)
1110 bufsize = MIN(BUFSIZE_MAX, MAXPHYS * 8);
1111 else
1112 bufsize = BUFSIZE_SMALL;
1113 buf = malloc(bufsize * 2);
1114 if (buf == NULL)
1115 err(1, "Not enough memory");
1116 buf1 = buf;
1117 buf2 = buf + bufsize;
1118 }
1119 rv = 0;
1120 lseek(from_fd, 0, SEEK_SET);
1121 lseek(to_fd, 0, SEEK_SET);
1122 while (rv == 0) {
1123 n1 = read(from_fd, buf1, bufsize);
1124 if (n1 == 0)
1125 break; /* EOF */
1126 else if (n1 > 0) {
1127 n2 = read(to_fd, buf2, n1);
1128 if (n2 == n1)
1129 rv = memcmp(buf1, buf2, n1);
1130 else
1131 rv = 1; /* out of sync */
1132 } else
1133 rv = 1; /* read failure */
1134 if (do_digest)
1135 digest_update(&ctx, buf1, n1);
1136 }
1137 lseek(from_fd, 0, SEEK_SET);
1138 lseek(to_fd, 0, SEEK_SET);
1139 } else {
1140 rv = 1; /* don't bother in this case */
1141 }
1142
1143 if (do_digest) {
1144 if (rv == 0)
1145 *dresp = digest_end(&ctx, NULL);
1146 else
1147 (void)digest_end(&ctx, NULL);
1148 }
1149
1150 return rv;
1151 }
1152
1153 /*
1154 * create_tempfile --
1155 * create a temporary file based on path and open it
1156 */
1157 static int
create_tempfile(const char * path,char * temp,size_t tsize)1158 create_tempfile(const char *path, char *temp, size_t tsize)
1159 {
1160 char *p;
1161
1162 (void)strncpy(temp, path, tsize);
1163 temp[tsize - 1] = '\0';
1164 if ((p = strrchr(temp, '/')) != NULL)
1165 p++;
1166 else
1167 p = temp;
1168 (void)strncpy(p, "INS@XXXXXX", &temp[tsize - 1] - p);
1169 temp[tsize - 1] = '\0';
1170 return (mkstemp(temp));
1171 }
1172
1173 /*
1174 * copy --
1175 * copy from one file to another
1176 */
1177 static char *
copy(int from_fd,const char * from_name,int to_fd,const char * to_name,off_t size)1178 copy(int from_fd, const char *from_name, int to_fd, const char *to_name,
1179 off_t size)
1180 {
1181 static char *buf = NULL;
1182 static size_t bufsize;
1183 int nr, nw;
1184 int serrno;
1185 #ifndef BOOTSTRAP_XINSTALL
1186 ssize_t ret;
1187 #endif
1188 DIGEST_CTX ctx;
1189
1190 /* Rewind file descriptors. */
1191 if (lseek(from_fd, 0, SEEK_SET) < 0)
1192 err(EX_OSERR, "lseek: %s", from_name);
1193 if (lseek(to_fd, 0, SEEK_SET) < 0)
1194 err(EX_OSERR, "lseek: %s", to_name);
1195
1196 #ifndef BOOTSTRAP_XINSTALL
1197 /* Try copy_file_range() if no digest is requested */
1198 if (digesttype == DIGEST_NONE) {
1199 do {
1200 ret = copy_file_range(from_fd, NULL, to_fd, NULL,
1201 (size_t)size, 0);
1202 } while (ret > 0);
1203 if (ret == 0)
1204 goto done;
1205 if (errno != EINVAL) {
1206 serrno = errno;
1207 (void)unlink(to_name);
1208 errno = serrno;
1209 err(EX_OSERR, "%s", to_name);
1210 }
1211 /* Fall back */
1212 }
1213 #endif
1214 digest_init(&ctx);
1215
1216 if (buf == NULL) {
1217 /*
1218 * Note that buf and bufsize are static. If
1219 * malloc() fails, it will fail at the start
1220 * and not copy only some files.
1221 */
1222 if (sysconf(_SC_PHYS_PAGES) > PHYSPAGES_THRESHOLD)
1223 bufsize = MIN(BUFSIZE_MAX, MAXPHYS * 8);
1224 else
1225 bufsize = BUFSIZE_SMALL;
1226 buf = malloc(bufsize);
1227 if (buf == NULL)
1228 err(1, "Not enough memory");
1229 }
1230 while ((nr = read(from_fd, buf, bufsize)) > 0) {
1231 if ((nw = write(to_fd, buf, nr)) != nr) {
1232 serrno = errno;
1233 (void)unlink(to_name);
1234 if (nw >= 0) {
1235 errx(EX_OSERR,
1236 "short write to %s: %jd bytes written, "
1237 "%jd bytes asked to write",
1238 to_name, (uintmax_t)nw,
1239 (uintmax_t)size);
1240 } else {
1241 errno = serrno;
1242 err(EX_OSERR, "%s", to_name);
1243 }
1244 }
1245 digest_update(&ctx, buf, nr);
1246 }
1247 if (nr != 0) {
1248 serrno = errno;
1249 (void)unlink(to_name);
1250 errno = serrno;
1251 err(EX_OSERR, "%s", from_name);
1252 }
1253 #ifndef BOOTSTRAP_XINSTALL
1254 done:
1255 #endif
1256 if (safecopy && fsync(to_fd) == -1) {
1257 serrno = errno;
1258 (void)unlink(to_name);
1259 errno = serrno;
1260 err(EX_OSERR, "fsync failed for %s", to_name);
1261 }
1262 return (digest_end(&ctx, NULL));
1263 }
1264
1265 /*
1266 * strip --
1267 * Use strip(1) to strip the target file.
1268 * Just invoke strip(1) on to_name if from_name is NULL, else try
1269 * to run "strip -o to_name from_name" and return 0 on failure.
1270 * Return 1 on success and assign result of digest_file(to_name)
1271 * to *dresp.
1272 */
1273 static int
strip(const char * to_name,int to_fd,const char * from_name,char ** dresp)1274 strip(const char *to_name, int to_fd, const char *from_name, char **dresp)
1275 {
1276 const char *stripbin;
1277 const char *args[5];
1278 char *prefixed_from_name;
1279 pid_t pid;
1280 int error, serrno, status;
1281
1282 prefixed_from_name = NULL;
1283 stripbin = getenv("STRIPBIN");
1284 if (stripbin == NULL)
1285 stripbin = "strip";
1286 args[0] = stripbin;
1287 if (from_name == NULL) {
1288 args[1] = to_name;
1289 args[2] = NULL;
1290 } else {
1291 args[1] = "-o";
1292 args[2] = to_name;
1293
1294 /* Prepend './' if from_name begins with '-' */
1295 if (from_name[0] == '-') {
1296 if (asprintf(&prefixed_from_name, "./%s", from_name) == -1)
1297 return (0);
1298 args[3] = prefixed_from_name;
1299 } else {
1300 args[3] = from_name;
1301 }
1302 args[4] = NULL;
1303 }
1304 error = posix_spawnp(&pid, stripbin, NULL, NULL,
1305 __DECONST(char **, args), environ);
1306 if (error != 0) {
1307 (void)unlink(to_name);
1308 errc(error == EAGAIN || error == EPROCLIM || error == ENOMEM ?
1309 EX_TEMPFAIL : EX_OSERR, error, "spawn %s", stripbin);
1310 }
1311 free(prefixed_from_name);
1312 if (waitpid(pid, &status, 0) == -1) {
1313 error = errno;
1314 (void)unlink(to_name);
1315 errc(EX_SOFTWARE, error, "wait");
1316 /* NOTREACHED */
1317 }
1318 if (status != 0) {
1319 if (from_name != NULL)
1320 return (0);
1321 (void)unlink(to_name);
1322 errx(EX_SOFTWARE, "strip command %s failed on %s",
1323 stripbin, to_name);
1324 }
1325 if (from_name != NULL && safecopy && fsync(to_fd) == -1) {
1326 serrno = errno;
1327 (void)unlink(to_name);
1328 errno = serrno;
1329 err(EX_OSERR, "fsync failed for %s", to_name);
1330 }
1331 if (dresp != NULL)
1332 *dresp = digest_file(to_name);
1333 return (1);
1334 }
1335
1336 /*
1337 * install_dir --
1338 * build directory hierarchy
1339 */
1340 static void
install_dir(char * path)1341 install_dir(char *path)
1342 {
1343 char *p;
1344 struct stat sb;
1345 int ch, tried_mkdir;
1346
1347 for (p = path;; ++p)
1348 if (!*p || (p != path && *p == '/')) {
1349 tried_mkdir = 0;
1350 ch = *p;
1351 *p = '\0';
1352 again:
1353 if (stat(path, &sb) != 0) {
1354 if (errno != ENOENT || tried_mkdir)
1355 err(EX_OSERR, "stat %s", path);
1356 if (mkdir(path, 0755) < 0) {
1357 tried_mkdir = 1;
1358 if (errno == EEXIST)
1359 goto again;
1360 err(EX_OSERR, "mkdir %s", path);
1361 }
1362 if (verbose)
1363 (void)printf("install: mkdir %s\n",
1364 path);
1365 } else if (!S_ISDIR(sb.st_mode))
1366 errx(EX_OSERR, "%s exists but is not a directory", path);
1367 if (!(*p = ch))
1368 break;
1369 }
1370
1371 if (!dounpriv) {
1372 if ((gid != (gid_t)-1 || uid != (uid_t)-1) &&
1373 chown(path, uid, gid))
1374 warn("chown %u:%u %s", uid, gid, path);
1375 /* XXXBED: should we do the chmod in the dounpriv case? */
1376 if (chmod(path, mode))
1377 warn("chmod %o %s", mode, path);
1378 }
1379 metadata_log(path, "dir", NULL, NULL, NULL, 0);
1380 }
1381
1382 /*
1383 * metadata_log --
1384 * if metafp is not NULL, output mtree(8) full path name and settings to
1385 * metafp, to allow permissions to be set correctly by other tools,
1386 * or to allow integrity checks to be performed.
1387 */
1388 static void
metadata_log(const char * path,const char * type,struct timespec * ts,const char * slink,const char * digestresult,off_t size)1389 metadata_log(const char *path, const char *type, struct timespec *ts,
1390 const char *slink, const char *digestresult, off_t size)
1391 {
1392 static const char extra[] = { ' ', '\t', '\n', '\\', '#', '\0' };
1393 const char *p;
1394 char *buf;
1395 size_t buflen, destlen;
1396 struct flock metalog_lock;
1397
1398 if (!metafp)
1399 return;
1400 /* Buffer for strsnvis(3), used for both path and slink. */
1401 buflen = strlen(path);
1402 if (slink && strlen(slink) > buflen)
1403 buflen = strlen(slink);
1404 buflen = 4 * buflen + 1;
1405 if ((buf = malloc(buflen)) == NULL) {
1406 warn(NULL);
1407 return;
1408 }
1409
1410 /* Lock log file. */
1411 metalog_lock.l_start = 0;
1412 metalog_lock.l_len = 0;
1413 metalog_lock.l_whence = SEEK_SET;
1414 metalog_lock.l_type = F_WRLCK;
1415 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) {
1416 warn("can't lock %s", metafile);
1417 free(buf);
1418 return;
1419 }
1420
1421 /* Remove destdir. */
1422 p = path;
1423 if (destdir) {
1424 destlen = strlen(destdir);
1425 if (strncmp(p, destdir, destlen) == 0 &&
1426 (p[destlen] == '/' || p[destlen] == '\0'))
1427 p += destlen;
1428 }
1429 while (*p && *p == '/')
1430 p++;
1431 strsnvis(buf, buflen, p, VIS_OCTAL, extra);
1432 p = buf;
1433 /* Print details. */
1434 fprintf(metafp, ".%s%s type=%s", *p ? "/" : "", p, type);
1435 if (owner) {
1436 id_t id;
1437
1438 if (parseid(owner, &id))
1439 fprintf(metafp, " uid=%jd", (intmax_t)id);
1440 else
1441 fprintf(metafp, " uname=%s", owner);
1442 }
1443 if (group) {
1444 id_t id;
1445
1446 if (parseid(group, &id))
1447 fprintf(metafp, " gid=%jd", (intmax_t)id);
1448 else
1449 fprintf(metafp, " gname=%s", group);
1450 }
1451 fprintf(metafp, " mode=%#o", mode);
1452 if (slink) {
1453 strsnvis(buf, buflen, slink, VIS_CSTYLE, extra);
1454 fprintf(metafp, " link=%s", buf);
1455 }
1456 if (*type == 'f') /* type=file */
1457 fprintf(metafp, " size=%lld", (long long)size);
1458 if (ts != NULL && dopreserve)
1459 fprintf(metafp, " time=%lld.%09ld",
1460 (long long)ts[1].tv_sec, ts[1].tv_nsec);
1461 if (digestresult && digest)
1462 fprintf(metafp, " %s=%s", digest, digestresult);
1463 if (fflags)
1464 fprintf(metafp, " flags=%s", fflags);
1465 if (tags)
1466 fprintf(metafp, " tags=%s", tags);
1467 fputc('\n', metafp);
1468 /* Flush line. */
1469 fflush(metafp);
1470
1471 /* Unlock log file. */
1472 metalog_lock.l_type = F_UNLCK;
1473 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1)
1474 warn("can't unlock %s", metafile);
1475 free(buf);
1476 }
1477
1478 /*
1479 * usage --
1480 * print a usage message and die
1481 */
1482 static void
usage(void)1483 usage(void)
1484 {
1485 (void)fprintf(stderr,
1486 "usage: install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]\n"
1487 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1488 " [-B suffix] [-l linkflags] [-N dbdir]\n"
1489 " file1 file2\n"
1490 " install [-bCcpSsUv] [-f flags] [-g group] [-m mode] [-o owner]\n"
1491 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1492 " [-B suffix] [-l linkflags] [-N dbdir]\n"
1493 " file1 ... fileN directory\n"
1494 " install -dU [-vU] [-g group] [-m mode] [-N dbdir] [-o owner]\n"
1495 " [-M log] [-D dest] [-h hash] [-T tags]\n"
1496 " directory ...\n");
1497 exit(EX_USAGE);
1498 /* NOTREACHED */
1499 }
1500