1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1992 Keith Muller. 5 * Copyright (c) 1992, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * This code is derived from software contributed to Berkeley by 9 * Keith Muller of the University of California, San Diego. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/types.h> 37 #include <sys/stat.h> 38 #include <sys/time.h> 39 #include <sys/resource.h> 40 #include <err.h> 41 #include <errno.h> 42 #include <fcntl.h> 43 #include <locale.h> 44 #include <paths.h> 45 #include <signal.h> 46 #include <stdio.h> 47 #include <stdlib.h> 48 #include <string.h> 49 #include "pax.h" 50 #include "extern.h" 51 static int gen_init(void); 52 53 /* 54 * PAX main routines, general globals and some simple start up routines 55 */ 56 57 /* 58 * Variables that can be accessed by any routine within pax 59 */ 60 int act = DEFOP; /* read/write/append/copy */ 61 FSUB *frmt = NULL; /* archive format type */ 62 int cflag; /* match all EXCEPT pattern/file */ 63 int cwdfd; /* starting cwd */ 64 int dflag; /* directory member match only */ 65 int iflag; /* interactive file/archive rename */ 66 int kflag; /* do not overwrite existing files */ 67 int lflag; /* use hard links when possible */ 68 int nflag; /* select first archive member match */ 69 int tflag; /* restore access time after read */ 70 int uflag; /* ignore older modification time files */ 71 int vflag; /* produce verbose output */ 72 int Dflag; /* same as uflag except inode change time */ 73 int Hflag; /* follow command line symlinks (write only) */ 74 int Lflag; /* follow symlinks when writing */ 75 int Oflag; /* limit to single volume */ 76 int Xflag; /* archive files with same device id only */ 77 int Yflag; /* same as Dflg except after name mode */ 78 int Zflag; /* same as uflg except after name mode */ 79 int vfpart; /* is partial verbose output in progress */ 80 int patime = 1; /* preserve file access time */ 81 int pmtime = 1; /* preserve file modification times */ 82 int nodirs; /* do not create directories as needed */ 83 int pmode; /* preserve file mode bits */ 84 int pids; /* preserve file uid/gid */ 85 int rmleadslash = 0; /* remove leading '/' from pathnames */ 86 int exit_val; /* exit value */ 87 int docrc; /* check/create file crc */ 88 char *dirptr; /* destination dir in a copy */ 89 const char *argv0; /* root of argv[0] */ 90 sigset_t s_mask; /* signal mask for cleanup critical sect */ 91 FILE *listf; /* file pointer to print file list to */ 92 char *tempfile; /* tempfile to use for mkstemp(3) */ 93 char *tempbase; /* basename of tempfile to use for mkstemp(3) */ 94 95 /* 96 * PAX - Portable Archive Interchange 97 * 98 * A utility to read, write, and write lists of the members of archive 99 * files and copy directory hierarchies. A variety of archive formats 100 * are supported (some are described in POSIX 1003.1 10.1): 101 * 102 * ustar - 10.1.1 extended tar interchange format 103 * cpio - 10.1.2 extended cpio interchange format 104 * tar - old BSD 4.3 tar format 105 * binary cpio - old cpio with binary header format 106 * sysVR4 cpio - with and without CRC 107 * 108 * This version is a superset of IEEE Std 1003.2b-d3 109 * 110 * Summary of Extensions to the IEEE Standard: 111 * 112 * 1 READ ENHANCEMENTS 113 * 1.1 Operations which read archives will continue to operate even when 114 * processing archives which may be damaged, truncated, or fail to meet 115 * format specs in several different ways. Damaged sections of archives 116 * are detected and avoided if possible. Attempts will be made to resync 117 * archive read operations even with badly damaged media. 118 * 1.2 Blocksize requirements are not strictly enforced on archive read. 119 * Tapes which have variable sized records can be read without errors. 120 * 1.3 The user can specify via the non-standard option flag -E if error 121 * resync operation should stop on a media error, try a specified number 122 * of times to correct, or try to correct forever. 123 * 1.4 Sparse files (lseek holes) stored on the archive (but stored with blocks 124 * of all zeros will be restored with holes appropriate for the target 125 * file system 126 * 1.5 The user is notified whenever something is found during archive 127 * read operations which violates spec (but the read will continue). 128 * 1.6 Multiple archive volumes can be read and may span over different 129 * archive devices 130 * 1.7 Rigidly restores all file attributes exactly as they are stored on the 131 * archive. 132 * 1.8 Modification change time ranges can be specified via multiple -T 133 * options. These allow a user to select files whose modification time 134 * lies within a specific time range. 135 * 1.9 Files can be selected based on owner (user name or uid) via one or more 136 * -U options. 137 * 1.10 Files can be selected based on group (group name or gid) via one o 138 * more -G options. 139 * 1.11 File modification time can be checked against existing file after 140 * name modification (-Z) 141 * 142 * 2 WRITE ENHANCEMENTS 143 * 2.1 Write operation will stop instead of allowing a user to create a flawed 144 * flawed archive (due to any problem). 145 * 2.2 Archives written by pax are forced to strictly conform to both the 146 * archive and pax the specific format specifications. 147 * 2.3 Blocking size and format is rigidly enforced on writes. 148 * 2.4 Formats which may exhibit header overflow problems (they have fields 149 * too small for large file systems, such as inode number storage), use 150 * routines designed to repair this problem. These techniques still 151 * conform to both pax and format specifications, but no longer truncate 152 * these fields. This removes any restrictions on using these archive 153 * formats on large file systems. 154 * 2.5 Multiple archive volumes can be written and may span over different 155 * archive devices 156 * 2.6 A archive volume record limit allows the user to specify the number 157 * of bytes stored on an archive volume. When reached the user is 158 * prompted for the next archive volume. This is specified with the 159 * non-standard -B flag. The limit is rounded up to the next blocksize. 160 * 2.7 All archive padding during write use zero filled sections. This makes 161 * it much easier to pull data out of flawed archive during read 162 * operations. 163 * 2.8 Access time reset with the -t applies to all file nodes (including 164 * directories). 165 * 2.9 Symbolic links can be followed with -L (optional in the spec). 166 * 2.10 Modification or inode change time ranges can be specified via 167 * multiple -T options. These allow a user to select files whose 168 * modification or inode change time lies within a specific time range. 169 * 2.11 Files can be selected based on owner (user name or uid) via one or more 170 * -U options. 171 * 2.12 Files can be selected based on group (group name or gid) via one o 172 * more -G options. 173 * 2.13 Symlinks which appear on the command line can be followed (without 174 * following other symlinks; -H flag) 175 * 176 * 3 COPY ENHANCEMENTS 177 * 3.1 Sparse files (lseek holes) can be copied without expanding the holes 178 * into zero filled blocks. The file copy is created with holes which are 179 * appropriate for the target file system 180 * 3.2 Access time as well as modification time on copied file trees can be 181 * preserved with the appropriate -p options. 182 * 3.3 Access time reset with the -t applies to all file nodes (including 183 * directories). 184 * 3.4 Symbolic links can be followed with -L (optional in the spec). 185 * 3.5 Modification or inode change time ranges can be specified via 186 * multiple -T options. These allow a user to select files whose 187 * modification or inode change time lies within a specific time range. 188 * 3.6 Files can be selected based on owner (user name or uid) via one or more 189 * -U options. 190 * 3.7 Files can be selected based on group (group name or gid) via one o 191 * more -G options. 192 * 3.8 Symlinks which appear on the command line can be followed (without 193 * following other symlinks; -H flag) 194 * 3.9 File inode change time can be checked against existing file before 195 * name modification (-D) 196 * 3.10 File inode change time can be checked against existing file after 197 * name modification (-Y) 198 * 3.11 File modification time can be checked against existing file after 199 * name modification (-Z) 200 * 201 * 4 GENERAL ENHANCEMENTS 202 * 4.1 Internal structure is designed to isolate format dependent and 203 * independent functions. Formats are selected via a format driver table. 204 * This encourages the addition of new archive formats by only having to 205 * write those routines which id, read and write the archive header. 206 */ 207 208 /* 209 * main() 210 * parse options, set up and operate as specified by the user. 211 * any operational flaw will set exit_val to non-zero 212 * Return: 0 if ok, 1 otherwise 213 */ 214 215 int 216 main(int argc, char *argv[]) 217 { 218 const char *tmpdir; 219 size_t tdlen; 220 221 (void) setlocale(LC_ALL, ""); 222 listf = stderr; 223 /* 224 * Keep a reference to cwd, so we can always come back home. 225 */ 226 cwdfd = open(".", O_RDONLY | O_CLOEXEC); 227 if (cwdfd < 0) { 228 syswarn(0, errno, "Can't open current working directory."); 229 return(exit_val); 230 } 231 232 /* 233 * Where should we put temporary files? 234 */ 235 if ((tmpdir = getenv("TMPDIR")) == NULL || *tmpdir == '\0') 236 tmpdir = _PATH_TMP; 237 tdlen = strlen(tmpdir); 238 while (tdlen > 0 && tmpdir[tdlen - 1] == '/') 239 tdlen--; 240 tempfile = malloc(tdlen + 1 + sizeof(_TFILE_BASE)); 241 if (tempfile == NULL) { 242 paxwarn(1, "Cannot allocate memory for temp file name."); 243 return(exit_val); 244 } 245 if (tdlen) 246 memcpy(tempfile, tmpdir, tdlen); 247 tempbase = tempfile + tdlen; 248 *tempbase++ = '/'; 249 250 /* 251 * parse options, determine operational mode, general init 252 */ 253 options(argc, argv); 254 if ((gen_init() < 0) || (tty_init() < 0)) 255 return(exit_val); 256 257 /* 258 * select a primary operation mode 259 */ 260 switch (act) { 261 case EXTRACT: 262 extract(); 263 break; 264 case ARCHIVE: 265 archive(); 266 break; 267 case APPND: 268 if (gzip_program != NULL) 269 err(1, "can not gzip while appending"); 270 append(); 271 break; 272 case COPY: 273 copy(); 274 break; 275 default: 276 case LIST: 277 list(); 278 break; 279 } 280 return(exit_val); 281 } 282 283 /* 284 * sig_cleanup() 285 * when interrupted we try to do whatever delayed processing we can. 286 * This is not critical, but we really ought to limit our damage when we 287 * are aborted by the user. 288 * Return: 289 * never.... 290 */ 291 292 void 293 sig_cleanup(int which_sig) 294 { 295 /* 296 * restore modes and times for any dirs we may have created 297 * or any dirs we may have read. Set vflag and vfpart so the user 298 * will clearly see the message on a line by itself. 299 */ 300 vflag = vfpart = 1; 301 if (which_sig == SIGXCPU) 302 paxwarn(0, "Cpu time limit reached, cleaning up."); 303 else 304 paxwarn(0, "Signal caught, cleaning up."); 305 306 ar_close(); 307 proc_dir(); 308 if (tflag) 309 atdir_end(); 310 exit(1); 311 } 312 313 /* 314 * setup_sig() 315 * set a signal to be caught, but only if it isn't being ignored already 316 */ 317 318 static int 319 setup_sig(int sig, const struct sigaction *n_hand) 320 { 321 struct sigaction o_hand; 322 323 if (sigaction(sig, NULL, &o_hand) < 0) 324 return (-1); 325 326 if (o_hand.sa_handler == SIG_IGN) 327 return (0); 328 329 return (sigaction(sig, n_hand, NULL)); 330 } 331 332 /* 333 * gen_init() 334 * general setup routines. Not all are required, but they really help 335 * when dealing with a medium to large sized archives. 336 */ 337 338 static int 339 gen_init(void) 340 { 341 struct rlimit reslimit; 342 struct sigaction n_hand; 343 344 /* 345 * Really needed to handle large archives. We can run out of memory for 346 * internal tables really fast when we have a whole lot of files... 347 */ 348 if (getrlimit(RLIMIT_DATA , &reslimit) == 0){ 349 reslimit.rlim_cur = reslimit.rlim_max; 350 (void)setrlimit(RLIMIT_DATA , &reslimit); 351 } 352 353 /* 354 * should file size limits be waived? if the os limits us, this is 355 * needed if we want to write a large archive 356 */ 357 if (getrlimit(RLIMIT_FSIZE , &reslimit) == 0){ 358 reslimit.rlim_cur = reslimit.rlim_max; 359 (void)setrlimit(RLIMIT_FSIZE , &reslimit); 360 } 361 362 /* 363 * increase the size the stack can grow to 364 */ 365 if (getrlimit(RLIMIT_STACK , &reslimit) == 0){ 366 reslimit.rlim_cur = reslimit.rlim_max; 367 (void)setrlimit(RLIMIT_STACK , &reslimit); 368 } 369 370 /* 371 * not really needed, but doesn't hurt 372 */ 373 if (getrlimit(RLIMIT_RSS , &reslimit) == 0){ 374 reslimit.rlim_cur = reslimit.rlim_max; 375 (void)setrlimit(RLIMIT_RSS , &reslimit); 376 } 377 378 /* 379 * signal handling to reset stored directory times and modes. Since 380 * we deal with broken pipes via failed writes we ignore it. We also 381 * deal with any file size limit through failed writes. Cpu time 382 * limits are caught and a cleanup is forced. 383 */ 384 if ((sigemptyset(&s_mask) < 0) || (sigaddset(&s_mask, SIGTERM) < 0) || 385 (sigaddset(&s_mask,SIGINT) < 0)||(sigaddset(&s_mask,SIGHUP) < 0) || 386 (sigaddset(&s_mask,SIGPIPE) < 0)||(sigaddset(&s_mask,SIGQUIT)<0) || 387 (sigaddset(&s_mask,SIGXCPU) < 0)||(sigaddset(&s_mask,SIGXFSZ)<0)) { 388 paxwarn(1, "Unable to set up signal mask"); 389 return(-1); 390 } 391 memset(&n_hand, 0, sizeof n_hand); 392 n_hand.sa_mask = s_mask; 393 n_hand.sa_flags = 0; 394 n_hand.sa_handler = sig_cleanup; 395 396 if (setup_sig(SIGHUP, &n_hand) || 397 setup_sig(SIGTERM, &n_hand) || 398 setup_sig(SIGINT, &n_hand) || 399 setup_sig(SIGQUIT, &n_hand) || 400 setup_sig(SIGXCPU, &n_hand)) 401 goto out; 402 403 n_hand.sa_handler = SIG_IGN; 404 if ((sigaction(SIGPIPE, &n_hand, NULL) < 0) || 405 (sigaction(SIGXFSZ, &n_hand, NULL) < 0)) 406 goto out; 407 return(0); 408 409 out: 410 syswarn(1, errno, "Unable to set up signal handler"); 411 return(-1); 412 } 413