xref: /freebsd/bin/setfacl/remove.c (revision 732a02b4e77866604a120a275c082bb6221bd2ff)
1 /*-
2  * Copyright (c) 2001 Chris D. Faulhaber
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  */
26 
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
29 
30 #include <sys/types.h>
31 #include <sys/acl.h>
32 #include <sys/stat.h>
33 
34 #include <err.h>
35 #include <stdio.h>
36 #include <string.h>
37 
38 #include "setfacl.h"
39 
40 /*
41  * remove ACL entries from an ACL
42  */
43 int
44 remove_acl(acl_t acl, acl_t *prev_acl, const char *filename)
45 {
46 	acl_entry_t	entry;
47 	acl_t		acl_new;
48 	acl_tag_t	tag;
49 	int		carried_error, entry_id, acl_brand, prev_acl_brand;
50 
51 	carried_error = 0;
52 
53 	acl_get_brand_np(acl, &acl_brand);
54 	acl_get_brand_np(*prev_acl, &prev_acl_brand);
55 
56 	if (branding_mismatch(acl_brand, prev_acl_brand)) {
57 		warnx("%s: branding mismatch; existing ACL is %s, "
58 		    "entry to be removed is %s", filename,
59 		    brand_name(prev_acl_brand), brand_name(acl_brand));
60 		return (-1);
61 	}
62 
63 	carried_error = 0;
64 
65 	acl_new = acl_dup(*prev_acl);
66 	if (acl_new == NULL)
67 		err(1, "%s: acl_dup() failed", filename);
68 
69 	tag = ACL_UNDEFINED_TAG;
70 
71 	/* find and delete the entry */
72 	entry_id = ACL_FIRST_ENTRY;
73 	while (acl_get_entry(acl, entry_id, &entry) == 1) {
74 		entry_id = ACL_NEXT_ENTRY;
75 		if (acl_get_tag_type(entry, &tag) == -1)
76 			err(1, "%s: acl_get_tag_type() failed", filename);
77 		if (tag == ACL_MASK)
78 			have_mask = true;
79 		if (acl_delete_entry(acl_new, entry) == -1) {
80 			carried_error++;
81 			warnx("%s: cannot remove non-existent ACL entry",
82 			    filename);
83 		}
84 	}
85 
86 	acl_free(*prev_acl);
87 	*prev_acl = acl_new;
88 
89 	if (carried_error)
90 		return (-1);
91 
92 	return (0);
93 }
94 
95 int
96 remove_by_number(uint entry_number, acl_t *prev_acl, const char *filename)
97 {
98 	acl_entry_t	entry;
99 	acl_t		acl_new;
100 	acl_tag_t	tag;
101 	int		carried_error, entry_id;
102 	uint		i;
103 
104 	carried_error = 0;
105 
106 	acl_new = acl_dup(*prev_acl);
107 	if (acl_new == NULL)
108 		err(1, "%s: acl_dup() failed", filename);
109 
110 	tag = ACL_UNDEFINED_TAG;
111 
112 	/*
113 	 * Find out whether we're removing the mask entry,
114 	 * to behave the same as the routine above.
115 	 *
116 	 * XXX: Is this loop actually needed?
117 	 */
118 	entry_id = ACL_FIRST_ENTRY;
119 	i = 0;
120 	while (acl_get_entry(acl_new, entry_id, &entry) == 1) {
121 		entry_id = ACL_NEXT_ENTRY;
122 		if (i != entry_number)
123 			continue;
124 		if (acl_get_tag_type(entry, &tag) == -1)
125 			err(1, "%s: acl_get_tag_type() failed", filename);
126 		if (tag == ACL_MASK)
127 			have_mask = true;
128 	}
129 
130 	if (acl_delete_entry_np(acl_new, entry_number) == -1) {
131 		carried_error++;
132 		warn("%s: acl_delete_entry_np() failed", filename);
133 	}
134 
135 	acl_free(*prev_acl);
136 	*prev_acl = acl_new;
137 
138 	if (carried_error)
139 		return (-1);
140 
141 	return (0);
142 }
143 
144 /*
145  * remove default entries
146  */
147 int
148 remove_default(acl_t *prev_acl, const char *filename)
149 {
150 
151 	acl_free(*prev_acl);
152 	*prev_acl = acl_init(ACL_MAX_ENTRIES);
153 	if (*prev_acl == NULL)
154 		err(1, "%s: acl_init() failed", filename);
155 
156 	return (0);
157 }
158 
159 /*
160  * remove extended entries
161  */
162 void
163 remove_ext(acl_t *prev_acl, const char *filename)
164 {
165 	acl_t acl_new;
166 
167 	acl_new = acl_strip_np(*prev_acl, !n_flag);
168 	if (acl_new == NULL)
169 		err(1, "%s: acl_strip_np() failed", filename);
170 
171 	acl_free(*prev_acl);
172 	*prev_acl = acl_new;
173 }
174