1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate #ifndef lint 30*7c478bd9Sstevel@tonic-gate static char sccsid[] = "%Z%%M% %I% %E% SMI"; 31*7c478bd9Sstevel@tonic-gate #endif 32*7c478bd9Sstevel@tonic-gate 33*7c478bd9Sstevel@tonic-gate /* 34*7c478bd9Sstevel@tonic-gate * getfacl [-ad] file ... 35*7c478bd9Sstevel@tonic-gate * This command displays discretionary information for a file or files. 36*7c478bd9Sstevel@tonic-gate * display format: 37*7c478bd9Sstevel@tonic-gate * # file: filename 38*7c478bd9Sstevel@tonic-gate * # owner: uid 39*7c478bd9Sstevel@tonic-gate * # group: gid 40*7c478bd9Sstevel@tonic-gate * user::perm 41*7c478bd9Sstevel@tonic-gate * user:uid:perm 42*7c478bd9Sstevel@tonic-gate * group::perm 43*7c478bd9Sstevel@tonic-gate * group:gid:perm 44*7c478bd9Sstevel@tonic-gate * mask:perm 45*7c478bd9Sstevel@tonic-gate * other:perm 46*7c478bd9Sstevel@tonic-gate * default:user::perm 47*7c478bd9Sstevel@tonic-gate * default:user:uid:perm 48*7c478bd9Sstevel@tonic-gate * default:group::perm 49*7c478bd9Sstevel@tonic-gate * default:group:gid:perm 50*7c478bd9Sstevel@tonic-gate * default:mask:perm 51*7c478bd9Sstevel@tonic-gate * default:other:perm 52*7c478bd9Sstevel@tonic-gate */ 53*7c478bd9Sstevel@tonic-gate 54*7c478bd9Sstevel@tonic-gate #include <stdlib.h> 55*7c478bd9Sstevel@tonic-gate #include <stdio.h> 56*7c478bd9Sstevel@tonic-gate #include <pwd.h> 57*7c478bd9Sstevel@tonic-gate #include <grp.h> 58*7c478bd9Sstevel@tonic-gate #include <locale.h> 59*7c478bd9Sstevel@tonic-gate #include <sys/acl.h> 60*7c478bd9Sstevel@tonic-gate #include <errno.h> 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate static char *pruname(uid_t); 63*7c478bd9Sstevel@tonic-gate static char *prgname(gid_t); 64*7c478bd9Sstevel@tonic-gate static char *display(int); 65*7c478bd9Sstevel@tonic-gate static void usage(); 66*7c478bd9Sstevel@tonic-gate 67*7c478bd9Sstevel@tonic-gate 68*7c478bd9Sstevel@tonic-gate int 69*7c478bd9Sstevel@tonic-gate main(int argc, char *argv[]) 70*7c478bd9Sstevel@tonic-gate { 71*7c478bd9Sstevel@tonic-gate int c; 72*7c478bd9Sstevel@tonic-gate int aflag = 0; 73*7c478bd9Sstevel@tonic-gate int dflag = 0; 74*7c478bd9Sstevel@tonic-gate int errflag = 0; 75*7c478bd9Sstevel@tonic-gate int savecnt; 76*7c478bd9Sstevel@tonic-gate int aclcnt; 77*7c478bd9Sstevel@tonic-gate int mask; 78*7c478bd9Sstevel@tonic-gate aclent_t *aclp; 79*7c478bd9Sstevel@tonic-gate aclent_t *tp; 80*7c478bd9Sstevel@tonic-gate char *permp; 81*7c478bd9Sstevel@tonic-gate 82*7c478bd9Sstevel@tonic-gate (void) setlocale(LC_ALL, ""); 83*7c478bd9Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN); 84*7c478bd9Sstevel@tonic-gate 85*7c478bd9Sstevel@tonic-gate if (argc < 2) 86*7c478bd9Sstevel@tonic-gate usage(); 87*7c478bd9Sstevel@tonic-gate 88*7c478bd9Sstevel@tonic-gate while ((c = getopt(argc, argv, "ad")) != EOF) { 89*7c478bd9Sstevel@tonic-gate switch (c) { 90*7c478bd9Sstevel@tonic-gate case 'a': 91*7c478bd9Sstevel@tonic-gate aflag++; 92*7c478bd9Sstevel@tonic-gate break; 93*7c478bd9Sstevel@tonic-gate case 'd': 94*7c478bd9Sstevel@tonic-gate dflag++; 95*7c478bd9Sstevel@tonic-gate break; 96*7c478bd9Sstevel@tonic-gate case '?': 97*7c478bd9Sstevel@tonic-gate errflag++; 98*7c478bd9Sstevel@tonic-gate break; 99*7c478bd9Sstevel@tonic-gate } 100*7c478bd9Sstevel@tonic-gate } 101*7c478bd9Sstevel@tonic-gate if (errflag) 102*7c478bd9Sstevel@tonic-gate usage(); 103*7c478bd9Sstevel@tonic-gate 104*7c478bd9Sstevel@tonic-gate if (optind >= argc) 105*7c478bd9Sstevel@tonic-gate usage(); 106*7c478bd9Sstevel@tonic-gate 107*7c478bd9Sstevel@tonic-gate for (; optind < argc; optind++) { 108*7c478bd9Sstevel@tonic-gate register char *filep; 109*7c478bd9Sstevel@tonic-gate 110*7c478bd9Sstevel@tonic-gate filep = argv[optind]; 111*7c478bd9Sstevel@tonic-gate 112*7c478bd9Sstevel@tonic-gate /* Get ACL info of the files */ 113*7c478bd9Sstevel@tonic-gate errno = 0; 114*7c478bd9Sstevel@tonic-gate if ((aclcnt = acl(filep, GETACLCNT, 0, NULL)) < 0) { 115*7c478bd9Sstevel@tonic-gate perror(filep); 116*7c478bd9Sstevel@tonic-gate exit(2); 117*7c478bd9Sstevel@tonic-gate } 118*7c478bd9Sstevel@tonic-gate if (aclcnt < MIN_ACL_ENTRIES) { 119*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 120*7c478bd9Sstevel@tonic-gate gettext("%d: acl count too small from %s\n"), 121*7c478bd9Sstevel@tonic-gate aclcnt, filep); 122*7c478bd9Sstevel@tonic-gate exit(2); 123*7c478bd9Sstevel@tonic-gate } 124*7c478bd9Sstevel@tonic-gate 125*7c478bd9Sstevel@tonic-gate if ((aclp = (aclent_t *)malloc(sizeof (aclent_t) * aclcnt)) 126*7c478bd9Sstevel@tonic-gate == NULL) { 127*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 128*7c478bd9Sstevel@tonic-gate gettext("Insufficient memory\n")); 129*7c478bd9Sstevel@tonic-gate exit(1); 130*7c478bd9Sstevel@tonic-gate } 131*7c478bd9Sstevel@tonic-gate 132*7c478bd9Sstevel@tonic-gate errno = 0; 133*7c478bd9Sstevel@tonic-gate if (acl(filep, GETACL, aclcnt, aclp) < 0) { 134*7c478bd9Sstevel@tonic-gate perror(filep); 135*7c478bd9Sstevel@tonic-gate exit(2); 136*7c478bd9Sstevel@tonic-gate } 137*7c478bd9Sstevel@tonic-gate 138*7c478bd9Sstevel@tonic-gate /* display ACL: assume it is sorted. */ 139*7c478bd9Sstevel@tonic-gate (void) printf("\n# file: %s\n", filep); 140*7c478bd9Sstevel@tonic-gate savecnt = aclcnt; 141*7c478bd9Sstevel@tonic-gate for (tp = aclp; aclcnt--; tp++) { 142*7c478bd9Sstevel@tonic-gate if (tp->a_type == USER_OBJ) 143*7c478bd9Sstevel@tonic-gate (void) printf("# owner: %s\n", 144*7c478bd9Sstevel@tonic-gate pruname(tp->a_id)); 145*7c478bd9Sstevel@tonic-gate if (tp->a_type == GROUP_OBJ) 146*7c478bd9Sstevel@tonic-gate (void) printf("# group: %s\n", 147*7c478bd9Sstevel@tonic-gate prgname(tp->a_id)); 148*7c478bd9Sstevel@tonic-gate if (tp->a_type == CLASS_OBJ) 149*7c478bd9Sstevel@tonic-gate mask = tp->a_perm; 150*7c478bd9Sstevel@tonic-gate } 151*7c478bd9Sstevel@tonic-gate aclcnt = savecnt; 152*7c478bd9Sstevel@tonic-gate for (tp = aclp; aclcnt--; tp++) { 153*7c478bd9Sstevel@tonic-gate switch (tp->a_type) { 154*7c478bd9Sstevel@tonic-gate case USER: 155*7c478bd9Sstevel@tonic-gate if (!dflag) { 156*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 157*7c478bd9Sstevel@tonic-gate (void) printf("user:%s:%s\t\t", 158*7c478bd9Sstevel@tonic-gate pruname(tp->a_id), permp); 159*7c478bd9Sstevel@tonic-gate free(permp); 160*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm & mask); 161*7c478bd9Sstevel@tonic-gate (void) printf( 162*7c478bd9Sstevel@tonic-gate "#effective:%s\n", permp); 163*7c478bd9Sstevel@tonic-gate free(permp); 164*7c478bd9Sstevel@tonic-gate } 165*7c478bd9Sstevel@tonic-gate break; 166*7c478bd9Sstevel@tonic-gate case USER_OBJ: 167*7c478bd9Sstevel@tonic-gate if (!dflag) { 168*7c478bd9Sstevel@tonic-gate /* no need to display uid */ 169*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 170*7c478bd9Sstevel@tonic-gate (void) printf("user::%s\n", permp); 171*7c478bd9Sstevel@tonic-gate free(permp); 172*7c478bd9Sstevel@tonic-gate } 173*7c478bd9Sstevel@tonic-gate break; 174*7c478bd9Sstevel@tonic-gate case GROUP: 175*7c478bd9Sstevel@tonic-gate if (!dflag) { 176*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 177*7c478bd9Sstevel@tonic-gate (void) printf("group:%s:%s\t\t", 178*7c478bd9Sstevel@tonic-gate prgname(tp->a_id), permp); 179*7c478bd9Sstevel@tonic-gate free(permp); 180*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm & mask); 181*7c478bd9Sstevel@tonic-gate (void) printf( 182*7c478bd9Sstevel@tonic-gate "#effective:%s\n", permp); 183*7c478bd9Sstevel@tonic-gate free(permp); 184*7c478bd9Sstevel@tonic-gate } 185*7c478bd9Sstevel@tonic-gate break; 186*7c478bd9Sstevel@tonic-gate case GROUP_OBJ: 187*7c478bd9Sstevel@tonic-gate if (!dflag) { 188*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 189*7c478bd9Sstevel@tonic-gate (void) printf("group::%s\t\t", permp); 190*7c478bd9Sstevel@tonic-gate free(permp); 191*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm & mask); 192*7c478bd9Sstevel@tonic-gate (void) printf( 193*7c478bd9Sstevel@tonic-gate "#effective:%s\n", permp); 194*7c478bd9Sstevel@tonic-gate free(permp); 195*7c478bd9Sstevel@tonic-gate } 196*7c478bd9Sstevel@tonic-gate break; 197*7c478bd9Sstevel@tonic-gate case CLASS_OBJ: 198*7c478bd9Sstevel@tonic-gate if (!dflag) { 199*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 200*7c478bd9Sstevel@tonic-gate (void) printf("mask:%s\n", permp); 201*7c478bd9Sstevel@tonic-gate free(permp); 202*7c478bd9Sstevel@tonic-gate } 203*7c478bd9Sstevel@tonic-gate break; 204*7c478bd9Sstevel@tonic-gate case OTHER_OBJ: 205*7c478bd9Sstevel@tonic-gate if (!dflag) { 206*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 207*7c478bd9Sstevel@tonic-gate (void) printf("other:%s\n", permp); 208*7c478bd9Sstevel@tonic-gate free(permp); 209*7c478bd9Sstevel@tonic-gate } 210*7c478bd9Sstevel@tonic-gate break; 211*7c478bd9Sstevel@tonic-gate case DEF_USER: 212*7c478bd9Sstevel@tonic-gate if (!aflag) { 213*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 214*7c478bd9Sstevel@tonic-gate (void) printf("default:user:%s:%s\n", 215*7c478bd9Sstevel@tonic-gate pruname(tp->a_id), permp); 216*7c478bd9Sstevel@tonic-gate free(permp); 217*7c478bd9Sstevel@tonic-gate } 218*7c478bd9Sstevel@tonic-gate break; 219*7c478bd9Sstevel@tonic-gate case DEF_USER_OBJ: 220*7c478bd9Sstevel@tonic-gate if (!aflag) { 221*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 222*7c478bd9Sstevel@tonic-gate (void) printf("default:user::%s\n", 223*7c478bd9Sstevel@tonic-gate permp); 224*7c478bd9Sstevel@tonic-gate free(permp); 225*7c478bd9Sstevel@tonic-gate } 226*7c478bd9Sstevel@tonic-gate break; 227*7c478bd9Sstevel@tonic-gate case DEF_GROUP: 228*7c478bd9Sstevel@tonic-gate if (!aflag) { 229*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 230*7c478bd9Sstevel@tonic-gate (void) printf("default:group:%s:%s\n", 231*7c478bd9Sstevel@tonic-gate prgname(tp->a_id), permp); 232*7c478bd9Sstevel@tonic-gate free(permp); 233*7c478bd9Sstevel@tonic-gate } 234*7c478bd9Sstevel@tonic-gate break; 235*7c478bd9Sstevel@tonic-gate case DEF_GROUP_OBJ: 236*7c478bd9Sstevel@tonic-gate if (!aflag) { 237*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 238*7c478bd9Sstevel@tonic-gate (void) printf("default:group::%s\n", 239*7c478bd9Sstevel@tonic-gate permp); 240*7c478bd9Sstevel@tonic-gate free(permp); 241*7c478bd9Sstevel@tonic-gate } 242*7c478bd9Sstevel@tonic-gate break; 243*7c478bd9Sstevel@tonic-gate case DEF_CLASS_OBJ: 244*7c478bd9Sstevel@tonic-gate if (!aflag) { 245*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 246*7c478bd9Sstevel@tonic-gate (void) printf("default:mask:%s\n", 247*7c478bd9Sstevel@tonic-gate permp); 248*7c478bd9Sstevel@tonic-gate free(permp); 249*7c478bd9Sstevel@tonic-gate } 250*7c478bd9Sstevel@tonic-gate break; 251*7c478bd9Sstevel@tonic-gate case DEF_OTHER_OBJ: 252*7c478bd9Sstevel@tonic-gate if (!aflag) { 253*7c478bd9Sstevel@tonic-gate permp = display(tp->a_perm); 254*7c478bd9Sstevel@tonic-gate (void) printf("default:other:%s\n", 255*7c478bd9Sstevel@tonic-gate permp); 256*7c478bd9Sstevel@tonic-gate free(permp); 257*7c478bd9Sstevel@tonic-gate } 258*7c478bd9Sstevel@tonic-gate break; 259*7c478bd9Sstevel@tonic-gate default: 260*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 261*7c478bd9Sstevel@tonic-gate gettext("unrecognized entry\n")); 262*7c478bd9Sstevel@tonic-gate break; 263*7c478bd9Sstevel@tonic-gate } 264*7c478bd9Sstevel@tonic-gate } 265*7c478bd9Sstevel@tonic-gate free(aclp); 266*7c478bd9Sstevel@tonic-gate } 267*7c478bd9Sstevel@tonic-gate return (0); 268*7c478bd9Sstevel@tonic-gate } 269*7c478bd9Sstevel@tonic-gate 270*7c478bd9Sstevel@tonic-gate static char * 271*7c478bd9Sstevel@tonic-gate display(int perm) 272*7c478bd9Sstevel@tonic-gate { 273*7c478bd9Sstevel@tonic-gate char *buf; 274*7c478bd9Sstevel@tonic-gate 275*7c478bd9Sstevel@tonic-gate buf = malloc(4); 276*7c478bd9Sstevel@tonic-gate if (buf == NULL) { 277*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, gettext("Insufficient memory\n")); 278*7c478bd9Sstevel@tonic-gate exit(1); 279*7c478bd9Sstevel@tonic-gate } 280*7c478bd9Sstevel@tonic-gate 281*7c478bd9Sstevel@tonic-gate if (perm & 4) 282*7c478bd9Sstevel@tonic-gate buf[0] = 'r'; 283*7c478bd9Sstevel@tonic-gate else 284*7c478bd9Sstevel@tonic-gate buf[0] = '-'; 285*7c478bd9Sstevel@tonic-gate if (perm & 2) 286*7c478bd9Sstevel@tonic-gate buf[1] = 'w'; 287*7c478bd9Sstevel@tonic-gate else 288*7c478bd9Sstevel@tonic-gate buf[1] = '-'; 289*7c478bd9Sstevel@tonic-gate if (perm & 1) 290*7c478bd9Sstevel@tonic-gate buf[2] = 'x'; 291*7c478bd9Sstevel@tonic-gate else 292*7c478bd9Sstevel@tonic-gate buf[2] = '-'; 293*7c478bd9Sstevel@tonic-gate buf[3] = '\0'; 294*7c478bd9Sstevel@tonic-gate return (buf); 295*7c478bd9Sstevel@tonic-gate } 296*7c478bd9Sstevel@tonic-gate 297*7c478bd9Sstevel@tonic-gate static char * 298*7c478bd9Sstevel@tonic-gate pruname(uid_t uid) 299*7c478bd9Sstevel@tonic-gate { 300*7c478bd9Sstevel@tonic-gate struct passwd *passwdp; 301*7c478bd9Sstevel@tonic-gate static char uidp[10]; /* big enough */ 302*7c478bd9Sstevel@tonic-gate 303*7c478bd9Sstevel@tonic-gate passwdp = getpwuid(uid); 304*7c478bd9Sstevel@tonic-gate if (passwdp == (struct passwd *) NULL) { 305*7c478bd9Sstevel@tonic-gate /* could not get passwd information: display uid instead */ 306*7c478bd9Sstevel@tonic-gate (void) sprintf(uidp, "%ld", (long)uid); 307*7c478bd9Sstevel@tonic-gate return (uidp); 308*7c478bd9Sstevel@tonic-gate } else 309*7c478bd9Sstevel@tonic-gate return (passwdp->pw_name); 310*7c478bd9Sstevel@tonic-gate } 311*7c478bd9Sstevel@tonic-gate 312*7c478bd9Sstevel@tonic-gate static char * 313*7c478bd9Sstevel@tonic-gate prgname(gid_t gid) 314*7c478bd9Sstevel@tonic-gate { 315*7c478bd9Sstevel@tonic-gate struct group *groupp; 316*7c478bd9Sstevel@tonic-gate static char gidp[10]; /* big enough */ 317*7c478bd9Sstevel@tonic-gate 318*7c478bd9Sstevel@tonic-gate groupp = getgrgid(gid); 319*7c478bd9Sstevel@tonic-gate if (groupp == (struct group *) NULL) { 320*7c478bd9Sstevel@tonic-gate /* could not get group information: display gid instead */ 321*7c478bd9Sstevel@tonic-gate (void) sprintf(gidp, "%ld", (long)gid); 322*7c478bd9Sstevel@tonic-gate return (gidp); 323*7c478bd9Sstevel@tonic-gate } else 324*7c478bd9Sstevel@tonic-gate return (groupp->gr_name); 325*7c478bd9Sstevel@tonic-gate } 326*7c478bd9Sstevel@tonic-gate 327*7c478bd9Sstevel@tonic-gate static void 328*7c478bd9Sstevel@tonic-gate usage() 329*7c478bd9Sstevel@tonic-gate { 330*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 331*7c478bd9Sstevel@tonic-gate gettext("usage: getfacl [-ad] file ... \n")); 332*7c478bd9Sstevel@tonic-gate exit(1); 333*7c478bd9Sstevel@tonic-gate } 334