[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] Basic support for checking NFSv4 ACLs in Linux
From: |
Ondrej Valousek |
Subject: |
[PATCH] Basic support for checking NFSv4 ACLs in Linux |
Date: |
Thu, 27 Oct 2022 11:34:01 +0200 |
---
lib/file-has-acl.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
index e02f0626a..a6144e52e 100644
--- a/lib/file-has-acl.c
+++ b/lib/file-has-acl.c
@@ -32,6 +32,10 @@
#if GETXATTR_WITH_POSIX_ACLS
# include <sys/xattr.h>
# include <linux/xattr.h>
+# include <arpa/inet.h>
+#ifndef XATTR_NAME_NFSV4_ACL
+#define XATTR_NAME_NFSV4_ACL "system.nfs4_acl"
+#endif
#endif
/* Return 1 if NAME has a nontrivial access control list,
@@ -67,6 +71,26 @@ file_has_acl (char const *name, struct stat const *sb)
return 1;
}
+ if (ret < 0) { /* we might be on NFS, so try to check NFSv4 ACLs too */
+ ret = getxattr (name, XATTR_NAME_NFSV4_ACL, NULL, 0);
+ if (ret < 0 && errno == ENODATA)
+ ret = 0;
+ else if (ret > 0) {
+ char *xattr;
+ xattr = malloc(ret);
+ if (!xattr) {
+ ret = -1;
+ } else {
+ ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr, ret);
+ if (ret < 0) ret = -1;
+ else {
+ u_int32_t num_aces =
(u_int32_t)ntohl(*((u_int32_t*)(xattr))); /* Grab the number of aces in the acl
*/
+ ret = num_aces > 3;
+ }
+ free(xattr);
+ }
+ }
+ }
if (ret < 0)
return - acl_errno_valid (errno);
return ret;
--
2.37.3
- [PATCH] Basic support for checking NFSv4 ACLs in Linux,
Ondrej Valousek <=