1 /* Extract files from a tar archive.
3 Copyright 1988, 1992-1994, 1996-2001, 2003-2007, 2010, 2012-2014,
4 2016 Free Software Foundation, Inc.
6 This file is part of GNU tar.
8 GNU tar is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 GNU tar is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 Written by John Gilmore, on 1985-11-19. */
32 static bool we_are_root; /* true if our effective uid == 0 */
33 static mode_t newdir_umask; /* umask when creating new directories */
34 static mode_t current_umask; /* current umask (which is set to 0 if -p) */
36 #define ALL_MODE_BITS ((mode_t) ~ (mode_t) 0)
38 #if ! HAVE_FCHMOD && ! defined fchmod
39 # define fchmod(fd, mode) (errno = ENOSYS, -1)
41 #if ! HAVE_FCHOWN && ! defined fchown
42 # define fchown(fd, uid, gid) (errno = ENOSYS, -1)
45 /* Return true if an error number ERR means the system call is
46 supported in this case. */
50 return ! (err == ENOSYS
52 || (EOPNOTSUPP != ENOTSUP && err == EOPNOTSUPP));
55 /* List of directories whose statuses we need to extract after we've
56 finished extracting their subsidiary files. If you consider each
57 contiguous subsequence of elements of the form [D]?[^D]*, where [D]
58 represents an element where AFTER_LINKS is nonzero and [^D]
59 represents an element where AFTER_LINKS is zero, then the head
60 of the subsequence has the longest name, and each non-head element
61 in the prefix is an ancestor (in the directory hierarchy) of the
64 struct delayed_set_stat
66 /* Next directory in list. */
67 struct delayed_set_stat *next;
69 /* Metadata for this directory. */
72 mode_t mode; /* The desired mode is MODE & ~ current_umask. */
75 struct timespec atime;
76 struct timespec mtime;
78 /* An estimate of the directory's current mode, along with a mask
79 specifying which bits of this estimate are known to be correct.
80 If CURRENT_MODE_MASK is zero, CURRENT_MODE's value doesn't
83 mode_t current_mode_mask;
85 /* This directory is an intermediate directory that was created
86 as an ancestor of some other directory; it was not mentioned
87 in the archive, so do not set its uid, gid, atime, or mtime,
88 and don't alter its mode outside of MODE_RWX. */
91 /* Whether symbolic links should be followed when accessing the
95 /* Do not set the status of this directory until after delayed
99 /* Directory that the name is relative to. */
102 /* extended attributes*/
108 size_t xattr_map_size;
109 struct xattr_array *xattr_map;
110 /* Length and contents of name. */
111 size_t file_name_len;
115 static struct delayed_set_stat *delayed_set_stat_head;
117 /* List of links whose creation we have delayed. */
120 /* The next delayed link in the list. */
121 struct delayed_link *next;
123 /* The device, inode number and birthtime of the placeholder.
124 birthtime.tv_nsec is negative if the birthtime is not available.
125 Don't use mtime as this would allow for false matches if some
126 other process removes the placeholder. Don't use ctime as
127 this would cause race conditions and other screwups, e.g.,
128 when restoring hard-linked symlinks. */
131 struct timespec birthtime;
133 /* True if the link is symbolic. */
136 /* The desired metadata, valid only the link is symbolic. */
140 struct timespec atime;
141 struct timespec mtime;
143 /* The directory that the sources and target are relative to. */
146 /* A list of sources for this link. The sources are all to be
147 hard-linked together. */
148 struct string_list *sources;
150 /* SELinux context */
159 size_t xattr_map_size;
160 struct xattr_array *xattr_map;
162 /* The desired target of the desired link. */
166 static struct delayed_link *delayed_link_head;
170 struct string_list *next;
174 /* Set up to extract files. */
178 we_are_root = geteuid () == ROOT_UID;
179 same_permissions_option += we_are_root;
180 same_owner_option += we_are_root;
182 /* Option -p clears the kernel umask, so it does not affect proper
183 restoration of file permissions. New intermediate directories will
184 comply with umask at start of program. */
186 newdir_umask = umask (0);
187 if (0 < same_permissions_option)
191 umask (newdir_umask); /* restore the kernel umask */
192 current_umask = newdir_umask;
196 /* Use fchmod if possible, fchmodat otherwise. */
198 fd_chmod (int fd, char const *file, mode_t mode, int atflag)
202 int result = fchmod (fd, mode);
203 if (result == 0 || implemented (errno))
206 return fchmodat (chdir_fd, file, mode, atflag);
209 /* Use fchown if possible, fchownat otherwise. */
211 fd_chown (int fd, char const *file, uid_t uid, gid_t gid, int atflag)
215 int result = fchown (fd, uid, gid);
216 if (result == 0 || implemented (errno))
219 return fchownat (chdir_fd, file, uid, gid, atflag);
222 /* Use fstat if possible, fstatat otherwise. */
224 fd_stat (int fd, char const *file, struct stat *st, int atflag)
228 : fstatat (chdir_fd, file, st, atflag));
231 /* Set the mode for FILE_NAME to MODE.
232 MODE_MASK specifies the bits of MODE that we care about;
233 thus if MODE_MASK is zero, do nothing.
234 If FD is nonnegative, it is a file descriptor for the file.
235 CURRENT_MODE and CURRENT_MODE_MASK specify information known about
236 the file's current mode, using the style of struct delayed_set_stat.
237 TYPEFLAG specifies the type of the file.
238 ATFLAG specifies the flag to use when statting the file. */
240 set_mode (char const *file_name,
241 mode_t mode, mode_t mode_mask, int fd,
242 mode_t current_mode, mode_t current_mode_mask,
243 char typeflag, int atflag)
245 if (((current_mode ^ mode) | ~ current_mode_mask) & mode_mask)
247 if (MODE_ALL & ~ mode_mask & ~ current_mode_mask)
250 if (fd_stat (fd, file_name, &st, atflag) != 0)
252 stat_error (file_name);
255 current_mode = st.st_mode;
258 current_mode &= MODE_ALL;
259 mode = (current_mode & ~ mode_mask) | (mode & mode_mask);
261 if (current_mode != mode)
264 fd_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
266 /* On Solaris, chmod may fail if we don't have PRIV_ALL, because
267 setuid-root files would otherwise be a backdoor. See
268 http://opensolaris.org/jive/thread.jspa?threadID=95826
270 if (chmod_errno == EPERM && (mode & S_ISUID)
271 && priv_set_restore_linkdir () == 0)
274 fd_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
275 priv_set_remove_linkdir ();
278 /* Linux fchmodat does not support AT_SYMLINK_NOFOLLOW, and
279 returns ENOTSUP even when operating on non-symlinks, try
280 again with the flag disabled if it does not appear to be
281 supported and if the file is not a symlink. This
282 introduces a race, alas. */
283 if (atflag && typeflag != SYMTYPE && ! implemented (chmod_errno))
284 chmod_errno = fd_chmod (fd, file_name, mode, 0) == 0 ? 0 : errno;
287 && (typeflag != SYMTYPE || implemented (chmod_errno)))
290 chmod_error_details (file_name, mode);
296 /* Check time after successfully setting FILE_NAME's time stamp to T. */
298 check_time (char const *file_name, struct timespec t)
301 WARNOPT (WARN_TIMESTAMP,
302 (0, 0, _("%s: implausibly old time stamp %s"),
303 file_name, tartime (t, true)));
304 else if (timespec_cmp (volume_start_time, t) < 0)
308 if (timespec_cmp (now, t) < 0)
310 char buf[TIMESPEC_STRSIZE_BOUND];
311 struct timespec diff;
312 diff.tv_sec = t.tv_sec - now.tv_sec;
313 diff.tv_nsec = t.tv_nsec - now.tv_nsec;
314 if (diff.tv_nsec < 0)
316 diff.tv_nsec += BILLION;
319 WARNOPT (WARN_TIMESTAMP,
320 (0, 0, _("%s: time stamp %s is %s s in the future"),
321 file_name, tartime (t, true), code_timespec (diff, buf)));
326 /* Restore stat attributes (owner, group, mode and times) for
327 FILE_NAME, using information given in *ST.
328 If FD is nonnegative, it is a file descriptor for the file.
329 CURRENT_MODE and CURRENT_MODE_MASK specify information known about
330 the file's current mode, using the style of struct delayed_set_stat.
331 TYPEFLAG specifies the type of the file.
332 If INTERDIR, this is an intermediate directory.
333 ATFLAG specifies the flag to use when statting the file. */
336 set_stat (char const *file_name,
337 struct tar_stat_info const *st,
338 int fd, mode_t current_mode, mode_t current_mode_mask,
339 char typeflag, bool interdir, int atflag)
341 /* Do the utime before the chmod because some versions of utime are
342 broken and trash the modes of the file. */
344 if (! touch_option && ! interdir)
346 struct timespec ts[2];
347 if (incremental_option)
350 ts[0].tv_nsec = UTIME_OMIT;
353 if (fdutimensat (fd, chdir_fd, file_name, ts, atflag) == 0)
355 if (incremental_option)
356 check_time (file_name, ts[0]);
357 check_time (file_name, ts[1]);
359 else if (typeflag != SYMTYPE || implemented (errno))
360 utime_error (file_name);
363 if (0 < same_owner_option && ! interdir)
365 /* Some systems allow non-root users to give files away. Once this
366 done, it is not possible anymore to change file permissions.
367 However, setting file permissions now would be incorrect, since
368 they would apply to the wrong user, and there would be a race
369 condition. So, don't use systems that allow non-root users to
371 uid_t uid = st->stat.st_uid;
372 gid_t gid = st->stat.st_gid;
374 if (fd_chown (fd, file_name, uid, gid, atflag) == 0)
376 /* Changing the owner can clear st_mode bits in some cases. */
377 if ((current_mode | ~ current_mode_mask) & S_IXUGO)
378 current_mode_mask &= ~ (current_mode & (S_ISUID | S_ISGID));
380 else if (typeflag != SYMTYPE || implemented (errno))
381 chown_error_details (file_name, uid, gid);
385 st->stat.st_mode & ~ current_umask,
386 0 < same_permissions_option && ! interdir ? MODE_ALL : MODE_RWX,
387 fd, current_mode, current_mode_mask, typeflag, atflag);
389 /* these three calls must be done *after* fd_chown() call because fd_chown
390 causes that linux capabilities becomes cleared. */
391 xattrs_xattrs_set (st, file_name, typeflag, 1);
392 xattrs_acls_set (st, file_name, typeflag);
393 xattrs_selinux_set (st, file_name, typeflag);
396 /* For each entry H in the leading prefix of entries in HEAD that do
397 not have after_links marked, mark H and fill in its dev and ino
398 members. Assume HEAD && ! HEAD->after_links. */
400 mark_after_links (struct delayed_set_stat *head)
402 struct delayed_set_stat *h = head;
409 if (deref_stat (h->file_name, &st) != 0)
410 stat_error (h->file_name);
417 while ((h = h->next) && ! h->after_links);
420 /* Remember to restore stat attributes (owner, group, mode and times)
421 for the directory FILE_NAME, using information given in *ST,
422 once we stop extracting files into that directory.
424 If ST is null, merely create a placeholder node for an intermediate
425 directory that was created by make_directories.
427 NOTICE: this works only if the archive has usual member order, i.e.
428 directory, then the files in that directory. Incremental archive have
429 somewhat reversed order: first go subdirectories, then all other
430 members. To help cope with this case the variable
431 delay_directory_restore_option is set by prepare_to_extract.
433 If an archive was explicitely created so that its member order is
434 reversed, some directory timestamps can be restored incorrectly,
436 tar --no-recursion -cf archive dir dir/file1 foo dir/file2
439 delay_set_stat (char const *file_name, struct tar_stat_info const *st,
440 mode_t current_mode, mode_t current_mode_mask,
441 mode_t mode, int atflag)
443 size_t file_name_len = strlen (file_name);
444 struct delayed_set_stat *data = xmalloc (sizeof (*data));
445 data->next = delayed_set_stat_head;
449 data->dev = st->stat.st_dev;
450 data->ino = st->stat.st_ino;
451 data->uid = st->stat.st_uid;
452 data->gid = st->stat.st_gid;
453 data->atime = st->atime;
454 data->mtime = st->mtime;
456 data->file_name_len = file_name_len;
457 data->file_name = xstrdup (file_name);
458 data->current_mode = current_mode;
459 data->current_mode_mask = current_mode_mask;
460 data->interdir = ! st;
461 data->atflag = atflag;
462 data->after_links = 0;
463 data->change_dir = chdir_current;
464 data->cntx_name = NULL;
466 assign_string (&data->cntx_name, st->cntx_name);
467 if (st && st->acls_a_ptr)
469 data->acls_a_ptr = xmemdup (st->acls_a_ptr, st->acls_a_len + 1);
470 data->acls_a_len = st->acls_a_len;
474 data->acls_a_ptr = NULL;
475 data->acls_a_len = 0;
477 if (st && st->acls_d_ptr)
479 data->acls_d_ptr = xmemdup (st->acls_d_ptr, st->acls_d_len + 1);
480 data->acls_d_len = st->acls_d_len;
484 data->acls_d_ptr = NULL;
485 data->acls_d_len = 0;
488 xheader_xattr_copy (st, &data->xattr_map, &data->xattr_map_size);
491 data->xattr_map = NULL;
492 data->xattr_map_size = 0;
494 strcpy (data->file_name, file_name);
495 delayed_set_stat_head = data;
496 if (must_be_dot_or_slash (file_name))
497 mark_after_links (data);
500 /* Update the delayed_set_stat info for an intermediate directory
501 created within the file name of DIR. The intermediate directory turned
502 out to be the same as this directory, e.g. due to ".." or symbolic
503 links. *DIR_STAT_INFO is the status of the directory. */
505 repair_delayed_set_stat (char const *dir,
506 struct stat const *dir_stat_info)
508 struct delayed_set_stat *data;
509 for (data = delayed_set_stat_head; data; data = data->next)
512 if (fstatat (chdir_fd, data->file_name, &st, data->atflag) != 0)
514 stat_error (data->file_name);
518 if (st.st_dev == dir_stat_info->st_dev
519 && st.st_ino == dir_stat_info->st_ino)
521 data->dev = current_stat_info.stat.st_dev;
522 data->ino = current_stat_info.stat.st_ino;
523 data->mode = current_stat_info.stat.st_mode;
524 data->uid = current_stat_info.stat.st_uid;
525 data->gid = current_stat_info.stat.st_gid;
526 data->atime = current_stat_info.atime;
527 data->mtime = current_stat_info.mtime;
528 data->current_mode = st.st_mode;
529 data->current_mode_mask = ALL_MODE_BITS;
530 data->interdir = false;
535 ERROR ((0, 0, _("%s: Unexpected inconsistency when making directory"),
536 quotearg_colon (dir)));
540 free_delayed_set_stat (struct delayed_set_stat *data)
542 free (data->file_name);
543 xheader_xattr_free (data->xattr_map, data->xattr_map_size);
544 free (data->cntx_name);
545 free (data->acls_a_ptr);
546 free (data->acls_d_ptr);
551 remove_delayed_set_stat (const char *fname)
553 struct delayed_set_stat *data, *next, *prev = NULL;
554 for (data = delayed_set_stat_head; data; data = next)
557 if (chdir_current == data->change_dir
558 && strcmp (data->file_name, fname) == 0)
560 free_delayed_set_stat (data);
564 delayed_set_stat_head = next;
573 fixup_delayed_set_stat (char const *src, char const *dst)
575 struct delayed_set_stat *data;
576 for (data = delayed_set_stat_head; data; data = data->next)
578 if (chdir_current == data->change_dir
579 && strcmp (data->file_name, src) == 0)
581 free (data->file_name);
582 data->file_name = xstrdup (dst);
583 data->file_name_len = strlen (dst);
589 /* After a file/link/directory creation has failed, see if
590 it's because some required directory was not present, and if so,
591 create all required directories. Return zero if all the required
592 directories were created, nonzero (issuing a diagnostic) otherwise.
593 Set *INTERDIR_MADE if at least one directory was created. */
595 make_directories (char *file_name, bool *interdir_made)
597 char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
598 char *cursor; /* points into the file name */
600 for (cursor = cursor0; *cursor; cursor++)
606 if (! ISSLASH (*cursor))
609 /* Avoid mkdir of empty string, if leading or double '/'. */
611 if (cursor == cursor0 || ISSLASH (cursor[-1]))
614 /* Avoid mkdir where last part of file name is "." or "..". */
616 if (cursor[-1] == '.'
617 && (cursor == cursor0 + 1 || ISSLASH (cursor[-2])
618 || (cursor[-2] == '.'
619 && (cursor == cursor0 + 2 || ISSLASH (cursor[-3])))))
622 *cursor = '\0'; /* truncate the name there */
623 desired_mode = MODE_RWX & ~ newdir_umask;
624 mode = desired_mode | (we_are_root ? 0 : MODE_WXUSR);
625 status = mkdirat (chdir_fd, file_name, mode);
629 /* Create a struct delayed_set_stat even if
630 mode == desired_mode, because
631 repair_delayed_set_stat may need to update the struct. */
632 delay_set_stat (file_name,
633 0, mode & ~ current_umask, MODE_RWX,
634 desired_mode, AT_SYMLINK_NOFOLLOW);
636 print_for_mkdir (file_name, cursor - file_name, desired_mode);
637 *interdir_made = true;
639 else if (errno == EEXIST)
643 /* Check whether the desired file exists. Even when the
644 file exists, mkdir can fail with some errno value E other
645 than EEXIST, so long as E describes an error condition
646 that also applies. */
649 status = fstatat (chdir_fd, file_name, &st, 0);
653 mkdir_error (file_name);
665 /* Return true if FILE_NAME (with status *STP, if STP) is not a
666 directory, and has a time stamp newer than (or equal to) that of
669 file_newer_p (const char *file_name, struct stat const *stp,
670 struct tar_stat_info *tar_stat)
676 if (deref_stat (file_name, &st) != 0)
680 stat_warn (file_name);
681 /* Be safer: if the file exists, assume it is newer. */
689 return (! S_ISDIR (stp->st_mode)
690 && tar_timespec_cmp (tar_stat->mtime, get_stat_mtime (stp)) <= 0);
695 #define RECOVER_SKIP 2
697 /* Attempt repairing what went wrong with the extraction. Delete an
698 already existing file or create missing intermediate directories.
699 Return RECOVER_OK if we somewhat increased our chances at a successful
700 extraction, RECOVER_NO if there are no chances, and RECOVER_SKIP if the
701 caller should skip extraction of that member. The value of errno is
702 properly restored on returning RECOVER_NO.
704 If REGULAR, the caller was trying to extract onto a regular file.
706 Set *INTERDIR_MADE if an intermediate directory is made as part of
707 the recovery process. */
710 maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
714 struct stat const *stp = 0;
723 /* With open ("symlink", O_NOFOLLOW|...), POSIX says errno == ELOOP,
724 but some operating systems do not conform to the standard. */
726 /* NetBSD uses errno == EFTYPE; see <http://gnats.netbsd.org/43154>. */
729 /* FreeBSD 8.1 uses errno == EMLINK. */
731 /* Tru64 5.1B uses errno == ENOTSUP. */
735 || old_files_option != OVERWRITE_OLD_FILES || dereference_option)
737 if (strchr (file_name, '/'))
739 if (deref_stat (file_name, &st) != 0)
744 /* The caller tried to open a symbolic link with O_NOFOLLOW.
745 Fall through, treating it as an already-existing file. */
748 /* Remove an old file, if the options allow this. */
750 switch (old_files_option)
753 WARNOPT (WARN_EXISTING_FILE,
754 (0, 0, _("%s: skipping existing file"), file_name));
760 case KEEP_NEWER_FILES:
761 if (file_newer_p (file_name, stp, ¤t_stat_info))
765 case DEFAULT_OLD_FILES:
766 case NO_OVERWRITE_DIR_OLD_FILES:
767 case OVERWRITE_OLD_FILES:
768 if (0 < remove_any_file (file_name, ORDINARY_REMOVE_OPTION))
772 case UNLINK_FIRST_OLD_FILES:
777 /* Attempt creating missing intermediate directories. */
778 if (make_directories (file_name, interdir_made) == 0 && *interdir_made)
783 /* Just say we can't do anything about it... */
791 /* Restore stat extended attributes (xattr) for FILE_NAME, using information
792 given in *ST. Restore before extraction because they may affect file layout
793 (e.g. on Lustre distributed parallel filesystem - setting info about how many
794 servers is this file striped over, stripe size, mirror copies, etc.
795 in advance dramatically improves the following performance of reading and
796 writing a file). If not restoring permissions, invert the INVERT_PERMISSIONS
797 bits from the file's current permissions. TYPEFLAG specifies the type of the
798 file. FILE_CREATED indicates set_xattr has created the file */
800 set_xattr (char const *file_name, struct tar_stat_info const *st,
801 mode_t invert_permissions, char typeflag, int *file_created)
806 bool interdir_made = false;
808 if ((xattrs_option > 0) && st->xattr_map_size)
810 mode_t mode = current_stat_info.stat.st_mode & MODE_RWX & ~ current_umask;
813 status = mknodat (chdir_fd, file_name, mode ^ invert_permissions, 0);
814 while (status && maybe_recoverable ((char *)file_name, false,
817 xattrs_xattrs_set (st, file_name, typeflag, 0);
825 /* Fix the statuses of all directories whose statuses need fixing, and
826 which are not ancestors of FILE_NAME. If AFTER_LINKS is
827 nonzero, do this for all such directories; otherwise, stop at the
828 first directory that is marked to be fixed up only after delayed
829 links are applied. */
831 apply_nonancestor_delayed_set_stat (char const *file_name, bool after_links)
833 size_t file_name_len = strlen (file_name);
834 bool check_for_renamed_directories = 0;
836 while (delayed_set_stat_head)
838 struct delayed_set_stat *data = delayed_set_stat_head;
839 bool skip_this_one = 0;
841 mode_t current_mode = data->current_mode;
842 mode_t current_mode_mask = data->current_mode_mask;
844 check_for_renamed_directories |= data->after_links;
846 if (after_links < data->after_links
847 || (data->file_name_len < file_name_len
848 && file_name[data->file_name_len]
849 && (ISSLASH (file_name[data->file_name_len])
850 || ISSLASH (file_name[data->file_name_len - 1]))
851 && memcmp (file_name, data->file_name, data->file_name_len) == 0))
854 chdir_do (data->change_dir);
856 if (check_for_renamed_directories)
858 if (fstatat (chdir_fd, data->file_name, &st, data->atflag) != 0)
860 stat_error (data->file_name);
865 current_mode = st.st_mode;
866 current_mode_mask = ALL_MODE_BITS;
867 if (! (st.st_dev == data->dev && st.st_ino == data->ino))
870 _("%s: Directory renamed before its status could be extracted"),
871 quotearg_colon (data->file_name)));
879 struct tar_stat_info sb;
880 sb.stat.st_mode = data->mode;
881 sb.stat.st_uid = data->uid;
882 sb.stat.st_gid = data->gid;
883 sb.atime = data->atime;
884 sb.mtime = data->mtime;
885 sb.cntx_name = data->cntx_name;
886 sb.acls_a_ptr = data->acls_a_ptr;
887 sb.acls_a_len = data->acls_a_len;
888 sb.acls_d_ptr = data->acls_d_ptr;
889 sb.acls_d_len = data->acls_d_len;
890 sb.xattr_map = data->xattr_map;
891 sb.xattr_map_size = data->xattr_map_size;
892 set_stat (data->file_name, &sb,
893 -1, current_mode, current_mode_mask,
894 DIRTYPE, data->interdir, data->atflag);
897 delayed_set_stat_head = data->next;
898 free_delayed_set_stat (data);
904 is_directory_link (const char *file_name)
910 res = (fstatat (chdir_fd, file_name, &st, AT_SYMLINK_NOFOLLOW) == 0 &&
911 S_ISLNK (st.st_mode) &&
912 fstatat (chdir_fd, file_name, &st, 0) == 0 &&
913 S_ISDIR (st.st_mode));
918 /* Extractor functions for various member types */
921 extract_dir (char *file_name, int typeflag)
925 mode_t current_mode = 0;
926 mode_t current_mode_mask = 0;
928 bool interdir_made = false;
930 /* Save 'root device' to avoid purging mount points. */
931 if (one_file_system_option && root_device == 0)
935 if (fstatat (chdir_fd, ".", &st, 0) != 0)
938 root_device = st.st_dev;
941 if (incremental_option)
942 /* Read the entry and delete files that aren't listed in the archive. */
943 purge_directory (file_name);
944 else if (typeflag == GNUTYPE_DUMPDIR)
947 /* If ownership or permissions will be restored later, create the
948 directory with restrictive permissions at first, so that in the
949 meantime processes owned by other users do not inadvertently
950 create files under this directory that inherit the wrong owner,
951 group, or permissions from the directory. If not root, though,
952 make the directory writeable and searchable at first, so that
953 files can be created under it. */
954 mode = ((current_stat_info.stat.st_mode
955 & (0 < same_owner_option || 0 < same_permissions_option
958 | (we_are_root ? 0 : MODE_WXUSR));
962 status = mkdirat (chdir_fd, file_name, mode);
965 current_mode = mode & ~ current_umask;
966 current_mode_mask = MODE_RWX;
967 atflag = AT_SYMLINK_NOFOLLOW;
973 || keep_directory_symlink_option
974 || old_files_option == DEFAULT_OLD_FILES
975 || old_files_option == OVERWRITE_OLD_FILES))
979 if (keep_directory_symlink_option && is_directory_link (file_name))
982 if (deref_stat (file_name, &st) == 0)
984 current_mode = st.st_mode;
985 current_mode_mask = ALL_MODE_BITS;
987 if (S_ISDIR (current_mode))
991 repair_delayed_set_stat (file_name, &st);
1000 switch (maybe_recoverable (file_name, false, &interdir_made))
1009 if (errno != EEXIST)
1011 mkdir_error (file_name);
1020 || old_files_option == DEFAULT_OLD_FILES
1021 || old_files_option == OVERWRITE_OLD_FILES)
1022 delay_set_stat (file_name, ¤t_stat_info,
1023 current_mode, current_mode_mask,
1024 current_stat_info.stat.st_mode, atflag);
1031 open_output_file (char const *file_name, int typeflag, mode_t mode,
1032 int file_created, mode_t *current_mode,
1033 mode_t *current_mode_mask)
1036 bool overwriting_old_files = old_files_option == OVERWRITE_OLD_FILES;
1037 int openflag = (O_WRONLY | O_BINARY | O_CLOEXEC | O_NOCTTY | O_NONBLOCK
1039 | (overwriting_old_files
1040 ? O_TRUNC | (dereference_option ? 0 : O_NOFOLLOW)
1043 /* File might be created in set_xattr. So clear O_EXCL to avoid open() fail */
1045 openflag = openflag & ~O_EXCL;
1047 if (typeflag == CONTTYPE)
1049 static int conttype_diagnosed;
1051 if (!conttype_diagnosed)
1053 conttype_diagnosed = 1;
1054 WARNOPT (WARN_CONTIGUOUS_CAST,
1055 (0, 0, _("Extracting contiguous files as regular files")));
1059 /* If O_NOFOLLOW is needed but does not work, check for a symlink
1060 separately. There's a race condition, but that cannot be avoided
1061 on hosts lacking O_NOFOLLOW. */
1062 if (! HAVE_WORKING_O_NOFOLLOW
1063 && overwriting_old_files && ! dereference_option)
1066 if (fstatat (chdir_fd, file_name, &st, AT_SYMLINK_NOFOLLOW) == 0
1067 && S_ISLNK (st.st_mode))
1074 fd = openat (chdir_fd, file_name, openflag, mode);
1077 if (overwriting_old_files)
1080 if (fstat (fd, &st) != 0)
1087 if (! S_ISREG (st.st_mode))
1093 *current_mode = st.st_mode;
1094 *current_mode_mask = ALL_MODE_BITS;
1098 *current_mode = mode & ~ current_umask;
1099 *current_mode_mask = MODE_RWX;
1107 extract_file (char *file_name, int typeflag)
1111 union block *data_block;
1115 bool interdir_made = false;
1116 mode_t mode = (current_stat_info.stat.st_mode & MODE_RWX
1117 & ~ (0 < same_owner_option ? S_IRWXG | S_IRWXO : 0));
1118 mode_t invert_permissions = 0 < same_owner_option ? mode & (S_IRWXG | S_IRWXO)
1120 mode_t current_mode = 0;
1121 mode_t current_mode_mask = 0;
1123 if (to_stdout_option)
1125 else if (to_command_option)
1127 fd = sys_exec_command (file_name, 'f', ¤t_stat_info);
1136 int file_created = 0;
1137 if (set_xattr (file_name, ¤t_stat_info, invert_permissions,
1138 typeflag, &file_created))
1141 open_error (file_name);
1145 while ((fd = open_output_file (file_name, typeflag, mode,
1146 file_created, ¤t_mode,
1147 ¤t_mode_mask))
1150 int recover = maybe_recoverable (file_name, true, &interdir_made);
1151 if (recover != RECOVER_OK)
1154 if (recover == RECOVER_SKIP)
1156 open_error (file_name);
1162 mv_begin_read (¤t_stat_info);
1163 if (current_stat_info.is_sparse)
1164 sparse_extract_file (fd, ¤t_stat_info, &size);
1166 for (size = current_stat_info.stat.st_size; size > 0; )
1168 mv_size_left (size);
1170 /* Locate data, determine max length writeable, write it,
1171 block that we have used the data, then check if the write
1174 data_block = find_next_block ();
1177 ERROR ((0, 0, _("Unexpected EOF in archive")));
1178 break; /* FIXME: What happens, then? */
1181 written = available_space_after (data_block);
1186 count = blocking_write (fd, data_block->buffer, written);
1189 set_next_block_after ((union block *)
1190 (data_block->buffer + written - 1));
1191 if (count != written)
1193 if (!to_command_option)
1194 write_error_details (file_name, count, written);
1195 /* FIXME: shouldn't we restore from backup? */
1204 /* If writing to stdout, don't try to do anything to the filename;
1205 it doesn't exist, or we don't want to touch it anyway. */
1207 if (to_stdout_option)
1210 if (! to_command_option)
1211 set_stat (file_name, ¤t_stat_info, fd,
1212 current_mode, current_mode_mask, typeflag, false,
1213 (old_files_option == OVERWRITE_OLD_FILES
1214 ? 0 : AT_SYMLINK_NOFOLLOW));
1216 status = close (fd);
1218 close_error (file_name);
1220 if (to_command_option)
1221 sys_wait_command ();
1226 /* Create a placeholder file with name FILE_NAME, which will be
1227 replaced after other extraction is done by a symbolic link if
1228 IS_SYMLINK is true, and by a hard link otherwise. Set
1229 *INTERDIR_MADE if an intermediate directory is made in the
1233 create_placeholder_file (char *file_name, bool is_symlink, bool *interdir_made)
1238 while ((fd = openat (chdir_fd, file_name, O_WRONLY | O_CREAT | O_EXCL, 0)) < 0)
1240 switch (maybe_recoverable (file_name, false, interdir_made))
1249 open_error (file_name);
1254 if (fstat (fd, &st) != 0)
1256 stat_error (file_name);
1259 else if (close (fd) != 0)
1260 close_error (file_name);
1263 struct delayed_set_stat *h;
1264 struct delayed_link *p =
1265 xmalloc (offsetof (struct delayed_link, target)
1266 + strlen (current_stat_info.link_name)
1268 p->next = delayed_link_head;
1269 delayed_link_head = p;
1272 p->birthtime = get_stat_birthtime (&st);
1273 p->is_symlink = is_symlink;
1276 p->mode = current_stat_info.stat.st_mode;
1277 p->uid = current_stat_info.stat.st_uid;
1278 p->gid = current_stat_info.stat.st_gid;
1279 p->atime = current_stat_info.atime;
1280 p->mtime = current_stat_info.mtime;
1282 p->change_dir = chdir_current;
1283 p->sources = xmalloc (offsetof (struct string_list, string)
1284 + strlen (file_name) + 1);
1285 p->sources->next = 0;
1286 strcpy (p->sources->string, file_name);
1287 p->cntx_name = NULL;
1288 assign_string (&p->cntx_name, current_stat_info.cntx_name);
1289 p->acls_a_ptr = NULL;
1291 p->acls_d_ptr = NULL;
1293 xheader_xattr_copy (¤t_stat_info, &p->xattr_map, &p->xattr_map_size);
1294 strcpy (p->target, current_stat_info.link_name);
1296 h = delayed_set_stat_head;
1297 if (h && ! h->after_links
1298 && strncmp (file_name, h->file_name, h->file_name_len) == 0
1299 && ISSLASH (file_name[h->file_name_len])
1300 && (last_component (file_name) == file_name + h->file_name_len + 1))
1301 mark_after_links (h);
1310 extract_link (char *file_name, int typeflag)
1312 bool interdir_made = false;
1313 char const *link_name;
1316 link_name = current_stat_info.link_name;
1318 if (! absolute_names_option && contains_dot_dot (link_name))
1319 return create_placeholder_file (file_name, false, &interdir_made);
1323 struct stat st1, st2;
1325 int status = linkat (chdir_fd, link_name, chdir_fd, file_name, 0);
1330 struct delayed_link *ds = delayed_link_head;
1332 && fstatat (chdir_fd, link_name, &st1, AT_SYMLINK_NOFOLLOW) == 0)
1333 for (; ds; ds = ds->next)
1334 if (ds->change_dir == chdir_current
1335 && ds->dev == st1.st_dev
1336 && ds->ino == st1.st_ino
1337 && (timespec_cmp (ds->birthtime, get_stat_birthtime (&st1))
1340 struct string_list *p = xmalloc (offsetof (struct string_list, string)
1341 + strlen (file_name) + 1);
1342 strcpy (p->string, file_name);
1343 p->next = ds->sources;
1349 else if ((e == EEXIST && strcmp (link_name, file_name) == 0)
1350 || ((fstatat (chdir_fd, link_name, &st1, AT_SYMLINK_NOFOLLOW)
1352 && (fstatat (chdir_fd, file_name, &st2, AT_SYMLINK_NOFOLLOW)
1354 && st1.st_dev == st2.st_dev
1355 && st1.st_ino == st2.st_ino))
1360 while ((rc = maybe_recoverable (file_name, false, &interdir_made))
1363 if (rc == RECOVER_SKIP)
1365 if (!(incremental_option && errno == EEXIST))
1367 link_error (link_name, file_name);
1374 extract_symlink (char *file_name, int typeflag)
1377 bool interdir_made = false;
1379 if (! absolute_names_option
1380 && (IS_ABSOLUTE_FILE_NAME (current_stat_info.link_name)
1381 || contains_dot_dot (current_stat_info.link_name)))
1382 return create_placeholder_file (file_name, true, &interdir_made);
1384 while (symlinkat (current_stat_info.link_name, chdir_fd, file_name) != 0)
1385 switch (maybe_recoverable (file_name, false, &interdir_made))
1394 symlink_error (current_stat_info.link_name, file_name);
1398 set_stat (file_name, ¤t_stat_info, -1, 0, 0,
1399 SYMTYPE, false, AT_SYMLINK_NOFOLLOW);
1403 static int warned_once;
1408 WARNOPT (WARN_SYMLINK_CAST,
1410 _("Attempting extraction of symbolic links as hard links")));
1412 return extract_link (file_name, typeflag);
1416 #if S_IFCHR || S_IFBLK
1418 extract_node (char *file_name, int typeflag)
1420 bool interdir_made = false;
1421 mode_t mode = (current_stat_info.stat.st_mode & (MODE_RWX | S_IFBLK | S_IFCHR)
1422 & ~ (0 < same_owner_option ? S_IRWXG | S_IRWXO : 0));
1424 while (mknodat (chdir_fd, file_name, mode, current_stat_info.stat.st_rdev)
1426 switch (maybe_recoverable (file_name, false, &interdir_made))
1435 mknod_error (file_name);
1439 set_stat (file_name, ¤t_stat_info, -1,
1440 mode & ~ current_umask, MODE_RWX,
1441 typeflag, false, AT_SYMLINK_NOFOLLOW);
1446 #if HAVE_MKFIFO || defined mkfifo
1448 extract_fifo (char *file_name, int typeflag)
1450 bool interdir_made = false;
1451 mode_t mode = (current_stat_info.stat.st_mode & MODE_RWX
1452 & ~ (0 < same_owner_option ? S_IRWXG | S_IRWXO : 0));
1454 while (mkfifoat (chdir_fd, file_name, mode) != 0)
1455 switch (maybe_recoverable (file_name, false, &interdir_made))
1464 mkfifo_error (file_name);
1468 set_stat (file_name, ¤t_stat_info, -1,
1469 mode & ~ current_umask, MODE_RWX,
1470 typeflag, false, AT_SYMLINK_NOFOLLOW);
1476 extract_volhdr (char *file_name, int typeflag)
1483 extract_failure (char *file_name, int typeflag)
1489 extract_skip (char *file_name, int typeflag)
1495 typedef int (*tar_extractor_t) (char *file_name, int typeflag);
1499 /* Prepare to extract a file. Find extractor function.
1500 Return zero if extraction should not proceed. */
1503 prepare_to_extract (char const *file_name, int typeflag, tar_extractor_t *fun)
1507 if (EXTRACT_OVER_PIPE)
1510 /* Select the extractor */
1513 case GNUTYPE_SPARSE:
1514 *fun = extract_file;
1521 /* Appears to be a file. But BSD tar uses the convention that a slash
1522 suffix means a directory. */
1523 if (current_stat_info.had_trailing_slash)
1527 *fun = extract_file;
1533 *fun = extract_symlink;
1537 *fun = extract_link;
1542 current_stat_info.stat.st_mode |= S_IFCHR;
1543 *fun = extract_node;
1549 current_stat_info.stat.st_mode |= S_IFBLK;
1550 *fun = extract_node;
1554 #if HAVE_MKFIFO || defined mkfifo
1556 *fun = extract_fifo;
1561 case GNUTYPE_DUMPDIR:
1563 if (current_stat_info.is_dumpdir)
1564 delay_directory_restore_option = true;
1567 case GNUTYPE_VOLHDR:
1568 *fun = extract_volhdr;
1571 case GNUTYPE_MULTIVOL:
1573 _("%s: Cannot extract -- file is continued from another volume"),
1574 quotearg_colon (current_stat_info.file_name)));
1575 *fun = extract_skip;
1578 case GNUTYPE_LONGNAME:
1579 case GNUTYPE_LONGLINK:
1580 ERROR ((0, 0, _("Unexpected long name header")));
1581 *fun = extract_failure;
1585 WARNOPT (WARN_UNKNOWN_CAST,
1587 _("%s: Unknown file type '%c', extracted as normal file"),
1588 quotearg_colon (file_name), typeflag));
1589 *fun = extract_file;
1592 /* Determine whether the extraction should proceed */
1596 switch (old_files_option)
1598 case UNLINK_FIRST_OLD_FILES:
1599 if (!remove_any_file (file_name,
1600 recursive_unlink_option ? RECURSIVE_REMOVE_OPTION
1601 : ORDINARY_REMOVE_OPTION)
1602 && errno && errno != ENOENT)
1604 unlink_error (file_name);
1609 case KEEP_NEWER_FILES:
1610 if (file_newer_p (file_name, 0, ¤t_stat_info))
1612 WARNOPT (WARN_IGNORE_NEWER,
1613 (0, 0, _("Current %s is newer or same age"),
1614 quote (file_name)));
1626 /* Extract a file from the archive. */
1628 extract_archive (void)
1631 tar_extractor_t fun;
1633 fatal_exit_hook = extract_finish;
1635 set_next_block_after (current_header);
1637 if (!current_stat_info.file_name[0]
1638 || (interactive_option
1639 && !confirm ("extract", current_stat_info.file_name)))
1645 /* Print the block from current_header and current_stat. */
1647 print_header (¤t_stat_info, current_header, -1);
1649 /* Restore stats for all non-ancestor directories, unless
1650 it is an incremental archive.
1651 (see NOTICE in the comment to delay_set_stat above) */
1652 if (!delay_directory_restore_option)
1654 int dir = chdir_current;
1655 apply_nonancestor_delayed_set_stat (current_stat_info.file_name, 0);
1659 /* Take a safety backup of a previously existing file. */
1662 if (!maybe_backup_file (current_stat_info.file_name, 0))
1665 ERROR ((0, e, _("%s: Was unable to backup this file"),
1666 quotearg_colon (current_stat_info.file_name)));
1671 /* Extract the archive entry according to its type. */
1673 typeflag = sparse_member_p (¤t_stat_info) ?
1674 GNUTYPE_SPARSE : current_header->header.typeflag;
1676 if (prepare_to_extract (current_stat_info.file_name, typeflag, &fun))
1678 if (fun && (*fun) (current_stat_info.file_name, typeflag)
1680 undo_last_backup ();
1687 /* Extract the links whose final extraction were delayed. */
1689 apply_delayed_links (void)
1691 struct delayed_link *ds;
1693 for (ds = delayed_link_head; ds; )
1695 struct string_list *sources = ds->sources;
1696 char const *valid_source = 0;
1698 chdir_do (ds->change_dir);
1700 for (sources = ds->sources; sources; sources = sources->next)
1702 char const *source = sources->string;
1705 /* Make sure the placeholder file is still there. If not,
1706 don't create a link, as the placeholder was probably
1707 removed by a later extraction. */
1708 if (fstatat (chdir_fd, source, &st, AT_SYMLINK_NOFOLLOW) == 0
1709 && st.st_dev == ds->dev
1710 && st.st_ino == ds->ino
1711 && timespec_cmp (get_stat_birthtime (&st), ds->birthtime) == 0)
1713 /* Unlink the placeholder, then create a hard link if possible,
1714 a symbolic link otherwise. */
1715 if (unlinkat (chdir_fd, source, 0) != 0)
1716 unlink_error (source);
1717 else if (valid_source
1718 && (linkat (chdir_fd, valid_source, chdir_fd, source, 0)
1721 else if (!ds->is_symlink)
1723 if (linkat (chdir_fd, ds->target, chdir_fd, source, 0) != 0)
1724 link_error (ds->target, source);
1726 else if (symlinkat (ds->target, chdir_fd, source) != 0)
1727 symlink_error (ds->target, source);
1730 struct tar_stat_info st1;
1731 st1.stat.st_mode = ds->mode;
1732 st1.stat.st_uid = ds->uid;
1733 st1.stat.st_gid = ds->gid;
1734 st1.atime = ds->atime;
1735 st1.mtime = ds->mtime;
1736 st1.cntx_name = ds->cntx_name;
1737 st1.acls_a_ptr = ds->acls_a_ptr;
1738 st1.acls_a_len = ds->acls_a_len;
1739 st1.acls_d_ptr = ds->acls_d_ptr;
1740 st1.acls_d_len = ds->acls_d_len;
1741 st1.xattr_map = ds->xattr_map;
1742 st1.xattr_map_size = ds->xattr_map_size;
1743 set_stat (source, &st1, -1, 0, 0, SYMTYPE,
1744 false, AT_SYMLINK_NOFOLLOW);
1745 valid_source = source;
1750 for (sources = ds->sources; sources; )
1752 struct string_list *next = sources->next;
1757 xheader_xattr_free (ds->xattr_map, ds->xattr_map_size);
1758 free (ds->cntx_name);
1761 struct delayed_link *next = ds->next;
1767 delayed_link_head = 0;
1770 /* Finish the extraction of an archive. */
1772 extract_finish (void)
1774 /* First, fix the status of ordinary directories that need fixing. */
1775 apply_nonancestor_delayed_set_stat ("", 0);
1777 /* Then, apply delayed links, so that they don't affect delayed
1778 directory status-setting for ordinary directories. */
1779 apply_delayed_links ();
1781 /* Finally, fix the status of directories that are ancestors
1782 of delayed links. */
1783 apply_nonancestor_delayed_set_stat ("", 1);
1787 rename_directory (char *src, char *dst)
1789 if (renameat (chdir_fd, src, chdir_fd, dst) == 0)
1790 fixup_delayed_set_stat (src, dst);
1799 if (make_directories (dst, &interdir_made) == 0)
1801 if (renameat (chdir_fd, src, chdir_fd, dst) == 0)
1808 /* FIXME: Fall back to recursive copying */
1814 ERROR ((0, e, _("Cannot rename %s to %s"),