1 /* Support for extended attributes.
3 Copyright (C) 2006-2014, 2016 Free Software Foundation, Inc.
5 This file is part of GNU tar.
7 GNU tar is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 GNU tar is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 Written by James Antill, on 2006-07-27. */
31 #include "selinux-at.h"
33 struct xattrs_mask_map
40 /* list of fnmatch patterns */
43 /* lists of fnmatch patterns */
44 struct xattrs_mask_map incl;
45 struct xattrs_mask_map excl;
48 /* disable posix acls when problem found in gnulib script m4/acl.m4 */
50 # undef HAVE_POSIX_ACLS
53 #ifdef HAVE_POSIX_ACLS
58 #ifdef HAVE_POSIX_ACLS
60 /* acl-at wrappers, TODO: move to gnulib in future? */
61 static acl_t acl_get_file_at (int, const char *, acl_type_t);
62 static int acl_set_file_at (int, const char *, acl_type_t, acl_t);
63 static int file_has_acl_at (int, char const *, struct stat const *);
64 static int acl_delete_def_file_at (int, char const *);
67 #define AT_FUNC_NAME acl_get_file_at
68 #define AT_FUNC_RESULT acl_t
69 #define AT_FUNC_FAIL (acl_t)NULL
70 #define AT_FUNC_F1 acl_get_file
71 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type
72 #define AT_FUNC_POST_FILE_ARGS , type
78 #undef AT_FUNC_POST_FILE_PARAM_DECLS
79 #undef AT_FUNC_POST_FILE_ARGS
82 #define AT_FUNC_NAME acl_set_file_at
83 #define AT_FUNC_F1 acl_set_file
84 #define AT_FUNC_POST_FILE_PARAM_DECLS , acl_type_t type, acl_t acl
85 #define AT_FUNC_POST_FILE_ARGS , type, acl
89 #undef AT_FUNC_POST_FILE_PARAM_DECLS
90 #undef AT_FUNC_POST_FILE_ARGS
92 /* acl_delete_def_file_at */
93 #define AT_FUNC_NAME acl_delete_def_file_at
94 #define AT_FUNC_F1 acl_delete_def_file
95 #define AT_FUNC_POST_FILE_PARAM_DECLS
96 #define AT_FUNC_POST_FILE_ARGS
100 #undef AT_FUNC_POST_FILE_PARAM_DECLS
101 #undef AT_FUNC_POST_FILE_ARGS
103 /* gnulib file_has_acl_at */
104 #define AT_FUNC_NAME file_has_acl_at
105 #define AT_FUNC_F1 file_has_acl
106 #define AT_FUNC_POST_FILE_PARAM_DECLS , struct stat const *st
107 #define AT_FUNC_POST_FILE_ARGS , st
111 #undef AT_FUNC_POST_FILE_PARAM_DECLS
112 #undef AT_FUNC_POST_FILE_ARGS
114 /* convert unix permissions into an ACL ... needed due to "default" ACLs */
116 perms2acl (int perms)
118 char val[] = "user::---,group::---,other::---";
119 /* 0123456789 123456789 123456789 123456789 */
145 return acl_from_text (val);
149 skip_to_ext_fields (char *ptr)
151 /* skip tag name (user/group/default/mask) */
152 ptr += strcspn (ptr, ":,\n");
158 ptr += strcspn (ptr, ":,\n"); /* skip user/group name */
164 ptr += strcspn (ptr, ":,\n"); /* skip perms */
169 /* The POSIX draft allows extra fields after the three main ones. Star
170 uses this to add a fourth field for user/group which is the numeric ID.
171 This function removes such extra fields by overwriting them with the
172 characters that follow. */
174 fixup_extra_acl_fields (char *ptr)
181 const char *old = src;
184 src = skip_to_ext_fields (src);
187 memmove (dst, old, len);
190 if (*src == ':') /* We have extra fields, skip them all */
191 src += strcspn (src, "\n,");
193 if ((*src == '\n') || (*src == ','))
194 *dst++ = *src++; /* also done when dst == src, but that's ok */
202 /* Set the "system.posix_acl_access/system.posix_acl_default" extended
203 attribute. Called only when acls_option > 0. */
205 xattrs__acls_set (struct tar_stat_info const *st,
206 char const *file_name, int type,
207 char *ptr, size_t len, bool def)
213 /* assert (strlen (ptr) == len); */
214 ptr = fixup_extra_acl_fields (ptr);
215 acl = acl_from_text (ptr);
219 /* No "default" IEEE 1003.1e ACL set for directory. At this moment,
220 FILE_NAME may already have inherited default acls from parent
221 directory; clean them up. */
222 if (acl_delete_def_file_at (chdir_fd, file_name))
223 WARNOPT (WARN_XATTR_WRITE,
225 _("acl_delete_def_file_at: Cannot drop default POSIX ACLs "
231 acl = perms2acl (st->stat.st_mode);
235 call_arg_warn ("acl_from_text", file_name);
239 if (acl_set_file_at (chdir_fd, file_name, type, acl) == -1)
240 /* warn even if filesystem does not support acls */
241 WARNOPT (WARN_XATTR_WRITE,
243 _ ("acl_set_file_at: Cannot set POSIX ACLs for file '%s'"),
250 xattrs__acls_get_a (int parentfd, const char *file_name,
251 struct tar_stat_info *st,
252 char **ret_ptr, size_t * ret_len)
258 if (!(acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_ACCESS)))
260 if (errno != ENOTSUP)
261 call_arg_warn ("acl_get_file_at", file_name);
265 val = acl_to_text (acl, &len);
270 call_arg_warn ("acl_to_text", file_name);
274 *ret_ptr = xstrdup (val);
280 /* "system.posix_acl_default" */
282 xattrs__acls_get_d (int parentfd, char const *file_name,
283 struct tar_stat_info *st,
284 char **ret_ptr, size_t * ret_len)
290 if (!(acl = acl_get_file_at (parentfd, file_name, ACL_TYPE_DEFAULT)))
292 if (errno != ENOTSUP)
293 call_arg_warn ("acl_get_file_at", file_name);
297 val = acl_to_text (acl, &len);
302 call_arg_warn ("acl_to_text", file_name);
306 *ret_ptr = xstrdup (val);
311 #endif /* HAVE_POSIX_ACLS */
314 acls_one_line (const char *prefix, char delim,
315 const char *aclstring, size_t len)
317 /* support both long and short text representation of posix acls */
319 int pref_len = strlen (prefix);
320 const char *oldstring = aclstring;
323 if (!aclstring || !len)
329 int move = strcspn (aclstring, ",\n");
333 if (oldstring != aclstring)
334 obstack_1grow (&stk, delim);
336 obstack_grow (&stk, prefix, pref_len);
337 obstack_grow (&stk, aclstring, move);
339 aclstring += move + 1;
342 obstack_1grow (&stk, '\0');
344 fprintf (stdlis, "%s", (char *) obstack_finish (&stk));
346 obstack_free (&stk, NULL);
350 xattrs_acls_get (int parentfd, char const *file_name,
351 struct tar_stat_info *st, int fd, int xisfile)
355 #ifndef HAVE_POSIX_ACLS
358 WARN ((0, 0, _("POSIX ACL support is not available")));
361 int err = file_has_acl_at (parentfd, file_name, &st->stat);
366 call_arg_warn ("file_has_acl_at", file_name);
370 xattrs__acls_get_a (parentfd, file_name, st,
371 &st->acls_a_ptr, &st->acls_a_len);
373 xattrs__acls_get_d (parentfd, file_name, st,
374 &st->acls_d_ptr, &st->acls_d_len);
380 xattrs_acls_set (struct tar_stat_info const *st,
381 char const *file_name, char typeflag)
383 if (acls_option > 0 && typeflag != SYMTYPE)
385 #ifndef HAVE_POSIX_ACLS
388 WARN ((0, 0, _("POSIX ACL support is not available")));
391 xattrs__acls_set (st, file_name, ACL_TYPE_ACCESS,
392 st->acls_a_ptr, st->acls_a_len, false);
393 if (typeflag == DIRTYPE || typeflag == GNUTYPE_DUMPDIR)
394 xattrs__acls_set (st, file_name, ACL_TYPE_DEFAULT,
395 st->acls_d_ptr, st->acls_d_len, true);
401 mask_map_realloc (struct xattrs_mask_map *map)
403 if (map->used == map->size)
407 map->masks = x2nrealloc (map->masks, &map->size, sizeof (map->masks[0]));
412 xattrs_mask_add (const char *mask, bool incl)
414 struct xattrs_mask_map *mask_map =
415 incl ? &xattrs_setup.incl : &xattrs_setup.excl;
416 /* ensure there is enough space */
417 mask_map_realloc (mask_map);
418 /* just assign pointers -- we silently expect that pointer "mask" is valid
419 through the whole program (pointer to argv array) */
420 mask_map->masks[mask_map->used++] = mask;
424 clear_mask_map (struct xattrs_mask_map *mask_map)
427 free (mask_map->masks);
431 xattrs_clear_setup (void)
433 clear_mask_map (&xattrs_setup.incl);
434 clear_mask_map (&xattrs_setup.excl);
437 /* get all xattrs from file given by FILE_NAME or FD (when non-zero). This
438 includes all the user.*, security.*, system.*, etc. available domains */
440 xattrs_xattrs_get (int parentfd, char const *file_name,
441 struct tar_stat_info *st, int fd)
443 if (xattrs_option > 0)
448 WARN ((0, 0, _("XATTR support is not available")));
451 static size_t xsz = 1024;
452 static char *xatrs = NULL;
456 xatrs = x2nrealloc (xatrs, &xsz, 1);
460 llistxattrat (parentfd, file_name, xatrs, xsz)) == -1) :
461 ((xret = flistxattr (fd, xatrs, xsz)) == -1))
462 && (errno == ERANGE))
464 xatrs = x2nrealloc (xatrs, &xsz, 1);
468 call_arg_warn ((fd == 0) ? "llistxattrat" : "flistxattr", file_name);
471 const char *attr = xatrs;
472 static size_t asz = 1024;
473 static char *val = NULL;
476 val = x2nrealloc (val, &asz, 1);
480 size_t len = strlen (attr);
483 /* Archive all xattrs during creation, decide at extraction time
484 * which ones are of interest/use for the target filesystem. */
486 ? ((aret = lgetxattrat (parentfd, file_name, attr,
488 : ((aret = fgetxattr (fd, attr, val, asz)) == -1))
489 && (errno == ERANGE))
491 val = x2nrealloc (val, &asz, 1);
495 xheader_xattr_add (st, attr, val, aret);
496 else if (errno != ENOATTR)
497 call_arg_warn ((fd == 0) ? "lgetxattrat"
498 : "fgetxattr", file_name);
510 xattrs__fd_set (struct tar_stat_info const *st,
511 char const *file_name, char typeflag,
512 const char *attr, const char *ptr, size_t len)
516 const char *sysname = "setxattrat";
519 if (typeflag != SYMTYPE)
520 ret = setxattrat (chdir_fd, file_name, attr, ptr, len, 0);
523 sysname = "lsetxattr";
524 ret = lsetxattrat (chdir_fd, file_name, attr, ptr, len, 0);
528 WARNOPT (WARN_XATTR_WRITE,
530 _("%s: Cannot set '%s' extended attribute for file '%s'"),
531 sysname, attr, file_name));
536 /* lgetfileconat is called against FILE_NAME iff the FD parameter is set to
537 zero, otherwise the fgetfileconat is used against correct file descriptor */
539 xattrs_selinux_get (int parentfd, char const *file_name,
540 struct tar_stat_info *st, int fd)
542 if (selinux_context_option > 0)
544 #if HAVE_SELINUX_SELINUX_H != 1
547 WARN ((0, 0, _("SELinux support is not available")));
551 fgetfilecon (fd, &st->cntx_name)
552 : lgetfileconat (parentfd, file_name, &st->cntx_name);
554 if (result == -1 && errno != ENODATA && errno != ENOTSUP)
555 call_arg_warn (fd ? "fgetfilecon" : "lgetfileconat", file_name);
561 xattrs_selinux_set (struct tar_stat_info const *st,
562 char const *file_name, char typeflag)
564 if (selinux_context_option > 0)
566 #if HAVE_SELINUX_SELINUX_H != 1
569 WARN ((0, 0, _("SELinux support is not available")));
572 const char *sysname = "setfilecon";
578 if (typeflag != SYMTYPE)
580 ret = setfileconat (chdir_fd, file_name, st->cntx_name);
581 sysname = "setfileconat";
585 ret = lsetfileconat (chdir_fd, file_name, st->cntx_name);
586 sysname = "lsetfileconat";
590 WARNOPT (WARN_XATTR_WRITE,
592 _("%s: Cannot set SELinux context for file '%s'"),
593 sysname, file_name));
599 xattrs_matches_mask (const char *kw, struct xattrs_mask_map *mm)
606 for (i = 0; i < mm->used; i++)
607 if (fnmatch (mm->masks[i], kw, 0) == 0)
613 #define USER_DOT_PFX "user."
616 xattrs_kw_included (const char *kw, bool archiving)
618 if (xattrs_setup.incl.size)
619 return xattrs_matches_mask (kw, &xattrs_setup.incl);
623 return strncmp (kw, USER_DOT_PFX, sizeof (USER_DOT_PFX) - 1) == 0;
627 xattrs_kw_excluded (const char *kw, bool archiving)
629 return xattrs_setup.excl.size ?
630 xattrs_matches_mask (kw, &xattrs_setup.excl) : false;
633 /* Check whether the xattr with keyword KW should be discarded from list of
634 attributes that are going to be archived/excluded (set ARCHIVING=true for
635 archiving, false for excluding) */
637 xattrs_masked_out (const char *kw, bool archiving)
639 return xattrs_kw_included (kw, archiving) ?
640 xattrs_kw_excluded (kw, archiving) : true;
644 xattrs_xattrs_set (struct tar_stat_info const *st,
645 char const *file_name, char typeflag, int later_run)
647 if (xattrs_option > 0)
652 WARN ((0, 0, _("XATTR support is not available")));
657 if (!st->xattr_map_size)
660 for (; scan < st->xattr_map_size; ++scan)
662 char *keyword = st->xattr_map[scan].xkey;
663 keyword += strlen ("SCHILY.xattr.");
665 /* TODO: this 'later_run' workaround is temporary solution -> once
666 capabilities should become fully supported by it's API and there
667 should exist something like xattrs_capabilities_set() call.
668 For a regular files: all extended attributes are restored during
669 the first run except 'security.capability' which is restored in
671 if (typeflag == REGTYPE
672 && later_run == !!strcmp (keyword, "security.capability"))
675 if (xattrs_masked_out (keyword, false /* extracting */ ))
676 /* we don't want to restore this keyword */
679 xattrs__fd_set (st, file_name, typeflag, keyword,
680 st->xattr_map[scan].xval_ptr,
681 st->xattr_map[scan].xval_len);
688 xattrs_print_char (struct tar_stat_info const *st, char *output)
692 if (verbose_option < 2)
698 if (xattrs_option > 0 || selinux_context_option > 0 || acls_option > 0)
705 if (xattrs_option > 0 && st->xattr_map_size)
706 for (i = 0; i < st->xattr_map_size; ++i)
708 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
709 if (!xattrs_masked_out (keyword, false /* like extracting */ ))
716 if (selinux_context_option > 0 && st->cntx_name)
719 if (acls_option > 0 && (st->acls_a_len || st->acls_d_len))
724 xattrs_print (struct tar_stat_info const *st)
726 if (verbose_option < 3)
730 if (selinux_context_option > 0 && st->cntx_name)
731 fprintf (stdlis, " s: %s\n", st->cntx_name);
734 if (acls_option > 0 && (st->acls_a_len || st->acls_d_len))
736 fprintf (stdlis, " a: ");
737 acls_one_line ("", ',', st->acls_a_ptr, st->acls_a_len);
738 acls_one_line ("default:", ',', st->acls_d_ptr, st->acls_d_len);
739 fprintf (stdlis, "\n");
743 if (xattrs_option > 0 && st->xattr_map_size)
747 for (i = 0; i < st->xattr_map_size; ++i)
749 char *keyword = st->xattr_map[i].xkey + strlen ("SCHILY.xattr.");
750 if (!xattrs_masked_out (keyword, false /* like extracting */ ))
751 fprintf (stdlis, " x: %lu %s\n",
752 (unsigned long) st->xattr_map[i].xval_len, keyword);