New -osirrox mode "banned"

This commit is contained in:
Thomas Schmitt 2009-04-05 14:30:45 +00:00
parent 90e178a14d
commit 3a63d2b10f
4 changed files with 43 additions and 17 deletions

View File

@ -2,7 +2,7 @@
.\" First parameter, NAME, should be all caps .\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1) .\" other parameters are allowed: see man(7), man(1)
.TH XORRISO 1 "Apr 04, 2009" .TH XORRISO 1 "Apr 05, 2009"
.\" Please adjust this date whenever revising the manpage. .\" Please adjust this date whenever revising the manpage.
.\" .\"
.\" Some roff macros, for reference: .\" Some roff macros, for reference:
@ -2514,10 +2514,11 @@ of -overwrite "nondir". I.e. directories cannot be deleted.
Access permissions of files in the ISO image do not restrict restoring. Access permissions of files in the ISO image do not restrict restoring.
The directory permissions on disk have to allow rwx. The directory permissions on disk have to allow rwx.
.TP .TP
\fB\-osirrox\fR "on"|"device_files"|"off"[:option:...] \fB\-osirrox\fR "on"|"device_files"|"off"|"banned"|[:option:...]
Setting "off" disables disk filesystem manipulations. This is the default Setting "off" disables disk filesystem manipulations. This is the default
unless the program was started with leafname "osirrox". Elsewise unless the program was started with leafname "osirrox". Elsewise
the capability to restore files can be enabled explicitly by -osirrox "on". the capability to restore files can be enabled explicitly by -osirrox "on".
It can be irrevocably disabled by -osirrox "banned".
.br .br
To enable restoring of special files by "device_files" is potentially To enable restoring of special files by "device_files" is potentially
dangerous. dangerous.

View File

@ -91,6 +91,7 @@ or
#include <grp.h> #include <grp.h>
#include <signal.h> #include <signal.h>
#include <sys/utsname.h> #include <sys/utsname.h>
#include <sys/select.h>
/* for -charset */ /* for -charset */
#include <iconv.h> #include <iconv.h>
@ -5876,7 +5877,7 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
{ {
int is_default, no_defaults, i, ret, adr_mode, bin_path_in_use= 0, do_single; int is_default, no_defaults, i, ret, adr_mode, bin_path_in_use= 0, do_single;
char *line, sfe[5 * SfileadrL + 80], mode[80], *form, *treatment; char *line, sfe[5 * SfileadrL + 80], mode[80], *form, *treatment;
char *in_pt, *out_pt, *nl_charset, *local_charset; char *in_pt, *out_pt, *nl_charset, *local_charset, *mode_pt;
static char channel_prefixes[4][4]= {".","R","I","M"}; static char channel_prefixes[4][4]= {".","R","I","M"};
static char load_names[][20]= {"auto", "session", "track", "lba", "volid"}; static char load_names[][20]= {"auto", "session", "track", "lba", "volid"};
static int max_load_mode= 4; static int max_load_mode= 4;
@ -6033,9 +6034,17 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
is_default= (xorriso->allow_restore==0 && xorriso->do_concat_split==1 && is_default= (xorriso->allow_restore==0 && xorriso->do_concat_split==1 &&
xorriso->do_auto_chmod==0); xorriso->do_auto_chmod==0);
sprintf(line,"-osirrox %s:%s:%s\n", mode_pt= "off";
xorriso->allow_restore ? xorriso->allow_restore==2 ? if(xorriso->allow_restore == -1)
"device_files" : "on" : "off", mode_pt= "banned";
else if(xorriso->allow_restore == 1)
mode_pt= "on";
else if(xorriso->allow_restore == 2)
mode_pt= "device_files";
if(xorriso->allow_restore == -1)
sprintf(line,"-osirrox %s\n", mode_pt);
else
sprintf(line,"-osirrox %s:%s:%s\n", mode_pt,
xorriso->do_concat_split ? "concat_split_on" : "concat_split_off", xorriso->do_concat_split ? "concat_split_on" : "concat_split_off",
xorriso->do_auto_chmod ? "auto_chmod_on" : "auto_chmod_off" xorriso->do_auto_chmod ? "auto_chmod_on" : "auto_chmod_off"
); );
@ -12910,7 +12919,7 @@ int Xorriso_option_cpx(struct XorrisO *xorriso, int argc, char **argv,
is_dir= 1; is_dir= 1;
strcpy(dest_dir, eff_dest); strcpy(dest_dir, eff_dest);
} }
if(!xorriso->allow_restore) { if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text, sprintf(xorriso->info_text,
"-cpx: image-to-disk copies are not enabled by option -osirrox"); "-cpx: image-to-disk copies are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0); Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -13426,7 +13435,7 @@ int Xorriso_option_extract(struct XorrisO *xorriso, char *iso_path,
int ret; int ret;
char eff_origin[SfileadrL], eff_dest[SfileadrL], *ipth; char eff_origin[SfileadrL], eff_dest[SfileadrL], *ipth;
if(!xorriso->allow_restore) { if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text, sprintf(xorriso->info_text,
"-extract: image-to-disk copies are not enabled by option -osirrox"); "-extract: image-to-disk copies are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0); Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -14379,10 +14388,13 @@ int Xorriso_option_help(struct XorrisO *xorriso, int flag)
" Performs -compare_r with each disk_path.", " Performs -compare_r with each disk_path.",
"", "",
"Restore options which copy file objects from ISO image to disk filesystem:", "Restore options which copy file objects from ISO image to disk filesystem:",
" -osirrox \"on\"|\"device_files\"|\"off\":\"concat_split_on\"|\"concat_split_off\"", " -osirrox \"on\"|\"device_files\"|\"off\"|\"banned\"",
" [:\"concat_split_on\"|\"concat_split_off\"]",
" [:\"auto_chmod__on\"|\"auto_chmod__off\"]",
" By default \"off\" the inverse operation of xorriso from ISO", " By default \"off\" the inverse operation of xorriso from ISO",
" image to disk filesystem is disabled. \"on\" allows xorriso", " image to disk filesystem is disabled. \"on\" allows xorriso",
" to create, overwrite, delete files in the disk filesystem.", " to create, overwrite, delete files in the disk filesystem.",
" \"banned\" is irrevocably \"off\".",
" -extract iso_rr_path disk_path", " -extract iso_rr_path disk_path",
" Copy tree under iso_rr_path onto disk address disk_path.", " Copy tree under iso_rr_path onto disk address disk_path.",
" This avoids the pitfalls of cp -r addressing rules.", " This avoids the pitfalls of cp -r addressing rules.",
@ -15102,7 +15114,7 @@ int Xorriso_option_mount(struct XorrisO *xorriso, char *dev, char *adr_mode,
mnt= "-session_string"; mnt= "-session_string";
else { else {
mnt= "-mount"; mnt= "-mount";
if(!xorriso->allow_restore) { if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text, sprintf(xorriso->info_text,
"-mount: image-to-disk features are not enabled by option -osirrox"); "-mount: image-to-disk features are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0); Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -15487,9 +15499,11 @@ ex:;
/* Option -osirrox "on"|"off" */ /* Option -osirrox "on"|"off" */
int Xorriso_option_osirrox(struct XorrisO *xorriso, char *mode, int flag) int Xorriso_option_osirrox(struct XorrisO *xorriso, char *mode, int flag)
{ {
int l; int l, allow_restore;
char *npt, *cpt; char *npt, *cpt;
allow_restore= xorriso->allow_restore;
npt= cpt= mode; npt= cpt= mode;
for(cpt= mode; npt!=NULL; cpt= npt+1) { for(cpt= mode; npt!=NULL; cpt= npt+1) {
npt= strchr(cpt,':'); npt= strchr(cpt,':');
@ -15500,11 +15514,13 @@ int Xorriso_option_osirrox(struct XorrisO *xorriso, char *mode, int flag)
if(l==0 && mode[0]!=0) if(l==0 && mode[0]!=0)
goto unknown_mode; goto unknown_mode;
if(strncmp(cpt, "off", l)==0) if(strncmp(cpt, "off", l)==0)
xorriso->allow_restore= 0; allow_restore= 0;
else if(strncmp(cpt, "banned", l)==0)
allow_restore= -1;
else if(strncmp(cpt, "device_files", l)==0) else if(strncmp(cpt, "device_files", l)==0)
xorriso->allow_restore= 2; allow_restore= 2;
else if(strncmp(cpt, "on", l)==0 || mode[0]==0) else if(strncmp(cpt, "on", l)==0 || mode[0]==0)
xorriso->allow_restore= 1; allow_restore= 1;
else if(strncmp(cpt, "concat_split_on", l)==0) else if(strncmp(cpt, "concat_split_on", l)==0)
xorriso->do_concat_split= 1; xorriso->do_concat_split= 1;
else if(strncmp(cpt, "concat_split_off", l)==0) else if(strncmp(cpt, "concat_split_off", l)==0)
@ -15520,9 +15536,17 @@ unknown_mode:;
return(0); return(0);
} }
} }
if(allow_restore > 0 && xorriso->allow_restore == -1) {
sprintf(xorriso->info_text,
"-osirrox: was already permanently disabled by setting 'banned'");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
if(xorriso->allow_restore != -1)
xorriso->allow_restore= allow_restore;
sprintf(xorriso->info_text, sprintf(xorriso->info_text,
"Copying of file objects from ISO image to disk filesystem is: %s\n", "Copying of file objects from ISO image to disk filesystem is: %s\n",
xorriso->allow_restore ? "Enabled" : "Disabled"); xorriso->allow_restore > 0 ? "Enabled" : "Disabled");
Xorriso_info(xorriso, 0); Xorriso_info(xorriso, 0);
return(1); return(1);
} }

View File

@ -237,7 +237,8 @@ struct XorrisO { /* the global context of xorriso */
/* XORRISO options */ /* XORRISO options */
int allow_graft_points; int allow_graft_points;
int allow_restore; /* 0= disallowed, 1=allowed, 2=device files allowed */ int allow_restore; /* -1=permanently disallowed
0=disallowed, 1=allowed, 2=device files allowed */
int do_concat_split; /* 1= restore complete split file directories as int do_concat_split; /* 1= restore complete split file directories as
regular files regular files
*/ */

View File

@ -1 +1 @@
#define Xorriso_timestamP "2009.04.05.131536" #define Xorriso_timestamP "2009.04.05.143043"