Gave up deleting of single ACL entries if they match st_mode.
Only totally trivial ACLs are discarded as a whole. This seems necessary because the relation between st_mode and ACL is not clearly defined in man 5 acl.
This commit is contained in:
@ -31,12 +31,12 @@
|
||||
with bit15 of flag.
|
||||
@param flag Bitfield for control purposes
|
||||
bit0= obtain default ACL rather than access ACL
|
||||
bit4= do not return entries which match the st_mode
|
||||
permissions. If no other ACL entries exist:
|
||||
set *text = NULL and return 2
|
||||
bit4= set *text = NULL and return 2
|
||||
if the ACL matches st_mode permissions.
|
||||
bit15= free text and return 1
|
||||
@return > 0 ok
|
||||
-1 failure of system ACL service (see errno)
|
||||
@return 1 ok
|
||||
2 only st_mode permissions exist and bit 4 is set
|
||||
-1 failure of system ACL service (see errno)
|
||||
*/
|
||||
int aaip_get_acl_text(char *path, char **text, int flag)
|
||||
{
|
||||
@ -60,8 +60,11 @@ int aaip_get_acl_text(char *path, char **text, int flag)
|
||||
return(-1);
|
||||
if(flag & 16) {
|
||||
ret= stat(path, &stbuf);
|
||||
if(ret != -1)
|
||||
aaip_cleanout_st_mode(*text, stbuf.st_mode, 0);
|
||||
if(ret != -1) {
|
||||
ret = aaip_cleanout_st_mode(*text, stbuf.st_mode, 2);
|
||||
if(!(ret & (7 | 64)))
|
||||
(*text)[0]= 0;
|
||||
}
|
||||
if((*text)[0] == 0 || strcmp(*text, "\n") == 0) {
|
||||
acl_free(text);
|
||||
*text= NULL;
|
||||
@ -85,7 +88,7 @@ int aaip_get_acl_text(char *path, char **text, int flag)
|
||||
bit2= do not obtain attributes other than ACL
|
||||
bit3= do not ignore eventual local ACL attribute
|
||||
(e.g. system.posix_acl_access)
|
||||
bit4= do not return st_mode permissions in ACL.
|
||||
bit4= do not return trivial ACL that matches st_mode
|
||||
bit15= free memory of names, value_lengths, values
|
||||
@return >0 ok
|
||||
<=0 error
|
||||
|
||||
Reference in New Issue
Block a user