[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] Basic support for checking NFSv4 ACLs in Linux
From: |
Ondrej Valousek |
Subject: |
[PATCH] Basic support for checking NFSv4 ACLs in Linux |
Date: |
Wed, 9 Nov 2022 16:29:52 +0100 |
As per suggestions from Andreas, I am attaching a simplified version of the
patch implementing basic
checks for non-trivial NFSv4 acls
---
lib/file-has-acl.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/lib/file-has-acl.c b/lib/file-has-acl.c
index e02f0626a..37b3aaa30 100644
--- a/lib/file-has-acl.c
+++ b/lib/file-has-acl.c
@@ -32,6 +32,11 @@
#if GETXATTR_WITH_POSIX_ACLS
# include <sys/xattr.h>
# include <linux/xattr.h>
+# include <arpa/inet.h>
+#ifndef XATTR_NAME_NFSV4_ACL
+#define XATTR_NAME_NFSV4_ACL "system.nfs4_acl"
+#endif
+#define TRIVIAL_NFS4_ACL_LENGTH 80
#endif
/* Return 1 if NAME has a nontrivial access control list,
@@ -67,6 +72,14 @@ file_has_acl (char const *name, struct stat const *sb)
return 1;
}
+ if (ret < 0) { /* we might be on NFS, so try to check NFSv4 ACLs too */
+ char xattr[TRIVIAL_NFS4_ACL_LENGTH];
+
+ ret = getxattr (name, XATTR_NAME_NFSV4_ACL, xattr,
TRIVIAL_NFS4_ACL_LENGTH);
+ if (ret < 0 && errno == ENODATA)
+ ret = 0;
+ else ret = errno == ERANGE; /* we won't fit into the buffer, so
non-trivial ACL is presented */
+ }
if (ret < 0)
return - acl_errno_valid (errno);
return ret;
--
2.37.3
- [PATCH] Basic support for checking NFSv4 ACLs in Linux,
Ondrej Valousek <=