summaryrefslogtreecommitdiffstats
path: root/xlators/system/posix-acl/src/posix-acl.c
diff options
context:
space:
mode:
Diffstat (limited to 'xlators/system/posix-acl/src/posix-acl.c')
-rw-r--r--xlators/system/posix-acl/src/posix-acl.c3373
1 files changed, 1627 insertions, 1746 deletions
diff --git a/xlators/system/posix-acl/src/posix-acl.c b/xlators/system/posix-acl/src/posix-acl.c
index dd01d3e0f38..9183105ca00 100644
--- a/xlators/system/posix-acl/src/posix-acl.c
+++ b/xlators/system/posix-acl/src/posix-acl.c
@@ -21,2071 +21,1976 @@
#define UINT64(ptr) ((uint64_t)((long)(ptr)))
#define PTR(num) ((void *)((long)(num)))
-
int32_t
-mem_acct_init (xlator_t *this)
+mem_acct_init(xlator_t *this)
{
- int ret = -1;
+ int ret = -1;
- if (!this)
- return ret;
+ if (!this)
+ return ret;
- ret = xlator_mem_acct_init (this, gf_posix_acl_mt_end + 1);
-
- if (ret != 0) {
- gf_log(this->name, GF_LOG_ERROR, "Memory accounting init"
- "failed");
- return ret;
- }
+ ret = xlator_mem_acct_init(this, gf_posix_acl_mt_end + 1);
+ if (ret != 0) {
+ gf_log(this->name, GF_LOG_ERROR,
+ "Memory accounting init"
+ "failed");
return ret;
+ }
+
+ return ret;
}
static uid_t
-r00t ()
+r00t()
{
- struct posix_acl_conf *conf = NULL;
+ struct posix_acl_conf *conf = NULL;
- conf = THIS->private;
+ conf = THIS->private;
- return conf->super_uid;
+ return conf->super_uid;
}
-
int
-whitelisted_xattr (const char *key)
+whitelisted_xattr(const char *key)
{
- if (!key)
- return 0;
-
- if (strcmp (POSIX_ACL_ACCESS_XATTR, key) == 0)
- return 1;
- if (strcmp (POSIX_ACL_DEFAULT_XATTR, key) == 0)
- return 1;
- if (strcmp (GF_POSIX_ACL_ACCESS, key) == 0)
- return 1;
- if (strcmp (GF_POSIX_ACL_DEFAULT, key) == 0)
- return 1;
+ if (!key)
return 0;
-}
+ if (strcmp(POSIX_ACL_ACCESS_XATTR, key) == 0)
+ return 1;
+ if (strcmp(POSIX_ACL_DEFAULT_XATTR, key) == 0)
+ return 1;
+ if (strcmp(GF_POSIX_ACL_ACCESS, key) == 0)
+ return 1;
+ if (strcmp(GF_POSIX_ACL_DEFAULT, key) == 0)
+ return 1;
+ return 0;
+}
int
-frame_is_user (call_frame_t *frame, uid_t uid)
+frame_is_user(call_frame_t *frame, uid_t uid)
{
- return (frame->root->uid == uid);
+ return (frame->root->uid == uid);
}
-
int
-frame_is_super_user (call_frame_t *frame)
+frame_is_super_user(call_frame_t *frame)
{
- int ret;
+ int ret;
- ret = frame_is_user (frame, r00t());
- if (!ret)
- ret = frame_is_user (frame, 0);
+ ret = frame_is_user(frame, r00t());
+ if (!ret)
+ ret = frame_is_user(frame, 0);
- return ret;
+ return ret;
}
-
int
-frame_in_group (call_frame_t *frame, gid_t gid)
+frame_in_group(call_frame_t *frame, gid_t gid)
{
- int i = 0;
+ int i = 0;
- if (frame->root->gid == gid)
- return 1;
+ if (frame->root->gid == gid)
+ return 1;
- for (i = 0; i < frame->root->ngrps; i++)
- if (frame->root->groups[i] == gid)
- return 1;
- return 0;
+ for (i = 0; i < frame->root->ngrps; i++)
+ if (frame->root->groups[i] == gid)
+ return 1;
+ return 0;
}
-
mode_t
-posix_acl_access_set_mode (struct posix_acl *acl, struct posix_acl_ctx *ctx)
-{
- struct posix_ace *ace = NULL;
- struct posix_ace *group_ce = NULL;
- struct posix_ace *mask_ce = NULL;
- int count = 0;
- int i = 0;
- mode_t mode = 0;
- int mask = 0;
-
- count = acl->count;
-
- ace = acl->entries;
- for (i = 0; i < count; i++) {
- switch (ace->tag) {
- case POSIX_ACL_USER_OBJ:
- mask |= S_IRWXU;
- mode |= (ace->perm << 6);
- break;
- case POSIX_ACL_GROUP_OBJ:
- group_ce = ace;
- break;
- case POSIX_ACL_MASK:
- mask_ce = ace;
- break;
- case POSIX_ACL_OTHER:
- mask |= S_IRWXO;
- mode |= (ace->perm);
- break;
- }
- ace++;
- }
-
- if (mask_ce) {
- mask |= S_IRWXG;
- mode |= (mask_ce->perm << 3);
- } else {
- if (!group_ce)
- goto out;
- mask |= S_IRWXG;
- mode |= (group_ce->perm << 3);
+posix_acl_access_set_mode(struct posix_acl *acl, struct posix_acl_ctx *ctx)
+{
+ struct posix_ace *ace = NULL;
+ struct posix_ace *group_ce = NULL;
+ struct posix_ace *mask_ce = NULL;
+ int count = 0;
+ int i = 0;
+ mode_t mode = 0;
+ int mask = 0;
+
+ count = acl->count;
+
+ ace = acl->entries;
+ for (i = 0; i < count; i++) {
+ switch (ace->tag) {
+ case POSIX_ACL_USER_OBJ:
+ mask |= S_IRWXU;
+ mode |= (ace->perm << 6);
+ break;
+ case POSIX_ACL_GROUP_OBJ:
+ group_ce = ace;
+ break;
+ case POSIX_ACL_MASK:
+ mask_ce = ace;
+ break;
+ case POSIX_ACL_OTHER:
+ mask |= S_IRWXO;
+ mode |= (ace->perm);
+ break;
}
+ ace++;
+ }
+
+ if (mask_ce) {
+ mask |= S_IRWXG;
+ mode |= (mask_ce->perm << 3);
+ } else {
+ if (!group_ce)
+ goto out;
+ mask |= S_IRWXG;
+ mode |= (group_ce->perm << 3);
+ }
out:
- ctx->perm = (ctx->perm & ~mask) | mode;
+ ctx->perm = (ctx->perm & ~mask) | mode;
- return mode;
+ return mode;
}
-
static int
-sticky_permits (call_frame_t *frame, inode_t *parent, inode_t *inode)
+sticky_permits(call_frame_t *frame, inode_t *parent, inode_t *inode)
{
- struct posix_acl_ctx *par = NULL;
- struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_ctx *par = NULL;
+ struct posix_acl_ctx *ctx = NULL;
- if ((0 > frame->root->pid) || frame_is_super_user (frame))
- return 1;
+ if ((0 > frame->root->pid) || frame_is_super_user(frame))
+ return 1;
- par = posix_acl_ctx_get (parent, frame->this);
- if (par == NULL)
- return 0;
+ par = posix_acl_ctx_get(parent, frame->this);
+ if (par == NULL)
+ return 0;
- ctx = posix_acl_ctx_get (inode, frame->this);
- if (ctx == NULL)
- return 0;
+ ctx = posix_acl_ctx_get(inode, frame->this);
+ if (ctx == NULL)
+ return 0;
- if (!(par->perm & S_ISVTX))
- return 1;
+ if (!(par->perm & S_ISVTX))
+ return 1;
- if (frame_is_user (frame, par->uid))
- return 1;
+ if (frame_is_user(frame, par->uid))
+ return 1;
- if (frame_is_user (frame, ctx->uid))
- return 1;
+ if (frame_is_user(frame, ctx->uid))
+ return 1;
- return 0;
+ return 0;
}
static gf_boolean_t
-_does_acl_exist (struct posix_acl *acl)
+_does_acl_exist(struct posix_acl *acl)
{
- if (acl && (acl->count > POSIX_ACL_MINIMAL_ACE_COUNT))
- return _gf_true;
- return _gf_false;
+ if (acl && (acl->count > POSIX_ACL_MINIMAL_ACE_COUNT))
+ return _gf_true;
+ return _gf_false;
}
static void
-posix_acl_get_acl_string (call_frame_t *frame, struct posix_acl *acl,
- char **acl_str)
-{
- int i = 0;
- size_t size_acl = 0;
- size_t offset = 0;
- struct posix_ace *ace = NULL;
- char tmp_str[1024] = {0};
-#define NON_GRP_FMT "(tag:%"PRIu16",perm:%"PRIu16",id:%"PRIu32")"
-#define GRP_FMT "(tag:%"PRIu16",perm:%"PRIu16",id:%"PRIu32",in-groups:%d)"
-
- if (!_does_acl_exist (acl))
- goto out;
-
- ace = acl->entries;
- for (i = 0; i < acl->count; i++) {
- if (ace->tag != POSIX_ACL_GROUP) {
- size_acl += snprintf (tmp_str, sizeof tmp_str,
- NON_GRP_FMT, ace->tag, ace->perm, ace->id);
- } else {
- size_acl += snprintf (tmp_str, sizeof tmp_str,
- GRP_FMT, ace->tag,
- ace->perm, ace->id,
- frame_in_group (frame, ace->id));
- }
+posix_acl_get_acl_string(call_frame_t *frame, struct posix_acl *acl,
+ char **acl_str)
+{
+ int i = 0;
+ size_t size_acl = 0;
+ size_t offset = 0;
+ struct posix_ace *ace = NULL;
+ char tmp_str[1024] = {0};
+#define NON_GRP_FMT "(tag:%" PRIu16 ",perm:%" PRIu16 ",id:%" PRIu32 ")"
+#define GRP_FMT "(tag:%" PRIu16 ",perm:%" PRIu16 ",id:%" PRIu32 ",in-groups:%d)"
+
+ if (!_does_acl_exist(acl))
+ goto out;
- ace++;
+ ace = acl->entries;
+ for (i = 0; i < acl->count; i++) {
+ if (ace->tag != POSIX_ACL_GROUP) {
+ size_acl += snprintf(tmp_str, sizeof tmp_str, NON_GRP_FMT, ace->tag,
+ ace->perm, ace->id);
+ } else {
+ size_acl += snprintf(tmp_str, sizeof tmp_str, GRP_FMT, ace->tag,
+ ace->perm, ace->id,
+ frame_in_group(frame, ace->id));
}
- *acl_str = GF_CALLOC (1, size_acl + 1, gf_posix_acl_mt_char);
- if (!*acl_str)
- goto out;
+ ace++;
+ }
- ace = acl->entries;
- for (i = 0; i < acl->count; i++) {
- if (ace->tag != POSIX_ACL_GROUP) {
- offset += snprintf (*acl_str + offset,
- size_acl - offset,
- NON_GRP_FMT, ace->tag, ace->perm, ace->id);
- } else {
- offset += snprintf (*acl_str + offset,
- size_acl - offset,
- GRP_FMT, ace->tag, ace->perm, ace->id,
- frame_in_group (frame, ace->id));
- }
+ *acl_str = GF_CALLOC(1, size_acl + 1, gf_posix_acl_mt_char);
+ if (!*acl_str)
+ goto out;
- ace++;
+ ace = acl->entries;
+ for (i = 0; i < acl->count; i++) {
+ if (ace->tag != POSIX_ACL_GROUP) {
+ offset += snprintf(*acl_str + offset, size_acl - offset,
+ NON_GRP_FMT, ace->tag, ace->perm, ace->id);
+ } else {
+ offset += snprintf(*acl_str + offset, size_acl - offset, GRP_FMT,
+ ace->tag, ace->perm, ace->id,
+ frame_in_group(frame, ace->id));
}
-out:
- return;
-}
-static void
-posix_acl_log_permit_denied (call_frame_t *frame, inode_t *inode, int want,
- struct posix_acl_ctx *ctx, struct posix_acl *acl)
-{
- char *acl_str = NULL;
- client_t *client = NULL;
-
- if (!frame || !inode || !ctx || !frame->root)
- goto out;
-
- client = frame->root->client;
- posix_acl_get_acl_string (frame, acl, &acl_str);
-
- gf_msg (frame->this->name, GF_LOG_INFO, EACCES, POSIX_ACL_MSG_EACCES,
- "client: %s, gfid: %s, req(uid:%d,gid:%d,perm:%d,"
- "ngrps:%"PRIu16"), ctx(uid:%d,gid:%d,in-groups:%d,perm:%d%d%d,"
- "updated-fop:%s, acl:%s)", client ? client->client_uid : "-",
- uuid_utoa (inode->gfid), frame->root->uid, frame->root->gid,
- want, frame->root->ngrps, ctx->uid, ctx->gid,
- frame_in_group (frame, ctx->gid), (ctx->perm & S_IRWXU) >> 6,
- (ctx->perm & S_IRWXG) >> 3, ctx->perm & S_IRWXO,
- gf_fop_string (ctx->fop), acl_str ? acl_str : "-");
+ ace++;
+ }
out:
- GF_FREE (acl_str);
- return;
+ return;
}
-static int
-acl_permits (call_frame_t *frame, inode_t *inode, int want)
+static void
+posix_acl_log_permit_denied(call_frame_t *frame, inode_t *inode, int want,
+ struct posix_acl_ctx *ctx, struct posix_acl *acl)
{
- int verdict = 0;
- struct posix_acl *acl = NULL;
- struct posix_ace *ace = NULL;
- struct posix_acl_ctx *ctx = NULL;
- struct posix_acl_conf *conf = NULL;
- int i = 0;
- int perm = 0;
- int found = 0;
- int acl_present = 0;
+ char *acl_str = NULL;
+ client_t *client = NULL;
- conf = frame->this->private;
+ if (!frame || !inode || !ctx || !frame->root)
+ goto out;
- if ((0 > frame->root->pid) || frame_is_super_user (frame))
- goto green;
+ client = frame->root->client;
+ posix_acl_get_acl_string(frame, acl, &acl_str);
+
+ gf_msg(frame->this->name, GF_LOG_INFO, EACCES, POSIX_ACL_MSG_EACCES,
+ "client: %s, gfid: %s, req(uid:%d,gid:%d,perm:%d,"
+ "ngrps:%" PRIu16
+ "), ctx(uid:%d,gid:%d,in-groups:%d,perm:%d%d%d,"
+ "updated-fop:%s, acl:%s)",
+ client ? client->client_uid : "-", uuid_utoa(inode->gfid),
+ frame->root->uid, frame->root->gid, want, frame->root->ngrps,
+ ctx->uid, ctx->gid, frame_in_group(frame, ctx->gid),
+ (ctx->perm & S_IRWXU) >> 6, (ctx->perm & S_IRWXG) >> 3,
+ ctx->perm & S_IRWXO, gf_fop_string(ctx->fop),
+ acl_str ? acl_str : "-");
+out:
+ GF_FREE(acl_str);
+ return;
+}
- ctx = posix_acl_ctx_get (inode, frame->this);
- if (!ctx)
+static int
+acl_permits(call_frame_t *frame, inode_t *inode, int want)
+{
+ int verdict = 0;
+ struct posix_acl *acl = NULL;
+ struct posix_ace *ace = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_conf *conf = NULL;
+ int i = 0;
+ int perm = 0;
+ int found = 0;
+ int acl_present = 0;
+
+ conf = frame->this->private;
+
+ if ((0 > frame->root->pid) || frame_is_super_user(frame))
+ goto green;
+
+ ctx = posix_acl_ctx_get(inode, frame->this);
+ if (!ctx)
+ goto red;
+
+ posix_acl_get(inode, frame->this, &acl, NULL);
+ if (!acl) {
+ acl = posix_acl_ref(frame->this, conf->minimal_acl);
+ }
+
+ ace = acl->entries;
+
+ if (_does_acl_exist(acl))
+ acl_present = 1;
+
+ for (i = 0; i < acl->count; i++) {
+ switch (ace->tag) {
+ case POSIX_ACL_USER_OBJ:
+ perm = ((ctx->perm & S_IRWXU) >> 6);
+ if (frame_is_user(frame, ctx->uid))
+ goto perm_check;
+ break;
+ case POSIX_ACL_USER:
+ perm = ace->perm;
+ if (frame_is_user(frame, ace->id))
+ goto mask_check;
+ break;
+ case POSIX_ACL_GROUP_OBJ:
+ if (acl_present)
+ perm = ace->perm;
+ else
+ perm = ((ctx->perm & S_IRWXG) >> 3);
+ if (frame_in_group(frame, ctx->gid)) {
+ found = 1;
+ if ((perm & want) == want)
+ goto mask_check;
+ }
+ break;
+ case POSIX_ACL_GROUP:
+ perm = ace->perm;
+ if (frame_in_group(frame, ace->id)) {
+ found = 1;
+ if ((perm & want) == want)
+ goto mask_check;
+ }
+ break;
+ case POSIX_ACL_MASK:
+ break;
+ case POSIX_ACL_OTHER:
+ perm = (ctx->perm & S_IRWXO);
+ if (!found)
+ goto perm_check;
+ /* fall through */
+ default:
goto red;
-
- posix_acl_get (inode, frame->this, &acl, NULL);
- if (!acl) {
- acl = posix_acl_ref (frame->this, conf->minimal_acl);
}
- ace = acl->entries;
-
- if (_does_acl_exist (acl))
- acl_present = 1;
-
- for (i = 0; i < acl->count; i++) {
- switch (ace->tag) {
- case POSIX_ACL_USER_OBJ:
- perm = ((ctx->perm & S_IRWXU) >> 6);
- if (frame_is_user (frame, ctx->uid))
- goto perm_check;
- break;
- case POSIX_ACL_USER:
- perm = ace->perm;
- if (frame_is_user (frame, ace->id))
- goto mask_check;
- break;
- case POSIX_ACL_GROUP_OBJ:
- if (acl_present)
- perm = ace->perm;
- else
- perm = ((ctx->perm & S_IRWXG) >> 3);
- if (frame_in_group (frame, ctx->gid)) {
- found = 1;
- if ((perm & want) == want)
- goto mask_check;
- }
- break;
- case POSIX_ACL_GROUP:
- perm = ace->perm;
- if (frame_in_group (frame, ace->id)) {
- found = 1;
- if ((perm & want) == want)
- goto mask_check;
- }
- break;
- case POSIX_ACL_MASK:
- break;
- case POSIX_ACL_OTHER:
- perm = (ctx->perm & S_IRWXO);
- if (!found)
- goto perm_check;
- /* fall through */
- default:
- goto red;
- }
-
- ace++;
- }
+ ace++;
+ }
mask_check:
- ace = acl->entries;
+ ace = acl->entries;
- for (i = 0; i < acl->count; i++, ace++) {
- if (ace->tag != POSIX_ACL_MASK)
- continue;
- if ((ace->perm & perm & want) == want) {
- goto green;
- }
- goto red;
+ for (i = 0; i < acl->count; i++, ace++) {
+ if (ace->tag != POSIX_ACL_MASK)
+ continue;
+ if ((ace->perm & perm & want) == want) {
+ goto green;
}
+ goto red;
+ }
perm_check:
- if ((perm & want) == want) {
- goto green;
- } else {
- goto red;
- }
+ if ((perm & want) == want) {
+ goto green;
+ } else {
+ goto red;
+ }
green:
- verdict = 1;
- goto out;
+ verdict = 1;
+ goto out;
red:
- verdict = 0;
- posix_acl_log_permit_denied (frame, inode, want, ctx, acl);
+ verdict = 0;
+ posix_acl_log_permit_denied(frame, inode, want, ctx, acl);
out:
- if (acl)
- posix_acl_unref (frame->this, acl);
+ if (acl)
+ posix_acl_unref(frame->this, acl);
- return verdict;
+ return verdict;
}
-
struct posix_acl_ctx *
-__posix_acl_ctx_get (inode_t *inode, xlator_t *this, gf_boolean_t create)
+__posix_acl_ctx_get(inode_t *inode, xlator_t *this, gf_boolean_t create)
{
- struct posix_acl_ctx *ctx = NULL;
- uint64_t int_ctx = 0;
- int ret = 0;
+ struct posix_acl_ctx *ctx = NULL;
+ uint64_t int_ctx = 0;
+ int ret = 0;
- ret = __inode_ctx_get (inode, this, &int_ctx);
- if ((ret == 0) && (int_ctx))
- return PTR(int_ctx);
+ ret = __inode_ctx_get(inode, this, &int_ctx);
+ if ((ret == 0) && (int_ctx))
+ return PTR(int_ctx);
- if (create == _gf_false)
- return NULL;
+ if (create == _gf_false)
+ return NULL;
- ctx = GF_CALLOC (1, sizeof (*ctx), gf_posix_acl_mt_ctx_t);
- if (!ctx)
- return NULL;
+ ctx = GF_CALLOC(1, sizeof(*ctx), gf_posix_acl_mt_ctx_t);
+ if (!ctx)
+ return NULL;
- ret = __inode_ctx_put (inode, this, UINT64 (ctx));
- if (ret) {
- GF_FREE (ctx);
- ctx = NULL;
- }
+ ret = __inode_ctx_put(inode, this, UINT64(ctx));
+ if (ret) {
+ GF_FREE(ctx);
+ ctx = NULL;
+ }
- return ctx;
+ return ctx;
}
struct posix_acl_ctx *
-posix_acl_ctx_new (inode_t *inode, xlator_t *this)
+posix_acl_ctx_new(inode_t *inode, xlator_t *this)
{
- struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_ctx *ctx = NULL;
- if (inode == NULL) {
- gf_log_callingfn (this->name, GF_LOG_WARNING, "inode is NULL");
- return NULL;
- }
+ if (inode == NULL) {
+ gf_log_callingfn(this->name, GF_LOG_WARNING, "inode is NULL");
+ return NULL;
+ }
- LOCK (&inode->lock);
- {
- ctx = __posix_acl_ctx_get (inode, this, _gf_true);
- }
- UNLOCK (&inode->lock);
+ LOCK(&inode->lock);
+ {
+ ctx = __posix_acl_ctx_get(inode, this, _gf_true);
+ }
+ UNLOCK(&inode->lock);
- if (ctx == NULL)
- gf_log_callingfn (this->name, GF_LOG_ERROR, "creating inode ctx"
- "failed for %s", uuid_utoa (inode->gfid));
- return ctx;
+ if (ctx == NULL)
+ gf_log_callingfn(this->name, GF_LOG_ERROR,
+ "creating inode ctx"
+ "failed for %s",
+ uuid_utoa(inode->gfid));
+ return ctx;
}
struct posix_acl_ctx *
-posix_acl_ctx_get (inode_t *inode, xlator_t *this)
+posix_acl_ctx_get(inode_t *inode, xlator_t *this)
{
- struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_ctx *ctx = NULL;
- if (inode == NULL) {
- gf_log_callingfn (this->name, GF_LOG_WARNING, "inode is NULL");
- return NULL;
- }
+ if (inode == NULL) {
+ gf_log_callingfn(this->name, GF_LOG_WARNING, "inode is NULL");
+ return NULL;
+ }
- LOCK (&inode->lock);
- {
- ctx = __posix_acl_ctx_get (inode, this, _gf_false);
- }
- UNLOCK (&inode->lock);
+ LOCK(&inode->lock);
+ {
+ ctx = __posix_acl_ctx_get(inode, this, _gf_false);
+ }
+ UNLOCK(&inode->lock);
- if (ctx == NULL)
- gf_log_callingfn (this->name, GF_LOG_ERROR, "inode ctx is NULL "
- "for %s", uuid_utoa (inode->gfid));
- return ctx;
+ if (ctx == NULL)
+ gf_log_callingfn(this->name, GF_LOG_ERROR,
+ "inode ctx is NULL "
+ "for %s",
+ uuid_utoa(inode->gfid));
+ return ctx;
}
int
-__posix_acl_set_specific (inode_t *inode, xlator_t *this,
- gf_boolean_t is_access, struct posix_acl *acl)
+__posix_acl_set_specific(inode_t *inode, xlator_t *this, gf_boolean_t is_access,
+ struct posix_acl *acl)
{
- int ret = 0;
- struct posix_acl_ctx *ctx = NULL;
+ int ret = 0;
+ struct posix_acl_ctx *ctx = NULL;
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx) {
- ret = -1;
- goto out;
- }
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx) {
+ ret = -1;
+ goto out;
+ }
- if (is_access)
- ctx->acl_access = acl;
- else
- ctx->acl_default = acl;
+ if (is_access)
+ ctx->acl_access = acl;
+ else
+ ctx->acl_default = acl;
out:
- return ret;
+ return ret;
}
int
-__posix_acl_set (inode_t *inode, xlator_t *this, struct posix_acl *acl_access,
- struct posix_acl *acl_default)
+__posix_acl_set(inode_t *inode, xlator_t *this, struct posix_acl *acl_access,
+ struct posix_acl *acl_default)
{
- int ret = 0;
- struct posix_acl_ctx *ctx = NULL;
+ int ret = 0;
+ struct posix_acl_ctx *ctx = NULL;
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx)
- goto out;
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx)
+ goto out;
- ctx->acl_access = acl_access;
- ctx->acl_default = acl_default;
+ ctx->acl_access = acl_access;
+ ctx->acl_default = acl_default;
out:
- return ret;
+ return ret;
}
-
int
-__posix_acl_get (inode_t *inode, xlator_t *this, struct posix_acl **acl_access_p,
- struct posix_acl **acl_default_p)
+__posix_acl_get(inode_t *inode, xlator_t *this, struct posix_acl **acl_access_p,
+ struct posix_acl **acl_default_p)
{
- int ret = 0;
- struct posix_acl_ctx *ctx = NULL;
+ int ret = 0;
+ struct posix_acl_ctx *ctx = NULL;
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx)
- goto out;
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx)
+ goto out;
- if (acl_access_p)
- *acl_access_p = ctx->acl_access;
- if (acl_default_p)
- *acl_default_p = ctx->acl_default;
+ if (acl_access_p)
+ *acl_access_p = ctx->acl_access;
+ if (acl_default_p)
+ *acl_default_p = ctx->acl_default;
out:
- return ret;
+ return ret;
}
-
struct posix_acl *
-posix_acl_new (xlator_t *this, int entrycnt)
+posix_acl_new(xlator_t *this, int entrycnt)
{
- struct posix_acl *acl = NULL;
- struct posix_ace *ace = NULL;
+ struct posix_acl *acl = NULL;
+ struct posix_ace *ace = NULL;
- acl = GF_CALLOC (1, sizeof (*acl) + (entrycnt * sizeof (*ace)),
- gf_posix_acl_mt_posix_ace_t);
- if (!acl)
- return NULL;
+ acl = GF_CALLOC(1, sizeof(*acl) + (entrycnt * sizeof(*ace)),
+ gf_posix_acl_mt_posix_ace_t);
+ if (!acl)
+ return NULL;
- acl->count = entrycnt;
+ acl->count = entrycnt;
- posix_acl_ref (this, acl);
+ posix_acl_ref(this, acl);
- return acl;
+ return acl;
}
-
void
-posix_acl_destroy (xlator_t *this, struct posix_acl *acl)
+posix_acl_destroy(xlator_t *this, struct posix_acl *acl)
{
- GF_FREE (acl);
+ GF_FREE(acl);
- return;
+ return;
}
-
struct posix_acl *
-posix_acl_ref (xlator_t *this, struct posix_acl *acl)
+posix_acl_ref(xlator_t *this, struct posix_acl *acl)
{
- struct posix_acl_conf *conf = NULL;
+ struct posix_acl_conf *conf = NULL;
- conf = this->private;
+ conf = this->private;
- LOCK(&conf->acl_lock);
- {
- acl->refcnt++;
- }
- UNLOCK(&conf->acl_lock);
+ LOCK(&conf->acl_lock);
+ {
+ acl->refcnt++;
+ }
+ UNLOCK(&conf->acl_lock);
- return acl;
+ return acl;
}
-
struct posix_acl *
-posix_acl_dup (xlator_t *this, struct posix_acl *acl)
+posix_acl_dup(xlator_t *this, struct posix_acl *acl)
{
- struct posix_acl *dup = NULL;
+ struct posix_acl *dup = NULL;
- dup = posix_acl_new (this, acl->count);
- if (!dup)
- return NULL;
+ dup = posix_acl_new(this, acl->count);
+ if (!dup)
+ return NULL;
- memcpy (dup->entries, acl->entries,
- sizeof (struct posix_ace) * acl->count);
+ memcpy(dup->entries, acl->entries, sizeof(struct posix_ace) * acl->count);
- return dup;
+ return dup;
}
-
void
-posix_acl_unref (xlator_t *this, struct posix_acl *acl)
+posix_acl_unref(xlator_t *this, struct posix_acl *acl)
{
- struct posix_acl_conf *conf = NULL;
- int refcnt = 0;
+ struct posix_acl_conf *conf = NULL;
+ int refcnt = 0;
- conf = this->private;
- if (!conf)
- goto out;
+ conf = this->private;
+ if (!conf)
+ goto out;
- LOCK(&conf->acl_lock);
- {
- refcnt = --acl->refcnt;
- }
- UNLOCK(&conf->acl_lock);
+ LOCK(&conf->acl_lock);
+ {
+ refcnt = --acl->refcnt;
+ }
+ UNLOCK(&conf->acl_lock);
out:
- if (!refcnt)
- posix_acl_destroy (this, acl);
+ if (!refcnt)
+ posix_acl_destroy(this, acl);
}
int
-posix_acl_set_specific (inode_t *inode, xlator_t *this, struct posix_acl *acl,
- gf_boolean_t is_access)
+posix_acl_set_specific(inode_t *inode, xlator_t *this, struct posix_acl *acl,
+ gf_boolean_t is_access)
{
- int ret = 0;
- int oldret = 0;
- struct posix_acl *old_acl = NULL;
- struct posix_acl_conf *conf = NULL;
+ int ret = 0;
+ int oldret = 0;
+ struct posix_acl *old_acl = NULL;
+ struct posix_acl_conf *conf = NULL;
- conf = this->private;
+ conf = this->private;
- LOCK (&conf->acl_lock);
- {
- if (is_access)
- oldret = __posix_acl_get (inode, this, &old_acl, NULL);
- else
- oldret = __posix_acl_get (inode, this, NULL, &old_acl);
- if (acl)
- acl->refcnt++;
- ret = __posix_acl_set_specific (inode, this, is_access, acl);
- }
- UNLOCK (&conf->acl_lock);
+ LOCK(&conf->acl_lock);
+ {
+ if (is_access)
+ oldret = __posix_acl_get(inode, this, &old_acl, NULL);
+ else
+ oldret = __posix_acl_get(inode, this, NULL, &old_acl);
+ if (acl)
+ acl->refcnt++;
+ ret = __posix_acl_set_specific(inode, this, is_access, acl);
+ }
+ UNLOCK(&conf->acl_lock);
- if (oldret == 0) {
- if (old_acl)
- posix_acl_unref (this, old_acl);
- }
+ if (oldret == 0) {
+ if (old_acl)
+ posix_acl_unref(this, old_acl);
+ }
- return ret;
+ return ret;
}
int
-posix_acl_set (inode_t *inode, xlator_t *this, struct posix_acl *acl_access,
- struct posix_acl *acl_default)
+posix_acl_set(inode_t *inode, xlator_t *this, struct posix_acl *acl_access,
+ struct posix_acl *acl_default)
{
- int ret = 0;
- int oldret = 0;
- struct posix_acl *old_access = NULL;
- struct posix_acl *old_default = NULL;
- struct posix_acl_conf *conf = NULL;
+ int ret = 0;
+ int oldret = 0;
+ struct posix_acl *old_access = NULL;
+ struct posix_acl *old_default = NULL;
+ struct posix_acl_conf *conf = NULL;
- conf = this->private;
+ conf = this->private;
- LOCK(&conf->acl_lock);
- {
- oldret = __posix_acl_get (inode, this, &old_access,
- &old_default);
- if (acl_access)
- acl_access->refcnt++;
- if (acl_default)
- acl_default->refcnt++;
+ LOCK(&conf->acl_lock);
+ {
+ oldret = __posix_acl_get(inode, this, &old_access, &old_default);
+ if (acl_access)
+ acl_access->refcnt++;
+ if (acl_default)
+ acl_default->refcnt++;
- ret = __posix_acl_set (inode, this, acl_access, acl_default);
- }
- UNLOCK(&conf->acl_lock);
+ ret = __posix_acl_set(inode, this, acl_access, acl_default);
+ }
+ UNLOCK(&conf->acl_lock);
- if (oldret == 0) {
- if (old_access)
- posix_acl_unref (this, old_access);
- if (old_default)
- posix_acl_unref (this, old_default);
- }
+ if (oldret == 0) {
+ if (old_access)
+ posix_acl_unref(this, old_access);
+ if (old_default)
+ posix_acl_unref(this, old_default);
+ }
- return ret;
+ return ret;
}
-
int
-posix_acl_get (inode_t *inode, xlator_t *this, struct posix_acl **acl_access_p,
- struct posix_acl **acl_default_p)
+posix_acl_get(inode_t *inode, xlator_t *this, struct posix_acl **acl_access_p,
+ struct posix_acl **acl_default_p)
{
- struct posix_acl_conf *conf = NULL;
- struct posix_acl *acl_access = NULL;
- struct posix_acl *acl_default = NULL;
- int ret = 0;
+ struct posix_acl_conf *conf = NULL;
+ struct posix_acl *acl_access = NULL;
+ struct posix_acl *acl_default = NULL;
+ int ret = 0;
- conf = this->private;
+ conf = this->private;
- LOCK(&conf->acl_lock);
- {
- ret = __posix_acl_get (inode, this, &acl_access, &acl_default);
+ LOCK(&conf->acl_lock);
+ {
+ ret = __posix_acl_get(inode, this, &acl_access, &acl_default);
- if (ret != 0)
- goto unlock;
+ if (ret != 0)
+ goto unlock;
- if (acl_access && acl_access_p)
- acl_access->refcnt++;
- if (acl_default && acl_default_p)
- acl_default->refcnt++;
- }
+ if (acl_access && acl_access_p)
+ acl_access->refcnt++;
+ if (acl_default && acl_default_p)
+ acl_default->refcnt++;
+ }
unlock:
- UNLOCK(&conf->acl_lock);
+ UNLOCK(&conf->acl_lock);
- if (acl_access_p)
- *acl_access_p = acl_access;
- if (acl_default_p)
- *acl_default_p = acl_default;
+ if (acl_access_p)
+ *acl_access_p = acl_access;
+ if (acl_default_p)
+ *acl_default_p = acl_default;
- return ret;
+ return ret;
}
mode_t
-posix_acl_inherit_mode (struct posix_acl *acl, mode_t modein)
-{
- struct posix_ace *ace = NULL;
- int count = 0;
- int i = 0;
- mode_t newmode = 0;
- mode_t mode = 0;
- struct posix_ace *mask_ce = NULL;
- struct posix_ace *group_ce = NULL;
-
- newmode = mode = modein;
-
- count = acl->count;
-
- ace = acl->entries;
- for (i = 0; i < count; i++) {
- switch (ace->tag) {
- case POSIX_ACL_USER_OBJ:
- ace->perm &= (mode >> 6) | ~S_IRWXO;
- mode &= (ace->perm << 6) | ~S_IRWXU;
- break;
- case POSIX_ACL_GROUP_OBJ:
- group_ce = ace;
- break;
- case POSIX_ACL_MASK:
- mask_ce = ace;
- break;
- case POSIX_ACL_OTHER:
- ace->perm &= (mode) | ~S_IRWXO;
- mode &= (ace->perm) | ~S_IRWXO;
- break;
- }
- ace++;
+posix_acl_inherit_mode(struct posix_acl *acl, mode_t modein)
+{
+ struct posix_ace *ace = NULL;
+ int count = 0;
+ int i = 0;
+ mode_t newmode = 0;
+ mode_t mode = 0;
+ struct posix_ace *mask_ce = NULL;
+ struct posix_ace *group_ce = NULL;
+
+ newmode = mode = modein;
+
+ count = acl->count;
+
+ ace = acl->entries;
+ for (i = 0; i < count; i++) {
+ switch (ace->tag) {
+ case POSIX_ACL_USER_OBJ:
+ ace->perm &= (mode >> 6) | ~S_IRWXO;
+ mode &= (ace->perm << 6) | ~S_IRWXU;
+ break;
+ case POSIX_ACL_GROUP_OBJ:
+ group_ce = ace;
+ break;
+ case POSIX_ACL_MASK:
+ mask_ce = ace;
+ break;
+ case POSIX_ACL_OTHER:
+ ace->perm &= (mode) | ~S_IRWXO;
+ mode &= (ace->perm) | ~S_IRWXO;
+ break;
}
+ ace++;
+ }
- if (mask_ce) {
- mask_ce->perm &= (mode >> 3) | ~S_IRWXO;
- mode &= (mask_ce->perm << 3) | ~S_IRWXG;
- } else if (group_ce) {
- group_ce->perm &= (mode >> 3) | ~S_IRWXO;
- mode &= (group_ce->perm << 3) | ~S_IRWXG;
- }
+ if (mask_ce) {
+ mask_ce->perm &= (mode >> 3) | ~S_IRWXO;
+ mode &= (mask_ce->perm << 3) | ~S_IRWXG;
+ } else if (group_ce) {
+ group_ce->perm &= (mode >> 3) | ~S_IRWXO;
+ mode &= (group_ce->perm << 3) | ~S_IRWXG;
+ }
- newmode = ((modein & (S_IFMT | S_ISUID | S_ISGID | S_ISVTX)) |
- (mode & (S_IRWXU|S_IRWXG|S_IRWXO)));
+ newmode = ((modein & (S_IFMT | S_ISUID | S_ISGID | S_ISVTX)) |
+ (mode & (S_IRWXU | S_IRWXG | S_IRWXO)));
- return newmode;
+ return newmode;
}
-
mode_t
-posix_acl_inherit (xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
- int32_t umask, int is_dir)
-{
- int ret = 0;
- struct posix_acl *par_default = NULL;
- struct posix_acl *acl_default = NULL;
- struct posix_acl *acl_access = NULL;
- struct posix_acl_ctx *ctx = NULL;
- char *xattr_default = NULL;
- char *xattr_access = NULL;
- int size_default = 0;
- int size_access = 0;
- mode_t retmode = 0;
- int16_t tmp_mode = 0;
- mode_t client_umask = 0;
-
- retmode = mode;
- client_umask = umask;
- ret = dict_get_int16 (params, "umask", &tmp_mode);
+posix_acl_inherit(xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
+ int32_t umask, int is_dir)
+{
+ int ret = 0;
+ struct posix_acl *par_default = NULL;
+ struct posix_acl *acl_default = NULL;
+ struct posix_acl *acl_access = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ char *xattr_default = NULL;
+ char *xattr_access = NULL;
+ int size_default = 0;
+ int size_access = 0;
+ mode_t retmode = 0;
+ int16_t tmp_mode = 0;
+ mode_t client_umask = 0;
+
+ retmode = mode;
+ client_umask = umask;
+ ret = dict_get_int16(params, "umask", &tmp_mode);
+ if (ret == 0) {
+ client_umask = (mode_t)tmp_mode;
+ dict_del(params, "umask");
+ ret = dict_get_int16(params, "mode", &tmp_mode);
if (ret == 0) {
- client_umask = (mode_t)tmp_mode;
- dict_del (params, "umask");
- ret = dict_get_int16 (params, "mode", &tmp_mode);
- if (ret == 0) {
- retmode = (mode_t)tmp_mode;
- dict_del (params, "mode");
- } else {
- gf_log (this->name, GF_LOG_ERROR,
- "client sent umask, but not the original mode");
- }
+ retmode = (mode_t)tmp_mode;
+ dict_del(params, "mode");
+ } else {
+ gf_log(this->name, GF_LOG_ERROR,
+ "client sent umask, but not the original mode");
}
+ }
- ret = posix_acl_get (loc->parent, this, NULL, &par_default);
+ ret = posix_acl_get(loc->parent, this, NULL, &par_default);
- if (!par_default)
- goto out;
-
- ctx = posix_acl_ctx_new (loc->inode, this);
+ if (!par_default)
+ goto out;
- acl_access = posix_acl_dup (this, par_default);
- if (!acl_access)
- goto out;
+ ctx = posix_acl_ctx_new(loc->inode, this);
- client_umask = 0; // No umask if we inherit an ACL
- retmode = posix_acl_inherit_mode (acl_access, retmode);
- ctx->perm = retmode;
+ acl_access = posix_acl_dup(this, par_default);
+ if (!acl_access)
+ goto out;
- size_access = posix_acl_to_xattr (this, acl_access, NULL, 0);
- xattr_access = GF_CALLOC (1, size_access, gf_posix_acl_mt_char);
- if (!xattr_access) {
- gf_log (this->name, GF_LOG_ERROR, "out of memory");
- ret = -1;
- goto out;
- }
- posix_acl_to_xattr (this, acl_access, xattr_access, size_access);
-
- ret = dict_set_bin (params, POSIX_ACL_ACCESS_XATTR, xattr_access,
- size_access);
- if (ret) {
- gf_log (this->name, GF_LOG_ERROR, "out of memory");
- GF_FREE (xattr_access);
- ret = -1;
- goto out;
- }
+ client_umask = 0; // No umask if we inherit an ACL
+ retmode = posix_acl_inherit_mode(acl_access, retmode);
+ ctx->perm = retmode;
- if (!is_dir)
- goto set;
+ size_access = posix_acl_to_xattr(this, acl_access, NULL, 0);
+ xattr_access = GF_CALLOC(1, size_access, gf_posix_acl_mt_char);
+ if (!xattr_access) {
+ gf_log(this->name, GF_LOG_ERROR, "out of memory");
+ ret = -1;
+ goto out;
+ }
+ posix_acl_to_xattr(this, acl_access, xattr_access, size_access);
+
+ ret = dict_set_bin(params, POSIX_ACL_ACCESS_XATTR, xattr_access,
+ size_access);
+ if (ret) {
+ gf_log(this->name, GF_LOG_ERROR, "out of memory");
+ GF_FREE(xattr_access);
+ ret = -1;
+ goto out;
+ }
+ if (!is_dir)
+ goto set;
- acl_default = posix_acl_ref (this, par_default);
+ acl_default = posix_acl_ref(this, par_default);
- size_default = posix_acl_to_xattr (this, acl_default, NULL, 0);
- xattr_default = GF_CALLOC (1, size_default, gf_posix_acl_mt_char);
- if (!xattr_default) {
- gf_log (this->name, GF_LOG_ERROR, "out of memory");
- ret = -1;
- goto out;
- }
- posix_acl_to_xattr (this, acl_default, xattr_default, size_default);
-
- ret = dict_set_bin (params, POSIX_ACL_DEFAULT_XATTR, xattr_default,
- size_default);
- if (ret) {
- gf_log (this->name, GF_LOG_ERROR, "out of memory");
- GF_FREE (xattr_default);
- ret = -1;
- goto out;
- }
+ size_default = posix_acl_to_xattr(this, acl_default, NULL, 0);
+ xattr_default = GF_CALLOC(1, size_default, gf_posix_acl_mt_char);
+ if (!xattr_default) {
+ gf_log(this->name, GF_LOG_ERROR, "out of memory");
+ ret = -1;
+ goto out;
+ }
+ posix_acl_to_xattr(this, acl_default, xattr_default, size_default);
+
+ ret = dict_set_bin(params, POSIX_ACL_DEFAULT_XATTR, xattr_default,
+ size_default);
+ if (ret) {
+ gf_log(this->name, GF_LOG_ERROR, "out of memory");
+ GF_FREE(xattr_default);
+ ret = -1;
+ goto out;
+ }
set:
- ret = posix_acl_set (loc->inode, this, acl_access, acl_default);
- if (ret != 0)
- goto out;
+ ret = posix_acl_set(loc->inode, this, acl_access, acl_default);
+ if (ret != 0)
+ goto out;
out:
- retmode &= ~client_umask;
+ retmode &= ~client_umask;
- if (par_default)
- posix_acl_unref (this, par_default);
- if (acl_access)
- posix_acl_unref (this, acl_access);
- if (acl_default)
- posix_acl_unref (this, acl_default);
+ if (par_default)
+ posix_acl_unref(this, par_default);
+ if (acl_access)
+ posix_acl_unref(this, acl_access);
+ if (acl_default)
+ posix_acl_unref(this, acl_default);
- return retmode;
+ return retmode;
}
-
mode_t
-posix_acl_inherit_dir (xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
- int32_t umask)
+posix_acl_inherit_dir(xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
+ int32_t umask)
{
- mode_t retmode = 0;
+ mode_t retmode = 0;
- retmode = posix_acl_inherit (this, loc, params, mode, umask, 1);
+ retmode = posix_acl_inherit(this, loc, params, mode, umask, 1);
- return retmode;
+ return retmode;
}
-
mode_t
-posix_acl_inherit_file (xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
- int32_t umask)
+posix_acl_inherit_file(xlator_t *this, loc_t *loc, dict_t *params, mode_t mode,
+ int32_t umask)
{
- mode_t retmode = 0;
+ mode_t retmode = 0;
- retmode = posix_acl_inherit (this, loc, params, mode, umask, 0);
+ retmode = posix_acl_inherit(this, loc, params, mode, umask, 0);
- return retmode;
+ return retmode;
}
int
-posix_acl_ctx_update (inode_t *inode, xlator_t *this, struct iatt *buf,
- glusterfs_fop_t fop)
+posix_acl_ctx_update(inode_t *inode, xlator_t *this, struct iatt *buf,
+ glusterfs_fop_t fop)
{
- struct posix_acl_ctx *ctx = NULL;
- struct posix_acl *acl = NULL;
- struct posix_ace *ace = NULL;
- struct posix_ace *mask_ce = NULL;
- struct posix_ace *group_ce = NULL;
- int ret = 0;
- int i = 0;
-
- LOCK(&inode->lock);
- {
- ctx = __posix_acl_ctx_get (inode, this, _gf_true);
- if (!ctx) {
- ret = -1;
- goto unlock;
- }
+ struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl *acl = NULL;
+ struct posix_ace *ace = NULL;
+ struct posix_ace *mask_ce = NULL;
+ struct posix_ace *group_ce = NULL;
+ int ret = 0;
+ int i = 0;
- ctx->uid = buf->ia_uid;
- ctx->gid = buf->ia_gid;
- ctx->perm = st_mode_from_ia (buf->ia_prot, buf->ia_type);
- ctx->fop = fop;
-
- acl = ctx->acl_access;
- if (!_does_acl_exist (acl))
- goto unlock;
-
- /* This is an extended ACL (not minimal acl). In case we
- are only refreshing from iatt and not ACL xattrs (for
- e.g. from postattributes of setattr() call, we need to
- update the corresponding ACEs as well.
- */
- ace = acl->entries;
- for (i = 0; i < acl->count; i++) {
- switch (ace->tag) {
- case POSIX_ACL_USER_OBJ:
- ace->perm = (ctx->perm & S_IRWXU) >> 6;
- break;
- case POSIX_ACL_USER:
- case POSIX_ACL_GROUP:
- break;
- case POSIX_ACL_GROUP_OBJ:
- group_ce = ace;
- break;
- case POSIX_ACL_MASK:
- mask_ce = ace;
- break;
- case POSIX_ACL_OTHER:
- ace->perm = (ctx->perm & S_IRWXO);
- break;
- }
- ace++;
- }
-
- if (mask_ce)
- mask_ce->perm = (ctx->perm & S_IRWXG) >> 3;
- else if (group_ce)
- group_ce->perm = (ctx->perm & S_IRWXG) >> 3;
- else
- ret = -1;
+ LOCK(&inode->lock);
+ {
+ ctx = __posix_acl_ctx_get(inode, this, _gf_true);
+ if (!ctx) {
+ ret = -1;
+ goto unlock;
}
-unlock:
- UNLOCK(&inode->lock);
- return ret;
-}
-int
-posix_acl_lookup_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, inode_t *inode,
- struct iatt *buf, dict_t *xattr, struct iatt *postparent)
-{
- struct posix_acl *acl_access = NULL;
- struct posix_acl *acl_default = NULL;
- struct posix_acl *old_access = NULL;
- struct posix_acl *old_default = NULL;
- struct posix_acl_ctx *ctx = NULL;
- data_t *data = NULL;
- int ret = 0;
- dict_t *my_xattr = NULL;
+ ctx->uid = buf->ia_uid;
+ ctx->gid = buf->ia_gid;
+ ctx->perm = st_mode_from_ia(buf->ia_prot, buf->ia_type);
+ ctx->fop = fop;
- if (op_ret != 0)
- goto unwind;
+ acl = ctx->acl_access;
+ if (!_does_acl_exist(acl))
+ goto unlock;
- ctx = posix_acl_ctx_new (inode, this);
- if (!ctx) {
- op_ret = -1;
- op_errno = ENOMEM;
- goto unwind;
+ /* This is an extended ACL (not minimal acl). In case we
+ are only refreshing from iatt and not ACL xattrs (for
+ e.g. from postattributes of setattr() call, we need to
+ update the corresponding ACEs as well.
+ */
+ ace = acl->entries;
+ for (i = 0; i < acl->count; i++) {
+ switch (ace->tag) {
+ case POSIX_ACL_USER_OBJ:
+ ace->perm = (ctx->perm & S_IRWXU) >> 6;
+ break;
+ case POSIX_ACL_USER:
+ case POSIX_ACL_GROUP:
+ break;
+ case POSIX_ACL_GROUP_OBJ:
+ group_ce = ace;
+ break;
+ case POSIX_ACL_MASK:
+ mask_ce = ace;
+ break;
+ case POSIX_ACL_OTHER:
+ ace->perm = (ctx->perm & S_IRWXO);
+ break;
+ }
+ ace++;
}
- ret = posix_acl_get (inode, this, &old_access, &old_default);
-
- if (xattr == NULL)
- goto acl_set;
-
- data = dict_get (xattr, POSIX_ACL_ACCESS_XATTR);
- if (!data)
- goto acl_default;
+ if (mask_ce)
+ mask_ce->perm = (ctx->perm & S_IRWXG) >> 3;
+ else if (group_ce)
+ group_ce->perm = (ctx->perm & S_IRWXG) >> 3;
+ else
+ ret = -1;
+ }
+unlock:
+ UNLOCK(&inode->lock);
+ return ret;
+}
- if (old_access &&
- posix_acl_matches_xattr (this, old_access, data->data,
- data->len)) {
- acl_access = posix_acl_ref (this, old_access);
- } else {
- acl_access = posix_acl_from_xattr (this, data->data,
- data->len);
- }
+int
+posix_acl_lookup_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
+ dict_t *xattr, struct iatt *postparent)
+{
+ struct posix_acl *acl_access = NULL;
+ struct posix_acl *acl_default = NULL;
+ struct posix_acl *old_access = NULL;
+ struct posix_acl *old_default = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ data_t *data = NULL;
+ int ret = 0;
+ dict_t *my_xattr = NULL;
+
+ if (op_ret != 0)
+ goto unwind;
+
+ ctx = posix_acl_ctx_new(inode, this);
+ if (!ctx) {
+ op_ret = -1;
+ op_errno = ENOMEM;
+ goto unwind;
+ }
+
+ ret = posix_acl_get(inode, this, &old_access, &old_default);
+
+ if (xattr == NULL)
+ goto acl_set;
+
+ data = dict_get(xattr, POSIX_ACL_ACCESS_XATTR);
+ if (!data)
+ goto acl_default;
+
+ if (old_access &&
+ posix_acl_matches_xattr(this, old_access, data->data, data->len)) {
+ acl_access = posix_acl_ref(this, old_access);
+ } else {
+ acl_access = posix_acl_from_xattr(this, data->data, data->len);
+ }
acl_default:
- data = dict_get (xattr, POSIX_ACL_DEFAULT_XATTR);
- if (!data)
- goto acl_set;
+ data = dict_get(xattr, POSIX_ACL_DEFAULT_XATTR);
+ if (!data)
+ goto acl_set;
- if (old_default &&
- posix_acl_matches_xattr (this, old_default, data->data,
- data->len)) {
- acl_default = posix_acl_ref (this, old_default);
- } else {
- acl_default = posix_acl_from_xattr (this, data->data,
- data->len);
- }
+ if (old_default &&
+ posix_acl_matches_xattr(this, old_default, data->data, data->len)) {
+ acl_default = posix_acl_ref(this, old_default);
+ } else {
+ acl_default = posix_acl_from_xattr(this, data->data, data->len);
+ }
acl_set:
- posix_acl_ctx_update (inode, this, buf, GF_FOP_LOOKUP);
+ posix_acl_ctx_update(inode, this, buf, GF_FOP_LOOKUP);
- ret = posix_acl_set (inode, this, acl_access, acl_default);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING,
- "failed to set ACL in context");
+ ret = posix_acl_set(inode, this, acl_access, acl_default);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set ACL in context");
unwind:
- my_xattr = frame->local;
- frame->local = NULL;
- STACK_UNWIND_STRICT (lookup, frame, op_ret, op_errno, inode, buf, xattr,
- postparent);
+ my_xattr = frame->local;
+ frame->local = NULL;
+ STACK_UNWIND_STRICT(lookup, frame, op_ret, op_errno, inode, buf, xattr,
+ postparent);
- if (acl_access)
- posix_acl_unref (this, acl_access);
- if (acl_default)
- posix_acl_unref (this, acl_default);
- if (old_access)
- posix_acl_unref (this, old_access);
- if (old_default)
- posix_acl_unref (this, old_default);
- if (my_xattr)
- dict_unref (my_xattr);
+ if (acl_access)
+ posix_acl_unref(this, acl_access);
+ if (acl_default)
+ posix_acl_unref(this, acl_default);
+ if (old_access)
+ posix_acl_unref(this, old_access);
+ if (old_default)
+ posix_acl_unref(this, old_default);
+ if (my_xattr)
+ dict_unref(my_xattr);
- return 0;
+ return 0;
}
-
int
-posix_acl_lookup (call_frame_t *frame, xlator_t *this, loc_t *loc,
- dict_t *xattr)
+posix_acl_lookup(call_frame_t *frame, xlator_t *this, loc_t *loc, dict_t *xattr)
{
- int ret = 0;
- dict_t *my_xattr = NULL;
+ int ret = 0;
+ dict_t *my_xattr = NULL;
- if (!loc->parent)
- /* lookup of / is always permitted */
- goto green;
+ if (!loc->parent)
+ /* lookup of / is always permitted */
+ goto green;
- if (acl_permits (frame, loc->parent, POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- if (xattr) {
- my_xattr = dict_ref (xattr);
- } else {
- my_xattr = dict_new ();
- }
-
- ret = dict_set_int8 (my_xattr, POSIX_ACL_ACCESS_XATTR, 0);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING, "failed to set key %s",
- POSIX_ACL_ACCESS_XATTR);
-
- ret = dict_set_int8 (my_xattr, POSIX_ACL_DEFAULT_XATTR, 0);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING, "failed to set key %s",
- POSIX_ACL_DEFAULT_XATTR);
-
- frame->local = my_xattr;
- STACK_WIND (frame, posix_acl_lookup_cbk,
- FIRST_CHILD (this), FIRST_CHILD (this)->fops->lookup,
- loc, my_xattr);
- return 0;
+ if (xattr) {
+ my_xattr = dict_ref(xattr);
+ } else {
+ my_xattr = dict_new();
+ }
+
+ ret = dict_set_int8(my_xattr, POSIX_ACL_ACCESS_XATTR, 0);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set key %s",
+ POSIX_ACL_ACCESS_XATTR);
+
+ ret = dict_set_int8(my_xattr, POSIX_ACL_DEFAULT_XATTR, 0);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set key %s",
+ POSIX_ACL_DEFAULT_XATTR);
+
+ frame->local = my_xattr;
+ STACK_WIND(frame, posix_acl_lookup_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->lookup, loc, my_xattr);
+ return 0;
red:
- STACK_UNWIND_STRICT (lookup, frame, -1, EACCES, NULL, NULL, NULL,
- NULL);
-
- return 0;
-}
-
-
-int
-posix_acl_access (call_frame_t *frame, xlator_t *this, loc_t *loc, int mask,
- dict_t *xdata)
-{
- int op_ret = 0;
- int op_errno = 0;
- int perm = 0;
- int mode = 0;
- int is_fuse_call = 0;
-
- is_fuse_call = __is_fuse_call (frame);
-
- if (mask & R_OK)
- perm |= POSIX_ACL_READ;
- if (mask & W_OK)
- perm |= POSIX_ACL_WRITE;
- if (mask & X_OK)
- perm |= POSIX_ACL_EXECUTE;
- if (!mask) {
- goto unwind;
+ STACK_UNWIND_STRICT(lookup, frame, -1, EACCES, NULL, NULL, NULL, NULL);
+
+ return 0;
+}
+
+int
+posix_acl_access(call_frame_t *frame, xlator_t *this, loc_t *loc, int mask,
+ dict_t *xdata)
+{
+ int op_ret = 0;
+ int op_errno = 0;
+ int perm = 0;
+ int mode = 0;
+ int is_fuse_call = 0;
+
+ is_fuse_call = __is_fuse_call(frame);
+
+ if (mask & R_OK)
+ perm |= POSIX_ACL_READ;
+ if (mask & W_OK)
+ perm |= POSIX_ACL_WRITE;
+ if (mask & X_OK)
+ perm |= POSIX_ACL_EXECUTE;
+ if (!mask) {
+ goto unwind;
+ }
+ if (!perm) {
+ op_ret = -1;
+ op_errno = EINVAL;
+ goto unwind;
+ }
+
+ if (is_fuse_call) {
+ mode = acl_permits(frame, loc->inode, perm);
+ if (mode) {
+ op_ret = 0;
+ op_errno = 0;
+ } else {
+ op_ret = -1;
+ op_errno = EACCES;
}
- if (!perm) {
- op_ret = -1;
- op_errno = EINVAL;
- goto unwind;
+ } else {
+ if (perm & POSIX_ACL_READ) {
+ if (acl_permits(frame, loc->inode, POSIX_ACL_READ))
+ mode |= POSIX_ACL_READ;
}
- if (is_fuse_call) {
- mode = acl_permits (frame, loc->inode, perm);
- if (mode) {
- op_ret = 0;
- op_errno = 0;
- } else {
- op_ret = -1;
- op_errno = EACCES;
- }
- } else {
- if (perm & POSIX_ACL_READ) {
- if (acl_permits (frame, loc->inode, POSIX_ACL_READ))
- mode |= POSIX_ACL_READ;
- }
-
- if (perm & POSIX_ACL_WRITE) {
- if (acl_permits (frame, loc->inode, POSIX_ACL_WRITE))
- mode |= POSIX_ACL_WRITE;
- }
+ if (perm & POSIX_ACL_WRITE) {
+ if (acl_permits(frame, loc->inode, POSIX_ACL_WRITE))
+ mode |= POSIX_ACL_WRITE;
+ }
- if (perm & POSIX_ACL_EXECUTE) {
- if (acl_permits (frame, loc->inode, POSIX_ACL_EXECUTE))
- mode |= POSIX_ACL_EXECUTE;
- }
+ if (perm & POSIX_ACL_EXECUTE) {
+ if (acl_permits(frame, loc->inode, POSIX_ACL_EXECUTE))
+ mode |= POSIX_ACL_EXECUTE;
}
+ }
unwind:
- if (is_fuse_call)
- STACK_UNWIND_STRICT (access, frame, op_ret, op_errno, NULL);
- else
- STACK_UNWIND_STRICT (access, frame, 0, mode, NULL);
- return 0;
+ if (is_fuse_call)
+ STACK_UNWIND_STRICT(access, frame, op_ret, op_errno, NULL);
+ else
+ STACK_UNWIND_STRICT(access, frame, 0, mode, NULL);
+ return 0;
}
-
int
-posix_acl_truncate_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, struct iatt *prebuf,
- struct iatt *postbuf, dict_t *xdata)
+posix_acl_truncate_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *prebuf,
+ struct iatt *postbuf, dict_t *xdata)
{
- STACK_UNWIND_STRICT (truncate, frame, op_ret, op_errno, prebuf,
- postbuf, xdata);
+ STACK_UNWIND_STRICT(truncate, frame, op_ret, op_errno, prebuf, postbuf,
+ xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_truncate (call_frame_t *frame, xlator_t *this, loc_t *loc, off_t off,
- dict_t *xdata)
+posix_acl_truncate(call_frame_t *frame, xlator_t *this, loc_t *loc, off_t off,
+ dict_t *xdata)
{
- struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_ctx *ctx = NULL;
- if (acl_permits (frame, loc->inode, POSIX_ACL_WRITE))
- goto green;
- /* NFS does a truncate through SETATTR, the owner does not need write
- * permissions for this. Group permissions and root are checked above.
- */
- else if (frame->root->pid == NFS_PID) {
- ctx = posix_acl_ctx_get (loc->inode, frame->this);
+ if (acl_permits(frame, loc->inode, POSIX_ACL_WRITE))
+ goto green;
+ /* NFS does a truncate through SETATTR, the owner does not need write
+ * permissions for this. Group permissions and root are checked above.
+ */
+ else if (frame->root->pid == NFS_PID) {
+ ctx = posix_acl_ctx_get(loc->inode, frame->this);
- if (ctx && frame_is_user (frame, ctx->uid))
- goto green;
- }
+ if (ctx && frame_is_user(frame, ctx->uid))
+ goto green;
+ }
- /* fail by default */
- STACK_UNWIND_STRICT (truncate, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ /* fail by default */
+ STACK_UNWIND_STRICT(truncate, frame, -1, EACCES, NULL, NULL, NULL);
+ return 0;
green:
- STACK_WIND (frame, posix_acl_truncate_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->truncate,
- loc, off, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_truncate_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->truncate, loc, off, xdata);
+ return 0;
}
-
int
-posix_acl_open_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, fd_t *fd, dict_t *xdata)
+posix_acl_open_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, fd_t *fd, dict_t *xdata)
{
- STACK_UNWIND_STRICT (open, frame, op_ret, op_errno, fd, xdata);
+ STACK_UNWIND_STRICT(open, frame, op_ret, op_errno, fd, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_open (call_frame_t *frame, xlator_t *this, loc_t *loc, int flags,
- fd_t *fd, dict_t *xdata)
+posix_acl_open(call_frame_t *frame, xlator_t *this, loc_t *loc, int flags,
+ fd_t *fd, dict_t *xdata)
{
- int perm = 0;
+ int perm = 0;
- switch (flags & O_ACCMODE) {
+ switch (flags & O_ACCMODE) {
case O_RDONLY:
- perm = POSIX_ACL_READ;
+ perm = POSIX_ACL_READ;
- /* If O_FMODE_EXEC is present, its good enough
- to have '--x' perm, and its not covered in
- O_ACCMODE bits */
- if (flags & O_FMODE_EXEC)
- perm = POSIX_ACL_EXECUTE;
+ /* If O_FMODE_EXEC is present, its good enough
+ to have '--x' perm, and its not covered in
+ O_ACCMODE bits */
+ if (flags & O_FMODE_EXEC)
+ perm = POSIX_ACL_EXECUTE;
- break;
+ break;
case O_WRONLY:
- perm = POSIX_ACL_WRITE;
- break;
+ perm = POSIX_ACL_WRITE;
+ break;
case O_RDWR:
- perm = POSIX_ACL_READ|POSIX_ACL_WRITE;
- break;
- }
+ perm = POSIX_ACL_READ | POSIX_ACL_WRITE;
+ break;
+ }
- if (flags & (O_TRUNC | O_APPEND))
- perm |= POSIX_ACL_WRITE;
+ if (flags & (O_TRUNC | O_APPEND))
+ perm |= POSIX_ACL_WRITE;
- if (acl_permits (frame, loc->inode, perm))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->inode, perm))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_open_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->open,
- loc, flags, fd, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_open_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->open, loc, flags, fd, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (open, frame, -1, EACCES, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(open, frame, -1, EACCES, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_readv_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, struct iovec *vector,
- int count, struct iatt *stbuf, struct iobref *iobref,
- dict_t *xdata)
+posix_acl_readv_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iovec *vector, int count,
+ struct iatt *stbuf, struct iobref *iobref, dict_t *xdata)
{
- STACK_UNWIND_STRICT (readv, frame, op_ret, op_errno, vector, count,
- stbuf, iobref, xdata);
- return 0;
+ STACK_UNWIND_STRICT(readv, frame, op_ret, op_errno, vector, count, stbuf,
+ iobref, xdata);
+ return 0;
}
-
int
-posix_acl_readv (call_frame_t *frame, xlator_t *this, fd_t *fd,
- size_t size, off_t offset, uint32_t flags, dict_t *xdata)
+posix_acl_readv(call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
+ off_t offset, uint32_t flags, dict_t *xdata)
{
- if (__is_fuse_call (frame))
- goto green;
+ if (__is_fuse_call(frame))
+ goto green;
- if (acl_permits (frame, fd->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_readv_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->readv,
- fd, size, offset, flags, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_readv_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->readv, fd, size, offset, flags, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (readv, frame, -1, EACCES, NULL, 0, NULL, NULL,
- NULL);
- return 0;
+ STACK_UNWIND_STRICT(readv, frame, -1, EACCES, NULL, 0, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_writev_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno,
- struct iatt *prebuf, struct iatt *postbuf, dict_t *xdata)
+posix_acl_writev_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *prebuf,
+ struct iatt *postbuf, dict_t *xdata)
{
- STACK_UNWIND_STRICT (writev, frame, op_ret, op_errno,
- prebuf, postbuf, xdata);
- return 0;
+ STACK_UNWIND_STRICT(writev, frame, op_ret, op_errno, prebuf, postbuf,
+ xdata);
+ return 0;
}
-
int
-posix_acl_writev (call_frame_t *frame, xlator_t *this, fd_t *fd,
- struct iovec *vector, int count, off_t offset,
- uint32_t flags, struct iobref *iobref, dict_t *xdata)
+posix_acl_writev(call_frame_t *frame, xlator_t *this, fd_t *fd,
+ struct iovec *vector, int count, off_t offset, uint32_t flags,
+ struct iobref *iobref, dict_t *xdata)
{
- if (__is_fuse_call (frame))
- goto green;
+ if (__is_fuse_call(frame))
+ goto green;
- if (acl_permits (frame, fd->inode, POSIX_ACL_WRITE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_WRITE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_writev_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->writev,
- fd, vector, count, offset, flags, iobref, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_writev_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->writev, fd, vector, count, offset,
+ flags, iobref, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (writev, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(writev, frame, -1, EACCES, NULL, NULL, NULL);
+ return 0;
}
-
-
int
-posix_acl_ftruncate_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, struct iatt *prebuf,
- struct iatt *postbuf, dict_t *xdata)
+posix_acl_ftruncate_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *prebuf,
+ struct iatt *postbuf, dict_t *xdata)
{
- STACK_UNWIND_STRICT (ftruncate, frame, op_ret, op_errno,
- prebuf, postbuf, xdata);
- return 0;
+ STACK_UNWIND_STRICT(ftruncate, frame, op_ret, op_errno, prebuf, postbuf,
+ xdata);
+ return 0;
}
-
int
-posix_acl_ftruncate (call_frame_t *frame, xlator_t *this, fd_t *fd,
- off_t offset, dict_t *xdata)
+posix_acl_ftruncate(call_frame_t *frame, xlator_t *this, fd_t *fd, off_t offset,
+ dict_t *xdata)
{
- if (__is_fuse_call (frame))
- goto green;
+ if (__is_fuse_call(frame))
+ goto green;
- if (acl_permits (frame, fd->inode, POSIX_ACL_WRITE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_WRITE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_ftruncate_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->ftruncate,
- fd, offset, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_ftruncate_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->ftruncate, fd, offset, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (ftruncate, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(ftruncate, frame, -1, EACCES, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_opendir_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, fd_t *fd, dict_t *xdata)
+posix_acl_opendir_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, fd_t *fd, dict_t *xdata)
{
- STACK_UNWIND_STRICT (opendir, frame, op_ret, op_errno, fd, xdata);
+ STACK_UNWIND_STRICT(opendir, frame, op_ret, op_errno, fd, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_opendir (call_frame_t *frame, xlator_t *this, loc_t *loc, fd_t *fd, dict_t *xdata)
+posix_acl_opendir(call_frame_t *frame, xlator_t *this, loc_t *loc, fd_t *fd,
+ dict_t *xdata)
{
- if (acl_permits (frame, loc->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_opendir_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->opendir,
- loc, fd, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_opendir_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->opendir, loc, fd, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (opendir, frame, -1, EACCES, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(opendir, frame, -1, EACCES, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_mkdir_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
- struct iatt *preparent, struct iatt *postparent,
- dict_t *xdata)
+posix_acl_mkdir_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
+ struct iatt *preparent, struct iatt *postparent,
+ dict_t *xdata)
{
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, buf, GF_FOP_MKDIR);
+ posix_acl_ctx_update(inode, this, buf, GF_FOP_MKDIR);
unwind:
- STACK_UNWIND_STRICT (mkdir, frame, op_ret, op_errno, inode, buf,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(mkdir, frame, op_ret, op_errno, inode, buf, preparent,
+ postparent, xdata);
+ return 0;
}
-
int
-posix_acl_mkdir (call_frame_t *frame, xlator_t *this, loc_t *loc, mode_t mode,
- mode_t umask, dict_t *xdata)
+posix_acl_mkdir(call_frame_t *frame, xlator_t *this, loc_t *loc, mode_t mode,
+ mode_t umask, dict_t *xdata)
{
- mode_t newmode = 0;
+ mode_t newmode = 0;
- newmode = mode;
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ newmode = mode;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- newmode = posix_acl_inherit_dir (this, loc, xdata, mode, umask);
+ newmode = posix_acl_inherit_dir(this, loc, xdata, mode, umask);
- STACK_WIND (frame, posix_acl_mkdir_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->mkdir,
- loc, newmode, umask, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_mkdir_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->mkdir, loc, newmode, umask, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (mkdir, frame, -1, EACCES, NULL, NULL, NULL, NULL,
- NULL);
- return 0;
+ STACK_UNWIND_STRICT(mkdir, frame, -1, EACCES, NULL, NULL, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_mknod_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
- struct iatt *preparent, struct iatt *postparent,
- dict_t *xdata)
+posix_acl_mknod_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
+ struct iatt *preparent, struct iatt *postparent,
+ dict_t *xdata)
{
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, buf, GF_FOP_MKNOD);
+ posix_acl_ctx_update(inode, this, buf, GF_FOP_MKNOD);
unwind:
- STACK_UNWIND_STRICT (mknod, frame, op_ret, op_errno, inode, buf,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(mknod, frame, op_ret, op_errno, inode, buf, preparent,
+ postparent, xdata);
+ return 0;
}
-
int
-posix_acl_mknod (call_frame_t *frame, xlator_t *this, loc_t *loc, mode_t mode,
- dev_t rdev, mode_t umask, dict_t *xdata)
+posix_acl_mknod(call_frame_t *frame, xlator_t *this, loc_t *loc, mode_t mode,
+ dev_t rdev, mode_t umask, dict_t *xdata)
{
- mode_t newmode = 0;
+ mode_t newmode = 0;
- newmode = mode;
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ newmode = mode;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- newmode = posix_acl_inherit_file (this, loc, xdata, mode, umask);
+ newmode = posix_acl_inherit_file(this, loc, xdata, mode, umask);
- STACK_WIND (frame, posix_acl_mknod_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->mknod,
- loc, newmode, rdev, umask, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_mknod_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->mknod, loc, newmode, rdev, umask,
+ xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (mknod, frame, -1, EACCES, NULL, NULL, NULL, NULL,
- NULL);
- return 0;
+ STACK_UNWIND_STRICT(mknod, frame, -1, EACCES, NULL, NULL, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_create_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, fd_t *fd, inode_t *inode,
- struct iatt *buf, struct iatt *preparent,
- struct iatt *postparent, dict_t *xdata)
+posix_acl_create_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, fd_t *fd, inode_t *inode,
+ struct iatt *buf, struct iatt *preparent,
+ struct iatt *postparent, dict_t *xdata)
{
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, buf, GF_FOP_CREATE);
+ posix_acl_ctx_update(inode, this, buf, GF_FOP_CREATE);
unwind:
- STACK_UNWIND_STRICT (create, frame, op_ret, op_errno, fd, inode, buf,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(create, frame, op_ret, op_errno, fd, inode, buf,
+ preparent, postparent, xdata);
+ return 0;
}
-
int
-posix_acl_create (call_frame_t *frame, xlator_t *this, loc_t *loc, int flags,
- mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata)
+posix_acl_create(call_frame_t *frame, xlator_t *this, loc_t *loc, int flags,
+ mode_t mode, mode_t umask, fd_t *fd, dict_t *xdata)
{
- mode_t newmode = 0;
+ mode_t newmode = 0;
- newmode = mode;
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ newmode = mode;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- newmode = posix_acl_inherit_file (this, loc, xdata, mode, umask);
+ newmode = posix_acl_inherit_file(this, loc, xdata, mode, umask);
- STACK_WIND (frame, posix_acl_create_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->create,
- loc, flags, newmode, umask, fd, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_create_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->create, loc, flags, newmode, umask, fd,
+ xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (create, frame, -1, EACCES, NULL, NULL, NULL,
- NULL, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(create, frame, -1, EACCES, NULL, NULL, NULL, NULL, NULL,
+ NULL);
+ return 0;
}
-
int
-posix_acl_symlink_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
+posix_acl_symlink_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
int op_ret, int op_errno, inode_t *inode,
struct iatt *buf, struct iatt *preparent,
struct iatt *postparent, dict_t *xdata)
{
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, buf, GF_FOP_SYMLINK);
+ posix_acl_ctx_update(inode, this, buf, GF_FOP_SYMLINK);
unwind:
- STACK_UNWIND_STRICT (symlink, frame, op_ret, op_errno, inode, buf,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(symlink, frame, op_ret, op_errno, inode, buf, preparent,
+ postparent, xdata);
+ return 0;
}
-
int
-posix_acl_symlink (call_frame_t *frame, xlator_t *this, const char *linkname,
- loc_t *loc, mode_t umask, dict_t *xdata)
+posix_acl_symlink(call_frame_t *frame, xlator_t *this, const char *linkname,
+ loc_t *loc, mode_t umask, dict_t *xdata)
{
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_symlink_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->symlink,
- linkname, loc, umask, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_symlink_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->symlink, linkname, loc, umask, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (symlink, frame, -1, EACCES, NULL, NULL, NULL,
- NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(symlink, frame, -1, EACCES, NULL, NULL, NULL, NULL,
+ NULL);
+ return 0;
}
-
int
-posix_acl_unlink_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, struct iatt *preparent,
- struct iatt *postparent, dict_t *xdata)
+posix_acl_unlink_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *preparent,
+ struct iatt *postparent, dict_t *xdata)
{
- STACK_UNWIND_STRICT (unlink, frame, op_ret, op_errno,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(unlink, frame, op_ret, op_errno, preparent, postparent,
+ xdata);
+ return 0;
}
-
int
-posix_acl_unlink (call_frame_t *frame, xlator_t *this, loc_t *loc, int xflag,
- dict_t *xdata)
+posix_acl_unlink(call_frame_t *frame, xlator_t *this, loc_t *loc, int xflag,
+ dict_t *xdata)
{
- if (!sticky_permits (frame, loc->parent, loc->inode))
- goto red;
+ if (!sticky_permits(frame, loc->parent, loc->inode))
+ goto red;
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_unlink_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->unlink,
- loc, xflag, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_unlink_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->unlink, loc, xflag, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (unlink, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(unlink, frame, -1, EACCES, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_rmdir_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno,
- struct iatt *preparent, struct iatt *postparent, dict_t *xdata)
+posix_acl_rmdir_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *preparent,
+ struct iatt *postparent, dict_t *xdata)
{
- STACK_UNWIND_STRICT (rmdir, frame, op_ret, op_errno,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(rmdir, frame, op_ret, op_errno, preparent, postparent,
+ xdata);
+ return 0;
}
-
int
-posix_acl_rmdir (call_frame_t *frame, xlator_t *this, loc_t *loc, int flags, dict_t *xdata)
+posix_acl_rmdir(call_frame_t *frame, xlator_t *this, loc_t *loc, int flags,
+ dict_t *xdata)
{
- if (!sticky_permits (frame, loc->parent, loc->inode))
- goto red;
+ if (!sticky_permits(frame, loc->parent, loc->inode))
+ goto red;
- if (acl_permits (frame, loc->parent, POSIX_ACL_WRITE|POSIX_ACL_EXECUTE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->parent, POSIX_ACL_WRITE | POSIX_ACL_EXECUTE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_rmdir_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->rmdir,
- loc, flags, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_rmdir_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->rmdir, loc, flags, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (rmdir, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(rmdir, frame, -1, EACCES, NULL, NULL, NULL);
+ return 0;
}
-
int
-posix_acl_rename_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, struct iatt *buf,
- struct iatt *preoldparent, struct iatt *postoldparent,
- struct iatt *prenewparent, struct iatt *postnewparent,
- dict_t *xdata)
+posix_acl_rename_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *buf,
+ struct iatt *preoldparent, struct iatt *postoldparent,
+ struct iatt *prenewparent, struct iatt *postnewparent,
+ dict_t *xdata)
{
- STACK_UNWIND_STRICT (rename, frame, op_ret, op_errno, buf,
- preoldparent, postoldparent,
- prenewparent, postnewparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(rename, frame, op_ret, op_errno, buf, preoldparent,
+ postoldparent, prenewparent, postnewparent, xdata);
+ return 0;
}
-
int
-posix_acl_rename (call_frame_t *frame, xlator_t *this, loc_t *old, loc_t *new, dict_t *xdata)
+posix_acl_rename(call_frame_t *frame, xlator_t *this, loc_t *old, loc_t *new,
+ dict_t *xdata)
{
- if (!acl_permits (frame, old->parent, POSIX_ACL_WRITE))
- goto red;
+ if (!acl_permits(frame, old->parent, POSIX_ACL_WRITE))
+ goto red;
- if (!acl_permits (frame, new->parent, POSIX_ACL_WRITE))
- goto red;
+ if (!acl_permits(frame, new->parent, POSIX_ACL_WRITE))
+ goto red;
- if (!sticky_permits (frame, old->parent, old->inode))
- goto red;
+ if (!sticky_permits(frame, old->parent, old->inode))
+ goto red;
- if (new->inode) {
- if (!sticky_permits (frame, new->parent, new->inode))
- goto red;
- }
+ if (new->inode) {
+ if (!sticky_permits(frame, new->parent, new->inode))
+ goto red;
+ }
- STACK_WIND (frame, posix_acl_rename_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->rename,
- old, new, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_rename_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->rename, old, new, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (rename, frame, -1, EACCES, NULL, NULL, NULL, NULL,
- NULL, NULL);
- return 0;
+ STACK_UNWIND_STRICT(rename, frame, -1, EACCES, NULL, NULL, NULL, NULL, NULL,
+ NULL);
+ return 0;
}
-
int
-posix_acl_link_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
- struct iatt *preparent, struct iatt *postparent, dict_t *xdata)
+posix_acl_link_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, inode_t *inode, struct iatt *buf,
+ struct iatt *preparent, struct iatt *postparent,
+ dict_t *xdata)
{
- STACK_UNWIND_STRICT (link, frame, op_ret, op_errno, inode, buf,
- preparent, postparent, xdata);
- return 0;
+ STACK_UNWIND_STRICT(link, frame, op_ret, op_errno, inode, buf, preparent,
+ postparent, xdata);
+ return 0;
}
-
int
-posix_acl_link (call_frame_t *frame, xlator_t *this, loc_t *old, loc_t *new, dict_t *xdata)
+posix_acl_link(call_frame_t *frame, xlator_t *this, loc_t *old, loc_t *new,
+ dict_t *xdata)
{
- struct posix_acl_ctx *ctx = NULL;
- int op_errno = 0;
+ struct posix_acl_ctx *ctx = NULL;
+ int op_errno = 0;
- ctx = posix_acl_ctx_get (old->inode, this);
- if (!ctx) {
- op_errno = EIO;
- goto red;
- }
+ ctx = posix_acl_ctx_get(old->inode, this);
+ if (!ctx) {
+ op_errno = EIO;
+ goto red;
+ }
- if (!acl_permits (frame, new->parent, POSIX_ACL_WRITE)) {
- op_errno = EACCES;
- goto red;
- }
+ if (!acl_permits(frame, new->parent, POSIX_ACL_WRITE)) {
+ op_errno = EACCES;
+ goto red;
+ }
- if (!sticky_permits (frame, new->parent, new->inode)) {
- op_errno = EACCES;
- goto red;
- }
+ if (!sticky_permits(frame, new->parent, new->inode)) {
+ op_errno = EACCES;
+ goto red;
+ }
- STACK_WIND (frame, posix_acl_link_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->link,
- old, new, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_link_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->link, old, new, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (link, frame, -1, op_errno, NULL, NULL, NULL, NULL,
- NULL);
+ STACK_UNWIND_STRICT(link, frame, -1, op_errno, NULL, NULL, NULL, NULL,
+ NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_readdir_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, gf_dirent_t *entries,
- dict_t *xdata)
+posix_acl_readdir_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, gf_dirent_t *entries,
+ dict_t *xdata)
{
- STACK_UNWIND_STRICT (readdir, frame, op_ret, op_errno, entries, xdata);
- return 0;
+ STACK_UNWIND_STRICT(readdir, frame, op_ret, op_errno, entries, xdata);
+ return 0;
}
-
int
-posix_acl_readdir (call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
- off_t offset, dict_t *xdata)
+posix_acl_readdir(call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
+ off_t offset, dict_t *xdata)
{
- if (acl_permits (frame, fd->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_readdir_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->readdir,
- fd, size, offset, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_readdir_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->readdir, fd, size, offset, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (readdir, frame, -1, EACCES, NULL, NULL);
+ STACK_UNWIND_STRICT(readdir, frame, -1, EACCES, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_readdirp_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, gf_dirent_t *entries,
- dict_t *xdata)
+posix_acl_readdirp_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, gf_dirent_t *entries,
+ dict_t *xdata)
{
- gf_dirent_t *entry = NULL;
- struct posix_acl *acl_access = NULL;
- struct posix_acl *acl_default = NULL;
- struct posix_acl_ctx *ctx = NULL;
- data_t *data = NULL;
- int ret = 0;
+ gf_dirent_t *entry = NULL;
+ struct posix_acl *acl_access = NULL;
+ struct posix_acl *acl_default = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ data_t *data = NULL;
+ int ret = 0;
- if (op_ret <= 0)
- goto unwind;
+ if (op_ret <= 0)
+ goto unwind;
- list_for_each_entry (entry, &entries->list, list) {
- /* Update the inode ctx */
- if (!entry->dict || !entry->inode)
- continue;
+ list_for_each_entry(entry, &entries->list, list)
+ {
+ /* Update the inode ctx */
+ if (!entry->dict || !entry->inode)
+ continue;
- ctx = posix_acl_ctx_new (entry->inode, this);
- if (!ctx) {
- op_ret = -1;
- op_errno = ENOMEM;
- goto unwind;
- }
+ ctx = posix_acl_ctx_new(entry->inode, this);
+ if (!ctx) {
+ op_ret = -1;
+ op_errno = ENOMEM;
+ goto unwind;
+ }
- ret = posix_acl_get (entry->inode, this,
- &acl_access, &acl_default);
+ ret = posix_acl_get(entry->inode, this, &acl_access, &acl_default);
- data = dict_get (entry->dict, POSIX_ACL_ACCESS_XATTR);
- if (!data)
- goto acl_default;
+ data = dict_get(entry->dict, POSIX_ACL_ACCESS_XATTR);
+ if (!data)
+ goto acl_default;
- if (acl_access &&
- posix_acl_matches_xattr (this, acl_access, data->data,
- data->len))
- goto acl_default;
+ if (acl_access &&
+ posix_acl_matches_xattr(this, acl_access, data->data, data->len))
+ goto acl_default;
- if (acl_access)
- posix_acl_unref(this, acl_access);
+ if (acl_access)
+ posix_acl_unref(this, acl_access);
- acl_access = posix_acl_from_xattr (this, data->data,
- data->len);
+ acl_access = posix_acl_from_xattr(this, data->data, data->len);
- acl_default:
- data = dict_get (entry->dict, POSIX_ACL_DEFAULT_XATTR);
- if (!data)
- goto acl_set;
+ acl_default:
+ data = dict_get(entry->dict, POSIX_ACL_DEFAULT_XATTR);
+ if (!data)
+ goto acl_set;
- if (acl_default &&
- posix_acl_matches_xattr (this, acl_default, data->data,
- data->len))
- goto acl_set;
+ if (acl_default &&
+ posix_acl_matches_xattr(this, acl_default, data->data, data->len))
+ goto acl_set;
- if (acl_default)
- posix_acl_unref(this, acl_default);
+ if (acl_default)
+ posix_acl_unref(this, acl_default);
- acl_default = posix_acl_from_xattr (this, data->data,
- data->len);
+ acl_default = posix_acl_from_xattr(this, data->data, data->len);
- acl_set:
- posix_acl_ctx_update (entry->inode, this, &entry->d_stat,
- GF_FOP_READDIRP);
+ acl_set:
+ posix_acl_ctx_update(entry->inode, this, &entry->d_stat,
+ GF_FOP_READDIRP);
- ret = posix_acl_set (entry->inode, this,
- acl_access, acl_default);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING,
- "failed to set ACL in context");
+ ret = posix_acl_set(entry->inode, this, acl_access, acl_default);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set ACL in context");
- if (acl_access)
- posix_acl_unref(this, acl_access);
- if (acl_default)
- posix_acl_unref(this, acl_default);
- }
+ if (acl_access)
+ posix_acl_unref(this, acl_access);
+ if (acl_default)
+ posix_acl_unref(this, acl_default);
+ }
unwind:
- STACK_UNWIND_STRICT (readdirp, frame, op_ret, op_errno, entries, xdata);
- return 0;
+ STACK_UNWIND_STRICT(readdirp, frame, op_ret, op_errno, entries, xdata);
+ return 0;
}
-
int
-posix_acl_readdirp (call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
- off_t offset, dict_t *dict)
+posix_acl_readdirp(call_frame_t *frame, xlator_t *this, fd_t *fd, size_t size,
+ off_t offset, dict_t *dict)
{
- int ret = 0;
- dict_t *alloc_dict = NULL;
+ int ret = 0;
+ dict_t *alloc_dict = NULL;
- if (acl_permits (frame, fd->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- if (!dict)
- dict = alloc_dict = dict_new ();
-
- if (dict) {
- ret = dict_set_int8 (dict, POSIX_ACL_ACCESS_XATTR, 0);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING,
- "failed to set key %s",
- POSIX_ACL_ACCESS_XATTR);
-
- ret = dict_set_int8 (dict, POSIX_ACL_DEFAULT_XATTR, 0);
- if (ret)
- gf_log (this->name, GF_LOG_WARNING,
- "failed to set key %s",
- POSIX_ACL_DEFAULT_XATTR);
- }
+ if (!dict)
+ dict = alloc_dict = dict_new();
+
+ if (dict) {
+ ret = dict_set_int8(dict, POSIX_ACL_ACCESS_XATTR, 0);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set key %s",
+ POSIX_ACL_ACCESS_XATTR);
- STACK_WIND (frame, posix_acl_readdirp_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->readdirp,
- fd, size, offset, dict);
+ ret = dict_set_int8(dict, POSIX_ACL_DEFAULT_XATTR, 0);
+ if (ret)
+ gf_log(this->name, GF_LOG_WARNING, "failed to set key %s",
+ POSIX_ACL_DEFAULT_XATTR);
+ }
- if (alloc_dict)
- dict_unref (alloc_dict);
- return 0;
+ STACK_WIND(frame, posix_acl_readdirp_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->readdirp, fd, size, offset, dict);
+
+ if (alloc_dict)
+ dict_unref(alloc_dict);
+ return 0;
red:
- STACK_UNWIND_STRICT (readdirp, frame, -1, EACCES, NULL, NULL);
+ STACK_UNWIND_STRICT(readdirp, frame, -1, EACCES, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-setattr_scrutiny (call_frame_t *frame, inode_t *inode, struct iatt *buf,
- int valid)
+setattr_scrutiny(call_frame_t *frame, inode_t *inode, struct iatt *buf,
+ int valid)
{
- struct posix_acl_ctx *ctx = NULL;
-
- if (frame_is_super_user (frame))
- return 0;
+ struct posix_acl_ctx *ctx = NULL;
- ctx = posix_acl_ctx_get (inode, frame->this);
- if (!ctx)
- return EIO;
-
- if (valid & GF_SET_ATTR_MODE) {
-/*
- The effective UID of the calling process must match the owner of the
- file, or the process must be privileged
-*/
- if (!frame_is_user (frame, ctx->uid))
- return EPERM;
-/*
- If the calling process is not privileged (Linux: does not have the
- CAP_FSETID capability), and the group of the file does not match the
- effective group ID of the process or one of its supplementary group
- IDs, the S_ISGID bit will be turned off, but this will not cause an
- error to be returned.
+ if (frame_is_super_user(frame))
+ return 0;
-*/
- if (!frame_in_group (frame, ctx->gid))
- buf->ia_prot.sgid = 0;
- }
+ ctx = posix_acl_ctx_get(inode, frame->this);
+ if (!ctx)
+ return EIO;
- if (valid & (GF_SET_ATTR_ATIME | GF_SET_ATTR_MTIME)) {
-/*
- Changing timestamps is permitted when: either the process has appropri?
- ate privileges, or the effective user ID equals the user ID of the
- file, or times is NULL and the process has write permission for the
- file.
-*/
- if (!frame_is_user (frame, ctx->uid) &&
- !acl_permits (frame, inode, POSIX_ACL_WRITE))
- return EACCES;
- }
+ if (valid & GF_SET_ATTR_MODE) {
+ /*
+ The effective UID of the calling process must match the owner of
+ the file, or the process must be privileged
+ */
+ if (!frame_is_user(frame, ctx->uid))
+ return EPERM;
+ /*
+ If the calling process is not privileged (Linux: does not have
+ the CAP_FSETID capability), and the group of the file does not
+ match the effective group ID of the process or one of its
+ supplementary group IDs, the S_ISGID bit will be turned off, but
+ this will not cause an error to be returned.
+
+ */
+ if (!frame_in_group(frame, ctx->gid))
+ buf->ia_prot.sgid = 0;
+ }
+
+ if (valid & (GF_SET_ATTR_ATIME | GF_SET_ATTR_MTIME)) {
+ /*
+ Changing timestamps is permitted when: either the process has
+ appropri? ate privileges, or the effective user ID equals the
+ user ID of the file, or times is NULL and the process has write
+ permission for the file.
+ */
+ if (!frame_is_user(frame, ctx->uid) &&
+ !acl_permits(frame, inode, POSIX_ACL_WRITE))
+ return EACCES;
+ }
- if (valid & GF_SET_ATTR_UID) {
- if ((!frame_is_super_user (frame)) &&
- (buf->ia_uid != ctx->uid))
- return EPERM;
- }
+ if (valid & GF_SET_ATTR_UID) {
+ if ((!frame_is_super_user(frame)) && (buf->ia_uid != ctx->uid))
+ return EPERM;
+ }
- if (valid & GF_SET_ATTR_GID) {
- if (!frame_is_user (frame, ctx->uid))
- return EPERM;
- if (!frame_in_group (frame, buf->ia_gid))
- return EPERM;
- }
+ if (valid & GF_SET_ATTR_GID) {
+ if (!frame_is_user(frame, ctx->uid))
+ return EPERM;
+ if (!frame_in_group(frame, buf->ia_gid))
+ return EPERM;
+ }
- return 0;
+ return 0;
}
-
int
-posix_acl_setattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno,
- struct iatt *prebuf, struct iatt *postbuf, dict_t *xdata)
+posix_acl_setattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *prebuf,
+ struct iatt *postbuf, dict_t *xdata)
{
- inode_t *inode = NULL;
+ inode_t *inode = NULL;
- inode = frame->local;
- frame->local = NULL;
+ inode = frame->local;
+ frame->local = NULL;
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, postbuf, GF_FOP_SETATTR);
+ posix_acl_ctx_update(inode, this, postbuf, GF_FOP_SETATTR);
unwind:
- STACK_UNWIND_STRICT (setattr, frame, op_ret, op_errno, prebuf,
- postbuf, xdata);
- return 0;
+ STACK_UNWIND_STRICT(setattr, frame, op_ret, op_errno, prebuf, postbuf,
+ xdata);
+ return 0;
}
-
int
-posix_acl_setattr (call_frame_t *frame, xlator_t *this, loc_t *loc,
- struct iatt *buf, int valid, dict_t *xdata)
+posix_acl_setattr(call_frame_t *frame, xlator_t *this, loc_t *loc,
+ struct iatt *buf, int valid, dict_t *xdata)
{
- int op_errno = 0;
+ int op_errno = 0;
- op_errno = setattr_scrutiny (frame, loc->inode, buf, valid);
+ op_errno = setattr_scrutiny(frame, loc->inode, buf, valid);
- if (op_errno)
- goto red;
+ if (op_errno)
+ goto red;
- frame->local = loc->inode;
+ frame->local = loc->inode;
- STACK_WIND (frame, posix_acl_setattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->setattr,
- loc, buf, valid, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_setattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->setattr, loc, buf, valid, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (setattr, frame, -1, op_errno, NULL, NULL, NULL);
+ STACK_UNWIND_STRICT(setattr, frame, -1, op_errno, NULL, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_fsetattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno,
- struct iatt *prebuf, struct iatt *postbuf, dict_t *xdata)
+posix_acl_fsetattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, struct iatt *prebuf,
+ struct iatt *postbuf, dict_t *xdata)
{
- inode_t *inode = NULL;
+ inode_t *inode = NULL;
- inode = frame->local;
- frame->local = NULL;
+ inode = frame->local;
+ frame->local = NULL;
- if (op_ret != 0)
- goto unwind;
+ if (op_ret != 0)
+ goto unwind;
- posix_acl_ctx_update (inode, this, postbuf, GF_FOP_FSETATTR);
+ posix_acl_ctx_update(inode, this, postbuf, GF_FOP_FSETATTR);
unwind:
- STACK_UNWIND_STRICT (fsetattr, frame, op_ret, op_errno, prebuf,
- postbuf, xdata);
- return 0;
+ STACK_UNWIND_STRICT(fsetattr, frame, op_ret, op_errno, prebuf, postbuf,
+ xdata);
+ return 0;
}
-
int
-posix_acl_fsetattr (call_frame_t *frame, xlator_t *this, fd_t *fd,
- struct iatt *buf, int valid, dict_t *xdata)
+posix_acl_fsetattr(call_frame_t *frame, xlator_t *this, fd_t *fd,
+ struct iatt *buf, int valid, dict_t *xdata)
{
- int op_errno = 0;
+ int op_errno = 0;
- op_errno = setattr_scrutiny (frame, fd->inode, buf, valid);
+ op_errno = setattr_scrutiny(frame, fd->inode, buf, valid);
- if (op_errno)
- goto red;
+ if (op_errno)
+ goto red;
- frame->local = fd->inode;
+ frame->local = fd->inode;
- STACK_WIND (frame, posix_acl_fsetattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->fsetattr,
- fd, buf, valid, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_fsetattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->fsetattr, fd, buf, valid, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (fsetattr, frame, -1, EACCES, NULL, NULL, NULL);
+ STACK_UNWIND_STRICT(fsetattr, frame, -1, EACCES, NULL, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-setxattr_scrutiny (call_frame_t *frame, inode_t *inode, dict_t *xattr)
+setxattr_scrutiny(call_frame_t *frame, inode_t *inode, dict_t *xattr)
{
- struct posix_acl_ctx *ctx = NULL;
- int found = 0;
+ struct posix_acl_ctx *ctx = NULL;
+ int found = 0;
- if (frame_is_super_user (frame))
- return 0;
+ if (frame_is_super_user(frame))
+ return 0;
- ctx = posix_acl_ctx_get (inode, frame->this);
- if (!ctx)
- return EIO;
+ ctx = posix_acl_ctx_get(inode, frame->this);
+ if (!ctx)
+ return EIO;
- if (dict_get (xattr, POSIX_ACL_ACCESS_XATTR) ||
- dict_get (xattr, POSIX_ACL_DEFAULT_XATTR) ||
- dict_get (xattr, GF_POSIX_ACL_ACCESS) ||
- dict_get (xattr, GF_POSIX_ACL_DEFAULT)) {
- found = 1;
- if (!frame_is_user (frame, ctx->uid))
- return EPERM;
- }
+ if (dict_get(xattr, POSIX_ACL_ACCESS_XATTR) ||
+ dict_get(xattr, POSIX_ACL_DEFAULT_XATTR) ||
+ dict_get(xattr, GF_POSIX_ACL_ACCESS) ||
+ dict_get(xattr, GF_POSIX_ACL_DEFAULT)) {
+ found = 1;
+ if (!frame_is_user(frame, ctx->uid))
+ return EPERM;
+ }
- if (!found && !acl_permits (frame, inode, POSIX_ACL_WRITE))
- return EACCES;
+ if (!found && !acl_permits(frame, inode, POSIX_ACL_WRITE))
+ return EACCES;
- return 0;
+ return 0;
}
-
struct posix_acl *
-posix_acl_xattr_update (xlator_t *this, inode_t *inode, dict_t *xattr,
- char *name, struct posix_acl *old)
+posix_acl_xattr_update(xlator_t *this, inode_t *inode, dict_t *xattr,
+ char *name, struct posix_acl *old)
{
- struct posix_acl *acl = NULL;
- data_t *data = NULL;
+ struct posix_acl *acl = NULL;
+ data_t *data = NULL;
- data = dict_get (xattr, name);
- if (data) {
- acl = posix_acl_from_xattr (this, data->data,
- data->len);
- }
+ data = dict_get(xattr, name);
+ if (data) {
+ acl = posix_acl_from_xattr(this, data->data, data->len);
+ }
- if (!acl && old)
- acl = posix_acl_ref (this, old);
+ if (!acl && old)
+ acl = posix_acl_ref(this, old);
- return acl;
+ return acl;
}
-
int
-posix_acl_setxattr_update (xlator_t *this, inode_t *inode, dict_t *xattr)
+posix_acl_setxattr_update(xlator_t *this, inode_t *inode, dict_t *xattr)
{
- struct posix_acl *acl_access = NULL;
- struct posix_acl *acl_default = NULL;
- struct posix_acl *old_access = NULL;
- struct posix_acl *old_default = NULL;
- struct posix_acl_ctx *ctx = NULL;
- int ret = 0;
+ struct posix_acl *acl_access = NULL;
+ struct posix_acl *acl_default = NULL;
+ struct posix_acl *old_access = NULL;
+ struct posix_acl *old_default = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ int ret = 0;
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx)
- return -1;
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx)
+ return -1;
- ret = posix_acl_get (inode, this, &old_access, &old_default);
+ ret = posix_acl_get(inode, this, &old_access, &old_default);
- acl_access = posix_acl_xattr_update (this, inode, xattr,
- POSIX_ACL_ACCESS_XATTR,
- old_access);
+ acl_access = posix_acl_xattr_update(this, inode, xattr,
+ POSIX_ACL_ACCESS_XATTR, old_access);
- acl_default = posix_acl_xattr_update (this, inode, xattr,
- POSIX_ACL_DEFAULT_XATTR,
- old_default);
+ acl_default = posix_acl_xattr_update(this, inode, xattr,
+ POSIX_ACL_DEFAULT_XATTR, old_default);
- ret = posix_acl_set (inode, this, acl_access, acl_default);
+ ret = posix_acl_set(inode, this, acl_access, acl_default);
- if (acl_access && acl_access != old_access) {
- posix_acl_access_set_mode (acl_access, ctx);
- }
+ if (acl_access && acl_access != old_access) {
+ posix_acl_access_set_mode(acl_access, ctx);
+ }
- if (acl_access)
- posix_acl_unref (this, acl_access);
- if (acl_default)
- posix_acl_unref (this, acl_default);
- if (old_access)
- posix_acl_unref (this, old_access);
- if (old_default)
- posix_acl_unref (this, old_default);
+ if (acl_access)
+ posix_acl_unref(this, acl_access);
+ if (acl_default)
+ posix_acl_unref(this, acl_default);
+ if (old_access)
+ posix_acl_unref(this, old_access);
+ if (old_default)
+ posix_acl_unref(this, old_default);
- return ret;
+ return ret;
}
/* *
@@ -2094,400 +1999,376 @@ posix_acl_setxattr_update (xlator_t *this, inode_t *inode, dict_t *xattr)
* access-control translator
*/
int
-handling_other_acl_related_xattr (xlator_t *this, inode_t *inode, dict_t *xattr)
+handling_other_acl_related_xattr(xlator_t *this, inode_t *inode, dict_t *xattr)
{
- struct posix_acl *acl = NULL;
- struct posix_acl_ctx *ctx = NULL;
- data_t *data = NULL;
- int ret = 0;
-
- if (!this || !xattr || !inode)
- goto out;
+ struct posix_acl *acl = NULL;
+ struct posix_acl_ctx *ctx = NULL;
+ data_t *data = NULL;
+ int ret = 0;
- data = dict_get (xattr, POSIX_ACL_ACCESS_XATTR);
- if (data) {
-
- acl = posix_acl_from_xattr (this, data->data, data->len);
- if (!acl) {
- ret = -1;
- goto out;
- }
+ if (!this || !xattr || !inode)
+ goto out;
- ret = posix_acl_set_specific (inode, this, acl, _gf_true);
- if (ret)
- goto out;
+ data = dict_get(xattr, POSIX_ACL_ACCESS_XATTR);
+ if (data) {
+ acl = posix_acl_from_xattr(this, data->data, data->len);
+ if (!acl) {
+ ret = -1;
+ goto out;
+ }
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx) {
- ret = -1;
- goto out;
- }
+ ret = posix_acl_set_specific(inode, this, acl, _gf_true);
+ if (ret)
+ goto out;
- posix_acl_access_set_mode (acl, ctx);
- posix_acl_unref (this, acl);
- acl = NULL;
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx) {
+ ret = -1;
+ goto out;
}
- data = dict_get (xattr, POSIX_ACL_DEFAULT_XATTR);
- if (data) {
- acl = posix_acl_from_xattr (this, data->data, data->len);
- if (!acl) {
- ret = -1;
- goto out;
- }
+ posix_acl_access_set_mode(acl, ctx);
+ posix_acl_unref(this, acl);
+ acl = NULL;
+ }
- ret = posix_acl_set_specific (inode, this, acl, _gf_false);
+ data = dict_get(xattr, POSIX_ACL_DEFAULT_XATTR);
+ if (data) {
+ acl = posix_acl_from_xattr(this, data->data, data->len);
+ if (!acl) {
+ ret = -1;
+ goto out;
}
+ ret = posix_acl_set_specific(inode, this, acl, _gf_false);
+ }
+
out:
- if (acl)
- posix_acl_unref (this, acl);
+ if (acl)
+ posix_acl_unref(this, acl);
- return ret;
+ return ret;
}
int
-posix_acl_setxattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, dict_t *xdata)
+posix_acl_setxattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, dict_t *xdata)
{
+ /*
+ * Update the context of posix_acl_translator, if any of
+ * POSIX_ACL_*_XATTR set in the call back
+ */
+ handling_other_acl_related_xattr(this, (inode_t *)cookie, xdata);
- /*
- * Update the context of posix_acl_translator, if any of
- * POSIX_ACL_*_XATTR set in the call back
- */
- handling_other_acl_related_xattr (this, (inode_t *)cookie, xdata);
-
- STACK_UNWIND_STRICT (setxattr, frame, op_ret, op_errno, xdata);
+ STACK_UNWIND_STRICT(setxattr, frame, op_ret, op_errno, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_setxattr (call_frame_t *frame, xlator_t *this, loc_t *loc,
- dict_t *xattr, int flags, dict_t *xdata)
+posix_acl_setxattr(call_frame_t *frame, xlator_t *this, loc_t *loc,
+ dict_t *xattr, int flags, dict_t *xdata)
{
- int op_errno = 0;
+ int op_errno = 0;
- op_errno = setxattr_scrutiny (frame, loc->inode, xattr);
+ op_errno = setxattr_scrutiny(frame, loc->inode, xattr);
- if (op_errno != 0)
- goto red;
+ if (op_errno != 0)
+ goto red;
- if (dict_get (xattr, POSIX_ACL_ACCESS_XATTR) ||
- dict_get (xattr, POSIX_ACL_DEFAULT_XATTR))
- posix_acl_setxattr_update (this, loc->inode, xattr);
+ if (dict_get(xattr, POSIX_ACL_ACCESS_XATTR) ||
+ dict_get(xattr, POSIX_ACL_DEFAULT_XATTR))
+ posix_acl_setxattr_update(this, loc->inode, xattr);
- /*
- * inode is required in call back function to update the context
- * this translator
- */
- STACK_WIND_COOKIE (frame, posix_acl_setxattr_cbk, loc->inode,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->setxattr,
- loc, xattr, flags, xdata);
- return 0;
+ /*
+ * inode is required in call back function to update the context
+ * this translator
+ */
+ STACK_WIND_COOKIE(frame, posix_acl_setxattr_cbk, loc->inode,
+ FIRST_CHILD(this), FIRST_CHILD(this)->fops->setxattr, loc,
+ xattr, flags, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (setxattr, frame, -1, op_errno, NULL);
+ STACK_UNWIND_STRICT(setxattr, frame, -1, op_errno, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_fsetxattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, dict_t *xdata)
+posix_acl_fsetxattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, dict_t *xdata)
{
- STACK_UNWIND_STRICT (fsetxattr, frame, op_ret, op_errno, xdata);
+ STACK_UNWIND_STRICT(fsetxattr, frame, op_ret, op_errno, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_fsetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd,
- dict_t *xattr, int flags, dict_t *xdata)
+posix_acl_fsetxattr(call_frame_t *frame, xlator_t *this, fd_t *fd,
+ dict_t *xattr, int flags, dict_t *xdata)
{
- int op_errno = 0;
+ int op_errno = 0;
- op_errno = setxattr_scrutiny (frame, fd->inode, xattr);
+ op_errno = setxattr_scrutiny(frame, fd->inode, xattr);
- if (op_errno != 0)
- goto red;
+ if (op_errno != 0)
+ goto red;
- if (dict_get (xattr, POSIX_ACL_ACCESS_XATTR) ||
- dict_get (xattr, POSIX_ACL_DEFAULT_XATTR))
- posix_acl_setxattr_update (this, fd->inode, xattr);
+ if (dict_get(xattr, POSIX_ACL_ACCESS_XATTR) ||
+ dict_get(xattr, POSIX_ACL_DEFAULT_XATTR))
+ posix_acl_setxattr_update(this, fd->inode, xattr);
- STACK_WIND (frame, posix_acl_fsetxattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->fsetxattr,
- fd, xattr, flags, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_fsetxattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->fsetxattr, fd, xattr, flags, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (fsetxattr, frame, -1, op_errno, NULL);
+ STACK_UNWIND_STRICT(fsetxattr, frame, -1, op_errno, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_getxattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, dict_t *xattr, dict_t *xdata)
+posix_acl_getxattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, dict_t *xattr, dict_t *xdata)
{
- STACK_UNWIND_STRICT (getxattr, frame, op_ret, op_errno, xattr, xdata);
+ STACK_UNWIND_STRICT(getxattr, frame, op_ret, op_errno, xattr, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_getxattr (call_frame_t *frame, xlator_t *this, loc_t *loc,
- const char *name, dict_t *xdata)
+posix_acl_getxattr(call_frame_t *frame, xlator_t *this, loc_t *loc,
+ const char *name, dict_t *xdata)
{
- if (whitelisted_xattr (name))
- goto green;
+ if (whitelisted_xattr(name))
+ goto green;
- if (acl_permits (frame, loc->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_getxattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->getxattr,
- loc, name, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_getxattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->getxattr, loc, name, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (getxattr, frame, -1, EACCES, NULL, NULL);
+ STACK_UNWIND_STRICT(getxattr, frame, -1, EACCES, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_fgetxattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, dict_t *xattr, dict_t *xdata)
+posix_acl_fgetxattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, dict_t *xattr, dict_t *xdata)
{
- STACK_UNWIND_STRICT (fgetxattr, frame, op_ret, op_errno, xattr, xdata);
+ STACK_UNWIND_STRICT(fgetxattr, frame, op_ret, op_errno, xattr, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_fgetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd,
- const char *name, dict_t *xdata)
+posix_acl_fgetxattr(call_frame_t *frame, xlator_t *this, fd_t *fd,
+ const char *name, dict_t *xdata)
{
- if (whitelisted_xattr (name))
- goto green;
+ if (whitelisted_xattr(name))
+ goto green;
- if (acl_permits (frame, fd->inode, POSIX_ACL_READ))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, fd->inode, POSIX_ACL_READ))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_fgetxattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->fgetxattr,
- fd, name, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_fgetxattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->fgetxattr, fd, name, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (fgetxattr, frame, -1, EACCES, NULL, NULL);
+ STACK_UNWIND_STRICT(fgetxattr, frame, -1, EACCES, NULL, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_removexattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
- int op_ret, int op_errno, dict_t *xdata)
+posix_acl_removexattr_cbk(call_frame_t *frame, void *cookie, xlator_t *this,
+ int op_ret, int op_errno, dict_t *xdata)
{
- STACK_UNWIND_STRICT (removexattr, frame, op_ret, op_errno, xdata);
+ STACK_UNWIND_STRICT(removexattr, frame, op_ret, op_errno, xdata);
- return 0;
+ return 0;
}
-
int
-posix_acl_removexattr (call_frame_t *frame, xlator_t *this, loc_t *loc,
- const char *name, dict_t *xdata)
+posix_acl_removexattr(call_frame_t *frame, xlator_t *this, loc_t *loc,
+ const char *name, dict_t *xdata)
{
- struct posix_acl_ctx *ctx = NULL;
- int op_errno = EACCES;
+ struct posix_acl_ctx *ctx = NULL;
+ int op_errno = EACCES;
- if (frame_is_super_user (frame))
- goto green;
+ if (frame_is_super_user(frame))
+ goto green;
- ctx = posix_acl_ctx_get (loc->inode, this);
- if (!ctx) {
- op_errno = EIO;
- goto red;
- }
+ ctx = posix_acl_ctx_get(loc->inode, this);
+ if (!ctx) {
+ op_errno = EIO;
+ goto red;
+ }
- if (whitelisted_xattr (name)) {
- if (!frame_is_user (frame, ctx->uid)) {
- op_errno = EPERM;
- goto red;
- }
+ if (whitelisted_xattr(name)) {
+ if (!frame_is_user(frame, ctx->uid)) {
+ op_errno = EPERM;
+ goto red;
}
+ }
- if (acl_permits (frame, loc->inode, POSIX_ACL_WRITE))
- goto green;
- else
- goto red;
+ if (acl_permits(frame, loc->inode, POSIX_ACL_WRITE))
+ goto green;
+ else
+ goto red;
green:
- STACK_WIND (frame, posix_acl_removexattr_cbk,
- FIRST_CHILD(this), FIRST_CHILD(this)->fops->removexattr,
- loc, name, xdata);
- return 0;
+ STACK_WIND(frame, posix_acl_removexattr_cbk, FIRST_CHILD(this),
+ FIRST_CHILD(this)->fops->removexattr, loc, name, xdata);
+ return 0;
red:
- STACK_UNWIND_STRICT (removexattr, frame, -1, op_errno, NULL);
+ STACK_UNWIND_STRICT(removexattr, frame, -1, op_errno, NULL);
- return 0;
+ return 0;
}
-
int
-posix_acl_forget (xlator_t *this, inode_t *inode)
+posix_acl_forget(xlator_t *this, inode_t *inode)
{
- struct posix_acl_ctx *ctx = NULL;
+ struct posix_acl_ctx *ctx = NULL;
- ctx = posix_acl_ctx_get (inode, this);
- if (!ctx)
- goto out;
+ ctx = posix_acl_ctx_get(inode, this);
+ if (!ctx)
+ goto out;
- if (ctx->acl_access)
- posix_acl_unref (this, ctx->acl_access);
+ if (ctx->acl_access)
+ posix_acl_unref(this, ctx->acl_access);
- if (ctx->acl_default)
- posix_acl_unref (this, ctx->acl_default);
+ if (ctx->acl_default)
+ posix_acl_unref(this, ctx->acl_default);
- GF_FREE (ctx);
+ GF_FREE(ctx);
out:
- return 0;
+ return 0;
}
-
int
-reconfigure (xlator_t *this, dict_t *options)
+reconfigure(xlator_t *this, dict_t *options)
{
- struct posix_acl_conf *conf = NULL;
+ struct posix_acl_conf *conf = NULL;
- conf = this->private;
+ conf = this->private;
- GF_OPTION_RECONF ("super-uid", conf->super_uid, options, uint32, err);
+ GF_OPTION_RECONF("super-uid", conf->super_uid, options, uint32, err);
- return 0;
+ return 0;
err:
- return -1;
+ return -1;
}
-
int
-init (xlator_t *this)
+init(xlator_t *this)
{
- struct posix_acl_conf *conf = NULL;
- struct posix_acl *minacl = NULL;
- struct posix_ace *minace = NULL;
+ struct posix_acl_conf *conf = NULL;
+ struct posix_acl *minacl = NULL;
+ struct posix_ace *minace = NULL;
- conf = GF_CALLOC (1, sizeof (*conf), gf_posix_acl_mt_conf_t);
- if (!conf) {
- gf_log (this->name, GF_LOG_ERROR,
- "out of memory");
- return -1;
- }
+ conf = GF_CALLOC(1, sizeof(*conf), gf_posix_acl_mt_conf_t);
+ if (!conf) {
+ gf_log(this->name, GF_LOG_ERROR, "out of memory");
+ return -1;
+ }
- LOCK_INIT (&conf->acl_lock);
+ LOCK_INIT(&conf->acl_lock);
- this->private = conf;
+ this->private = conf;
- minacl = posix_acl_new (this, 3);
- if (!minacl)
- return -1;
+ minacl = posix_acl_new(this, 3);
+ if (!minacl)
+ return -1;
- minace = minacl->entries;
- minace[0].tag = POSIX_ACL_USER_OBJ;
- minace[1].tag = POSIX_ACL_GROUP_OBJ;
- minace[2].tag = POSIX_ACL_OTHER;
+ minace = minacl->entries;
+ minace[0].tag = POSIX_ACL_USER_OBJ;
+ minace[1].tag = POSIX_ACL_GROUP_OBJ;
+ minace[2].tag = POSIX_ACL_OTHER;
- conf->minimal_acl = minacl;
+ conf->minimal_acl = minacl;
- GF_OPTION_INIT ("super-uid", conf->super_uid, uint32, err);
+ GF_OPTION_INIT("super-uid", conf->super_uid, uint32, err);
- return 0;
+ return 0;
err:
- return -1;
+ return -1;
}
-
int
-fini (xlator_t *this)
+fini(xlator_t *this)
{
- struct posix_acl_conf *conf = NULL;
- struct posix_acl *minacl = NULL;
+ struct posix_acl_conf *conf = NULL;
+ struct posix_acl *minacl = NULL;
- conf = this->private;
- if (!conf)
- return 0;
- this->private = NULL;
+ conf = this->private;
+ if (!conf)
+ return 0;
+ this->private = NULL;
- minacl = conf->minimal_acl;
+ minacl = conf->minimal_acl;
- LOCK (&conf->acl_lock);
- {
- conf->minimal_acl = NULL;
- }
- UNLOCK (&conf->acl_lock);
+ LOCK(&conf->acl_lock);
+ {
+ conf->minimal_acl = NULL;
+ }
+ UNLOCK(&conf->acl_lock);
- LOCK_DESTROY (&conf->acl_lock);
+ LOCK_DESTROY(&conf->acl_lock);
- GF_FREE (minacl);
+ GF_FREE(minacl);
- GF_FREE (conf);
+ GF_FREE(conf);
- return 0;
+ return 0;
}
-
struct xlator_fops fops = {
- .lookup = posix_acl_lookup,
- .open = posix_acl_open,
+ .lookup = posix_acl_lookup,
+ .open = posix_acl_open,
#if FD_MODE_CHECK_IS_IMPLEMENTED
- .readv = posix_acl_readv,
- .writev = posix_acl_writev,
- .ftruncate = posix_acl_ftruncate,
- .fsetattr = posix_acl_fsetattr,
- .fsetxattr = posix_acl_fsetxattr,
- .fgetxattr = posix_acl_fgetxattr,
+ .readv = posix_acl_readv,
+ .writev = posix_acl_writev,
+ .ftruncate = posix_acl_ftruncate,
+ .fsetattr = posix_acl_fsetattr,
+ .fsetxattr = posix_acl_fsetxattr,
+ .fgetxattr = posix_acl_fgetxattr,
#endif
- .access = posix_acl_access,
- .truncate = posix_acl_truncate,
- .mkdir = posix_acl_mkdir,
- .mknod = posix_acl_mknod,
- .create = posix_acl_create,
- .symlink = posix_acl_symlink,
- .unlink = posix_acl_unlink,
- .rmdir = posix_acl_rmdir,
- .rename = posix_acl_rename,
- .link = posix_acl_link,
- .opendir = posix_acl_opendir,
- .readdir = posix_acl_readdir,
- .readdirp = posix_acl_readdirp,
- .setattr = posix_acl_setattr,
- .setxattr = posix_acl_setxattr,
- .getxattr = posix_acl_getxattr,
- .removexattr = posix_acl_removexattr,
-};
-
-
-struct xlator_cbks cbks = {
- .forget = posix_acl_forget
+ .access = posix_acl_access,
+ .truncate = posix_acl_truncate,
+ .mkdir = posix_acl_mkdir,
+ .mknod = posix_acl_mknod,
+ .create = posix_acl_create,
+ .symlink = posix_acl_symlink,
+ .unlink = posix_acl_unlink,
+ .rmdir = posix_acl_rmdir,
+ .rename = posix_acl_rename,
+ .link = posix_acl_link,
+ .opendir = posix_acl_opendir,
+ .readdir = posix_acl_readdir,
+ .readdirp = posix_acl_readdirp,
+ .setattr = posix_acl_setattr,
+ .setxattr = posix_acl_setxattr,
+ .getxattr = posix_acl_getxattr,
+ .removexattr = posix_acl_removexattr,
};
+struct xlator_cbks cbks = {.forget = posix_acl_forget};
struct volume_options options[] = {
- { .key = {"super-uid"},
- .type = GF_OPTION_TYPE_INT,
- .default_value = "0",
- .description = "UID to be treated as super user's id instead of 0",
- },
- { .key = {NULL} },
+ {
+ .key = {"super-uid"},
+ .type = GF_OPTION_TYPE_INT,
+ .default_value = "0",
+ .description = "UID to be treated as super user's id instead of 0",
+ },
+ {.key = {NULL}},
};