[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Enanchement of /bin/ls for ACLs -l option
|
From: |
Claudiu C. |
|
Subject: |
Enanchement of /bin/ls for ACLs -l option |
|
Date: |
Wed, 11 Jan 2006 19:23:28 +0200 |
|
User-agent: |
KMail/1.8.2 |
moya:/tmp$ touch a
moya:/tmp$ ls -l a
-rw-r--r-- 1 claudiu users 0 2006-01-11 09:16 a
moya:/tmp$ setfacl -m u:root:rwx a
moya:/tmp$ ls -l a
-rw-rwxr--+ 1 claudiu users 0 2006-01-11 09:16 a
This, in my opinion, is not correct. a is colored with green (has
execute
flag), but for me, claudiu, I don't have execute flag.
The coreutils version is for SuSE 10.0:
moya:~$ rpm -q -f /bin/ls
coreutils-5.3.0-20
Some time ago, I made a patch for ls utility to proper show, if file has
ACLs.
IE:
tealc:/tmp$ ls -l a
-rw-r--r-- 1 claudiu users 0 Jan 11 09:18 a
tealc:/tmp$ setfacl -m u:root:rwx a
tealc:/tmp$ ls -l a
-rw-r--r--+ 1 claudiu users 0 Jan 11 09:18 a
That is more suggestive than showing in group part rwx from defined
u:root ACL.
The patch was for:
tealc:/tmp$ ls --version
ls (fileutils) 4.1.8acl
I'll provide the patch, so if you want to modify the ls utility, you're
welcome. The patch is quite old (from 2003 ls source code, but the idea
is
important):
maya:/hdd2/home/ftp/pub$ cat ls.c-patch-v2.diff
--- src/ls.c.orig 2002-04-10 18:37:50.000000000 +0300
+++ src/ls.c 2003-04-11 15:06:53.000000000 +0300
@@ -2232,13 +2232,92 @@
}
#if HAVE_ACL || USE_ACL
- if (format == long_format)
- {
- int n = file_has_acl (path, &files[files_index].stat);
- files[files_index].have_acl = (0 < n);
- if (n < 0)
- error (0, errno, "%s", quotearg_colon (path));
- }
+ int n = file_has_acl (path, &files[files_index].stat);
+
+ /*
+ * Hacked by Claudiu Cismaru (address@hidden) for:
+ *
+ * fix the output of ls if there are ACL defined
+ *
+ * BEGIN HACK
+ */
+
+ if (n > 0) {
+ mode_t new_mode;
+ acl_t mode_acls;
+
+ acl_entry_t c_acl_entry, m_acl_entry;
+ acl_tag_t c_acl_tag;
+ acl_permset_t m_perm_set, c_perm_set;
+ acl_perm_t t_perm_read, t_perm_write, t_perm_exec;
+ int has_entry;
+
+ mode_acls = acl_get_file (path, ACL_TYPE_ACCESS);
+
+ has_entry = acl_get_entry (mode_acls, ACL_FIRST_ENTRY,
&c_acl_entry);
+ while (has_entry) {
+
+ if (acl_get_tag_type (c_acl_entry, &c_acl_tag) == 0) {
+ if ((c_acl_tag != ACL_USER_OBJ) && (c_acl_tag !=
ACL_GROUP_OBJ)
&&
+ (c_acl_tag != ACL_OTHER) && (c_acl_tag != ACL_MASK))
{
+ acl_delete_entry (mode_acls, c_acl_entry);
+ }
+ if (c_acl_tag == ACL_MASK) {
+ acl_get_permset (c_acl_entry, &m_perm_set);
+ acl_delete_entry (mode_acls, c_acl_entry);
+ }
+ }
+
+ has_entry = acl_get_entry (mode_acls, ACL_NEXT_ENTRY,
&c_acl_entry);
+ }
+
+
+ has_entry = acl_get_entry (mode_acls, ACL_FIRST_ENTRY,
&c_acl_entry);
+ while (has_entry) {
+
+ if (acl_get_tag_type (c_acl_entry, &c_acl_tag) == 0) {
+
+ acl_get_permset (c_acl_entry, &c_perm_set);
+
+ if (c_acl_tag == ACL_GROUP_OBJ) {
+
+ t_perm_read =
+ (acl_get_perm (c_perm_set, ACL_READ) & acl_get_perm
(m_perm_set, ACL_READ))
+ * ACL_READ;
+
+ t_perm_write =
+ (acl_get_perm (c_perm_set, ACL_WRITE) & acl_get_perm
(m_perm_set, ACL_WRITE))
+ * ACL_WRITE;
+
+ t_perm_exec =
+ (acl_get_perm (c_perm_set, ACL_EXECUTE) &
acl_get_perm
(m_perm_set, ACL_EXECUTE))
+ * ACL_EXECUTE;
+
+ acl_clear_perms (c_perm_set);
+ acl_add_perm (c_perm_set, t_perm_read);
+ acl_add_perm (c_perm_set, t_perm_write);
+ acl_add_perm (c_perm_set, t_perm_exec);
+
+ }
+ }
+
+ has_entry = acl_get_entry (mode_acls, ACL_NEXT_ENTRY,
&c_acl_entry);
+ }
+
+ if (acl_equiv_mode (mode_acls, &new_mode) == 0) {
+ files [files_index].stat.st_mode &= ~(0777);
+ files [files_index].stat.st_mode |= (new_mode & 0777);
+ }
+
+ }
+
+ /*
+ * END HACK
+ */
+
+ files[files_index].have_acl = (0 < n);
+ if (n < 0)
+ error (0, errno, "%s", quotearg_colon (path));
#endif
if (S_ISLNK (files[files_index].stat.st_mode)
--
Claudiu Cismaru
PGP Key http://claudiu.targujiu.net/key.gpg
pgp7GvRYNk0ZM.pgp
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Enanchement of /bin/ls for ACLs -l option,
Claudiu C. <=