source: freewrt/tools/paxmirabilis/src/file_subs.c@ bceb42b

freewrt_1_0 freewrt_2_0
Last change on this file since bceb42b was bceb42b, checked in by Thorsten Glaser <tg@…>, 19 years ago

wbx@ asked me a few seconds too late to use an src/ subdirectory

git-svn-id: svn://www.freewrt.org/trunk/freewrt@204 afb5a338-a214-0410-bd46-81f09a774fd1
  • Property mode set to 100644
File size: 28.0 KB
Line 
1/** $MirOS: src/bin/pax/file_subs.c,v 1.7 2006/06/23 23:03:56 tg Exp $ */
2/* $OpenBSD: file_subs.c,v 1.30 2005/11/09 19:59:06 otto Exp $ */
3/* $NetBSD: file_subs.c,v 1.4 1995/03/21 09:07:18 cgd Exp $ */
4
5/*-
6 * Copyright (c) 1992 Keith Muller.
7 * Copyright (c) 1992, 1993
8 * The Regents of the University of California. All rights reserved.
9 *
10 * This code is derived from software contributed to Berkeley by
11 * Keith Muller of the University of California, San Diego.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. Neither the name of the University nor the names of its contributors
22 * may be used to endorse or promote products derived from this software
23 * without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 */
37
38#include <sys/param.h>
39#include <sys/time.h>
40#include <sys/stat.h>
41#include <sys/uio.h>
42#include <err.h>
43#include <errno.h>
44#include <fcntl.h>
45#include <stdio.h>
46#include <stdlib.h>
47#include <string.h>
48#include <unistd.h>
49#ifdef __INTERIX
50#include <utime.h>
51#endif
52#include "pax.h"
53#include "options.h"
54#include "extern.h"
55
56__SCCSID("@(#)file_subs.c 8.1 (Berkeley) 5/31/93");
57__RCSID("$MirOS: src/bin/pax/file_subs.c,v 1.7 2006/06/23 23:03:56 tg Exp $");
58
59static int
60mk_link(char *, struct stat *, char *, int);
61
62/*
63 * routines that deal with file operations such as: creating, removing;
64 * and setting access modes, uid/gid and times of files
65 */
66
67#define FILEBITS (S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO)
68#define SETBITS (S_ISUID | S_ISGID)
69#define ABITS (FILEBITS | SETBITS)
70
71/*
72 * file_creat()
73 * Create and open a file.
74 * Return:
75 * file descriptor or -1 for failure
76 */
77
78int
79file_creat(ARCHD *arcn)
80{
81 int fd = -1;
82 mode_t file_mode;
83 int oerrno;
84
85 /*
86 * Assume file doesn't exist, so just try to create it, most times this
87 * works. We have to take special handling when the file does exist. To
88 * detect this, we use O_EXCL. For example when trying to create a
89 * file and a character device or fifo exists with the same name, we
90 * can accidently open the device by mistake (or block waiting to open).
91 * If we find that the open has failed, then spend the effort to
92 * figure out why. This strategy was found to have better average
93 * performance in common use than checking the file (and the path)
94 * first with lstat.
95 */
96 file_mode = arcn->sb.st_mode & FILEBITS;
97 if ((fd = open(arcn->name, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL,
98 file_mode)) >= 0)
99 return(fd);
100
101 /*
102 * the file seems to exist. First we try to get rid of it (found to be
103 * the second most common failure when traced). If this fails, only
104 * then we go to the expense to check and create the path to the file
105 */
106 if (unlnk_exist(arcn->name, arcn->type) != 0)
107 return(-1);
108
109 for (;;) {
110 /*
111 * try to open it again, if this fails, check all the nodes in
112 * the path and give it a final try. if chk_path() finds that
113 * it cannot fix anything, we will skip the last attempt
114 */
115 if ((fd = open(arcn->name, O_WRONLY | O_CREAT | O_TRUNC,
116 file_mode)) >= 0)
117 break;
118 oerrno = errno;
119 if (nodirs || chk_path(arcn->name,arcn->sb.st_uid,arcn->sb.st_gid) < 0) {
120 syswarn(1, oerrno, "Unable to create %s", arcn->name);
121 return(-1);
122 }
123 }
124 return(fd);
125}
126
127/*
128 * file_close()
129 * Close file descriptor to a file just created by pax. Sets modes,
130 * ownership and times as required.
131 * Return:
132 * 0 for success, -1 for failure
133 */
134
135void
136file_close(ARCHD *arcn, int fd)
137{
138 int res = 0;
139
140 if (fd < 0)
141 return;
142
143 /*
144 * set owner/groups first as this may strip off mode bits we want
145 * then set file permission modes. Then set file access and
146 * modification times.
147 */
148 if (pids)
149 res = fset_ids(arcn->name, fd, arcn->sb.st_uid,
150 arcn->sb.st_gid);
151
152 /*
153 * IMPORTANT SECURITY NOTE:
154 * if not preserving mode or we cannot set uid/gid, then PROHIBIT
155 * set uid/gid bits
156 */
157 if (!pmode || res)
158 arcn->sb.st_mode &= ~(SETBITS);
159 if (pmode)
160 fset_pmode(arcn->name, fd, arcn->sb.st_mode);
161#ifndef __INTERIX
162 if (patime || pmtime)
163 fset_ftime(arcn->name, fd, arcn->sb.st_mtime,
164 arcn->sb.st_atime, 0);
165#endif
166 if (close(fd) < 0)
167 syswarn(0, errno, "Unable to close file descriptor on %s",
168 arcn->name);
169}
170
171/*
172 * lnk_creat()
173 * Create a hard link to arcn->ln_name from arcn->name. arcn->ln_name
174 * must exist;
175 * Return:
176 * 0 if ok, -1 otherwise
177 */
178
179int
180lnk_creat(ARCHD *arcn)
181{
182 struct stat sb;
183
184 /*
185 * we may be running as root, so we have to be sure that link target
186 * is not a directory, so we lstat and check
187 */
188 if (lstat(arcn->ln_name, &sb) < 0) {
189 syswarn(1,errno,"Unable to link to %s from %s", arcn->ln_name,
190 arcn->name);
191 return(-1);
192 }
193
194 if (S_ISDIR(sb.st_mode)) {
195 paxwarn(1, "A hard link to the directory %s is not allowed",
196 arcn->ln_name);
197 return(-1);
198 }
199
200 return(mk_link(arcn->ln_name, &sb, arcn->name, 0));
201}
202
203/*
204 * cross_lnk()
205 * Create a hard link to arcn->org_name from arcn->name. Only used in copy
206 * with the -l flag. No warning or error if this does not succeed (we will
207 * then just create the file)
208 * Return:
209 * 1 if copy() should try to create this file node
210 * 0 if cross_lnk() ok, -1 for fatal flaw (like linking to self).
211 */
212
213int
214cross_lnk(ARCHD *arcn)
215{
216 /*
217 * try to make a link to original file (-l flag in copy mode). make
218 * sure we do not try to link to directories in case we are running as
219 * root (and it might succeed).
220 */
221 if (arcn->type == PAX_DIR)
222 return(1);
223 return(mk_link(arcn->org_name, &(arcn->sb), arcn->name, 1));
224}
225
226/*
227 * chk_same()
228 * In copy mode if we are not trying to make hard links between the src
229 * and destinations, make sure we are not going to overwrite ourselves by
230 * accident. This slows things down a little, but we have to protect all
231 * those people who make typing errors.
232 * Return:
233 * 1 the target does not exist, go ahead and copy
234 * 0 skip it file exists (-k) or may be the same as source file
235 */
236
237int
238chk_same(ARCHD *arcn)
239{
240 struct stat sb;
241
242 /*
243 * if file does not exist, return. if file exists and -k, skip it
244 * quietly
245 */
246 if (lstat(arcn->name, &sb) < 0)
247 return(1);
248 if (kflag)
249 return(0);
250
251 /*
252 * better make sure the user does not have src == dest by mistake
253 */
254 if ((arcn->sb.st_dev == sb.st_dev) && (arcn->sb.st_ino == sb.st_ino)) {
255 paxwarn(1, "Unable to copy %s, file would overwrite itself",
256 arcn->name);
257 return(0);
258 }
259 return(1);
260}
261
262/*
263 * mk_link()
264 * try to make a hard link between two files. if ign set, we do not
265 * complain.
266 * Return:
267 * 0 if successful (or we are done with this file but no error, such as
268 * finding the from file exists and the user has set -k).
269 * 1 when ign was set to indicates we could not make the link but we
270 * should try to copy/extract the file as that might work (and is an
271 * allowed option). -1 an error occurred.
272 */
273
274static int
275mk_link(char *to, struct stat *to_sb, char *from, int ign)
276{
277 struct stat sb;
278 int oerrno;
279
280 /*
281 * if from file exists, it has to be unlinked to make the link. If the
282 * file exists and -k is set, skip it quietly
283 */
284 if (lstat(from, &sb) == 0) {
285 if (kflag)
286 return(0);
287
288 /*
289 * make sure it is not the same file, protect the user
290 */
291 if ((to_sb->st_dev==sb.st_dev)&&(to_sb->st_ino == sb.st_ino)) {
292 paxwarn(1, "Unable to link file %s to itself", to);
293 return(-1);
294 }
295
296 /*
297 * try to get rid of the file, based on the type
298 */
299 if (S_ISDIR(sb.st_mode)) {
300 if (rmdir(from) < 0) {
301 syswarn(1, errno, "Unable to remove %s", from);
302 return(-1);
303 }
304 } else if (unlink(from) < 0) {
305 if (!ign) {
306 syswarn(1, errno, "Unable to remove %s", from);
307 return(-1);
308 }
309 return(1);
310 }
311 }
312
313 /*
314 * from file is gone (or did not exist), try to make the hard link.
315 * if it fails, check the path and try it again (if chk_path() says to
316 * try again)
317 */
318 for (;;) {
319 if (link(to, from) == 0)
320 break;
321 oerrno = errno;
322 if (!nodirs && chk_path(from, to_sb->st_uid, to_sb->st_gid) == 0)
323 continue;
324 if (!ign) {
325 syswarn(1, oerrno, "Could not link to %s from %s", to,
326 from);
327 return(-1);
328 }
329 return(1);
330 }
331
332 /*
333 * all right the link was made
334 */
335 return(0);
336}
337
338/*
339 * node_creat()
340 * create an entry in the file system (other than a file or hard link).
341 * If successful, sets uid/gid modes and times as required.
342 * Return:
343 * 0 if ok, -1 otherwise
344 */
345
346int
347node_creat(ARCHD *arcn)
348{
349 int res;
350 int ign = 0;
351 int oerrno;
352 int pass = 0;
353 mode_t file_mode;
354 struct stat sb;
355 char target[MAXPATHLEN];
356 char *nm = arcn->name;
357 int len;
358
359 /*
360 * create node based on type, if that fails try to unlink the node and
361 * try again. finally check the path and try again. As noted in the
362 * file and link creation routines, this method seems to exhibit the
363 * best performance in general use workloads.
364 */
365 file_mode = arcn->sb.st_mode & FILEBITS;
366
367 for (;;) {
368 switch (arcn->type) {
369 case PAX_DIR:
370 /*
371 * If -h (or -L) was given in tar-mode, follow the
372 * potential symlink chain before trying to create the
373 * directory.
374 */
375 if (strcmp(NM_TAR, argv0) == 0 && Lflag) {
376 while (lstat(nm, &sb) == 0 &&
377 S_ISLNK(sb.st_mode)) {
378 len = readlink(nm, target,
379 sizeof target - 1);
380 if (len == -1) {
381 syswarn(0, errno,
382 "cannot follow symlink %s in chain for %s",
383 nm, arcn->name);
384 res = -1;
385 goto badlink;
386 }
387 target[len] = '\0';
388 nm = target;
389 }
390 }
391 res = mkdir(nm, file_mode);
392
393badlink:
394 if (ign)
395 res = 0;
396 break;
397 case PAX_CHR:
398 file_mode |= S_IFCHR;
399 res = mknod(nm, file_mode, arcn->sb.st_rdev);
400 break;
401 case PAX_BLK:
402 file_mode |= S_IFBLK;
403 res = mknod(nm, file_mode, arcn->sb.st_rdev);
404 break;
405 case PAX_FIF:
406 res = mkfifo(nm, file_mode);
407 break;
408 case PAX_SCK:
409 /*
410 * Skip sockets, operation has no meaning under BSD
411 */
412 paxwarn(0,
413 "%s skipped. Sockets cannot be copied or extracted",
414 nm);
415 return(-1);
416 case PAX_SLK:
417 res = symlink(arcn->ln_name, nm);
418 break;
419 case PAX_CTG:
420 case PAX_HLK:
421 case PAX_HRG:
422 case PAX_REG:
423 default:
424 /*
425 * we should never get here
426 */
427 paxwarn(0, "%s has an unknown file type, skipping",
428 nm);
429 return(-1);
430 }
431
432 /*
433 * if we were able to create the node break out of the loop,
434 * otherwise try to unlink the node and try again. if that
435 * fails check the full path and try a final time.
436 */
437 if (res == 0)
438 break;
439
440 /*
441 * we failed to make the node
442 */
443 oerrno = errno;
444 if ((ign = unlnk_exist(nm, arcn->type)) < 0)
445 return(-1);
446
447 if (++pass <= 1)
448 continue;
449
450 if (nodirs || chk_path(nm,arcn->sb.st_uid,arcn->sb.st_gid) < 0) {
451 syswarn(1, oerrno, "Could not create: %s", nm);
452 return(-1);
453 }
454 }
455
456 /*
457 * we were able to create the node. set uid/gid, modes and times
458 */
459 if (pids)
460 res = ((arcn->type == PAX_SLK) ?
461 set_lids(nm, arcn->sb.st_uid, arcn->sb.st_gid) :
462 set_ids(nm, arcn->sb.st_uid, arcn->sb.st_gid));
463 else
464 res = 0;
465
466 /*
467 * symlinks are done now.
468 */
469 if (arcn->type == PAX_SLK)
470 return(0);
471
472 /*
473 * IMPORTANT SECURITY NOTE:
474 * if not preserving mode or we cannot set uid/gid, then PROHIBIT any
475 * set uid/gid bits
476 */
477 if (!pmode || res)
478 arcn->sb.st_mode &= ~(SETBITS);
479 if (pmode)
480 set_pmode(nm, arcn->sb.st_mode);
481
482 if (arcn->type == PAX_DIR && strcmp(NM_CPIO, argv0) != 0) {
483 /*
484 * Dirs must be processed again at end of extract to set times
485 * and modes to agree with those stored in the archive. However
486 * to allow extract to continue, we may have to also set owner
487 * rights. This allows nodes in the archive that are children
488 * of this directory to be extracted without failure. Both time
489 * and modes will be fixed after the entire archive is read and
490 * before pax exits.
491 */
492 if (access(nm, R_OK | W_OK | X_OK) < 0) {
493 if (lstat(nm, &sb) < 0) {
494 syswarn(0, errno,"Could not access %s (stat)",
495 arcn->name);
496 set_pmode(nm,file_mode | S_IRWXU);
497 } else {
498 /*
499 * We have to add rights to the dir, so we make
500 * sure to restore the mode. The mode must be
501 * restored AS CREATED and not as stored if
502 * pmode is not set.
503 */
504 set_pmode(nm,
505 ((sb.st_mode & FILEBITS) | S_IRWXU));
506 if (!pmode)
507 arcn->sb.st_mode = sb.st_mode;
508 }
509
510 /*
511 * we have to force the mode to what was set here,
512 * since we changed it from the default as created.
513 */
514 add_dir(nm, &(arcn->sb), 1);
515 } else if (pmode || patime || pmtime)
516 add_dir(nm, &(arcn->sb), 0);
517 }
518
519 if (patime || pmtime)
520 set_ftime(nm, arcn->sb.st_mtime, arcn->sb.st_atime, 0);
521 return(0);
522}
523
524/*
525 * unlnk_exist()
526 * Remove node from file system with the specified name. We pass the type
527 * of the node that is going to replace it. When we try to create a
528 * directory and find that it already exists, we allow processing to
529 * continue as proper modes etc will always be set for it later on.
530 * Return:
531 * 0 is ok to proceed, no file with the specified name exists
532 * -1 we were unable to remove the node, or we should not remove it (-k)
533 * 1 we found a directory and we were going to create a directory.
534 */
535
536int
537unlnk_exist(char *name, int type)
538{
539 struct stat sb;
540
541 /*
542 * the file does not exist, or -k we are done
543 */
544 if (lstat(name, &sb) < 0)
545 return(0);
546 if (kflag)
547 return(-1);
548
549 if (S_ISDIR(sb.st_mode)) {
550 /*
551 * try to remove a directory, if it fails and we were going to
552 * create a directory anyway, tell the caller (return a 1)
553 */
554 if (rmdir(name) < 0) {
555 if (type == PAX_DIR)
556 return(1);
557 syswarn(1,errno,"Unable to remove directory %s", name);
558 return(-1);
559 }
560 return(0);
561 }
562
563 /*
564 * try to get rid of all non-directory type nodes
565 */
566 if (unlink(name) < 0) {
567 syswarn(1, errno, "Could not unlink %s", name);
568 return(-1);
569 }
570 return(0);
571}
572
573/*
574 * chk_path()
575 * We were trying to create some kind of node in the file system and it
576 * failed. chk_path() makes sure the path up to the node exists and is
577 * writeable. When we have to create a directory that is missing along the
578 * path somewhere, the directory we create will be set to the same
579 * uid/gid as the file has (when uid and gid are being preserved).
580 * NOTE: this routine is a real performance loss. It is only used as a
581 * last resort when trying to create entries in the file system.
582 * Return:
583 * -1 when it could find nothing it is allowed to fix.
584 * 0 otherwise
585 */
586
587int
588chk_path(char *name, uid_t st_uid, gid_t st_gid)
589{
590 char *spt = name;
591 struct stat sb;
592 int retval = -1;
593
594 /*
595 * watch out for paths with nodes stored directly in / (e.g. /bozo)
596 */
597 if (*spt == '/')
598 ++spt;
599
600 for (;;) {
601 /*
602 * work forward from the first / and check each part of the path
603 */
604 spt = strchr(spt, '/');
605 if (spt == NULL)
606 break;
607 *spt = '\0';
608
609 /*
610 * if it exists we assume it is a directory, it is not within
611 * the spec (at least it seems to read that way) to alter the
612 * file system for nodes NOT EXPLICITLY stored on the archive.
613 * If that assumption is changed, you would test the node here
614 * and figure out how to get rid of it (probably like some
615 * recursive unlink()) or fix up the directory permissions if
616 * required (do an access()).
617 */
618 if (lstat(name, &sb) == 0) {
619 *(spt++) = '/';
620 continue;
621 }
622
623 /*
624 * the path fails at this point, see if we can create the
625 * needed directory and continue on
626 */
627 if (mkdir(name, S_IRWXU | S_IRWXG | S_IRWXO) < 0) {
628 *spt = '/';
629 retval = -1;
630 break;
631 }
632
633 /*
634 * we were able to create the directory. We will tell the
635 * caller that we found something to fix, and it is ok to try
636 * and create the node again.
637 */
638 retval = 0;
639 if (pids)
640 (void)set_ids(name, st_uid, st_gid);
641
642 /*
643 * make sure the user doesn't have some strange umask that
644 * causes this newly created directory to be unusable. We fix
645 * the modes and restore them back to the creation default at
646 * the end of pax
647 */
648 if ((access(name, R_OK | W_OK | X_OK) < 0) &&
649 (lstat(name, &sb) == 0)) {
650 set_pmode(name, ((sb.st_mode & FILEBITS) | S_IRWXU));
651 add_dir(name, &sb, 1);
652 }
653 *(spt++) = '/';
654 continue;
655 }
656 return(retval);
657}
658
659/*
660 * set_ftime()
661 * Set the access time and modification time for a named file. If frc
662 * is non-zero we force these times to be set even if the user did not
663 * request access and/or modification time preservation (this is also
664 * used by -t to reset access times).
665 * When ign is zero, only those times the user has asked for are set, the
666 * other ones are left alone. We do not assume the un-documented feature
667 * of many utimes() implementations that consider a 0 time value as a do
668 * not set request.
669 */
670
671void
672set_ftime(char *fnm, time_t mtime, time_t atime, int frc)
673{
674 static struct timeval tv[2] = {{0L, 0L}, {0L, 0L}};
675 struct stat sb;
676#ifdef __INTERIX
677 struct utimbuf u;
678#endif
679
680 tv[0].tv_sec = (long)atime;
681 tv[1].tv_sec = (long)mtime;
682 if (!frc && (!patime || !pmtime)) {
683 /*
684 * if we are not forcing, only set those times the user wants
685 * set. We get the current values of the times if we need them.
686 */
687 if (lstat(fnm, &sb) == 0) {
688 if (!patime)
689 tv[0].tv_sec = (long)sb.st_atime;
690 if (!pmtime)
691 tv[1].tv_sec = (long)sb.st_mtime;
692 } else
693 syswarn(0,errno,"Unable to obtain file stats %s", fnm);
694 }
695
696 /*
697 * set the times
698 */
699#ifdef __INTERIX
700 u.actime = tv[0].tv_sec;
701 u.modtime = tv[1].tv_sec;
702 if (utime(fnm, &u) < 0)
703#else
704 if (utimes(fnm, tv) < 0)
705#endif
706 syswarn(1, errno, "Access/modification time set failed on: %s",
707 fnm);
708 return;
709}
710
711#ifndef __INTERIX
712void
713fset_ftime(char *fnm, int fd, time_t mtime, time_t atime, int frc)
714{
715 static struct timeval tv[2] = {{0L, 0L}, {0L, 0L}};
716 struct stat sb;
717
718 tv[0].tv_sec = (long)atime;
719 tv[1].tv_sec = (long)mtime;
720 if (!frc && (!patime || !pmtime)) {
721 /*
722 * if we are not forcing, only set those times the user wants
723 * set. We get the current values of the times if we need them.
724 */
725 if (fstat(fd, &sb) == 0) {
726 if (!patime)
727 tv[0].tv_sec = (long)sb.st_atime;
728 if (!pmtime)
729 tv[1].tv_sec = (long)sb.st_mtime;
730 } else
731 syswarn(0,errno,"Unable to obtain file stats %s", fnm);
732 }
733 /*
734 * set the times
735 */
736 if (futimes(fd, tv) < 0)
737 syswarn(1, errno, "Access/modification time set failed on: %s",
738 fnm);
739 return;
740}
741#endif
742
743/*
744 * set_ids()
745 * set the uid and gid of a file system node
746 * Return:
747 * 0 when set, -1 on failure
748 */
749
750int
751set_ids(char *fnm, uid_t uid, gid_t gid)
752{
753 if (chown(fnm, uid, gid) < 0) {
754 /*
755 * ignore EPERM unless in verbose mode or being run by root.
756 * if running as pax, POSIX requires a warning.
757 */
758 if (strcmp(NM_PAX, argv0) == 0
759#ifndef __INTERIX
760 || errno != EPERM || vflag ||
761 geteuid() == 0
762#endif
763 )
764 syswarn(1, errno, "Unable to set file uid/gid of %s",
765 fnm);
766 return(-1);
767 }
768 return(0);
769}
770
771int
772fset_ids(char *fnm, int fd, uid_t uid, gid_t gid)
773{
774 if (fchown(fd, uid, gid) < 0) {
775 /*
776 * ignore EPERM unless in verbose mode or being run by root.
777 * if running as pax, POSIX requires a warning.
778 */
779 if (strcmp(NM_PAX, argv0) == 0 || errno != EPERM || vflag ||
780 geteuid() == 0)
781 syswarn(1, errno, "Unable to set file uid/gid of %s",
782 fnm);
783 return(-1);
784 }
785 return(0);
786}
787
788/*
789 * set_lids()
790 * set the uid and gid of a file system node
791 * Return:
792 * 0 when set, -1 on failure
793 */
794
795int
796set_lids(char *fnm, uid_t uid, gid_t gid)
797{
798#ifndef __APPLE__
799 if (lchown(fnm, uid, gid) < 0) {
800 /*
801 * ignore EPERM unless in verbose mode or being run by root.
802 * if running as pax, POSIX requires a warning.
803 */
804 if (strcmp(NM_PAX, argv0) == 0
805#ifndef __INTERIX
806 || errno != EPERM || vflag ||
807 geteuid() == 0
808#endif
809 )
810 syswarn(1, errno, "Unable to set file uid/gid of %s",
811 fnm);
812 return(-1);
813 }
814#endif
815 return(0);
816}
817
818/*
819 * set_pmode()
820 * Set file access mode
821 */
822
823void
824set_pmode(char *fnm, mode_t mode)
825{
826 mode &= ABITS;
827 if (chmod(fnm, mode) < 0)
828 syswarn(1, errno, "Could not set permissions on %s", fnm);
829 return;
830}
831
832void
833fset_pmode(char *fnm, int fd, mode_t mode)
834{
835 mode &= ABITS;
836 if (fchmod(fd, mode) < 0)
837 syswarn(1, errno, "Could not set permissions on %s", fnm);
838 return;
839}
840
841/*
842 * file_write()
843 * Write/copy a file (during copy or archive extract). This routine knows
844 * how to copy files with lseek holes in it. (Which are read as file
845 * blocks containing all 0's but do not have any file blocks associated
846 * with the data). Typical examples of these are files created by dbm
847 * variants (.pag files). While the file size of these files are huge, the
848 * actual storage is quite small (the files are sparse). The problem is
849 * the holes read as all zeros so are probably stored on the archive that
850 * way (there is no way to determine if the file block is really a hole,
851 * we only know that a file block of all zero's can be a hole).
852 * At this writing, no major archive format knows how to archive files
853 * with holes. However, on extraction (or during copy, -rw) we have to
854 * deal with these files. Without detecting the holes, the files can
855 * consume a lot of file space if just written to disk. This replacement
856 * for write when passed the basic allocation size of a file system block,
857 * uses lseek whenever it detects the input data is all 0 within that
858 * file block. In more detail, the strategy is as follows:
859 * While the input is all zero keep doing an lseek. Keep track of when we
860 * pass over file block boundaries. Only write when we hit a non zero
861 * input. once we have written a file block, we continue to write it to
862 * the end (we stop looking at the input). When we reach the start of the
863 * next file block, start checking for zero blocks again. Working on file
864 * block boundaries significantly reduces the overhead when copying files
865 * that are NOT very sparse. This overhead (when compared to a write) is
866 * almost below the measurement resolution on many systems. Without it,
867 * files with holes cannot be safely copied. It does has a side effect as
868 * it can put holes into files that did not have them before, but that is
869 * not a problem since the file contents are unchanged (in fact it saves
870 * file space). (Except on paging files for diskless clients. But since we
871 * cannot determine one of those file from here, we ignore them). If this
872 * ever ends up on a system where CTG files are supported and the holes
873 * are not desired, just do a conditional test in those routines that
874 * call file_write() and have it call write() instead. BEFORE CLOSING THE
875 * FILE, make sure to call file_flush() when the last write finishes with
876 * an empty block. A lot of file systems will not create an lseek hole at
877 * the end. In this case we drop a single 0 at the end to force the
878 * trailing 0's in the file.
879 * ---Parameters---
880 * rem: how many bytes left in this file system block
881 * isempt: have we written to the file block yet (is it empty)
882 * sz: basic file block allocation size
883 * cnt: number of bytes on this write
884 * str: buffer to write
885 * Return:
886 * number of bytes written, -1 on write (or lseek) error.
887 */
888
889int
890file_write(int fd, char *str, int cnt, int *rem, int *isempt, int sz,
891 char *name)
892{
893 char *pt;
894 char *end;
895 int wcnt;
896 char *st = str;
897 char **strp;
898
899 /*
900 * while we have data to process
901 */
902 while (cnt) {
903 if (!*rem) {
904 /*
905 * We are now at the start of file system block again
906 * (or what we think one is...). start looking for
907 * empty blocks again
908 */
909 *isempt = 1;
910 *rem = sz;
911 }
912
913 /*
914 * only examine up to the end of the current file block or
915 * remaining characters to write, whatever is smaller
916 */
917 wcnt = MIN(cnt, *rem);
918 cnt -= wcnt;
919 *rem -= wcnt;
920 if (*isempt) {
921 /*
922 * have not written to this block yet, so we keep
923 * looking for zero's
924 */
925 pt = st;
926 end = st + wcnt;
927
928 /*
929 * look for a zero filled buffer
930 */
931 while ((pt < end) && (*pt == '\0'))
932 ++pt;
933
934 if (pt == end) {
935 /*
936 * skip, buf is empty so far
937 */
938 if (fd > -1 &&
939 lseek(fd, (off_t)wcnt, SEEK_CUR) < 0) {
940 syswarn(1,errno,"File seek on %s",
941 name);
942 return(-1);
943 }
944 st = pt;
945 continue;
946 }
947 /*
948 * drat, the buf is not zero filled
949 */
950 *isempt = 0;
951 }
952
953 /*
954 * have non-zero data in this file system block, have to write
955 */
956 switch (fd) {
957 case -1:
958 strp = &gnu_name_string;
959 break;
960 case -2:
961 strp = &gnu_link_string;
962 break;
963 default:
964 strp = NULL;
965 break;
966 }
967 if (strp) {
968 if (*strp)
969 err(1, "WARNING! Major Internal Error! GNU hack Failing!");
970 *strp = malloc(wcnt + 1);
971 if (*strp == NULL) {
972 paxwarn(1, "Out of memory");
973 return(-1);
974 }
975 memcpy(*strp, st, wcnt);
976 (*strp)[wcnt] = '\0';
977 break;
978 } else if (write(fd, st, wcnt) != wcnt) {
979 syswarn(1, errno, "Failed write to file %s", name);
980 return(-1);
981 }
982 st += wcnt;
983 }
984 return(st - str);
985}
986
987/*
988 * file_flush()
989 * when the last file block in a file is zero, many file systems will not
990 * let us create a hole at the end. To get the last block with zeros, we
991 * write the last BYTE with a zero (back up one byte and write a zero).
992 */
993
994void
995file_flush(int fd, char *fname, int isempt)
996{
997 static char blnk[] = "\0";
998
999 /*
1000 * silly test, but make sure we are only called when the last block is
1001 * filled with all zeros.
1002 */
1003 if (!isempt)
1004 return;
1005
1006 /*
1007 * move back one byte and write a zero
1008 */
1009 if (lseek(fd, (off_t)-1, SEEK_CUR) < 0) {
1010 syswarn(1, errno, "Failed seek on file %s", fname);
1011 return;
1012 }
1013
1014 if (write(fd, blnk, 1) < 0)
1015 syswarn(1, errno, "Failed write to file %s", fname);
1016 return;
1017}
1018
1019/*
1020 * rdfile_close()
1021 * close a file we have beed reading (to copy or archive). If we have to
1022 * reset access time (tflag) do so (the times are stored in arcn).
1023 */
1024
1025void
1026rdfile_close(ARCHD *arcn, int *fd)
1027{
1028 /*
1029 * make sure the file is open
1030 */
1031 if (*fd < 0)
1032 return;
1033
1034 (void)close(*fd);
1035 *fd = -1;
1036 if (!tflag)
1037 return;
1038
1039 /*
1040 * user wants last access time reset
1041 */
1042 set_ftime(arcn->org_name, arcn->sb.st_mtime, arcn->sb.st_atime, 1);
1043 return;
1044}
1045
1046/*
1047 * set_crc()
1048 * read a file to calculate its crc. This is a real drag. Archive formats
1049 * that have this, end up reading the file twice (we have to write the
1050 * header WITH the crc before writing the file contents. Oh well...
1051 * Return:
1052 * 0 if was able to calculate the crc, -1 otherwise
1053 */
1054
1055int
1056set_crc(ARCHD *arcn, int fd)
1057{
1058 int i;
1059 int res;
1060 off_t cpcnt = 0L;
1061 u_long size;
1062 u_int32_t crc = 0;
1063 char tbuf[FILEBLK];
1064 struct stat sb;
1065
1066 if (fd < 0) {
1067 /*
1068 * hmm, no fd, should never happen. well no crc then.
1069 */
1070 arcn->crc = 0L;
1071 return(0);
1072 }
1073
1074 if ((size = (u_long)arcn->sb.st_blksize) > (u_long)sizeof(tbuf))
1075 size = (u_long)sizeof(tbuf);
1076
1077 /*
1078 * read all the bytes we think that there are in the file. If the user
1079 * is trying to archive an active file, forget this file.
1080 */
1081 for (;;) {
1082 if ((res = read(fd, tbuf, size)) <= 0)
1083 break;
1084 cpcnt += res;
1085 for (i = 0; i < res; ++i)
1086 crc += (tbuf[i] & 0xff);
1087 }
1088
1089 /*
1090 * safety check. we want to avoid archiving files that are active as
1091 * they can create inconsistent archive copies.
1092 */
1093 if (cpcnt != arcn->sb.st_size)
1094 paxwarn(1, "File changed size %s", arcn->org_name);
1095 else if (fstat(fd, &sb) < 0)
1096 syswarn(1, errno, "Failed stat on %s", arcn->org_name);
1097 else if (arcn->sb.st_mtime != sb.st_mtime)
1098 paxwarn(1, "File %s was modified during read", arcn->org_name);
1099 else if (lseek(fd, (off_t)0L, SEEK_SET) < 0)
1100 syswarn(1, errno, "File rewind failed on: %s", arcn->org_name);
1101 else {
1102 arcn->crc = crc;
1103 return(0);
1104 }
1105 return(-1);
1106}
Note: See TracBrowser for help on using the repository browser.