18 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
65528d1782 Simplify and optimize. This speeds up 'initattr' enormously for small
attribute sizes (up to two orders of magnitude!)
2002-04-06 05:02:54 +00:00
Robert Watson
566726db95 o Add a 'showattr' function the extattrctl, allowing a backing file to
be inspected to show the maximum attribute size and file.
2001-12-31 18:21:24 +00:00
Chris D. Faulhaber
f2dd987c46 Make extattrctl WARNS?=2-safe:
o remove extraneous extern's
o prototype functions
o combine multiple return (0)'s into a single return (0) at the
  end of main()

Approved by:	rwatson
Obtained from:	TrustedBSD Project
2001-11-27 18:58:56 +00:00
Robert Watson
a8843add6d o Update copyright dates, comments...
Obtained from:	TrustedBSD Project
2001-11-15 22:56:40 +00:00
Robert Watson
8970738b86 o extattrctl initattr, when pre-allocating store for extended attributes,
computed a a chunksize that didn't include the extended attribute
  header.  This was a non-fatal error, in that it was just writing out
  zeros anyway, but did have the effect of not pre-allocating the
  right amount of disk space.  This fix calculates chunksize to include
  the attribute header.

Submitted by:	Dale Rahn
Sponsored by:	DARPA, UPenn POSSE Project
Obtained from:	OpenBSD
2001-11-15 22:50:06 +00:00
Robert Watson
de5660b047 o Rename "namespace" argument to "attrnamespace" as namespace is a C++
reserved word.

Submitted by:		jkh
Obtained from:	TrustedBSD Project
2001-03-19 06:00:41 +00:00
Thomas Moestl
fccc713c06 Correct the arguments to the extattrct()l call so that the enable and
disable commands work as documented.

Approved by:	rwatson
2001-03-17 15:59:59 +00:00
Robert Watson
bf6afea751 o Update extattrctl to take into account the updated EA interface with
explicit namespaces.  Modify it to use libutil for string/constant
  namespace conversions.  Update the documentation to take into account
  the new interface.

Obtained from:	TrustedBSD Project
2001-03-15 03:04:35 +00:00
Robert Watson
58ef75f022 o Check return of strdup() for NULL, abort if so.
Submitted by:	jedgar
2000-12-14 01:51:39 +00:00
Robert Watson
8f0dcdab88 o What a good idea, `-o'' should be a `-f'' like in every other
utility that is cautious but sometimes you want to be less
  cautious.  Go figure.

Submitted by:	sheldonh
2000-09-12 14:35:48 +00:00
Robert Watson
1fec210a69 o Add a ``-o'' argument to initattr, which causes extattrctl to overwrite
the existing attribute file rather than aborting with an error.
o Useful if you want to reset the state of attributes on the system without
  allocating different disk blocks through deletion and recreation,
  for example, if you're doing benchmarks of extended attribute code. :-)

Obtained from:	TrustedBSD Project
2000-09-12 04:40:34 +00:00
Robert Watson
6af9621841 o When pre-allocating attribute storage space, also allocate space for
attribute instance headers, or higher inode numbers will require
  additional disk blocks to be allocated later.

Obtained from:	TrustedBSD Project
2000-09-07 20:32:31 +00:00
Robert Watson
bbf0607700 Modify extended attribute protection model to authorize based on
attribute namespace and DAC protection on file:
	- Attribute names beginning with '$' are in the system namespace
	- The attribute name "$" is reserved
	- System namespace attributes may only be read/set by suser()
	  or by kernel (cred == NULL)
	- Other attribute names are in the application namespace
	- The attribute name "" is reserved
	- Application namespace attributes are protected in the manner
	  of the target file permission

o Kernel changes
	- Add ufs_extattr_valid_attrname() to check whether the requested
	  attribute "set" or "enable" is appropriate (i.e., non-reserved)
	- Modify ufs_extattr_credcheck() to accept target file vnode, not
	  to take inode uid
	- Modify ufs_extattr_credcheck() to check namespace, then enforce
	  either kernel/suser for system namespace, or vaccess() for
	  application namespace
o EA backing file format changes
	- Remove permission fields from extended attribute backing file
	  header
	- Bump extended attribute backing file header version to 3
o Update extattrctl.c and extattrctl.8
	- Remove now deprecated -r and -w arguments to initattr, as
	  permissions are now implicit
	- (unrelated) fix error reporting and unlinking during failed
	  initattr to remove duplicate/inaccurate error messages, and to
	  only unlink if the failure wasn't in the backing file open()

Obtained from:	TrustedBSD Project
2000-09-02 20:31:26 +00:00
Robert Watson
3b88d2796e o Correct getopt() argument so that initattr -r and -w take an additional
argument via optarg.  This corrects a segfault when initattr is invoked
  with either of these two arguments.  Not sure how this got broken given
  that in the original patches it was fine -- presumably a merging
  mistake.

Obtained from:	TrustedBSD Project
2000-07-12 02:20:16 +00:00
Robert Watson
6c50ada1bd o Update extattrctl.8 to reflect new initattr -p, -r, and -w options.
o Update extattrctl.c to default new attributes to readable and writable
  only by the kernel and root user.  Previously the default was to allow
  the file owner to directory view and manipulate the attributes, which
  is probably an inappropriate default.
2000-04-20 20:32:43 +00:00
Robert Watson
2a60effdd8 o Allow the ``-p'' argument to be specified to initattr, which indicates
that space for extended attributes should be preallocated, instead of
  using a sparse attribute file.  NOTE: This can result in a really
  large file full of zeros.  However, it can prevent a low disk condition
  from causing an attribute write to fail, which is good for security and
  consistency attributes.

o Unlink the attribute file during initattr if an error occurs -- this is
  alright, as we specify O_CREAT when opening the file.
2000-04-20 18:31:00 +00:00
Robert Watson
7036b7cd31 o Update initattr to add magic numbers and version number 2000-04-19 20:13:34 +00:00
Robert Watson
9754f5b65b Introduced /usr/sbin/extattrctl, a utility for managing UFS/FFS extended
attributes (recently committed).  Using extattrctl, the extended attribute
service may be started and stopped for specific file systems; specific
attributes may be enabled or disabled, and the backing file for each
attribute configured.  Also, backing files may be initialized.

Reviewed by:    adrian, bp, freebsd-fs, the unthanked masses
Obtained from:  TrustedBSD
2000-04-15 05:14:39 +00:00