diff --git a/usr.sbin/extattr/Makefile b/usr.sbin/extattr/Makefile new file mode 100644 index 000000000000..ae349752d689 --- /dev/null +++ b/usr.sbin/extattr/Makefile @@ -0,0 +1,16 @@ +# $FreeBSD$ + +PROG= rmextattr +MAN= rmextattr.8 + +LINKS+= ${BINDIR}/rmextattr ${BINDIR}/getextattr +LINKS+= ${BINDIR}/rmextattr ${BINDIR}/setextattr +LINKS+= ${BINDIR}/rmextattr ${BINDIR}/lsextattr + +MLINKS+= rmextattr.8 setextattr.8 +MLINKS+= rmextattr.8 getextattr.8 +MLINKS+= rmextattr.8 lsextattr.8 + +WARNS?= 5 + +.include diff --git a/usr.sbin/extattr/rmextattr.8 b/usr.sbin/extattr/rmextattr.8 new file mode 100644 index 000000000000..dc87bf96a2d9 --- /dev/null +++ b/usr.sbin/extattr/rmextattr.8 @@ -0,0 +1,115 @@ +.\"- +.\" Copyright (c) 2000, 2001 Robert N. M. Watson +.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by Poul-Henning +.\" Kamp and Network Associates Laboratories, the Security Research Division +.\" of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd August 30, 2000 +.Dt RMEXTATTR 8 +.Os +.Sh NAME +.Nm getextattr , +.Nm lsextattr , +.Nm rmextattr , +.Nm setextattr +.Nd manipulated extended attributes +.Sh SYNOPSIS +.Nm getextattr +.Op Fl fqsx +.Ar attrnamespace +.Ar attrname +.Ar filename ... +.Nm lsextattr +.Op Fl fq +.Ar attrnamespace +.Ar filename ... +.Nm rmextattr +.Op Fl fq +.Ar attrnamespace +.Ar attrname +.Ar filename ... +.Nm setextattr +.Op Fl fq +.Ar attrnamespace +.Ar attrname +.Ar attrvalue +.Ar filename ... +.Sh DESCRIPTION +These +utilities +are user tools to manipulated a named extended attributes on files and +directories. +The +.Ar attrnamespace +argument should be the namespace of the attribute to retrieve: legal +values are "user" and "system". +The +.Ar attrname +argument should be the name of the attribute, +.Ar filename +the name of the target file or directory, +.Ar attrvalue +a string to store in the attribute. +.Pp +The following options are available: +.Bl -tag -width flag +.It Fl -f +(Force) Ignore errors on individual filenames and continue with +the remaining arguments. +.It Fl -q +(Quiet) Do not print out the pathname and suppress error messages. +.It Fl -s +(Stringify) Escape nonprinting characters and put quotes around the output. +.It Fl -x +(Hex) Print the output in hexadecimal. +.El +.Sh EXAMPLES +.Dl # setextattr system md5 `md5 -q /boot/kernel/kernel` /boot/kernel/kernel +.Dl # getextattr system md5 /boot/kernel/kernel +.Dl # lsextattr system /boot/kernel/kernel +.Dl # rmextattr system md5 /boot/kernel/kernel +.Sh SEE ALSO +.Xr extattr 2 , +.Xr extattr 3 , +.Xr extattrctl 8 , +.Xr extattr 9 +.Sh HISTORY +Extended attribute support was developed as part of the TrustedBSD Project, +and introduced in +.Fx 5.0 . +It was developed to support security extensions requiring additional labels +to be associated with each file or directory. +.Sh AUTHORS +Robert N M Watson and +Poul-Henning Kamp +.Sh BUGS +The +.Nm setextattr +utility can only be used to set attributes to strings. diff --git a/usr.sbin/extattr/rmextattr.c b/usr.sbin/extattr/rmextattr.c new file mode 100644 index 000000000000..79cd163bc1ce --- /dev/null +++ b/usr.sbin/extattr/rmextattr.c @@ -0,0 +1,238 @@ +/*- + * Copyright (c) 2002 Networks Associates Technology, Inc. + * Copyright (c) 2002 Poul-Henning Kamp. + * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson + * All rights reserved. + * + * This software was developed for the FreeBSD Project by Poul-Henning + * Kamp and Network Associates Laboratories, the Security Research Division + * of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The names of the authors may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +static enum { EADUNNO, EAGET, EASET, EARM, EALS } what = EADUNNO; + +static void __dead2 +usage(void) +{ + + switch (what) { + case EAGET: + fprintf(stderr, "usage: getextattr [-fqsx] attrnamespace"); + fprintf(stderr, " attrname filename ...\n"); + exit(-1); + case EASET: + fprintf(stderr, "usage: setextattr [-fq] attrnamespace"); + fprintf(stderr, " attrname attrvalue filename ...\n"); + exit(-1); + case EARM: + fprintf(stderr, "usage: rmextattr [-fq] attrnamespace"); + fprintf(stderr, " attrname filename ...\n"); + exit(-1); + case EALS: + fprintf(stderr, "usage: lsextattr [-fq] attrnamespace"); + fprintf(stderr, " filename ...\n"); + exit(-1); + case EADUNNO: + default: + fprintf(stderr, "usage: (getextattr|lsextattr|rmextattr"); + fprintf(stderr, "|setextattr)\n"); + exit (-1); + } +} + +static void +mkbuf(char **buf, int *oldlen, int newlen) +{ + + if (*oldlen >= newlen) + return; + if (*buf != NULL) + free(*buf); + *buf = malloc(newlen); + if (*buf == NULL) + err(1, "malloc"); + *oldlen = newlen; + return; +} + +int +main(int argc, char *argv[]) +{ + char *buf, *visbuf, *p; + + const char *options, *attrname; + int buflen, visbuflen, ch, error, i, arg_counter, attrnamespace; + + int flag_force = 0; + int flag_quiet = 0; + int flag_string = 0; + int flag_hex = 0; + + visbuflen = buflen = 0; + visbuf = buf = NULL; + + p = strrchr(argv[0], '/'); + if (p == NULL) + p = argv[0]; + if (!strcmp(p, "getextattr")) { + what = EAGET; + options = "fqsx"; + } else if (!strcmp(p, "setextattr")) { + what = EASET; + options = "fq"; + } else if (!strcmp(p, "rmextattr")) { + what = EARM; + options = "fq"; + } else if (!strcmp(p, "lsextattr")) { + what = EALS; + options = "fq"; + } else { + usage(); + } + + while ((ch = getopt(argc, argv, options)) != -1) { + switch (ch) { + case 'f': + flag_force = 1; + break; + case 'q': + flag_quiet = 1; + break; + case 's': + flag_string = 1; + break; + case 'x': + flag_hex = 1; + break; + case '?': + default: + usage(); + } + } + + argc -= optind; + argv += optind; + + if (argc < 2) + usage(); + + error = extattr_string_to_namespace(argv[0], &attrnamespace); + if (error) + err(-1, argv[0]); + argc--; argv++; + + if (what == EALS) { + attrname = ""; + } else { + attrname = argv[0]; + argc--; argv++; + } + + if (what == EASET) { + mkbuf(&buf, &buflen, strlen(argv[0]) + 1); + strcpy(buf, argv[0]); + argc--; argv++; + } + + for (arg_counter = 0; arg_counter < argc; arg_counter++) { + switch (what) { + case EARM: + error = extattr_delete_file(argv[arg_counter], + attrnamespace, attrname); + if (error >= 0) + continue; + break; + case EASET: + error = extattr_set_file(argv[arg_counter], + attrnamespace, attrname, buf, strlen(buf)); + if (error >= 0) + continue; + break; + case EALS: + case EAGET: + error = extattr_get_file(argv[arg_counter], + attrnamespace, attrname, NULL, 0); + if (error < 0) + break; + mkbuf(&buf, &buflen, error); + error = extattr_get_file(argv[arg_counter], + attrnamespace, attrname, buf, buflen); + if (error < 0) + break; + if (!flag_quiet) + printf("%s\t", argv[arg_counter]); + if (what == EALS) { + for (i = 0; i < error; i += buf[i] + 1) + printf("%s%*.*s", i ? "\t" : "", + buf[i], buf[i], buf + i + 1); + printf("\n"); + continue; + } + if (flag_string) { + mkbuf(&visbuf, &visbuflen, error * 4 + 1); + strvisx(visbuf, buf, error, + VIS_SAFE | VIS_WHITE); + printf("\"%s\"\n", visbuf); + continue; + } else if (flag_hex) { + for (i = 0; i < error; i++) + printf("%s%02x", i ? " " : "", + buf[i]); + printf("\n"); + continue; + } else { + fwrite(buf, buflen, 1, stdout); + printf("\n"); + continue; + } + default: + break; + } + if (!flag_quiet) + warn("%s: failed", argv[arg_counter]); + if (flag_force) + continue; + return(1); + } + return (0); +}