61 Commits

Author SHA1 Message Date
trasz
3b2ecc9e06 Mention that read_attributes, write_attributes, read_acl and write_acl
are always permitted for the file owner.

PR:		kern/174948
MFC after:	1 week
2013-04-01 13:17:28 +00:00
trasz
57fb31bcdb Fix NFSv4 permission description in setfacl(1) manual page: the 'D'
means delete_child, not delete.

MFC after:	1 week
2013-02-08 18:43:47 +00:00
trasz
19b8d932d1 Improve description of the "-m" option to setfacl(1).
Submitted by:	scottl
MFC after:	1 week
2013-02-08 18:12:16 +00:00
trasz
2e7f4de812 In the setfacl(1) manual page, make it clear that for NFSv4 ACLs,
one should really use -a and -x instead of -m.

MFC after:	1 week
2013-02-08 18:02:28 +00:00
ed
fbb83e78c0 Fix warnings found by -Wmising-variable-declarations.
This self-written compiler warning, which is hopefully going to be
committed into LLVM sources soon, warns about potentially missing
`static' keywords, similar to -Wmissing-prototypes.

- bin/pax: Move external declaration of chdname and s_mask into extern.h.
- bin/setfacl: Move setfacl.c-specific stuff out of setfacl.h.
- sbin/mount_fusefs: Remove char *progname; use getprogname().
- others: add `static' where possible.
2012-10-19 05:43:38 +00:00
trasz
9e473fee55 Fix an error in setfacl(1) that manifested like this:
# setfacl -m u:trasz:rwx x
# setfacl -m u:root:rwx x
# getfacl x
# file: x
# owner: root
# group: wheel
user::rw-
user:root:rwx
user:trasz:rwx
group::r--
mask::rwx
other::r--
# setfacl -m u:root:rwx x
setfacl: x: acl_calc_mask() failed: Invalid argument
setfacl: x: failed to set ACL mask

For NFSv4 ACLs, this sort of situation would result in duplicated
entries.

MFC after:	1 month
2012-09-04 12:19:34 +00:00
trasz
d6100248e1 Make "setfacl -bd" an alias for "setfacl -k". Previously it would crash
on assert.

PR:		bin/165807
MFC after:	1 month
2012-09-04 11:50:13 +00:00
trasz
510edf439e Make setfacl(1) behave properly in situations like "setfacl -kd".
MFC after:	1 month
2012-09-04 11:43:00 +00:00
trasz
0d3b3bd793 Fix compact form of "synchronize" permission in setfacl(1) manual page - it
should be "s", not "S".

PR:		docs/162380
MFC after:	2 weeks
2012-09-03 17:26:20 +00:00
eadler
1ef5fe44d3 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
trasz
53df99cb04 Make it possible to use permission sets (full_set, modify_set, read_set
and write_set) with setfacl(1).

PR:		kern/154113
Submitted by:	Shawn Webb <lattera at gmail dot com> (earlier version)
MFC after:	1 month
2011-04-09 07:42:25 +00:00
jh
4c78089710 Increase carried_error if we skip a file due to an error. This ensures
that setfacl(1) exits with proper exit status on failure.

PR:		bin/149780
Submitted by:	Ævar Arnfjörð Bjarmason (original version)
Reviewed by:	trasz
MFC after:	3 weeks
2011-01-03 17:17:31 +00:00
bcr
b14508778a Typo fix: s/ommited/omitted
MFC after: 4 days
2010-07-27 17:33:02 +00:00
trasz
5508b47842 Update authors and history.
MFC after:	1 week
2010-05-13 16:46:23 +00:00
joel
8a03745eab Switch to our preferred license text.
Approved by:	jedgar
2010-03-07 07:59:05 +00:00
trasz
690bd6b428 Fix breakage introduced in last commit. 2009-12-26 11:03:10 +00:00
trasz
0d8feb4153 Improve ACL branding mismatch detection and reporting in some rare cases,
such as "setfacl -m ''".
2009-12-26 10:06:45 +00:00
trasz
365d19e2c3 Add NFSv4 support to setfacl(1).
Reviewed by:	rwatson
2009-09-07 16:19:32 +00:00
trasz
009db84f9e Fix double free in setfacl(1). Description from the author:
Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.

Submitted by:	Pedro Martelletto <pedro at ambientworks.net>
Approved by:	rwatson (mentor)
2008-09-06 13:17:35 +00:00
csjp
3b3c1f459b Add hard sentence breaks.
Pointed out by:	rwatson
MFC after:	1 week
2008-07-06 22:47:10 +00:00
csjp
05c2789f33 Document default ACLs and how to use them.
MFC after:	1 week
2008-07-06 20:29:35 +00:00
mckusick
271ce58544 Implement the -h flag (set an ACL on a symbolic link).
Before this fix the -h flag was ignored (i.e. setfacl
always set the ACL on the file pointed to by the symbolic
link even when the -h flag requested that the ACL be set
on the symbolic link itself).
2007-02-26 00:42:17 +00:00
ru
36d05684e7 Markup fixes. 2006-09-17 17:40:07 +00:00
maxim
50f099ffb3 o Fix grammar, format. 2006-06-09 17:03:24 +00:00
kib
75caa7bb1c Document the way to get list of files to process from the stdin.
MFC after:	1 week
Approved by:	kan (mentor)
2006-06-09 16:11:23 +00:00
kib
7c17e7ced2 Copy filename read from the stdin into the private buffer. Otherwise,
next read filename overwrite previous one, resulting in acl being
applied only to the last name in the list.

Submitted by:	Oleg Lomaka <oleg.lomaka at gmail com>
MFC after:	1 week
Approved by:	kan (mentor)
2006-06-09 16:09:26 +00:00
ru
e279c872b1 [mdoc] add missing space before a punctuation type argument. 2005-12-13 17:07:52 +00:00
ru
978b8f7f1d Sync program's usage() with manpage's SYNOPSIS. 2005-02-09 17:37:39 +00:00
ru
ffd9fd4c0e Add the new standard EXIT STATUS section where appropriate.
Sort standard sections in the (documented) preferred order.
2005-01-16 16:41:59 +00:00
imp
a76898b849 /*- or .\"- or #- to begin license clauses. 2005-01-10 08:39:26 +00:00
ru
d40c857e0d Mechanically kill hard sentence breaks. 2004-07-02 21:04:19 +00:00
obrien
9153ce36eb style.Makefile(5) 2004-06-13 19:22:53 +00:00
rwatson
aa16198749 Add additional documentation to setfacl(1) regarding the behavior of
tools such as chmod(1) and ls(1) when it comes to acting on objects
that have POSIX.1e extended ACLs.  Specifically, discuss the
substitution of the mask entry for the group entry in the mode
representation of the ACL.  Differently worded from the submission,
and could probably use further refinement.

PR:		55319
Submitted by:	Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
2003-08-07 14:52:17 +00:00
rwatson
3383203cdd -v no longer a valid argument to setfacl(1) -- remove from usage().
PR:		55318
Submitted by:	Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
2003-08-07 14:43:43 +00:00
rwatson
84028ec044 When reporting an error internalizing an ACL string, print out the
ACL that generated the error, rather than the function, which is
more user-friendly.

Obtained from:	TrustedBSD Project
Product of:	France
2003-07-18 16:00:26 +00:00
rwatson
635446ba11 Add "-h" arguments to getfacl and setfacl, which behave in a manner
similar to "-h" on chown, chmod, etc, causing the operation to occur
on a final symlink in the provided path, rather than its target.

Obtained from:	TrustedBSD Project
2002-12-30 15:36:29 +00:00
obrien
f6f518b207 Consistently use FBSDID 2002-06-30 05:15:05 +00:00
jedgar
8cdc9fd108 Remove extraneous blank line 2002-02-19 02:36:35 +00:00
jedgar
8df81cb659 Use acl_dup() to duplicate an ACL instead of rolling our own 2002-02-19 02:36:15 +00:00
jedgar
2547546bed Use a more correct method of copying entire ACLs (fixes
operation under Linux).
2002-02-03 02:37:43 +00:00
ru
52cba5d797 Spelling. 2001-12-04 14:20:46 +00:00
obrien
099f8ecbe9 Default to WARNS=2. Binary builds that cannot handle this must explicitly
set WARNS=0.

Reviewed by:	mike
2001-12-04 01:57:47 +00:00
jedgar
a7e3b4261a Move the code merging ACL_USER and ACL_GROUP objects from under
two nested while loops into a separate function.

Obtained from: 	TrustedBSD Project
2001-12-03 02:24:24 +00:00
jedgar
38cc4cae2f Add defines for access and default ACLs (ACCESS_ACL/DEFAULT_ACL)
to enhance readability.

Obtained from:	TrustedBSD Project
2001-12-03 01:20:52 +00:00
jedgar
30f5e7ea6e style(9) cleanups mostly consisting of:
o explicitly check return values and variables against a value
o return x; -> return (x);
o fix inconsistent sysexits usage by nuking it (partially
  suggested by bde)

Obtained from:	TrustedBSD Project
2001-12-03 00:51:36 +00:00
jedgar
e0f46659fc Correct example to remove *all* extended ACL entries and
clarify description.
2001-12-03 00:27:15 +00:00
jedgar
e95759f464 o Expand the explaination of the -b option WRT the resulting
group ACL entry in relation to the existing group and mask
  ACL entries.
o Move the explanation of multiple ACL entries on the command
  line to the ACL ENTRIES section.

Obtained from:	TrustedBSD Project
2001-12-02 18:46:33 +00:00
jedgar
c3aedf8ced o Correct error message forgotten in the last commit (malloc() -> calloc())
o Fix style nits

Submitted by:	bde
2001-12-02 18:15:53 +00:00
jedgar
f1ae0d570c Use calloc(3) instead of rolling our own. 2001-12-02 01:52:34 +00:00
ru
bde8ec1b70 mdoc(7) police: utilize the new .Ex macro. 2001-08-15 09:09:47 +00:00