51 Commits

Author SHA1 Message Date
trasz
53df99cb04 Make it possible to use permission sets (full_set, modify_set, read_set
and write_set) with setfacl(1).

PR:		kern/154113
Submitted by:	Shawn Webb <lattera at gmail dot com> (earlier version)
MFC after:	1 month
2011-04-09 07:42:25 +00:00
jh
4c78089710 Increase carried_error if we skip a file due to an error. This ensures
that setfacl(1) exits with proper exit status on failure.

PR:		bin/149780
Submitted by:	Ævar Arnfjörð Bjarmason (original version)
Reviewed by:	trasz
MFC after:	3 weeks
2011-01-03 17:17:31 +00:00
bcr
b14508778a Typo fix: s/ommited/omitted
MFC after: 4 days
2010-07-27 17:33:02 +00:00
trasz
5508b47842 Update authors and history.
MFC after:	1 week
2010-05-13 16:46:23 +00:00
joel
8a03745eab Switch to our preferred license text.
Approved by:	jedgar
2010-03-07 07:59:05 +00:00
trasz
690bd6b428 Fix breakage introduced in last commit. 2009-12-26 11:03:10 +00:00
trasz
0d8feb4153 Improve ACL branding mismatch detection and reporting in some rare cases,
such as "setfacl -m ''".
2009-12-26 10:06:45 +00:00
trasz
365d19e2c3 Add NFSv4 support to setfacl(1).
Reviewed by:	rwatson
2009-09-07 16:19:32 +00:00
trasz
009db84f9e Fix double free in setfacl(1). Description from the author:
Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.

Submitted by:	Pedro Martelletto <pedro at ambientworks.net>
Approved by:	rwatson (mentor)
2008-09-06 13:17:35 +00:00
csjp
3b3c1f459b Add hard sentence breaks.
Pointed out by:	rwatson
MFC after:	1 week
2008-07-06 22:47:10 +00:00
csjp
05c2789f33 Document default ACLs and how to use them.
MFC after:	1 week
2008-07-06 20:29:35 +00:00
mckusick
271ce58544 Implement the -h flag (set an ACL on a symbolic link).
Before this fix the -h flag was ignored (i.e. setfacl
always set the ACL on the file pointed to by the symbolic
link even when the -h flag requested that the ACL be set
on the symbolic link itself).
2007-02-26 00:42:17 +00:00
ru
36d05684e7 Markup fixes. 2006-09-17 17:40:07 +00:00
maxim
50f099ffb3 o Fix grammar, format. 2006-06-09 17:03:24 +00:00
kib
75caa7bb1c Document the way to get list of files to process from the stdin.
MFC after:	1 week
Approved by:	kan (mentor)
2006-06-09 16:11:23 +00:00
kib
7c17e7ced2 Copy filename read from the stdin into the private buffer. Otherwise,
next read filename overwrite previous one, resulting in acl being
applied only to the last name in the list.

Submitted by:	Oleg Lomaka <oleg.lomaka at gmail com>
MFC after:	1 week
Approved by:	kan (mentor)
2006-06-09 16:09:26 +00:00
ru
e279c872b1 [mdoc] add missing space before a punctuation type argument. 2005-12-13 17:07:52 +00:00
ru
978b8f7f1d Sync program's usage() with manpage's SYNOPSIS. 2005-02-09 17:37:39 +00:00
ru
ffd9fd4c0e Add the new standard EXIT STATUS section where appropriate.
Sort standard sections in the (documented) preferred order.
2005-01-16 16:41:59 +00:00
imp
a76898b849 /*- or .\"- or #- to begin license clauses. 2005-01-10 08:39:26 +00:00
ru
d40c857e0d Mechanically kill hard sentence breaks. 2004-07-02 21:04:19 +00:00
obrien
9153ce36eb style.Makefile(5) 2004-06-13 19:22:53 +00:00
rwatson
aa16198749 Add additional documentation to setfacl(1) regarding the behavior of
tools such as chmod(1) and ls(1) when it comes to acting on objects
that have POSIX.1e extended ACLs.  Specifically, discuss the
substitution of the mask entry for the group entry in the mode
representation of the ACL.  Differently worded from the submission,
and could probably use further refinement.

PR:		55319
Submitted by:	Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
2003-08-07 14:52:17 +00:00
rwatson
3383203cdd -v no longer a valid argument to setfacl(1) -- remove from usage().
PR:		55318
Submitted by:	Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
2003-08-07 14:43:43 +00:00
rwatson
84028ec044 When reporting an error internalizing an ACL string, print out the
ACL that generated the error, rather than the function, which is
more user-friendly.

Obtained from:	TrustedBSD Project
Product of:	France
2003-07-18 16:00:26 +00:00
rwatson
635446ba11 Add "-h" arguments to getfacl and setfacl, which behave in a manner
similar to "-h" on chown, chmod, etc, causing the operation to occur
on a final symlink in the provided path, rather than its target.

Obtained from:	TrustedBSD Project
2002-12-30 15:36:29 +00:00
obrien
f6f518b207 Consistently use FBSDID 2002-06-30 05:15:05 +00:00
jedgar
8cdc9fd108 Remove extraneous blank line 2002-02-19 02:36:35 +00:00
jedgar
8df81cb659 Use acl_dup() to duplicate an ACL instead of rolling our own 2002-02-19 02:36:15 +00:00
jedgar
2547546bed Use a more correct method of copying entire ACLs (fixes
operation under Linux).
2002-02-03 02:37:43 +00:00
ru
52cba5d797 Spelling. 2001-12-04 14:20:46 +00:00
obrien
099f8ecbe9 Default to WARNS=2. Binary builds that cannot handle this must explicitly
set WARNS=0.

Reviewed by:	mike
2001-12-04 01:57:47 +00:00
jedgar
a7e3b4261a Move the code merging ACL_USER and ACL_GROUP objects from under
two nested while loops into a separate function.

Obtained from: 	TrustedBSD Project
2001-12-03 02:24:24 +00:00
jedgar
38cc4cae2f Add defines for access and default ACLs (ACCESS_ACL/DEFAULT_ACL)
to enhance readability.

Obtained from:	TrustedBSD Project
2001-12-03 01:20:52 +00:00
jedgar
30f5e7ea6e style(9) cleanups mostly consisting of:
o explicitly check return values and variables against a value
o return x; -> return (x);
o fix inconsistent sysexits usage by nuking it (partially
  suggested by bde)

Obtained from:	TrustedBSD Project
2001-12-03 00:51:36 +00:00
jedgar
e0f46659fc Correct example to remove *all* extended ACL entries and
clarify description.
2001-12-03 00:27:15 +00:00
jedgar
e95759f464 o Expand the explaination of the -b option WRT the resulting
group ACL entry in relation to the existing group and mask
  ACL entries.
o Move the explanation of multiple ACL entries on the command
  line to the ACL ENTRIES section.

Obtained from:	TrustedBSD Project
2001-12-02 18:46:33 +00:00
jedgar
c3aedf8ced o Correct error message forgotten in the last commit (malloc() -> calloc())
o Fix style nits

Submitted by:	bde
2001-12-02 18:15:53 +00:00
jedgar
f1ae0d570c Use calloc(3) instead of rolling our own. 2001-12-02 01:52:34 +00:00
ru
bde8ec1b70 mdoc(7) police: utilize the new .Ex macro. 2001-08-15 09:09:47 +00:00
dd
d705df8034 WARNS= -> WARNS?=
Submitted by:	Mike Barcroft <mike@q9media.com>
2001-06-22 21:38:30 +00:00
kris
fe984982f4 Silence WARNS=2 and BDECFLAGS on alpha and i386
MFC After:	1 week
2001-05-20 05:13:21 +00:00
jedgar
28ac96c49a Correct assignment of the resulting ACL allowing the mask entry to
be properly set.

Obtained from:	TrustedBSD Project
2001-05-03 03:17:44 +00:00
jedgar
2da23531d9 o Separate acl_t into internal and external representations as
required by POSIX.1e.  This maintains the current 'struct acl'
  in the kernel while providing the generic external acl_t
  interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
  fully make use of the ACL editing library.

Obtained from:	TrustedBSD Project
2001-04-24 22:45:41 +00:00
ru
2d1b95a96f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
tmm
0bc8c703ad setfacl and getfacl no longer need to link against libposix1e, since it
has been integrated into libc.

Approved by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-04 18:20:08 +00:00
ru
d3cb884455 mdoc(7) police: fix markup and some spelling. 2001-03-23 08:14:27 +00:00
jedgar
704765dafb Remove extra CFLAGS
Add DPADD

Submitted by:	bde
2001-03-20 02:55:43 +00:00
jedgar
8b5320d4a5 Remove 'NOSHARED=yes' (../Makefile.inc already sets this) 2001-03-19 21:18:48 +00:00
rwatson
5070a55a81 o Missed in addition of setfacl.h in setfacl(1) 2001-03-19 18:59:36 +00:00