diff options
Diffstat (limited to 'lib/dirchownmod.c')
-rw-r--r-- | lib/dirchownmod.c | 159 |
1 files changed, 159 insertions, 0 deletions
diff --git a/lib/dirchownmod.c b/lib/dirchownmod.c new file mode 100644 index 000000000..50e5fe117 --- /dev/null +++ b/lib/dirchownmod.c @@ -0,0 +1,159 @@ +/* Change the ownership and mode bits of a directory. + + Copyright (C) 2006 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, + Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ + +/* Written by Paul Eggert. */ + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +#include "dirchownmod.h" + +#include <errno.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> + +#include "lchmod.h" +#include "stat-macros.h" + +#ifndef O_DIRECTORY +# define O_DIRECTORY 0 +#endif +#ifndef O_NOFOLLOW +# define O_NOFOLLOW 0 +#endif + +/* Change the ownership and mode bits of the directory DIR. + + If MKDIR_MODE is not (mode_t) -1, mkdir (DIR, MKDIR_MODE) has just + been executed successfully with umask zero, so DIR should be a + directory (not a symbolic link). + + First, set the file's owner to OWNER and group to GROUP, but leave + the owner alone if OWNER is (uid_t) -1, and similarly for GROUP. + + Then, set the file's mode bits to MODE, except preserve any of the + bits that correspond to zero bits in MODE_BITS. In other words, + MODE_BITS is a mask that specifies which of the file's mode bits + should be set or cleared. MODE should be a subset of MODE_BITS, + which in turn should be a subset of CHMOD_MODE_BITS. + + This implementation assumes the current umask is zero. + + Return 0 if successful, -1 (setting errno) otherwise. Unsuccessful + calls may do the chown but not the chmod. */ + +int +dirchownmod (char const *dir, mode_t mkdir_mode, + uid_t owner, gid_t group, + mode_t mode, mode_t mode_bits) +{ + struct stat st; + int result; + + /* Manipulate DIR via a file descriptor if possible, to avoid some races. */ + int open_flags = O_RDONLY | O_DIRECTORY | O_NOCTTY | O_NOFOLLOW | O_NONBLOCK; + int fd = open (dir, open_flags); + + /* Fail if the directory is unreadable, the directory previously + existed or was created without read permission. Otherwise, get + the file's status. */ + if (0 <= fd) + result = fstat (fd, &st); + else if (errno != EACCES + || (mkdir_mode != (mode_t) -1 && mkdir_mode & S_IRUSR)) + return fd; + else + result = stat (dir, &st); + + if (result == 0) + { + mode_t dir_mode = st.st_mode; + + /* Check whether DIR is a directory. If FD is nonnegative, this + check avoids changing the ownership and mode bits of the + wrong file in many cases. This doesn't fix all the race + conditions, but it is better than nothing. */ + if (! S_ISDIR (dir_mode)) + { + errno = ENOTDIR; + result = -1; + } + else + { + /* If at least one of the S_IXUGO bits are set, chown might + clear the S_ISUID and S_SGID bits. Keep track of any + file mode bits whose values are indeterminate due to this + issue. */ + mode_t indeterminate = 0; + + /* On some systems, chown clears S_ISUID and S_ISGID, so do + chown before chmod. On older System V hosts, ordinary + users can give their files away via chown; don't worry + about that here, since users shouldn't do that. */ + + if ((owner != (uid_t) -1 && owner != st.st_uid) + || (group != (gid_t) -1 && group != st.st_gid)) + { + result = (0 <= fd + ? fchown (fd, owner, group) + : mkdir_mode != (mode_t) -1 + ? lchown (dir, owner, group) + : chown (dir, owner, group)); + + /* Either the user cares about an indeterminate bit and + it'll be set properly by chmod below, or the user + doesn't care and it's OK to use the bit's pre-chown + value. So there's no need to re-stat DIR here. */ + + if (result == 0 && (dir_mode & S_IXUGO)) + indeterminate = dir_mode & (S_ISUID | S_ISGID); + } + + /* If the file mode bits might not be right, use chmod to + change them. Don't change bits the user doesn't care + about. */ + if (result == 0 && (((dir_mode ^ mode) | indeterminate) & mode_bits)) + { + mode_t chmod_mode = + mode | (dir_mode & CHMOD_MODE_BITS & ~mode_bits); + result = (0 <= fd + ? fchmod (fd, chmod_mode) + : mkdir_mode != (mode_t) -1 + ? lchmod (dir, chmod_mode) + : chmod (dir, chmod_mode)); + } + } + } + + if (0 <= fd) + { + if (result == 0) + result = close (fd); + else + { + int e = errno; + close (fd); + errno = e; + } + } + + return result; +} |