2014-04-27 12:17:09 +00:00
|
|
|
import os
|
2024-03-09 17:28:41 +00:00
|
|
|
import stat
|
2016-05-30 22:33:13 +00:00
|
|
|
|
2024-02-24 22:15:42 +00:00
|
|
|
from libc cimport errno
|
|
|
|
|
|
2018-11-10 20:43:45 +00:00
|
|
|
from .posix import posix_acl_use_stored_uid_gid
|
2016-05-31 00:35:54 +00:00
|
|
|
from ..helpers import safe_encode, safe_decode
|
2018-06-21 21:53:47 +00:00
|
|
|
from .xattr import _listxattr_inner, _getxattr_inner, _setxattr_inner, split_lstring
|
2014-04-27 12:17:09 +00:00
|
|
|
|
2019-03-18 20:51:02 +00:00
|
|
|
API_VERSION = '1.2_05'
|
2014-04-27 12:17:09 +00:00
|
|
|
|
2018-06-21 21:53:47 +00:00
|
|
|
cdef extern from "sys/extattr.h":
|
|
|
|
|
ssize_t c_extattr_list_file "extattr_list_file" (const char *path, int attrnamespace, void *data, size_t nbytes)
|
|
|
|
|
ssize_t c_extattr_list_link "extattr_list_link" (const char *path, int attrnamespace, void *data, size_t nbytes)
|
|
|
|
|
ssize_t c_extattr_list_fd "extattr_list_fd" (int fd, int attrnamespace, void *data, size_t nbytes)
|
|
|
|
|
|
|
|
|
|
ssize_t c_extattr_get_file "extattr_get_file" (const char *path, int attrnamespace, const char *attrname, void *data, size_t nbytes)
|
|
|
|
|
ssize_t c_extattr_get_link "extattr_get_link" (const char *path, int attrnamespace, const char *attrname, void *data, size_t nbytes)
|
|
|
|
|
ssize_t c_extattr_get_fd "extattr_get_fd" (int fd, int attrnamespace, const char *attrname, void *data, size_t nbytes)
|
|
|
|
|
|
|
|
|
|
int c_extattr_set_file "extattr_set_file" (const char *path, int attrnamespace, const char *attrname, const void *data, size_t nbytes)
|
|
|
|
|
int c_extattr_set_link "extattr_set_link" (const char *path, int attrnamespace, const char *attrname, const void *data, size_t nbytes)
|
|
|
|
|
int c_extattr_set_fd "extattr_set_fd" (int fd, int attrnamespace, const char *attrname, const void *data, size_t nbytes)
|
|
|
|
|
|
|
|
|
|
int EXTATTR_NAMESPACE_USER
|
|
|
|
|
|
2014-04-27 12:17:09 +00:00
|
|
|
cdef extern from "sys/types.h":
|
|
|
|
|
int ACL_TYPE_ACCESS
|
|
|
|
|
int ACL_TYPE_DEFAULT
|
|
|
|
|
int ACL_TYPE_NFS4
|
|
|
|
|
|
|
|
|
|
cdef extern from "sys/acl.h":
|
|
|
|
|
ctypedef struct _acl_t:
|
|
|
|
|
pass
|
|
|
|
|
ctypedef _acl_t *acl_t
|
|
|
|
|
|
|
|
|
|
int acl_free(void *obj)
|
|
|
|
|
acl_t acl_get_link_np(const char *path, int type)
|
2018-07-05 23:33:32 +00:00
|
|
|
acl_t acl_get_fd_np(int fd, int type)
|
2018-07-05 20:56:54 +00:00
|
|
|
int acl_set_link_np(const char *path, int type, acl_t acl)
|
2018-07-05 23:33:32 +00:00
|
|
|
int acl_set_fd_np(int fd, acl_t acl, int type)
|
2014-04-27 12:17:09 +00:00
|
|
|
acl_t acl_from_text(const char *buf)
|
|
|
|
|
char *acl_to_text_np(acl_t acl, ssize_t *len, int flags)
|
|
|
|
|
int ACL_TEXT_NUMERIC_IDS
|
|
|
|
|
int ACL_TEXT_APPEND_ID
|
2024-03-02 19:58:19 +00:00
|
|
|
int acl_extended_link_np(const char * path) # check also: acl_is_trivial_np
|
2014-04-27 12:17:09 +00:00
|
|
|
|
|
|
|
|
cdef extern from "unistd.h":
|
|
|
|
|
long lpathconf(const char *path, int name)
|
|
|
|
|
int _PC_ACL_NFS4
|
|
|
|
|
|
|
|
|
|
|
2023-03-11 19:58:57 +00:00
|
|
|
# On FreeBSD, borg currently only deals with the USER namespace as it is unclear
|
|
|
|
|
# whether (and if so, how exactly) it should deal with the SYSTEM namespace.
|
|
|
|
|
NS_ID_MAP = {b"user": EXTATTR_NAMESPACE_USER, }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def split_ns(ns_name, default_ns):
|
|
|
|
|
# split ns_name (which is in the form of b"namespace.name") into namespace and name.
|
|
|
|
|
# if there is no namespace given in ns_name, default to default_ns.
|
|
|
|
|
# note:
|
|
|
|
|
# borg < 1.1.10 on FreeBSD did not prefix the namespace to the names, see #3952.
|
|
|
|
|
# we also need to deal with "unexpected" namespaces here, they could come
|
|
|
|
|
# from borg archives made on other operating systems.
|
|
|
|
|
ns_name_tuple = ns_name.split(b".", 1)
|
|
|
|
|
if len(ns_name_tuple) == 2:
|
|
|
|
|
# we have a namespace prefix in the given name
|
|
|
|
|
ns, name = ns_name_tuple
|
|
|
|
|
else:
|
|
|
|
|
# no namespace given in ns_name (== no dot found), maybe data coming from an old borg archive.
|
|
|
|
|
ns, name = default_ns, ns_name
|
|
|
|
|
return ns, name
|
|
|
|
|
|
2019-03-18 19:50:22 +00:00
|
|
|
|
2023-03-11 19:58:57 +00:00
|
|
|
def listxattr(path, *, follow_symlinks=False):
|
2018-06-21 21:53:47 +00:00
|
|
|
def func(path, buf, size):
|
|
|
|
|
if isinstance(path, int):
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_list_fd(path, ns_id, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
|
|
|
|
if follow_symlinks:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_list_file(path, ns_id, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_list_link(path, ns_id, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
|
2023-03-11 19:58:57 +00:00
|
|
|
ns = b"user"
|
|
|
|
|
ns_id = NS_ID_MAP[ns]
|
2018-06-21 21:53:47 +00:00
|
|
|
n, buf = _listxattr_inner(func, path)
|
2023-03-11 19:58:57 +00:00
|
|
|
return [ns + b"." + name for name in split_lstring(buf[:n]) if name]
|
2018-06-21 21:53:47 +00:00
|
|
|
|
|
|
|
|
|
2018-07-08 12:37:04 +00:00
|
|
|
def getxattr(path, name, *, follow_symlinks=False):
|
2018-06-21 21:53:47 +00:00
|
|
|
def func(path, name, buf, size):
|
|
|
|
|
if isinstance(path, int):
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_get_fd(path, ns_id, name, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
|
|
|
|
if follow_symlinks:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_get_file(path, ns_id, name, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_get_link(path, ns_id, name, <char *> buf, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
|
2023-03-11 19:58:57 +00:00
|
|
|
ns, name = split_ns(name, b"user")
|
|
|
|
|
ns_id = NS_ID_MAP[ns] # this will raise a KeyError it the namespace is unsupported
|
2018-06-21 21:53:47 +00:00
|
|
|
n, buf = _getxattr_inner(func, path, name)
|
2018-07-04 16:06:38 +00:00
|
|
|
return bytes(buf[:n])
|
2018-06-21 21:53:47 +00:00
|
|
|
|
|
|
|
|
|
2018-07-08 12:37:04 +00:00
|
|
|
def setxattr(path, name, value, *, follow_symlinks=False):
|
2018-06-21 21:53:47 +00:00
|
|
|
def func(path, name, value, size):
|
|
|
|
|
if isinstance(path, int):
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_set_fd(path, ns_id, name, <char *> value, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
|
|
|
|
if follow_symlinks:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_set_file(path, ns_id, name, <char *> value, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
else:
|
2023-03-11 19:58:57 +00:00
|
|
|
return c_extattr_set_link(path, ns_id, name, <char *> value, size)
|
2018-06-21 21:53:47 +00:00
|
|
|
|
2023-03-11 19:58:57 +00:00
|
|
|
ns, name = split_ns(name, b"user")
|
|
|
|
|
try:
|
|
|
|
|
ns_id = NS_ID_MAP[ns] # this will raise a KeyError it the namespace is unsupported
|
|
|
|
|
except KeyError:
|
|
|
|
|
pass
|
|
|
|
|
else:
|
|
|
|
|
_setxattr_inner(func, path, name, value)
|
2018-06-21 21:53:47 +00:00
|
|
|
|
|
|
|
|
|
2018-07-05 23:33:32 +00:00
|
|
|
cdef _get_acl(p, type, item, attribute, flags, fd=None):
|
2024-02-26 19:07:10 +00:00
|
|
|
cdef acl_t acl
|
|
|
|
|
cdef char *text
|
|
|
|
|
if fd is not None:
|
|
|
|
|
acl = acl_get_fd_np(fd, type)
|
2024-02-24 22:15:42 +00:00
|
|
|
else:
|
2024-02-26 19:07:10 +00:00
|
|
|
acl = acl_get_link_np(p, type)
|
|
|
|
|
if acl == NULL:
|
2024-02-24 22:15:42 +00:00
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(p))
|
2024-02-26 19:07:10 +00:00
|
|
|
text = acl_to_text_np(acl, NULL, flags)
|
|
|
|
|
if text == NULL:
|
|
|
|
|
acl_free(acl)
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(p))
|
|
|
|
|
item[attribute] = text
|
|
|
|
|
acl_free(text)
|
|
|
|
|
acl_free(acl)
|
2014-04-27 12:17:09 +00:00
|
|
|
|
2021-04-16 13:02:16 +00:00
|
|
|
def acl_get(path, item, st, numeric_ids=False, fd=None):
|
2014-04-27 12:17:09 +00:00
|
|
|
"""Saves ACL Entries
|
|
|
|
|
|
2021-04-16 13:02:16 +00:00
|
|
|
If `numeric_ids` is True the user/group field is not preserved only uid/gid
|
2014-04-27 12:17:09 +00:00
|
|
|
"""
|
|
|
|
|
cdef int flags = ACL_TEXT_APPEND_ID
|
2024-03-02 20:17:45 +00:00
|
|
|
flags |= ACL_TEXT_NUMERIC_IDS if numeric_ids else 0
|
2018-07-05 20:05:15 +00:00
|
|
|
if isinstance(path, str):
|
|
|
|
|
path = os.fsencode(path)
|
2024-03-02 19:58:19 +00:00
|
|
|
ret = acl_extended_link_np(path)
|
|
|
|
|
if ret < 0:
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(path))
|
|
|
|
|
if ret == 0:
|
|
|
|
|
# there is no ACL defining permissions other than those defined by the traditional file permission bits.
|
|
|
|
|
return
|
2018-07-05 20:05:15 +00:00
|
|
|
ret = lpathconf(path, _PC_ACL_NFS4)
|
2024-03-02 20:17:45 +00:00
|
|
|
if ret < 0:
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(path))
|
|
|
|
|
nfs4_acl = ret == 1
|
|
|
|
|
if nfs4_acl:
|
2018-07-05 23:33:32 +00:00
|
|
|
_get_acl(path, ACL_TYPE_NFS4, item, 'acl_nfs4', flags, fd=fd)
|
2014-04-27 12:17:09 +00:00
|
|
|
else:
|
2018-07-05 23:33:32 +00:00
|
|
|
_get_acl(path, ACL_TYPE_ACCESS, item, 'acl_access', flags, fd=fd)
|
2024-03-09 17:28:41 +00:00
|
|
|
if stat.S_ISDIR(st.st_mode):
|
|
|
|
|
_get_acl(path, ACL_TYPE_DEFAULT, item, 'acl_default', flags, fd=fd)
|
2014-04-27 12:17:09 +00:00
|
|
|
|
|
|
|
|
|
2022-09-14 11:09:43 +00:00
|
|
|
cdef _set_acl(path, type, item, attribute, numeric_ids=False, fd=None):
|
|
|
|
|
cdef acl_t acl = NULL
|
2014-04-27 12:17:09 +00:00
|
|
|
text = item.get(attribute)
|
2022-09-14 11:09:43 +00:00
|
|
|
if text is not None:
|
2021-04-16 13:02:16 +00:00
|
|
|
if numeric_ids and type == ACL_TYPE_NFS4:
|
2014-04-27 12:17:09 +00:00
|
|
|
text = _nfs4_use_stored_uid_gid(text)
|
2022-09-14 11:09:43 +00:00
|
|
|
elif numeric_ids and type in (ACL_TYPE_ACCESS, ACL_TYPE_DEFAULT):
|
2014-04-27 12:17:09 +00:00
|
|
|
text = posix_acl_use_stored_uid_gid(text)
|
2024-02-24 22:15:42 +00:00
|
|
|
acl = acl_from_text(<bytes>text)
|
2024-02-26 19:07:10 +00:00
|
|
|
if acl == NULL:
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(path))
|
|
|
|
|
try:
|
|
|
|
|
if fd is not None:
|
|
|
|
|
if acl_set_fd_np(fd, acl, type) == -1:
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(path))
|
|
|
|
|
else:
|
|
|
|
|
if acl_set_link_np(path, type, acl) == -1:
|
|
|
|
|
raise OSError(errno.errno, os.strerror(errno.errno), os.fsdecode(path))
|
|
|
|
|
finally:
|
|
|
|
|
acl_free(acl)
|
2014-04-27 12:17:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
cdef _nfs4_use_stored_uid_gid(acl):
|
|
|
|
|
"""Replace the user/group field with the stored uid/gid
|
|
|
|
|
"""
|
2022-09-14 11:09:43 +00:00
|
|
|
assert isinstance(acl, bytes)
|
2014-04-27 12:17:09 +00:00
|
|
|
entries = []
|
2015-10-18 23:43:46 +00:00
|
|
|
for entry in safe_decode(acl).split('\n'):
|
2014-04-27 12:17:09 +00:00
|
|
|
if entry:
|
|
|
|
|
if entry.startswith('user:') or entry.startswith('group:'):
|
|
|
|
|
fields = entry.split(':')
|
|
|
|
|
entries.append(':'.join(fields[0], fields[5], *fields[2:-1]))
|
|
|
|
|
else:
|
|
|
|
|
entries.append(entry)
|
2015-10-18 23:43:46 +00:00
|
|
|
return safe_encode('\n'.join(entries))
|
2014-04-27 12:17:09 +00:00
|
|
|
|
|
|
|
|
|
2021-04-16 13:02:16 +00:00
|
|
|
def acl_set(path, item, numeric_ids=False, fd=None):
|
2014-04-27 12:17:09 +00:00
|
|
|
"""Restore ACL Entries
|
|
|
|
|
|
2021-04-16 13:02:16 +00:00
|
|
|
If `numeric_ids` is True the stored uid/gid is used instead
|
2014-04-27 12:17:09 +00:00
|
|
|
of the user/group names
|
|
|
|
|
"""
|
2018-07-05 20:05:15 +00:00
|
|
|
if isinstance(path, str):
|
|
|
|
|
path = os.fsencode(path)
|
2021-04-16 13:02:16 +00:00
|
|
|
_set_acl(path, ACL_TYPE_NFS4, item, 'acl_nfs4', numeric_ids, fd=fd)
|
|
|
|
|
_set_acl(path, ACL_TYPE_ACCESS, item, 'acl_access', numeric_ids, fd=fd)
|
|
|
|
|
_set_acl(path, ACL_TYPE_DEFAULT, item, 'acl_default', numeric_ids, fd=fd)
|
