diff options
| author | Anton Ageev <antage@gmail.com> | 2013-07-22 02:06:00 +0400 |
|---|---|---|
| committer | Anton Ageev <antage@gmail.com> | 2013-07-22 02:06:00 +0400 |
| commit | 5c1d9492bfd5290865fad000de0b63cbab243896 (patch) | |
| tree | 513fe7f23d7cb750b57d2c346f271e7c9011635c | |
| parent | cd92d03e5895c1ae93b051be7ba65fd1960a945c (diff) | |
| download | bindfs-5c1d9492bfd5290865fad000de0b63cbab243896.tar.gz | |
Alter chmod permissions when using --chmod-perms
| -rw-r--r-- | src/bindfs.c | 14 | ||||
| -rwxr-xr-x | tests/test_bindfs.rb | 8 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/bindfs.c b/src/bindfs.c index fe366c8..af92997 100644 --- a/src/bindfs.c +++ b/src/bindfs.c @@ -114,6 +114,8 @@ static struct Settings { int chmod_allow_x; + struct permchain *chmod_permchain; /* the --chmod-perms option */ + enum XAttrPolicy { XATTR_UNIMPLEMENTED, XATTR_READ_ONLY, @@ -595,6 +597,7 @@ static int bindfs_chmod(const char *path, mode_t mode) switch (settings.chmod_policy) { case CHMOD_NORMAL: + mode = permchain_apply(settings.chmod_permchain, mode); if (chmod(path, mode) == -1) return -errno; return 0; @@ -965,6 +968,7 @@ static void print_usage(const char *progname) " --chmod-ignore Have all chmods fail silently.\n" " --chmod-deny Have all chmods fail with 'permission denied'.\n" " --chmod-allow-x Allow changing file execute bits in any case.\n" + " --chmod-perms Alter permissions when to chmod the original file.\n" "\n" "Extended attribute policy:\n" " --xattr-none Do not implement xattr operations.\n" @@ -1009,6 +1013,7 @@ enum OptionKey { OPTKEY_CHMOD_IGNORE, OPTKEY_CHMOD_DENY, OPTKEY_CHMOD_ALLOW_X, + OPTKEY_CHMOD_PERMS, OPTKEY_XATTR_NONE, OPTKEY_XATTR_READ_ONLY, OPTKEY_XATTR_READ_WRITE, @@ -1336,6 +1341,7 @@ int main(int argc, char *argv[]) char *create_for_user; char *create_for_group; char *create_with_perms; + char *chmod_perms; int no_allow_other; int multithreaded; } od; @@ -1384,6 +1390,7 @@ int main(int argc, char *argv[]) OPT2("--chmod-ignore", "chmod-ignore", OPTKEY_CHMOD_IGNORE), OPT2("--chmod-deny", "chmod-deny", OPTKEY_CHMOD_DENY), OPT2("--chmod-allow-x", "chmod-allow-x", OPTKEY_CHMOD_ALLOW_X), + OPT_OFFSET2("--chmod-perms=%s", "chmod-perms=%s", chmod_perms, -1), OPT2("--xattr-none", "xattr-none", OPTKEY_XATTR_NONE), OPT2("--xattr-ro", "xattr-ro", OPTKEY_XATTR_READ_ONLY), @@ -1418,6 +1425,7 @@ int main(int argc, char *argv[]) settings.chgrp_policy = CHGRP_NORMAL; settings.chmod_policy = CHMOD_NORMAL; settings.chmod_allow_x = 0; + settings.chmod_permchain = permchain_create(); settings.xattr_policy = XATTR_READ_WRITE; settings.mirrored_users_only = 0; settings.mirrored_users = NULL; @@ -1531,6 +1539,12 @@ int main(int argc, char *argv[]) return 1; } } + if (od.chmod_perms) { + if (add_chmod_rules_to_permchain(od.chmod_perms, settings.chmod_permchain) != 0) { + fprintf(stderr, "Invalid permission specification: '%s'\n", od.chmod_perms); + return 1; + } + } /* Single-threaded mode by default */ diff --git a/tests/test_bindfs.rb b/tests/test_bindfs.rb index a78345b..26c7b20 100755 --- a/tests/test_bindfs.rb +++ b/tests/test_bindfs.rb @@ -258,6 +258,14 @@ testenv("--chmod-deny --chmod-allow-x") do assert_exception(EPERM) { chmod(0700, 'mnt/dir') } # chmod on dir should not work end +testenv("--chmod-perms=g-w,o-rwx") do + touch('src/file') + + chmod(0666, 'mnt/file') + + assert { File.stat('src/file').mode & 0777 == 0640 } +end + root_testenv("--map=nobody/root:@nogroup/@root") do touch('src/file') chown('nobody', 'nogroup', 'src/file') |