| blob | d036d1e3eb822308ced2292d6a3214ef348b9220 |
1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2 From: Ivan Trubach <mr.trubach@icloud.com>
3 Date: Sun, 28 Jul 2024 12:00:01 +0300
4 Subject: [PATCH 16/19] Do not set property for empty ACL
6 On Linux, acl_get_file helpfully converts file mode bits to ACL if no
7 extended attribute is set. See
8 https://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/acl_get_file.c?id=d9bb1759d4dad2f28a6dcc8c1742ff75d16dd10d#n83
10 At the same time, Nix sandbox does not filter getxattr syscalls to
11 return ENOTSUP, but does filter setxattr. So we are in a intricate
12 situation where acl library thinks that EAs/ACLs are supported and
13 returns meaningful values for reads, so xar archives files with acl
14 property, but extraction fails because of the syscall filter.
16 As a workaround, we add acl_extended_file check that actually returns
17 whether the file is associated with ACLs (internally represented as
18 extended attributes).
19 ---
20 xar/configure.ac | 5 ++---
21 xar/include/config.h.in | 2 ++
22 xar/lib/stat.c | 9 +++++++++
23 3 files changed, 13 insertions(+), 3 deletions(-)
25 diff --git a/xar/configure.ac b/xar/configure.ac
26 index e466ee0..c3d9ff7 100644
27 --- a/xar/configure.ac
28 +++ b/xar/configure.ac
29 @@ -180,9 +180,8 @@ fi
30 )
31 AC_SUBST([enable_autogen])
33 -AC_TRY_COMPILE([#include <sys/types.h>
34 -#include <sys/acl.h>], [acl_t a], [AC_DEFINE([HAVE_SYS_ACL_H],[1], [define if you have sys/acl.h and it has a working acl_t type])])
35 -AC_CHECK_HEADERS(ext2fs/ext2_fs.h sys/statfs.h sys/vfs.h sys/xattr.h sys/param.h sys/extattr.h libutil.h)
36 +AC_CHECK_HEADERS(sys/acl.h acl/libacl.h ext2fs/ext2_fs.h sys/statfs.h sys/vfs.h sys/xattr.h sys/param.h sys/extattr.h libutil.h)
37 +AC_CHECK_DECLS([acl_extended_file], [], [], [[#include <acl/libacl.h>]])
38 AC_CHECK_FUNCS(lgetxattr)
39 AC_CHECK_FUNCS(lsetxattr)
40 AC_CHECK_FUNCS(getxattr)
41 diff --git a/xar/include/config.h.in b/xar/include/config.h.in
42 index 16c72d3..779f5aa 100644
43 --- a/xar/include/config.h.in
44 +++ b/xar/include/config.h.in
45 @@ -3,6 +3,7 @@
46 #undef HAVE_SYS_XATTR_H
47 #undef HAVE_SYS_EXTATTR_H
48 #undef HAVE_SYS_PARAM_H
49 +#undef HAVE_DECL_ACL_EXTENDED_FILE
50 #undef HAVE_LGETXATTR
51 #undef HAVE_LSETXATTR
52 #undef HAVE_GETXATTR
53 @@ -12,6 +13,7 @@
54 #undef HAVE_CHFLAGS
55 #undef HAVE_STATVFS
56 #undef HAVE_STATFS
57 +#undef HAVE_ACL_LIBACL_H
58 #undef HAVE_EXT2FS_EXT2_FS_H
59 #undef HAVE_STRUCT_STAT_ST_FLAGS
60 #undef HAVE_STRUCT_STATVFS_F_FSTYPENAME
61 diff --git a/xar/lib/stat.c b/xar/lib/stat.c
62 index b0cce7c..81771dc 100644
63 --- a/xar/lib/stat.c
64 +++ b/xar/lib/stat.c
65 @@ -66,6 +66,9 @@
66 #ifdef HAVE_SYS_ACL_H
67 #include <sys/acl.h>
68 #endif
69 +#ifdef HAVE_ACL_LIBACL_H
70 +#include <acl/libacl.h>
71 +#endif
72 #include "xar.h"
73 #include "arcmod.h"
74 #include "archive.h"
75 @@ -131,6 +134,12 @@ static int32_t aacls(xar_t x, xar_file_t f, const char *file) {
76 if( !xar_check_prop(x, "acl") )
77 return 0;
79 +#ifdef HAVE_DECL_ACL_EXTENDED_FILE
80 + /* Do nothing if the file is not associated with ACL. */
81 + if( !acl_extended_file(file) )
82 + return 0;
83 +#endif
84 +
85 a = acl_get_file(file, ACL_TYPE_DEFAULT);
86 if( a ) {
87 char *t;
88 --
89 2.44.1