search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kernel: some boottime sanitychecks
[minix.git] / usr.bin / xinstall / xinstall.c
blobaae49e26688c06c4f0f389534c2ef8bf3561fbec
1 /* $NetBSD: xinstall.c,v 1.115 2011/09/06 18:50:32 joerg Exp $ */
2
3 /*
4 * Copyright (c) 1987, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #if HAVE_NBTOOL_CONFIG_H
33 #include "nbtool_config.h"
34 #else
35 #define HAVE_FUTIMES 1
36 #define HAVE_STRUCT_STAT_ST_FLAGS 1
37 #endif
38
39 #include <sys/cdefs.h>
40 #if defined(__COPYRIGHT) && !defined(lint)
41 __COPYRIGHT("@(#) Copyright (c) 1987, 1993\
42 The Regents of the University of California. All rights reserved.");
43 #endif /* not lint */
44
45 #if defined(__RCSID) && !defined(lint)
46 #if 0
47 static char sccsid[] = "@(#)xinstall.c 8.1 (Berkeley) 7/21/93";
48 #else
49 __RCSID("$NetBSD: xinstall.c,v 1.115 2011/09/06 18:50:32 joerg Exp $");
50 #endif
51 #endif /* not lint */
52
53 #define __MKTEMP_OK__ /* All uses of mktemp have been checked */
54 #include <sys/param.h>
55 #include <sys/mman.h>
56 #include <sys/stat.h>
57 #include <sys/wait.h>
58 #include <sys/time.h>
59
60 #include <ctype.h>
61 #include <err.h>
62 #include <errno.h>
63 #include <fcntl.h>
64 #include <grp.h>
65 #include <libgen.h>
66 #include <paths.h>
67 #include <pwd.h>
68 #include <stdio.h>
69 #include <stdlib.h>
70 #include <string.h>
71 #include <unistd.h>
72 #include <util.h>
73 #include <vis.h>
74
75 #include <md5.h>
76 #include <rmd160.h>
77 #include <sha1.h>
78 #include <sha2.h>
79
80 #include "pathnames.h"
81 #include "mtree.h"
82
83 #define STRIP_ARGS_MAX 32
84 #define BACKUP_SUFFIX ".old"
85
86 static int dobackup, dodir, dostrip, dolink, dopreserve, dorename, dounpriv;
87 static int haveopt_f, haveopt_g, haveopt_m, haveopt_o;
88 static int numberedbackup;
89 static int mode = S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH;
90 static char pathbuf[MAXPATHLEN];
91 static uid_t uid = -1;
92 static gid_t gid = -1;
93 static char *group, *owner, *fflags, *tags;
94 static FILE *metafp;
95 static char *metafile;
96 static u_long fileflags;
97 static char *stripArgs;
98 static char *afterinstallcmd;
99 static const char *suffix = BACKUP_SUFFIX;
100 static char *destdir;
101
102 enum {
103 DIGEST_NONE = 0,
104 DIGEST_MD5,
105 DIGEST_RMD160,
106 DIGEST_SHA1,
107 DIGEST_SHA256,
108 DIGEST_SHA384,
109 DIGEST_SHA512,
110 } digesttype = DIGEST_NONE;
111
112 static char *digest;
113
114 #define LN_ABSOLUTE 0x01
115 #define LN_RELATIVE 0x02
116 #define LN_HARD 0x04
117 #define LN_SYMBOLIC 0x08
118 #define LN_MIXED 0x10
119
120 #define DIRECTORY 0x01 /* Tell install it's a directory. */
121 #define SETFLAGS 0x02 /* Tell install to set flags. */
122 #define HASUID 0x04 /* Tell install the uid was given */
123 #define HASGID 0x08 /* Tell install the gid was given */
124
125 static void afterinstall(const char *, const char *, int);
126 static void backup(const char *);
127 static char *copy(int, char *, int, char *, off_t);
128 static int do_link(char *, char *);
129 static void do_symlink(char *, char *);
130 static void install(char *, char *, u_int);
131 static void install_dir(char *, u_int);
132 static void makelink(char *, char *);
133 static void metadata_log(const char *, const char *, struct timeval *,
134 const char *, const char *, off_t);
135 static int parseid(char *, id_t *);
136 static void strip(char *);
137 __dead static void usage(void);
138 static char *xbasename(char *);
139 static char *xdirname(char *);
140
141 int
142 main(int argc, char *argv[])
143 {
144 struct stat from_sb, to_sb;
145 void *set;
146 u_int iflags;
147 int ch, no_target;
148 char *p, *to_name;
149
150 setprogname(argv[0]);
151
152 iflags = 0;
153 while ((ch = getopt(argc, argv, "a:cbB:dD:f:g:h:l:m:M:N:o:prsS:T:U"))
154 != -1)
155 switch((char)ch) {
156 case 'a':
157 afterinstallcmd = strdup(optarg);
158 if (afterinstallcmd == NULL)
159 errx(1, "%s", strerror(ENOMEM));
160 break;
161 case 'B':
162 suffix = optarg;
163 numberedbackup = 0;
164 {
165 /* Check if given suffix really generates
166 different suffixes - catch e.g. ".%" */
167 char suffix_expanded0[FILENAME_MAX],
168 suffix_expanded1[FILENAME_MAX];
169 (void)snprintf(suffix_expanded0, FILENAME_MAX,
170 suffix, 0);
171 (void)snprintf(suffix_expanded1, FILENAME_MAX,
172 suffix, 1);
173 if (strcmp(suffix_expanded0, suffix_expanded1)
174 != 0)
175 numberedbackup = 1;
176 }
177 /* fall through; -B implies -b */
178 /*FALLTHROUGH*/
179 case 'b':
180 dobackup = 1;
181 break;
182 case 'c':
183 /* ignored; was "docopy" which is now the default. */
184 break;
185 case 'd':
186 dodir = 1;
187 break;
188 case 'D':
189 destdir = optarg;
190 break;
191 #if ! HAVE_NBTOOL_CONFIG_H
192 case 'f':
193 haveopt_f = 1;
194 fflags = optarg;
195 break;
196 #endif
197 case 'g':
198 haveopt_g = 1;
199 group = optarg;
200 break;
201 case 'h':
202 digest = optarg;
203 break;
204 case 'l':
205 for (p = optarg; *p; p++)
206 switch (*p) {
207 case 's':
208 dolink &= ~(LN_HARD|LN_MIXED);
209 dolink |= LN_SYMBOLIC;
210 break;
211 case 'h':
212 dolink &= ~(LN_SYMBOLIC|LN_MIXED);
213 dolink |= LN_HARD;
214 break;
215 case 'm':
216 dolink &= ~(LN_SYMBOLIC|LN_HARD);
217 dolink |= LN_MIXED;
218 break;
219 case 'a':
220 dolink &= ~LN_RELATIVE;
221 dolink |= LN_ABSOLUTE;
222 break;
223 case 'r':
224 dolink &= ~LN_ABSOLUTE;
225 dolink |= LN_RELATIVE;
226 break;
227 default:
228 errx(1, "%c: invalid link type", *p);
229 /* NOTREACHED */
230 }
231 break;
232 case 'm':
233 haveopt_m = 1;
234 if (!(set = setmode(optarg)))
235 err(1, "Cannot set file mode `%s'", optarg);
236 mode = getmode(set, 0);
237 free(set);
238 break;
239 case 'M':
240 metafile = optarg;
241 break;
242 case 'N':
243 if (! setup_getid(optarg))
244 errx(1,
245 "Unable to use user and group databases in `%s'",
246 optarg);
247 break;
248 case 'o':
249 haveopt_o = 1;
250 owner = optarg;
251 break;
252 case 'p':
253 dopreserve = 1;
254 #ifdef __minix
255 errx(1,
256 "Minix lacks support for futimes(3)/utimes(2)");
257 #endif
258 break;
259 case 'r':
260 dorename = 1;
261 break;
262 case 'S':
263 stripArgs = strdup(optarg);
264 if (stripArgs == NULL)
265 errx(1, "%s", strerror(ENOMEM));
266 /* fall through; -S implies -s */
267 /*FALLTHROUGH*/
268 case 's':
269 dostrip = 1;
270 break;
271 case 'T':
272 tags = optarg;
273 break;
274 case 'U':
275 dounpriv = 1;
276 break;
277 case '?':
278 default:
279 usage();
280 }
281 argc -= optind;
282 argv += optind;
283
284 /* strip and link options make no sense when creating directories */
285 if ((dostrip || dolink) && dodir)
286 usage();
287
288 /* strip and flags make no sense with links */
289 if ((dostrip || fflags) && dolink)
290 usage();
291
292 /* must have at least two arguments, except when creating directories */
293 if (argc < 2 && !dodir)
294 usage();
295
296 if (digest) {
297 if (0) {
298 } else if (strcmp(digest, "none") == 0) {
299 digesttype = DIGEST_NONE;
300 } else if (strcmp(digest, "md5") == 0) {
301 digesttype = DIGEST_MD5;
302 } else if (strcmp(digest, "rmd160") == 0) {
303 digesttype = DIGEST_RMD160;
304 } else if (strcmp(digest, "sha1") == 0) {
305 digesttype = DIGEST_SHA1;
306 } else if (strcmp(digest, "sha256") == 0) {
307 digesttype = DIGEST_SHA256;
308 } else if (strcmp(digest, "sha384") == 0) {
309 digesttype = DIGEST_SHA384;
310 } else if (strcmp(digest, "sha512") == 0) {
311 digesttype = DIGEST_SHA512;
312 } else {
313 warnx("unknown digest `%s'", digest);
314 usage();
315 }
316 }
317
318 /* get group and owner id's */
319 if (group && !dounpriv) {
320 if (gid_from_group(group, &gid) == -1) {
321 id_t id;
322 if (!parseid(group, &id))
323 errx(1, "unknown group %s", group);
324 gid = id;
325 }
326 iflags |= HASGID;
327 }
328 if (owner && !dounpriv) {
329 if (uid_from_user(owner, &uid) == -1) {
330 id_t id;
331 if (!parseid(owner, &id))
332 errx(1, "unknown user %s", owner);
333 uid = id;
334 }
335 iflags |= HASUID;
336 }
337
338 #if ! HAVE_NBTOOL_CONFIG_H
339 if (fflags && !dounpriv) {
340 if (string_to_flags(&fflags, &fileflags, NULL))
341 errx(1, "%s: invalid flag", fflags);
342 /* restore fflags since string_to_flags() changed it */
343 fflags = flags_to_string(fileflags, "-");
344 iflags |= SETFLAGS;
345 }
346 #endif
347
348 if (metafile) {
349 if ((metafp = fopen(metafile, "a")) == NULL)
350 warn("open %s", metafile);
351 } else
352 digesttype = DIGEST_NONE;
353
354 if (dodir) {
355 for (; *argv != NULL; ++argv)
356 install_dir(*argv, iflags);
357 exit (0);
358 }
359
360 no_target = stat(to_name = argv[argc - 1], &to_sb);
361 if (!no_target && S_ISDIR(to_sb.st_mode)) {
362 for (; *argv != to_name; ++argv)
363 install(*argv, to_name, iflags | DIRECTORY);
364 exit(0);
365 }
366
367 /* can't do file1 file2 directory/file */
368 if (argc != 2) {
369 errx(EXIT_FAILURE, "the last argument (%s) "
370 "must name an existing directory", argv[argc - 1]);
371 /* NOTREACHED */
372 }
373
374 if (!no_target) {
375 /* makelink() handles checks for links */
376 if (!dolink) {
377 if (stat(*argv, &from_sb))
378 err(1, "%s: stat", *argv);
379 if (!S_ISREG(to_sb.st_mode))
380 errx(1, "%s: not a regular file", to_name);
381 if (to_sb.st_dev == from_sb.st_dev &&
382 to_sb.st_ino == from_sb.st_ino)
383 errx(1, "%s and %s are the same file", *argv,
384 to_name);
385 }
386 /*
387 * Unlink now... avoid ETXTBSY errors later. Try and turn
388 * off the append/immutable bits -- if we fail, go ahead,
389 * it might work.
390 */
391 #ifndef __minix
392 #if ! HAVE_NBTOOL_CONFIG_H
393 #define NOCHANGEBITS (UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND)
394 if (to_sb.st_flags & NOCHANGEBITS)
395 (void)chflags(to_name,
396 to_sb.st_flags & ~(NOCHANGEBITS));
397 #endif
398 #endif
399 if (dobackup)
400 backup(to_name);
401 else if (!dorename)
402 (void)unlink(to_name);
403 }
404 install(*argv, to_name, iflags);
405 exit(0);
406 }
407
408 /*
409 * parseid --
410 * parse uid or gid from arg into id, returning non-zero if successful
411 */
412 static int
413 parseid(char *name, id_t *id)
414 {
415 char *ep;
416
417 errno = 0;
418 *id = (id_t)strtoul(name, &ep, 10);
419 if (errno || *ep != '\0')
420 return (0);
421 return (1);
422 }
423
424 /*
425 * do_link --
426 * make a hard link, obeying dorename if set
427 * return -1 on failure
428 */
429 static int
430 do_link(char *from_name, char *to_name)
431 {
432 char tmpl[MAXPATHLEN];
433 int ret;
434
435 if (dorename) {
436 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
437 /* This usage is safe. */
438 if (mktemp(tmpl) == NULL)
439 err(1, "%s: mktemp", tmpl);
440 ret = link(from_name, tmpl);
441 if (ret == 0) {
442 ret = rename(tmpl, to_name);
443 /* If rename has posix semantics, then the temporary
444 * file may still exist when from_name and to_name point
445 * to the same file, so unlink it unconditionally.
446 */
447 (void)unlink(tmpl);
448 }
449 return (ret);
450 } else
451 return (link(from_name, to_name));
452 }
453
454 /*
455 * do_symlink --
456 * make a symbolic link, obeying dorename if set
457 * exit on failure
458 */
459 static void
460 do_symlink(char *from_name, char *to_name)
461 {
462 char tmpl[MAXPATHLEN];
463
464 if (dorename) {
465 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
466 /* This usage is safe. */
467 if (mktemp(tmpl) == NULL)
468 err(1, "%s: mktemp", tmpl);
469
470 if (symlink(from_name, tmpl) == -1)
471 err(1, "symlink %s -> %s", from_name, tmpl);
472 if (rename(tmpl, to_name) == -1) {
473 /* remove temporary link before exiting */
474 (void)unlink(tmpl);
475 err(1, "%s: rename", to_name);
476 }
477 } else {
478 if (symlink(from_name, to_name) == -1)
479 err(1, "symlink %s -> %s", from_name, to_name);
480 }
481 }
482
483 /*
484 * makelink --
485 * make a link from source to destination
486 */
487 static void
488 makelink(char *from_name, char *to_name)
489 {
490 char src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN];
491 struct stat to_sb;
492
493 /* Try hard links first */
494 if (dolink & (LN_HARD|LN_MIXED)) {
495 if (do_link(from_name, to_name) == -1) {
496 if ((dolink & LN_HARD) || errno != EXDEV)
497 err(1, "link %s -> %s", from_name, to_name);
498 } else {
499 if (stat(to_name, &to_sb))
500 err(1, "%s: stat", to_name);
501 if (S_ISREG(to_sb.st_mode)) {
502 /* XXX: hard links to anything
503 * other than plain files are not
504 * metalogged
505 */
506 int omode;
507 char *oowner, *ogroup, *offlags;
508 char *dres;
509
510 /* XXX: use underlying perms,
511 * unless overridden on command line.
512 */
513 omode = mode;
514 if (!haveopt_m)
515 mode = (to_sb.st_mode & 0777);
516 oowner = owner;
517 if (!haveopt_o)
518 owner = NULL;
519 ogroup = group;
520 if (!haveopt_g)
521 group = NULL;
522 offlags = fflags;
523 if (!haveopt_f)
524 fflags = NULL;
525 switch (digesttype) {
526 case DIGEST_MD5:
527 dres = MD5File(from_name, NULL);
528 break;
529 case DIGEST_RMD160:
530 dres = RMD160File(from_name, NULL);
531 break;
532 case DIGEST_SHA1:
533 dres = SHA1File(from_name, NULL);
534 break;
535 case DIGEST_SHA256:
536 dres = SHA256_File(from_name, NULL);
537 break;
538 case DIGEST_SHA384:
539 dres = SHA384_File(from_name, NULL);
540 break;
541 case DIGEST_SHA512:
542 dres = SHA512_File(from_name, NULL);
543 break;
544 default:
545 dres = NULL;
546 }
547 metadata_log(to_name, "file", NULL, NULL,
548 dres, to_sb.st_size);
549 free(dres);
550 mode = omode;
551 owner = oowner;
552 group = ogroup;
553 fflags = offlags;
554 }
555 return;
556 }
557 }
558
559 /* Symbolic links */
560 if (dolink & LN_ABSOLUTE) {
561 /* Convert source path to absolute */
562 if (realpath(from_name, src) == NULL)
563 err(1, "%s: realpath", from_name);
564 do_symlink(src, to_name);
565 /* XXX: src may point outside of destdir */
566 metadata_log(to_name, "link", NULL, src, NULL, 0);
567 return;
568 }
569
570 if (dolink & LN_RELATIVE) {
571 char *cp, *d, *s;
572
573 /* Resolve pathnames */
574 if (realpath(from_name, src) == NULL)
575 err(1, "%s: realpath", from_name);
576
577 /*
578 * The last component of to_name may be a symlink,
579 * so use realpath to resolve only the directory.
580 */
581 cp = xdirname(to_name);
582 if (realpath(cp, dst) == NULL)
583 err(1, "%s: realpath", cp);
584 /* .. and add the last component */
585 if (strcmp(dst, "/") != 0) {
586 if (strlcat(dst, "/", sizeof(dst)) > sizeof(dst))
587 errx(1, "resolved pathname too long");
588 }
589 cp = xbasename(to_name);
590 if (strlcat(dst, cp, sizeof(dst)) > sizeof(dst))
591 errx(1, "resolved pathname too long");
592
593 /* trim common path components */
594 for (s = src, d = dst; *s == *d; s++, d++)
595 continue;
596 while (*s != '/')
597 s--, d--;
598
599 /* count the number of directories we need to backtrack */
600 for (++d, lnk[0] = '\0'; *d; d++)
601 if (*d == '/')
602 (void)strlcat(lnk, "../", sizeof(lnk));
603
604 (void)strlcat(lnk, ++s, sizeof(lnk));
605
606 do_symlink(lnk, to_name);
607 /* XXX: lnk may point outside of destdir */
608 metadata_log(to_name, "link", NULL, lnk, NULL, 0);
609 return;
610 }
611
612 /*
613 * If absolute or relative was not specified,
614 * try the names the user provided
615 */
616 do_symlink(from_name, to_name);
617 /* XXX: from_name may point outside of destdir */
618 metadata_log(to_name, "link", NULL, from_name, NULL, 0);
619 }
620
621 /*
622 * install --
623 * build a path name and install the file
624 */
625 static void
626 install(char *from_name, char *to_name, u_int flags)
627 {
628 struct stat from_sb;
629 struct stat to_sb;
630 struct timeval tv[2];
631 off_t size;
632 int devnull, from_fd, to_fd, serrno, tmpmode;
633 char *p, tmpl[MAXPATHLEN], *oto_name, *digestresult;
634
635 size = -1;
636 if (!dolink) {
637 /* ensure that from_sb & tv are sane if !dolink */
638 if (stat(from_name, &from_sb))
639 err(1, "%s: stat", from_name);
640 size = from_sb.st_size;
641 #if BSD4_4 && !HAVE_NBTOOL_CONFIG_H
642 TIMESPEC_TO_TIMEVAL(&tv[0], &from_sb.st_atimespec);
643 TIMESPEC_TO_TIMEVAL(&tv[1], &from_sb.st_mtimespec);
644 #else
645 tv[0].tv_sec = from_sb.st_atime;
646 tv[0].tv_usec = 0;
647 tv[1].tv_sec = from_sb.st_mtime;
648 tv[1].tv_usec = 0;
649 #endif
650 }
651
652 if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL) != 0) {
653 devnull = 0;
654 if (!dolink) {
655 if (!S_ISREG(from_sb.st_mode))
656 errx(1, "%s: not a regular file", from_name);
657 }
658 /* Build the target path. */
659 if (flags & DIRECTORY) {
660 (void)snprintf(pathbuf, sizeof(pathbuf), "%s/%s",
661 to_name,
662 (p = strrchr(from_name, '/')) ? ++p : from_name);
663 to_name = pathbuf;
664 }
665 } else {
666 devnull = 1;
667 size = 0;
668 #if HAVE_STRUCT_STAT_ST_FLAGS
669 from_sb.st_flags = 0; /* XXX */
670 #endif
671 }
672
673 /*
674 * Unlink now... avoid ETXTBSY errors later. Try and turn
675 * off the append/immutable bits -- if we fail, go ahead,
676 * it might work.
677 */
678 #ifndef __minix
679 #if ! HAVE_NBTOOL_CONFIG_H
680 if (stat(to_name, &to_sb) == 0 &&
681 to_sb.st_flags & (NOCHANGEBITS))
682 (void)chflags(to_name, to_sb.st_flags & ~(NOCHANGEBITS));
683 #endif
684 #endif
685 if (dorename) {
686 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name);
687 oto_name = to_name;
688 to_name = tmpl;
689 } else {
690 oto_name = NULL; /* pacify gcc */
691 if (dobackup)
692 backup(to_name);
693 else
694 (void)unlink(to_name);
695 }
696
697 if (dolink) {
698 makelink(from_name, dorename ? oto_name : to_name);
699 return;
700 }
701
702 /* Create target. */
703 if (dorename) {
704 if ((to_fd = mkstemp(to_name)) == -1)
705 err(1, "%s: mkstemp", to_name);
706 } else {
707 if ((to_fd = open(to_name,
708 O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR | S_IWUSR)) < 0)
709 err(1, "%s: open", to_name);
710 }
711 digestresult = NULL;
712 if (!devnull) {
713 if ((from_fd = open(from_name, O_RDONLY, 0)) < 0) {
714 (void)unlink(to_name);
715 err(1, "%s: open", from_name);
716 }
717 digestresult =
718 copy(from_fd, from_name, to_fd, to_name, from_sb.st_size);
719 (void)close(from_fd);
720 }
721
722 if (dostrip) {
723 strip(to_name);
724
725 /*
726 * Re-open our fd on the target, in case we used a strip
727 * that does not work in-place -- like gnu binutils strip.
728 */
729 close(to_fd);
730 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0)
731 err(1, "stripping %s", to_name);
732
733 /*
734 * Recalculate size and digestresult after stripping.
735 */
736 if (fstat(to_fd, &to_sb) != 0)
737 err(1, "%s: fstat", to_name);
738 size = to_sb.st_size;
739 digestresult =
740 copy(to_fd, to_name, -1, NULL, size);
741
742 }
743
744 if (afterinstallcmd != NULL) {
745 afterinstall(afterinstallcmd, to_name, 1);
746
747 /*
748 * Re-open our fd on the target, in case we used an
749 * after-install command that does not work in-place
750 */
751 close(to_fd);
752 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0)
753 err(1, "running after install command on %s", to_name);
754 }
755
756 /*
757 * Set owner, group, mode for target; do the chown first,
758 * chown may lose the setuid bits.
759 */
760 if (!dounpriv &&
761 (flags & (HASUID | HASGID)) && fchown(to_fd, uid, gid) == -1) {
762 serrno = errno;
763 (void)unlink(to_name);
764 errx(1, "%s: chown/chgrp: %s", to_name, strerror(serrno));
765 }
766 tmpmode = mode;
767 if (dounpriv)
768 tmpmode &= S_IRWXU|S_IRWXG|S_IRWXO;
769 if (fchmod(to_fd, tmpmode) == -1) {
770 serrno = errno;
771 (void)unlink(to_name);
772 errx(1, "%s: chmod: %s", to_name, strerror(serrno));
773 }
774
775 /*
776 * Preserve the date of the source file.
777 */
778 #ifndef __minix
779 if (dopreserve) {
780 #if HAVE_FUTIMES
781 if (futimes(to_fd, tv) == -1)
782 warn("%s: futimes", to_name);
783 #else
784 if (utimes(to_name, tv) == -1)
785 warn("%s: utimes", to_name);
786 #endif
787 }
788 #endif
789
790 (void)close(to_fd);
791
792 if (dorename) {
793 if (rename(to_name, oto_name) == -1)
794 err(1, "%s: rename", to_name);
795 to_name = oto_name;
796 }
797
798 /*
799 * If provided a set of flags, set them, otherwise, preserve the
800 * flags, except for the dump flag.
801 */
802 #ifndef __minix
803 #if ! HAVE_NBTOOL_CONFIG_H
804 if (!dounpriv && chflags(to_name,
805 flags & SETFLAGS ? fileflags : from_sb.st_flags & ~UF_NODUMP) == -1)
806 {
807 if (errno != EOPNOTSUPP || (from_sb.st_flags & ~UF_NODUMP) != 0)
808 warn("%s: chflags", to_name);
809 }
810 #endif
811 #endif
812
813 metadata_log(to_name, "file", tv, NULL, digestresult, size);
814 free(digestresult);
815 }
816
817 /*
818 * copy --
819 * copy from one file to another, returning a digest.
820 *
821 * If to_fd < 0, just calculate a digest, don't copy.
822 */
823 static char *
824 copy(int from_fd, char *from_name, int to_fd, char *to_name, off_t size)
825 {
826 ssize_t nr, nw;
827 int serrno;
828 u_char *p;
829 u_char buf[MAXBSIZE];
830 MD5_CTX ctxMD5;
831 RMD160_CTX ctxRMD160;
832 SHA1_CTX ctxSHA1;
833 SHA256_CTX ctxSHA256;
834 SHA384_CTX ctxSHA384;
835 SHA512_CTX ctxSHA512;
836
837 switch (digesttype) {
838 case DIGEST_MD5:
839 MD5Init(&ctxMD5);
840 break;
841 case DIGEST_RMD160:
842 RMD160Init(&ctxRMD160);
843 break;
844 case DIGEST_SHA1:
845 SHA1Init(&ctxSHA1);
846 break;
847 case DIGEST_SHA256:
848 SHA256_Init(&ctxSHA256);
849 break;
850 case DIGEST_SHA384:
851 SHA384_Init(&ctxSHA384);
852 break;
853 case DIGEST_SHA512:
854 SHA512_Init(&ctxSHA512);
855 break;
856 case DIGEST_NONE:
857 if (to_fd < 0)
858 return NULL; /* no need to do anything */
859 default:
860 break;
861 }
862 /*
863 * There's no reason to do anything other than close the file
864 * now if it's empty, so let's not bother.
865 */
866 if (size > 0) {
867
868 /*
869 * Mmap and write if less than 8M (the limit is so we
870 * don't totally trash memory on big files). This is
871 * really a minor hack, but it wins some CPU back.
872 */
873
874 if (size <= 8 * 1048576) {
875 #ifdef __minix
876 goto mmap_failed;
877 #else
878 if ((p = mmap(NULL, (size_t)size, PROT_READ,
879 MAP_FILE|MAP_SHARED, from_fd, (off_t)0))
880 == MAP_FAILED) {
881 goto mmap_failed;
882 }
883 #if defined(MADV_SEQUENTIAL) && !defined(__APPLE__)
884 if (madvise(p, (size_t)size, MADV_SEQUENTIAL) == -1
885 && errno != EOPNOTSUPP)
886 warnx("madvise: %s", strerror(errno));
887 #endif
888
889 if (to_fd >= 0 && write(to_fd, p, size) != size) {
890 serrno = errno;
891 (void)unlink(to_name);
892 errx(1, "%s: write: %s",
893 to_name, strerror(serrno));
894 }
895 switch (digesttype) {
896 case DIGEST_MD5:
897 MD5Update(&ctxMD5, p, size);
898 break;
899 case DIGEST_RMD160:
900 RMD160Update(&ctxRMD160, p, size);
901 break;
902 case DIGEST_SHA1:
903 SHA1Update(&ctxSHA1, p, size);
904 break;
905 case DIGEST_SHA256:
906 SHA256_Update(&ctxSHA256, p, size);
907 break;
908 case DIGEST_SHA384:
909 SHA384_Update(&ctxSHA384, p, size);
910 break;
911 case DIGEST_SHA512:
912 SHA512_Update(&ctxSHA512, p, size);
913 break;
914 default:
915 break;
916 }
917 (void)munmap(p, size);
918 #endif
919 } else {
920 mmap_failed:
921 while ((nr = read(from_fd, buf, sizeof(buf))) > 0) {
922 if (to_fd >= 0 &&
923 (nw = write(to_fd, buf, nr)) != nr) {
924 serrno = errno;
925 (void)unlink(to_name);
926 errx(1, "%s: write: %s", to_name,
927 strerror(nw > 0 ? EIO : serrno));
928 }
929 switch (digesttype) {
930 case DIGEST_MD5:
931 MD5Update(&ctxMD5, buf, nr);
932 break;
933 case DIGEST_RMD160:
934 RMD160Update(&ctxRMD160, buf, nr);
935 break;
936 case DIGEST_SHA1:
937 SHA1Update(&ctxSHA1, buf, nr);
938 break;
939 case DIGEST_SHA256:
940 SHA256_Update(&ctxSHA256, buf, nr);
941 break;
942 case DIGEST_SHA384:
943 SHA384_Update(&ctxSHA384, buf, nr);
944 break;
945 case DIGEST_SHA512:
946 SHA512_Update(&ctxSHA512, buf, nr);
947 break;
948 default:
949 break;
950 }
951 }
952 if (nr != 0) {
953 serrno = errno;
954 (void)unlink(to_name);
955 errx(1, "%s: read: %s", from_name, strerror(serrno));
956 }
957 }
958 }
959 switch (digesttype) {
960 case DIGEST_MD5:
961 return MD5End(&ctxMD5, NULL);
962 case DIGEST_RMD160:
963 return RMD160End(&ctxRMD160, NULL);
964 case DIGEST_SHA1:
965 return SHA1End(&ctxSHA1, NULL);
966 case DIGEST_SHA256:
967 return SHA256_End(&ctxSHA256, NULL);
968 case DIGEST_SHA384:
969 return SHA384_End(&ctxSHA384, NULL);
970 case DIGEST_SHA512:
971 return SHA512_End(&ctxSHA512, NULL);
972 default:
973 return NULL;
974 }
975 }
976
977 /*
978 * strip --
979 * use strip(1) to strip the target file
980 */
981 static void
982 strip(char *to_name)
983 {
984 static const char exec_failure[] = ": exec of strip failed: ";
985 int serrno, status;
986 const char * volatile stripprog, *progname;
987 char *cmd;
988
989 if ((stripprog = getenv("STRIP")) == NULL || *stripprog == '\0') {
990 #ifdef TARGET_STRIP
991 stripprog = TARGET_STRIP;
992 #else
993 stripprog = _PATH_STRIP;
994 #endif
995 }
996
997 cmd = NULL;
998
999 if (stripArgs) {
1000 /*
1001 * Build up a command line and let /bin/sh
1002 * parse the arguments.
1003 */
1004 int ret = asprintf(&cmd, "%s %s %s", stripprog, stripArgs,
1005 to_name);
1006
1007 if (ret == -1 || cmd == NULL)
1008 err(1, "asprintf failed");
1009 }
1010
1011 switch (vfork()) {
1012 case -1:
1013 serrno = errno;
1014 (void)unlink(to_name);
1015 errx(1, "vfork: %s", strerror(serrno));
1016 /*NOTREACHED*/
1017 case 0:
1018
1019 if (stripArgs)
1020 execl(_PATH_BSHELL, "sh", "-c", cmd, NULL);
1021 else
1022 execlp(stripprog, "strip", to_name, NULL);
1023
1024 progname = getprogname();
1025 write(STDERR_FILENO, progname, strlen(progname));
1026 write(STDERR_FILENO, exec_failure, strlen(exec_failure));
1027 write(STDERR_FILENO, stripprog, strlen(stripprog));
1028 write(STDERR_FILENO, "\n", 1);
1029 _exit(1);
1030 /*NOTREACHED*/
1031 default:
1032 if (wait(&status) == -1 || status)
1033 (void)unlink(to_name);
1034 }
1035
1036 free(cmd);
1037 }
1038
1039 /*
1040 * afterinstall --
1041 * run provided command on the target file or directory after it's been
1042 * installed and stripped, but before permissions are set or it's renamed
1043 */
1044 static void
1045 afterinstall(const char *command, const char *to_name, int errunlink)
1046 {
1047 int serrno, status;
1048 char *cmd;
1049
1050 switch (vfork()) {
1051 case -1:
1052 serrno = errno;
1053 if (errunlink)
1054 (void)unlink(to_name);
1055 errx(1, "vfork: %s", strerror(serrno));
1056 /*NOTREACHED*/
1057 case 0:
1058 /*
1059 * build up a command line and let /bin/sh
1060 * parse the arguments
1061 */
1062 cmd = (char*)malloc(sizeof(char)*
1063 (2+strlen(command)+
1064 strlen(to_name)));
1065
1066 if (cmd == NULL)
1067 errx(1, "%s", strerror(ENOMEM));
1068
1069 sprintf(cmd, "%s %s", command, to_name);
1070
1071 execl(_PATH_BSHELL, "sh", "-c", cmd, NULL);
1072
1073 warn("%s: exec of after install command", command);
1074 _exit(1);
1075 /*NOTREACHED*/
1076 default:
1077 if ((wait(&status) == -1 || status) && errunlink)
1078 (void)unlink(to_name);
1079 }
1080 }
1081
1082 /*
1083 * backup --
1084 * backup file "to_name" to to_name.suffix
1085 * if suffix contains a "%", it's taken as a printf(3) pattern
1086 * used for a numbered backup.
1087 */
1088 static void
1089 backup(const char *to_name)
1090 {
1091 char bname[FILENAME_MAX];
1092
1093 if (numberedbackup) {
1094 /* Do numbered backup */
1095 int cnt;
1096 char suffix_expanded[FILENAME_MAX];
1097
1098 cnt=0;
1099 do {
1100 (void)snprintf(suffix_expanded, FILENAME_MAX, suffix,
1101 cnt);
1102 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name,
1103 suffix_expanded);
1104 cnt++;
1105 } while (access(bname, F_OK) == 0);
1106 } else {
1107 /* Do simple backup */
1108 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name, suffix);
1109 }
1110
1111 (void)rename(to_name, bname);
1112 }
1113
1114 /*
1115 * install_dir --
1116 * build directory hierarchy
1117 */
1118 static void
1119 install_dir(char *path, u_int flags)
1120 {
1121 char *p;
1122 struct stat sb;
1123 int ch;
1124
1125 for (p = path;; ++p)
1126 if (!*p || (p != path && *p == '/')) {
1127 ch = *p;
1128 *p = '\0';
1129 if (mkdir(path, 0777) < 0) {
1130 /*
1131 * Can't create; path exists or no perms.
1132 * stat() path to determine what's there now.
1133 */
1134 int sverrno;
1135 sverrno = errno;
1136 if (stat(path, &sb) < 0) {
1137 /* Not there; use mkdir()s error */
1138 errno = sverrno;
1139 err(1, "%s: mkdir", path);
1140 }
1141 if (!S_ISDIR(sb.st_mode)) {
1142 errx(1,
1143 "%s exists but is not a directory",
1144 path);
1145 }
1146 }
1147 if (!(*p = ch))
1148 break;
1149 }
1150
1151 if (afterinstallcmd != NULL)
1152 afterinstall(afterinstallcmd, path, 0);
1153
1154 if (!dounpriv && (
1155 ((flags & (HASUID | HASGID)) && chown(path, uid, gid) == -1)
1156 || chmod(path, mode) == -1 )) {
1157 warn("%s: chown/chmod", path);
1158 }
1159 metadata_log(path, "dir", NULL, NULL, NULL, 0);
1160 }
1161
1162 /*
1163 * metadata_log --
1164 * if metafp is not NULL, output mtree(8) full path name and settings to
1165 * metafp, to allow permissions to be set correctly by other tools,
1166 * or to allow integrity checks to be performed.
1167 */
1168 static void
1169 metadata_log(const char *path, const char *type, struct timeval *tv,
1170 const char *slink, const char *digestresult, off_t size)
1171 {
1172 static const char extra[] = { ' ', '\t', '\n', '\\', '#', '\0' };
1173 const char *p;
1174 char *buf;
1175 size_t destlen;
1176 struct flock metalog_lock;
1177
1178 if (!metafp)
1179 return;
1180 buf = (char *)malloc(4 * strlen(path) + 1); /* buf for strsvis(3) */
1181 if (buf == NULL) {
1182 warnx("%s", strerror(ENOMEM));
1183 return;
1184 }
1185 /* lock log file */
1186 metalog_lock.l_start = 0;
1187 metalog_lock.l_len = 0;
1188 metalog_lock.l_whence = SEEK_SET;
1189 metalog_lock.l_type = F_WRLCK;
1190 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) {
1191 warn("can't lock %s", metafile);
1192 free(buf);
1193 return;
1194 }
1195
1196 p = path; /* remove destdir */
1197 if (destdir) {
1198 destlen = strlen(destdir);
1199 if (strncmp(p, destdir, destlen) == 0 &&
1200 (p[destlen] == '/' || p[destlen] == '\0'))
1201 p += destlen;
1202 }
1203 while (*p && *p == '/') /* remove leading /s */
1204 p++;
1205 strsvis(buf, p, VIS_CSTYLE, extra); /* encode name */
1206 p = buf;
1207 /* print details */
1208 fprintf(metafp, ".%s%s type=%s", *p ? "/" : "", p, type);
1209 if (owner)
1210 fprintf(metafp, " uname=%s", owner);
1211 if (group)
1212 fprintf(metafp, " gname=%s", group);
1213 fprintf(metafp, " mode=%#o", mode);
1214 if (slink) {
1215 strsvis(buf, slink, VIS_CSTYLE, extra); /* encode link */
1216 fprintf(metafp, " link=%s", buf);
1217 }
1218 if (*type == 'f') /* type=file */
1219 fprintf(metafp, " size=%lld", (long long)size);
1220 if (tv != NULL && dopreserve)
1221 fprintf(metafp, " time=%lld.%ld",
1222 (long long)tv[1].tv_sec, (long)tv[1].tv_usec);
1223 if (digestresult && digest)
1224 fprintf(metafp, " %s=%s", digest, digestresult);
1225 if (fflags)
1226 fprintf(metafp, " flags=%s", fflags);
1227 if (tags)
1228 fprintf(metafp, " tags=%s", tags);
1229 fputc('\n', metafp);
1230 fflush(metafp); /* flush output */
1231 /* unlock log file */
1232 metalog_lock.l_type = F_UNLCK;
1233 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) {
1234 warn("can't unlock %s", metafile);
1235 }
1236 free(buf);
1237 }
1238
1239 /*
1240 * xbasename --
1241 * libc basename(3) that returns a pointer to a static buffer
1242 * instead of overwriting that passed-in string.
1243 */
1244 static char *
1245 xbasename(char *path)
1246 {
1247 static char tmp[MAXPATHLEN];
1248
1249 (void)strlcpy(tmp, path, sizeof(tmp));
1250 return (basename(tmp));
1251 }
1252
1253 /*
1254 * xdirname --
1255 * libc dirname(3) that returns a pointer to a static buffer
1256 * instead of overwriting that passed-in string.
1257 */
1258 static char *
1259 xdirname(char *path)
1260 {
1261 static char tmp[MAXPATHLEN];
1262
1263 (void)strlcpy(tmp, path, sizeof(tmp));
1264 return (dirname(tmp));
1265 }
1266
1267 /*
1268 * usage --
1269 * print a usage message and die
1270 */
1271 static void
1272 usage(void)
1273 {
1274 const char *prog;
1275
1276 prog = getprogname();
1277
1278 (void)fprintf(stderr,
1279 "usage: %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n"
1280 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group] \n"
1281 " [-l linkflags] [-h hash] [-S stripflags] file1 file2\n"
1282 " %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n"
1283 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group]\n"
1284 " [-l linkflags] [-h hash] [-S stripflags] file1 ... fileN directory\n"
1285 " %s -d [-Up] [-M log] [-D dest] [-T tags] [-a aftercmd] [-m mode]\n"
1286 " [-N dbdir] [-o owner] [-g group] directory ...\n",
1287 prog, prog, prog);
1288 exit(1);
1289 }
MINIX 3 (repo.or.cz mirror)