Beginnings of acl (POSIX.1e draft 17) verification support

- if built with --with-acl, check that files and directories don't have
  any extra acl's set
- for now, any acl beyond the regular unix permission set is reported as
  file mode difference as the acl's cannot have been set by rpm itself
- patch from Andreas Gruenbacher, modified to use libacl instead of raw
  xattrs for portability, BUT atm this uses non-portable acl_equiv_mode()
  Linux libacl extension, the posix draft doesn't seem to have much in
  the way of comparing entries :-/

diff --git a/configure.ac b/configure.ac
index 28d1245..03e8363 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -764,6 +764,32 @@ AS_IF([test "$with_cap" = yes],[
 AC_SUBST(WITH_CAP_LIB)
 AM_CONDITIONAL(CAP,[test "$with_cap" = yes])
 
+WITH_ACL_LIB=
+AC_ARG_WITH(acl, [  --with-acl              build with acl support ],
+[case "$with_acl" in
+yes|no) ;;
+*) AC_MSG_ERROR([invalid argument to --with-acl])
+  ;;
+esac],
+[with_acl=no])
+
+AS_IF([test "$with_acl" = yes],[
+  dnl verification uses non-portable acl_equiv_mode() 
+  AC_CHECK_HEADER([acl/libacl.h],[
+    AC_CHECK_LIB(acl,[acl_equiv_mode],[with_acl=yes],[
+      AC_MSG_ERROR([--with-acl given, but libacl not found or not suitable])])
+  ],[
+    AC_MSG_ERROR([--with-acl given, but acl/libacl.h not found])
+  ])
+])
+
+AS_IF([test "$with_acl" = yes],[
+  AC_DEFINE(WITH_ACL, 1, [Build with acl support?])
+  WITH_ACL_LIB="-lacl"
+])
+AC_SUBST(WITH_ACL_LIB)
+AM_CONDITIONAL(ACL,[test "$with_acl" = yes])
+
 WITH_LUA_LIB=
 WITH_LUA_INCLUDE=
 AC_ARG_WITH(lua, [  --with-lua              build with lua support ],,[with_lua=yes])

diff --git a/lib/Makefile.am b/lib/Makefile.am
index 6befe86..dbd204b 100644 (file)
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -48,6 +48,7 @@ librpm_la_LIBADD = \
        @WITH_SELINUX_LIB@ \
        @WITH_SQLITE3_LIB@ \
        @WITH_CAP_LIB@ \
+       @WITH_ACL_LIB@ \
        @LIBINTL@
 
 if WITH_INTERNAL_DB

diff --git a/lib/verify.c b/lib/verify.c
index da485c8..c4ce118 100644 (file)
--- a/lib/verify.c
+++ b/lib/verify.c
@@ -152,6 +152,20 @@ int rpmVerifyFile(const rpmts ts, const rpmfi fi,
 
        if (metamode != filemode)
            *res |= RPMVERIFY_MODE;
+
+#if WITH_ACL
+       /*
+        * For now, any non-default acl's on a file is a difference as rpm
+        * cannot have set them.
+        */
+       acl_t facl = acl_get_file(fn, ACL_TYPE_ACCESS);
+       if (facl) {
+           if (acl_equiv_mode(facl, NULL) == 1) {
+               *res |= RPMVERIFY_MODE;
+           }
+           acl_free(facl);
+       }
+#endif 
     }
 
     if (flags & RPMVERIFY_RDEV) {

diff --git a/system.h b/system.h
index 5a3c64d..3818e12 100644 (file)
--- a/system.h
+++ b/system.h
@@ -231,6 +231,10 @@ void * _free(void * p)
 #include <sys/capability.h>
 #endif
 
+#if WITH_ACL
+#include <acl/libacl.h>
+#endif
+
 /**
  * Wrapper to free(3), permit NULL, return NULL. 
  * For documenting cases where const is used to protect long-lived