Project

General

Profile

Bug #948

chmod(1M) is not -R friendly when doing ACLs

Added by Yuri Pankov over 8 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
cmd - userland programs
Start date:
2011-04-22
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

Currently chmod -R will bail out on first error, not trying to operate on other files:

$ mkdir -p a/b/c/d; chmod A+user:yuri:full_set:allow a/b; chmod A=user:root:full_set:allow a/b/c; chmod -R A-user:yuri:full_set:allow a; ls -Vd a/b
chmod: ERROR: ACL entry doesn't exist
drwxr-xr-x+  3 yuri     staff          3 Apr 23 09:33 a/b
              user:yuri:rwxpdDaARWcCos:-------:allow
                 owner@:rwxp--aARWcCos:-------:allow
                 group@:r-x---a-R-c--s:-------:allow
              everyone@:r-x---a-R-c--s:-------:allow

There's an erroneous comment in errmsg(), saying "... if this is a fatal error (code == 0)", so I wonder if it's the source of somewhat illogical code and behavior.
It could also be a bit more user-friendly, and print paths to the dirs/files it's not happy with.

The patch makes all ACL related errors non-fatal (while making several other errors fatal), as well as adding paths (relative to the argument specified, could be changed to absolute) to error messages:

$ mkdir -p a/b/c/d; chmod A+user:yuri:full_set:allow a/b; chmod A=user:root:full_set:allow a/b/c; ~/ws/illumos-gate-chmod-acl/usr/src/cmd/chmod/chmod -R A-user:yuri:full_set:allow a; ls -Vd a/b
chmod: ERROR: a: ACL entry doesn't exist
chmod: ERROR: a/b/c: ACL entry doesn't exist
chmod: ERROR: a/b/c: Permission denied
drwxr-xr-x   3 yuri     staff          3 Apr 23 09:34 a/b
                 owner@:rwxp--aARWcCos:-------:allow
                 group@:r-x---a-R-c--s:-------:allow
              everyone@:r-x---a-R-c--s:-------:allow


Files

chmod.diff (4.8 KB) chmod.diff Yuri Pankov, 2011-04-22 09:44 PM

History

#1

Updated by Yuri Pankov over 8 years ago

The evidence that errors were supposed to be non-fatal is that every changed errmsg() call is followed by acl_free(aclp); return (1); - why do that if we are going to exit() in errmsg() in case of fatal error anyway... :-)

#2

Updated by Gordon Ross over 8 years ago

  • Status changed from New to Resolved
  • Difficulty set to Medium
  • Tags set to needs-triage

changeset: 13369:e294a7201085

Also available in: Atom PDF