build-sys: move acl searching code into libsystemd-acl

author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Fri, 22 Mar 2013 14:35:26 +0000 (14:35 +0000)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Fri, 22 Mar 2013 19:31:45 +0000 (15:31 -0400)
author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 22 Mar 2013 14:35:26 +0000 (14:35 +0000)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 22 Mar 2013 19:31:45 +0000 (15:31 -0400)
diff --git a/Makefile.am b/Makefile.am

index 969f85adfee82f86c9a9297406cf8e47fbda2005..93583a686a47d908316dc44621c8aeef62134e8a 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -793,7 +793,8 @@ libsystemd_acl_la_CFLAGS = \
         $(ACL_CFLAGS)
  
  libsystemd_acl_la_LIBADD = \
         $(ACL_CFLAGS)
  
  libsystemd_acl_la_LIBADD = \
-       $(ACL_LIBS)
+       $(ACL_LIBS) \
+       libsystemd-shared.la
  endif
  
  # ------------------------------------------------------------------------------
  endif
  
  # ------------------------------------------------------------------------------
@@ -2503,6 +2504,11 @@ journalctl_LDADD = \
         libsystemd-id128-internal.la \
         libsystemd-logs.la
  
         libsystemd-id128-internal.la \
         libsystemd-logs.la
  
+if HAVE_ACL
+journalctl_LDADD += \
+       libsystemd-acl.la
+endif
+
  if HAVE_QRENCODE
  journalctl_SOURCES += \
         src/journal/journal-qrcode.c \
  if HAVE_QRENCODE
  journalctl_SOURCES += \
         src/journal/journal-qrcode.c \
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c

index 4c288f3334d66ffeae262a528a67477f9fe3144f..8543adfb8a1d2d52ac65e72545fe505d552fce4d 100644 (file)
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -37,6 +37,7 @@
  
  #ifdef HAVE_ACL
  #include <sys/acl.h>
  
  #ifdef HAVE_ACL
  #include <sys/acl.h>
+#include "acl-util.h"
  #endif
  
  #include <systemd/sd-journal.h>
  #endif
  
  #include <systemd/sd-journal.h>
@@ -895,62 +896,18 @@ static int access_check(void) {
          if (!arg_quiet && geteuid() != 0) {
                  _cleanup_strv_free_ char **g = NULL;
                  bool have_access;
          if (!arg_quiet && geteuid() != 0) {
                  _cleanup_strv_free_ char **g = NULL;
                  bool have_access;
-                acl_t acl;
                  int r;
  
                  have_access = in_group("systemd-journal") > 0;
                  int r;
  
                  have_access = in_group("systemd-journal") > 0;
-                if (!have_access) {
  
  
+                if (!have_access) {
                          /* Let's enumerate all groups from the default
                           * ACL of the directory, which generally
                           * should allow access to most journal
                           * files too */
                          /* Let's enumerate all groups from the default
                           * ACL of the directory, which generally
                           * should allow access to most journal
                           * files too */
-
-                        acl = acl_get_file("/var/log/journal/", ACL_TYPE_DEFAULT);
-                        if (acl) {
-                                acl_entry_t entry;
-
-                                r = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
-                                while (r > 0) {
-                                        acl_tag_t tag;
-                                        gid_t *gid;
-                                        char *name;
-
-                                        r = acl_get_tag_type(entry, &tag);
-                                        if (r < 0)
-                                                break;
-
-                                        if (tag != ACL_GROUP)
-                                                goto next;
-
-                                        gid = acl_get_qualifier(entry);
-                                        if (!gid)
-                                                break;
-
-                                        if (in_gid(*gid) > 0) {
-                                                have_access = true;
-                                                break;
-                                        }
-
-                                        name = gid_to_name(*gid);
-                                        if (!name) {
-                                                acl_free(acl);
-                                                return log_oom();
-                                        }
-
-                                        r = strv_push(&g, name);
-                                        if (r < 0) {
-                                                free(name);
-                                                acl_free(acl);
-                                                return log_oom();
-                                        }
-
-                                next:
-                                        r = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
-                                }
-
-                                acl_free(acl);
-                        }
+                        r = search_acl_groups(&g, "/var/log/journal/", &have_access);
+                        if (r < 0)
+                                return r;
                  }
  
                  if (!have_access) {
                  }
  
                  if (!have_access) {
diff --git a/src/shared/acl-util.c b/src/shared/acl-util.c

index d1eb6f226876813b403e2520346e47722c44b8f2..48bb12f46b7e73d156f136f2045ae835a871bf3a 100644 (file)
--- a/src/shared/acl-util.c
+++ b/src/shared/acl-util.c
@@ -3,7 +3,7 @@
  /***
    This file is part of systemd.
  
  /***
    This file is part of systemd.
  
-  Copyright 2011 Lennart Poettering
+  Copyright 2011,2013 Lennart Poettering
  
    systemd is free software; you can redistribute it and/or modify it
    under the terms of the GNU Lesser General Public License as published by
  
    systemd is free software; you can redistribute it and/or modify it
    under the terms of the GNU Lesser General Public License as published by
@@ -26,6 +26,8 @@
  #include <stdbool.h>
  
  #include "acl-util.h"
  #include <stdbool.h>
  
  #include "acl-util.h"
+#include "util.h"
+#include "strv.h"
  
  int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry) {
          acl_entry_t i;
  
  int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry) {
          acl_entry_t i;
@@ -66,3 +68,59 @@ int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry) {
  
          return 0;
  }
  
          return 0;
  }
+
+int search_acl_groups(char*** dst, const char* path, bool* belong) {
+        acl_t acl;
+
+        assert(path);
+        assert(belong);
+
+        acl = acl_get_file(path, ACL_TYPE_DEFAULT);
+        if (acl) {
+                acl_entry_t entry;
+                int r;
+
+                r = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
+                while (r > 0) {
+                        acl_tag_t tag;
+                        gid_t *gid;
+                        char *name;
+
+                        r = acl_get_tag_type(entry, &tag);
+                        if (r < 0)
+                                break;
+
+                        if (tag != ACL_GROUP)
+                                goto next;
+
+                        gid = acl_get_qualifier(entry);
+                        if (!gid)
+                                break;
+
+                        if (in_gid(*gid) > 0) {
+                                *belong = true;
+                                break;
+                        }
+
+                        name = gid_to_name(*gid);
+                        if (!name) {
+                                acl_free(acl);
+                                return log_oom();
+                        }
+
+                        r = strv_push(dst, name);
+                        if (r < 0) {
+                                free(name);
+                                acl_free(acl);
+                                return log_oom();
+                        }
+
+                next:
+                        r = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
+                }
+
+                acl_free(acl);
+        }
+
+        return 0;
+}
diff --git a/src/shared/acl-util.h b/src/shared/acl-util.h

index 31fbbcd51065eae97a069e9cfc2bbac434eedab0..23090d99843a6d55b9c1b04763e6bbd508773239 100644 (file)
--- a/src/shared/acl-util.h
+++ b/src/shared/acl-util.h
@@ -21,4 +21,7 @@
    along with systemd; If not, see <http://www.gnu.org/licenses/>.
  ***/
  
    along with systemd; If not, see <http://www.gnu.org/licenses/>.
  ***/
  
+#include <stdbool.h>
+
  int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry);
  int acl_find_uid(acl_t acl, uid_t uid, acl_entry_t *entry);
+int search_acl_groups(char*** dst, const char* path, bool* belong);
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Fri, 22 Mar 2013 14:35:26 +0000 (14:35 +0000)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Fri, 22 Mar 2013 19:31:45 +0000 (15:31 -0400)
Makefile.am		patch \| blob \| history
src/journal/journalctl.c		patch \| blob \| history
src/shared/acl-util.c		patch \| blob \| history
src/shared/acl-util.h		patch \| blob \| history