From cperon@staff.seccuris.com  Wed Mar 31 20:37:32 2004
Return-Path: <cperon@staff.seccuris.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CB7DC16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 31 Mar 2004 20:37:32 -0800 (PST)
Received: from staff.seccuris.com (staff.seccuris.com [204.112.0.40])
	by mx1.FreeBSD.org (Postfix) with SMTP id 3BB0243D1D
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 31 Mar 2004 20:37:32 -0800 (PST)
	(envelope-from cperon@staff.seccuris.com)
Received: (qmail 40345 invoked by uid 1006); 1 Apr 2004 04:37:31 -0000
Message-Id: <20040401043731.40344.qmail@staff.seccuris.com>
Date: 1 Apr 2004 04:37:31 -0000
From: Christian S.J.Peron <maneo@bsdpro.com>
Reply-To: Christian S.J.Peron <maneo@bsdpro.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] find(1) files with extended ACLs implemented
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         65016
>Category:       bin
>Synopsis:       [patch] find(1) files with extended ACLs implemented
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 31 20:40:11 PST 2004
>Closed-Date:    Sat Apr 03 09:11:57 PST 2004
>Last-Modified:  Sat Apr 03 09:11:57 PST 2004
>Originator:     Christian S.J. Peron
>Release:        FreeBSD 5.2.1-RELEASE-p3 i386
>Organization:
>Environment:
System: FreeBSD jail01 5.2.1-RELEASE-p3 FreeBSD 5.2.1-RELEASE-p3 #5: Tue Mar 23 00:19:58 GMT 2004     cperon@dev:/usr/src/sys/i386/compile/XOR  i386

	
>Description:
	find(1) currently can not locate files with extended ACLs
	implemented. This option would be handy to have so it can be
	used in conjunction with -exec setfacl {} \; Among many other things. 
 
	
>How-To-Repeat:
	N/A
	
>Fix:
--- usr.bin/find/function.c.bak	Thu Apr  1 00:15:51 2004
+++ usr.bin/find/function.c	Thu Apr  1 04:29:42 2004
@@ -46,6 +46,8 @@
 #include <sys/param.h>
 #include <sys/ucred.h>
 #include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/acl.h>
 #include <sys/wait.h>
 #include <sys/mount.h>
 #include <sys/timeb.h>
@@ -349,6 +351,52 @@
 	else
 		mindepth = find_parsenum(new, option->name, dstr, NULL);
 	return new;
+}
+
+/*
+ * -acl function --
+ *
+ *	Show files with EXTENDED ACL attributes.
+ */
+int
+f_acl(PLAN *plan __unused, FTSENT *entry)
+{
+	int match, entries;
+	acl_entry_t ae;
+	acl_t facl;
+
+	if (S_ISLNK(entry->fts_statp->st_mode))
+		return (0);
+	if ((match = pathconf(entry->fts_accpath, _PC_ACL_EXTENDED)) <= 0) {
+		if (match < 0 && errno != EINVAL)
+			warn("%s", entry->fts_accpath);
+	else
+		return (0);
+	}
+	match = 0;
+	if ((facl = acl_get_file(entry->fts_accpath, ACL_TYPE_ACCESS)) != NULL) {
+		if (acl_get_entry(facl, ACL_FIRST_ENTRY, &ae) == 1) {
+			entries = 1;
+			while (acl_get_entry(facl, ACL_NEXT_ENTRY, &ae) == 1)
+				entries++;
+			/*
+			 * POSIX.1e requires that ACLs of type ACL_TYPE_ACCESS
+			 * must have at least three entries (owner, group, other).
+			 */
+			if (entries > 3)
+				match = 1;
+		}
+		acl_free(facl);
+	} else
+		warn("%s", entry->fts_accpath);
+	return(match);
+}
+
+PLAN *
+c_acl(OPTION *option, char ***argvp __unused)
+{
+	ftsoptions &= ~FTS_NOSTAT;
+	return (palloc(option));
 }
 
 /*
--- usr.bin/find/option.c.bak	Wed Mar 31 22:37:12 2004
+++ usr.bin/find/option.c	Thu Apr  1 01:48:58 2004
@@ -63,6 +63,7 @@
 	{ "(",		c_simple,	f_openparen,	0 },
 	{ ")",		c_simple,	f_closeparen,	0 },
 	{ "-a",		c_and,		NULL,		0 },
+	{ "-acl",	c_acl,		f_acl,		0 },
 	{ "-amin",	c_Xmin,		f_Xmin,		F_TIME_A },
 	{ "-and",	c_and,		NULL,		0 },
 	{ "-anewer",	c_newer,	f_newer,	F_TIME_A },
--- usr.bin/find/extern.h.bak	Wed Mar 31 22:54:15 2004
+++ usr.bin/find/extern.h	Thu Apr  1 01:48:58 2004
@@ -52,6 +52,7 @@
 
 creat_f	c_Xmin;
 creat_f	c_Xtime;
+creat_f	c_acl;
 creat_f	c_and;
 creat_f	c_delete;
 creat_f	c_depth;
@@ -82,6 +83,7 @@
 
 exec_f	f_Xmin;
 exec_f	f_Xtime;
+exec_f	f_acl;
 exec_f	f_always_true;
 exec_f	f_closeparen;
 exec_f	f_delete;
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->rwatson 
Responsible-Changed-By: bmilekic 
Responsible-Changed-When: Wed Mar 31 20:50:04 PST 2004 
Responsible-Changed-Why:  
This is bin. 
Also, send to robert.  I think this can be committed as is, 
perhaps optimizing the while() loop to break out as soon as 
'entries' goes above 3. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=65016 
State-Changed-From-To: open->closed 
State-Changed-By: bmilekic 
State-Changed-When: Sat Apr 3 09:11:33 PST 2004 
State-Changed-Why:  
I took care of this.  Committed slightly modified patch. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=65016 
>Unformatted:
