From 196f024d9e3ecb1eeb178be95a0d329ec143c7e4 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Mon, 21 Aug 2023 21:42:47 +0200 Subject: [PATCH] UTILS: remove unused code (files manipulations) --- configure.ac | 4 - src/tests/files-tests.c | 174 ------------ src/util/files.c | 603 ---------------------------------------- src/util/util.h | 11 - 4 files changed, 792 deletions(-) diff --git a/configure.ac b/configure.ac index adb2c544789..270b8ef376d 100644 --- a/configure.ac +++ b/configure.ac @@ -111,10 +111,6 @@ AC_SEARCH_LIBS([clock_gettime], [rt posix4], AC_SUBST([LIBCLOCK_GETTIME]) LIBS=$SAVE_LIBS -# Check for presence of modern functions for setting file timestamps -AC_CHECK_FUNCS([ utimensat \ - futimens ]) - AC_CHECK_FUNCS([ explicit_bzero ]) # Check for the timegm() function (not part of POSIX / Open Group specs) diff --git a/src/tests/files-tests.c b/src/tests/files-tests.c index 6a867e0a4d8..07e2bb3a81a 100644 --- a/src/tests/files-tests.c +++ b/src/tests/files-tests.c @@ -204,176 +204,6 @@ START_TEST(test_remove_subtree) } END_TEST -START_TEST(test_simple_copy) -{ - int ret; - char origpath[PATH_MAX+1]; - char *tmp; - - errno = 0; - ck_assert_msg(getcwd(origpath, PATH_MAX) == origpath, "Cannot getcwd\n"); - ck_assert_msg(errno == 0, "Cannot getcwd\n"); - - /* create a file */ - ret = chdir(dir_path); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir1\n"); - - ret = create_simple_file("bar", "bar"); - sss_ck_fail_if_msg(ret == -1, "Cannot create file1\n"); - - /* create a subdir and file inside it */ - ret = mkdir("subdir", 0700); - sss_ck_fail_if_msg(ret == -1, "Cannot create subdir\n"); - - ret = chdir("subdir"); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - ret = create_simple_file("foo", "foo"); - sss_ck_fail_if_msg(ret == -1, "Cannot create file\n"); - - /* go back */ - ret = chdir(origpath); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - /* and finally copy.. */ - DEBUG(SSSDBG_FUNC_DATA, - "Will copy from '%s' to '%s'\n", dir_path, dst_path); - ret = sss_copy_tree(dir_path, dst_path, 0700, uid, gid); - ck_assert_msg(ret == EOK, "copy_tree failed\n"); - - /* check if really copied */ - ret = access(dst_path, F_OK); - ck_assert_msg(ret == 0, "destination directory not there\n"); - - tmp = talloc_asprintf(test_ctx, "%s/bar", dst_path); - ret = check_file(tmp, uid, gid, S_IFREG|S_IRWXU, 0, NULL, false); - ck_assert_msg(ret == EOK, "Cannot open %s\n", tmp); - talloc_free(tmp); -} -END_TEST - -START_TEST(test_copy_file) -{ - TALLOC_CTX *tmp_ctx = talloc_new(test_ctx); - int ret; - char origpath[PATH_MAX+1]; - char *foo_path; - char *bar_path; - - errno = 0; - ck_assert_msg(getcwd(origpath, PATH_MAX) == origpath, "Cannot getcwd\n"); - ck_assert_msg(errno == 0, "Cannot getcwd\n"); - - /* create a file */ - ret = chdir(dir_path); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir1\n"); - - ret = create_simple_file("foo", "foo"); - sss_ck_fail_if_msg(ret == -1, "Cannot create foo\n"); - foo_path = talloc_asprintf(tmp_ctx, "%s/foo", dir_path); - bar_path = talloc_asprintf(tmp_ctx, "%s/bar", dst_path); - - /* create a file */ - ret = chdir(origpath); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir1\n"); - - /* Copy this file to a new file */ - DEBUG(SSSDBG_FUNC_DATA, - "Will copy from 'foo' to 'bar'\n"); - ret = sss_copy_file_secure(foo_path, bar_path, 0700, uid, gid, 0); - ck_assert_msg(ret == EOK, "copy_file_secure failed\n"); - - /* check if really copied */ - ret = access(bar_path, F_OK); - ck_assert_msg(ret == 0, "destination file 'bar' not there\n"); - - ret = check_file(bar_path, uid, gid, S_IFREG|S_IRWXU, 0, NULL, false); - ck_assert_msg(ret == EOK, "Cannot open %s\n", bar_path); - talloc_free(tmp_ctx); -} -END_TEST - -START_TEST(test_copy_symlink) -{ - int ret; - char origpath[PATH_MAX+1]; - char *tmp; - struct stat statbuf; - - errno = 0; - ck_assert_msg(getcwd(origpath, PATH_MAX) == origpath, "Cannot getcwd\n"); - ck_assert_msg(errno == 0, "Cannot getcwd\n"); - - /* create a subdir */ - ret = chdir(dir_path); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - ret = create_simple_file("footarget", "foo"); - sss_ck_fail_if_msg(ret == -1, "Cannot create file\n"); - - ret = symlink("footarget", "foolink"); - sss_ck_fail_if_msg(ret == -1, "Cannot create symlink\n"); - - /* go back */ - ret = chdir(origpath); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - /* and finally copy.. */ - DEBUG(SSSDBG_FUNC_DATA, - "Will copy from '%s' to '%s'\n", dir_path, dst_path); - ret = sss_copy_tree(dir_path, dst_path, 0700, uid, gid); - ck_assert_msg(ret == EOK, "copy_tree failed\n"); - - /* check if really copied */ - ret = access(dst_path, F_OK); - ck_assert_msg(ret == 0, "destination directory not there\n"); - - tmp = talloc_asprintf(test_ctx, "%s/foolink", dst_path); - ret = lstat(tmp, &statbuf); - ck_assert_msg(ret == 0, "cannot stat the symlink %s\n", tmp); - ck_assert_msg(S_ISLNK(statbuf.st_mode), "%s not a symlink?\n", tmp); - talloc_free(tmp); -} -END_TEST - -START_TEST(test_copy_node) -{ - int ret; - char origpath[PATH_MAX+1]; - char *tmp; - - errno = 0; - ck_assert_msg(getcwd(origpath, PATH_MAX) == origpath, "Cannot getcwd\n"); - ck_assert_msg(errno == 0, "Cannot getcwd\n"); - - /* create a node */ - ret = chdir(dir_path); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - ret = mknod("testnode", S_IFIFO | S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH, 0); - ck_assert_msg(ret == 0, "cannot stat /dev/null: %s", strerror(errno)); - - /* go back */ - ret = chdir(origpath); - sss_ck_fail_if_msg(ret == -1, "Cannot chdir\n"); - - /* and finally copy.. */ - DEBUG(SSSDBG_FUNC_DATA, - "Will copy from '%s' to '%s'\n", dir_path, dst_path); - ret = sss_copy_tree(dir_path, dst_path, 0700, uid, gid); - ck_assert_msg(ret == EOK, "copy_tree failed\n"); - - /* check if really copied and without special files */ - ret = access(dst_path, F_OK); - ck_assert_msg(ret == 0, "destination directory not there\n"); - - tmp = talloc_asprintf(test_ctx, "%s/testnode", dst_path); - ret = access(tmp, F_OK); - ck_assert_msg(ret == -1, "special file %s exists, it shouldn't\n", tmp); - talloc_free(tmp); -} -END_TEST - START_TEST(test_create_dir) { int ret; @@ -421,10 +251,6 @@ static Suite *files_suite(void) tcase_add_test(tc_files, test_remove_tree); tcase_add_test(tc_files, test_remove_subtree); - tcase_add_test(tc_files, test_simple_copy); - tcase_add_test(tc_files, test_copy_file); - tcase_add_test(tc_files, test_copy_symlink); - tcase_add_test(tc_files, test_copy_node); tcase_add_test(tc_files, test_create_dir); suite_add_tcase(s, tc_files); diff --git a/src/util/files.c b/src/util/files.c index 5b7fbc8c387..03fd062bdcc 100644 --- a/src/util/files.c +++ b/src/util/files.c @@ -54,11 +54,6 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "config.h" - -#include -#include -#include #include #include #include @@ -66,71 +61,6 @@ #include "util/util.h" -struct copy_ctx { - const char *src_orig; - const char *dst_orig; - dev_t src_dev; - uid_t uid; - gid_t gid; -}; - -static int sss_timeat_set(int dir_fd, const char *path, - const struct stat *statp, - int flags) -{ - int ret; - -#ifdef HAVE_UTIMENSAT - struct timespec timebuf[2]; - - timebuf[0] = statp->st_atim; - timebuf[1] = statp->st_mtim; - - ret = utimensat(dir_fd, path, timebuf, flags); -#else - struct timeval tv[2]; - - tv[0].tv_sec = statp->st_atime; - tv[0].tv_usec = 0; - tv[1].tv_sec = statp->st_mtime; - tv[1].tv_usec = 0; - - ret = futimesat(dir_fd, path, tv); -#endif - if (ret == -1) { - return errno; - } - - return EOK; -} - -static int sss_futime_set(int fd, const struct stat *statp) -{ - int ret; - -#ifdef HAVE_FUTIMENS - struct timespec timebuf[2]; - - timebuf[0] = statp->st_atim; - timebuf[1] = statp->st_mtim; - ret = futimens(fd, timebuf); -#else - struct timeval tv[2]; - - tv[0].tv_sec = statp->st_atime; - tv[0].tv_usec = 0; - tv[1].tv_sec = statp->st_mtime; - tv[1].tv_usec = 0; - - ret = futimes(fd, tv); -#endif - if (ret == -1) { - return errno; - } - - return EOK; -} - /* wrapper in order not to create a temporary context in * every iteration */ static int remove_tree_with_ctx(TALLOC_CTX *mem_ctx, @@ -281,539 +211,6 @@ static int remove_tree_with_ctx(TALLOC_CTX *mem_ctx, return ret; } -static char *talloc_readlinkat(TALLOC_CTX *mem_ctx, int dir_fd, - const char *filename) -{ - size_t size = 1024; - ssize_t nchars; - char *buffer; - char *new_buffer; - - buffer = talloc_array(mem_ctx, char, size); - if (!buffer) { - return NULL; - } - - while (1) { - nchars = readlinkat(dir_fd, filename, buffer, size); - if (nchars < 0) { - talloc_free(buffer); - return NULL; - } - - if ((size_t) nchars < size) { - /* The buffer was large enough */ - break; - } - - /* Try again with a bigger buffer */ - size *= 2; - new_buffer = talloc_realloc(mem_ctx, buffer, char, size); - if (!new_buffer) { - talloc_free(buffer); - return NULL; - } - buffer = new_buffer; - } - - /* readlink does not nul-terminate */ - buffer[nchars] = '\0'; - return buffer; -} - -static int -copy_symlink(int src_dir_fd, - int dst_dir_fd, - const char *file_name, - const char *full_path, - const struct stat *statp, - uid_t uid, gid_t gid) -{ - char *buf; - errno_t ret; - - buf = talloc_readlinkat(NULL, src_dir_fd, file_name); - if (!buf) { - return ENOMEM; - } - - ret = selinux_file_context(full_path); - if (ret != 0) { - DEBUG(SSSDBG_MINOR_FAILURE, - "Failed to set SELinux context for [%s]\n", full_path); - /* Not fatal */ - } - - ret = symlinkat(buf, dst_dir_fd, file_name); - talloc_free(buf); - if (ret == -1) { - ret = errno; - if (ret == EEXIST) { - DEBUG(SSSDBG_MINOR_FAILURE, - "symlink pointing to already exists at '%s'\n", full_path); - return EOK; - } - - DEBUG(SSSDBG_CRIT_FAILURE, "symlinkat failed: %s\n", strerror(ret)); - return ret; - } - - ret = fchownat(dst_dir_fd, file_name, - uid, gid, AT_SYMLINK_NOFOLLOW); - if (ret == -1) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "fchownat failed: %s\n", strerror(ret)); - return ret; - } - - ret = sss_timeat_set(dst_dir_fd, file_name, statp, - AT_SYMLINK_NOFOLLOW); - if (ret != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, "utimensat failed [%d]: %s\n", - ret, strerror(ret)); - /* Do not fail */ - } - - return EOK; -} - -static int -copy_file_contents(int ifd, - int ofd, - mode_t mode, - uid_t uid, gid_t gid) -{ - errno_t ret; - char buf[1024]; - ssize_t cnt, written; - - while ((cnt = sss_atomic_read_s(ifd, buf, sizeof(buf))) != 0) { - if (cnt == -1) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "Cannot read() from source file: [%d][%s].\n", - ret, strerror(ret)); - goto done; - } - - errno = 0; - written = sss_atomic_write_s(ofd, buf, cnt); - if (written == -1) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "Cannot write() to destination file: [%d][%s].\n", - ret, strerror(ret)); - goto done; - } - - if (written != cnt) { - ret = EINVAL; - DEBUG(SSSDBG_CRIT_FAILURE, - "Wrote %zd bytes, expected %zd\n", written, cnt); - goto done; - } - } - - /* Set the ownership; permissions are still - * restrictive. */ - ret = fchown(ofd, uid, gid); - if (ret == -1 && errno != EPERM) { - ret = errno; - DEBUG(SSSDBG_OP_FAILURE, - "Error changing owner: %s\n", - strerror(ret)); - goto done; - } - - /* Set the desired mode. */ - ret = fchmod(ofd, mode); - if (ret == -1) { - ret = errno; - DEBUG(SSSDBG_OP_FAILURE, "Error changing mode: %s\n", - strerror(ret)); - goto done; - } - - ret = EOK; - -done: - return ret; -} - - -/* Copy bytes from input file descriptor ifd into file named - * dst_named under directory with dest_dir_fd. Own the new file - * by uid/gid - */ -static int -copy_file(int ifd, - int dest_dir_fd, - const char *file_name, - const char *full_path, - const struct stat *statp, - uid_t uid, gid_t gid) -{ - int ofd = -1; - errno_t ret; - - ret = selinux_file_context(full_path); - if (ret != 0) { - DEBUG(SSSDBG_MINOR_FAILURE, - "Failed to set SELinux context for [%s]\n", full_path); - /* Not fatal */ - } - - /* Start with absolutely restrictive permissions */ - ofd = openat(dest_dir_fd, file_name, - O_EXCL | O_CREAT | O_WRONLY | O_NOFOLLOW, - 0); - if (ofd < 0 && errno != EEXIST) { - ret = errno; - DEBUG(SSSDBG_OP_FAILURE, - "Cannot open() destination file '%s': [%d][%s].\n", - full_path, ret, strerror(ret)); - goto done; - } - - ret = copy_file_contents(ifd, ofd, statp->st_mode, uid, gid); - if (ret != EOK) goto done; - - - ret = sss_futime_set(ofd, statp); - if (ret != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, "sss_futime_set failed [%d]: %s\n", - ret, strerror(ret)); - /* Do not fail */ - } - ret = EOK; - -done: - if (ofd != -1) close(ofd); - return ret; -} - -int -sss_copy_file_secure(const char *src, - const char *dest, - mode_t mode, - uid_t uid, gid_t gid, - bool force) -{ - int ifd = -1; - int ofd = -1; - int dest_flags = 0; - errno_t ret; - - ret = selinux_file_context(dest); - if (ret != 0) { - DEBUG(SSSDBG_MINOR_FAILURE, - "Failed to set SELinux context for [%s]\n", dest); - /* Not fatal */ - } - - /* Start with absolutely restrictive permissions */ - dest_flags = O_CREAT | O_WRONLY | O_NOFOLLOW; - if (!force) { - dest_flags |= O_EXCL; - } - - ofd = open(dest, dest_flags, mode); - if (ofd < 0) { - DEBUG(SSSDBG_OP_FAILURE, - "Cannot open() destination file '%s': [%d][%s].\n", - dest, errno, strerror(errno)); - goto done; - } - - ifd = sss_open_cloexec(src, O_RDONLY | O_NOFOLLOW, &ret); - if (ifd < 0) { - DEBUG(SSSDBG_OP_FAILURE, - "Cannot open() source file '%s': [%d][%s].\n", - src, ret, strerror(ret)); - goto done; - } - - ret = copy_file_contents(ifd, ofd, mode, uid, gid); - -done: - if (ifd != -1) close(ifd); - if (ofd != -1) close(ofd); - return ret; -} - -static errno_t -copy_dir(struct copy_ctx *cctx, - int src_dir_fd, const char *src_dir_path, - int dest_parent_fd, const char *dest_dir_name, - const char *dest_dir_path, - mode_t mode, - const struct stat *src_dir_stat); - -static errno_t -copy_entry(struct copy_ctx *cctx, - int src_dir_fd, - const char *src_dir_path, - int dest_dir_fd, - const char *dest_dir_path, - const char *ent_name) -{ - char *src_ent_path = NULL; - char *dest_ent_path = NULL; - int ifd = -1; - errno_t ret; - struct stat st; - - /* Build the path of the source file or directory and its - * corresponding member in the new tree. */ - src_ent_path = talloc_asprintf(cctx, "%s/%s", src_dir_path, ent_name); - dest_ent_path = talloc_asprintf(cctx, "%s/%s", dest_dir_path, ent_name); - if (!src_ent_path || !dest_ent_path) { - ret = ENOMEM; - goto done; - } - - /* Open the input entry first, then we can fstat() it and be - * certain that it is still the same file. O_NONBLOCK protects - * us against FIFOs and perhaps side-effects of the open() of a - * device file if there ever was one here, and doesn't matter - * for regular files or directories. */ - ifd = sss_openat_cloexec(src_dir_fd, ent_name, - O_RDONLY | O_NOFOLLOW | O_NONBLOCK, &ret); - if (ifd == -1 && ret != ELOOP) { - /* openat error */ - DEBUG(SSSDBG_CRIT_FAILURE, "openat failed on '%s': %s\n", - src_ent_path, strerror(ret)); - goto done; - } else if (ifd == -1 && ret == ELOOP) { - /* Should be a symlink.. */ - ret = fstatat(src_dir_fd, ent_name, &st, AT_SYMLINK_NOFOLLOW); - if (ret == -1) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, "fstatat failed on '%s': %s\n", - src_ent_path, strerror(ret)); - goto done; - } - - /* Handle symlinks */ - ret = copy_symlink(src_dir_fd, dest_dir_fd, ent_name, - dest_ent_path, &st, cctx->uid, cctx->gid); - if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, "Cannot copy '%s' to '%s'\n", - src_ent_path, dest_ent_path); - } - goto done; - } - - ret = fstat(ifd, &st); - if (ret != 0) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "couldn't stat '%s': %s\n", src_ent_path, strerror(ret)); - goto done; - } - - if (S_ISDIR(st.st_mode)) { - /* If it's a directory, descend into it. */ - ret = copy_dir(cctx, ifd, src_ent_path, - dest_dir_fd, ent_name, - dest_ent_path, st.st_mode & 07777, - &st); - if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, - "Couldn't recursively copy '%s' to '%s': %s\n", - src_ent_path, dest_ent_path, strerror(ret)); - goto done; - } - } else if (S_ISREG(st.st_mode)) { - /* Copy a regular file */ - ret = copy_file(ifd, dest_dir_fd, ent_name, dest_ent_path, - &st, cctx->uid, cctx->gid); - if (ret) { - DEBUG(SSSDBG_OP_FAILURE, "Cannot copy '%s' to '%s'\n", - src_ent_path, dest_ent_path); - goto done; - } - } else { - /* Is a special file */ - DEBUG(SSSDBG_FUNC_DATA, "'%s' is a special file, skipping.\n", - src_ent_path); - } - - ret = EOK; -done: - talloc_free(src_ent_path); - talloc_free(dest_ent_path); - if (ifd != -1) close(ifd); - return ret; -} - -static errno_t -copy_dir(struct copy_ctx *cctx, - int src_dir_fd, const char *src_dir_path, - int dest_parent_fd, const char *dest_dir_name, - const char *dest_dir_path, - mode_t mode, - const struct stat *src_dir_stat) -{ - errno_t ret; - errno_t dret; - int dest_dir_fd = -1; - DIR *dir = NULL; - struct dirent *ent; - - if (!dest_dir_path) { - return EINVAL; - } - - dir = fdopendir(src_dir_fd); - if (dir == NULL) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "Error reading '%s': %s\n", src_dir_path, strerror(ret)); - goto done; - } - - /* Create the directory. It starts owned by us (presumably root), with - * fairly restrictive permissions that still allow us to use the - * directory. - * */ - errno = 0; - ret = mkdirat(dest_parent_fd, dest_dir_name, S_IRWXU); - if (ret == -1 && errno != EEXIST) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "Error reading '%s': %s\n", dest_dir_path, strerror(ret)); - goto done; - } - - dest_dir_fd = sss_openat_cloexec(dest_parent_fd, dest_dir_name, - O_RDONLY | O_DIRECTORY | O_NOFOLLOW, &ret); - if (dest_dir_fd == -1) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - "Error opening '%s': %s\n", dest_dir_path, strerror(ret)); - goto done; - } - - while ((ent = readdir(dir)) != NULL) { - /* Iterate through each item in the directory. */ - /* Skip over self and parent hard links. */ - if (strcmp(ent->d_name, ".") == 0 || - strcmp(ent->d_name, "..") == 0) { - continue; - } - - ret = copy_entry(cctx, - src_dir_fd, src_dir_path, - dest_dir_fd, dest_dir_path, - ent->d_name); - if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, "Could not copy [%s] to [%s]\n", - src_dir_path, dest_dir_path); - goto done; - } - } - - /* Set the ownership on the directory. Permissions are still - * fairly restrictive. */ - ret = fchown(dest_dir_fd, cctx->uid, cctx->gid); - if (ret == -1 && errno != EPERM) { - ret = errno; - DEBUG(SSSDBG_OP_FAILURE, - "Error changing owner of '%s': %s\n", - dest_dir_path, strerror(ret)); - goto done; - } - - /* Set the desired mode. Do this explicitly to preserve S_ISGID and - * other bits. Do this after chown, because chown is permitted to - * reset these bits. */ - ret = fchmod(dest_dir_fd, mode); - if (ret == -1) { - ret = errno; - DEBUG(SSSDBG_OP_FAILURE, - "Error setting mode of '%s': %s\n", - dest_dir_path, strerror(ret)); - goto done; - } - - sss_futime_set(dest_dir_fd, src_dir_stat); - if (ret != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, "sss_futime_set failed [%d]: %s\n", - ret, strerror(ret)); - /* Do not fail */ - } - - ret = EOK; -done: - if (dir) { - dret = closedir(dir); - if (dret != 0) { - dret = errno; - DEBUG(SSSDBG_MINOR_FAILURE, - "Failed to close directory: %s.\n", strerror(dret)); - } - } - - if (dest_dir_fd != -1) { - close(dest_dir_fd); - } - return ret; -} - -/* NOTE: - * For several reasons, including the fact that we copy even special files - * (pipes, etc) from the skeleton directory, the skeldir needs to be trusted - */ -int sss_copy_tree(const char *src_root, - const char *dst_root, - mode_t mode_root, - uid_t uid, gid_t gid) -{ - int ret = EOK; - struct copy_ctx *cctx = NULL; - int fd = -1; - struct stat s_src; - - fd = sss_open_cloexec(src_root, O_RDONLY | O_DIRECTORY, &ret); - if (fd == -1) { - goto fail; - } - - ret = fstat(fd, &s_src); - if (ret == -1) { - ret = errno; - goto fail; - } - - cctx = talloc_zero(NULL, struct copy_ctx); - if (!cctx) { - ret = ENOMEM; - goto fail; - } - - cctx->src_orig = src_root; - cctx->dst_orig = dst_root; - cctx->src_dev = s_src.st_dev; - cctx->uid = uid; - cctx->gid = gid; - - ret = copy_dir(cctx, fd, src_root, AT_FDCWD, - dst_root, dst_root, mode_root, &s_src); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "copy_dir failed: [%d][%s]\n", ret, strerror(ret)); - goto fail; - } - -fail: - if (fd != -1) close(fd); - reset_selinux_file_context(); - talloc_free(cctx); - return ret; -} - int sss_create_dir(const char *parent_dir_path, const char *dir_name, mode_t mode, diff --git a/src/util/util.h b/src/util/util.h index e0e122cee38..15f1559b949 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -816,17 +816,6 @@ void disarm_watchdog(void); int sss_remove_tree(const char *root); int sss_remove_subtree(const char *root); -int sss_copy_tree(const char *src_root, - const char *dst_root, - mode_t mode_root, - uid_t uid, gid_t gid); - -int sss_copy_file_secure(const char *src, - const char *dest, - mode_t mode, - uid_t uid, gid_t gid, - bool force); - int sss_create_dir(const char *parent_dir_path, const char *dir_name, mode_t mode,