tidy up a bit

2026-05-01 15:01:44 -07:00 · 2001-02-20 08:07:09 +00:00
parent afff975f08
commit f5b4f28d63
3 changed files with 60 additions and 41 deletions
@@ -62,26 +62,20 @@ _ls()
    ls -ln $* | awk '{ print $1, $3, $4, $NF }' | _filter_id
 } 

-_get_newid()
-{
-    cat /etc/passwd /etc/group $tmp.ids | gawk -F: '
-      { ids[$3]=1 }
-      END {
-        for(i=1;i<1000000;i++){
-          if (! (i in ids)) {
-	     print i;		 
-             exit
-          }
-        }	
-      }'
-}

 _setup_ids()
 {
-    touch $tmp.ids
-    acl1=`_get_newid`; echo "::$acl1" >>$tmp.ids
-    acl2=`_get_newid`; echo "::$acl2" >>$tmp.ids
-    acl3=`_get_newid`; echo "::$acl3" >>$tmp.ids
+    eval `cat /etc/passwd /etc/group | gawk -F: '
+      { ids[$3]=1 }
+      END {
+        j=1
+        for(i=1; i<1000000 && j<=3;i++){
+          if (! (i in ids)) {
+	     printf "acl%d=%d;", j, i;		 
+	     j++
+          }
+        }	
+      }'`
 }

 _filter_id()
@@ -95,7 +89,7 @@ _filter_id()
       -e "s/g:$acl3/g:id3/" \
       -e "s/ $acl1 / id1 /" \
       -e "s/ $acl2 / id2 /" \
-       -e "s/ $acl3 / id3 /" \
+       -e "s/ $acl3 / id3 /"
 }

 # -----
@@ -152,6 +146,9 @@ echo ""
 echo "=== Test minimal ACE ==="

 echo "Setup file"
+# Note: as this is a shell script,
+#       will need read and execute permission set
+#       in order to execute it.
 touch file1
 cat <<EOF >file1
 #!/bin/sh
@@ -252,14 +249,19 @@ $runas -u $acl3 -g $acl3 ./file1 2>&1

 echo ""
 echo "--- Test MASK ---"
-chacl u::---,g::---,o::---,g:$acl2:r-x,m::-wx file1 2>&1
+
+# group
+chacl u::---,g::---,o::---,g:$acl2:r-x,m::-w- file1 2>&1
 chacl -l file1 | _filter_id
 echo "Expect to FAIL as MASK prohibits execution"
 $runas -u $acl2 -g $acl2 ./file1 2>&1
-chacl u::---,g::---,o::---,u:$acl2:r-x,m::-wx file1 2>&1
+
+# user
+chacl u::---,g::---,o::---,u:$acl2:r-x,m::-w- file1 2>&1
 echo "Expect to FAIL as MASK prohibits execution"
 $runas -u $acl2 -g $acl2 ./file1 2>&1

+# user
 chacl u::---,g::---,o::---,u:$acl2:r-x,m::r-x file1 2>&1
 echo "Expect to PASS as MASK allows execution"
 $runas -u $acl2 -g $acl2 ./file1 2>&1
@@ -21,27 +21,27 @@ file1 [u::r-x,g::---,o::---]
 Expect to PASS
 Test was executed
 Expect to FAIL
-sh: ./file1: Permission denied
+./file1: Permission denied

 --- Test group permissions ---
 file1 [u::---,g::r-x,o::---]
 Expect to FAIL - acl1 is owner
-sh: ./file1: Permission denied
+./file1: Permission denied
 Expect to PASS - acl2 matches group
 Test was executed
 Expect to PASS - acl2 matches sup group
 Test was executed
 Expect to FAIL - acl3 is not in group
-sh: ./file1: Permission denied
+./file1: Permission denied

 --- Test other permissions ---
 file1 [u::---,g::---,o::r-x]
 Expect to FAIL - acl1 is owner
-sh: ./file1: Permission denied
+./file1: Permission denied
 Expect to FAIL - acl2 is in group
-sh: ./file1: Permission denied
+./file1: Permission denied
 Expect to FAIL - acl2 is in sup. group
-sh: ./file1: Permission denied
+./file1: Permission denied
 Expect to PASS - acl3 is not owner or in group
 Test was executed

@@ -56,7 +56,7 @@ Expect to PASS - USER ACE matches user
 file1 [u::---,g::---,o::---,u:id2:r-x,m::rwx]
 Test was executed
 Expect to FAIL - USER ACE does not match user
-sh: ./file1: Permission denied
+./file1: Permission denied

 --- Test adding a GROUP ACE ---
 Expect to FAIL as no MASK provided
@@ -69,20 +69,20 @@ Test was executed
 Expect to PASS - GROUP ACE matches sup group
 Test was executed
 Expect to FAIL - GROUP ACE does not match group
-sh: ./file1: Permission denied
+./file1: Permission denied

 --- Test MASK ---
-file1 [u::---,g::---,o::---,g:id2:r-x,m::-wx]
+file1 [u::---,g::---,o::---,g:id2:r-x,m::-w-]
 Expect to FAIL as MASK prohibits execution
-./file1: ./file1: Permission denied
+./file1: Permission denied
 Expect to FAIL as MASK prohibits execution
-./file1: ./file1: Permission denied
+./file1: Permission denied
 Expect to PASS as MASK allows execution
 Test was executed

 --- Test ACE priority ---
 Expect to FAIL as should match on owner
-sh: ./file1: Permission denied
+./file1: Permission denied
 Expect to PASS as should match on user
 Test was executed

@@ -62,7 +62,8 @@ main(int argc, char **argv)
 	int c;
        uid_t uid = -1;
        gid_t gid = -1;
-        char *cmd=NULL;
+        int pid;
+        char **cmd;
        gid_t sgids[SUP_MAX];
        int sup_cnt = 0;
 	int status;
@@ -91,13 +92,18 @@ main(int argc, char **argv)
 	}

        /* build up the cmd */
-	for ( ; optind < argc; optind++) {
-	    cmd = realloc(cmd, (cmd==NULL?0:strlen(cmd)) + 
-                               strlen(argv[optind]) + 4);
-	    strcat(cmd, " ");
-	    strcat(cmd, argv[optind]);
-	}
- 
+        if (optind == argc) {
+            usage();
+            exit(1);
+        }
+	else {
+	    char **p;
+	    p = cmd = (char **)malloc(sizeof(char *) * (argc - optind + 1));
+	    for ( ; optind < argc; optind++, p++) {
+	        *p = strdup(argv[optind]);
+            }
+	    *p = NULL;
+	} 

        if (gid != -1) {
 	    if (setegid(gid) == -1) {
@@ -123,8 +129,19 @@ main(int argc, char **argv)
 	    }	
        }

-	status = system(cmd);
+	pid = fork();
+	if (pid == -1) {
+            fprintf(stderr, "%s: fork failed: %s\n",
+	            prog, strerror(errno));
+            exit(1);
+        }
+	if (pid == 0) {
+            execv(cmd[0], cmd);
+            fprintf(stderr, "%s: %s\n", cmd[0], strerror(errno));
+            exit(errno);
+	}

+        wait(&status);
 	if (WIFSIGNALED(status)) {
 	    fprintf(stderr, "%s: command terminated with signal %d\n", 
                 prog, WTERMSIG(status));