1*4afad4b7Schristos /* $NetBSD: fsaccess.c,v 1.1 2024/02/18 20:57:57 christos Exp $ */
2*4afad4b7Schristos
3*4afad4b7Schristos /*
4*4afad4b7Schristos * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5*4afad4b7Schristos *
6*4afad4b7Schristos * SPDX-License-Identifier: MPL-2.0
7*4afad4b7Schristos *
8*4afad4b7Schristos * This Source Code Form is subject to the terms of the Mozilla Public
9*4afad4b7Schristos * License, v. 2.0. If a copy of the MPL was not distributed with this
10*4afad4b7Schristos * file, you can obtain one at https://mozilla.org/MPL/2.0/.
11*4afad4b7Schristos *
12*4afad4b7Schristos * See the COPYRIGHT file distributed with this work for additional
13*4afad4b7Schristos * information regarding copyright ownership.
14*4afad4b7Schristos */
15*4afad4b7Schristos
16*4afad4b7Schristos #include <errno.h>
17*4afad4b7Schristos #include <stdbool.h>
18*4afad4b7Schristos #include <sys/stat.h>
19*4afad4b7Schristos #include <sys/types.h>
20*4afad4b7Schristos
21*4afad4b7Schristos #include "errno2result.h"
22*4afad4b7Schristos
23*4afad4b7Schristos /*! \file
24*4afad4b7Schristos * \brief
25*4afad4b7Schristos * The OS-independent part of the API is in lib/isc.
26*4afad4b7Schristos */
27*4afad4b7Schristos #include "../fsaccess.c"
28*4afad4b7Schristos
29*4afad4b7Schristos isc_result_t
isc_fsaccess_set(const char * path,isc_fsaccess_t access)30*4afad4b7Schristos isc_fsaccess_set(const char *path, isc_fsaccess_t access) {
31*4afad4b7Schristos struct stat statb;
32*4afad4b7Schristos mode_t mode;
33*4afad4b7Schristos bool is_dir = false;
34*4afad4b7Schristos isc_fsaccess_t bits;
35*4afad4b7Schristos isc_result_t result;
36*4afad4b7Schristos
37*4afad4b7Schristos if (stat(path, &statb) != 0) {
38*4afad4b7Schristos return (isc__errno2result(errno));
39*4afad4b7Schristos }
40*4afad4b7Schristos
41*4afad4b7Schristos if ((statb.st_mode & S_IFDIR) != 0) {
42*4afad4b7Schristos is_dir = true;
43*4afad4b7Schristos } else if ((statb.st_mode & S_IFREG) == 0) {
44*4afad4b7Schristos return (ISC_R_INVALIDFILE);
45*4afad4b7Schristos }
46*4afad4b7Schristos
47*4afad4b7Schristos result = check_bad_bits(access, is_dir);
48*4afad4b7Schristos if (result != ISC_R_SUCCESS) {
49*4afad4b7Schristos return (result);
50*4afad4b7Schristos }
51*4afad4b7Schristos
52*4afad4b7Schristos /*
53*4afad4b7Schristos * Done with checking bad bits. Set mode_t.
54*4afad4b7Schristos */
55*4afad4b7Schristos mode = 0;
56*4afad4b7Schristos
57*4afad4b7Schristos #define SET_AND_CLEAR1(modebit) \
58*4afad4b7Schristos if ((access & bits) != 0) { \
59*4afad4b7Schristos mode |= modebit; \
60*4afad4b7Schristos access &= ~bits; \
61*4afad4b7Schristos }
62*4afad4b7Schristos #define SET_AND_CLEAR(user, group, other) \
63*4afad4b7Schristos SET_AND_CLEAR1(user); \
64*4afad4b7Schristos bits <<= STEP; \
65*4afad4b7Schristos SET_AND_CLEAR1(group); \
66*4afad4b7Schristos bits <<= STEP; \
67*4afad4b7Schristos SET_AND_CLEAR1(other);
68*4afad4b7Schristos
69*4afad4b7Schristos bits = ISC_FSACCESS_READ | ISC_FSACCESS_LISTDIRECTORY;
70*4afad4b7Schristos
71*4afad4b7Schristos SET_AND_CLEAR(S_IRUSR, S_IRGRP, S_IROTH);
72*4afad4b7Schristos
73*4afad4b7Schristos bits = ISC_FSACCESS_WRITE | ISC_FSACCESS_CREATECHILD |
74*4afad4b7Schristos ISC_FSACCESS_DELETECHILD;
75*4afad4b7Schristos
76*4afad4b7Schristos SET_AND_CLEAR(S_IWUSR, S_IWGRP, S_IWOTH);
77*4afad4b7Schristos
78*4afad4b7Schristos bits = ISC_FSACCESS_EXECUTE | ISC_FSACCESS_ACCESSCHILD;
79*4afad4b7Schristos
80*4afad4b7Schristos SET_AND_CLEAR(S_IXUSR, S_IXGRP, S_IXOTH);
81*4afad4b7Schristos
82*4afad4b7Schristos INSIST(access == 0);
83*4afad4b7Schristos
84*4afad4b7Schristos if (chmod(path, mode) < 0) {
85*4afad4b7Schristos return (isc__errno2result(errno));
86*4afad4b7Schristos }
87*4afad4b7Schristos
88*4afad4b7Schristos return (ISC_R_SUCCESS);
89*4afad4b7Schristos }
90