Re: permissions: can you force ACL to be effective over unix perms?

To: debian-user <debian-user@lists.debian.org>
Subject: Re: permissions: can you force ACL to be effective over unix perms?
From: Joel Rees <joel.rees@gmail.com>
Date: Sat, 18 Jan 2014 17:34:48 +0900
Message-id: <[🔎] CAAr43iNzANauEGXBNfiXU_iLCbnuBgxWN0Di98p5MawoOv64Cg@mail.gmail.com>
In-reply-to: <[🔎] CAAr43iOfofOw6=niAJyO8-6tPNJ-g1WYkPzWwnH+-G9XDW6zrg@mail.gmail.com>
References: <[🔎] CAGk-VN-DR1031jRfRe+Hwc_y6nb+XwyJkq4gnURu7UEVE_D8Bg@mail.gmail.com> <[🔎] CAAr43iOfofOw6=niAJyO8-6tPNJ-g1WYkPzWwnH+-G9XDW6zrg@mail.gmail.com>

On Sat, Jan 18, 2014 at 7:07 AM, Joel Rees <joel.rees@gmail.com> wrote:
> I have a little more time to work through what you originally wrote,
> sans certain assumptions I had when I originally responded.
>
> (And I didn't intend to post this off-list, so I'm posting it again, on list.
>
> Note -- if you aren't sure how to code some simple test routines using the C
> functions, let me know, and I'll post an example or two.)
>

You didn't ask, but I was feeling restless or something.  (My students
and family are complaining, even though it's taking more time to post
than it took to write.)

------------
/* Quick and dirty check of file permission results.
// By Joel Rees, Copyright 2014, permission for reasonable use granted.
// (Stupid Berne Convention.)
*/

#include <stdio.h>
#include <stdlib.h>

#define _GNU_SOURCE
#define __USE_GNU
#include <unistd.h>

static char const noStr[] = "Does not appear";
static char const yesStr[] = "Appears";



/* If euidaccess() is not available but eaccess is, enable this:
#define euidaccess eaccess
*/

/* If neither euidaccess() nor eaccess is available, comment this out:
*/
#define EFFECTIVE_AVAILABLE


int main( int argc, char * argv[] )
{
int argx;
if ( argc < 2 )
{ printf( "useage: %s <file> [<file2> ...]\n", argv[ 0 ] );
}
for ( argx = 1; argx < argc; ++argx )
{ char * file = argv[ argx ];
printf( "permissions for <%s>:\n", file );
if ( access( file, F_OK ) < 0 )
{ perror( "\tIs it there?" );
}
else
{
puts( "\treal user:\n" );
if ( access( file, R_OK ) < 0 )
{ perror( "\tRead-ability:" );
}
else
{ puts( "\tAppears read-able." );
}
if ( access( file, W_OK ) < 0 )
{ perror( "\tWrite-ability:" );
}
else
{ puts( "\tAppears write-able." );
}
if ( access( file, X_OK ) < 0 )
{ perror( "\texecute-ability:" );
}
else
{ puts( "\tAppears executable-able." );
}
#if defined EFFECTIVE_AVAILABLE
if ( euidaccess( file, R_OK ) < 0 )
{ perror( "\tRead-ability:" );
}
else
{ puts( "\tAppears read-able." );
}
if ( euidaccess( file, W_OK ) < 0 )
{ perror( "\tWrite-ability:" );
}
else
{ puts( "\tAppears write-able." );
}
if ( euidaccess( file, X_OK ) < 0 )
{ perror( "\texecute-ability:" );
}
else
{ puts( "\tAppears executable-able." );
}
#endif /* defined EFFECTIVE_AVAILABLE */
}
}
return EXIT_SUCCESS;
}
------------

Indent for readability, since the tabs didn't make it through gmail's
junk. Yes, I could've used Sylpheed, but that would have taken an
extra couple of minutes.

Save as ckaccess.c or whatever.

Compile with cc -Wall -o ckaccess ckaccess.c

Run with ./ckaccess as I'm sure you understand.

Open a second terminal session and su or sudo as necessary to make
files and directories in your test directory owned and grouped and
ACLed as needed to test.

-- 
Joel Rees

Be careful where you see conspiracy.
Look first in your own heart.

Reply to:

References:
- permissions: can you force ACL to be effective over unix perms?
  - From: Bob Goldberg <bobg.hahc@gmail.com>
- Re: permissions: can you force ACL to be effective over unix perms?
  - From: Joel Rees <joel.rees@gmail.com>

Prev by Date: Re: Hey humans, I'm a machine
Next by Date: Re: Hey humans, I'm a machine
Previous by thread: Re: permissions: can you force ACL to be effective over unix perms?
Next by thread: Installing several OSes from a single flash drive
Index(es):
- Date
- Thread