xinstall.c revision 1.118
1 /* $NetBSD: xinstall.c,v 1.118 2015/06/15 07:05:09 martin Exp $ */ 2 3 /* 4 * Copyright (c) 1987, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #if HAVE_NBTOOL_CONFIG_H 33 #include "nbtool_config.h" 34 #else 35 #define HAVE_FUTIMES 1 36 #define HAVE_STRUCT_STAT_ST_FLAGS 1 37 #endif 38 39 #include <sys/cdefs.h> 40 #if defined(__COPYRIGHT) && !defined(lint) 41 __COPYRIGHT("@(#) Copyright (c) 1987, 1993\ 42 The Regents of the University of California. All rights reserved."); 43 #endif /* not lint */ 44 45 #if defined(__RCSID) && !defined(lint) 46 #if 0 47 static char sccsid[] = "@(#)xinstall.c 8.1 (Berkeley) 7/21/93"; 48 #else 49 __RCSID("$NetBSD: xinstall.c,v 1.118 2015/06/15 07:05:09 martin Exp $"); 50 #endif 51 #endif /* not lint */ 52 53 #define __MKTEMP_OK__ /* All uses of mktemp have been checked */ 54 #include <sys/param.h> 55 #include <sys/mman.h> 56 #include <sys/stat.h> 57 #include <sys/wait.h> 58 #include <sys/time.h> 59 60 #include <ctype.h> 61 #include <err.h> 62 #include <errno.h> 63 #include <fcntl.h> 64 #include <grp.h> 65 #include <libgen.h> 66 #include <paths.h> 67 #include <pwd.h> 68 #include <stdio.h> 69 #include <stdlib.h> 70 #include <string.h> 71 #include <unistd.h> 72 #include <util.h> 73 #include <vis.h> 74 75 #ifdef HAVE_POSIX_SPAWN 76 #include <spawn.h> 77 #endif 78 79 #include <md5.h> 80 #include <rmd160.h> 81 #include <sha1.h> 82 #include <sha2.h> 83 84 #include "pathnames.h" 85 #include "mtree.h" 86 87 #define STRIP_ARGS_MAX 32 88 #define BACKUP_SUFFIX ".old" 89 90 static int dobackup, dodir, dostrip, dolink, dopreserve, dorename, dounpriv; 91 static int haveopt_f, haveopt_g, haveopt_m, haveopt_o; 92 static int numberedbackup; 93 static int mode = S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH; 94 static char pathbuf[MAXPATHLEN]; 95 static uid_t uid = -1; 96 static gid_t gid = -1; 97 static char *group, *owner, *fflags, *tags; 98 static FILE *metafp; 99 static char *metafile; 100 static u_long fileflags; 101 static char *stripArgs; 102 static char *afterinstallcmd; 103 static const char *suffix = BACKUP_SUFFIX; 104 static char *destdir; 105 106 enum { 107 DIGEST_NONE = 0, 108 DIGEST_MD5, 109 DIGEST_RMD160, 110 DIGEST_SHA1, 111 DIGEST_SHA256, 112 DIGEST_SHA384, 113 DIGEST_SHA512, 114 } digesttype = DIGEST_NONE; 115 116 static char *digest; 117 118 #define LN_ABSOLUTE 0x01 119 #define LN_RELATIVE 0x02 120 #define LN_HARD 0x04 121 #define LN_SYMBOLIC 0x08 122 #define LN_MIXED 0x10 123 124 #define DIRECTORY 0x01 /* Tell install it's a directory. */ 125 #define SETFLAGS 0x02 /* Tell install to set flags. */ 126 #define HASUID 0x04 /* Tell install the uid was given */ 127 #define HASGID 0x08 /* Tell install the gid was given */ 128 129 static void afterinstall(const char *, const char *, int); 130 static void backup(const char *); 131 static char *copy(int, char *, int, char *, off_t); 132 static int do_link(char *, char *); 133 static void do_symlink(char *, char *); 134 static void install(char *, char *, u_int); 135 static void install_dir(char *, u_int); 136 static void makelink(char *, char *); 137 static void metadata_log(const char *, const char *, struct timeval *, 138 const char *, const char *, off_t); 139 static int parseid(char *, id_t *); 140 static void strip(char *); 141 __dead static void usage(void); 142 static char *xbasename(char *); 143 static char *xdirname(char *); 144 145 int 146 main(int argc, char *argv[]) 147 { 148 struct stat from_sb, to_sb; 149 void *set; 150 u_int iflags; 151 int ch, no_target; 152 char *p, *to_name; 153 154 setprogname(argv[0]); 155 156 iflags = 0; 157 while ((ch = getopt(argc, argv, "a:cbB:dD:f:g:h:l:m:M:N:o:prsS:T:U")) 158 != -1) 159 switch((char)ch) { 160 case 'a': 161 afterinstallcmd = strdup(optarg); 162 if (afterinstallcmd == NULL) 163 errx(1, "%s", strerror(ENOMEM)); 164 break; 165 case 'B': 166 suffix = optarg; 167 numberedbackup = 0; 168 { 169 /* Check if given suffix really generates 170 different suffixes - catch e.g. ".%" */ 171 char suffix_expanded0[FILENAME_MAX], 172 suffix_expanded1[FILENAME_MAX]; 173 (void)snprintf(suffix_expanded0, FILENAME_MAX, 174 suffix, 0); 175 (void)snprintf(suffix_expanded1, FILENAME_MAX, 176 suffix, 1); 177 if (strcmp(suffix_expanded0, suffix_expanded1) 178 != 0) 179 numberedbackup = 1; 180 } 181 /* fall through; -B implies -b */ 182 /*FALLTHROUGH*/ 183 case 'b': 184 dobackup = 1; 185 break; 186 case 'c': 187 /* ignored; was "docopy" which is now the default. */ 188 break; 189 case 'd': 190 dodir = 1; 191 break; 192 case 'D': 193 destdir = optarg; 194 break; 195 #if ! HAVE_NBTOOL_CONFIG_H 196 case 'f': 197 haveopt_f = 1; 198 fflags = optarg; 199 break; 200 #endif 201 case 'g': 202 haveopt_g = 1; 203 group = optarg; 204 break; 205 case 'h': 206 digest = optarg; 207 break; 208 case 'l': 209 for (p = optarg; *p; p++) 210 switch (*p) { 211 case 's': 212 dolink &= ~(LN_HARD|LN_MIXED); 213 dolink |= LN_SYMBOLIC; 214 break; 215 case 'h': 216 dolink &= ~(LN_SYMBOLIC|LN_MIXED); 217 dolink |= LN_HARD; 218 break; 219 case 'm': 220 dolink &= ~(LN_SYMBOLIC|LN_HARD); 221 dolink |= LN_MIXED; 222 break; 223 case 'a': 224 dolink &= ~LN_RELATIVE; 225 dolink |= LN_ABSOLUTE; 226 break; 227 case 'r': 228 dolink &= ~LN_ABSOLUTE; 229 dolink |= LN_RELATIVE; 230 break; 231 default: 232 errx(1, "%c: invalid link type", *p); 233 /* NOTREACHED */ 234 } 235 break; 236 case 'm': 237 haveopt_m = 1; 238 if (!(set = setmode(optarg))) 239 err(1, "Cannot set file mode `%s'", optarg); 240 mode = getmode(set, 0); 241 free(set); 242 break; 243 case 'M': 244 metafile = optarg; 245 break; 246 case 'N': 247 if (! setup_getid(optarg)) 248 errx(1, 249 "Unable to use user and group databases in `%s'", 250 optarg); 251 break; 252 case 'o': 253 haveopt_o = 1; 254 owner = optarg; 255 break; 256 case 'p': 257 dopreserve = 1; 258 break; 259 case 'r': 260 dorename = 1; 261 break; 262 case 'S': 263 stripArgs = strdup(optarg); 264 if (stripArgs == NULL) 265 errx(1, "%s", strerror(ENOMEM)); 266 /* fall through; -S implies -s */ 267 /*FALLTHROUGH*/ 268 case 's': 269 dostrip = 1; 270 break; 271 case 'T': 272 tags = optarg; 273 break; 274 case 'U': 275 dounpriv = 1; 276 break; 277 case '?': 278 default: 279 usage(); 280 } 281 argc -= optind; 282 argv += optind; 283 284 /* strip and link options make no sense when creating directories */ 285 if ((dostrip || dolink) && dodir) 286 usage(); 287 288 /* strip and flags make no sense with links */ 289 if ((dostrip || fflags) && dolink) 290 usage(); 291 292 /* must have at least two arguments, except when creating directories */ 293 if (argc < 2 && !dodir) 294 usage(); 295 296 if (digest) { 297 if (0) { 298 } else if (strcmp(digest, "none") == 0) { 299 digesttype = DIGEST_NONE; 300 } else if (strcmp(digest, "md5") == 0) { 301 digesttype = DIGEST_MD5; 302 } else if (strcmp(digest, "rmd160") == 0) { 303 digesttype = DIGEST_RMD160; 304 } else if (strcmp(digest, "sha1") == 0) { 305 digesttype = DIGEST_SHA1; 306 } else if (strcmp(digest, "sha256") == 0) { 307 digesttype = DIGEST_SHA256; 308 } else if (strcmp(digest, "sha384") == 0) { 309 digesttype = DIGEST_SHA384; 310 } else if (strcmp(digest, "sha512") == 0) { 311 digesttype = DIGEST_SHA512; 312 } else { 313 warnx("unknown digest `%s'", digest); 314 usage(); 315 } 316 } 317 318 /* get group and owner id's */ 319 if (group && !dounpriv) { 320 if (gid_from_group(group, &gid) == -1) { 321 id_t id; 322 if (!parseid(group, &id)) 323 errx(1, "unknown group %s", group); 324 gid = id; 325 } 326 iflags |= HASGID; 327 } 328 if (owner && !dounpriv) { 329 if (uid_from_user(owner, &uid) == -1) { 330 id_t id; 331 if (!parseid(owner, &id)) 332 errx(1, "unknown user %s", owner); 333 uid = id; 334 } 335 iflags |= HASUID; 336 } 337 338 #if ! HAVE_NBTOOL_CONFIG_H 339 if (fflags && !dounpriv) { 340 if (string_to_flags(&fflags, &fileflags, NULL)) 341 errx(1, "%s: invalid flag", fflags); 342 /* restore fflags since string_to_flags() changed it */ 343 fflags = flags_to_string(fileflags, "-"); 344 iflags |= SETFLAGS; 345 } 346 #endif 347 348 if (metafile) { 349 if ((metafp = fopen(metafile, "a")) == NULL) 350 warn("open %s", metafile); 351 } else 352 digesttype = DIGEST_NONE; 353 354 if (dodir) { 355 for (; *argv != NULL; ++argv) 356 install_dir(*argv, iflags); 357 exit (0); 358 } 359 360 no_target = stat(to_name = argv[argc - 1], &to_sb); 361 if (!no_target && S_ISDIR(to_sb.st_mode)) { 362 for (; *argv != to_name; ++argv) 363 install(*argv, to_name, iflags | DIRECTORY); 364 exit(0); 365 } 366 367 /* can't do file1 file2 directory/file */ 368 if (argc != 2) { 369 errx(EXIT_FAILURE, "the last argument (%s) " 370 "must name an existing directory", argv[argc - 1]); 371 /* NOTREACHED */ 372 } 373 374 if (!no_target) { 375 /* makelink() handles checks for links */ 376 if (!dolink) { 377 if (stat(*argv, &from_sb)) 378 err(1, "%s: stat", *argv); 379 if (!S_ISREG(to_sb.st_mode)) 380 errx(1, "%s: not a regular file", to_name); 381 if (to_sb.st_dev == from_sb.st_dev && 382 to_sb.st_ino == from_sb.st_ino) 383 errx(1, "%s and %s are the same file", *argv, 384 to_name); 385 } 386 /* 387 * Unlink now... avoid ETXTBSY errors later. Try and turn 388 * off the append/immutable bits -- if we fail, go ahead, 389 * it might work. 390 */ 391 #if ! HAVE_NBTOOL_CONFIG_H 392 #define NOCHANGEBITS (UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND) 393 if (to_sb.st_flags & NOCHANGEBITS) 394 (void)chflags(to_name, 395 to_sb.st_flags & ~(NOCHANGEBITS)); 396 #endif 397 if (dobackup) 398 backup(to_name); 399 else if (!dorename) 400 (void)unlink(to_name); 401 } 402 install(*argv, to_name, iflags); 403 exit(0); 404 } 405 406 /* 407 * parseid -- 408 * parse uid or gid from arg into id, returning non-zero if successful 409 */ 410 static int 411 parseid(char *name, id_t *id) 412 { 413 char *ep; 414 415 errno = 0; 416 *id = (id_t)strtoul(name, &ep, 10); 417 if (errno || *ep != '\0') 418 return (0); 419 return (1); 420 } 421 422 /* 423 * do_link -- 424 * make a hard link, obeying dorename if set 425 * return -1 on failure 426 */ 427 static int 428 do_link(char *from_name, char *to_name) 429 { 430 char tmpl[MAXPATHLEN]; 431 int ret; 432 433 if (dorename) { 434 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 435 /* This usage is safe. */ 436 if (mktemp(tmpl) == NULL) 437 err(1, "%s: mktemp", tmpl); 438 ret = link(from_name, tmpl); 439 if (ret == 0) { 440 ret = rename(tmpl, to_name); 441 /* If rename has posix semantics, then the temporary 442 * file may still exist when from_name and to_name point 443 * to the same file, so unlink it unconditionally. 444 */ 445 (void)unlink(tmpl); 446 } 447 return (ret); 448 } else 449 return (link(from_name, to_name)); 450 } 451 452 /* 453 * do_symlink -- 454 * make a symbolic link, obeying dorename if set 455 * exit on failure 456 */ 457 static void 458 do_symlink(char *from_name, char *to_name) 459 { 460 char tmpl[MAXPATHLEN]; 461 462 if (dorename) { 463 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 464 /* This usage is safe. */ 465 if (mktemp(tmpl) == NULL) 466 err(1, "%s: mktemp", tmpl); 467 468 if (symlink(from_name, tmpl) == -1) 469 err(1, "symlink %s -> %s", from_name, tmpl); 470 if (rename(tmpl, to_name) == -1) { 471 /* remove temporary link before exiting */ 472 (void)unlink(tmpl); 473 err(1, "%s: rename", to_name); 474 } 475 } else { 476 if (symlink(from_name, to_name) == -1) 477 err(1, "symlink %s -> %s", from_name, to_name); 478 } 479 } 480 481 /* 482 * makelink -- 483 * make a link from source to destination 484 */ 485 static void 486 makelink(char *from_name, char *to_name) 487 { 488 char src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN]; 489 struct stat to_sb; 490 491 /* Try hard links first */ 492 if (dolink & (LN_HARD|LN_MIXED)) { 493 if (do_link(from_name, to_name) == -1) { 494 if ((dolink & LN_HARD) || errno != EXDEV) 495 err(1, "link %s -> %s", from_name, to_name); 496 } else { 497 if (stat(to_name, &to_sb)) 498 err(1, "%s: stat", to_name); 499 if (S_ISREG(to_sb.st_mode)) { 500 /* XXX: hard links to anything 501 * other than plain files are not 502 * metalogged 503 */ 504 int omode; 505 char *oowner, *ogroup, *offlags; 506 char *dres; 507 508 /* XXX: use underlying perms, 509 * unless overridden on command line. 510 */ 511 omode = mode; 512 if (!haveopt_m) 513 mode = (to_sb.st_mode & 0777); 514 oowner = owner; 515 if (!haveopt_o) 516 owner = NULL; 517 ogroup = group; 518 if (!haveopt_g) 519 group = NULL; 520 offlags = fflags; 521 if (!haveopt_f) 522 fflags = NULL; 523 switch (digesttype) { 524 case DIGEST_MD5: 525 dres = MD5File(from_name, NULL); 526 break; 527 case DIGEST_RMD160: 528 dres = RMD160File(from_name, NULL); 529 break; 530 case DIGEST_SHA1: 531 dres = SHA1File(from_name, NULL); 532 break; 533 case DIGEST_SHA256: 534 dres = SHA256_File(from_name, NULL); 535 break; 536 case DIGEST_SHA384: 537 dres = SHA384_File(from_name, NULL); 538 break; 539 case DIGEST_SHA512: 540 dres = SHA512_File(from_name, NULL); 541 break; 542 default: 543 dres = NULL; 544 } 545 metadata_log(to_name, "file", NULL, NULL, 546 dres, to_sb.st_size); 547 free(dres); 548 mode = omode; 549 owner = oowner; 550 group = ogroup; 551 fflags = offlags; 552 } 553 return; 554 } 555 } 556 557 /* Symbolic links */ 558 if (dolink & LN_ABSOLUTE) { 559 /* Convert source path to absolute */ 560 if (realpath(from_name, src) == NULL) 561 err(1, "%s: realpath", from_name); 562 do_symlink(src, to_name); 563 /* XXX: src may point outside of destdir */ 564 metadata_log(to_name, "link", NULL, src, NULL, 0); 565 return; 566 } 567 568 if (dolink & LN_RELATIVE) { 569 char *cp, *d, *s; 570 571 /* Resolve pathnames */ 572 if (realpath(from_name, src) == NULL) 573 err(1, "%s: realpath", from_name); 574 575 /* 576 * The last component of to_name may be a symlink, 577 * so use realpath to resolve only the directory. 578 */ 579 cp = xdirname(to_name); 580 if (realpath(cp, dst) == NULL) 581 err(1, "%s: realpath", cp); 582 /* .. and add the last component */ 583 if (strcmp(dst, "/") != 0) { 584 if (strlcat(dst, "/", sizeof(dst)) > sizeof(dst)) 585 errx(1, "resolved pathname too long"); 586 } 587 cp = xbasename(to_name); 588 if (strlcat(dst, cp, sizeof(dst)) > sizeof(dst)) 589 errx(1, "resolved pathname too long"); 590 591 /* trim common path components */ 592 for (s = src, d = dst; *s == *d; s++, d++) 593 continue; 594 while (*s != '/') 595 s--, d--; 596 597 /* count the number of directories we need to backtrack */ 598 for (++d, lnk[0] = '\0'; *d; d++) 599 if (*d == '/') 600 (void)strlcat(lnk, "../", sizeof(lnk)); 601 602 (void)strlcat(lnk, ++s, sizeof(lnk)); 603 604 do_symlink(lnk, to_name); 605 /* XXX: lnk may point outside of destdir */ 606 metadata_log(to_name, "link", NULL, lnk, NULL, 0); 607 return; 608 } 609 610 /* 611 * If absolute or relative was not specified, 612 * try the names the user provided 613 */ 614 do_symlink(from_name, to_name); 615 /* XXX: from_name may point outside of destdir */ 616 metadata_log(to_name, "link", NULL, from_name, NULL, 0); 617 } 618 619 /* 620 * install -- 621 * build a path name and install the file 622 */ 623 static void 624 install(char *from_name, char *to_name, u_int flags) 625 { 626 struct stat from_sb; 627 struct stat to_sb; 628 struct timeval tv[2]; 629 off_t size; 630 int devnull, from_fd, to_fd, serrno, tmpmode; 631 char *p, tmpl[MAXPATHLEN], *oto_name, *digestresult; 632 633 size = -1; 634 if (!dolink) { 635 /* ensure that from_sb & tv are sane if !dolink */ 636 if (stat(from_name, &from_sb)) 637 err(1, "%s: stat", from_name); 638 size = from_sb.st_size; 639 #if BSD4_4 && !HAVE_NBTOOL_CONFIG_H 640 TIMESPEC_TO_TIMEVAL(&tv[0], &from_sb.st_atimespec); 641 TIMESPEC_TO_TIMEVAL(&tv[1], &from_sb.st_mtimespec); 642 #else 643 tv[0].tv_sec = from_sb.st_atime; 644 tv[0].tv_usec = 0; 645 tv[1].tv_sec = from_sb.st_mtime; 646 tv[1].tv_usec = 0; 647 #endif 648 } 649 650 if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL) != 0) { 651 devnull = 0; 652 if (!dolink) { 653 if (!S_ISREG(from_sb.st_mode)) 654 errx(1, "%s: not a regular file", from_name); 655 } 656 /* Build the target path. */ 657 if (flags & DIRECTORY) { 658 (void)snprintf(pathbuf, sizeof(pathbuf), "%s/%s", 659 to_name, 660 (p = strrchr(from_name, '/')) ? ++p : from_name); 661 to_name = pathbuf; 662 } 663 } else { 664 devnull = 1; 665 size = 0; 666 #if HAVE_STRUCT_STAT_ST_FLAGS 667 from_sb.st_flags = 0; /* XXX */ 668 #endif 669 } 670 671 /* 672 * Unlink now... avoid ETXTBSY errors later. Try and turn 673 * off the append/immutable bits -- if we fail, go ahead, 674 * it might work. 675 */ 676 #if ! HAVE_NBTOOL_CONFIG_H 677 if (stat(to_name, &to_sb) == 0 && 678 to_sb.st_flags & (NOCHANGEBITS)) 679 (void)chflags(to_name, to_sb.st_flags & ~(NOCHANGEBITS)); 680 #endif 681 if (dorename) { 682 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 683 oto_name = to_name; 684 to_name = tmpl; 685 } else { 686 oto_name = NULL; /* pacify gcc */ 687 if (dobackup) 688 backup(to_name); 689 else 690 (void)unlink(to_name); 691 } 692 693 if (dolink) { 694 makelink(from_name, dorename ? oto_name : to_name); 695 return; 696 } 697 698 /* Create target. */ 699 if (dorename) { 700 if ((to_fd = mkstemp(to_name)) == -1) 701 err(1, "%s: mkstemp", to_name); 702 } else { 703 if ((to_fd = open(to_name, 704 O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR | S_IWUSR)) < 0) 705 err(1, "%s: open", to_name); 706 } 707 digestresult = NULL; 708 if (!devnull) { 709 if ((from_fd = open(from_name, O_RDONLY, 0)) < 0) { 710 (void)unlink(to_name); 711 err(1, "%s: open", from_name); 712 } 713 digestresult = 714 copy(from_fd, from_name, to_fd, to_name, from_sb.st_size); 715 (void)close(from_fd); 716 } 717 718 if (dostrip) { 719 strip(to_name); 720 721 /* 722 * Re-open our fd on the target, in case we used a strip 723 * that does not work in-place -- like gnu binutils strip. 724 */ 725 close(to_fd); 726 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0) 727 err(1, "stripping %s", to_name); 728 729 /* 730 * Recalculate size and digestresult after stripping. 731 */ 732 if (fstat(to_fd, &to_sb) != 0) 733 err(1, "%s: fstat", to_name); 734 size = to_sb.st_size; 735 digestresult = 736 copy(to_fd, to_name, -1, NULL, size); 737 738 } 739 740 if (afterinstallcmd != NULL) { 741 afterinstall(afterinstallcmd, to_name, 1); 742 743 /* 744 * Re-open our fd on the target, in case we used an 745 * after-install command that does not work in-place 746 */ 747 close(to_fd); 748 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0) 749 err(1, "running after install command on %s", to_name); 750 } 751 752 /* 753 * Set owner, group, mode for target; do the chown first, 754 * chown may lose the setuid bits. 755 */ 756 if (!dounpriv && 757 (flags & (HASUID | HASGID)) && fchown(to_fd, uid, gid) == -1) { 758 serrno = errno; 759 (void)unlink(to_name); 760 errx(1, "%s: chown/chgrp: %s", to_name, strerror(serrno)); 761 } 762 tmpmode = mode; 763 if (dounpriv) 764 tmpmode &= S_IRWXU|S_IRWXG|S_IRWXO; 765 if (fchmod(to_fd, tmpmode) == -1) { 766 serrno = errno; 767 (void)unlink(to_name); 768 errx(1, "%s: chmod: %s", to_name, strerror(serrno)); 769 } 770 771 /* 772 * Preserve the date of the source file. 773 */ 774 if (dopreserve) { 775 #if HAVE_FUTIMES 776 if (futimes(to_fd, tv) == -1) 777 warn("%s: futimes", to_name); 778 #else 779 if (utimes(to_name, tv) == -1) 780 warn("%s: utimes", to_name); 781 #endif 782 } 783 784 (void)close(to_fd); 785 786 if (dorename) { 787 if (rename(to_name, oto_name) == -1) 788 err(1, "%s: rename", to_name); 789 to_name = oto_name; 790 } 791 792 /* 793 * If provided a set of flags, set them, otherwise, preserve the 794 * flags, except for the dump flag. 795 */ 796 #if ! HAVE_NBTOOL_CONFIG_H 797 if (!dounpriv && chflags(to_name, 798 flags & SETFLAGS ? fileflags : from_sb.st_flags & ~UF_NODUMP) == -1) 799 { 800 if (errno != EOPNOTSUPP || (from_sb.st_flags & ~UF_NODUMP) != 0) 801 warn("%s: chflags", to_name); 802 } 803 #endif 804 805 metadata_log(to_name, "file", tv, NULL, digestresult, size); 806 free(digestresult); 807 } 808 809 /* 810 * copy -- 811 * copy from one file to another, returning a digest. 812 * 813 * If to_fd < 0, just calculate a digest, don't copy. 814 */ 815 static char * 816 copy(int from_fd, char *from_name, int to_fd, char *to_name, off_t size) 817 { 818 ssize_t nr, nw; 819 int serrno; 820 u_char *p; 821 u_char buf[MAXBSIZE]; 822 MD5_CTX ctxMD5; 823 RMD160_CTX ctxRMD160; 824 SHA1_CTX ctxSHA1; 825 SHA256_CTX ctxSHA256; 826 SHA384_CTX ctxSHA384; 827 SHA512_CTX ctxSHA512; 828 829 switch (digesttype) { 830 case DIGEST_MD5: 831 MD5Init(&ctxMD5); 832 break; 833 case DIGEST_RMD160: 834 RMD160Init(&ctxRMD160); 835 break; 836 case DIGEST_SHA1: 837 SHA1Init(&ctxSHA1); 838 break; 839 case DIGEST_SHA256: 840 SHA256_Init(&ctxSHA256); 841 break; 842 case DIGEST_SHA384: 843 SHA384_Init(&ctxSHA384); 844 break; 845 case DIGEST_SHA512: 846 SHA512_Init(&ctxSHA512); 847 break; 848 case DIGEST_NONE: 849 if (to_fd < 0) 850 return NULL; /* no need to do anything */ 851 default: 852 break; 853 } 854 /* 855 * There's no reason to do anything other than close the file 856 * now if it's empty, so let's not bother. 857 */ 858 if (size > 0) { 859 860 /* 861 * Mmap and write if less than 8M (the limit is so we 862 * don't totally trash memory on big files). This is 863 * really a minor hack, but it wins some CPU back. 864 */ 865 866 if (size <= 8 * 1048576) { 867 if ((p = mmap(NULL, (size_t)size, PROT_READ, 868 MAP_FILE|MAP_SHARED, from_fd, (off_t)0)) 869 == MAP_FAILED) { 870 goto mmap_failed; 871 } 872 #if defined(MADV_SEQUENTIAL) && !defined(__APPLE__) 873 if (madvise(p, (size_t)size, MADV_SEQUENTIAL) == -1 874 && errno != EOPNOTSUPP) 875 warnx("madvise: %s", strerror(errno)); 876 #endif 877 878 if (to_fd >= 0 && write(to_fd, p, size) != size) { 879 serrno = errno; 880 (void)unlink(to_name); 881 errx(1, "%s: write: %s", 882 to_name, strerror(serrno)); 883 } 884 switch (digesttype) { 885 case DIGEST_MD5: 886 MD5Update(&ctxMD5, p, size); 887 break; 888 case DIGEST_RMD160: 889 RMD160Update(&ctxRMD160, p, size); 890 break; 891 case DIGEST_SHA1: 892 SHA1Update(&ctxSHA1, p, size); 893 break; 894 case DIGEST_SHA256: 895 SHA256_Update(&ctxSHA256, p, size); 896 break; 897 case DIGEST_SHA384: 898 SHA384_Update(&ctxSHA384, p, size); 899 break; 900 case DIGEST_SHA512: 901 SHA512_Update(&ctxSHA512, p, size); 902 break; 903 default: 904 break; 905 } 906 (void)munmap(p, size); 907 } else { 908 mmap_failed: 909 while ((nr = read(from_fd, buf, sizeof(buf))) > 0) { 910 if (to_fd >= 0 && 911 (nw = write(to_fd, buf, nr)) != nr) { 912 serrno = errno; 913 (void)unlink(to_name); 914 errx(1, "%s: write: %s", to_name, 915 strerror(nw > 0 ? EIO : serrno)); 916 } 917 switch (digesttype) { 918 case DIGEST_MD5: 919 MD5Update(&ctxMD5, buf, nr); 920 break; 921 case DIGEST_RMD160: 922 RMD160Update(&ctxRMD160, buf, nr); 923 break; 924 case DIGEST_SHA1: 925 SHA1Update(&ctxSHA1, buf, nr); 926 break; 927 case DIGEST_SHA256: 928 SHA256_Update(&ctxSHA256, buf, nr); 929 break; 930 case DIGEST_SHA384: 931 SHA384_Update(&ctxSHA384, buf, nr); 932 break; 933 case DIGEST_SHA512: 934 SHA512_Update(&ctxSHA512, buf, nr); 935 break; 936 default: 937 break; 938 } 939 } 940 if (nr != 0) { 941 serrno = errno; 942 (void)unlink(to_name); 943 errx(1, "%s: read: %s", from_name, strerror(serrno)); 944 } 945 } 946 } 947 switch (digesttype) { 948 case DIGEST_MD5: 949 return MD5End(&ctxMD5, NULL); 950 case DIGEST_RMD160: 951 return RMD160End(&ctxRMD160, NULL); 952 case DIGEST_SHA1: 953 return SHA1End(&ctxSHA1, NULL); 954 case DIGEST_SHA256: 955 return SHA256_End(&ctxSHA256, NULL); 956 case DIGEST_SHA384: 957 return SHA384_End(&ctxSHA384, NULL); 958 case DIGEST_SHA512: 959 return SHA512_End(&ctxSHA512, NULL); 960 default: 961 return NULL; 962 } 963 } 964 965 /* 966 * strip -- 967 * use strip(1) to strip the target file 968 */ 969 static void 970 strip(char *to_name) 971 { 972 int status; 973 #ifdef HAVE_POSIX_SPAWN 974 char *args[4]; 975 const char *stripprog; 976 int rv; 977 #else 978 static const char exec_failure[] = ": exec of strip failed: "; 979 int serrno; 980 const char * volatile *progname, *stripprog; 981 #endif 982 char *cmd; 983 984 if ((stripprog = getenv("STRIP")) == NULL || *stripprog == '\0') { 985 #ifdef TARGET_STRIP 986 stripprog = TARGET_STRIP; 987 #else 988 stripprog = _PATH_STRIP; 989 #endif 990 } 991 992 cmd = NULL; 993 994 if (stripArgs) { 995 /* 996 * Build up a command line and let /bin/sh 997 * parse the arguments. 998 */ 999 int ret = asprintf(&cmd, "%s %s %s", stripprog, stripArgs, 1000 to_name); 1001 1002 if (ret == -1 || cmd == NULL) 1003 err(1, "asprintf failed"); 1004 } 1005 1006 #ifdef HAVE_POSIX_SPAWN 1007 status = -1; 1008 if (stripArgs) { 1009 args[0] = __UNCONST("sh"); 1010 args[1] = __UNCONST("-c"); 1011 args[2] = cmd; 1012 args[3] = NULL; 1013 rv = posix_spawn(NULL, _PATH_BSHELL, NULL, NULL, args, NULL); 1014 } else { 1015 args[0] = __UNCONST(strip); 1016 args[1] = to_name; 1017 args[2] = NULL; 1018 rv = posix_spawnp(NULL, stripprog, NULL, NULL, args, NULL); 1019 } 1020 1021 if (rv == 0) 1022 wait(&status); 1023 if (rv || status == -1) 1024 unlink(to_name); 1025 #else 1026 switch (vfork()) { 1027 case -1: 1028 serrno = errno; 1029 (void)unlink(to_name); 1030 errx(1, "vfork: %s", strerror(serrno)); 1031 /*NOTREACHED*/ 1032 case 0: 1033 1034 if (stripArgs) 1035 execl(_PATH_BSHELL, "sh", "-c", cmd, NULL); 1036 else 1037 execlp(stripprog, "strip", to_name, NULL); 1038 1039 progname = getprogname(); 1040 write(STDERR_FILENO, progname, strlen(progname)); 1041 write(STDERR_FILENO, exec_failure, strlen(exec_failure)); 1042 write(STDERR_FILENO, stripprog, strlen(stripprog)); 1043 write(STDERR_FILENO, "\n", 1); 1044 _exit(1); 1045 /*NOTREACHED*/ 1046 default: 1047 if (wait(&status) == -1 || status) 1048 (void)unlink(to_name); 1049 } 1050 #endif 1051 1052 free(cmd); 1053 } 1054 1055 /* 1056 * afterinstall -- 1057 * run provided command on the target file or directory after it's been 1058 * installed and stripped, but before permissions are set or it's renamed 1059 */ 1060 static void 1061 afterinstall(const char *command, const char *to_name, int errunlink) 1062 { 1063 #ifdef HAVE_POSIX_SPAWN 1064 char *args[4]; 1065 int rv; 1066 #else 1067 int serrno; 1068 #endif 1069 int status; 1070 char *cmd; 1071 1072 #ifdef HAVE_POSIX_SPAWN 1073 /* 1074 * build up a command line and let /bin/sh 1075 * parse the arguments 1076 */ 1077 asprintf(&cmd, "%s %s", command, to_name); 1078 args[0] = __UNCONST("sh"); 1079 args[1] = __UNCONST("-c"); 1080 args[2] = cmd; 1081 args[3] = NULL; 1082 1083 rv = posix_spawn(NULL, _PATH_BSHELL, NULL, NULL, args, NULL); 1084 if (rv == 0) 1085 wait(&status); 1086 if ((rv || status == -1) && errunlink) 1087 (void)unlink(to_name); 1088 free(cmd); 1089 #else 1090 switch (vfork()) { 1091 case -1: 1092 serrno = errno; 1093 if (errunlink) 1094 (void)unlink(to_name); 1095 errx(1, "vfork: %s", strerror(serrno)); 1096 /*NOTREACHED*/ 1097 case 0: 1098 /* 1099 * build up a command line and let /bin/sh 1100 * parse the arguments 1101 */ 1102 cmd = (char*)malloc(sizeof(char)* 1103 (2+strlen(command)+ 1104 strlen(to_name))); 1105 1106 if (cmd == NULL) 1107 errx(1, "%s", strerror(ENOMEM)); 1108 1109 sprintf(cmd, "%s %s", command, to_name); 1110 1111 execl(_PATH_BSHELL, "sh", "-c", cmd, NULL); 1112 1113 warn("%s: exec of after install command", command); 1114 _exit(1); 1115 /*NOTREACHED*/ 1116 default: 1117 if ((wait(&status) == -1 || status) && errunlink) 1118 (void)unlink(to_name); 1119 } 1120 #endif 1121 } 1122 1123 /* 1124 * backup -- 1125 * backup file "to_name" to to_name.suffix 1126 * if suffix contains a "%", it's taken as a printf(3) pattern 1127 * used for a numbered backup. 1128 */ 1129 static void 1130 backup(const char *to_name) 1131 { 1132 char bname[FILENAME_MAX]; 1133 1134 if (numberedbackup) { 1135 /* Do numbered backup */ 1136 int cnt; 1137 char suffix_expanded[FILENAME_MAX]; 1138 1139 cnt=0; 1140 do { 1141 (void)snprintf(suffix_expanded, FILENAME_MAX, suffix, 1142 cnt); 1143 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name, 1144 suffix_expanded); 1145 cnt++; 1146 } while (access(bname, F_OK) == 0); 1147 } else { 1148 /* Do simple backup */ 1149 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name, suffix); 1150 } 1151 1152 (void)rename(to_name, bname); 1153 } 1154 1155 /* 1156 * install_dir -- 1157 * build directory hierarchy 1158 */ 1159 static void 1160 install_dir(char *path, u_int flags) 1161 { 1162 char *p; 1163 struct stat sb; 1164 int ch; 1165 1166 for (p = path;; ++p) 1167 if (!*p || (p != path && *p == '/')) { 1168 ch = *p; 1169 *p = '\0'; 1170 if (mkdir(path, 0777) < 0) { 1171 /* 1172 * Can't create; path exists or no perms. 1173 * stat() path to determine what's there now. 1174 */ 1175 int sverrno; 1176 sverrno = errno; 1177 if (stat(path, &sb) < 0) { 1178 /* Not there; use mkdir()s error */ 1179 errno = sverrno; 1180 err(1, "%s: mkdir", path); 1181 } 1182 if (!S_ISDIR(sb.st_mode)) { 1183 errx(1, 1184 "%s exists but is not a directory", 1185 path); 1186 } 1187 } 1188 if (!(*p = ch)) 1189 break; 1190 } 1191 1192 if (afterinstallcmd != NULL) 1193 afterinstall(afterinstallcmd, path, 0); 1194 1195 if (!dounpriv && ( 1196 ((flags & (HASUID | HASGID)) && chown(path, uid, gid) == -1) 1197 || chmod(path, mode) == -1 )) { 1198 warn("%s: chown/chmod", path); 1199 } 1200 metadata_log(path, "dir", NULL, NULL, NULL, 0); 1201 } 1202 1203 /* 1204 * metadata_log -- 1205 * if metafp is not NULL, output mtree(8) full path name and settings to 1206 * metafp, to allow permissions to be set correctly by other tools, 1207 * or to allow integrity checks to be performed. 1208 */ 1209 static void 1210 metadata_log(const char *path, const char *type, struct timeval *tv, 1211 const char *slink, const char *digestresult, off_t size) 1212 { 1213 static const char extra[] = { ' ', '\t', '\n', '\\', '#', '\0' }; 1214 const char *p; 1215 char *buf; 1216 size_t destlen; 1217 struct flock metalog_lock; 1218 1219 if (!metafp) 1220 return; 1221 buf = (char *)malloc(4 * strlen(path) + 1); /* buf for strsvis(3) */ 1222 if (buf == NULL) { 1223 warnx("%s", strerror(ENOMEM)); 1224 return; 1225 } 1226 /* lock log file */ 1227 metalog_lock.l_start = 0; 1228 metalog_lock.l_len = 0; 1229 metalog_lock.l_whence = SEEK_SET; 1230 metalog_lock.l_type = F_WRLCK; 1231 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) { 1232 warn("can't lock %s", metafile); 1233 free(buf); 1234 return; 1235 } 1236 1237 p = path; /* remove destdir */ 1238 if (destdir) { 1239 destlen = strlen(destdir); 1240 if (strncmp(p, destdir, destlen) == 0 && 1241 (p[destlen] == '/' || p[destlen] == '\0')) 1242 p += destlen; 1243 } 1244 while (*p && *p == '/') /* remove leading /s */ 1245 p++; 1246 strsvis(buf, p, VIS_CSTYLE, extra); /* encode name */ 1247 p = buf; 1248 /* print details */ 1249 fprintf(metafp, ".%s%s type=%s", *p ? "/" : "", p, type); 1250 if (owner) 1251 fprintf(metafp, " uname=%s", owner); 1252 if (group) 1253 fprintf(metafp, " gname=%s", group); 1254 fprintf(metafp, " mode=%#o", mode); 1255 if (slink) { 1256 strsvis(buf, slink, VIS_CSTYLE, extra); /* encode link */ 1257 fprintf(metafp, " link=%s", buf); 1258 } 1259 if (*type == 'f') /* type=file */ 1260 fprintf(metafp, " size=%lld", (long long)size); 1261 if (tv != NULL && dopreserve) 1262 fprintf(metafp, " time=%lld.%0*lld", 1263 (long long)tv[1].tv_sec, 1264 (tv[1].tv_usec == 0 ? 1 : 9), 1265 (long long)tv[1].tv_usec * 1000); 1266 if (digestresult && digest) 1267 fprintf(metafp, " %s=%s", digest, digestresult); 1268 if (fflags) 1269 fprintf(metafp, " flags=%s", fflags); 1270 if (tags) 1271 fprintf(metafp, " tags=%s", tags); 1272 fputc('\n', metafp); 1273 fflush(metafp); /* flush output */ 1274 /* unlock log file */ 1275 metalog_lock.l_type = F_UNLCK; 1276 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) { 1277 warn("can't unlock %s", metafile); 1278 } 1279 free(buf); 1280 } 1281 1282 /* 1283 * xbasename -- 1284 * libc basename(3) that returns a pointer to a static buffer 1285 * instead of overwriting that passed-in string. 1286 */ 1287 static char * 1288 xbasename(char *path) 1289 { 1290 static char tmp[MAXPATHLEN]; 1291 1292 (void)strlcpy(tmp, path, sizeof(tmp)); 1293 return (basename(tmp)); 1294 } 1295 1296 /* 1297 * xdirname -- 1298 * libc dirname(3) that returns a pointer to a static buffer 1299 * instead of overwriting that passed-in string. 1300 */ 1301 static char * 1302 xdirname(char *path) 1303 { 1304 static char tmp[MAXPATHLEN]; 1305 1306 (void)strlcpy(tmp, path, sizeof(tmp)); 1307 return (dirname(tmp)); 1308 } 1309 1310 /* 1311 * usage -- 1312 * print a usage message and die 1313 */ 1314 static void 1315 usage(void) 1316 { 1317 const char *prog; 1318 1319 prog = getprogname(); 1320 1321 (void)fprintf(stderr, 1322 "usage: %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n" 1323 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group] \n" 1324 " [-l linkflags] [-h hash] [-S stripflags] file1 file2\n" 1325 " %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n" 1326 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group]\n" 1327 " [-l linkflags] [-h hash] [-S stripflags] file1 ... fileN directory\n" 1328 " %s -d [-Up] [-M log] [-D dest] [-T tags] [-a aftercmd] [-m mode]\n" 1329 " [-N dbdir] [-o owner] [-g group] directory ...\n", 1330 prog, prog, prog); 1331 exit(1); 1332 } 1333
Indexes created Mon Sep 29 15:09:53 GMT 2025