xinstall.c revision 1.120
1 /* $NetBSD: xinstall.c,v 1.120 2015/06/17 15:34:08 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1987, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #if HAVE_NBTOOL_CONFIG_H 33 #include "nbtool_config.h" 34 #else 35 #define HAVE_FUTIMES 1 36 #define HAVE_STRUCT_STAT_ST_FLAGS 1 37 #endif 38 39 #include <sys/cdefs.h> 40 #if defined(__COPYRIGHT) && !defined(lint) 41 __COPYRIGHT("@(#) Copyright (c) 1987, 1993\ 42 The Regents of the University of California. All rights reserved."); 43 #endif /* not lint */ 44 45 #if defined(__RCSID) && !defined(lint) 46 #if 0 47 static char sccsid[] = "@(#)xinstall.c 8.1 (Berkeley) 7/21/93"; 48 #else 49 __RCSID("$NetBSD: xinstall.c,v 1.120 2015/06/17 15:34:08 christos Exp $"); 50 #endif 51 #endif /* not lint */ 52 53 #define __MKTEMP_OK__ /* All uses of mktemp have been checked */ 54 #include <sys/param.h> 55 #include <sys/mman.h> 56 #include <sys/stat.h> 57 #include <sys/wait.h> 58 #include <sys/time.h> 59 60 #include <ctype.h> 61 #include <err.h> 62 #include <errno.h> 63 #include <fcntl.h> 64 #include <grp.h> 65 #include <libgen.h> 66 #include <paths.h> 67 #include <pwd.h> 68 #include <stdio.h> 69 #include <stdlib.h> 70 #include <string.h> 71 #include <unistd.h> 72 #include <util.h> 73 #include <vis.h> 74 75 #ifdef HAVE_POSIX_SPAWN 76 #include <spawn.h> 77 #endif 78 79 #include <md5.h> 80 #include <rmd160.h> 81 #include <sha1.h> 82 #include <sha2.h> 83 84 #include "pathnames.h" 85 #include "mtree.h" 86 #include "metachar.h" 87 88 #define BACKUP_SUFFIX ".old" 89 90 static int dobackup, dodir, dostrip, dolink, dopreserve, dorename, dounpriv; 91 static int haveopt_f, haveopt_g, haveopt_m, haveopt_o; 92 static int numberedbackup; 93 static int mode = S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH; 94 static char pathbuf[MAXPATHLEN]; 95 static uid_t uid = -1; 96 static gid_t gid = -1; 97 static char *group, *owner, *fflags, *tags; 98 static FILE *metafp; 99 static char *metafile; 100 static u_long fileflags; 101 static char *stripArgs; 102 static char *afterinstallcmd; 103 static const char *suffix = BACKUP_SUFFIX; 104 static char *destdir; 105 106 enum { 107 DIGEST_NONE = 0, 108 DIGEST_MD5, 109 DIGEST_RMD160, 110 DIGEST_SHA1, 111 DIGEST_SHA256, 112 DIGEST_SHA384, 113 DIGEST_SHA512, 114 } digesttype = DIGEST_NONE; 115 116 static char *digest; 117 118 #define LN_ABSOLUTE 0x01 119 #define LN_RELATIVE 0x02 120 #define LN_HARD 0x04 121 #define LN_SYMBOLIC 0x08 122 #define LN_MIXED 0x10 123 124 #define DIRECTORY 0x01 /* Tell install it's a directory. */ 125 #define SETFLAGS 0x02 /* Tell install to set flags. */ 126 #define HASUID 0x04 /* Tell install the uid was given */ 127 #define HASGID 0x08 /* Tell install the gid was given */ 128 129 static void afterinstall(const char *, const char *, int); 130 static void backup(const char *); 131 static char *copy(int, char *, int, char *, off_t); 132 static int do_link(char *, char *); 133 static void do_symlink(char *, char *); 134 static void install(char *, char *, u_int); 135 static void install_dir(char *, u_int); 136 static void makelink(char *, char *); 137 static void metadata_log(const char *, const char *, struct timeval *, 138 const char *, const char *, off_t); 139 static int parseid(char *, id_t *); 140 static void run(const char *, const char *, const char *, int); 141 static void strip(const char *); 142 __dead static void usage(void); 143 static char *xbasename(char *); 144 static char *xdirname(char *); 145 146 int 147 main(int argc, char *argv[]) 148 { 149 struct stat from_sb, to_sb; 150 void *set; 151 u_int iflags; 152 int ch, no_target; 153 char *p, *to_name; 154 155 setprogname(argv[0]); 156 157 iflags = 0; 158 while ((ch = getopt(argc, argv, "a:cbB:dD:f:g:h:l:m:M:N:o:prsS:T:U")) 159 != -1) 160 switch((char)ch) { 161 case 'a': 162 afterinstallcmd = strdup(optarg); 163 if (afterinstallcmd == NULL) 164 err(EXIT_FAILURE, 165 "Can't allocate after command"); 166 break; 167 case 'B': 168 suffix = optarg; 169 numberedbackup = 0; 170 { 171 /* Check if given suffix really generates 172 different suffixes - catch e.g. ".%" */ 173 char suffix_expanded0[FILENAME_MAX], 174 suffix_expanded1[FILENAME_MAX]; 175 (void)snprintf(suffix_expanded0, FILENAME_MAX, 176 suffix, 0); 177 (void)snprintf(suffix_expanded1, FILENAME_MAX, 178 suffix, 1); 179 if (strcmp(suffix_expanded0, suffix_expanded1) 180 != 0) 181 numberedbackup = 1; 182 } 183 /* fall through; -B implies -b */ 184 /*FALLTHROUGH*/ 185 case 'b': 186 dobackup = 1; 187 break; 188 case 'c': 189 /* ignored; was "docopy" which is now the default. */ 190 break; 191 case 'd': 192 dodir = 1; 193 break; 194 case 'D': 195 destdir = optarg; 196 break; 197 #if ! HAVE_NBTOOL_CONFIG_H 198 case 'f': 199 haveopt_f = 1; 200 fflags = optarg; 201 break; 202 #endif 203 case 'g': 204 haveopt_g = 1; 205 group = optarg; 206 break; 207 case 'h': 208 digest = optarg; 209 break; 210 case 'l': 211 for (p = optarg; *p; p++) 212 switch (*p) { 213 case 's': 214 dolink &= ~(LN_HARD|LN_MIXED); 215 dolink |= LN_SYMBOLIC; 216 break; 217 case 'h': 218 dolink &= ~(LN_SYMBOLIC|LN_MIXED); 219 dolink |= LN_HARD; 220 break; 221 case 'm': 222 dolink &= ~(LN_SYMBOLIC|LN_HARD); 223 dolink |= LN_MIXED; 224 break; 225 case 'a': 226 dolink &= ~LN_RELATIVE; 227 dolink |= LN_ABSOLUTE; 228 break; 229 case 'r': 230 dolink &= ~LN_ABSOLUTE; 231 dolink |= LN_RELATIVE; 232 break; 233 default: 234 errx(EXIT_FAILURE, "%c: invalid link type", *p); 235 /* NOTREACHED */ 236 } 237 break; 238 case 'm': 239 haveopt_m = 1; 240 if (!(set = setmode(optarg))) 241 err(EXIT_FAILURE, "Cannot set file mode `%s'", optarg); 242 mode = getmode(set, 0); 243 free(set); 244 break; 245 case 'M': 246 metafile = optarg; 247 break; 248 case 'N': 249 if (! setup_getid(optarg)) 250 errx(EXIT_FAILURE, 251 "Unable to use user and group databases in `%s'", 252 optarg); 253 break; 254 case 'o': 255 haveopt_o = 1; 256 owner = optarg; 257 break; 258 case 'p': 259 dopreserve = 1; 260 break; 261 case 'r': 262 dorename = 1; 263 break; 264 case 'S': 265 stripArgs = strdup(optarg); 266 if (stripArgs == NULL) 267 err(EXIT_FAILURE, "Can't allocate options"); 268 /* fall through; -S implies -s */ 269 /*FALLTHROUGH*/ 270 case 's': 271 dostrip = 1; 272 break; 273 case 'T': 274 tags = optarg; 275 break; 276 case 'U': 277 dounpriv = 1; 278 break; 279 case '?': 280 default: 281 usage(); 282 } 283 argc -= optind; 284 argv += optind; 285 286 /* strip and link options make no sense when creating directories */ 287 if ((dostrip || dolink) && dodir) 288 usage(); 289 290 /* strip and flags make no sense with links */ 291 if ((dostrip || fflags) && dolink) 292 usage(); 293 294 /* must have at least two arguments, except when creating directories */ 295 if (argc < 2 && !dodir) 296 usage(); 297 298 if (digest) { 299 if (0) { 300 } else if (strcmp(digest, "none") == 0) { 301 digesttype = DIGEST_NONE; 302 } else if (strcmp(digest, "md5") == 0) { 303 digesttype = DIGEST_MD5; 304 } else if (strcmp(digest, "rmd160") == 0) { 305 digesttype = DIGEST_RMD160; 306 } else if (strcmp(digest, "sha1") == 0) { 307 digesttype = DIGEST_SHA1; 308 } else if (strcmp(digest, "sha256") == 0) { 309 digesttype = DIGEST_SHA256; 310 } else if (strcmp(digest, "sha384") == 0) { 311 digesttype = DIGEST_SHA384; 312 } else if (strcmp(digest, "sha512") == 0) { 313 digesttype = DIGEST_SHA512; 314 } else { 315 warnx("unknown digest `%s'", digest); 316 usage(); 317 } 318 } 319 320 /* get group and owner id's */ 321 if (group && !dounpriv) { 322 if (gid_from_group(group, &gid) == -1) { 323 id_t id; 324 if (!parseid(group, &id)) 325 errx(EXIT_FAILURE, "unknown group %s", group); 326 gid = id; 327 } 328 iflags |= HASGID; 329 } 330 if (owner && !dounpriv) { 331 if (uid_from_user(owner, &uid) == -1) { 332 id_t id; 333 if (!parseid(owner, &id)) 334 errx(EXIT_FAILURE, "unknown user %s", owner); 335 uid = id; 336 } 337 iflags |= HASUID; 338 } 339 340 #if ! HAVE_NBTOOL_CONFIG_H 341 if (fflags && !dounpriv) { 342 if (string_to_flags(&fflags, &fileflags, NULL)) 343 errx(EXIT_FAILURE, "%s: invalid flag", fflags); 344 /* restore fflags since string_to_flags() changed it */ 345 fflags = flags_to_string(fileflags, "-"); 346 iflags |= SETFLAGS; 347 } 348 #endif 349 350 if (metafile) { 351 if ((metafp = fopen(metafile, "a")) == NULL) 352 warn("open %s", metafile); 353 } else 354 digesttype = DIGEST_NONE; 355 356 if (dodir) { 357 for (; *argv != NULL; ++argv) 358 install_dir(*argv, iflags); 359 exit (0); 360 } 361 362 no_target = stat(to_name = argv[argc - 1], &to_sb); 363 if (!no_target && S_ISDIR(to_sb.st_mode)) { 364 for (; *argv != to_name; ++argv) 365 install(*argv, to_name, iflags | DIRECTORY); 366 exit(0); 367 } 368 369 /* can't do file1 file2 directory/file */ 370 if (argc != 2) { 371 errx(EXIT_FAILURE, "the last argument (%s) " 372 "must name an existing directory", argv[argc - 1]); 373 /* NOTREACHED */ 374 } 375 376 if (!no_target) { 377 /* makelink() handles checks for links */ 378 if (!dolink) { 379 if (stat(*argv, &from_sb)) 380 err(EXIT_FAILURE, "%s: stat", *argv); 381 if (!S_ISREG(to_sb.st_mode)) 382 errx(EXIT_FAILURE, "%s: not a regular file", to_name); 383 if (to_sb.st_dev == from_sb.st_dev && 384 to_sb.st_ino == from_sb.st_ino) 385 errx(EXIT_FAILURE, "%s and %s are the same file", *argv, 386 to_name); 387 } 388 /* 389 * Unlink now... avoid ETXTBSY errors later. Try and turn 390 * off the append/immutable bits -- if we fail, go ahead, 391 * it might work. 392 */ 393 #if ! HAVE_NBTOOL_CONFIG_H 394 #define NOCHANGEBITS (UF_IMMUTABLE | UF_APPEND | SF_IMMUTABLE | SF_APPEND) 395 if (to_sb.st_flags & NOCHANGEBITS) 396 (void)chflags(to_name, 397 to_sb.st_flags & ~(NOCHANGEBITS)); 398 #endif 399 if (dobackup) 400 backup(to_name); 401 else if (!dorename) 402 (void)unlink(to_name); 403 } 404 install(*argv, to_name, iflags); 405 exit(0); 406 } 407 408 /* 409 * parseid -- 410 * parse uid or gid from arg into id, returning non-zero if successful 411 */ 412 static int 413 parseid(char *name, id_t *id) 414 { 415 char *ep; 416 417 errno = 0; 418 *id = (id_t)strtoul(name, &ep, 10); 419 if (errno || *ep != '\0') 420 return (0); 421 return (1); 422 } 423 424 /* 425 * do_link -- 426 * make a hard link, obeying dorename if set 427 * return -1 on failure 428 */ 429 static int 430 do_link(char *from_name, char *to_name) 431 { 432 char tmpl[MAXPATHLEN]; 433 int ret; 434 435 if (dorename) { 436 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 437 /* This usage is safe. */ 438 if (mktemp(tmpl) == NULL) 439 err(EXIT_FAILURE, "%s: mktemp", tmpl); 440 ret = link(from_name, tmpl); 441 if (ret == 0) { 442 ret = rename(tmpl, to_name); 443 /* If rename has posix semantics, then the temporary 444 * file may still exist when from_name and to_name point 445 * to the same file, so unlink it unconditionally. 446 */ 447 (void)unlink(tmpl); 448 } 449 return (ret); 450 } else 451 return (link(from_name, to_name)); 452 } 453 454 /* 455 * do_symlink -- 456 * make a symbolic link, obeying dorename if set 457 * exit on failure 458 */ 459 static void 460 do_symlink(char *from_name, char *to_name) 461 { 462 char tmpl[MAXPATHLEN]; 463 464 if (dorename) { 465 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 466 /* This usage is safe. */ 467 if (mktemp(tmpl) == NULL) 468 err(EXIT_FAILURE, "%s: mktemp", tmpl); 469 470 if (symlink(from_name, tmpl) == -1) 471 err(EXIT_FAILURE, "symlink %s -> %s", from_name, tmpl); 472 if (rename(tmpl, to_name) == -1) { 473 /* remove temporary link before exiting */ 474 (void)unlink(tmpl); 475 err(EXIT_FAILURE, "%s: rename", to_name); 476 } 477 } else { 478 if (symlink(from_name, to_name) == -1) 479 err(EXIT_FAILURE, "symlink %s -> %s", from_name, to_name); 480 } 481 } 482 483 /* 484 * makelink -- 485 * make a link from source to destination 486 */ 487 static void 488 makelink(char *from_name, char *to_name) 489 { 490 char src[MAXPATHLEN], dst[MAXPATHLEN], lnk[MAXPATHLEN]; 491 struct stat to_sb; 492 493 /* Try hard links first */ 494 if (dolink & (LN_HARD|LN_MIXED)) { 495 if (do_link(from_name, to_name) == -1) { 496 if ((dolink & LN_HARD) || errno != EXDEV) 497 err(EXIT_FAILURE, "link %s -> %s", from_name, to_name); 498 } else { 499 if (stat(to_name, &to_sb)) 500 err(EXIT_FAILURE, "%s: stat", to_name); 501 if (S_ISREG(to_sb.st_mode)) { 502 /* XXX: hard links to anything 503 * other than plain files are not 504 * metalogged 505 */ 506 int omode; 507 char *oowner, *ogroup, *offlags; 508 char *dres; 509 510 /* XXX: use underlying perms, 511 * unless overridden on command line. 512 */ 513 omode = mode; 514 if (!haveopt_m) 515 mode = (to_sb.st_mode & 0777); 516 oowner = owner; 517 if (!haveopt_o) 518 owner = NULL; 519 ogroup = group; 520 if (!haveopt_g) 521 group = NULL; 522 offlags = fflags; 523 if (!haveopt_f) 524 fflags = NULL; 525 switch (digesttype) { 526 case DIGEST_MD5: 527 dres = MD5File(from_name, NULL); 528 break; 529 case DIGEST_RMD160: 530 dres = RMD160File(from_name, NULL); 531 break; 532 case DIGEST_SHA1: 533 dres = SHA1File(from_name, NULL); 534 break; 535 case DIGEST_SHA256: 536 dres = SHA256_File(from_name, NULL); 537 break; 538 case DIGEST_SHA384: 539 dres = SHA384_File(from_name, NULL); 540 break; 541 case DIGEST_SHA512: 542 dres = SHA512_File(from_name, NULL); 543 break; 544 default: 545 dres = NULL; 546 } 547 metadata_log(to_name, "file", NULL, NULL, 548 dres, to_sb.st_size); 549 free(dres); 550 mode = omode; 551 owner = oowner; 552 group = ogroup; 553 fflags = offlags; 554 } 555 return; 556 } 557 } 558 559 /* Symbolic links */ 560 if (dolink & LN_ABSOLUTE) { 561 /* Convert source path to absolute */ 562 if (realpath(from_name, src) == NULL) 563 err(EXIT_FAILURE, "%s: realpath", from_name); 564 do_symlink(src, to_name); 565 /* XXX: src may point outside of destdir */ 566 metadata_log(to_name, "link", NULL, src, NULL, 0); 567 return; 568 } 569 570 if (dolink & LN_RELATIVE) { 571 char *cp, *d, *s; 572 573 /* Resolve pathnames */ 574 if (realpath(from_name, src) == NULL) 575 err(EXIT_FAILURE, "%s: realpath", from_name); 576 577 /* 578 * The last component of to_name may be a symlink, 579 * so use realpath to resolve only the directory. 580 */ 581 cp = xdirname(to_name); 582 if (realpath(cp, dst) == NULL) 583 err(EXIT_FAILURE, "%s: realpath", cp); 584 /* .. and add the last component */ 585 if (strcmp(dst, "/") != 0) { 586 if (strlcat(dst, "/", sizeof(dst)) > sizeof(dst)) 587 errx(EXIT_FAILURE, "resolved pathname too long"); 588 } 589 cp = xbasename(to_name); 590 if (strlcat(dst, cp, sizeof(dst)) > sizeof(dst)) 591 errx(EXIT_FAILURE, "resolved pathname too long"); 592 593 /* trim common path components */ 594 for (s = src, d = dst; *s == *d; s++, d++) 595 continue; 596 while (*s != '/') 597 s--, d--; 598 599 /* count the number of directories we need to backtrack */ 600 for (++d, lnk[0] = '\0'; *d; d++) 601 if (*d == '/') 602 (void)strlcat(lnk, "../", sizeof(lnk)); 603 604 (void)strlcat(lnk, ++s, sizeof(lnk)); 605 606 do_symlink(lnk, to_name); 607 /* XXX: lnk may point outside of destdir */ 608 metadata_log(to_name, "link", NULL, lnk, NULL, 0); 609 return; 610 } 611 612 /* 613 * If absolute or relative was not specified, 614 * try the names the user provided 615 */ 616 do_symlink(from_name, to_name); 617 /* XXX: from_name may point outside of destdir */ 618 metadata_log(to_name, "link", NULL, from_name, NULL, 0); 619 } 620 621 /* 622 * install -- 623 * build a path name and install the file 624 */ 625 static void 626 install(char *from_name, char *to_name, u_int flags) 627 { 628 struct stat from_sb; 629 struct stat to_sb; 630 struct timeval tv[2]; 631 off_t size; 632 int devnull, from_fd, to_fd, serrno, tmpmode; 633 char *p, tmpl[MAXPATHLEN], *oto_name, *digestresult; 634 635 size = -1; 636 if (!dolink) { 637 /* ensure that from_sb & tv are sane if !dolink */ 638 if (stat(from_name, &from_sb)) 639 err(EXIT_FAILURE, "%s: stat", from_name); 640 size = from_sb.st_size; 641 #if BSD4_4 && !HAVE_NBTOOL_CONFIG_H 642 TIMESPEC_TO_TIMEVAL(&tv[0], &from_sb.st_atimespec); 643 TIMESPEC_TO_TIMEVAL(&tv[1], &from_sb.st_mtimespec); 644 #else 645 tv[0].tv_sec = from_sb.st_atime; 646 tv[0].tv_usec = 0; 647 tv[1].tv_sec = from_sb.st_mtime; 648 tv[1].tv_usec = 0; 649 #endif 650 } 651 652 if (flags & DIRECTORY || strcmp(from_name, _PATH_DEVNULL) != 0) { 653 devnull = 0; 654 if (!dolink) { 655 if (!S_ISREG(from_sb.st_mode)) 656 errx(EXIT_FAILURE, "%s: not a regular file", from_name); 657 } 658 /* Build the target path. */ 659 if (flags & DIRECTORY) { 660 (void)snprintf(pathbuf, sizeof(pathbuf), "%s/%s", 661 to_name, 662 (p = strrchr(from_name, '/')) ? ++p : from_name); 663 to_name = pathbuf; 664 } 665 } else { 666 devnull = 1; 667 size = 0; 668 #if HAVE_STRUCT_STAT_ST_FLAGS 669 from_sb.st_flags = 0; /* XXX */ 670 #endif 671 } 672 673 /* 674 * Unlink now... avoid ETXTBSY errors later. Try and turn 675 * off the append/immutable bits -- if we fail, go ahead, 676 * it might work. 677 */ 678 #if ! HAVE_NBTOOL_CONFIG_H 679 if (stat(to_name, &to_sb) == 0 && 680 to_sb.st_flags & (NOCHANGEBITS)) 681 (void)chflags(to_name, to_sb.st_flags & ~(NOCHANGEBITS)); 682 #endif 683 if (dorename) { 684 (void)snprintf(tmpl, sizeof(tmpl), "%s.inst.XXXXXX", to_name); 685 oto_name = to_name; 686 to_name = tmpl; 687 } else { 688 oto_name = NULL; /* pacify gcc */ 689 if (dobackup) 690 backup(to_name); 691 else 692 (void)unlink(to_name); 693 } 694 695 if (dolink) { 696 makelink(from_name, dorename ? oto_name : to_name); 697 return; 698 } 699 700 /* Create target. */ 701 if (dorename) { 702 if ((to_fd = mkstemp(to_name)) == -1) 703 err(EXIT_FAILURE, "%s: mkstemp", to_name); 704 } else { 705 if ((to_fd = open(to_name, 706 O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR | S_IWUSR)) < 0) 707 err(EXIT_FAILURE, "%s: open", to_name); 708 } 709 digestresult = NULL; 710 if (!devnull) { 711 if ((from_fd = open(from_name, O_RDONLY, 0)) < 0) { 712 (void)unlink(to_name); 713 err(EXIT_FAILURE, "%s: open", from_name); 714 } 715 digestresult = 716 copy(from_fd, from_name, to_fd, to_name, from_sb.st_size); 717 (void)close(from_fd); 718 } 719 720 if (dostrip) { 721 strip(to_name); 722 723 /* 724 * Re-open our fd on the target, in case we used a strip 725 * that does not work in-place -- like gnu binutils strip. 726 */ 727 close(to_fd); 728 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0) 729 err(EXIT_FAILURE, "stripping %s", to_name); 730 731 /* 732 * Recalculate size and digestresult after stripping. 733 */ 734 if (fstat(to_fd, &to_sb) != 0) 735 err(EXIT_FAILURE, "%s: fstat", to_name); 736 size = to_sb.st_size; 737 digestresult = 738 copy(to_fd, to_name, -1, NULL, size); 739 740 } 741 742 if (afterinstallcmd != NULL) { 743 afterinstall(afterinstallcmd, to_name, 1); 744 745 /* 746 * Re-open our fd on the target, in case we used an 747 * after-install command that does not work in-place 748 */ 749 close(to_fd); 750 if ((to_fd = open(to_name, O_RDONLY, S_IRUSR | S_IWUSR)) < 0) 751 err(EXIT_FAILURE, "running after install command on %s", to_name); 752 } 753 754 /* 755 * Set owner, group, mode for target; do the chown first, 756 * chown may lose the setuid bits. 757 */ 758 if (!dounpriv && 759 (flags & (HASUID | HASGID)) && fchown(to_fd, uid, gid) == -1) { 760 serrno = errno; 761 (void)unlink(to_name); 762 errc(EXIT_FAILURE, serrno, "%s: chown/chgrp", to_name); 763 } 764 tmpmode = mode; 765 if (dounpriv) 766 tmpmode &= S_IRWXU|S_IRWXG|S_IRWXO; 767 if (fchmod(to_fd, tmpmode) == -1) { 768 serrno = errno; 769 (void)unlink(to_name); 770 errc(EXIT_FAILURE, serrno, "%s: chmod", to_name); 771 } 772 773 /* 774 * Preserve the date of the source file. 775 */ 776 if (dopreserve) { 777 #if HAVE_FUTIMES 778 if (futimes(to_fd, tv) == -1) 779 warn("%s: futimes", to_name); 780 #else 781 if (utimes(to_name, tv) == -1) 782 warn("%s: utimes", to_name); 783 #endif 784 } 785 786 (void)close(to_fd); 787 788 if (dorename) { 789 if (rename(to_name, oto_name) == -1) 790 err(EXIT_FAILURE, "%s: rename", to_name); 791 to_name = oto_name; 792 } 793 794 /* 795 * If provided a set of flags, set them, otherwise, preserve the 796 * flags, except for the dump flag. 797 */ 798 #if ! HAVE_NBTOOL_CONFIG_H 799 if (!dounpriv && chflags(to_name, 800 flags & SETFLAGS ? fileflags : from_sb.st_flags & ~UF_NODUMP) == -1) 801 { 802 if (errno != EOPNOTSUPP || (from_sb.st_flags & ~UF_NODUMP) != 0) 803 warn("%s: chflags", to_name); 804 } 805 #endif 806 807 metadata_log(to_name, "file", tv, NULL, digestresult, size); 808 free(digestresult); 809 } 810 811 /* 812 * copy -- 813 * copy from one file to another, returning a digest. 814 * 815 * If to_fd < 0, just calculate a digest, don't copy. 816 */ 817 static char * 818 copy(int from_fd, char *from_name, int to_fd, char *to_name, off_t size) 819 { 820 ssize_t nr, nw; 821 int serrno; 822 u_char *p; 823 u_char buf[MAXBSIZE]; 824 MD5_CTX ctxMD5; 825 RMD160_CTX ctxRMD160; 826 SHA1_CTX ctxSHA1; 827 SHA256_CTX ctxSHA256; 828 SHA384_CTX ctxSHA384; 829 SHA512_CTX ctxSHA512; 830 831 switch (digesttype) { 832 case DIGEST_MD5: 833 MD5Init(&ctxMD5); 834 break; 835 case DIGEST_RMD160: 836 RMD160Init(&ctxRMD160); 837 break; 838 case DIGEST_SHA1: 839 SHA1Init(&ctxSHA1); 840 break; 841 case DIGEST_SHA256: 842 SHA256_Init(&ctxSHA256); 843 break; 844 case DIGEST_SHA384: 845 SHA384_Init(&ctxSHA384); 846 break; 847 case DIGEST_SHA512: 848 SHA512_Init(&ctxSHA512); 849 break; 850 case DIGEST_NONE: 851 if (to_fd < 0) 852 return NULL; /* no need to do anything */ 853 default: 854 break; 855 } 856 /* 857 * There's no reason to do anything other than close the file 858 * now if it's empty, so let's not bother. 859 */ 860 if (size > 0) { 861 862 /* 863 * Mmap and write if less than 8M (the limit is so we 864 * don't totally trash memory on big files). This is 865 * really a minor hack, but it wins some CPU back. 866 */ 867 868 if (size <= 8 * 1048576) { 869 if ((p = mmap(NULL, (size_t)size, PROT_READ, 870 MAP_FILE|MAP_SHARED, from_fd, (off_t)0)) 871 == MAP_FAILED) { 872 goto mmap_failed; 873 } 874 #if defined(MADV_SEQUENTIAL) && !defined(__APPLE__) 875 if (madvise(p, (size_t)size, MADV_SEQUENTIAL) == -1 876 && errno != EOPNOTSUPP) 877 warn("madvise"); 878 #endif 879 880 if (to_fd >= 0 && write(to_fd, p, size) != size) { 881 serrno = errno; 882 (void)unlink(to_name); 883 errc(EXIT_FAILURE, serrno, "%s: write", 884 to_name); 885 } 886 switch (digesttype) { 887 case DIGEST_MD5: 888 MD5Update(&ctxMD5, p, size); 889 break; 890 case DIGEST_RMD160: 891 RMD160Update(&ctxRMD160, p, size); 892 break; 893 case DIGEST_SHA1: 894 SHA1Update(&ctxSHA1, p, size); 895 break; 896 case DIGEST_SHA256: 897 SHA256_Update(&ctxSHA256, p, size); 898 break; 899 case DIGEST_SHA384: 900 SHA384_Update(&ctxSHA384, p, size); 901 break; 902 case DIGEST_SHA512: 903 SHA512_Update(&ctxSHA512, p, size); 904 break; 905 default: 906 break; 907 } 908 (void)munmap(p, size); 909 } else { 910 mmap_failed: 911 while ((nr = read(from_fd, buf, sizeof(buf))) > 0) { 912 if (to_fd >= 0 && 913 (nw = write(to_fd, buf, nr)) != nr) { 914 serrno = errno; 915 (void)unlink(to_name); 916 errc(EXIT_FAILURE, 917 nw > 0 ? EIO : serrno, 918 "%s: write", to_name); 919 } 920 switch (digesttype) { 921 case DIGEST_MD5: 922 MD5Update(&ctxMD5, buf, nr); 923 break; 924 case DIGEST_RMD160: 925 RMD160Update(&ctxRMD160, buf, nr); 926 break; 927 case DIGEST_SHA1: 928 SHA1Update(&ctxSHA1, buf, nr); 929 break; 930 case DIGEST_SHA256: 931 SHA256_Update(&ctxSHA256, buf, nr); 932 break; 933 case DIGEST_SHA384: 934 SHA384_Update(&ctxSHA384, buf, nr); 935 break; 936 case DIGEST_SHA512: 937 SHA512_Update(&ctxSHA512, buf, nr); 938 break; 939 default: 940 break; 941 } 942 } 943 if (nr != 0) { 944 serrno = errno; 945 (void)unlink(to_name); 946 errc(EXIT_FAILURE, serrno, "%s: read", 947 from_name); 948 } 949 } 950 } 951 switch (digesttype) { 952 case DIGEST_MD5: 953 return MD5End(&ctxMD5, NULL); 954 case DIGEST_RMD160: 955 return RMD160End(&ctxRMD160, NULL); 956 case DIGEST_SHA1: 957 return SHA1End(&ctxSHA1, NULL); 958 case DIGEST_SHA256: 959 return SHA256_End(&ctxSHA256, NULL); 960 case DIGEST_SHA384: 961 return SHA384_End(&ctxSHA384, NULL); 962 case DIGEST_SHA512: 963 return SHA512_End(&ctxSHA512, NULL); 964 default: 965 return NULL; 966 } 967 } 968 969 static void 970 run(const char *command, const char *flags, const char *to_name, int errunlink) 971 { 972 char *args[4]; 973 char *cmd; 974 int status; 975 int rv; 976 size_t i; 977 978 i = 1; 979 status = 0; 980 981 if (hasmeta(command)) { 982 rv = asprintf(&cmd, "%s %s%s%s", command, flags ? flags : "", 983 flags ? " " : "", to_name); 984 if (rv < 0) { 985 warn("Cannot execute %s", command); 986 goto out; 987 } 988 command = _PATH_BSHELL; 989 flags = "-c"; 990 } else 991 cmd = __UNCONST(to_name); 992 993 args[0] = __UNCONST(command); 994 if (flags) 995 args[i++] = __UNCONST(flags); 996 args[i++] = cmd; 997 args[i] = NULL; 998 999 #ifdef HAVE_POSIX_SPAWN 1000 if (*command == '/') 1001 rv = posix_spawn(NULL, command, NULL, NULL, args, NULL); 1002 else 1003 rv = posix_spawnp(NULL, command, NULL, NULL, args, NULL); 1004 if (rv != 0) { 1005 warnc(rv, "Cannot execute %s", command); 1006 rv = -1; 1007 } 1008 #else 1009 switch (vfork()) { 1010 case -1: 1011 rv = errno; 1012 if (errunlink) 1013 (void)unlink(to_name); 1014 errc(EXIT_FAILURE, rv, "vfork"); 1015 /*NOTREACHED*/ 1016 case 0: 1017 if (*command == '/') 1018 execv(command, args); 1019 else 1020 execvp(command, args); 1021 rv = errno; 1022 const char *arr[] = { 1023 getprogname(), 1024 ": exec failed for ", 1025 command, 1026 " (", 1027 strerror(rv), 1028 ")\n", 1029 }; 1030 for (i = 0; i < __arraycount(arr); i++) 1031 write(STDERR_FILENO, arr[i], strlen(arr[i])); 1032 _exit(1); 1033 /*NOTREACHED*/ 1034 default: 1035 break; 1036 } 1037 #endif 1038 rv = wait(&status); 1039 if (cmd != to_name) 1040 free(cmd); 1041 out: 1042 if ((rv < 0 || status) && errunlink) 1043 (void)unlink(to_name); 1044 } 1045 1046 /* 1047 * strip -- 1048 * use strip(1) to strip the target file 1049 */ 1050 static void 1051 strip(const char *to_name) 1052 { 1053 const char *stripprog; 1054 1055 if ((stripprog = getenv("STRIP")) == NULL || *stripprog == '\0') { 1056 #ifdef TARGET_STRIP 1057 stripprog = TARGET_STRIP; 1058 #else 1059 stripprog = _PATH_STRIP; 1060 #endif 1061 } 1062 run(stripprog, stripArgs, to_name, 0); 1063 } 1064 1065 /* 1066 * afterinstall -- 1067 * run provided command on the target file or directory after it's been 1068 * installed and stripped, but before permissions are set or it's renamed 1069 */ 1070 static void 1071 afterinstall(const char *command, const char *to_name, int errunlink) 1072 { 1073 run(command, NULL, to_name, errunlink); 1074 } 1075 1076 /* 1077 * backup -- 1078 * backup file "to_name" to to_name.suffix 1079 * if suffix contains a "%", it's taken as a printf(3) pattern 1080 * used for a numbered backup. 1081 */ 1082 static void 1083 backup(const char *to_name) 1084 { 1085 char bname[FILENAME_MAX]; 1086 1087 if (numberedbackup) { 1088 /* Do numbered backup */ 1089 int cnt; 1090 char suffix_expanded[FILENAME_MAX]; 1091 1092 cnt=0; 1093 do { 1094 (void)snprintf(suffix_expanded, FILENAME_MAX, suffix, 1095 cnt); 1096 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name, 1097 suffix_expanded); 1098 cnt++; 1099 } while (access(bname, F_OK) == 0); 1100 } else { 1101 /* Do simple backup */ 1102 (void)snprintf(bname, FILENAME_MAX, "%s%s", to_name, suffix); 1103 } 1104 1105 (void)rename(to_name, bname); 1106 } 1107 1108 /* 1109 * install_dir -- 1110 * build directory hierarchy 1111 */ 1112 static void 1113 install_dir(char *path, u_int flags) 1114 { 1115 char *p; 1116 struct stat sb; 1117 int ch; 1118 1119 for (p = path;; ++p) 1120 if (!*p || (p != path && *p == '/')) { 1121 ch = *p; 1122 *p = '\0'; 1123 if (mkdir(path, 0777) < 0) { 1124 /* 1125 * Can't create; path exists or no perms. 1126 * stat() path to determine what's there now. 1127 */ 1128 int sverrno; 1129 sverrno = errno; 1130 if (stat(path, &sb) < 0) { 1131 /* Not there; use mkdir()s error */ 1132 errno = sverrno; 1133 err(EXIT_FAILURE, "%s: mkdir", path); 1134 } 1135 if (!S_ISDIR(sb.st_mode)) { 1136 errx(EXIT_FAILURE, 1137 "%s exists but is not a directory", 1138 path); 1139 } 1140 } 1141 if (!(*p = ch)) 1142 break; 1143 } 1144 1145 if (afterinstallcmd != NULL) 1146 afterinstall(afterinstallcmd, path, 0); 1147 1148 if (!dounpriv && ( 1149 ((flags & (HASUID | HASGID)) && chown(path, uid, gid) == -1) 1150 || chmod(path, mode) == -1 )) { 1151 warn("%s: chown/chmod", path); 1152 } 1153 metadata_log(path, "dir", NULL, NULL, NULL, 0); 1154 } 1155 1156 /* 1157 * metadata_log -- 1158 * if metafp is not NULL, output mtree(8) full path name and settings to 1159 * metafp, to allow permissions to be set correctly by other tools, 1160 * or to allow integrity checks to be performed. 1161 */ 1162 static void 1163 metadata_log(const char *path, const char *type, struct timeval *tv, 1164 const char *slink, const char *digestresult, off_t size) 1165 { 1166 static const char extra[] = { ' ', '\t', '\n', '\\', '#', '\0' }; 1167 const char *p; 1168 char *buf; 1169 size_t destlen; 1170 struct flock metalog_lock; 1171 1172 if (!metafp) 1173 return; 1174 buf = malloc(4 * strlen(path) + 1); /* buf for strsvis(3) */ 1175 if (buf == NULL) { 1176 warn("Can't allocate metadata"); 1177 return; 1178 } 1179 /* lock log file */ 1180 metalog_lock.l_start = 0; 1181 metalog_lock.l_len = 0; 1182 metalog_lock.l_whence = SEEK_SET; 1183 metalog_lock.l_type = F_WRLCK; 1184 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) { 1185 warn("can't lock %s", metafile); 1186 free(buf); 1187 return; 1188 } 1189 1190 p = path; /* remove destdir */ 1191 if (destdir) { 1192 destlen = strlen(destdir); 1193 if (strncmp(p, destdir, destlen) == 0 && 1194 (p[destlen] == '/' || p[destlen] == '\0')) 1195 p += destlen; 1196 } 1197 while (*p && *p == '/') /* remove leading /s */ 1198 p++; 1199 strsvis(buf, p, VIS_CSTYLE, extra); /* encode name */ 1200 p = buf; 1201 /* print details */ 1202 fprintf(metafp, ".%s%s type=%s", *p ? "/" : "", p, type); 1203 if (owner) 1204 fprintf(metafp, " uname=%s", owner); 1205 if (group) 1206 fprintf(metafp, " gname=%s", group); 1207 fprintf(metafp, " mode=%#o", mode); 1208 if (slink) { 1209 strsvis(buf, slink, VIS_CSTYLE, extra); /* encode link */ 1210 fprintf(metafp, " link=%s", buf); 1211 } 1212 if (*type == 'f') /* type=file */ 1213 fprintf(metafp, " size=%lld", (long long)size); 1214 if (tv != NULL && dopreserve) 1215 fprintf(metafp, " time=%lld.%0*lld", 1216 (long long)tv[1].tv_sec, 1217 (tv[1].tv_usec == 0 ? 1 : 9), 1218 (long long)tv[1].tv_usec * 1000); 1219 if (digestresult && digest) 1220 fprintf(metafp, " %s=%s", digest, digestresult); 1221 if (fflags) 1222 fprintf(metafp, " flags=%s", fflags); 1223 if (tags) 1224 fprintf(metafp, " tags=%s", tags); 1225 fputc('\n', metafp); 1226 fflush(metafp); /* flush output */ 1227 /* unlock log file */ 1228 metalog_lock.l_type = F_UNLCK; 1229 if (fcntl(fileno(metafp), F_SETLKW, &metalog_lock) == -1) { 1230 warn("can't unlock %s", metafile); 1231 } 1232 free(buf); 1233 } 1234 1235 /* 1236 * xbasename -- 1237 * libc basename(3) that returns a pointer to a static buffer 1238 * instead of overwriting that passed-in string. 1239 */ 1240 static char * 1241 xbasename(char *path) 1242 { 1243 static char tmp[MAXPATHLEN]; 1244 1245 (void)strlcpy(tmp, path, sizeof(tmp)); 1246 return (basename(tmp)); 1247 } 1248 1249 /* 1250 * xdirname -- 1251 * libc dirname(3) that returns a pointer to a static buffer 1252 * instead of overwriting that passed-in string. 1253 */ 1254 static char * 1255 xdirname(char *path) 1256 { 1257 static char tmp[MAXPATHLEN]; 1258 1259 (void)strlcpy(tmp, path, sizeof(tmp)); 1260 return (dirname(tmp)); 1261 } 1262 1263 /* 1264 * usage -- 1265 * print a usage message and die 1266 */ 1267 static void 1268 usage(void) 1269 { 1270 const char *prog; 1271 1272 prog = getprogname(); 1273 1274 (void)fprintf(stderr, 1275 "usage: %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n" 1276 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group] \n" 1277 " [-l linkflags] [-h hash] [-S stripflags] file1 file2\n" 1278 " %s [-Ubcprs] [-M log] [-D dest] [-T tags] [-B suffix]\n" 1279 " [-a aftercmd] [-f flags] [-m mode] [-N dbdir] [-o owner] [-g group]\n" 1280 " [-l linkflags] [-h hash] [-S stripflags] file1 ... fileN directory\n" 1281 " %s -d [-Up] [-M log] [-D dest] [-T tags] [-a aftercmd] [-m mode]\n" 1282 " [-N dbdir] [-o owner] [-g group] directory ...\n", 1283 prog, prog, prog); 1284 exit(1); 1285 } 1286
Indexes created Mon Sep 29 21:09:56 GMT 2025