From 87bcd85c115abeda7b6ef5729b52749bf7351eee Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Thu, 24 Oct 2024 15:14:04 +0000 Subject: [PATCH] FHS: Anchor on the context Signed-off-by: Michael Tremer --- src/libpakfire/fhs.c | 52 +++++++++++++--------------- src/libpakfire/file.c | 2 +- src/libpakfire/include/pakfire/fhs.h | 2 +- 3 files changed, 27 insertions(+), 29 deletions(-) diff --git a/src/libpakfire/fhs.c b/src/libpakfire/fhs.c index 2cabb8a0f..f4ac61a33 100644 --- a/src/libpakfire/fhs.c +++ b/src/libpakfire/fhs.c @@ -18,15 +18,13 @@ # # #############################################################################*/ +#include #include -// Enable legacy logging -#define PAKFIRE_LEGACY_LOGGING - +#include #include #include #include -#include #include /* @@ -195,7 +193,7 @@ static const struct pakfire_fhs_check { }; static const struct pakfire_fhs_check* pakfire_fhs_find_check( - struct pakfire* pakfire, struct pakfire_file* file) { + struct pakfire_ctx* ctx, struct pakfire_file* file) { const struct pakfire_fhs_check* check = NULL; int r; @@ -220,7 +218,7 @@ static const struct pakfire_fhs_check* pakfire_fhs_find_check( // Match! case 1: - DEBUG(pakfire, "%s matches check '%s'\n", path, check->path); + CTX_DEBUG(ctx, "%s matches check '%s'\n", path, check->path); return check; @@ -231,13 +229,13 @@ static const struct pakfire_fhs_check* pakfire_fhs_find_check( } ERROR: - ERROR(pakfire, "Could not find FHS entry for %s: %m\n", path); + CTX_ERROR(ctx, "Could not find FHS entry for %s: %m\n", path); return NULL; } static int pakfire_fhs_check_world_writable( - struct pakfire* pakfire, struct pakfire_file* file) { + struct pakfire_ctx* ctx, struct pakfire_file* file) { // Run this check only for regular files switch (pakfire_file_get_type(file)) { case S_IFREG: @@ -255,14 +253,14 @@ static int pakfire_fhs_check_world_writable( // Check that none of the executable bits are set if ((perms & (S_IWUSR|S_IWGRP|S_IWOTH)) == (S_IWUSR|S_IWGRP|S_IWOTH)) { - DEBUG(pakfire, "%s is world-writable\n", path); + CTX_DEBUG(ctx, "%s is world-writable\n", path); return 1; } return 0; } -static int pakfire_fhs_check_perms(struct pakfire* pakfire, +static int pakfire_fhs_check_perms(struct pakfire_ctx* ctx, const struct pakfire_fhs_check* check, struct pakfire_file* file) { // No permissions defined. Skipping check... if (!check->perms) @@ -275,7 +273,7 @@ static int pakfire_fhs_check_perms(struct pakfire* pakfire, // Check if they match if (check->perms != perms) { - DEBUG(pakfire, "%s: Permissions do not match\n", path); + CTX_DEBUG(ctx, "%s: Permissions do not match\n", path); return 1; } @@ -283,7 +281,7 @@ static int pakfire_fhs_check_perms(struct pakfire* pakfire, return 0; } -static int pakfire_fhs_check_ownership(struct pakfire* pakfire, +static int pakfire_fhs_check_ownership(struct pakfire_ctx* ctx, const struct pakfire_fhs_check* check, struct pakfire_file* file) { const char* path = pakfire_file_get_path(file); @@ -294,7 +292,7 @@ static int pakfire_fhs_check_ownership(struct pakfire* pakfire, return 1; if (strcmp(check->uname, uname) != 0) { - DEBUG(pakfire, "%s: uname does not match\n", path); + CTX_DEBUG(ctx, "%s: uname does not match\n", path); return 1; } } @@ -306,7 +304,7 @@ static int pakfire_fhs_check_ownership(struct pakfire* pakfire, return 1; if (strcmp(check->gname, gname) != 0) { - DEBUG(pakfire, "%s: gname does not match\n", path); + CTX_DEBUG(ctx, "%s: gname does not match\n", path); return 1; } } @@ -315,7 +313,7 @@ static int pakfire_fhs_check_ownership(struct pakfire* pakfire, return 0; } -static int pakfire_fhs_check_noexec(struct pakfire* pakfire, +static int pakfire_fhs_check_noexec(struct pakfire_ctx* ctx, const struct pakfire_fhs_check* check, struct pakfire_file* file) { // Skip this check if PAKFIRE_FHS_NOEXEC is not set if (!(check->flags & PAKFIRE_FHS_NOEXEC)) @@ -329,53 +327,53 @@ static int pakfire_fhs_check_noexec(struct pakfire* pakfire, // Check that none of the executable bits are set if (perms & (S_IXUSR|S_IXGRP|S_IXOTH)) { - DEBUG(pakfire, "%s must not be executable\n", path); + CTX_DEBUG(ctx, "%s must not be executable\n", path); return 1; } return 0; } -int pakfire_fhs_check_file(struct pakfire* pakfire, struct pakfire_file* file) { +int pakfire_fhs_check_file(struct pakfire_ctx* ctx, struct pakfire_file* file) { const struct pakfire_fhs_check* check = NULL; int r; // Get the file path const char* path = pakfire_file_get_path(file); if (!path) - return 1; + return -errno; // Check for world-writable permissions - r = pakfire_fhs_check_world_writable(pakfire, file); + r = pakfire_fhs_check_world_writable(ctx, file); if (r) return r; // Find a check - check = pakfire_fhs_find_check(pakfire, file); + check = pakfire_fhs_find_check(ctx, file); if (!check) { - ERROR(pakfire, "Could not match file %s: %m\n", path); - return 1; + CTX_ERROR(ctx, "Could not match file %s: %m\n", path); + return -errno; } // Should this file exist at all? if (check->flags & PAKFIRE_FHS_MUSTNOTEXIST) { - DEBUG(pakfire, "%s must not exist here\n", path); + CTX_DEBUG(ctx, "%s must not exist here\n", path); return 1; } // Check permissions - r = pakfire_fhs_check_perms(pakfire, check, file); + r = pakfire_fhs_check_perms(ctx, check, file); if (r) return r; // Check ownership - r = pakfire_fhs_check_ownership(pakfire, check, file); + r = pakfire_fhs_check_ownership(ctx, check, file); if (r) return r; // Check for PAKFIRE_FHS_NOEXEC - r = pakfire_fhs_check_noexec(pakfire, check, file); - if (r) + r = pakfire_fhs_check_noexec(ctx, check, file); + if (r < 0) return r; // Check passed! diff --git a/src/libpakfire/file.c b/src/libpakfire/file.c index 1ac875320..c162fa3b9 100644 --- a/src/libpakfire/file.c +++ b/src/libpakfire/file.c @@ -2829,7 +2829,7 @@ int pakfire_file_check(struct pakfire_file* file, int* issues) { // Return previous result if this has been run before if (!file->check_done) { // Perform FHS check - r = pakfire_fhs_check_file(file->pakfire, file); + r = pakfire_fhs_check_file(file->ctx, file); if (r) file->issues |= PAKFIRE_FILE_FHS_ERROR; diff --git a/src/libpakfire/include/pakfire/fhs.h b/src/libpakfire/include/pakfire/fhs.h index 5a28dde8f..a02d235d0 100644 --- a/src/libpakfire/include/pakfire/fhs.h +++ b/src/libpakfire/include/pakfire/fhs.h @@ -24,6 +24,6 @@ #include #include -int pakfire_fhs_check_file(struct pakfire* pakfire, struct pakfire_file* file); +int pakfire_fhs_check_file(struct pakfire_ctx* ctx, struct pakfire_file* file); #endif /* PAKFIRE_FHS_H */ -- 2.39.5