1 /* Test whether two files have the same ACLs.
2 Copyright (C) 2008-2010 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
17 /* Written by Bruno Haible <bruno@clisp.org>, 2008. */
27 #if HAVE_ACL_GET_FILE || HAVE_ACL || HAVE_ACLX_GET || HAVE_STATACL
28 # include <sys/types.h>
33 #include "read-file.h"
38 main (int argc, char *argv[])
43 set_program_name (argv[0]);
50 /* Compare the contents of the two files. */
57 contents1 = read_file (file1, &size1);
58 if (contents1 == NULL)
60 fprintf (stderr, "error reading file %s: errno = %d\n", file1, errno);
64 contents2 = read_file (file2, &size2);
65 if (contents2 == NULL)
67 fprintf (stderr, "error reading file %s: errno = %d\n", file2, errno);
74 fprintf (stderr, "files %s and %s have different sizes\n",
79 if (memcmp (contents1, contents2, size1) != 0)
81 fprintf (stderr, "files %s and %s have different contents\n",
88 /* Compare the access permissions of the two files, including ACLs. */
93 if (stat (file1, &statbuf1) < 0)
95 fprintf (stderr, "error accessing file %s: errno = %d\n", file1, errno);
99 if (stat (file2, &statbuf2) < 0)
101 fprintf (stderr, "error accessing file %s: errno = %d\n", file2, errno);
105 if (statbuf1.st_mode != statbuf2.st_mode)
107 fprintf (stderr, "files %s and %s have different access modes: %03o and %03o\n",
109 (unsigned int) statbuf1.st_mode, (unsigned int) statbuf2.st_mode);
114 #if HAVE_ACL_GET_FILE /* Linux, FreeBSD, MacOS X, IRIX, Tru64 */
115 static const int types[] =
118 # if HAVE_ACL_TYPE_EXTENDED /* MacOS X */
124 for (t = 0; t < sizeof (types) / sizeof (types[0]); t++)
134 acl1 = acl_get_file (file1, type);
135 if (acl1 == (acl_t)NULL)
142 text1 = acl_to_text (acl1, NULL);
148 acl2 = acl_get_file (file2, type);
149 if (acl2 == (acl_t)NULL)
156 text2 = acl_to_text (acl2, NULL);
163 if (acl1 != (acl_t)NULL)
165 if (acl2 != (acl_t)NULL)
171 if (strcmp (text1, text2) != 0)
173 fprintf (stderr, "files %s and %s have different ACLs:\n%s\n%s\n",
174 file1, file2, text1, text2);
180 fprintf (stderr, "file %s has a valid ACL, but file %s has an invalid ACL\n",
189 fprintf (stderr, "file %s has an invalid ACL, but file %s has a valid ACL\n",
195 if (errno1 != errno2)
197 fprintf (stderr, "files %s and %s have differently invalid ACLs, errno = %d vs. %d\n",
198 file1, file2, errno1, errno2);
206 fprintf (stderr, "file %s has an ACL, but file %s has no ACL\n",
213 if (acl2 != (acl_t)NULL)
215 fprintf (stderr, "file %s has no ACL, but file %s has an ACL\n",
221 #elif HAVE_ACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
225 count1 = acl (file1, GETACLCNT, 0, NULL);
226 count2 = acl (file2, GETACLCNT, 0, NULL);
230 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
236 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
240 if (count1 != count2)
242 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
243 file1, file2, count1, count2);
248 aclent_t *entries1 = XNMALLOC (count1, aclent_t);
249 aclent_t *entries2 = XNMALLOC (count2, aclent_t);
252 if (acl (file1, GETACL, count1, entries1) < count1)
254 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
258 if (acl (file2, GETACL, count2, entries2) < count1)
260 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
264 for (i = 0; i < count1; i++)
266 if (entries1[i].a_type != entries2[i].a_type)
268 fprintf (stderr, "files %s and %s: different ACL entry #%d: different types %d and %d\n",
269 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
272 if (entries1[i].a_id != entries2[i].a_id)
274 fprintf (stderr, "files %s and %s: different ACL entry #%d: different ids %d and %d\n",
275 file1, file2, i, (int)entries1[i].a_id, (int)entries2[i].a_id);
278 if (entries1[i].a_perm != entries2[i].a_perm)
280 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
281 file1, file2, i, (unsigned int) entries1[i].a_perm, (unsigned int) entries2[i].a_perm);
287 count1 = acl (file1, ACE_GETACLCNT, 0, NULL);
288 if (count1 < 0 && errno == EINVAL)
290 count2 = acl (file2, ACE_GETACLCNT, 0, NULL);
291 if (count2 < 0 && errno == EINVAL)
295 fprintf (stderr, "error accessing the ACE-ACLs of file %s\n", file1);
301 fprintf (stderr, "error accessing the ACE-ACLs of file %s\n", file2);
305 if (count1 != count2)
307 fprintf (stderr, "files %s and %s have different number of ACE-ACLs: %d and %d\n",
308 file1, file2, count1, count2);
313 ace_t *entries1 = XNMALLOC (count1, ace_t);
314 ace_t *entries2 = XNMALLOC (count2, ace_t);
317 if (acl (file1, ACE_GETACL, count1, entries1) < count1)
319 fprintf (stderr, "error retrieving the ACE-ACLs of file %s\n", file1);
323 if (acl (file2, ACE_GETACL, count2, entries2) < count1)
325 fprintf (stderr, "error retrieving the ACE-ACLs of file %s\n", file2);
329 for (i = 0; i < count1; i++)
331 if (entries1[i].a_type != entries2[i].a_type)
333 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different types %d and %d\n",
334 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
337 if (entries1[i].a_who != entries2[i].a_who)
339 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different ids %d and %d\n",
340 file1, file2, i, (int)entries1[i].a_who, (int)entries2[i].a_who);
343 if (entries1[i].a_access_mask != entries2[i].a_access_mask)
345 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different access masks %03o and %03o\n",
346 file1, file2, i, (unsigned int) entries1[i].a_access_mask, (unsigned int) entries2[i].a_access_mask);
349 if (entries1[i].a_flags != entries2[i].a_flags)
351 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different flags 0x%x and 0x%x\n",
352 file1, file2, i, (unsigned int) entries1[i].a_flags, (unsigned int) entries2[i].a_flags);
358 #elif HAVE_GETACL /* HP-UX */
362 count1 = getacl (file1, 0, NULL);
363 if (count1 < 0 && (errno == ENOSYS || errno == EOPNOTSUPP))
365 count2 = getacl (file2, 0, NULL);
366 if (count2 < 0 && (errno == ENOSYS || errno == EOPNOTSUPP))
371 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
377 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
381 if (count1 != count2)
383 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
384 file1, file2, count1, count2);
389 struct acl_entry *entries1 = XNMALLOC (count1, struct acl_entry);
390 struct acl_entry *entries2 = XNMALLOC (count2, struct acl_entry);
393 if (getacl (file1, count1, entries1) < count1)
395 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
399 if (getacl (file2, count2, entries2) < count1)
401 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
405 for (i = 0; i < count1; i++)
407 if (entries1[i].uid != entries2[i].uid)
409 fprintf (stderr, "files %s and %s: different ACL entry #%d: different uids %d and %d\n",
410 file1, file2, i, (int)entries1[i].uid, (int)entries2[i].uid);
413 if (entries1[i].gid != entries2[i].gid)
415 fprintf (stderr, "files %s and %s: different ACL entry #%d: different gids %d and %d\n",
416 file1, file2, i, (int)entries1[i].gid, (int)entries2[i].gid);
419 if (entries1[i].mode != entries2[i].mode)
421 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
422 file1, file2, i, (unsigned int) entries1[i].mode, (unsigned int) entries2[i].mode);
427 #elif HAVE_ACLX_GET /* AIX */
430 size_t aclsize1 = sizeof (acl1);
435 size_t aclsize2 = sizeof (acl2);
439 /* The docs say that type1 being 0 is equivalent to ACL_ANY, but it is not
442 if (aclx_get (file1, 0, &type1, acl1, &aclsize1, &mode1) < 0)
444 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
448 if (aclx_printStr (text1, sizeof (text1), acl1, aclsize1, type1, file1, 0) < 0)
450 fprintf (stderr, "cannot convert the ACLs of file %s to text\n", file1);
455 /* The docs say that type2 being 0 is equivalent to ACL_ANY, but it is not
458 if (aclx_get (file2, 0, &type2, acl2, &aclsize2, &mode2) < 0)
460 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
464 if (aclx_printStr (text2, sizeof (text2), acl2, aclsize2, type2, file2, 0) < 0)
466 fprintf (stderr, "cannot convert the ACLs of file %s to text\n", file2);
471 if (strcmp (text1, text2) != 0)
473 fprintf (stderr, "files %s and %s have different ACLs:\n%s\n%s\n",
474 file1, file2, text1, text2);
477 #elif HAVE_STATACL /* older AIX */
478 union { struct acl a; char room[4096]; } acl1;
479 union { struct acl a; char room[4096]; } acl2;
482 if (statacl (file1, STX_NORMAL, &acl1.a, sizeof (acl1)) < 0)
484 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
488 if (statacl (file2, STX_NORMAL, &acl2.a, sizeof (acl2)) < 0)
490 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
495 if (acl1.a.acl_len != acl2.a.acl_len)
497 fprintf (stderr, "files %s and %s have different ACL lengths: %u and %u\n",
498 file1, file2, acl1.a.acl_len, acl2.a.acl_len);
501 if (acl1.a.acl_mode != acl2.a.acl_mode)
503 fprintf (stderr, "files %s and %s have different ACL modes: %03o and %03o\n",
504 file1, file2, acl1.a.acl_mode, acl2.a.acl_mode);
507 if (acl1.a.u_access != acl2.a.u_access
508 || acl1.a.g_access != acl2.a.g_access
509 || acl1.a.o_access != acl2.a.o_access)
511 fprintf (stderr, "files %s and %s have different ACL access masks: %03o %03o %03o and %03o %03o %03o\n",
513 acl1.a.u_access, acl1.a.g_access, acl1.a.o_access,
514 acl2.a.u_access, acl2.a.g_access, acl2.a.o_access);
517 if (memcmp (acl1.a.acl_ext, acl2.a.acl_ext, acl1.a.acl_len) != 0)
519 fprintf (stderr, "files %s and %s have different ACL entries\n",