Commit 66447e07 authored by Eli Zaretskii's avatar Eli Zaretskii

Support Posix ACL APIs on MS-Windows.

 src/w32.c: Include sddl.h and sys/acl.h.
 (SDDL_REVISION_1): Define if not already defined.
 (g_b_init_get_security_descriptor_dacl)
 (g_b_init_convert_sd_to_sddl, g_b_init_convert_sddl_to_sd)
 (g_b_init_is_valid_security_descriptor)
 (g_b_init_set_file_security): New static flags.
 (globals_of_w32): Initialize them to zero.
 (SetFileSecurity_Name): New string constant.
 (SetFileSecurity_Proc, GetSecurityDescriptorDacl_Proc)
 (ConvertStringSecurityDescriptorToSecurityDescriptor_Proc)
 (ConvertSecurityDescriptorToStringSecurityDescriptor_Proc)
 (IsValidSecurityDescriptor_Proc): New typedefs.
 (get_file_security, get_security_descriptor_owner)
 (get_security_descriptor_group): Set errno to ENOTSUP.
 (set_file_security, get_security_descriptor_dacl)
 (is_valid_security_descriptor, convert_sd_to_sddl)
 (convert_sddl_to_sd, acl_valid, acl_to_text, acl_from_text)
 (acl_free, acl_get_file, acl_set_file): New functions.
 src/fileio.c (Fcopy_file) [WINDOWSNT]: Support copying ACLs.

 nt/inc/sys/acl.h: New file.
 nt/inc/ms-w32.h (ENOTSUP): Define if undefined.
 nt/config.nt (HAVE_POSIX_ACL): Define.

 doc/lispref/files.texi (File Attributes, Changing Files): Update to include
 MS-Windows support for ACLs.
parent 207a7ef0
2012-12-17 Eli Zaretskii <eliz@gnu.org>
* files.texi (File Attributes, Changing Files): Update to include
MS-Windows support for ACLs.
2012-12-16 Romain Francoise <romain@orebokech.com>
* files.texi (File Attributes): Document ACL support and new
......
......@@ -1357,13 +1357,14 @@ support, then the return value is @code{(nil nil nil nil)}.
If Emacs has been compiled with @dfn{ACL} (access control list)
support, you can use the function @code{file-acl} to retrieve a file's
ACL entries. The format is platform-specific; on GNU/Linux and BSD,
Emacs uses the POSIX ACL interface. For the function
@code{set-file-acl}, see @ref{Changing Files}.
Emacs uses the POSIX ACL interface, while on MS-Windows Emacs emulates
the POSIX ACL interface with native file security APIs. For the
function @code{set-file-acl}, see @ref{Changing Files}.
@defun file-acl filename
This function returns the ACL entries of the file @var{filename}.
The return value is a string containing the textual representation of
the ACL entries, like the following:
the ACL entries. On Posix hosts, it looks like this:
@example
@group
......@@ -1375,6 +1376,12 @@ other::r--
@end group
@end example
@cindex security descriptor, file
@cindex SDDL, MS-Windows
On MS-Windows, the return value is a textual description of the file's
@dfn{security descriptor} in @acronym{SDDL}, the @dfn{Security
Descriptor Definition Language}.
If the file does not exist or is inaccessible, or if Emacs was unable to
determine the ACL entries, then the return value is @code{nil}. The
latter can happen for local files if Emacs was not compiled with ACL
......@@ -1719,7 +1726,8 @@ SELinux support.
This function sets the ACL entries of the file @var{filename} to
@var{acl-string}. @xref{File Attributes}, for a brief description of
ACLs. The @var{acl-string} argument should be a string containing the
textual representation of the desired ACL entries.
textual representation of the desired ACL entries in the format
appropriate for the ACL interface being used.
@end defun
@node File Names
......
......@@ -44,8 +44,9 @@ simply disabling Transient Mark mode does the same thing.
*** Emacs preserves the ACL entries of files when backing up.
+++
*** New functions `file-acl' and `set-file-acl' get and set the ACL
entries of a file. On GNU/Linux the POSIX ACL interface is used via
libacl.
entries of a file. On GNU/Linux, the POSIX ACL interface is used via
libacl. On MS-Windows, the NT Security APIs are used to emulate the
POSIX ACL interfaces.
* Editing Changes in Emacs 24.4
......
2012-12-17 Eli Zaretskii <eliz@gnu.org>
* inc/sys/acl.h: New file.
* inc/ms-w32.h (ENOTSUP): Define if undefined.
* config.nt (HAVE_POSIX_ACL): Define.
2012-12-15 Eli Zaretskii <eliz@gnu.org>
* inc/ms-w32.h (sys_unlink): Provide prototype.
......
......@@ -725,6 +725,9 @@ along with GNU Emacs. If not, see <http://www.gnu.org/licenses/>. */
/* Define to 1 if you have the <png.h> header file. */
#undef HAVE_PNG_H
/* Define to 1 if you have the POSIX ACL support. */
#define HAVE_POSIX_ACL 1
/* Define to 1 if you have the `posix_memalign' function. */
#undef HAVE_POSIX_MEMALIGN
......
......@@ -293,6 +293,10 @@ extern struct tm *localtime_r (time_t const * restrict, struct tm * restrict);
#define NSIG 23
#endif
#ifndef ENOTSUP
#define ENOTSUP ENOSYS
#endif
#ifdef _MSC_VER
typedef int sigset_t;
typedef int ssize_t;
......
/* Emulation of Posix ACLs for Windows. */
#ifndef ACL_H
#define ACL_H
#define NOMINMAX 1 /* don't define min and max */
#include <windows.h>
typedef PSECURITY_DESCRIPTOR acl_t;
typedef unsigned acl_type_t;
/* Values of acl_type_t */
#define ACL_TYPE_ACCESS 0
#define ACL_TYPE_DEFAULT 1
typedef unsigned acl_perm_t;
extern int acl_valid (acl_t);
extern acl_t acl_get_file (const char *, acl_type_t);
extern int acl_set_file (const char *, acl_type_t, acl_t);
extern char * acl_to_text (acl_t, ssize_t *);
extern acl_t acl_from_text (const char *);
extern int acl_free (void *);
#endif /* ACL_H */
2012-12-17 Eli Zaretskii <eliz@gnu.org>
Emulate Posix ACL APIs on MS-Windows.
* w32.c: Include sddl.h and sys/acl.h.
(SDDL_REVISION_1): Define if not already defined.
(g_b_init_get_security_descriptor_dacl)
(g_b_init_convert_sd_to_sddl, g_b_init_convert_sddl_to_sd)
(g_b_init_is_valid_security_descriptor)
(g_b_init_set_file_security): New static flags.
(globals_of_w32): Initialize them to zero.
(SetFileSecurity_Name): New string constant.
(SetFileSecurity_Proc, GetSecurityDescriptorDacl_Proc)
(ConvertStringSecurityDescriptorToSecurityDescriptor_Proc)
(ConvertSecurityDescriptorToStringSecurityDescriptor_Proc)
(IsValidSecurityDescriptor_Proc): New typedefs.
(get_file_security, get_security_descriptor_owner)
(get_security_descriptor_group): Set errno to ENOTSUP.
(set_file_security, get_security_descriptor_dacl)
(is_valid_security_descriptor, convert_sd_to_sddl)
(convert_sddl_to_sd, acl_valid, acl_to_text, acl_from_text)
(acl_free, acl_get_file, acl_set_file): New functions.
* fileio.c (Fcopy_file) [WINDOWSNT]: Support copying ACLs.
2012-12-17 Paul Eggert <eggert@cs.ucla.edu>
Don't reraise SIGCHLD, as that can now lose (Bug#13192).
......
......@@ -1956,6 +1956,14 @@ entries (depending on how Emacs was built). */)
out_st.st_mode = 0;
#ifdef WINDOWSNT
if (!NILP (preserve_extended_attributes))
{
#ifdef HAVE_POSIX_ACL
acl = acl_get_file (SDATA (encoded_file), ACL_TYPE_ACCESS);
if (acl == NULL && errno != ENOTSUP)
report_file_error ("Getting ACL", Fcons (file, Qnil));
#endif
}
if (!CopyFile (SDATA (encoded_file),
SDATA (encoded_newname),
FALSE))
......@@ -1983,6 +1991,17 @@ entries (depending on how Emacs was built). */)
/* Restore original attributes. */
SetFileAttributes (filename, attributes);
}
#ifdef HAVE_POSIX_ACL
if (acl != NULL)
{
bool fail =
acl_set_file (SDATA (encoded_newname), ACL_TYPE_ACCESS, acl) != 0;
if (fail && errno != ENOTSUP)
report_file_error ("Setting ACL", Fcons (newname, Qnil));
acl_free (acl);
}
#endif
#else /* not WINDOWSNT */
immediate_quit = 1;
ifd = emacs_open (SSDATA (encoded_file), O_RDONLY, 0);
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment