priv-set: new module and accompanying tests; adapt write-any-file

* lib/priv-set.c: New file.
* lib/priv-set.h: New file.
* lib/unlinkdir.c: Make cannot_unlink_dir thread-safe.
* lib/write-any-file.c: Simplify by using priv-set module.
* m4/priv-set.m4: New file.
* modules/priv-set: New file.
* modules/unlinkdir: Add dependency on priv-set module.
* modules/write-any-file: Likewise.
These changes address a problem that originally arose with GNU tar:
http://thread.gmane.org/gmane.comp.gnu.tar.bugs/3242

Tests for module 'priv-set'.
* modules/priv-set-tests: New file.

1 files changed, 143 insertions, 0 deletions

diff --git a/lib/priv-set.c b/lib/priv-set.c
new file mode 100644
index 0000000000..0051ce6708
--- /dev/null
+++ b/lib/priv-set.c
@@ -0,0 +1,143 @@
+/* Query, remove, or restore a Solaris privilege.
+
+   Copyright (C) 2009 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+   Written by David Bartley.  */
+
+#include <config.h>
+#include "priv-set.h"
+
+#if HAVE_GETPPRIV
+
+# include <errno.h>
+# include <stdbool.h>
+# include <priv.h>
+
+/* Holds a (cached) copy of the effective set.  */
+static priv_set_t *eff_set;
+
+/* Holds a set of privileges that we have removed.  */
+static priv_set_t *rem_set;
+
+static bool initialized;
+
+static int
+priv_set_initialize (void)
+{
+  if (! initialized)
+    {
+      eff_set = priv_allocset ();
+      if (!eff_set)
+	{
+	  return -1;
+	}
+      rem_set = priv_allocset ();
+      if (!rem_set)
+	{
+	  priv_freeset (eff_set);
+	  return -1;
+	}
+      if (getppriv (PRIV_EFFECTIVE, eff_set) != 0)
+	{
+	  priv_freeset (eff_set);
+	  priv_freeset (rem_set);
+	  return -1;
+	}
+      priv_emptyset (rem_set);
+      initialized = true;
+    }
+
+  return 0;
+}
+
+
+/* Check if priv is in the effective set.
+   Returns 1 if priv is a member and 0 if not.
+   Returns -1 on error with errno set appropriately.  */
+int
+priv_set_ismember (const char *priv)
+{
+  if (! initialized && priv_set_initialize () != 0)
+    return -1;
+
+  return priv_ismember (eff_set, priv);
+}
+
+
+/* Try to remove priv from the effective set.
+   Returns 0 if priv was removed from or was not present in the effective set.
+   Returns -1 on error with errno set appropriately.  */
+int
+priv_set_remove (const char *priv)
+{
+  if (! initialized && priv_set_initialize () != 0)
+    return -1;
+
+  if (priv_ismember (eff_set, priv))
+    {
+      /* priv_addset/priv_delset can only fail if priv is invalid, which is
+	 checked above by the priv_ismember call.  */
+      priv_delset (eff_set, priv);
+      if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
+	{
+	  priv_addset (eff_set, priv);
+	  return -1;
+	}
+      priv_addset (rem_set, priv);
+    }
+  else
+    {
+      errno = EINVAL;
+      return -1;
+    }
+
+  return 0;
+}
+
+
+/* Try to restore priv to the effective set.
+   Returns 0 if priv was re-added to the effective set (after being prviously
+   removed by a call to priv_set_remove) or if priv was already in the
+   effective set.
+   Returns -1 on error with errno set appropriately.  */
+int
+priv_set_restore (const char *priv)
+{
+  if (! initialized && priv_set_initialize () != 0)
+    return -1;
+
+  if (priv_ismember (rem_set, priv))
+    {
+      /* priv_addset/priv_delset can only fail if priv is invalid, which is
+	 checked above by the priv_ismember call.  */
+      priv_addset (eff_set, priv);
+      if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
+	{
+	  priv_delset (eff_set, priv);
+	  return -1;
+	}
+      priv_delset (rem_set, priv);
+    }
+  else
+    {
+      errno = EINVAL;
+      return -1;
+    }
+
+  return 0;
+}
+
+#endif