1 /* Test whether two files have the same ACLs.
2 Copyright (C) 2008-2011 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
17 /* Written by Bruno Haible <bruno@clisp.org>, 2008. */
27 #if HAVE_ACL_GET_FILE || HAVE_FACL || HAVE_GETACL || HAVE_ACLX_GET || HAVE_STATACL || HAVE_ACLSORT
28 # include <sys/types.h>
32 # include <sys/types.h>
37 #include "read-file.h"
42 main (int argc, char *argv[])
47 set_program_name (argv[0]);
54 /* Compare the contents of the two files. */
61 contents1 = read_file (file1, &size1);
62 if (contents1 == NULL)
64 fprintf (stderr, "error reading file %s: errno = %d\n", file1, errno);
68 contents2 = read_file (file2, &size2);
69 if (contents2 == NULL)
71 fprintf (stderr, "error reading file %s: errno = %d\n", file2, errno);
78 fprintf (stderr, "files %s and %s have different sizes\n",
83 if (memcmp (contents1, contents2, size1) != 0)
85 fprintf (stderr, "files %s and %s have different contents\n",
92 /* Compare the access permissions of the two files, including ACLs. */
97 if (stat (file1, &statbuf1) < 0)
99 fprintf (stderr, "error accessing file %s: errno = %d\n", file1, errno);
103 if (stat (file2, &statbuf2) < 0)
105 fprintf (stderr, "error accessing file %s: errno = %d\n", file2, errno);
109 if (statbuf1.st_mode != statbuf2.st_mode)
111 fprintf (stderr, "files %s and %s have different access modes: %03o and %03o\n",
113 (unsigned int) statbuf1.st_mode, (unsigned int) statbuf2.st_mode);
118 #if HAVE_ACL_GET_FILE /* Linux, FreeBSD, MacOS X, IRIX, Tru64 */
119 static const int types[] =
122 # if HAVE_ACL_TYPE_EXTENDED /* MacOS X */
128 for (t = 0; t < sizeof (types) / sizeof (types[0]); t++)
138 acl1 = acl_get_file (file1, type);
139 if (acl1 == (acl_t)NULL)
146 text1 = acl_to_text (acl1, NULL);
152 acl2 = acl_get_file (file2, type);
153 if (acl2 == (acl_t)NULL)
160 text2 = acl_to_text (acl2, NULL);
167 if (acl1 != (acl_t)NULL)
169 if (acl2 != (acl_t)NULL)
175 if (strcmp (text1, text2) != 0)
177 fprintf (stderr, "files %s and %s have different ACLs:\n%s\n%s\n",
178 file1, file2, text1, text2);
184 fprintf (stderr, "file %s has a valid ACL, but file %s has an invalid ACL\n",
193 fprintf (stderr, "file %s has an invalid ACL, but file %s has a valid ACL\n",
199 if (errno1 != errno2)
201 fprintf (stderr, "files %s and %s have differently invalid ACLs, errno = %d vs. %d\n",
202 file1, file2, errno1, errno2);
210 fprintf (stderr, "file %s has an ACL, but file %s has no ACL\n",
217 if (acl2 != (acl_t)NULL)
219 fprintf (stderr, "file %s has no ACL, but file %s has an ACL\n",
225 #elif HAVE_FACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
229 count1 = acl (file1, GETACLCNT, 0, NULL);
230 if (count1 < 0 && errno == ENOSYS) /* Can happen on Solaris 10 with ZFS */
232 count2 = acl (file2, GETACLCNT, 0, NULL);
233 if (count2 < 0 && errno == ENOSYS) /* Can happen on Solaris 10 with ZFS */
238 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
244 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
248 if (count1 != count2)
250 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
251 file1, file2, count1, count2);
256 aclent_t *entries1 = XNMALLOC (count1, aclent_t);
257 aclent_t *entries2 = XNMALLOC (count2, aclent_t);
260 if (count1 > 0 && acl (file1, GETACL, count1, entries1) < count1)
262 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
266 if (count2 > 0 && acl (file2, GETACL, count2, entries2) < count1)
268 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
272 for (i = 0; i < count1; i++)
274 if (entries1[i].a_type != entries2[i].a_type)
276 fprintf (stderr, "files %s and %s: different ACL entry #%d: different types %d and %d\n",
277 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
280 if (entries1[i].a_id != entries2[i].a_id)
282 fprintf (stderr, "files %s and %s: different ACL entry #%d: different ids %d and %d\n",
283 file1, file2, i, (int)entries1[i].a_id, (int)entries2[i].a_id);
286 if (entries1[i].a_perm != entries2[i].a_perm)
288 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
289 file1, file2, i, (unsigned int) entries1[i].a_perm, (unsigned int) entries2[i].a_perm);
295 count1 = acl (file1, ACE_GETACLCNT, 0, NULL);
296 if (count1 < 0 && errno == EINVAL)
298 count2 = acl (file2, ACE_GETACLCNT, 0, NULL);
299 if (count2 < 0 && errno == EINVAL)
303 fprintf (stderr, "error accessing the ACE-ACLs of file %s\n", file1);
309 fprintf (stderr, "error accessing the ACE-ACLs of file %s\n", file2);
313 if (count1 != count2)
315 fprintf (stderr, "files %s and %s have different number of ACE-ACLs: %d and %d\n",
316 file1, file2, count1, count2);
321 ace_t *entries1 = XNMALLOC (count1, ace_t);
322 ace_t *entries2 = XNMALLOC (count2, ace_t);
325 if (acl (file1, ACE_GETACL, count1, entries1) < count1)
327 fprintf (stderr, "error retrieving the ACE-ACLs of file %s\n", file1);
331 if (acl (file2, ACE_GETACL, count2, entries2) < count1)
333 fprintf (stderr, "error retrieving the ACE-ACLs of file %s\n", file2);
337 for (i = 0; i < count1; i++)
339 if (entries1[i].a_type != entries2[i].a_type)
341 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different types %d and %d\n",
342 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
345 if (entries1[i].a_who != entries2[i].a_who)
347 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different ids %d and %d\n",
348 file1, file2, i, (int)entries1[i].a_who, (int)entries2[i].a_who);
351 if (entries1[i].a_access_mask != entries2[i].a_access_mask)
353 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different access masks %03o and %03o\n",
354 file1, file2, i, (unsigned int) entries1[i].a_access_mask, (unsigned int) entries2[i].a_access_mask);
357 if (entries1[i].a_flags != entries2[i].a_flags)
359 fprintf (stderr, "files %s and %s: different ACE-ACL entry #%d: different flags 0x%x and 0x%x\n",
360 file1, file2, i, (unsigned int) entries1[i].a_flags, (unsigned int) entries2[i].a_flags);
366 #elif HAVE_GETACL /* HP-UX */
370 count1 = getacl (file1, 0, NULL);
372 && (errno == ENOSYS || errno == EOPNOTSUPP || errno == ENOTSUP))
374 count2 = getacl (file2, 0, NULL);
376 && (errno == ENOSYS || errno == EOPNOTSUPP || errno == ENOTSUP))
381 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
387 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
391 if (count1 != count2)
393 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
394 file1, file2, count1, count2);
399 struct acl_entry *entries1 = XNMALLOC (count1, struct acl_entry);
400 struct acl_entry *entries2 = XNMALLOC (count2, struct acl_entry);
403 if (getacl (file1, count1, entries1) < count1)
405 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
409 if (getacl (file2, count2, entries2) < count1)
411 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
415 for (i = 0; i < count1; i++)
417 if (entries1[i].uid != entries2[i].uid)
419 fprintf (stderr, "files %s and %s: different ACL entry #%d: different uids %d and %d\n",
420 file1, file2, i, (int)entries1[i].uid, (int)entries2[i].uid);
423 if (entries1[i].gid != entries2[i].gid)
425 fprintf (stderr, "files %s and %s: different ACL entry #%d: different gids %d and %d\n",
426 file1, file2, i, (int)entries1[i].gid, (int)entries2[i].gid);
429 if (entries1[i].mode != entries2[i].mode)
431 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
432 file1, file2, i, (unsigned int) entries1[i].mode, (unsigned int) entries2[i].mode);
438 # if HAVE_ACLV_H /* HP-UX >= 11.11 */
440 struct acl dummy_entries[NACLVENTRIES];
442 count1 = acl ((char *) file1, ACL_CNT, NACLVENTRIES, dummy_entries);
444 && (errno == ENOSYS || errno == EOPNOTSUPP || errno == EINVAL))
446 count2 = acl ((char *) file2, ACL_CNT, NACLVENTRIES, dummy_entries);
448 && (errno == ENOSYS || errno == EOPNOTSUPP || errno == EINVAL))
454 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
460 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
464 if (count1 != count2)
466 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
467 file1, file2, count1, count2);
472 struct acl *entries1 = XNMALLOC (count1, struct acl);
473 struct acl *entries2 = XNMALLOC (count2, struct acl);
476 if (acl ((char *) file1, ACL_GET, count1, entries1) < count1)
478 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
482 if (acl ((char *) file2, ACL_GET, count2, entries2) < count1)
484 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
488 for (i = 0; i < count1; i++)
490 if (entries1[i].a_type != entries2[i].a_type)
492 fprintf (stderr, "files %s and %s: different ACL entry #%d: different types %d and %d\n",
493 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
496 if (entries1[i].a_id != entries2[i].a_id)
498 fprintf (stderr, "files %s and %s: different ACL entry #%d: different ids %d and %d\n",
499 file1, file2, i, (int)entries1[i].a_id, (int)entries2[i].a_id);
502 if (entries1[i].a_perm != entries2[i].a_perm)
504 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
505 file1, file2, i, (unsigned int) entries1[i].a_perm, (unsigned int) entries2[i].a_perm);
511 #elif HAVE_ACLX_GET /* AIX */
514 size_t aclsize1 = sizeof (acl1);
517 size_t textsize1 = sizeof (text1);
520 size_t aclsize2 = sizeof (acl2);
523 size_t textsize2 = sizeof (text2);
525 /* The docs say that type1 being 0 is equivalent to ACL_ANY, but it is not
528 if (aclx_get (file1, 0, &type1, acl1, &aclsize1, &mode1) < 0)
534 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
540 if (aclx_printStr (text1, &textsize1, acl1, aclsize1, type1, file1, 0) < 0)
542 fprintf (stderr, "cannot convert the ACLs of file %s to text\n", file1);
547 /* The docs say that type2 being 0 is equivalent to ACL_ANY, but it is not
550 if (aclx_get (file2, 0, &type2, acl2, &aclsize2, &mode2) < 0)
556 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
562 if (aclx_printStr (text2, &textsize2, acl2, aclsize2, type2, file2, 0) < 0)
564 fprintf (stderr, "cannot convert the ACLs of file %s to text\n", file2);
569 if (strcmp (text1, text2) != 0)
571 fprintf (stderr, "files %s and %s have different ACLs:\n%s\n%s\n",
572 file1, file2, text1, text2);
575 #elif HAVE_STATACL /* older AIX */
576 union { struct acl a; char room[4096]; } acl1;
577 union { struct acl a; char room[4096]; } acl2;
580 if (statacl (file1, STX_NORMAL, &acl1.a, sizeof (acl1)) < 0)
582 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
586 if (statacl (file2, STX_NORMAL, &acl2.a, sizeof (acl2)) < 0)
588 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
593 if (acl1.a.acl_len != acl2.a.acl_len)
595 fprintf (stderr, "files %s and %s have different ACL lengths: %u and %u\n",
596 file1, file2, acl1.a.acl_len, acl2.a.acl_len);
599 if (acl1.a.acl_mode != acl2.a.acl_mode)
601 fprintf (stderr, "files %s and %s have different ACL modes: %03o and %03o\n",
602 file1, file2, acl1.a.acl_mode, acl2.a.acl_mode);
605 if (acl1.a.u_access != acl2.a.u_access
606 || acl1.a.g_access != acl2.a.g_access
607 || acl1.a.o_access != acl2.a.o_access)
609 fprintf (stderr, "files %s and %s have different ACL access masks: %03o %03o %03o and %03o %03o %03o\n",
611 acl1.a.u_access, acl1.a.g_access, acl1.a.o_access,
612 acl2.a.u_access, acl2.a.g_access, acl2.a.o_access);
615 if (memcmp (acl1.a.acl_ext, acl2.a.acl_ext, acl1.a.acl_len) != 0)
617 fprintf (stderr, "files %s and %s have different ACL entries\n",
621 #elif HAVE_ACLSORT /* NonStop Kernel */
625 count1 = acl ((char *) file1, ACL_CNT, NACLENTRIES, NULL);
626 count2 = acl ((char *) file2, ACL_CNT, NACLENTRIES, NULL);
630 fprintf (stderr, "error accessing the ACLs of file %s\n", file1);
636 fprintf (stderr, "error accessing the ACLs of file %s\n", file2);
640 if (count1 != count2)
642 fprintf (stderr, "files %s and %s have different number of ACLs: %d and %d\n",
643 file1, file2, count1, count2);
648 struct acl *entries1 = XNMALLOC (count1, struct acl);
649 struct acl *entries2 = XNMALLOC (count2, struct acl);
652 if (acl ((char *) file1, ACL_GET, count1, entries1) < count1)
654 fprintf (stderr, "error retrieving the ACLs of file %s\n", file1);
658 if (acl ((char *) file2, ACL_GET, count2, entries2) < count1)
660 fprintf (stderr, "error retrieving the ACLs of file %s\n", file2);
664 for (i = 0; i < count1; i++)
666 if (entries1[i].a_type != entries2[i].a_type)
668 fprintf (stderr, "files %s and %s: different ACL entry #%d: different types %d and %d\n",
669 file1, file2, i, entries1[i].a_type, entries2[i].a_type);
672 if (entries1[i].a_id != entries2[i].a_id)
674 fprintf (stderr, "files %s and %s: different ACL entry #%d: different ids %d and %d\n",
675 file1, file2, i, (int)entries1[i].a_id, (int)entries2[i].a_id);
678 if (entries1[i].a_perm != entries2[i].a_perm)
680 fprintf (stderr, "files %s and %s: different ACL entry #%d: different permissions %03o and %03o\n",
681 file1, file2, i, (unsigned int) entries1[i].a_perm, (unsigned int) entries2[i].a_perm);