Jakob Unterwurzacher ca9e912a28 fusefrontend: drop xattr user namespace restriction
We used to restrict setting xattrs to the "user."
namespace. I don't see a real reason for this
anymore, and it causes trouble for users who are using
acls.

Tests will be added in the next commit.

https://github.com/rfjakob/gocryptfs/issues/453
2020-02-29 20:12:43 +01:00

91 lines
2.6 KiB
Go

// +build darwin
// Package fusefrontend interfaces directly with the go-fuse library.
package fusefrontend
import (
"syscall"
"golang.org/x/sys/unix"
"github.com/hanwen/go-fuse/fuse"
"github.com/rfjakob/gocryptfs/internal/syscallcompat"
)
// On Darwin it is needed to unset XATTR_NOSECURITY 0x0008
func filterXattrSetFlags(flags int) int {
// See https://opensource.apple.com/source/xnu/xnu-1504.15.3/bsd/sys/xattr.h.auto.html
const XATTR_NOSECURITY = 0x0008
return flags &^ XATTR_NOSECURITY
}
func (fs *FS) getXAttr(relPath string, cAttr string, context *fuse.Context) ([]byte, fuse.Status) {
// O_NONBLOCK to not block on FIFOs.
fd, err := fs.openBackingFile(relPath, syscall.O_RDONLY|syscall.O_NONBLOCK)
if err != nil {
return nil, fuse.ToStatus(err)
}
defer syscall.Close(fd)
cData, err := syscallcompat.Fgetxattr(fd, cAttr)
if err != nil {
return nil, fuse.ToStatus(err)
}
return cData, fuse.OK
}
func (fs *FS) setXAttr(relPath string, cAttr string, cData []byte, flags int, context *fuse.Context) fuse.Status {
// O_NONBLOCK to not block on FIFOs.
fd, err := fs.openBackingFile(relPath, syscall.O_WRONLY|syscall.O_NONBLOCK)
// Directories cannot be opened read-write. Retry.
if err == syscall.EISDIR {
fd, err = fs.openBackingFile(relPath, syscall.O_RDONLY|syscall.O_DIRECTORY|syscall.O_NONBLOCK)
}
if err != nil {
return fuse.ToStatus(err)
}
defer syscall.Close(fd)
err = unix.Fsetxattr(fd, cAttr, cData, flags)
return fuse.ToStatus(err)
}
func (fs *FS) removeXAttr(relPath string, cAttr string, context *fuse.Context) fuse.Status {
// O_NONBLOCK to not block on FIFOs.
fd, err := fs.openBackingFile(relPath, syscall.O_WRONLY|syscall.O_NONBLOCK)
// Directories cannot be opened read-write. Retry.
if err == syscall.EISDIR {
fd, err = fs.openBackingFile(relPath, syscall.O_RDONLY|syscall.O_DIRECTORY|syscall.O_NONBLOCK)
}
if err != nil {
return fuse.ToStatus(err)
}
defer syscall.Close(fd)
err = unix.Fremovexattr(fd, cAttr)
return fuse.ToStatus(err)
}
func (fs *FS) listXAttr(relPath string, context *fuse.Context) ([]string, fuse.Status) {
// O_NONBLOCK to not block on FIFOs.
fd, err := fs.openBackingFile(relPath, syscall.O_RDONLY|syscall.O_NONBLOCK)
// On a symlink, openBackingFile fails with ELOOP. Let's pretend there
// can be no xattrs on symlinks, and always return an empty result.
if err == syscall.ELOOP {
return nil, fuse.OK
}
if err != nil {
return nil, fuse.ToStatus(err)
}
defer syscall.Close(fd)
cNames, err := syscallcompat.Flistxattr(fd)
if err != nil {
return nil, fuse.ToStatus(err)
}
return cNames, fuse.OK
}