How to check if a UID exists in an ACL in Linux?
If I misunderstood the question I apologize, but hopefully you will find this helpful:
Exceprt from some acl documentation:
The following functions retrieve and manipulate ACL entries:
acl_copy_entry()
acl_create_entry()
acl_delete_entry()
acl_first_entry()
acl_get_entry()
The following functions retrieve and manipulate fields in an ACL entry:
acl_add_perm()
acl_clear_perm()
alc_delete_perm()
acl_get_permset()
acl_get_qualifier()
acl_get_tag_type()
acl_set_permset()
acl_set_qualifier()
acl_set_tag_type()
...
ACL Entries
An ACL entry consists of the following fields:
Tag type (defined in the acl.h header file):
ACL_USER_OBJ - The owning user entry.
ACL_GROUP_OBJ - The owning group entry.
ACL_USER - An entry for other users.
ACL_GROUP - An entry for other groups.
ACL_OTHER_OBJ - The entry for all users and groups that are not included in another entry.
Tag qualifier - The qualifier value for a ACL_USER entry is a user ID.
The qualifier value for a ACL_GROUP entry is a group ID.
The qualifier value for any of the *_OBJ entries is NULL.
From acl_update.c:
/*
Find the the ACL entry in 'acl' corresponding to the tag type and
qualifier in 'tag' and 'id'. Return the matching entry, or NULL
if no entry was found. */
static acl_entry_t
findEntry(acl_t acl, acl_tag_t tag, id_t qaul)
{
acl_entry_t entry;
acl_tag_t entryTag;
uid_t *uidp;
gid_t *gidp;
int ent, s;
for (ent = ACL_FIRST_ENTRY; ; ent = ACL_NEXT_ENTRY) {
s = acl_get_entry(acl, ent, &entry);
if (s == -1)
errExit("acl_get_entry");
if (s == 0)
return NULL;
if (acl_get_tag_type(entry, &entryTag) == -1)
errExit("acl_get_tag_type");
if (tag == entryTag) {
if (tag == ACL_USER) {
uidp = acl_get_qualifier(entry);
if (uidp == NULL)
errExit("acl_get_qualifier");
if (qaul == *uidp) {
if (acl_free(uidp) == -1)
errExit("acl_free");
return entry;
} else {
if (acl_free(uidp) == -1)
errExit("acl_free");
}
} else if (tag == ACL_GROUP) {
gidp = acl_get_qualifier(entry);
if (gidp == NULL)
errExit("acl_get_qualifier");
if (qaul == *gidp) {
if (acl_free(gidp) == -1)
errExit("acl_free");
return entry;
} else {
if (acl_free(gidp) == -1)
errExit("acl_free");
}
} else {
return entry;
}
}
}
}
I dont think u need to check the ACL of a specific file, but if I am wrong, here is some info to do so:
$ getfacl myFile
# file: myFile
# owner: jon
# group: people
user::rwx
user:foo:rwx
group::rwx
mask::rwx
other::---
then to get a uid from the name (untested but should be close):
$ grep /etc/passwd `getfacl myFile | grep owner | split -d":" -f2` | egrep -o "[0-9]+"
Some more resources:
acl/facl examples and reference
man acl
POSIX Access Control Lists
statacl
Test if a directory is writable by a given UID?
Here's a long, roundabout way of checking.
USER=johndoe
DIR=/path/to/somewhere
# Use -L to get information about the target of a symlink,
# not the link itself, as pointed out in the comments
INFO=( $(stat -L -c "%a %G %U" "$DIR") )
PERM=${INFO[0]}
GROUP=${INFO[1]}
OWNER=${INFO[2]}
ACCESS=no
if (( ($PERM & 0002) != 0 )); then
# Everyone has write access
ACCESS=yes
elif (( ($PERM & 0020) != 0 )); then
# Some group has write access.
# Is user in that group?
gs=( $(groups $USER) )
for g in "${gs[@]}"; do
if [[ $GROUP == $g ]]; then
ACCESS=yes
break
fi
done
elif (( ($PERM & 0200) != 0 )); then
# The owner has write access.
# Does the user own the file?
[[ $USER == $OWNER ]] && ACCESS=yes
fi
How to run a Linux/C program in a customized way?
You should search for "beginning linux" to get some web sites that will give you the basics of navigating around in Linux, notably on the command line.
Then I'd search for "beginning vi" to learn the basics of the vi editor. If you're using a GUI, then you can simply use their simple GUI text editor.
Then I would search on "Beginning C programming linux". That will give you several links, and will get you through the basics of creating a C program and compiling it with GCC.
That should keep you in enough trouble for the short term until something clicks or you learn enough new terms to keep searching for.
Good luck!
Related Topics
How to Fix Urllib3 Runtimeerror: Requests Dependency 'Urllib3' Must Be Version >= 1.21.1, < 1.22
Laravel-Mix No Build Notification
How to Get Notified of Modification in The Memory in Linux
Understanding Glibc Malloc Trimming
Get Man Pages for Driver Functions
Linux >2.6.33: Could Sendfile() Be Used to Implement a Faster 'Cat'
Which Is Faster of Two Case or If
Linux: How to Send a Whole Packet to a Specific Port on Another Host
How to Find Out The User of Parent Shell Inside a Child Shell
Accidentally Deleted Symlink Libc.So.6 in Centos 6.4. How to Get Sudo Privilege to Re-Create It
What Algorithm How to Use to Generate a 48-Bit Hash for Unique MAC Addresses
How to Specify a Local Bond Interface to Multicast Socket in Haskell
What Does Signal(Sigchld, Sig_Dfl); Mean
Amazon Ses on Google Cloud Computing Instance Vm Using Postfix