// permToACL - convert perm to meaningful ACL func permToACL(mode os.FileMode) BucketACL { switch mode.Perm() { case os.FileMode(0700): return BucketACL("private") case os.FileMode(0500): return BucketACL("public-read") case os.FileMode(0777): return BucketACL("public-read-write") default: return BucketACL("private") } }
func copyDir(src, dst string, mode os.FileMode) error { srcf, err := os.Open(src) if err != nil { return err } defer srcf.Close() if mode&0500 == 0 { // The source directory doesn't have write permission, // so give the new directory write permission anyway // so that we have permission to create its contents. // We'll make the permissions match at the end. mode |= 0500 } if err := os.Mkdir(dst, mode.Perm()); err != nil { return err } for { names, err := srcf.Readdirnames(100) for _, name := range names { if err := Copy(filepath.Join(src, name), filepath.Join(dst, name)); err != nil { return err } } if err == io.EOF { break } if err != nil { return fmt.Errorf("error reading directory %q: %v", src, err) } } if err := os.Chmod(dst, mode.Perm()); err != nil { return err } return nil }
func (fs *memFS) OpenFile(name string, flag int, perm os.FileMode) (File, error) { fs.mu.Lock() defer fs.mu.Unlock() dir, frag, err := fs.find("open", name) if err != nil { return nil, err } var n *memFSNode if dir == nil { // We're opening the root. if flag&(os.O_WRONLY|os.O_RDWR) != 0 { return nil, os.ErrPermission } n, frag = &fs.root, "/" } else { n = dir.children[frag] if flag&(os.O_SYNC|os.O_APPEND) != 0 { // memFile doesn't support these flags yet. return nil, os.ErrInvalid } if flag&os.O_CREATE != 0 { if flag&os.O_EXCL != 0 && n != nil { return nil, os.ErrExist } if n == nil { n = &memFSNode{ mode: perm.Perm(), } dir.children[frag] = n } } if n == nil { return nil, os.ErrNotExist } if flag&(os.O_WRONLY|os.O_RDWR) != 0 && flag&os.O_TRUNC != 0 { n.mu.Lock() n.data = nil n.mu.Unlock() } } children := make([]os.FileInfo, 0, len(n.children)) for cName, c := range n.children { children = append(children, c.stat(cName)) } return &memFile{ n: n, nameSnapshot: frag, childrenSnapshot: children, }, nil }
// posixMode() returns the posix specific mode bits from Go's portable mode bits // // Copied from the syscallMode() function in file_posix.go in the Go source func posixMode(i os.FileMode) (o uint32) { o |= uint32(i.Perm()) if i&os.ModeSetuid != 0 { o |= syscall.S_ISUID } if i&os.ModeSetgid != 0 { o |= syscall.S_ISGID } if i&os.ModeSticky != 0 { o |= syscall.S_ISVTX } return }
func (pb *Packbuilder) WriteToFile(name string, mode os.FileMode) error { cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) runtime.LockOSThread() defer runtime.UnlockOSThread() ret := C.git_packbuilder_write(pb.ptr, cname, C.uint(mode.Perm()), nil, nil) if ret != 0 { return MakeGitError(ret) } return nil }
// Given a FileMode from the os package, get it's permission bits func FileMode(fm os.FileMode) PermissionBits { perm := PermissionBits(fm.Perm()) if fm&os.ModeSetuid != 0 { perm.SetSetuid(true) } if fm&os.ModeSetgid != 0 { perm.SetSetgid(true) } if fm&os.ModeSticky != 0 { perm.SetSticky(true) } return perm }
// https://github.com/jnwhiteh/golang/blob/master/src/pkg/os/file_posix.go#L61 func syscallMode(i os.FileMode) (o uint32) { o |= uint32(i.Perm()) if i&os.ModeSetuid != 0 { o |= syscall.S_ISUID } if i&os.ModeSetgid != 0 { o |= syscall.S_ISGID } if i&os.ModeSticky != 0 { o |= syscall.S_ISVTX } // No mapping for Go's ModeTemporary (plan9 only). return }
func (fs *memFS) OpenFile(name string, flag int, perm os.FileMode) (File, error) { var ret *memFile err := fs.walk("open", name, func(dir *memFSNode, frag string, final bool) error { if !final { return nil } if frag == "" { return os.ErrInvalid } if flag&(os.O_SYNC|os.O_APPEND) != 0 { return os.ErrInvalid } n := dir.children[frag] if flag&os.O_CREATE != 0 { if flag&os.O_EXCL != 0 && n != nil { return os.ErrExist } if n == nil { n = &memFSNode{ name: frag, mode: perm.Perm(), } dir.children[frag] = n } } if n == nil { return os.ErrNotExist } if flag&(os.O_WRONLY|os.O_RDWR) != 0 && flag&os.O_TRUNC != 0 { n.mu.Lock() n.data = nil n.mu.Unlock() } children := make([]os.FileInfo, 0, len(n.children)) for _, c := range n.children { children = append(children, c) } ret = &memFile{ n: n, children: children, } return nil }) if err != nil { return nil, err } return ret, nil }
func Command(rootfsPath string, uid, gid int, mode os.FileMode, recreate bool, paths ...string) *exec.Cmd { flags := []string{ name, "-rootfsPath", rootfsPath, "-uid", strconv.Itoa(uid), "-gid", strconv.Itoa(gid), "-perm", strconv.Itoa(int(mode.Perm())), } if recreate { flags = append(flags, "-recreate=true") } return reexec.Command(append(flags, paths...)...) }
// osFileModeToFuseFileMode converts a standard os.FileMode to the bit array used // by the fuse package. Permissions, regular/dir modes, symlinks, and named pipes // are the only bits that are converted. func osFileModeToFuseFileMode(inMode os.FileMode) (outMode uint32) { if inMode.IsRegular() { outMode |= fuse.S_IFREG } if inMode.IsDir() { outMode |= fuse.S_IFDIR } if inMode&os.ModeSymlink == os.ModeSymlink { outMode |= fuse.S_IFLNK } if inMode&os.ModeNamedPipe == os.ModeNamedPipe { outMode |= fuse.S_IFIFO } outMode |= uint32(inMode.Perm()) return }
func (fs *memFS) Mkdir(name string, perm os.FileMode) error { return fs.walk("mkdir", name, func(dir *memFSNode, frag string, final bool) error { if !final { return nil } if frag == "" { return os.ErrInvalid } if _, ok := dir.children[frag]; ok { return os.ErrExist } dir.children[frag] = &memFSNode{ name: frag, children: make(map[string]*memFSNode), mode: perm.Perm() | os.ModeDir, modTime: time.Now(), } return nil }) }
// mknod provides a shortcut for syscall.Mknod func mknod(p string, mode os.FileMode, maj, min int) error { var ( m = syscallMode(mode.Perm()) dev int ) if mode&os.ModeDevice != 0 { dev = makedev(maj, min) if mode&os.ModeCharDevice != 0 { m |= syscall.S_IFCHR } else { m |= syscall.S_IFBLK } } else if mode&os.ModeNamedPipe != 0 { m |= syscall.S_IFIFO } return syscall.Mknod(p, m, dev) }
func copyFile(src, dst string, mode os.FileMode) error { srcf, err := os.Open(src) if err != nil { return err } defer srcf.Close() dstf, err := os.OpenFile(dst, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode.Perm()) if err != nil { return err } defer dstf.Close() // Make the actual permissions match the source permissions // even in the presence of umask. if err := os.Chmod(dstf.Name(), mode.Perm()); err != nil { return err } if _, err := io.Copy(dstf, srcf); err != nil { return fmt.Errorf("cannot copy %q to %q: %v", src, dst, err) } return nil }
func (fs *memFS) Mkdir(name string, perm os.FileMode) error { fs.mu.Lock() defer fs.mu.Unlock() dir, frag, err := fs.find("mkdir", name) if err != nil { return err } if dir == nil { // We can't create the root. return os.ErrInvalid } if _, ok := dir.children[frag]; ok { return os.ErrExist } dir.children[frag] = &memFSNode{ children: make(map[string]*memFSNode), mode: perm.Perm() | os.ModeDir, modTime: time.Now(), } return nil }
func (c *Client) PushFile(container string, p string, gid int, uid int, mode os.FileMode, buf io.ReadSeeker) error { query := url.Values{"path": []string{p}} uri := c.url(shared.APIVersion, "containers", container, "files") + "?" + query.Encode() req, err := http.NewRequest("POST", uri, buf) if err != nil { return err } req.Header.Set("User-Agent", shared.UserAgent) req.Header.Set("X-LXD-mode", fmt.Sprintf("%04o", mode.Perm())) req.Header.Set("X-LXD-uid", strconv.FormatUint(uint64(uid), 10)) req.Header.Set("X-LXD-gid", strconv.FormatUint(uint64(gid), 10)) raw, err := c.Http.Do(req) if err != nil { return err } _, err = HoistResponse(raw, Sync) return err }
func parseModeSymbolic(s string, base os.FileMode) (os.FileMode, error) { // log.Println("-- " + s) perm := uint32(base.Perm()) sbitsMask := uint32(os.ModeSetuid | os.ModeSetgid | os.ModeSticky) sbits := uint32(base) & sbitsMask for i := 0; i < len(s); { // user, group, other, or all var whom uint32 for j, c := range s[i:] { // log.Printf("whom: %d %s\n", i, string(s[i])) if c == 'u' { whom = whom | 0700 } else if c == 'g' { whom = whom | 0070 } else if c == 'o' { whom = whom | 0007 } else if c == 'a' { whom = whom | 0777 } else { if j == 0 { whom = 0777 } break } i++ } if i >= len(s) { return 0, errors.New("failed to parse the mode, operator is not found") } for i < len(s) { // operator // log.Printf("op: %d %s\n", i, string(s[i])) op := 0 switch s[i] { case '-': op = '-' case '+': op = '+' case '=': op = '=' default: return 0, errors.New("failed to parse the mode, invalid operator") } i++ // permission bits to modify var smod uint32 var mod uint32 if i < len(s) { // log.Printf("mod: %d %s\n", i, string(s[i])) switch s[i] { case 'u': mod = (perm & 0700) >> 6 i++ case 'g': mod = (perm & 0070) >> 3 i++ case 'o': mod = (perm & 0007) >> 0 i++ default: for i < len(s) { // log.Printf("mod-f: %d %s\n", i, string(s[i])) if s[i] == 'r' { mod = mod | 4 } else if s[i] == 'w' { mod = mod | 2 } else if s[i] == 'x' { mod = mod | 1 } else if s[i] == 'X' { if base.IsDir() { mod = mod | 1 } } else if s[i] == 's' { if (whom & 0700) > 0 { smod = smod | uint32(os.ModeSetuid) } if (whom & 0070) > 0 { smod = smod | uint32(os.ModeSetgid) } } else if s[i] == 't' { smod = smod | uint32(os.ModeSticky) } else { break } i++ } } mod = mod<<6 | mod<<3 | mod<<0 } // if i < len(s) { // log.Printf("mod-e: %d %s\n", i, string(s[i])) //} switch op { case '-': perm = perm - (whom & mod) sbits = sbits - smod case '+': perm = perm | (whom & mod) sbits = sbits | smod case '=': perm = (perm & (0777 ^ whom)) | (whom & mod) sbits = smod } if i < len(s) { // log.Printf(",: %d %s\n", i, string(s[i])) if s[i] == ',' { i++ break } } } } mode := uint32(base)&((1<<32-1)-0777-sbitsMask) | sbits&sbitsMask | perm&0777 return os.FileMode(mode), nil }