-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfilesetFilters.go
178 lines (167 loc) · 6.43 KB
/
filesetFilters.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
package api
import (
"time"
)
// Note that these properties correlate closely with what you'll see in
// Rio's FS packages: github.com/polydawn/rio/fs.Metadata in particular
// is a struct describing the same properties that these filters modify.
type FilesetPackFilter struct {
initialized bool // force the zero value of this struct to be obviously initialized
uid int // keep, [int]
gid int // keep, [int]
mtime int64 // keep, [value] // we *could* support a 'now' mode, but we're all about discouraging that kind of nonsense in the fileset.
sticky int // keep, ignore // i don't actually know why you'd ever want to zero out a sticky bit, but it's here for completeness.
setid int // keep, ignore, reject
dev int // keep, ignore, reject
}
type FilesetUnpackFilter struct {
initialized bool // force the zero value of this struct to be obviously initialized
uid int // follow, mine, [int]
gid int // follow, mine, [int]
mtime int64 // follow, now, [value]
sticky int // follow, ignore
setid int // follow, ignore, reject
dev int // follow, ignore, reject
}
var (
FilesetPackFilter_Lossless = FilesetPackFilter{true, ff_keep, ff_keep, ff_keep, ff_keep, ff_keep, ff_keep} // The default filters on... nothing, really.
FilesetPackFilter_Flatten = FilesetPackFilter{true, 1000, 1000, DefaultTime, ff_keep, ff_keep, ff_keep} // The default filters on repeatr outputs.
FilesetPackFilter_Conservative = FilesetPackFilter{true, 1000, 1000, DefaultTime, ff_keep, ff_reject, ff_reject} // The default filters on rio pack. Guides you away from anything that would require privs to unpack again.
FilesetUnpackFilter_Lossless = FilesetUnpackFilter{true, ff_follow, ff_follow, ff_follow, ff_follow, ff_follow, ff_follow} // The default filters on repeatr inputs. Follow all instructions, even dev and setid.
FilesetUnpackFilter_Conservative = FilesetUnpackFilter{true, ff_follow, ff_follow, ff_follow, ff_follow, ff_reject, ff_reject} // The default filters on rio scan. Follow all instructions, but halt on dev and setid (make the user aware if they're ingesting those).
FilesetUnpackFilter_LowPriv = FilesetUnpackFilter{true, ff_context, ff_context, ff_follow, ff_follow, ff_reject, ff_reject} // The default filters on rio unpack. Operate lossily (replace uid and gid with the current user's) so that we can run with low privileges.
// note that the 'ignore' modes are never used in any of our common defaults. they're only there for the user realizes they want them and require opt in.
)
var DefaultTime int64 = time.Date(2010, 1, 1, 0, 0, 0, 0, time.UTC).Unix()
const (
ff_unspecified = -1 // means not configured. serialize as such; cannot use, must stack with defaults first.
ff_keep = -2
ff_follow = -2
ff_ignore = -3
ff_reject = -4 // if trying to figure out caching, can map this into "ignore".
ff_context = -5 // if trying to figure out caching, must map this into a real value.
)
func (ff FilesetPackFilter) IsComplete() bool {
return ff.initialized &&
ff.uid != ff_unspecified &&
ff.gid != ff_unspecified &&
ff.mtime != ff_unspecified &&
ff.sticky != ff_unspecified &&
ff.setid != ff_unspecified &&
ff.dev != ff_unspecified
}
func (ff FilesetPackFilter) Apply(ff2 FilesetPackFilter) FilesetPackFilter {
if ff.initialized == false {
return ff2
}
if ff2.initialized == false {
return ff
}
ff.initialized = true
if ff.uid == ff_unspecified {
ff.uid = ff2.uid
}
if ff.gid == ff_unspecified {
ff.gid = ff2.gid
}
if ff.mtime == ff_unspecified {
ff.mtime = ff2.mtime
}
if ff.sticky == ff_unspecified {
ff.sticky = ff2.sticky
}
if ff.setid == ff_unspecified {
ff.setid = ff2.setid
}
if ff.dev == ff_unspecified {
ff.dev = ff2.dev
}
return ff
}
func (ff FilesetPackFilter) Uid() (keep bool, setTo int) {
return ff.uid == ff_keep, ff.uid
}
func (ff FilesetPackFilter) Gid() (keep bool, setTo int) {
return ff.gid == ff_keep, ff.gid
}
func (ff FilesetPackFilter) Mtime() (keep bool, setTo time.Time) {
return ff.mtime == ff_keep, time.Unix(ff.mtime, 0)
}
func (ff FilesetPackFilter) MtimeUnix() (keep bool, setTo int64) {
return ff.mtime == ff_keep, ff.mtime
}
func (ff FilesetPackFilter) Sticky() (keep bool) {
return ff.sticky == ff_keep
}
func (ff FilesetPackFilter) Setid() (keep bool, reject bool) {
return ff.setid == ff_keep, ff.setid == ff_reject
}
func (ff FilesetPackFilter) Dev() (keep bool, reject bool) {
return ff.dev == ff_keep, ff.dev == ff_reject
}
func (ff FilesetUnpackFilter) IsComplete() bool {
return ff.initialized &&
ff.uid != ff_unspecified &&
ff.gid != ff_unspecified &&
ff.mtime != ff_unspecified &&
ff.sticky != ff_unspecified &&
ff.setid != ff_unspecified &&
ff.dev != ff_unspecified
}
func (ff FilesetUnpackFilter) Apply(ff2 FilesetUnpackFilter) FilesetUnpackFilter {
if ff.initialized == false {
return ff2
}
if ff2.initialized == false {
return ff
}
ff.initialized = true
if ff.uid == ff_unspecified {
ff.uid = ff2.uid
}
if ff.gid == ff_unspecified {
ff.gid = ff2.gid
}
if ff.mtime == ff_unspecified {
ff.mtime = ff2.mtime
}
if ff.sticky == ff_unspecified {
ff.sticky = ff2.sticky
}
if ff.setid == ff_unspecified {
ff.setid = ff2.setid
}
if ff.dev == ff_unspecified {
ff.dev = ff2.dev
}
return ff
}
func (ff FilesetUnpackFilter) Uid() (follow, setMine bool, setTo int) {
return ff.uid == ff_follow, ff.uid == ff_context, ff.uid
}
func (ff FilesetUnpackFilter) Gid() (follow, setMine bool, setTo int) {
return ff.gid == ff_follow, ff.gid == ff_context, ff.gid
}
func (ff FilesetUnpackFilter) Mtime() (follow, setNow bool, setTo time.Time) {
return ff.mtime == ff_follow, ff.mtime == ff_context, time.Unix(ff.mtime, 0)
}
func (ff FilesetUnpackFilter) MtimeUnix() (follow, now bool, setTo int64) {
return ff.mtime == ff_follow, ff.mtime == ff_context, ff.mtime
}
func (ff FilesetUnpackFilter) Sticky() (follow bool) {
return ff.sticky == ff_follow
}
func (ff FilesetUnpackFilter) Setid() (follow bool, reject bool) {
return ff.setid == ff_follow, ff.setid == ff_reject
}
func (ff FilesetUnpackFilter) Dev() (follow bool, reject bool) {
return ff.dev == ff_follow, ff.dev == ff_reject
}
func (ff FilesetUnpackFilter) Altering() bool {
return ff.uid != ff_follow ||
ff.gid != ff_follow ||
ff.mtime != ff_follow ||
ff.sticky != ff_follow ||
(ff.setid != ff_follow && ff.setid != ff_reject) ||
(ff.dev != ff_follow && ff.dev != ff_reject)
}