libcosmos
Linux C++ System Programming Library
Loading...
Searching...
No Matches
filesystem.cxx
1// Linux
2#include <errno.h>
3#include <limits.h>
4#include <sys/file.h>
5#include <sys/stat.h>
6#include <sys/types.h>
7#include <unistd.h>
8
9// C++
10#include <string>
11
12// cosmos
13#include <cosmos/GroupInfo.hxx>
14#include <cosmos/PasswdInfo.hxx>
15#include <cosmos/error/ApiError.hxx>
16#include <cosmos/error/FileError.hxx>
17#include <cosmos/error/InternalError.hxx>
18#include <cosmos/error/RuntimeError.hxx>
19#include <cosmos/error/UsageError.hxx>
20#include <cosmos/formatting.hxx>
21#include <cosmos/fs/DirIterator.hxx>
22#include <cosmos/fs/DirStream.hxx>
23#include <cosmos/fs/Directory.hxx>
24#include <cosmos/fs/File.hxx>
25#include <cosmos/fs/FileStatus.hxx>
26#include <cosmos/fs/filesystem.hxx>
27#include <cosmos/fs/path.hxx>
28#include <cosmos/proc/process.hxx>
29#include <cosmos/string.hxx>
30#include <cosmos/utils.hxx>
31
32namespace cosmos::fs {
33
34FileDescriptor open(
35 const SysString path, const OpenMode mode,
36 const OpenFlags flags, const std::optional<FileMode> fmode) {
37
38 if (flags.anyOf({OpenFlag::CREATE, OpenFlag::TMPFILE}) && !fmode) {
39 cosmos_throw (UsageError("the given open flags require an fmode argument"));
40 }
41
42 int raw_flags = flags.raw() | to_integral(mode);
43
44
45 auto fd = ::open(path.raw(), raw_flags, fmode ? to_integral(fmode.value().raw()) : 0);
46
47 if (fd == -1) {
48 cosmos_throw (FileError(path, "open"));
49 }
50
51 return FileDescriptor{FileNum{fd}};
52}
53
54FileDescriptor open_at(
55 const DirFD dir_fd, const SysString path,
56 const OpenMode mode, const OpenFlags flags,
57 const std::optional<FileMode> fmode) {
58 int raw_flags = flags.raw() | to_integral(mode);
59
60 if (flags.anyOf({OpenFlag::CREATE, OpenFlag::TMPFILE}) && !fmode) {
61 cosmos_throw (UsageError("the given open flags require an fmode argument"));
62 }
63
64 auto fd = ::openat(to_integral(dir_fd.raw()), path.raw(),
65 raw_flags, fmode ? to_integral(fmode.value().raw()) : 0);
66
67 if (fd == -1) {
68 cosmos_throw (FileError(path, "openat"));
69 }
70
71 return FileDescriptor{FileNum{fd}};
72}
73
74void close_range(const FileNum first, const FileNum last, const CloseRangeFlags flags) {
75 // NOTE: close_range() uses unsigned int for file descriptor numbers,
76 // inconsistent with all other system calls. Using FileNum::MAX_FD
77 // (int) as the maximum file descriptor should still work I guess.
78 if (::close_range(to_integral(first), to_integral(last), flags.raw()) != 0) {
79 cosmos_throw (ApiError("close_range()"));
80 }
81}
82
83namespace {
84
85 std::pair<std::string, int> expand_temp_path(const SysString str) {
86 std::string path;
87 std::string base;
88 auto _template = str.view();
89 auto lastsep = _template.rfind('/');
90
91 if (lastsep != _template.npos) {
92 path = _template.substr(0, lastsep + 1);
93 base = _template.substr(lastsep + 1);
94 } else {
95 base = _template;
96 }
97
98 if (base.empty()) {
99 cosmos_throw (UsageError("empty basename not allowed"));
100 }
101
102 constexpr auto XS = "XXXXXX";
103 constexpr auto PLACEHOLDER = "{}";
104 int suffixlen = 0;
105
106 if (auto placeholder_pos = base.rfind(PLACEHOLDER); placeholder_pos != base.npos) {
107 suffixlen = base.size() - placeholder_pos - 2;
108 base.replace(placeholder_pos, 2, XS);
109 } else {
110 base.append(XS);
111 }
112
113 path += base;
114
115 return {path, suffixlen};
116 }
117
118}
119
120std::pair<FileDescriptor, std::string> make_tempfile(
121 const SysString _template, const OpenFlags flags) {
122
123 auto [path, suffixlen] = expand_temp_path(_template);
124
125 const auto fd = ::mkostemps(path.data(), suffixlen, flags.raw());
126
127 if (fd == -1) {
128 cosmos_throw (ApiError("mkostemps()"));
129 }
130
131 return {FileDescriptor{FileNum{fd}}, path};
132}
133
134std::string make_tempdir(const SysString _template) {
135 // there's no way to have the X's in the middle of the basename like
136 // with mkostemps().
137 std::string expanded{_template};
138 expanded += "XXXXXX";
139
140 if (::mkdtemp(expanded.data()) == nullptr) {
141 cosmos_throw (ApiError("mkdtemp()"));
142 }
143
144 return expanded;
145}
146
147void make_fifo(const SysString path, const FileMode mode) {
148 auto res = ::mkfifo(path.raw(), to_integral(mode.raw()));
149
150 if (res != 0) {
151 cosmos_throw (FileError(path, "mkfifo()"));
152 }
153}
154
155void make_fifo_at(const DirFD dir_fd, const SysString path,
156 const FileMode mode) {
157 auto res = ::mkfifoat(to_integral(dir_fd.raw()), path.raw(), to_integral(mode.raw()));
158
159 if (res != 0) {
160 cosmos_throw (FileError(path, "mkfifoat()"));
161 }
162}
163
164FileMode set_umask(const FileMode mode) {
165 auto raw_mode = to_integral(mode.raw());
166
167 if ((raw_mode & ~0777) != 0) {
168 cosmos_throw (UsageError("invalid bits set in umask"));
169 }
170
171 auto old_mode = ::umask(raw_mode);
172
173 return FileMode{ModeT{old_mode}};
174}
175
176bool exists_file(const SysString path) {
177 struct stat s;
178 if (::lstat(path.raw(), &s) == 0)
179 return true;
180 else if (get_errno() != Errno::NO_ENTRY)
181 cosmos_throw (FileError(path, "lstat()"));
182
183 return false;
184}
185
186void unlink_file(const SysString path) {
187 if (::unlink(path.raw()) != 0) {
188 cosmos_throw (FileError(path, "unlink()"));
189 }
190}
191
192void unlink_file_at(const DirFD dir_fd, const SysString path) {
193 if (::unlinkat(to_integral(dir_fd.raw()), path.raw(), 0) != 0) {
194 cosmos_throw (FileError(path, "unlinkat()"));
195 }
196}
197
198void change_dir(const SysString path) {
199 if (::chdir(path.raw()) != 0) {
200 cosmos_throw (FileError(path, "chdir()"));
201 }
202}
203
204std::string get_working_dir() {
205 std::string ret;
206 ret.resize(128);
207
208 while(true) {
209 if (auto res = ::getcwd(ret.data(), ret.size()); res == nullptr) {
210 switch (get_errno()) {
211 case Errno::RANGE: {
212 // double the size and retry
213 ret.resize(ret.size() * 2);
214 continue;
215 }
216 default: cosmos_throw (ApiError("getcwd()"));
217 }
218 }
219
220 // can be npos if the CWD is of exactly the size we have
221 if (auto termpos = ret.find('\0'); termpos != ret.npos) {
222 ret.resize(termpos);
223 }
224
225 return ret;
226 }
227}
228
229std::optional<std::string> which(const std::string_view exec_base) noexcept {
230
231 auto checkExecutable = [](const std::string &path) -> bool {
232 try {
233 File f{path, OpenMode::READ_ONLY};
234 FileStatus status;
235
236 try {
237 status.updateFrom(f.fd());
238 } catch (const CosmosError &) {
239 return false;
240 }
241
242 if (!status.type().isRegular())
243 return false;
244 else if (!status.mode().canAnyExec())
245 return false;
246
247 return true;
248 } catch (...) {
249 // probably a permission, I/O error, or NO_ENTRY error
250 return false;
251 }
252 };
253
254 if (exec_base.empty())
255 return {};
256
257 if (exec_base.front() == '/') {
258 // check absolute path and be done with it
259 if (checkExecutable(std::string{exec_base})) {
260 return {std::string{exec_base}};
261 }
262 return {};
263 }
264
265 const auto pathvar = proc::get_env_var("PATH");
266 if (!pathvar)
267 return {};
268
269 const auto paths = split(*pathvar, ":");
270
271 for (const auto &dir: paths) {
272 auto path = dir + "/" + std::string{exec_base};
273
274 if (checkExecutable(path)) {
275 return {path};
276 }
277 }
278
279 return {};
280}
281
282void make_dir(const SysString path, const FileMode mode) {
283 if (::mkdir(path.raw(), to_integral(mode.raw())) != 0) {
284 cosmos_throw (FileError(path, "mkdir()"));
285 }
286}
287
288void make_dir_at(const DirFD dir_fd, const SysString path, const FileMode mode) {
289 if (::mkdirat(to_integral(dir_fd.raw()), path.raw(), to_integral(mode.raw())) != 0) {
290 cosmos_throw (FileError(path, "mkdirat()"));
291 }
292}
293
294void remove_dir(const SysString path) {
295 if (::rmdir(path.raw()) != 0) {
296 cosmos_throw (FileError(path, "rmdir()"));
297 }
298}
299
300void remove_dir_at(const DirFD dir_fd, const SysString path) {
301 if (::unlinkat(to_integral(dir_fd.raw()), path.raw(), AT_REMOVEDIR) != 0) {
302 cosmos_throw (FileError(path, "unlinkat(AT_REMOVEDIR)"));
303 }
304}
305
306Errno make_all_dirs(const SysString path, const FileMode mode) {
307 const auto normpath = normalize_path(path);
308 size_t sep_pos = 0;
309 std::string prefix;
310 Errno ret{Errno::EXISTS};
311
312 if (path.empty()) {
313 cosmos_throw (UsageError("empty string passed in"));
314 }
315
316 while (sep_pos != normpath.npos) {
317 sep_pos = normpath.find('/', sep_pos + 1);
318 prefix = normpath.substr(0, sep_pos);
319
320 if (prefix.back() == '/') {
321 // root directory "/" or a trailing or duplicate slash
322 continue;
323 } else if (prefix == ".") {
324 // leading "." component, no sense in trying to create it
325 continue;
326 }
327
328 if (::mkdir(prefix.data(), to_integral(mode.raw())) != 0) {
329 if (get_errno() == Errno::EXISTS) {
330 continue;
331 }
332
333 cosmos_throw (FileError(prefix, "mkdir()"));
334 }
335
336 // at least one directory was created
337 ret = Errno::NO_ERROR;
338 }
339
340 return ret;
341}
342
343namespace {
344
345 void remove_tree(DirStream &stream) {
346
347 const auto dir_fd = stream.fd();
348 const Directory dir{dir_fd, AutoCloseFD{false}};
349 using Type = DirEntry::Type;
350
351 for (const auto entry: stream) {
352
353 if (entry.isDotEntry())
354 continue;
355
356 const auto name = entry.name();
357
358 switch(entry.type()) {
359 case Type::UNKNOWN: {
360 const FileStatus fs{dir_fd, name};
361 if (fs.type().isDirectory())
362 goto dircase;
363 else
364 goto filecase;
365 }
366 case Type::DIRECTORY:
367 dircase: {
368 // get down recursively
369 DirStream subdir{dir_fd, name};
370 remove_tree(subdir);
371 dir.removeDirAt(name);
372 break;
373 }
374 default:
375 filecase:
376 dir.unlinkFileAt(name);
377 break;
378 }
379 };
380
381 }
382
383} // end anon ns
384
385void remove_tree(const SysString path) {
386 DirStream dir{path};
387 remove_tree(dir);
388 remove_dir(path);
389}
390
391void change_mode(const SysString path, const FileMode mode) {
392 if (::chmod(path.raw(), to_integral(mode.raw())) != 0) {
393 cosmos_throw (FileError(path, "chmod()"));
394 }
395}
396
397void change_mode(const FileDescriptor fd, const FileMode mode) {
398 if (::fchmod(to_integral(fd.raw()), to_integral(mode.raw())) != 0) {
399 cosmos_throw (FileError("(fd)", "fchmod()"));
400 }
401}
402
403void change_owner(const SysString path, const UserID uid, const GroupID gid) {
404 if (::chown(path.raw(), to_integral(uid), to_integral(gid)) != 0) {
405 cosmos_throw (FileError(path, "chown()"));
406 }
407}
408
409void change_owner(const FileDescriptor fd, const UserID uid, const GroupID gid) {
410 if (::fchown(to_integral(fd.raw()), to_integral(uid), to_integral(gid)) != 0) {
411 cosmos_throw (FileError("(fd)", "fchown()"));
412 }
413}
414
415namespace {
416
417UserID resolve_user(const SysString user) {
418 if (user.empty()) {
419 return UserID::INVALID;
420 }
421
422 PasswdInfo info{user};
423 if (!info.valid()) {
424 cosmos_throw (RuntimeError{user.str() + " does not exist"});
425 }
426
427 return info.uid();
428}
429
430GroupID resolve_group(const SysString group) {
431 if (group.empty()) {
432 return GroupID::INVALID;
433 }
434
435 GroupInfo info{group};
436 if (!info.valid()) {
437 cosmos_throw (RuntimeError{group.str() + "does not exist"});
438 }
439
440 return info.gid();
441}
442
443} // end anon ns
444
445void change_owner(const SysString path, const SysString user, const SysString group) {
446
447 const UserID uid = resolve_user(user);
448 const GroupID gid = resolve_group(group);
449 change_owner(path, uid, gid);
450}
451
452void change_owner(const FileDescriptor fd, const SysString user, const SysString group) {
453 const UserID uid = resolve_user(user);
454 const GroupID gid = resolve_group(group);
455 change_owner(fd, uid, gid);
456}
457
458void change_owner_nofollow(const SysString path, const UserID uid, const GroupID gid) {
459 if (::lchown(path.raw(), to_integral(uid), to_integral(gid)) != 0) {
460 cosmos_throw (FileError(path, "lchown()"));
461 }
462}
463
464void change_owner_nofollow(const SysString path, const SysString user, const SysString group) {
465 const UserID uid = resolve_user(user);
466 const GroupID gid = resolve_group(group);
467 change_owner_nofollow(path, uid, gid);
468}
469
470void make_symlink(const SysString target, const SysString path) {
471 if (::symlink(target.raw(), path.raw()) != 0) {
472 cosmos_throw (FileError(path, "symlink()"));
473 }
474}
475
476void make_symlink_at(const SysString target, const DirFD dir_fd,
477 const SysString path) {
478 if (::symlinkat(target.raw(), to_integral(dir_fd.raw()), path.raw()) != 0) {
479 cosmos_throw (FileError(path, "symlinkat()"));
480 }
481}
482
483namespace {
484
485 std::string read_symlink(const SysString path,
486 const std::string_view call, std::function<int(const char*, char*, size_t)> readlink_func) {
487 std::string ret;
488 ret.resize(128);
489
490 while (true) {
491 auto res = readlink_func(path.raw(), &ret.front(), ret.size());
492
493 if (res < 0) {
494 cosmos_throw (FileError(path, call));
495 }
496
497 // NOTE: this returns the size excluding a null terminator,
498 // also doesn't write a null terminator
499 auto len = static_cast<size_t>(res);
500
501 if (len < ret.size()) {
502 ret.resize(len);
503 return ret;
504 } else {
505 // man page says: if len equals size then truncation
506 // may have occurred. Thus use one byte extra to avoid
507 // ambiguity.
508 ret.resize(len+1);
509 continue;
510 }
511 }
512 }
513}
514
515std::string read_symlink(const SysString path) {
516 return read_symlink(path, "readlink()", ::readlink);
517}
518
519std::string read_symlink_at(const DirFD dir_fd, const SysString path) {
520
521 auto readlink_func = [&](const char *p, char *buf, size_t size) {
522 return ::readlinkat(to_integral(dir_fd.raw()), p, buf, size);
523 };
524
525 return read_symlink(path, "readlinkat()", readlink_func);
526}
527
528void link(const SysString old_path, const SysString new_path) {
529 if (::link(old_path.raw(), new_path.raw()) != 0) {
530 cosmos_throw (FileError(new_path, std::string{"link() for "} + std::string{old_path}));
531 }
532}
533
534void linkat(const DirFD old_dir, const SysString old_path,
535 const DirFD new_dir, const SysString new_path,
536 const FollowSymlinks follow_old) {
537 if (::linkat(
538 to_integral(old_dir.raw()), old_path.raw(),
539 to_integral(new_dir.raw()), new_path.raw(),
540 follow_old ? AT_SYMLINK_FOLLOW : 0) != 0) {
541 cosmos_throw (FileError(new_path, std::string{"linkat() for "} + std::string{old_path}));
542 }
543}
544
545void linkat_fd(const FileDescriptor fd, const DirFD new_dir, const SysString new_path) {
546 if (::linkat(
547 to_integral(fd.raw()), "",
548 to_integral(new_dir.raw()), new_path.raw(),
549 AT_EMPTY_PATH) != 0) {
550
551 cosmos_throw (FileError(new_path, std::string{"linkat(AT_EMPTY_PATH)"}));
552 }
553}
554
555void linkat_proc_fd(const FileDescriptor fd, const DirFD new_dir, const SysString new_path) {
556 // the exact security reasons why linkat_fd() isn't allowed without
557 // CAP_DAC_READ_SEARCH are a bit unclear. It seems the concern is that
558 // a process get's hold of a file descriptor for which it wouldn't
559 // have permissions to change ownership etc.
560 //
561 // By linking the FD into a directory controlled by the unprivileged
562 // process it would become possible to manipulate the ownership after
563 // all.
564 //
565 // It looks like this variant of linkat() does some checks that
566 // prevent this.
567 linkat(
568 AT_CWD, cosmos::sprintf("/proc/self/fd/%d", to_integral(fd.raw())),
569 new_dir, new_path, FollowSymlinks{true});
570}
571
572void truncate(const FileDescriptor fd, off_t length) {
573 if (::ftruncate(to_integral(fd.raw()), length) != 0) {
574 cosmos_throw (ApiError("ftruncate()"));
575 }
576}
577
578void truncate(const SysString path, off_t length) {
579 if (::truncate(path.raw(), length) != 0) {
580 cosmos_throw (ApiError("truncate()"));
581 }
582}
583
584namespace {
585
586 size_t copy_file_range(
587 const FileDescriptor fd_in, off_t *off_in,
588 const FileDescriptor fd_out, off_t *off_out,
589 const size_t len) {
590 // there are currently no flags defined for the final
591 // parameter
592 const auto res = ::copy_file_range(
593 to_integral(fd_in.raw()), off_in,
594 to_integral(fd_out.raw()), off_out,
595 len, 0);
596
597 if (res < 0) {
598 cosmos_throw (ApiError("copy_file_range()"));
599 }
600
601 return static_cast<size_t>(res);
602 }
603
604} // end anon ns
605
606size_t copy_file_range(
607 const FileDescriptor fd_in, const FileDescriptor fd_out,
608 const size_t len) {
609 return copy_file_range(fd_in, nullptr, fd_out, nullptr, len);
610}
611
612size_t copy_file_range(CopyFileRangeParameters &pars) {
613 auto copied = copy_file_range(
614 pars.in, pars.off_in ? &pars.off_in.value() : nullptr,
615 pars.out, pars.off_out ? &pars.off_out.value() : nullptr,
616 pars.len);
617
618 pars.len -= copied;
619
620 return copied;
621}
622
623// the API we use in check_access & friends depends on the fact that F_OK is
624// zero (empty AccessChecks mask).
625static_assert(F_OK == 0, "F_OK is non-zero, breaking check_access()");
626
627void check_access(const SysString path, const AccessChecks checks) {
628 if (::access(path.raw(), checks.raw()) == 0) {
629 return;
630 }
631
632 cosmos_throw (ApiError("access()"));
633}
634
635void check_access_at(const DirFD dir_fd, const SysString path,
636 const AccessChecks checks, const AccessFlags flags) {
637 if (::faccessat(to_integral(dir_fd.raw()), path.raw(), checks.raw(), flags.raw()) == 0) {
638 return;
639 }
640
641 cosmos_throw (ApiError("faccessat()"));
642}
643
644COSMOS_API void check_access_fd(const FileDescriptor fd, const AccessChecks checks,
645 const AccessFlags flags) {
646
647 if (::faccessat(to_integral(fd.raw()), "", checks.raw(), flags.raw() | AT_EMPTY_PATH) == 0) {
648 return;
649 }
650
651 cosmos_throw (ApiError("faccessat()"));
652}
653
654COSMOS_API void flock(const FileDescriptor fd, const LockOperation operation, const LockFlags flags) {
655 if (::flock(to_integral(fd.raw()), cosmos::to_integral(operation) | flags.raw()) != 0) {
656 cosmos_throw (ApiError("flock()"));
657 }
658}
659
660} // end ns
cosmos::FileDescriptor::raw
FileNum raw() const
Returns the primitive file descriptor contained in the object.
Definition FileDescriptor.hxx:341
cosmos::Errno
Errno
Strong enum type representing errno error constants.
Definition errno.hxx:29
cosmos::get_errno
Errno get_errno()
Wrapper that returns the Errno strongly typed representation of the current errno
Definition errno.hxx:111
cosmos::AutoCloseFD
NamedBool< struct close_file_t, true > AutoCloseFD
Strong boolean type for expressing the responsibility to close file descriptors.
Definition types.hxx:29
cosmos::FileNum
FileNum
Primitive file descriptor.
Definition types.hxx:32
cosmos::ModeT
ModeT
Combined file type and mode bits of a file (as found in st_mode struct stat).
Definition types.hxx:106