// acldeletemask
// Adam Langley, acldeletemask@imperialviolet.org

// Delete the current ACL mask of a series of files and
// recalculate them. This can fix an effective permission
// which is less than intended because of the umask in
// effect when the file was created.

#include <sys/acl.h>
#include <stdio.h>

static void
do_file(char *filename) {
	char changedp = 0;

	acl_t acl = acl_get_file(filename, ACL_TYPE_ACCESS);
	if (acl == NULL) {
		fprintf(stderr, "Failed to get ACLs of %s\n", filename);
		return;
	}

	acl_entry_t entry;
	acl_tag_t tag;

	if (1 != acl_get_entry(acl, ACL_FIRST_ENTRY, &entry)) goto out;
	for (;;) {
		if (0 != acl_get_tag_type(entry, &tag)) {
			fprintf(stderr, "Failed to get tag on an entry of %s\n", filename);
			goto out;
		}
		
		if (tag == ACL_MASK) {
			if (0 != acl_delete_entry(acl, entry)) {
				fprintf(stderr, "Failed to delete mask of %s\n", filename);
				goto out;
			}
			changedp = 1;
			acl_calc_mask(&acl);
			break;
		}
		if (1 != acl_get_entry(acl, ACL_NEXT_ENTRY, &entry)) goto out;
	}

out:
	if (changedp) {
		if (0 != acl_valid(acl)) {
			fprintf(stderr, "Invalid ACL! %s\n", filename);
		} else {
			acl_set_file(filename, ACL_TYPE_ACCESS, acl);
		}
	}

	acl_free(acl);
	return;
}

int
main(int argc, char **argv) {
	if (argc == 1) {
		fprintf(stderr, "Usage: %s <files>\n"
		       "Deletes the ACL mask on each file", argv[0]);
		return 1;
	}

	for (int i = 1; i < argc; i++) {
		do_file(argv[i]);
	}
}