| acl_support.c (56274) | acl_support.c (56625) |
|---|---|
| 1/*- 2 * Copyright (c) 1999 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * | 1/*- 2 * Copyright (c) 1999 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 9 unchanged lines hidden (view full) --- 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * |
| 26 * $FreeBSD: head/lib/libc/posix1e/acl_support.c 56274 2000-01-19 06:13:59Z rwatson $ | 26 * $FreeBSD: head/lib/libc/posix1e/acl_support.c 56625 2000-01-26 04:19:38Z rwatson $ |
| 27 */ 28/* 29 * Support functionality for the POSIX.1e ACL interface 30 * These calls are intended only to be called within the library. 31 */ 32 33#include <sys/types.h> 34#include <sys/acl.h> --- 46 unchanged lines hidden (view full) --- 81 /* 82 * Don't know how to sort multiple entries of the rest--either it's 83 * a bad entry, or there shouldn't be more than one. Ignore and the 84 * validity checker can get it later. 85 */ 86 return (0); 87} 88 | 27 */ 28/* 29 * Support functionality for the POSIX.1e ACL interface 30 * These calls are intended only to be called within the library. 31 */ 32 33#include <sys/types.h> 34#include <sys/acl.h> --- 46 unchanged lines hidden (view full) --- 81 /* 82 * Don't know how to sort multiple entries of the rest--either it's 83 * a bad entry, or there shouldn't be more than one. Ignore and the 84 * validity checker can get it later. 85 */ 86 return (0); 87} 88 |
| 89 | |
| 90/* 91 * acl_sort -- sort ACL entries. 92 * Give the opportunity to fail, althouh we don't currently have a way 93 * to fail. 94 */ 95int 96acl_sort(acl_t acl) 97{ 98 99 qsort(&acl->acl_entry[0], acl->acl_cnt, sizeof(struct acl_entry), 100 (compare) acl_entry_compare); 101 102 return (0); 103} 104 | 89/* 90 * acl_sort -- sort ACL entries. 91 * Give the opportunity to fail, althouh we don't currently have a way 92 * to fail. 93 */ 94int 95acl_sort(acl_t acl) 96{ 97 98 qsort(&acl->acl_entry[0], acl->acl_cnt, sizeof(struct acl_entry), 99 (compare) acl_entry_compare); 100 101 return (0); 102} 103 |
| 105 | |
| 106/* | 104/* |
| 107 * acl_posix1e -- use a heuristic to determine if this is a POSIX.1e 108 * semantics ACL. This will be used by other routines to determine if 109 * they should call acl_sort() on the ACL before submitting to the kernel, 110 * as the POSIX.1e ACL semantics code requires sorted ACL submission. 111 * Also, acl_valid will use this to determine if it understands the 112 * semantics enough to check that the ACL is correct. | 105 * acl_posix1e -- in what situations should we acl_sort before submission? 106 * We apply posix1e ACL semantics for any ACL of type ACL_TYPE_ACCESS or 107 * ACL_TYPE_DEFAULT |
| 113 */ 114int | 108 */ 109int |
| 115acl_posix1e(acl_t acl) | 110acl_posix1e(acl_t acl, acl_type_t type) |
| 116{ | 111{ |
| 117 int i; | |
| 118 | 112 |
| 119 /* assume it's POSIX.1e, and return 0 if otherwise */ 120 121 for (i = 0; i < acl->acl_cnt; i++) { 122 /* is the tag type POSIX.1e? */ 123 switch(acl->acl_entry[i].ae_tag) { 124 case ACL_USER_OBJ: 125 case ACL_USER: 126 case ACL_GROUP_OBJ: 127 case ACL_GROUP: 128 case ACL_MASK: 129 case ACL_OTHER: 130 break; 131 132 default: 133 return (0); 134 } 135 136 /* are the permissions POSIX.1e, or FreeBSD extensions? */ 137 if (((acl->acl_entry[i].ae_perm | ACL_POSIX1E_BITS) != 138 ACL_POSIX1E_BITS) && 139 ((acl->acl_entry[i].ae_perm | ACL_PERM_BITS) != 140 ACL_PERM_BITS)) 141 return (0); 142 } 143 144 return(1); | 113 return ((type == ACL_TYPE_ACCESS) || (type == ACL_TYPE_DEFAULT)); |
| 145} 146 | 114} 115 |
| 147 | |
| 148/* 149 * acl_check -- given an ACL, check its validity. This is mirrored from 150 * code in sys/kern/kern_acl.c, and if changes are made in one, they should 151 * be made in the other also. This copy of acl_check is made available 152 * in userland for the benefit of processes wanting to check ACLs for 153 * validity before submitting them to the kernel, or for performing 154 * in userland file system checking. Needless to say, the kernel makes 155 * the real checks on calls to get/setacl. --- 224 unchanged lines hidden (view full) --- 380 if (perm & ACL_PERM_EXEC) 381 buf[2] = ACL_STRING_PERM_EXEC; 382 else 383 buf[2] = ACL_STRING_PERM_NONE; 384 385 return (0); 386} 387 | 116/* 117 * acl_check -- given an ACL, check its validity. This is mirrored from 118 * code in sys/kern/kern_acl.c, and if changes are made in one, they should 119 * be made in the other also. This copy of acl_check is made available 120 * in userland for the benefit of processes wanting to check ACLs for 121 * validity before submitting them to the kernel, or for performing 122 * in userland file system checking. Needless to say, the kernel makes 123 * the real checks on calls to get/setacl. --- 224 unchanged lines hidden (view full) --- 348 if (perm & ACL_PERM_EXEC) 349 buf[2] = ACL_STRING_PERM_EXEC; 350 else 351 buf[2] = ACL_STRING_PERM_NONE; 352 353 return (0); 354} 355 |
| 388 | |
| 389/* 390 * given a string, return a permission describing it 391 */ 392int 393acl_string_to_perm(char *string, acl_perm_t *perm) 394{ 395 acl_perm_t myperm = ACL_PERM_NONE; 396 char *ch; --- 17 unchanged lines hidden (view full) --- 414 } 415 ch++; 416 } 417 418 *perm = myperm; 419 return (0); 420} 421 | 356/* 357 * given a string, return a permission describing it 358 */ 359int 360acl_string_to_perm(char *string, acl_perm_t *perm) 361{ 362 acl_perm_t myperm = ACL_PERM_NONE; 363 char *ch; --- 17 unchanged lines hidden (view full) --- 381 } 382 ch++; 383 } 384 385 *perm = myperm; 386 return (0); 387} 388 |
| 422 423 | |
| 424/* 425 * Add an ACL entry without doing much checking, et al 426 */ 427int 428acl_add_entry(acl_t acl, acl_tag_t tag, uid_t id, acl_perm_t perm) 429{ 430 struct acl_entry *e; 431 --- 5 unchanged lines hidden (view full) --- 437 e = &(acl->acl_entry[acl->acl_cnt]); 438 e->ae_perm = perm; 439 e->ae_tag = tag; 440 e->ae_id = id; 441 acl->acl_cnt++; 442 443 return (0); 444} | 389/* 390 * Add an ACL entry without doing much checking, et al 391 */ 392int 393acl_add_entry(acl_t acl, acl_tag_t tag, uid_t id, acl_perm_t perm) 394{ 395 struct acl_entry *e; 396 --- 5 unchanged lines hidden (view full) --- 402 e = &(acl->acl_entry[acl->acl_cnt]); 403 e->ae_perm = perm; 404 e->ae_tag = tag; 405 e->ae_id = id; 406 acl->acl_cnt++; 407 408 return (0); 409} |
| 445 446 447 448 | |