| blob | 81eb4fea4a864c14a2c5ef17c5d9fddc8aba897e |
1 /*-
2 * Copyright (c) 1999 Robert N. M. Watson
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 *$FreeBSD: src/lib/libposix1e/acl_support.c,v 1.3 2000/01/26 04:19:37 rwatson Exp $
27 *$DragonFly: src/lib/libposix1e/acl_support.c,v 1.3 2005/08/04 19:27:09 drhodus Exp $
28 */
29 /*
30 * Support functionality for the POSIX.1e ACL interface
31 * These calls are intended only to be called within the library.
32 */
34 #include <sys/types.h>
35 #include <sys/acl.h>
36 #include <errno.h>
37 #include <grp.h>
38 #include <pwd.h>
39 #include <stdio.h>
40 #include <stdlib.h>
49 /*
50 * acl_entry_compare -- compare two acl_entry structures to determine the
51 * order they should appear in. Used by acl_sort to sort ACL entries into
52 * the kernel-desired order -- i.e., the order useful for evaluation and
53 * O(n) validity checking. Beter to have an O(nlogn) sort in userland and
54 * an O(n) in kernel than to have both in kernel.
55 */
57 static int
59 {
60 /*
61 * First, sort between tags -- conveniently defined in the correct
62 * order for verification.
63 */
69 /*
70 * Next compare uids/gids on appropriate types.
71 */
79 /* shouldn't be equal, fall through to the invalid case */
80 }
82 /*
83 * Don't know how to sort multiple entries of the rest--either it's
84 * a bad entry, or there shouldn't be more than one. Ignore and the
85 * validity checker can get it later.
86 */
88 }
90 /*
91 * acl_sort -- sort ACL entries.
92 * Give the opportunity to fail, althouh we don't currently have a way
93 * to fail.
94 */
95 int
97 {
103 }
105 /*
106 * acl_posix1e -- in what situations should we acl_sort before submission?
107 * We apply posix1e ACL semantics for any ACL of type ACL_TYPE_ACCESS or
108 * ACL_TYPE_DEFAULT
109 */
110 int
112 {
115 }
117 /*
118 * acl_check -- given an ACL, check its validity. This is mirrored from
119 * code in sys/kern/kern_acl.c, and if changes are made in one, they should
120 * be made in the other also. This copy of acl_check is made available
121 * in userland for the benefit of processes wanting to check ACLs for
122 * validity before submitting them to the kernel, or for performing
123 * in userland file system checking. Needless to say, the kernel makes
124 * the real checks on calls to get/setacl.
125 *
126 * See the comments in kernel for explanation -- just briefly, it assumes
127 * an already sorted ACL, and checks based on that assumption. The
128 * POSIX.1e interface, acl_valid(), will perform the sort before calling
129 * this. Returns 0 on success, EINVAL on failure.
130 */
131 int
133 {
141 /* printf("acl_check: checking acl with %d entries\n", acl->acl_cnt); */
151 /* printf("acl_check: %d: ACL_USER_OBJ\n", i); */
155 count_user_obj++;
160 /* printf("acl_check: %d: ACL_USER\n", i); */
169 count_user++;
173 /* printf("acl_check: %d: ACL_GROUP_OBJ\n", i); */
177 count_group_obj++;
182 /* printf("acl_check: %d: ACL_GROUP\n", i); */
191 count_group++;
195 /* printf("acl_check: %d: ACL_MASK\n", i); */
199 count_mask++;
203 /* printf("acl_check: %d: ACL_OTHER\n", i); */
207 count_other++;
211 /* printf("acl_check: %d: INVALID\n", i); */
213 }
214 i++;
215 }
230 }
233 /*
234 * Given a uid/gid, return a username/groupname for the text form of an ACL
235 * XXX NOT THREAD SAFE, RELIES ON GETPWUID, GETGRGID
236 * XXX USES *PW* AND *GR* WHICH ARE STATEFUL AND THEREFORE THIS ROUTINE
237 * MAY HAVE SIDE-EFFECTS
238 */
239 int
241 {
251 else
257 }
264 else
270 }
275 }
276 }
279 /*
280 * Given a username/groupname from a text form of an ACL, return the uid/gid
281 * XXX NOT THREAD SAFE, RELIES ON GETPWNAM, GETGRNAM
282 * XXX USES *PW* AND *GR* WHICH ARE STATEFUL AND THEREFORE THIS ROUTINE
283 * MAY HAVE SIDE-EFFECTS
284 *
285 * XXX currently doesn't deal correctly with a numeric uid being passed
286 * instead of a username. What is correct behavior here? Check chown.
287 */
288 int
290 {
300 }
309 }
315 }
316 }
319 /*
320 * Given a right-shifted permission (i.e., direct ACL_PERM_* mask), fill
321 * in a string describing the permissions.
322 */
323 int
325 {
330 }
335 }
341 else
346 else
351 else
355 }
357 /*
358 * given a string, return a permission describing it
359 */
360 int
362 {
382 }
383 ch++;
384 }
388 }
390 /*
391 * Add an ACL entry without doing much checking, et al
392 */
393 int
395 {
401 }
410 }