diff options
| author | Alexander Eremin <a.eremin@nexenta.com> | 2014-05-05 14:50:51 +0400 |
|---|---|---|
| committer | Gordon Ross <gwr@nexenta.com> | 2014-05-05 12:45:47 -0400 |
| commit | f93d2c191d5ef071436181338612f79b8daa751c (patch) | |
| tree | f3dee403cc4f72dbe0d3fe0646504b37af31f9d4 /usr/src/cmd/zonecfg | |
| parent | 14b7b4606a1faf7fc4c0bbcc2946782d6538850e (diff) | |
| download | illumos-joyent-f93d2c191d5ef071436181338612f79b8daa751c.tar.gz | |
1784 zone configuration passes zonecfg but not zoneadm for limitpriv property
Reviewed by: Andrew Stormont <AStormont@racktopsystems.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Approved by: Gordon Ross <gwr@nexenta.com>
Diffstat (limited to 'usr/src/cmd/zonecfg')
| -rw-r--r-- | usr/src/cmd/zonecfg/zonecfg.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/usr/src/cmd/zonecfg/zonecfg.c b/usr/src/cmd/zonecfg/zonecfg.c index 7a6e3cdcef..5e14093358 100644 --- a/usr/src/cmd/zonecfg/zonecfg.c +++ b/usr/src/cmd/zonecfg/zonecfg.c @@ -21,6 +21,7 @@ /* * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2014 Nexenta Systems, Inc. All rights reserved. */ /* @@ -5729,6 +5730,8 @@ verify_func(cmd_t *cmd) char brand[MAXNAMELEN]; char hostidp[HW_HOSTID_LEN]; char fsallowedp[ZONE_FS_ALLOWED_MAX]; + priv_set_t *privs; + char *privname = NULL; int err, ret_val = Z_OK, arg; int pset_res; boolean_t save = B_FALSE; @@ -5796,6 +5799,18 @@ verify_func(cmd_t *cmd) saw_error = B_TRUE; } + if ((privs = priv_allocset()) == NULL) { + zerr(gettext("%s: priv_allocset failed"), zone); + return; + } + if (zonecfg_get_privset(handle, privs, &privname) != Z_OK) { + zerr(gettext("%s: invalid privilege: %s"), zone, privname); + priv_freeset(privs); + free(privname); + return; + } + priv_freeset(privs); + if (zonecfg_get_hostid(handle, hostidp, sizeof (hostidp)) == Z_INVALID_PROPERTY) { zerr(gettext("%s: invalid hostid: %s"), |