diff options
| author | amw <none@none> | 2007-10-25 16:34:29 -0700 |
|---|---|---|
| committer | amw <none@none> | 2007-10-25 16:34:29 -0700 |
| commit | da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0 (patch) | |
| tree | 65be91fb78a6a66183197595333f2e8aafb4640a /usr/src/lib/libsec/common/acltext.c | |
| parent | e845e33dd0d1aea22db7edaa8c7d43955d24609b (diff) | |
| download | illumos-joyent-da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0.tar.gz | |
PSARC/2007/218 caller_context_t in all VOPs
PSARC/2007/227 VFS Feature Registration and ACL on Create
PSARC/2007/244 ZFS Case-insensitive support
PSARC/2007/315 Extensible Attribute Interfaces
PSARC/2007/394 ls(1) new command line options '-/' and '-%': CIFS system attributes support
PSARC/2007/403 Modified Access Checks for CIFS
PSARC/2007/410 Add system attribute support to chmod(1)
PSARC/2007/432 CIFS system attributes support for cp(1), pack(1), unpack(1), compress(1) and uncompress(1)
PSARC/2007/444 Rescind SETTABLE Attribute
PSARC/2007/459 CIFS system attributes support for cpio(1), pax(1), tar(1)
PSARC/2007/546 Update utilities to match CIFS system attributes changes.
PSARC/2007/560 ZFS sharesmb property
4890717 want append-only files
6417428 Case-insensitive file system name lookup to support CIFS
6417435 DOS attributes and additional timestamps to support for CIFS
6417442 File system quarantined and modified attributes to support an integrated Anti-Virus service
6417453 FS boolean property for rejecting/allowing invalid UTF-8 sequences in file names
6473733 RFE: Need support for open-deny modes
6473755 RFE: Need ability to reconcile oplock and delegation conflicts
6494624 sharemgr needs to support CIFS shares better
6546705 All vnode operations need to pass caller_context_t
6546706 Need VOP_SETATTR/VOP_GETATTR to support new, optional attributes
6546893 Solaris system attribute support
6550962 ZFS ACL inheritance needs to be enhanced to support Automatic Inheritance
6553589 RFE: VFS Feature Registration facility
6553770 RFE: ZFS support for ACL-on-CREATE (PSARC 2007/227)
6565581 ls(1) should support file system attributes proposed in PSARC/2007/315
6566784 NTFS streams are not copied along with the files.
6576205 cp(1), pack(1) and compress(1) should support file system attributes proposed in PSARC/2007/315
6578875 RFE: kernel interfaces for nbmand need improvement
6578883 RFE: VOP_SHRLOCK needs additional access types
6578885 chmod(1) should support file system attributes proposed in PSARC/2007/315
6578886 RFE: disallow nbmand state to change on remount
6583349 ACL parser needs to support audit/alarm ACE types
6590347 tar(1) should support filesystem attributes proposed in PSARC/2007/315
6597357 *tar* xv@ doesn't show the hidden directory even though it is restored
6597360 *tar* should re-init xattr info if openat() fails during extraction of and extended attribute
6597368 *tar* cannot restore hard linked extended attributes
6597374 *tar* doesn't display "x " when hard linked attributes are restored
6597375 *tar* extended attribute header off by one
6614861 *cpio* incorrectly archives extended system attributes with -@
6614896 *pax* incorrectly archives extended system attributes with -@
6615225 *tar* incorrectly archives extended system attributes with -@
6617183 CIFS Service - PSARC 2006/715
Diffstat (limited to 'usr/src/lib/libsec/common/acltext.c')
| -rw-r--r-- | usr/src/lib/libsec/common/acltext.c | 55 |
1 files changed, 39 insertions, 16 deletions
diff --git a/usr/src/lib/libsec/common/acltext.c b/usr/src/lib/libsec/common/acltext.c index cdfd171c82..c0e1bb1e58 100644 --- a/usr/src/lib/libsec/common/acltext.c +++ b/usr/src/lib/libsec/common/acltext.c @@ -540,8 +540,12 @@ ace_inherit_txt(char *buf, char **endp, uint32_t iflags, int flags) buf[5] = 'F'; else buf[5] = '-'; - buf[6] = '\0'; - *endp = buf + 6; + if (iflags & ACE_INHERITED_ACE) + buf[6] = 'I'; + else + buf[6] = '-'; + buf[7] = '\0'; + *endp = buf + 7; } else { if (iflags & ACE_FILE_INHERIT_ACE) { strcpy(lend, "file_inherit/"); @@ -559,6 +563,18 @@ ace_inherit_txt(char *buf, char **endp, uint32_t iflags, int flags) strcpy(lend, "inherit_only/"); lend += sizeof ("inherit_only/") - 1; } + if (iflags & ACE_SUCCESSFUL_ACCESS_ACE_FLAG) { + strcpy(lend, "successful_access/"); + lend += sizeof ("successful_access/") - 1; + } + if (iflags & ACE_FAILED_ACCESS_ACE_FLAG) { + strcpy(lend, "failed_access/"); + lend += sizeof ("failed_access/") - 1; + } + if (iflags & ACE_INHERITED_ACE) { + strcpy(lend, "inherited/"); + lend += sizeof ("inherited/") - 1; + } if (*(lend - 1) == '/') *--lend = '\0'; @@ -829,16 +845,19 @@ increase_length(struct dynaclstr *dacl, size_t increase) * The length of a perms entry is 144 i.e read_data/write_data... * to each acl entry. * - * iflags: file_inherit/dir_inherit/inherit_only/no_propagate + * iflags: file_inherit/dir_inherit/inherit_only/no_propagate/successful_access + * /failed_access * */ #define ACE_ENTRYTYPLEN 6 -#define IFLAGS_SIZE 51 +#define IFLAGS_STR "file_inherit/dir_inherit/inherit_only/no_propagate/" \ + "successful_access/failed_access/inherited" +#define IFLAGS_SIZE (sizeof (IFLAGS_STR) - 1) #define ACCESS_TYPE_SIZE 7 /* if unknown */ #define COLON_CNT 3 #define PERMS_LEN 216 -#define ACE_ENTRY_SIZE (ACE_ENTRYTYPLEN + ID_STR_MAX + PERMS_LEN +\ +#define ACE_ENTRY_SIZE (ACE_ENTRYTYPLEN + ID_STR_MAX + PERMS_LEN + \ ACCESS_TYPE_SIZE + IFLAGS_SIZE + COLON_CNT + APPENDED_ID_MAX) static char * @@ -871,7 +890,9 @@ ace_acltotext(acl_t *aceaclp, int flags) (void) ace_inherit_txt(endp, &endp, aclp->a_flags, flags); if (flags & ACL_COMPACT_FMT || aclp->a_flags & (ACE_FILE_INHERIT_ACE | ACE_DIRECTORY_INHERIT_ACE | - (ACE_INHERIT_ONLY_ACE | ACE_NO_PROPAGATE_INHERIT_ACE))) { + (ACE_INHERIT_ONLY_ACE | ACE_NO_PROPAGATE_INHERIT_ACE | + ACE_INHERITED_ACE | ACE_SUCCESSFUL_ACCESS_ACE_FLAG | + ACE_FAILED_ACCESS_ACE_FLAG))) { *endp++ = ':'; *endp = '\0'; } @@ -972,7 +993,7 @@ ace_compact_printacl(acl_t *aclp) aclp->acl_flags & ACL_IS_DIR, ACL_COMPACT_FMT)); (void) printf("%s:", ace_inherit_txt(endp, &endp, acep->a_flags, - ACL_COMPACT_FMT)); + ACL_COMPACT_FMT)); (void) printf("%s\n", ace_access_txt(endp, &endp, acep->a_type)); } @@ -1038,16 +1059,14 @@ typedef struct value_table { uint32_t p_value; /* value for perm when pletter found */ } value_table_t; -#define ACE_PERM_COUNT 14 - /* - * The permission tables are layed out in positional order + * The permission tables are laid out in positional order * a '-' character will indicate a permission at a given * position is not specified. The '-' is not part of the * table, but will be checked for in the permission computation * routine. */ -value_table_t ace_perm_table[ACE_PERM_COUNT] = { +value_table_t ace_perm_table[] = { { 'r', ACE_READ_DATA}, { 'w', ACE_WRITE_DATA}, { 'x', ACE_EXECUTE}, @@ -1064,24 +1083,28 @@ value_table_t ace_perm_table[ACE_PERM_COUNT] = { { 's', ACE_SYNCHRONIZE} }; -#define ACLENT_PERM_COUNT 3 +#define ACE_PERM_COUNT (sizeof (ace_perm_table) / sizeof (value_table_t)) -value_table_t aclent_perm_table[ACLENT_PERM_COUNT] = { +value_table_t aclent_perm_table[] = { { 'r', S_IROTH}, { 'w', S_IWOTH}, { 'x', S_IXOTH} }; -#define IFLAG_COUNT 6 -value_table_t inherit_table[IFLAG_COUNT] = { +#define ACLENT_PERM_COUNT (sizeof (aclent_perm_table) / sizeof (value_table_t)) + +value_table_t inherit_table[] = { {'f', ACE_FILE_INHERIT_ACE}, {'d', ACE_DIRECTORY_INHERIT_ACE}, {'i', ACE_INHERIT_ONLY_ACE}, {'n', ACE_NO_PROPAGATE_INHERIT_ACE}, {'S', ACE_SUCCESSFUL_ACCESS_ACE_FLAG}, - {'F', ACE_FAILED_ACCESS_ACE_FLAG} + {'F', ACE_FAILED_ACCESS_ACE_FLAG}, + {'I', ACE_INHERITED_ACE} }; +#define IFLAG_COUNT (sizeof (inherit_table) / sizeof (value_table_t)) + /* * compute value from a permission table or inheritance table * based on string passed in. If positional is set then |