diff options
| author | casper <none@none> | 2007-05-25 05:43:42 -0700 |
|---|---|---|
| committer | casper <none@none> | 2007-05-25 05:43:42 -0700 |
| commit | f48205be61a214698b763ff550ab9e657525104c (patch) | |
| tree | bc63168b8468284765bb770eb48473b7a0bf980e /usr/src/lib | |
| parent | 7387092aa96cd872b317dfab3fee34a96c681f3e (diff) | |
| download | illumos-joyent-f48205be61a214698b763ff550ab9e657525104c.tar.gz | |
PSARC 2007/064 Unified POSIX and Windows Credentials for Solaris
4994017 data structure sharing between rpcbind and libnsl leads to accidents
6549510 Need the ability to store SIDs in the Solaris cred_t
6549515 PSARC 2007/064: uid_t and gid_t to become unsigned
Diffstat (limited to 'usr/src/lib')
31 files changed, 225 insertions, 172 deletions
diff --git a/usr/src/lib/auditd_plugins/syslog/sysplugin.c b/usr/src/lib/auditd_plugins/syslog/sysplugin.c index e3838d6837..83b4b5623e 100644 --- a/usr/src/lib/auditd_plugins/syslog/sysplugin.c +++ b/usr/src/lib/auditd_plugins/syslog/sysplugin.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * * convert binary audit records to syslog messages and @@ -452,7 +452,7 @@ getuname(uid_t uid, gid_t gid, char *p, size_t max, char *prefix, (void) memcpy(p, uidhash[ix].ht_value, l); len += l - 1; - if (gid != -2) { + if (gid != (gid_t)-2) { p += l - 1; max -= l - 1; if (max < 2) @@ -528,12 +528,12 @@ filter(const char *input, uint32_t sequence, char *output, initial_ctx.out.sf_reclen = 0; initial_ctx.out.sf_pass = 0; initial_ctx.out.sf_asid = 0; - initial_ctx.out.sf_auid = -2; - initial_ctx.out.sf_euid = -2; - initial_ctx.out.sf_egid = -2; + initial_ctx.out.sf_auid = (uid_t)-2; + initial_ctx.out.sf_euid = (uid_t)-2; + initial_ctx.out.sf_egid = (gid_t)-2; initial_ctx.out.sf_tid.at_type = 0; - initial_ctx.out.sf_pauid = -2; - initial_ctx.out.sf_peuid = -2; + initial_ctx.out.sf_pauid = (uid_t)-2; + initial_ctx.out.sf_peuid = (uid_t)2; initial_ctx.out.sf_uauthlen = 0; initial_ctx.out.sf_uauth = NULL; initial_ctx.out.sf_pathlen = 0; @@ -673,13 +673,13 @@ filter(const char *input, uint32_t sequence, char *output, remaining -= used; bp += used; } - if (ctx.out.sf_auid != -2) { + if (ctx.out.sf_auid != (uid_t)-2) { used = getuname(ctx.out.sf_auid, -2, bp, remaining, STRCONSTARGS(" by ")); bp += used; remaining -= used; } - if (ctx.out.sf_euid != -2) { + if (ctx.out.sf_euid != (uid_t)-2) { /* 4 = strlen(" as ") */ used = getuname(ctx.out.sf_euid, ctx.out.sf_egid, bp, remaining, STRCONSTARGS(" as ")); @@ -701,14 +701,14 @@ filter(const char *input, uint32_t sequence, char *output, bp += used; remaining -= used; } - if (ctx.out.sf_pauid != -2) { + if (ctx.out.sf_pauid != (uid_t)-2) { /* 11 = strlen(" proc_auid ") */ used = getuname(ctx.out.sf_pauid, -2, bp, remaining, STRCONSTARGS(" proc_auid ")); bp += used; remaining -= used; } - if (ctx.out.sf_peuid != -2) { + if (ctx.out.sf_peuid != (uid_t)-2) { used = getuname(ctx.out.sf_peuid, -2, bp, remaining, STRCONSTARGS(" proc_uid ")); bp += used; diff --git a/usr/src/lib/brand/lx/lx_brand/common/misc.c b/usr/src/lib/brand/lx/lx_brand/common/misc.c index 4ff4b350bb..77cf94d194 100644 --- a/usr/src/lib/brand/lx/lx_brand/common/misc.c +++ b/usr/src/lib/brand/lx/lx_brand/common/misc.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -480,7 +480,7 @@ lx_setgroups(uintptr_t p1, uintptr_t p2) * value (yuck). */ for (i = 0; i < ng; i++) { - if (glist[i] < 0 || glist[i] > MAXUID) + if (glist[i] > MAXUID) glist[i] = MAXUID; } } diff --git a/usr/src/lib/libbsm/common/adt.c b/usr/src/lib/libbsm/common/adt.c index 14b5d9315d..473ecbcc51 100644 --- a/usr/src/lib/libbsm/common/adt.c +++ b/usr/src/lib/libbsm/common/adt.c @@ -155,7 +155,7 @@ adt_get_mask_from_user(uid_t uid, au_mask_t *mask) if (auditstate == AUC_DISABLED) { mask->am_success = 0; mask->am_failure = 0; - } else if (uid >= 0) { + } else if (uid <= MAXUID) { if (getpwuid_r(uid, &pwd, pwd_buff, NSS_BUFSIZ) == NULL) { /* * getpwuid_r returns NULL without setting @@ -1507,7 +1507,7 @@ adt_changeuser(adt_internal_state_t *state, uid_t ruid) if (!(state->as_have_user_data & ADT_HAVE_ASID)) state->as_info.ai_asid = adt_get_unique_id(ruid); - if (ruid >= 0) { + if (ruid <= MAXEPHUID) { if (adt_get_mask_from_user(ruid, &mask)) return (-1); diff --git a/usr/src/lib/libbsm/common/audit_ftpd.c b/usr/src/lib/libbsm/common/audit_ftpd.c index 023e78cb33..0b53043d1e 100644 --- a/usr/src/lib/libbsm/common/audit_ftpd.c +++ b/usr/src/lib/libbsm/common/audit_ftpd.c @@ -19,13 +19,14 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include <sys/types.h> +#include <sys/param.h> #include <stdio.h> #include <sys/fcntl.h> #include <stdlib.h> @@ -155,8 +156,8 @@ generate_record( pwd = getpwnam(locuser); if (pwd == NULL) { - uid = -1; - gid = -1; + uid = (uid_t)-1; + gid = (gid_t)-1; } else { uid = pwd->pw_uid; gid = pwd->pw_gid; @@ -233,7 +234,7 @@ selected( struct au_mask mask; mask.am_success = mask.am_failure = 0; - if (uid < 0) { + if (uid > MAXEPHUID) { rc = getacna(naflags, 256); /* get non-attrib flags */ if (rc == 0) (void) getauditflagsbin(naflags, &mask); diff --git a/usr/src/lib/libbsm/common/audit_rexd.c b/usr/src/lib/libbsm/common/audit_rexd.c index 5c48b810b6..8fe16f9276 100644 --- a/usr/src/lib/libbsm/common/audit_rexd.c +++ b/usr/src/lib/libbsm/common/audit_rexd.c @@ -19,12 +19,13 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include <sys/types.h> +#include <sys/param.h> #include <stdio.h> #include <unistd.h> #include <sys/fcntl.h> @@ -90,7 +91,7 @@ int sf; struct au_mask mask; mask.am_success = mask.am_failure = 0; - if (uid < 0) { + if (uid > MAXEPHUID) { rc = getacna(naflags, 256); /* get non-attrib flags */ if (rc == 0) (void) getauditflagsbin(naflags, &mask); diff --git a/usr/src/lib/libbsm/common/audit_rexecd.c b/usr/src/lib/libbsm/common/audit_rexecd.c index bb32ed9643..d54db8395a 100644 --- a/usr/src/lib/libbsm/common/audit_rexecd.c +++ b/usr/src/lib/libbsm/common/audit_rexecd.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" @@ -63,7 +63,7 @@ int sf; struct au_mask mask; mask.am_success = mask.am_failure = 0; - if (uid < 0) { + if (uid > MAXEPHUID) { rc = getacna(naflags, 256); /* get non-attrib flags */ if (rc == 0) (void) getauditflagsbin(naflags, &mask); @@ -168,8 +168,8 @@ char *cmdbuf; /* command line to be executed locally */ pwd = getpwnam(user); if (pwd == NULL) { - uid = -1; - gid = -1; + uid = (uid_t)-1; + gid = (gid_t)-1; } else { uid = pwd->pw_uid; gid = pwd->pw_gid; @@ -279,8 +279,8 @@ char *cmdbuf; /* command line to be executed locally */ pwd = getpwnam(user); if (pwd == NULL) { - uid = -1; - gid = -1; + uid = (uid_t)-1; + gid = (gid_t)-1; } else { uid = pwd->pw_uid; gid = pwd->pw_gid; diff --git a/usr/src/lib/libbsm/common/audit_rshd.c b/usr/src/lib/libbsm/common/audit_rshd.c index 7ff2523355..24de2fd281 100644 --- a/usr/src/lib/libbsm/common/audit_rshd.c +++ b/usr/src/lib/libbsm/common/audit_rshd.c @@ -19,12 +19,13 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include <sys/types.h> +#include <sys/param.h> #include <stdio.h> #include <sys/fcntl.h> #include <bsm/audit.h> @@ -114,8 +115,8 @@ generate_record(char *remuser, /* username at machine requesting service */ pwd = getpwnam(locuser); if (pwd == NULL) { - uid = -1; - gid = -1; + uid = (uid_t)-1; + gid = (gid_t)-1; } else { uid = pwd->pw_uid; gid = pwd->pw_gid; @@ -179,7 +180,7 @@ selected(uid_t uid, char *locuser, au_event_t event, int sf) struct au_mask mask; mask.am_success = mask.am_failure = 0; - if (uid < 0) { + if (uid > MAXEPHUID) { rc = getacna(naflags, 256); /* get non-attrib flags */ if (rc == 0) (void) getauditflagsbin(naflags, &mask); @@ -208,7 +209,7 @@ setup_session(char *locuser) pwd = getpwnam(locuser); if (pwd == NULL) - uid = -1; + uid = (uid_t)-1; else uid = pwd->pw_uid; diff --git a/usr/src/lib/libbsm/common/generic.c b/usr/src/lib/libbsm/common/generic.c index 07feb42390..7fc7abc5f0 100644 --- a/usr/src/lib/libbsm/common/generic.c +++ b/usr/src/lib/libbsm/common/generic.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" @@ -102,11 +102,11 @@ cannot_audit(force) void aug_init() { - aug_auid = -1; - aug_uid = -1; - aug_euid = -1; - aug_gid = -1; - aug_egid = -1; + aug_auid = (uid_t)-1; + aug_uid = (uid_t)-1; + aug_euid = (uid_t)-1; + aug_gid = (gid_t)-1; + aug_egid = (gid_t)-1; aug_pid = -1; aug_tid.at_port = 0; aug_tid.at_type = AU_IPv4; @@ -420,7 +420,7 @@ aug_audit(void) (void) au_write(ad, au_to_mylabel()); if (aug_policy & AUDIT_GROUP) { int ng; - gid_t grplst[NGROUPS_MAX]; + gid_t grplst[NGROUPS_UMAX]; (void) memset(grplst, 0, sizeof (grplst)); if ((ng = getgroups(NGROUPS_UMAX, grplst))) { @@ -472,7 +472,7 @@ aug_selected() { auditinfo_addr_t mask; - if (aug_uid < 0) { + if (aug_uid > MAXEPHUID) { (void) aug_save_namask(); return (aug_na_selected()); } diff --git a/usr/src/lib/libc/amd64/Makefile b/usr/src/lib/libc/amd64/Makefile index 9ab5e41b29..7baca5cb48 100644 --- a/usr/src/lib/libc/amd64/Makefile +++ b/usr/src/lib/libc/amd64/Makefile @@ -815,6 +815,7 @@ PORTSYS= \ set_errno.o \ sharefs.o \ shmsys.o \ + sidsys.o \ siginterrupt.o \ signal.o \ sigpending.o \ diff --git a/usr/src/lib/libc/i386/Makefile.com b/usr/src/lib/libc/i386/Makefile.com index 61d1454346..4466ec7c5a 100644 --- a/usr/src/lib/libc/i386/Makefile.com +++ b/usr/src/lib/libc/i386/Makefile.com @@ -854,6 +854,7 @@ PORTSYS= \ set_errno.o \ sharefs.o \ shmsys.o \ + sidsys.o \ siginterrupt.o \ signal.o \ sigpending.o \ diff --git a/usr/src/lib/libc/port/gen/getgrnam_r.c b/usr/src/lib/libc/port/gen/getgrnam_r.c index 17b8ed6f0e..ab41c50bac 100644 --- a/usr/src/lib/libc/port/gen/getgrnam_r.c +++ b/usr/src/lib/libc/port/gen/getgrnam_r.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -396,10 +396,9 @@ str2group(const char *instr, int lenstr, void *ent, char *buffer, int buflen) return (NSS_STR_PARSE_PARSE); } /* - * gids should be non-negative; anything else - * is administrative policy. + * gids should be in the range 0 .. MAXUID */ - if (group->gr_gid < 0) + if (group->gr_gid > MAXUID) group->gr_gid = GID_NOBODY; } if (*next++ != ':') { diff --git a/usr/src/lib/libc/port/gen/getpwnam_r.c b/usr/src/lib/libc/port/gen/getpwnam_r.c index 75b8fa171d..21d1c3c7e5 100644 --- a/usr/src/lib/libc/port/gen/getpwnam_r.c +++ b/usr/src/lib/libc/port/gen/getpwnam_r.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -330,7 +330,7 @@ str2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen) * Now we just check for negative uids; anything else * is administrative policy */ - if (passwd->pw_uid < 0) + if (passwd->pw_uid > MAXUID) passwd->pw_uid = UID_NOBODY; } if (*next++ != ':') { @@ -356,7 +356,7 @@ str2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen) * gid should be non-negative; anything else * is administrative policy. */ - if (passwd->pw_gid < 0) + if (passwd->pw_gid > MAXUID) passwd->pw_gid = GID_NOBODY; } if (*next++ != ':') { diff --git a/usr/src/lib/libc/port/gen/initgroups.c b/usr/src/lib/libc/port/gen/initgroups.c index 1f7c2b32ce..82be7bb739 100644 --- a/usr/src/lib/libc/port/gen/initgroups.c +++ b/usr/src/lib/libc/port/gen/initgroups.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -37,6 +36,7 @@ #include <errno.h> #include <grp.h> #include <sys/types.h> +#include <sys/param.h> #include <unistd.h> /* Private interface to the groups code in getgrnam.c */ @@ -68,7 +68,7 @@ initgroups(const char *uname, gid_t agroup) groups[0] = agroup; ngroups = _getgroupsbymember(uname, groups, (int)ngroups_max, - (agroup >= 0) ? 1 : 0); + (agroup <= MAXUID) ? 1 : 0); if (ngroups < 0) { /* XXX -- man page does not define a value for errno in */ /* this case. Should be looked into sometime. */ diff --git a/usr/src/lib/libc/port/gen/privlib.c b/usr/src/lib/libc/port/gen/privlib.c index f7d289aa25..1968f7eaa4 100644 --- a/usr/src/lib/libc/port/gen/privlib.c +++ b/usr/src/lib/libc/port/gen/privlib.c @@ -508,7 +508,7 @@ __init_daemon_priv(int flags, uid_t uid, gid_t gid, ...) if (flags & PU_RESETGROUPS) (void) setgroups(0, NULL); - if (gid != -1 && setgid(gid) != 0) + if (gid != (gid_t)-1 && setgid(gid) != 0) goto end; perm = priv_allocset(); @@ -520,7 +520,7 @@ __init_daemon_priv(int flags, uid_t uid, gid_t gid, ...) (void) setppriv(PRIV_SET, effective, perm); /* Now reset suid and euid */ - if (uid != -1 && setreuid(uid, uid) != 0) + if (uid != (uid_t)-1 && setreuid(uid, uid) != 0) goto end; /* Check for the limit privs */ @@ -549,7 +549,7 @@ end: if (core_get_process_path(buf, sizeof (buf), getpid()) == 0 && strcmp(buf, "core") == 0) { - if ((uid == -1 ? geteuid() : uid) == 0) { + if ((uid == (uid_t)-1 ? geteuid() : uid) == 0) { (void) core_set_process_path(root_cp, sizeof (root_cp), getpid()); } else { diff --git a/usr/src/lib/libc/port/gen/sysconf.c b/usr/src/lib/libc/port/gen/sysconf.c index 769298e131..2fce51b32e 100644 --- a/usr/src/lib/libc/port/gen/sysconf.c +++ b/usr/src/lib/libc/port/gen/sysconf.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -439,6 +438,9 @@ sysconf(int name) case _SC_CPUID_MAX: return (_sysconfig(_CONFIG_CPUID_MAX)); + case _SC_EPHID_MAX: + return (_sysconfig(_CONFIG_EPHID_MAX)); + /* UNIX 03 names - XPG6/SUSv3/POSIX.1-2001 */ case _SC_REGEXP: diff --git a/usr/src/lib/libc/port/gen/ucred.c b/usr/src/lib/libc/port/gen/ucred.c index b500617d48..03b6fa325f 100644 --- a/usr/src/lib/libc/port/gen/ucred.c +++ b/usr/src/lib/libc/port/gen/ucred.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -115,7 +115,7 @@ ucred_geteuid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((uid_t)-1); } return (cr->pr_euid); @@ -129,7 +129,7 @@ ucred_getruid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((uid_t)-1); } return (cr->pr_ruid); @@ -143,7 +143,7 @@ ucred_getsuid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((uid_t)-1); } return (cr->pr_suid); @@ -157,7 +157,7 @@ ucred_getegid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((gid_t)-1); } return (cr->pr_egid); @@ -171,7 +171,7 @@ ucred_getrgid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((gid_t)-1); } return (cr->pr_rgid); @@ -185,7 +185,7 @@ ucred_getsgid(const ucred_t *uc) if (cr == NULL) { errno = EINVAL; - return (-1); + return ((gid_t)-1); } return (cr->pr_sgid); diff --git a/usr/src/lib/libc/port/mapfile-vers b/usr/src/lib/libc/port/mapfile-vers index 33f1ae8d42..932505d279 100644 --- a/usr/src/lib/libc/port/mapfile-vers +++ b/usr/src/lib/libc/port/mapfile-vers @@ -1279,6 +1279,7 @@ SUNWprivate_1.1 { _acctctl; _acl; _adjtime; + allocids; ___Argv = NODIRECT; _ascftime; _asctime_r; @@ -1596,6 +1597,8 @@ SUNWprivate_1.1 { _iconv; _iconv_close; _iconv_open; + idmap_reg; + idmap_unreg; __inf_read; __inf_written; __init_daemon_priv; diff --git a/usr/src/lib/libc/port/sys/issetugid.c b/usr/src/lib/libc/port/sys/issetugid.c index 8043ca69e6..2185bf9397 100644 --- a/usr/src/lib/libc/port/sys/issetugid.c +++ b/usr/src/lib/libc/port/sys/issetugid.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,8 +19,8 @@ * CDDL HEADER END */ /* - * Copyright (c) 2001 by Sun Microsystems, Inc. - * All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" @@ -30,10 +29,11 @@ #include "synonyms.h" #include <sys/syscall.h> +#include <sys/priv.h> #include <unistd.h> int issetugid(void) { - return (syscall(SYS_issetugid)); + return (syscall(SYS_privsys, PRIVSYS_ISSETUGID)); } diff --git a/usr/src/lib/libc/port/sys/sidsys.c b/usr/src/lib/libc/port/sys/sidsys.c new file mode 100644 index 0000000000..d1ccabd2f4 --- /dev/null +++ b/usr/src/lib/libc/port/sys/sidsys.c @@ -0,0 +1,69 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ + +/* + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ + +#pragma ident "%Z%%M% %I% %E% SMI" + +/* + * UID/SID mapping system call entries. + */ + +#include "synonyms.h" +#include <sys/sid.h> +#include <sys/syscall.h> + + +int +allocids(int flag, int nuids, uid_t *suid, int ngids, gid_t *sgid) +{ + sysret_t rv; + int e; + + e = __systemcall(&rv, SYS_sidsys, SIDSYS_ALLOC_IDS, flag, nuids, ngids); + + if (e != 0) { + (void) __set_errno(e); + return (-1); + } + + if (suid != NULL) + *suid = (uid_t)rv.sys_rval1; + if (sgid != NULL) + *sgid = (gid_t)rv.sys_rval2; + + return (0); +} + +int +idmap_reg(int fd) +{ + return (syscall(SYS_sidsys, SIDSYS_IDMAP_REG, fd)); +} + +int +idmap_unreg(int fd) +{ + return (syscall(SYS_sidsys, SIDSYS_IDMAP_UNREG, fd)); +} diff --git a/usr/src/lib/libc/sparc/Makefile b/usr/src/lib/libc/sparc/Makefile index cabf23b2a8..61472f35b6 100644 --- a/usr/src/lib/libc/sparc/Makefile +++ b/usr/src/lib/libc/sparc/Makefile @@ -880,6 +880,7 @@ PORTSYS= \ set_errno.o \ sharefs.o \ shmsys.o \ + sidsys.o \ siginterrupt.o \ signal.o \ sigpending.o \ diff --git a/usr/src/lib/libc/sparcv9/Makefile b/usr/src/lib/libc/sparcv9/Makefile index 595c0a40c5..f4a5b48a74 100644 --- a/usr/src/lib/libc/sparcv9/Makefile +++ b/usr/src/lib/libc/sparcv9/Makefile @@ -825,6 +825,7 @@ PORTSYS= \ set_errno.o \ sharefs.o \ shmsys.o \ + sidsys.o \ siginterrupt.o \ signal.o \ sigpending.o \ diff --git a/usr/src/lib/libexacct/demo/exdump.c b/usr/src/lib/libexacct/demo/exdump.c index 7ef6057fc6..c89b25c1e0 100644 --- a/usr/src/lib/libexacct/demo/exdump.c +++ b/usr/src/lib/libexacct/demo/exdump.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -300,7 +299,7 @@ disp_obj(ea_object_t *o, int indent) { uid_t uid = o->eo_item.ei_uint32; - (void) printf("%-15lu", uid); + (void) printf("%-15u", uid); if (vflag) { struct passwd *pwd; if ((pwd = getpwuid(uid)) != NULL) @@ -313,7 +312,7 @@ disp_obj(ea_object_t *o, int indent) { gid_t gid = o->eo_item.ei_uint32; - (void) printf("%-15lu", gid); + (void) printf("%-15u", gid); if (vflag) { struct group *grp; if ((grp = getgrgid(gid)) != NULL) diff --git a/usr/src/lib/libnsl/rpc/netnamer.c b/usr/src/lib/libnsl/rpc/netnamer.c index ee54f94151..f20434eb48 100644 --- a/usr/src/lib/libnsl/rpc/netnamer.c +++ b/usr/src/lib/libnsl/rpc/netnamer.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ @@ -540,7 +540,7 @@ netname2user_ldap(int *err, char *netname, struct netid_userdata *argp) groups[0] = pw.pw_gid; ngroups = _getgroupsbymember(pw.pw_name, groups, NGROUPS_MAX, - (pw.pw_gid >= 0) ? 1 : 0); + (pw.pw_gid <= MAXUID) ? 1 : 0); if (ngroups < 0) { *err = __NSW_UNAVAIL; diff --git a/usr/src/lib/libnsl/rpc/svc_dg.c b/usr/src/lib/libnsl/rpc/svc_dg.c index b66ba988f0..9e9c78db8d 100644 --- a/usr/src/lib/libnsl/rpc/svc_dg.c +++ b/usr/src/lib/libnsl/rpc/svc_dg.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ @@ -45,6 +45,7 @@ #include <sys/types.h> #include <sys/sysmacros.h> #include <rpc/rpc.h> +#include <rpcsvc/svc_dg_priv.h> #include <errno.h> #include <syslog.h> #include <stdlib.h> @@ -63,23 +64,6 @@ static struct xp_ops *svc_dg_ops(); static void cache_set(); static int cache_get(); -#define MAX_OPT_WORDS 128 /* needs to fit a ucred */ - -/* - * kept in xprt->xp_p2 - */ -struct svc_dg_data { - /* XXX: optbuf should be the first field, used by ti_opts.c code */ - struct netbuf optbuf; /* netbuf for options */ - int opts[MAX_OPT_WORDS]; /* options */ - uint_t su_iosz; /* size of send.recv buffer */ - uint32_t su_xid; /* transaction id */ - XDR su_xdrs; /* XDR handle */ - char su_verfbody[MAX_AUTH_BYTES]; /* verifier body */ - char *su_cache; /* cached data, NULL if none */ - struct t_unitdata su_tudata; /* tu_data for recv */ -}; -#define su_data(xprt) ((struct svc_dg_data *)(xprt->xp_p2)) #define rpc_buffer(xprt) ((xprt)->xp_p1) /* @@ -108,7 +92,7 @@ svc_dg_xprtfree(SVCXPRT *xprt) /* LINTED pointer alignment */ SVCXPRT_EXT *xt = xprt ? SVCEXT(xprt) : NULL; /* LINTED pointer alignment */ - struct svc_dg_data *su = xprt ? su_data(xprt) : NULL; + struct svc_dg_data *su = xprt ? get_svc_dg_data(xprt) : NULL; if (xprt == NULL) return; @@ -257,7 +241,7 @@ svc_dg_xprtcopy(SVCXPRT *parent) return (NULL); } /* LINTED pointer alignment */ - su->su_iosz = su_data(parent)->su_iosz; + su->su_iosz = get_svc_dg_data(parent)->su_iosz; if ((rpc_buffer(xprt) = malloc(su->su_iosz)) == NULL) { svc_dg_xprtfree(xprt); free(su); @@ -271,7 +255,7 @@ svc_dg_xprtcopy(SVCXPRT *parent) su->su_tudata.opt.buf = (char *)su->opts; su->su_tudata.udata.maxlen = su->su_iosz; su->su_tudata.opt.maxlen = MAX_OPT_WORDS << 2; /* no of bytes */ - xprt->xp_p2 = (caddr_t)su; /* su_data(xprt) = su */ + xprt->xp_p2 = (caddr_t)su; /* get_svc_dg_data(xprt) = su */ xprt->xp_verf.oa_base = su->su_verfbody; return (xprt); @@ -319,7 +303,7 @@ static bool_t svc_dg_recv(SVCXPRT *xprt, struct rpc_msg *msg) { /* LINTED pointer alignment */ - struct svc_dg_data *su = su_data(xprt); + struct svc_dg_data *su = get_svc_dg_data(xprt); XDR *xdrs = &(su->su_xdrs); struct t_unitdata *tu_data = &(su->su_tudata); int moreflag; @@ -428,7 +412,7 @@ static bool_t svc_dg_reply(SVCXPRT *xprt, struct rpc_msg *msg) { /* LINTED pointer alignment */ - struct svc_dg_data *su = su_data(xprt); + struct svc_dg_data *su = get_svc_dg_data(xprt); XDR *xdrs = &(su->su_xdrs); bool_t stat = FALSE; xdrproc_t xdr_results; @@ -484,14 +468,15 @@ svc_dg_getargs(SVCXPRT *xprt, xdrproc_t xdr_args, caddr_t args_ptr) svc_args_done(xprt); /* LINTED pointer alignment */ return (SVCAUTH_UNWRAP(&SVC_XP_AUTH(xprt), - &(su_data(xprt)->su_xdrs), xdr_args, args_ptr)); + &(get_svc_dg_data(xprt)->su_xdrs), + xdr_args, args_ptr)); } static bool_t svc_dg_freeargs(SVCXPRT *xprt, xdrproc_t xdr_args, caddr_t args_ptr) { /* LINTED pointer alignment */ - XDR *xdrs = &(su_data(xprt)->su_xdrs); + XDR *xdrs = &(get_svc_dg_data(xprt)->su_xdrs); xdrs->x_op = XDR_FREE; return ((*xdr_args)(xdrs, args_ptr)); @@ -623,7 +608,7 @@ struct cl_cache { */ #define CACHE_LOC(transp, xid) \ (xid % (SPARSENESS * ((struct cl_cache *) \ - su_data(transp)->su_cache)->uc_size)) + get_svc_dg_data(transp)->su_cache)->uc_size)) extern mutex_t dupreq_lock; @@ -649,7 +634,7 @@ svc_dg_enablecache(SVCXPRT *xprt, const uint_t size) else transp = xprt; /* LINTED pointer alignment */ - su = su_data(transp); + su = get_svc_dg_data(transp); (void) mutex_lock(&dupreq_lock); if (su->su_cache != NULL) { @@ -723,9 +708,9 @@ cache_set(SVCXPRT *xprt, uint32_t replylen) else parent = xprt; /* LINTED pointer alignment */ - su = su_data(xprt); + su = get_svc_dg_data(xprt); /* LINTED pointer alignment */ - uc = (struct cl_cache *)su_data(parent)->su_cache; + uc = (struct cl_cache *)get_svc_dg_data(parent)->su_cache; (void) mutex_lock(&dupreq_lock); /* @@ -836,9 +821,9 @@ cache_get(SVCXPRT *xprt, struct rpc_msg *msg, char **replyp, else parent = xprt; /* LINTED pointer alignment */ - su = su_data(xprt); + su = get_svc_dg_data(xprt); /* LINTED pointer alignment */ - uc = (struct cl_cache *)su_data(parent)->su_cache; + uc = (struct cl_cache *)get_svc_dg_data(parent)->su_cache; (void) mutex_lock(&dupreq_lock); /* LINTED pointer alignment */ diff --git a/usr/src/lib/librestart/common/librestart.c b/usr/src/lib/librestart/common/librestart.c index 5cdc76016d..88ca2ea53b 100644 --- a/usr/src/lib/librestart/common/librestart.c +++ b/usr/src/lib/librestart/common/librestart.c @@ -1702,11 +1702,11 @@ get_gid(const char *str) gid = strtol(str, &cp, 10); if (gid == 0 && errno != 0) - return (-1); + return ((gid_t)-1); for (; *cp != '\0'; ++cp) if (*cp != ' ' || *cp != '\t') - return (-1); + return ((gid_t)-1); return (gid); } else { @@ -1723,7 +1723,7 @@ get_gid(const char *str) ret = getgrnam_r(str, &grp, buffer, buflen); free(buffer); - return (ret == NULL ? -1 : grp.gr_gid); + return (ret == NULL ? (gid_t)-1 : grp.gr_gid); } } @@ -1875,7 +1875,7 @@ get_groups(char *str, struct method_context *ci) *end = '\0'; - if ((ci->groups[i] = get_gid(cp)) == -1) { + if ((ci->groups[i] = get_gid(cp)) == (gid_t)-1) { ci->ngroups = 0; return (EINVAL); } @@ -1937,7 +1937,7 @@ get_profile(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, /* Get the euid first so we don't override ci->pwd for the uid. */ if ((value = kva_match(eap->attr, EXECATTR_EUID_KW)) != NULL) { if (get_uid(value, ci, &ci->euid) != 0) { - ci->euid = -1; + ci->euid = (uid_t)-1; errstr = "Could not interpret profile euid."; goto out; } @@ -1945,7 +1945,7 @@ get_profile(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, if ((value = kva_match(eap->attr, EXECATTR_UID_KW)) != NULL) { if (get_uid(value, ci, &ci->uid) != 0) { - ci->euid = ci->uid = -1; + ci->euid = ci->uid = (uid_t)-1; errstr = "Could not interpret profile uid."; goto out; } @@ -1954,7 +1954,7 @@ get_profile(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, if ((value = kva_match(eap->attr, EXECATTR_GID_KW)) != NULL) { ci->egid = ci->gid = get_gid(value); - if (ci->gid == -1) { + if (ci->gid == (gid_t)-1) { errstr = "Could not interpret profile gid."; goto out; } @@ -1962,7 +1962,7 @@ get_profile(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, if ((value = kva_match(eap->attr, EXECATTR_EGID_KW)) != NULL) { ci->egid = get_gid(value); - if (ci->egid == -1) { + if (ci->egid == (gid_t)-1) { errstr = "Could not interpret profile egid."; goto out; } @@ -2019,7 +2019,7 @@ get_ids(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, } if (get_uid(vbuf, ci, &ci->uid) != 0) { - ci->uid = -1; + ci->uid = (uid_t)-1; errstr = "Could not interpret user property."; goto out; } @@ -2032,7 +2032,7 @@ get_ids(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, if (strcmp(vbuf, ":default") != 0) { ci->gid = get_gid(vbuf); - if (ci->gid == -1) { + if (ci->gid == (gid_t)-1) { errstr = "Could not interpret group property."; goto out; } @@ -2043,7 +2043,7 @@ get_ids(scf_propertygroup_t *pg, scf_property_t *prop, scf_value_t *val, break; case ENOENT: - ci->gid = -1; + ci->gid = (gid_t)-1; errstr = "No passwd entry."; goto out; @@ -2251,10 +2251,10 @@ restarter_get_method_context(uint_t version, scf_instance_t *inst, return (ALLOCFAIL); (void) memset(cip, 0, sizeof (*cip)); - cip->uid = -1; - cip->euid = -1; - cip->gid = -1; - cip->egid = -1; + cip->uid = (uid_t)-1; + cip->euid = (uid_t)-1; + cip->gid = (gid_t)-1; + cip->egid = (gid_t)-1; cip->vbuf_sz = scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH); assert(cip->vbuf_sz >= 0); @@ -2613,9 +2613,9 @@ restarter_set_method_context(struct method_context *cip, const char **fp) cip->pwbuf = NULL; *fp = NULL; - if (cip->gid != -1) { + if (cip->gid != (gid_t)-1) { if (setregid(cip->gid, - cip->egid != -1 ? cip->egid : cip->gid) != 0) { + cip->egid != (gid_t)-1 ? cip->egid : cip->gid) != 0) { *fp = "setregid"; ret = errno; @@ -2645,7 +2645,8 @@ restarter_set_method_context(struct method_context *cip, const char **fp) } if (setregid(cip->pwd.pw_gid, - cip->egid != -1 ? cip->egid : cip->pwd.pw_gid) != 0) { + cip->egid != (gid_t)-1 ? + cip->egid : cip->pwd.pw_gid) != 0) { *fp = "setregid"; ret = errno; @@ -2816,7 +2817,8 @@ restarter_set_method_context(struct method_context *cip, const char **fp) */ *fp = "setreuid"; - if (setreuid(cip->uid, cip->euid != -1 ? cip->euid : cip->uid) != 0) { + if (setreuid(cip->uid, + cip->euid != (uid_t)-1 ? cip->euid : cip->uid) != 0) { ret = errno; assert(ret == EINVAL || ret == EPERM); goto out; diff --git a/usr/src/lib/libsec/common/acltext.c b/usr/src/lib/libsec/common/acltext.c index b37a1f6cc1..cdfd171c82 100644 --- a/usr/src/lib/libsec/common/acltext.c +++ b/usr/src/lib/libsec/common/acltext.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -89,7 +89,7 @@ pruname(uid_t uid, char *uidp, size_t buflen, int noresolve) passwdp = getpwuid(uid); if (passwdp == (struct passwd *)NULL) { /* could not get passwd information: display uid instead */ - (void) snprintf(uidp, buflen, "%ld", (long)uid); + (void) snprintf(uidp, buflen, "%u", uid); } else { (void) strlcpy(uidp, passwdp->pw_name, buflen); } @@ -105,7 +105,7 @@ prgname(gid_t gid, char *gidp, size_t buflen, int noresolve) groupp = getgrgid(gid); if (groupp == (struct group *)NULL) { /* could not get group information: display gid instead */ - (void) snprintf(gidp, buflen, "%ld", (long)gid); + (void) snprintf(gidp, buflen, "%u", gid); } else { (void) strlcpy(gidp, groupp->gr_name, buflen); } diff --git a/usr/src/lib/libsec/common/aclutils.c b/usr/src/lib/libsec/common/aclutils.c index 8e8166200c..d90ad4b171 100644 --- a/usr/src/lib/libsec/common/aclutils.c +++ b/usr/src/lib/libsec/common/aclutils.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -488,7 +488,7 @@ ln_aent_to_ace(aclent_t *aclent, int n, ace_t **acepp, int *rescount, int isdir) acep->a_type = ACE_ACCESS_DENIED_ACE_TYPE; acep->a_flags = 0; if (aclent[i].a_type & GROUP_OBJ) { - acep->a_who = -1; + acep->a_who = (uid_t)-1; acep->a_flags |= (ACE_IDENTIFIER_GROUP|ACE_GROUP); } else if (aclent[i].a_type & USER) { @@ -532,7 +532,7 @@ ln_aent_to_ace(aclent_t *aclent, int n, ace_t **acepp, int *rescount, int isdir) * differently for each different a_type. */ if (aclent[i].a_type & USER_OBJ) { - acep->a_who = -1; + acep->a_who = (uid_t)-1; acep->a_flags |= ACE_OWNER; ace_make_deny(acep, acep + 1, isdir, B_TRUE); acep += 2; @@ -542,7 +542,7 @@ ln_aent_to_ace(aclent_t *aclent, int n, ace_t **acepp, int *rescount, int isdir) acep += 2; } else if (aclent[i].a_type & (GROUP_OBJ | GROUP)) { if (aclent[i].a_type & GROUP_OBJ) { - acep->a_who = -1; + acep->a_who = (uid_t)-1; acep->a_flags |= ACE_GROUP; } else { acep->a_who = aclent[i].a_id; @@ -579,7 +579,7 @@ ln_aent_to_ace(aclent_t *aclent, int n, ace_t **acepp, int *rescount, int isdir) else acep += 1; } else if (aclent[i].a_type & OTHER_OBJ) { - acep->a_who = -1; + acep->a_who = (uid_t)-1; acep->a_flags |= ACE_EVERYONE; ace_make_deny(acep, acep + 1, isdir, B_FALSE); acep += 2; @@ -1841,9 +1841,9 @@ ace_match(void *entry1, void *entry2) * accurate comparison, since field is undefined. */ if (ace1.a_flags & (ACE_OWNER|ACE_GROUP|ACE_EVERYONE)) - ace1.a_who = -1; + ace1.a_who = (uid_t)-1; if (ace2.a_flags & (ACE_OWNER|ACE_GROUP|ACE_EVERYONE)) - ace2.a_who = -1; + ace2.a_who = (uid_t)-1; return (memcmp(&ace1, &ace2, sizeof (ace_t))); } diff --git a/usr/src/lib/libsldap/common/ns_writes.c b/usr/src/lib/libsldap/common/ns_writes.c index 474db98161..6c39272eba 100644 --- a/usr/src/lib/libsldap/common/ns_writes.c +++ b/usr/src/lib/libsldap/common/ns_writes.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -1362,8 +1362,8 @@ __s_cvt_passwd(const void *data, char **rdn, /* Convert the structure */ ptr = (struct passwd *)data; - if (ptr->pw_name == NULL || ptr->pw_uid < 0 || - ptr->pw_gid < 0 || ptr->pw_dir == NULL) { + if (ptr->pw_name == NULL || ptr->pw_uid > MAXUID || + ptr->pw_gid > MAXUID || ptr->pw_dir == NULL) { __ns_ldap_freeEntry(e); *entry = NULL; return (NS_LDAP_INVALID_PARAM); @@ -1399,22 +1399,14 @@ __s_cvt_passwd(const void *data, char **rdn, } } -#ifdef _LP64 - (void) sprintf(ibuf, "%d", ptr->pw_uid); -#else - (void) sprintf(ibuf, "%ld", ptr->pw_uid); -#endif + (void) sprintf(ibuf, "%u", ptr->pw_uid); rc = __s_add_attr(e, "uidNumber", ibuf); if (rc != NS_LDAP_SUCCESS) { __s_cvt_freeEntryRdn(entry, rdn); return (rc); } -#ifdef _LP64 - (void) sprintf(ibuf, "%d", ptr->pw_gid); -#else - (void) sprintf(ibuf, "%ld", ptr->pw_gid); -#endif + (void) sprintf(ibuf, "%u", ptr->pw_gid); rc = __s_add_attr(e, "gidNumber", ibuf); if (rc != NS_LDAP_SUCCESS) { __s_cvt_freeEntryRdn(entry, rdn); @@ -1603,7 +1595,7 @@ __s_cvt_group(const void *data, char **rdn, /* Convert the structure */ ptr = (struct group *)data; - if (ptr->gr_name == NULL || ptr->gr_gid < 0) { + if (ptr->gr_name == NULL || ptr->gr_gid > MAXUID) { __ns_ldap_freeEntry(e); *entry = NULL; return (NS_LDAP_INVALID_PARAM); @@ -1625,11 +1617,7 @@ __s_cvt_group(const void *data, char **rdn, return (rc); } -#ifdef _LP64 - (void) sprintf(ibuf, "%d", ptr->gr_gid); -#else - (void) sprintf(ibuf, "%ld", ptr->gr_gid); -#endif + (void) sprintf(ibuf, "%u", ptr->gr_gid); rc = __s_add_attr(e, "gidNumber", ibuf); if (rc != NS_LDAP_SUCCESS) { __s_cvt_freeEntryRdn(entry, rdn); diff --git a/usr/src/lib/nsswitch/ldap/common/getgrent.c b/usr/src/lib/nsswitch/ldap/common/getgrent.c index c22a48ba8d..f20c48a4db 100644 --- a/usr/src/lib/nsswitch/ldap/common/getgrent.c +++ b/usr/src/lib/nsswitch/ldap/common/getgrent.c @@ -40,8 +40,8 @@ #define _F_GETGRNAM "(&(objectClass=posixGroup)(cn=%s))" #define _F_GETGRNAM_SSD "(&(%%s)(cn=%s))" -#define _F_GETGRGID "(&(objectClass=posixGroup)(gidNumber=%ld))" -#define _F_GETGRGID_SSD "(&(%%s)(gidNumber=%ld))" +#define _F_GETGRGID "(&(objectClass=posixGroup)(gidNumber=%u))" +#define _F_GETGRGID_SSD "(&(%%s)(gidNumber=%u))" #define _F_GETGRMEM "(&(objectClass=posixGroup)(memberUid=%s))" #define _F_GETGRMEM_SSD "(&(%%s)(memberUid=%s))" @@ -209,12 +209,12 @@ getbygid(ldap_backend_ptr be, void *a) int ret; ret = snprintf(searchfilter, sizeof (searchfilter), - _F_GETGRGID, (long)argp->key.uid); + _F_GETGRGID, argp->key.uid); if (ret >= sizeof (searchfilter) || ret < 0) return ((nss_status_t)NSS_NOTFOUND); ret = snprintf(userdata, sizeof (userdata), - _F_GETGRGID_SSD, (long)argp->key.uid); + _F_GETGRGID_SSD, argp->key.uid); if (ret >= sizeof (userdata) || ret < 0) return ((nss_status_t)NSS_NOTFOUND); diff --git a/usr/src/lib/nsswitch/nisplus/common/getgrent.c b/usr/src/lib/nsswitch/nisplus/common/getgrent.c index 5d1a5234ff..9f1e78a89c 100644 --- a/usr/src/lib/nsswitch/nisplus/common/getgrent.c +++ b/usr/src/lib/nsswitch/nisplus/common/getgrent.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -71,7 +71,7 @@ getbygid(be, a) nss_XbyY_args_t *argp = (nss_XbyY_args_t *)a; char gidstr[12]; /* More than enough */ - (void) snprintf(gidstr, 12, "%ld", argp->key.gid); + (void) snprintf(gidstr, 12, "%u", argp->key.gid); return (_nss_nisplus_lookup(be, argp, GR_TAG_GID, gidstr)); } diff --git a/usr/src/lib/passwdutil/switch_utils.c b/usr/src/lib/passwdutil/switch_utils.c index 9a1e2d6219..77680a36ef 100644 --- a/usr/src/lib/passwdutil/switch_utils.c +++ b/usr/src/lib/passwdutil/switch_utils.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -367,10 +366,10 @@ str2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen) * than 60001 (the rfs limit). If it met either of * these conditions, the uid was translated to 60001. * - * Now we just check for negative uids; anything else + * Now we just check for ephemeral uids; anything else * is administrative policy */ - if (passwd->pw_uid < 0) + if (passwd->pw_uid > MAXUID) passwd->pw_uid = UID_NOBODY; } if (*next++ != ':') { @@ -396,7 +395,7 @@ str2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen) * gid should be non-negative; anything else * is administrative policy. */ - if (passwd->pw_gid < 0) + if (passwd->pw_gid > MAXUID) passwd->pw_gid = GID_NOBODY; } if (*next++ != ':') { |