264 Commits

Author SHA1 Message Date
Edward Tomasz Napierala
181b4eebb9 Make it possible to use permission sets (full_set, modify_set, read_set
and write_set) with setfacl(1).

PR:		kern/154113
Submitted by:	Shawn Webb <lattera at gmail dot com> (earlier version)
MFC after:	1 month
2011-04-09 07:42:25 +00:00
Edward Tomasz Napierala
cdec385674 Move the code around so that libc behaviour does not depend on a variable
that was supposed to be kernel-only.  There should be no functional changes.
2011-03-22 17:44:07 +00:00
Edward Tomasz Napierala
e43af6d3b6 Make acl_strip_np(3) use new trivial ACL format for NFSv4 ACls (three
entries instead of six).  This makes "setfacl -b" do the right thing
for ACLs on ZFS.  UFS recognizes both kinds of trivial ACLs; no change
there.

MFC after:	2 months
2011-03-04 17:23:10 +00:00
Edward Tomasz Napierala
2506c55201 Bump manual page date. 2010-12-13 19:03:10 +00:00
Edward Tomasz Napierala
eda09cb3ff After PSARC/2010/029, "canonical six" no longer exists. 2010-12-13 19:01:23 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Edward Tomasz Napierala
4089cc8aa1 First step at adopting FreeBSD to support PSARC/2010/029. This makes
acl_is_trivial_np(3) properly recognize the new trivial ACLs.  From
the user point of view, that means "ls -l" no longer shows plus signs
for all the files when running ZFS v28.
2010-09-20 17:10:06 +00:00
Edward Tomasz Napierala
781413510d Arrgh, tested wrong source tree _again_. Fix previous commit. Also,
this and previous one are MFC candidate.

MFC after:	1 month
2010-09-09 20:37:19 +00:00
Edward Tomasz Napierala
7eaa29b5d8 Add minor optimization. It's less strict than its kernel counterpart
due to upcoming ACL changes required by the new ZFS.
2010-09-09 20:07:40 +00:00
Joel Dahl
edfa427cf1 Spelling fixes. 2010-08-02 16:01:45 +00:00
Edward Tomasz Napierala
f59646c2af Fix acl_from_text(3) - and, therefore, setfacl(1) - for user and group
names names starting with a digit.

MFC after:	1 month
2010-07-06 17:20:08 +00:00
Edward Tomasz Napierala
ec1f83f78e Remove comment which didn't match reality for a long time.
Reviewed by:	rwatson
2010-07-05 19:01:10 +00:00
Tim Kientzle
2ca090b308 Separate _posix1e_acl_id_to_name() into a separate file, to
break an unnecessary dependency on getpwuid() and getgrgid().

MFC after: 1 month
2010-06-14 02:26:13 +00:00
Edward Tomasz Napierala
eec80038e3 Don't use pointer to 64 bit value (id_t) to point to 32 bit value (uid_t).
Found with:	Coverity Prevent
CID:		7466, 7467
MFC after:	2 weeks
2010-06-05 07:40:32 +00:00
Edward Tomasz Napierala
a3a11ad455 Don't forget to free the string in error case.
Found with:	Coverity Prevent
CID:		6585
2010-06-03 14:51:29 +00:00
Edward Tomasz Napierala
d72fb30a43 _posix1e_acl_sort() never returns anything other than 0; change its
return type to void and update callers.  This simplifies code and
fixes one place where the returned value was not actually checked.

Found with:	Coverity Prevent
CID:		4791
2010-06-03 14:29:17 +00:00
Edward Tomasz Napierala
7945d60d1e Fix usage of uninitialized variable.
Found with:	Coverity Prevent
CID:		7517
MFC after:	2 weeks
2010-06-03 14:27:18 +00:00
Edward Tomasz Napierala
18c12a53a1 The 'acl_cnt' field is unsigned; no point in checking if it's >= 0.
Found with:	Coverity Prevent
CID:		6192
2010-06-03 14:16:58 +00:00
Edward Tomasz Napierala
d243a85e99 The 'acl_cnt' field is unsigned; no point in checking if it's >= 0.
Found with:	Coverity Prevent
CID:		6193
2010-06-03 14:15:08 +00:00
Edward Tomasz Napierala
9fcd375657 Make acl_get_perm_np(3) work with NFSv4 ACLs.
Reviewed by:	kientzle@
MFC after:	1 week
2010-05-23 08:12:36 +00:00
Edward Tomasz Napierala
1ccc2ae37f Make branding less intrusive - in acl_set(3), in case ACL brand
is ACL_BRAND_UNKNOWN, do what the programmer says instead of failing.

MFC after:	1 week
2010-05-13 16:44:27 +00:00
Edward Tomasz Napierala
6a3cf4c80b Make it possible to actually use NFSv4 permission bits with acl_set_perm(3)
and acl_delete_perm(3).  It went undetected, because neither setfacl(1)
nor Samba use this routines.  D'oh.

MFC after:	1 week
2010-05-13 16:42:01 +00:00
Ulrich Spörlein
aa12cea2cc mdoc: order prologue macros consistently by Dd/Dt/Os
Although groff_mdoc(7) gives another impression, this is the ordering
most widely used and also required by mdocml/mandoc.

Reviewed by:	ru
Approved by:	philip, ed (mentors)
2010-04-14 19:08:06 +00:00
Edward Tomasz Napierala
48463a6747 Make acl_to_text_np(3) not crash on long group or user names in NFSv4 ACLs.
PR:		amd64/145091
MFC after:	2 weeks
2010-03-28 17:29:15 +00:00
Joel Dahl
a303eae7c8 Switch to our preferred license text.
Approved by:	jedgar
2010-03-07 07:59:05 +00:00
Joel Dahl
a4481a8745 Use our standard license text. No more voices in the authors head. :-)
Approved by:	trasz
2010-03-04 19:38:24 +00:00
Tom Rhodes
e5bc56aeae s/APIS/APIs - not part of the original submission. 2010-02-11 19:20:06 +00:00
Tom Rhodes
0fe71aba5c Correct two typoes.
Submitted by:	Matthew Seaman <m.seaman@infracaninophile.co.uk>
2010-02-11 14:45:00 +00:00
Ed Schouten
442aea92f6 Don't forget to clean up the file copied from the kernel sources.
MFC after:	1 week
2010-01-02 20:27:14 +00:00
Markus Brueffer
78da985f4e Use a local copy of entry_d for finding matches. Otherwise, if entry_d pointed
to an entry of 'acl', all ACL entries starting with entry_d would be deleted.

Reviewed by:	trasz
Approved by:	emax (mentor)
MFC after:	3 days
2009-12-25 18:05:06 +00:00
Ed Schouten
dc29acd1a9 Don't let the C library depend on <utmp.h>.
The maximum length of a username has nothing to do with the size of the
username in the utmp files. Use MAXLOGNAME, which is defined as 17
(UT_USERSIZE + 1).
2009-12-05 19:04:21 +00:00
Christian Brueffer
4f6d5fda02 Fix a memory leak in acl_from_text() in case the conversion succeeded.
Submitted by:	Jim Wilcoxson <prirun@gmail.com>
MFC after:	1 week
2009-11-16 09:28:22 +00:00
Edward Tomasz Napierala
59831d7595 Fix regression introduced with NFSv4 ACL support - make acl_to_text(3)
and acl_calc_mask(3) return error instead of crashing when acl passed
to them is NULL.

Submitted by:	markus
Reviewed by:	rwatson
MFC after:	3 days
2009-09-01 18:30:17 +00:00
Tim Kientzle
e0fdd85ff7 Style: Remove trailing whitespace. 2009-08-29 03:17:24 +00:00
Robert Watson
3a67af38ba Update posix1e-related man pages, especially as relates to MAC, to more
accurately reflect the last ten years of work.

Approved by:	re (kib)
2009-08-12 10:46:48 +00:00
Edward Tomasz Napierala
ec71a417a8 Add missing MLINKS for acl_{get,set}_link_fd(3).
Approved by:	re (kib)
2009-07-14 19:37:53 +00:00
Edward Tomasz Napierala
c3380d406a Fix acl_set_fd(3) and acl_get_fd(3) for cases where the kernel doesn't know
anything about _PC_ACL_NFS4.
2009-06-25 20:57:53 +00:00
Edward Tomasz Napierala
b372d0d8bc Manual page tweaks. 2009-06-25 16:34:29 +00:00
Edward Tomasz Napierala
85e71e24c5 Fix c194955 - somehow I managed all the new files, tripling their
contents.
2009-06-25 13:08:02 +00:00
Edward Tomasz Napierala
ca48e73a18 Bump manual page timestamps. 2009-06-25 12:53:50 +00:00
Edward Tomasz Napierala
aa015c8e4a Add NFSv4 ACL support to libc.
This adds the following functions to the acl(3) API: acl_add_flag_np,
acl_clear_flags_np, acl_create_entry_np, acl_delete_entry_np,
acl_delete_flag_np, acl_get_extended_np, acl_get_flag_np, acl_get_flagset_np,
acl_set_extended_np, acl_set_flagset_np, acl_to_text_np, acl_is_trivial_np,
acl_strip_np, acl_get_brand_np.  Most of them are similar to what Darwin
does.  There are no backward-incompatible changes.

Approved by:    rwatson@
2009-06-25 12:46:59 +00:00
Edward Tomasz Napierala
60a8b6022d Fix off by one error in acl_create_entry(3).
Reviewed by:	rwatson@
MFC after:	2 weeks
2009-05-28 07:20:52 +00:00
Edward Tomasz Napierala
b7014134a7 Change license to more bori^Wadul^Wcanonical.
Submitted by:	rwatson@
2009-05-26 11:42:06 +00:00
Edward Tomasz Napierala
f24f1c51d3 Improve API documentation.
Reviewed by:	rwatson (earlier version)
2009-05-23 13:51:05 +00:00
Edward Tomasz Napierala
ae1add4e55 Make 'struct acl' larger, as required to support NFSv4 ACLs. Provide
compatibility interfaces in both kernel and libc.

Reviewed by:	rwatson
2009-05-22 15:56:43 +00:00
Christian Brueffer
a9ffff74c5 Since audit(4) isn't based on posix1e, remove the commented out audit.h header,
xref libbsm(3).

Submitted by:	rwatson
MFC after:	3 days
2009-05-19 22:28:33 +00:00
Edward Tomasz Napierala
5d8532a1b1 Fix typo. 2009-04-26 10:12:20 +00:00
Warner Losh
68b2399298 Replace the non-standard disclaimer with the standard one from /COPYRIGHT
Approved by:	jedgar@
2008-11-04 00:20:43 +00:00
Robert Watson
0d01d41007 The libc acl_valid(3) function validates the contents of a POSIX.1e ACL.
This change removes the requirement that an ACL contain no ACL_USER
entries with a uid the same as those of a file, or ACL_GROUP entries
with a gid the same as those of a file.  This requirement is not in the
specification, and not enforced by the kernel's ACL implementation.

Reported by:	Iustin Pop <iusty at k1024 dot org>
MFC after:	1 week
2008-07-13 16:37:51 +00:00
Robert Watson
cee815cf77 Add __FBSDID() tags.
MFC after:	3 days
2008-03-07 15:25:56 +00:00