2001-08-27 17:44:22 +00:00
|
|
|
.\"-
|
|
|
|
.\" Copyright (c) 2001 Robert N. M. Watson
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
.\" SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
.\" $FreeBSD$
|
|
|
|
.\"
|
|
|
|
.Dd August 22, 2001
|
|
|
|
.Os
|
|
|
|
.Dt VACCESS_ACL_POSIX1E 9
|
|
|
|
.Sh NAME
|
|
|
|
.Nm vaccess_acl_posix1e
|
2001-09-05 11:09:36 +00:00
|
|
|
.Nd generate a POSIX.1e ACL access control decision using vnode parameters
|
2001-08-27 17:44:22 +00:00
|
|
|
.Sh SYNOPSIS
|
2001-12-26 23:14:04 +00:00
|
|
|
.In sys/param.h
|
2001-08-27 17:44:22 +00:00
|
|
|
.In sys/vnode.h
|
|
|
|
.In sys/acl.h
|
|
|
|
.Ft int
|
|
|
|
.Fo vaccess_acl_posix1e
|
|
|
|
.Fa "enum vtype type"
|
|
|
|
.Fa "uid_t file_uid"
|
|
|
|
.Fa "gid_t file_gid"
|
|
|
|
.Fa "struct acl *acl"
|
|
|
|
.Fa "mode_t acc_mode"
|
|
|
|
.Fa "struct ucred *cred"
|
|
|
|
.Fa "int *privused"
|
|
|
|
.Fc
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
This call implements the logic for the
|
|
|
|
.Ux
|
|
|
|
discretionary file security model
|
|
|
|
with POSIX.1e ACL extensions.
|
|
|
|
It accepts the vnodes type
|
|
|
|
.Fa type ,
|
2001-09-05 11:09:36 +00:00
|
|
|
owning UID
|
2001-08-27 17:44:22 +00:00
|
|
|
.Fa file_uid ,
|
|
|
|
owning GID
|
|
|
|
.Fa file_gid ,
|
|
|
|
access ACL for the file
|
|
|
|
.Fa acl ,
|
|
|
|
desired access mode
|
|
|
|
.Fa acc_mode ,
|
|
|
|
requesting credential
|
|
|
|
.Fa cred ,
|
|
|
|
and an optional call-by-reference
|
|
|
|
.Vt int
|
|
|
|
pointer returning whether or not
|
|
|
|
privilege was required for successful evaluation of the call; the
|
|
|
|
.Fa privused
|
|
|
|
pointer may be set to
|
|
|
|
.Dv NULL
|
|
|
|
by the caller in order not to be informed of
|
|
|
|
privilege information, or it may point to an integer that will be set to
|
|
|
|
1 if privilege is used, and 0 otherwise.
|
|
|
|
.Pp
|
|
|
|
This call is intended to support implementations of
|
|
|
|
.Xr VOP_ACCESS 9 ,
|
2002-01-09 11:43:48 +00:00
|
|
|
which will use their own access methods to retrieve the vnode properties,
|
2001-08-27 17:44:22 +00:00
|
|
|
and then invoke
|
|
|
|
.Fn vaccess_acl_posix1e
|
|
|
|
in order to perform the actual check.
|
|
|
|
Implementations of
|
|
|
|
.Xr VOP_ACCESS 9
|
|
|
|
may choose to implement additional security mechanisms whose results will
|
|
|
|
be composed with the return value.
|
|
|
|
.Pp
|
|
|
|
The algorithm used by
|
|
|
|
.Fn vaccess_acl_posix1e
|
|
|
|
is based on the POSIX.1e ACL evaluation algorithm.
|
2001-09-05 11:09:36 +00:00
|
|
|
The algorithm selects a
|
|
|
|
.Em matching
|
|
|
|
entry from the access ACL, which may
|
2001-08-27 17:44:22 +00:00
|
|
|
then be composed with an available ACL mask entry, providing
|
|
|
|
.Ux
|
|
|
|
security compatibility.
|
|
|
|
.Pp
|
|
|
|
Once appropriate protections are selected for the current credential,
|
|
|
|
the requested access mode, in combination with the vnode type, will be
|
|
|
|
compared with the discretionary rights available for the credential.
|
|
|
|
If the rights granted by discretionary protections are insufficient,
|
|
|
|
then super-user privilege, if available for the credential, will also be
|
|
|
|
considered.
|
|
|
|
.Sh RETURN VALUES
|
|
|
|
.Fn vaccess_acl_posix1e
|
|
|
|
will return 0 on success, or a non-zero error value on failure.
|
|
|
|
.Sh ERRORS
|
|
|
|
.Bl -tag -width Er
|
|
|
|
.It Bq Er EACCES
|
|
|
|
Permission denied.
|
|
|
|
An attempt was made to access a file in a way forbidden by its file access
|
|
|
|
permissions.
|
|
|
|
.It Bq Er EPERM
|
|
|
|
Operation not permitted.
|
|
|
|
An attempt was made to perform an operation limited to processes with
|
|
|
|
appropriate privileges or to the owner of a file or other resource.
|
|
|
|
.El
|
|
|
|
.Sh SEE ALSO
|
|
|
|
.Xr vaccess 9 ,
|
|
|
|
.Xr vnode 9 ,
|
|
|
|
.Xr VOP_ACCESS 9
|
|
|
|
.Sh AUTHORS
|
2005-06-28 20:15:19 +00:00
|
|
|
This manual page and the current implementation of
|
2001-08-27 17:44:22 +00:00
|
|
|
.Fn vaccess_acl_posix1e
|
|
|
|
were written by
|
|
|
|
.An Robert Watson .
|
2001-09-05 11:09:36 +00:00
|
|
|
.Sh BUGS
|
2005-06-28 20:15:19 +00:00
|
|
|
This manual page should include a full description of the POSIX.1e ACL
|
2001-08-27 17:44:22 +00:00
|
|
|
evaluation algorithm, or cross reference another page that does.
|