Rename PRIV_VFS_CLEARSUGID to PRIV_VFS_RETAINSUGID, which seems to better

describe the privilege. OK'ed by: rwatson
2007-03-01 20:47:42 +00:00 · 2007-03-01 20:47:42 +00:00 · bb531912ff
commit bb531912ff
parent 3b2eb461e0
5 changed files with 8 additions and 7 deletions
--- a/sys/gnu/fs/ext2fs/ext2_vnops.c
+++ b/sys/gnu/fs/ext2fs/ext2_vnops.c
@ -597,7 +597,7 @@ ext2_chown(vp, uid, gid, cred, td)
 	ip->i_uid = uid;
 	ip->i_flag |= IN_CHANGE;
 	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
-		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL) != 0)
 			ip->i_mode &= ~(ISUID | ISGID);
 	}
@ -1648,7 +1648,7 @@ ext2_makeinode(mode, dvp, vpp, cnp)
 	tvp->v_type = IFTOVT(mode);	/* Rest init'd in getnewvnode(). */
 	ip->i_nlink = 1;
 	if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred)) {
-		if (priv_check_cred(cnp->cn_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(cnp->cn_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL))
 			ip->i_mode &= ~ISGID;
 	}
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@ -638,7 +638,7 @@ prison_priv_check(struct ucred *cred, int priv)
 	case PRIV_VFS_CHFLAGS_DEV:
 	case PRIV_VFS_CHOWN:
 	case PRIV_VFS_CHROOT:
-	case PRIV_VFS_CLEARSUGID:
+	case PRIV_VFS_RETAINSUGID:
 	case PRIV_VFS_FCHROOT:
 	case PRIV_VFS_LINK:
 	case PRIV_VFS_SETGID:
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@ -238,7 +238,7 @@
 #define	PRIV_VFS_CHFLAGS_DEV	316	/* Can chflags() a device node. */
 #define	PRIV_VFS_CHOWN		317	/* Can set user; group to non-member. */
 #define	PRIV_VFS_CHROOT		318	/* chroot(). */
-#define	PRIV_VFS_CLEARSUGID	319	/* Don't clear sugid on change. */
+#define	PRIV_VFS_RETAINSUGID	319	/* Can retain sugid bits on change. */
 #define	PRIV_VFS_EXCEEDQUOTA	320	/* Exempt from quota restrictions. */
 #define	PRIV_VFS_EXTATTR_SYSTEM	321	/* Operate on system EA namespace. */
 #define	PRIV_VFS_FCHROOT	322	/* fchroot(). */
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@ -790,7 +790,7 @@ ffs_write(ap)
 	 */
 	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid &&
 	    ap->a_cred) {
-		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			DIP_SET(ip, i_mode, ip->i_mode);
@ -1118,7 +1118,7 @@ ffs_extwrite(struct vnode *vp, struct uio *uio, int ioflag, struct ucred *ucred)
 	 * tampering.
 	 */
 	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ucred) {
-		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			dp->di_mode = ip->i_mode;
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@ -787,7 +787,8 @@ ufs_chown(vp, uid, gid, cred, td)
 #endif /* QUOTA */
 	ip->i_flag |= IN_CHANGE;
 	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
-		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
+		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID,
+		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			DIP_SET(ip, i_mode, ip->i_mode);
 		}