| version 1.18.4.2, 2006/03/10 14:23:39 |
version 1.18.4.3, 2006/04/18 12:03:18 |
| Line 495 tmpfs_alloc_file(struct vnode *dvp, stru |
|
| Line 495 tmpfs_alloc_file(struct vnode *dvp, stru |
|
| parent = NULL; |
parent = NULL; |
| |
|
| /* Allocate a node that represents the new file. */ |
/* Allocate a node that represents the new file. */ |
| error = tmpfs_alloc_node(tmp, vap->va_type, cnp->cn_cred->cr_uid, |
error = tmpfs_alloc_node(tmp, vap->va_type, kauth_cred_geteuid(cnp->cn_cred), |
| dnode->tn_gid, vap->va_mode, parent, target, vap->va_rdev, |
dnode->tn_gid, vap->va_mode, parent, target, vap->va_rdev, |
| cnp->cn_lwp->l_proc, &node); |
cnp->cn_lwp->l_proc, &node); |
| if (error != 0) |
if (error != 0) |
| Line 970 tmpfs_chflags(struct vnode *vp, int flag |
|
| Line 970 tmpfs_chflags(struct vnode *vp, int flag |
|
| /* XXX: The following comes from UFS code, and can be found in |
/* XXX: The following comes from UFS code, and can be found in |
| * several other file systems. Shouldn't this be centralized |
* several other file systems. Shouldn't this be centralized |
| * somewhere? */ |
* somewhere? */ |
| if (cred->cr_uid != node->tn_uid && |
if (kauth_cred_geteuid(cred) != node->tn_uid && |
| (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
| &p->p_acflag))) |
&p->p_acflag))) |
| return error; |
return error; |
| if (cred->cr_uid == 0) { |
if (kauth_cred_geteuid(cred) == 0) { |
| /* The super-user is only allowed to change flags if the file |
/* The super-user is only allowed to change flags if the file |
| * wasn't protected before and the securelevel is zero. */ |
* wasn't protected before and the securelevel is zero. */ |
| if ((node->tn_flags & (SF_IMMUTABLE | SF_APPEND)) && |
if ((node->tn_flags & (SF_IMMUTABLE | SF_APPEND)) && |
| Line 1012 tmpfs_chflags(struct vnode *vp, int flag |
|
| Line 1012 tmpfs_chflags(struct vnode *vp, int flag |
|
| int |
int |
| tmpfs_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred, struct proc *p) |
tmpfs_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred, struct proc *p) |
| { |
{ |
| int error; |
int error, ismember = 0; |
| struct tmpfs_node *node; |
struct tmpfs_node *node; |
| |
|
| KASSERT(VOP_ISLOCKED(vp)); |
KASSERT(VOP_ISLOCKED(vp)); |
| Line 1030 tmpfs_chmod(struct vnode *vp, mode_t mod |
|
| Line 1030 tmpfs_chmod(struct vnode *vp, mode_t mod |
|
| /* XXX: The following comes from UFS code, and can be found in |
/* XXX: The following comes from UFS code, and can be found in |
| * several other file systems. Shouldn't this be centralized |
* several other file systems. Shouldn't this be centralized |
| * somewhere? */ |
* somewhere? */ |
| if (cred->cr_uid != node->tn_uid && |
if (kauth_cred_geteuid(cred) != node->tn_uid && |
| (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
| &p->p_acflag))) |
&p->p_acflag))) |
| return error; |
return error; |
| if (cred->cr_uid != 0) { |
if (kauth_cred_geteuid(cred) != 0) { |
| if (vp->v_type != VDIR && (mode & S_ISTXT)) |
if (vp->v_type != VDIR && (mode & S_ISTXT)) |
| return EFTYPE; |
return EFTYPE; |
| |
|
| if (!groupmember(node->tn_gid, cred) && (mode & S_ISGID)) |
if ((kauth_cred_ismember_gid(cred, node->tn_gid, |
| |
&ismember) != 0 || !ismember) && (mode & S_ISGID)) |
| return EPERM; |
return EPERM; |
| } |
} |
| |
|
|
|
| tmpfs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred, |
tmpfs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred, |
| struct proc *p) |
struct proc *p) |
| { |
{ |
| int error; |
int error, ismember = 0; |
| struct tmpfs_node *node; |
struct tmpfs_node *node; |
| |
|
| KASSERT(VOP_ISLOCKED(vp)); |
KASSERT(VOP_ISLOCKED(vp)); |
| Line 1091 tmpfs_chown(struct vnode *vp, uid_t uid, |
|
| Line 1092 tmpfs_chown(struct vnode *vp, uid_t uid, |
|
| /* XXX: The following comes from UFS code, and can be found in |
/* XXX: The following comes from UFS code, and can be found in |
| * several other file systems. Shouldn't this be centralized |
* several other file systems. Shouldn't this be centralized |
| * somewhere? */ |
* somewhere? */ |
| if ((cred->cr_uid != node->tn_uid || uid != node->tn_uid || |
if ((kauth_cred_geteuid(cred) != node->tn_uid || uid != node->tn_uid || |
| (gid != node->tn_gid && !(cred->cr_gid == node->tn_gid || |
(gid != node->tn_gid && !(kauth_cred_getegid(cred) == node->tn_gid || |
| groupmember(gid, cred)))) && |
(kauth_cred_ismember_gid(cred, gid, &ismember) == 0 && ismember)))) && |
| ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
| &p->p_acflag)) != 0)) |
&p->p_acflag)) != 0)) |
| return error; |
return error; |
| Line 1195 tmpfs_chtimes(struct vnode *vp, struct t |
|
| Line 1196 tmpfs_chtimes(struct vnode *vp, struct t |
|
| /* XXX: The following comes from UFS code, and can be found in |
/* XXX: The following comes from UFS code, and can be found in |
| * several other file systems. Shouldn't this be centralized |
* several other file systems. Shouldn't this be centralized |
| * somewhere? */ |
* somewhere? */ |
| if (cred->cr_uid != node->tn_uid && |
if (kauth_cred_geteuid(cred) != node->tn_uid && |
| (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, |
| &l->l_proc->p_acflag)) && |
&l->l_proc->p_acflag)) && |
| ((vaflags & VA_UTIMES_NULL) == 0 || |
((vaflags & VA_UTIMES_NULL) == 0 || |
![[BACK]](/icons/back.gif){kind=icon}
Return to tmpfs_subr.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / fs / tmpfs