2012-03-14 15:44:42 +04:00
|
|
|
.\" $NetBSD: genfs.9,v 1.2 2012/03/14 11:44:42 wiz Exp $
|
2012-03-13 22:40:26 +04:00
|
|
|
.\"
|
|
|
|
.\" Copyright 2012 Elad Efrat <elad@NetBSD.org>
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\" 3. The name of the author may not be used to endorse or promote products
|
|
|
|
.\" derived from this software without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
|
|
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
|
|
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
|
|
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
|
|
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
|
|
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
|
|
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
|
|
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
|
|
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
.Dd March 1, 2012
|
|
|
|
.Dt GENFS 9
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm genfs
|
2012-03-14 15:44:42 +04:00
|
|
|
.Nd genfs routines
|
2012-03-13 22:40:26 +04:00
|
|
|
.Sh SYNOPSIS
|
|
|
|
.In miscfs/genfs/genfs.h
|
|
|
|
.Ft int
|
|
|
|
.Fn genfs_can_access "enum vtype type" "mode_t file_mode" "uid_t uid" \
|
|
|
|
"gid_t gid" "mode_t acc_mode" "kauth_cred_t cred"
|
|
|
|
.Ft int
|
2012-03-14 15:44:42 +04:00
|
|
|
.Fn genfs_can_chflags "kauth_cred_t cred" "enum vtype type" "uid_t owner_uid" \
|
|
|
|
"bool changing_sysflags"
|
|
|
|
.Ft int
|
2012-03-13 22:40:26 +04:00
|
|
|
.Fn genfs_can_chmod "enum vtype type" "kauth_cred_t cred" "uid_t cur_uid" \
|
|
|
|
"gid_t cur_gid" "mode_t new_mode"
|
|
|
|
.Ft int
|
|
|
|
.Fn genfs_can_chown "kauth_cred_t cred" "uid_t cur_uid" "gid_t cur_gid" \
|
|
|
|
"uid_t new_uid" "gid_t new_gid"
|
|
|
|
.Ft int
|
|
|
|
.Fn genfs_can_chtimes "vnode_t *vp" "u_int vaflags" "uid_t owner_uid" \
|
|
|
|
"kauth_cred_t cred"
|
|
|
|
.Ft int
|
|
|
|
.Fn genfs_can_extattr "kauth_cred_t cred" "int access_mode" "vnode_t *vp" \
|
|
|
|
"const char *attr"
|
2012-03-14 15:44:42 +04:00
|
|
|
.Ft int
|
|
|
|
.Fn genfs_can_sticky "kauth_cred_t cred" "uid_t dir_uid" "uid_t file_uid"
|
2012-03-13 22:40:26 +04:00
|
|
|
.Sh DESCRIPTION
|
|
|
|
The functions documented here are general routines for internal use in
|
2012-03-14 15:44:42 +04:00
|
|
|
file systems to implement common policies for performing various operations.
|
2012-03-13 22:40:26 +04:00
|
|
|
The developer must understand that these routines implement no system-wide
|
|
|
|
policies and only take into account the object being accessed and the
|
|
|
|
nominal values of the credentials accessing it.
|
|
|
|
.Pp
|
2012-03-14 15:44:42 +04:00
|
|
|
In other words, these functions are not meant to be called directly.
|
2012-03-13 22:40:26 +04:00
|
|
|
They are intended to be used in
|
|
|
|
.Xr kauth 9
|
2012-03-14 15:44:42 +04:00
|
|
|
vnode scope authorization calls, for providing the fall-back file system
|
2012-03-13 22:40:26 +04:00
|
|
|
decision.
|
|
|
|
.Pp
|
|
|
|
As a rule of thumb, code that looks like this is wrong:
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
error = genfs_can_foo(...); /* WRONG */
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
While code that looks like this is right:
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
error = kauth_authorize_vnode(..., genfs_can_foo(...));
|
|
|
|
.Ed
|
|
|
|
.Sh FUNCTIONS
|
|
|
|
.Bl -tag -width compact
|
|
|
|
.It Fn genfs_can_access "enum vtype type" "mode_t file_mode" "uid_t uid" \
|
|
|
|
"gid_t gid" "mode_t acc_mode" "kauth_cred_t cred"
|
|
|
|
Implements file access checking based on traditional Unix permissions.
|
2012-03-14 15:44:42 +04:00
|
|
|
.It Fn genfs_can_chflags "kauth_cred_t cred" "enum vtype type" \
|
|
|
|
"uid_t owner_uid" "bool changing_sysflags"
|
|
|
|
Implements
|
|
|
|
.Xr chflags 2
|
|
|
|
policy.
|
2012-03-13 22:40:26 +04:00
|
|
|
.It Fn genfs_can_chmod "enum vtype type" "kauth_cred_t cred" "uid_t cur_uid" \
|
|
|
|
"gid_t cur_gid" "mode_t new_mode"
|
|
|
|
Implements
|
|
|
|
.Xr chmod 2
|
|
|
|
policy.
|
|
|
|
.It Fn genfs_can_chown "kauth_cred_t cred" "uid_t cur_uid" "gid_t cur_gid" \
|
|
|
|
"uid_t new_uid" "gid_t new_gid"
|
|
|
|
Implements
|
|
|
|
.Xr chown 2
|
|
|
|
policy.
|
|
|
|
.It Fn genfs_can_chtimes "vnode_t *vp" "u_int vaflags" "uid_t owner_uid" \
|
|
|
|
"kauth_cred_t cred"
|
|
|
|
Implements
|
|
|
|
.Xr utimes 2
|
|
|
|
policy.
|
|
|
|
.It Fn genfs_can_extattr "kauth_cred_t cred" "int access_mode" "vnode_t *vp" \
|
|
|
|
"const char *attr"
|
|
|
|
Implements extended attributes access policy.
|
2012-03-14 15:44:42 +04:00
|
|
|
.It Fn genfs_can_sticky "kauth_cred_t cred" "uid_t dir_uid" "uid_t file_uid"
|
|
|
|
Implements rename and delete policy from sticky directories.
|
2012-03-13 22:40:26 +04:00
|
|
|
.El
|
|
|
|
.Sh SEE ALSO
|
|
|
|
.Xr kauth 9
|
|
|
|
.Sh AUTHORS
|
|
|
|
.An Elad Efrat Aq elad@NetBSD.org
|
|
|
|
wrote this manual page.
|