2111fc7126
zfs_access uses secpolicy_vnode_access, so it makes no sense for the latter to call VOP_ACCESS! Everything seems to return EACCES instead of EPERM, probably because that's what kauth returns. This should be fixed, but that may require some nontrivial surgery to zfs's calls to secpolicy_*, which is where kauth gets involved. This commit imports some code from illumos to implement the routine secpolicy_vnode_setattr. This shouldn't be outside dist/, but for now it is expedient to do so. We ought to fix that, along with all the other CDDL code outside dist/, when we next import a newer version of zfs.