Home
last modified time | relevance | path

Searched full:acl (Results 1 – 25 of 612) sorted by relevance

12345678910>>...25

/freebsd/bin/setfacl/
H A Dsetfacl.132 .Nd set ACL information
55 Modify the ACL on the specified files by inserting new
64 Remove all ACL entries except for the ones synthesized
66 of POSIX.1e ACL.
67 If the POSIX.1e ACL contains a
71 entry in the resulting ACL will be set to the permission
76 entries of the current ACL.
78 The operations apply to the default ACL entries instead of
79 access ACL entries.
81 default ACL's.
[all …]
H A Dsetfacl.c28 #include <sys/acl.h>
44 #define OP_MERGE_ACL 0x00 /* merge acl's (-mM) */
45 #define OP_REMOVE_DEF 0x01 /* remove default acl's (-k) */
46 #define OP_REMOVE_EXT 0x02 /* remove extended acl's (-b) */
47 #define OP_REMOVE_ACL 0x03 /* remove acl's (-xX) */
48 #define OP_REMOVE_BY_NUMBER 0x04 /* remove acl's (-xX) by acl entry number */
51 /* TAILQ entry for acl operations */
54 acl_t acl; member
71 static acl_t clear_inheritance_flags(acl_t acl);
128 * The acl argument is assumed to be valid.
[all …]
H A Dmask.c28 #include <sys/acl.h>
35 /* set the appropriate mask the given ACL's */
40 acl_t acl; in set_acl_mask() local
48 * entry in the resulting ACL shall be set to the permissions in the in set_acl_mask()
49 * specified ACL mask entry. in set_acl_mask()
54 acl = acl_dup(*prev_acl); in set_acl_mask()
55 if (acl == NULL) in set_acl_mask()
61 * specified, then the permissions of the resulting ACL mask in set_acl_mask()
64 * class in the resulting ACL in set_acl_mask()
66 if (acl_calc_mask(&acl)) { in set_acl_mask()
[all …]
/freebsd/contrib/libarchive/libarchive/
H A Darchive_disk_acl_freebsd.c43 #include <sys/acl.h>
107 struct archive_entry *entry, acl_t acl, int default_entry_acl_type) in translate_acl() argument
125 // Make sure the "brand" on this ACL is consistent in translate_acl()
127 if (acl_get_brand_np(acl, &brand) != 0) { in translate_acl()
129 "Failed to read ACL brand"); in translate_acl()
140 "Invalid ACL entry type for POSIX.1e ACL"); in translate_acl()
147 "Invalid ACL entry type for NFSv4 ACL"); in translate_acl()
153 "Unknown ACL brand"); in translate_acl()
158 s = acl_get_entry(acl, ACL_FIRST_ENTRY, &acl_entry); in translate_acl()
161 "Failed to get first ACL entry"); in translate_acl()
[all …]
H A Darchive_entry_acl.3111 The ACL interface of
115 various levels of ACL support in operating systems, file systems and archive
118 A POSIX.1e ACL consists of a number of independent entries.
155 model and specify non-extended ACL entries.
157 All files have an access ACL
160 Directories have an additional ACL
162 which controls the initial access ACL for newly-created directory entries.
164 A NFSv4 ACL consists of multiple individual entries called Access Control
241 Read file or directory ACL.
243 Write file or directory ACL
[all...]
H A Darchive_acl.c51 static int acl_special(struct archive_acl *acl,
53 static struct archive_acl_entry *acl_new_entry(struct archive_acl *acl,
55 static int archive_acl_add_entry_len_l(struct archive_acl *acl,
58 static int archive_acl_text_want_type(struct archive_acl *acl, int flags);
59 static size_t archive_acl_text_len(struct archive_acl *acl, int want_type,
130 archive_acl_clear(struct archive_acl *acl) in archive_acl_clear() argument
134 while (acl->acl_head != NULL) { in archive_acl_clear()
135 ap = acl->acl_head->next; in archive_acl_clear()
136 archive_mstring_clean(&acl->acl_head->name); in archive_acl_clear()
137 free(acl->acl_head); in archive_acl_clear()
[all …]
/freebsd/sys/net80211/
H A Dieee80211_acl.c30 * IEEE 802.11 MAC ACL support.
60 ACL_POLICY_OPEN = 0, /* open, don't check ACL's */
68 ACL_POLICY_RADIUS = 7, /* defer to RADIUS ACL server */
73 struct acl { struct
74 TAILQ_ENTRY(acl) acl_list;
75 LIST_ENTRY(acl) acl_hash;
82 TAILQ_HEAD(, acl) as_list; /* list of all ACL's */
83 LIST_HEAD(, acl) as_hash[ACL_HASHSIZE];
91 static MALLOC_DEFINE(M_80211_ACL, "acl", "802.11 station acl");
107 ACL_LOCK_INIT(as, "acl"); in acl_attach()
[all …]
/freebsd/crypto/heimdal/lib/krb5/
H A Dacl.c47 free_retv(struct acl_field *acl) in free_retv() argument
49 while(acl != NULL) { in free_retv()
50 if (acl->type == acl_retval) { in free_retv()
51 if (*acl->u.retv) in free_retv()
52 free(*acl->u.retv); in free_retv()
53 *acl->u.retv = NULL; in free_retv()
55 acl = acl->next; in free_retv()
60 acl_free_list(struct acl_field *acl, int retv) in acl_free_list() argument
64 free_retv(acl); in acl_free_list()
65 while(acl != NULL) { in acl_free_list()
[all …]
/freebsd/sys/kern/
H A Dsubr_acl_posix1e.c33 * ACL support routines specific to POSIX.1e access control lists. These are
47 #include <sys/acl.h>
50 * Implement a version of vaccess() that understands POSIX.1e ACL semantics;
51 * the access ACL has already been prepared for evaluation by the file system
52 * and is passed via 'uid', 'gid', and 'acl'. Return 0 on success, else an
57 struct acl *acl, accmode_t accmode, struct ucred *cred) in vaccess_acl_posix1e() argument
96 if ((accmode & VEXEC) && (acl_posix1e_acl_to_mode(acl) & in vaccess_acl_posix1e()
119 for (i = 0; i < acl->acl_cnt; i++) { in vaccess_acl_posix1e()
120 switch (acl->acl_entry[i].ae_tag) { in vaccess_acl_posix1e()
126 if (acl->acl_entry[i].ae_perm & ACL_EXECUTE) in vaccess_acl_posix1e()
[all …]
H A Dvfs_acl.c38 * ACL system calls and other functions common across different ACL types.
57 #include <sys/acl.h>
64 MALLOC_DEFINE(M_ACL, "acl", "Access Control Lists");
67 acl_type_t type, struct acl *aclp, int follow);
71 acl_type_t type, struct acl *aclp, int follow);
73 acl_type_t type, const struct acl *aclp, int follow);
75 acl_type_t type, const struct acl *aclp);
77 acl_type_t type, struct acl *aclp);
79 acl_type_t type, const struct acl *aclp);
82 acl_copy_oldacl_into_acl(const struct oldacl *source, struct acl *dest) in acl_copy_oldacl_into_acl()
[all …]
/freebsd/lib/libc/posix1e/
H A Dacl_valid.c31 * acl_valid -- POSIX.1e ACL check routine
36 #include <sys/acl.h>
44 * acl_valid: accepts an ACL, returns 0 on valid ACL, -1 for invalid,
49 * true. POSIX.1e allows acl_valid() to reorder the ACL as it sees fit.
51 * This call is deprecated, as it doesn't ask whether the ACL is valid
56 acl_valid(acl_t acl) in acl_valid() argument
60 if (acl == NULL) { in acl_valid()
64 if (!_acl_brand_may_be(acl, ACL_BRAND_POSIX)) { in acl_valid()
68 _posix1e_acl_sort(acl); in acl_valid()
69 error = _posix1e_acl_check(acl); in acl_valid()
[all …]
H A Dacl.332 .Nm acl
33 .Nd introduction to the POSIX.1e/NFSv4 ACL security API
50 extensions defined that allow for ACL semantics alternative to
55 POSIX.1e describes a set of ACL manipulation routines to manage the
88 and may be used to copy the contents of an ACL entry.
95 and may be used to create an empty entry in an ACL.
112 and may be used to delete an entry from an ACL.
124 and may be used to duplicate an ACL structure.
128 and may be used to free userland working ACL storage.
132 and may be used to convert a text-form ACL into working ACL state, if
[all …]
H A Dacl_delete_entry.c31 #include <sys/acl.h>
45 * user or group. In NFSv4 ACL, there may be any number of them. We're in _entry_matches()
70 * acl_delete_entry() (23.4.9): remove the ACL entry indicated by entry_d
71 * from acl.
74 acl_delete_entry(acl_t acl, acl_entry_t entry_d) in acl_delete_entry() argument
79 if (acl == NULL || entry_d == NULL) { in acl_delete_entry()
84 if (_entry_brand(entry_d) != _acl_brand(acl)) { in acl_delete_entry()
89 if ((acl->ats_acl.acl_cnt < 1) || in acl_delete_entry()
90 (acl->ats_acl.acl_cnt > ACL_MAX_ENTRIES)) { in acl_delete_entry()
98 for (i = 0; i < acl->ats_acl.acl_cnt;) { in acl_delete_entry()
[all …]
H A Dacl_branding.c30 #include <sys/acl.h>
37 * of what "brand" ACL is: NFSv4, POSIX.1e or unknown. It happens
38 * automatically - for example, during acl_get_file(3) ACL gets
40 * ACL, if its brand is unknown it gets branded as NFSv4 if any of the
41 * NFSv4 permissions that are not valid for POSIX.1e ACL are set etc.
42 * Branding information is used for printing out the ACL (acl_to_text(3)),
44 * bits that are valid only for NFSv4 in ACL branded as POSIX.1e) etc.
58 * Return brand of an ACL.
61 _acl_brand(const acl_t acl) in _acl_brand() argument
64 return (acl->ats_brand); in _acl_brand()
[all …]
H A Dacl_valid.336 .Nd validate an ACL
43 .Fn acl_valid "acl_t acl"
45 .Fn acl_valid_fd_np "int fd" "acl_type_t type" "acl_t acl"
47 .Fn acl_valid_file_np "const char *path_p" "acl_type_t type" "acl_t acl"
49 .Fn acl_valid_link_np "const char *path_p" "acl_type_t type" "acl_t acl"
51 These functions check that the ACL referred to by the argument
52 .Va acl
56 checks this validity only with POSIX.1e ACL semantics, and irrespective
57 of the context in which the ACL is to be used.
63 allow an ACL to be checked in the context of a specific acl type,
[all …]
H A Dacl_set.c31 * acl_set_file -- set a file/directory ACL by name
36 #include <sys/acl.h>
48 * (the POSIX.1e semantic code will reject unsorted ACL submission). If it's
53 acl_set_file(const char *path_p, acl_type_t type, acl_t acl) in acl_set_file() argument
56 if (acl == NULL || path_p == NULL) { in acl_set_file()
61 if (_acl_type_not_valid_for_acl(acl, type)) { in acl_set_file()
65 if (_posix1e_acl(acl, type)) in acl_set_file()
66 _posix1e_acl_sort(acl); in acl_set_file()
68 acl->ats_cur_entry = 0; in acl_set_file()
70 return (__acl_set_file(path_p, type, &acl->ats_acl)); in acl_set_file()
[all …]
H A Dacl_delete_entry.332 .Nd delete an ACL entry from an ACL
39 .Fn acl_delete_entry "acl_t acl" "acl_entry_t entry_d"
41 .Fn acl_delete_entry_np "acl_t acl" "int index"
46 is a POSIX.1e call that removes the ACL entry
48 from ACL
49 .Fa acl .
52 function is a non-portable version that removes the ACL entry
55 from ACL
56 .Fa acl .
61 argument equal to zero will remove the first ACL entry.
[all …]
/freebsd/sys/sys/
H A Dacl.h46 * POSIX.1e and NFSv4 ACL types and related constants.
59 * Note that with NFSv4 ACLs, the maximum number of ACL entries one
67 * compatibility with pre-8.0 userland and change on-disk ACL layout.
78 #define NFS4_ACL_EXTATTR_NAME "nfs4.acl"
82 * "struct oldacl" is used in compatibility ACL syscalls and for on-disk
101 * Current "struct acl".
109 /* NFSv4 ACL inheritance. Unused in POSIX.1e ACLs. */
115 * Internal ACL structure, used in libc, kernel APIs and for on-disk
119 struct acl { struct
122 /* Will be required e.g. to implement NFSv4.1 ACL inheritance. */
[all …]
/freebsd/contrib/unbound/daemon/
H A Dacl_list.c55 struct acl_list* acl = (struct acl_list*)calloc(1, in acl_list_create() local
57 if(!acl) in acl_list_create()
59 acl->region = regional_create(); in acl_list_create()
60 if(!acl->region) { in acl_list_create()
61 acl_list_delete(acl); in acl_list_create()
64 return acl; in acl_list_create()
68 acl_list_delete(struct acl_list* acl) in acl_list_delete() argument
70 if(!acl) in acl_list_delete()
72 regional_destroy(acl->region); in acl_list_delete()
73 free(acl); in acl_list_delete()
78 acl_list_insert(struct acl_list * acl,struct sockaddr_storage * addr,socklen_t addrlen,int net,enum acl_access control,int complain_duplicates) acl_list_insert() argument
123 acl_list_str_cfg(struct acl_list * acl,const char * str,const char * s2,int complain_duplicates) acl_list_str_cfg() argument
147 acl_find_or_create_str2addr(struct acl_list * acl,const char * str,int is_interface,int port) acl_find_or_create_str2addr() argument
181 acl_find_or_create(struct acl_list * acl,struct sockaddr_storage * addr,socklen_t addrlen,enum acl_access control) acl_find_or_create() argument
229 acl_list_tags_cfg(struct acl_list * acl,const char * str,uint8_t * bitmap,size_t bitmaplen,int is_interface,int port) acl_list_tags_cfg() argument
249 acl_list_view_cfg(struct acl_list * acl,const char * str,const char * str2,struct views * vs,int is_interface,int port) acl_list_view_cfg() argument
269 acl_list_tag_action_cfg(struct acl_list * acl,struct config_file * cfg,const char * str,const char * tag,const char * action,int is_interface,int port) acl_list_tag_action_cfg() argument
362 acl_list_tag_data_cfg(struct acl_list * acl,struct config_file * cfg,const char * str,const char * tag,const char * data,int is_interface,int port) acl_list_tag_data_cfg() argument
416 read_acl_list(struct acl_list * acl,struct config_str2list * acls) read_acl_list() argument
429 read_acl_view(struct acl_list * acl,struct config_str2list ** acl_view,struct views * v) read_acl_view() argument
452 read_acl_tags(struct acl_list * acl,struct config_strbytelist ** acl_tags) read_acl_tags() argument
474 read_acl_tag_actions(struct acl_list * acl,struct config_file * cfg,struct config_str3list ** acl_tag_actions) read_acl_tag_actions() argument
500 read_acl_tag_datas(struct acl_list * acl,struct config_file * cfg,struct config_str3list ** acl_tag_datas) read_acl_tag_datas() argument
525 acl_list_apply_cfg(struct acl_list * acl,struct config_file * cfg,struct views * v) acl_list_apply_cfg() argument
771 acl_get_control(struct acl_addr * acl) acl_get_control() argument
778 acl_addr_lookup(struct acl_list * acl,struct sockaddr_storage * addr,socklen_t addrlen) acl_addr_lookup() argument
786 acl_list_get_mem(struct acl_list * acl) acl_list_get_mem() argument
792 acl_access_to_str(enum acl_access acl) acl_access_to_str() argument
809 log_acl_action(const char * action,struct sockaddr_storage * addr,socklen_t addrlen,enum acl_access acl,struct acl_addr * acladdr) log_acl_action() argument
[all...]
/freebsd/tests/sys/cddl/zfs/tests/acl/nontrivial/
H A Dnontrivial_test.sh30 atf_set "descr" "Verify illegal operating to ACL, it will fail."
36 . $(atf_get_srcdir)/../acl.cfg
45 . $(atf_get_srcdir)/../acl.cfg
54 atf_set "descr" "Verify acl after upgrading."
61 . $(atf_get_srcdir)/../acl.cfg
70 . $(atf_get_srcdir)/../acl.cfg
86 . $(atf_get_srcdir)/../acl.cfg
95 . $(atf_get_srcdir)/../acl.cfg
104 atf_set "descr" "chmod A{+|=} should set compact ACL correctly."
110 . $(atf_get_srcdir)/../acl.cfg
[all …]
/freebsd/sys/ufs/ufs/
H A Dufs_acl.c45 #include <sys/acl.h>
52 #include <ufs/ufs/acl.h>
61 FEATURE(ufs_acl, "ACL support for UFS");
64 * Synchronize an ACL and an inode by copying over appropriate inode fields
65 * to the passed ACL. Assumes an ACL that would satisfy acl_posix1e_check(),
69 ufs_sync_acl_from_inode(struct inode *ip, struct acl *acl) in ufs_sync_acl_from_inode() argument
81 for (i = 0; i < acl->acl_cnt; i++) { in ufs_sync_acl_from_inode()
82 switch (acl->acl_entry[i].ae_tag) { in ufs_sync_acl_from_inode()
84 acl->acl_entry[i].ae_perm = acl_posix1e_mode_to_perm( in ufs_sync_acl_from_inode()
86 acl->acl_entry[i].ae_id = ACL_UNDEFINED_ID; in ufs_sync_acl_from_inode()
[all …]
/freebsd/tests/sys/acl/
H A Dacl-api-test.c28 #include <sys/acl.h>
37 * gcc -I/path/to/atf/include -L/path/to/atf/lib -latf-c -lacl acl-api-test.c
40 #include <acl/libacl.h>
81 acl_t acl; in ATF_TC_BODY() local
85 acl = acl_from_mode_np(src_mode); in ATF_TC_BODY()
86 ATF_REQUIRE(acl != NULL); in ATF_TC_BODY()
88 ATF_CHECK_EQ(0, acl_equiv_mode_np(acl, &equiv_mode)); in ATF_TC_BODY()
91 acl_free(acl); in ATF_TC_BODY()
101 acl_t acl; in ATF_TC_BODY() local
106 acl = acl_init(1); in ATF_TC_BODY()
[all …]
/freebsd/contrib/bsnmp/snmp_vacm/
H A Dvacm_snmp.c267 struct vacm_access *acl; in op_vacm_access() local
271 if ((acl = vacm_get_access_rule(&val->var, sub)) == NULL) in op_vacm_access()
276 if ((acl = vacm_get_next_access_rule(&val->var, sub)) == NULL) in op_vacm_access()
278 vacm_append_access_rule_index(&val->var, sub, acl); in op_vacm_access()
282 if ((acl = vacm_get_access_rule(&val->var, sub)) == NULL && in op_vacm_access()
285 if (acl != NULL && community != COMM_INITIALIZE && in op_vacm_access()
286 acl->type == StorageType_readOnly) in op_vacm_access()
291 ctx->scratch->int1 = acl->ctx_match; in op_vacm_access()
293 acl->ctx_match = 1; in op_vacm_access()
295 acl->ctx_match = 0; in op_vacm_access()
[all …]
/freebsd/share/man/man9/
H A DVOP_ACLCHECK.937 .Fn VOP_ACLCHECK "struct vnode *vp" "acl_type_t type" "struct acl *aclp" "struct ucred *cred" "stru…
40 control list (ACL) for a particular file or directory.
47 The type of ACL to check.
49 A pointer to an ACL structure from which to retrieve the ACL data.
53 The thread checking the ACL.
61 kernel to authorize ACL verification that the active process might not be
64 The vnode ACL interface defines the syntax, and not semantics, of file and
65 directory ACL interfaces.
66 More information about ACL management in kernel
68 .Xr acl 9 .
[all …]
H A DVOP_SETACL.937 .Fn VOP_SETACL "struct vnode *vp" "acl_type_t type" "struct acl *aclp" "struct ucred *cred" "struct…
39 This vnode call may be used to set the access control list (ACL) for a file
47 The type of ACL to set.
49 A pointer to an ACL structure from which to retrieve the ACL data.
53 The thread setting the ACL.
60 to indicate that the specified ACL should be deleted.
67 This cred setting might be used to allow the kernel to authorize ACL
70 The vnode ACL interface defines the syntax, and not semantics, of file and
71 directory ACL interfaces.
72 More information about ACL management in kernel
[all …]

12345678910>>...25