1515d7c92SRobert Watson /*- 26394f703SRobert Watson * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson 3515d7c92SRobert Watson * All rights reserved. 4515d7c92SRobert Watson * 56394f703SRobert Watson * This software was developed by Robert Watson for the TrustedBSD Project. 66394f703SRobert Watson * 7515d7c92SRobert Watson * Redistribution and use in source and binary forms, with or without 8515d7c92SRobert Watson * modification, are permitted provided that the following conditions 9515d7c92SRobert Watson * are met: 10515d7c92SRobert Watson * 1. Redistributions of source code must retain the above copyright 11515d7c92SRobert Watson * notice, this list of conditions and the following disclaimer. 12515d7c92SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 13515d7c92SRobert Watson * notice, this list of conditions and the following disclaimer in the 14515d7c92SRobert Watson * documentation and/or other materials provided with the distribution. 15515d7c92SRobert Watson * 16515d7c92SRobert Watson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17515d7c92SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18515d7c92SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19515d7c92SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20515d7c92SRobert Watson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21515d7c92SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22515d7c92SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23515d7c92SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24515d7c92SRobert Watson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25515d7c92SRobert Watson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26515d7c92SRobert Watson * SUCH DAMAGE. 27515d7c92SRobert Watson */ 28515d7c92SRobert Watson /* 298f45e8c0SRobert Watson * acl_get_fd - syscall wrapper for retrieving access ACL by fd 308f45e8c0SRobert Watson * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX) 316394f703SRobert Watson * acl_get_file - syscall wrapper for retrieving ACL by filename 326394f703SRobert Watson * acl_get_link_np - syscall wrapper for retrieving ACL by filename (NOFOLLOW) 336394f703SRobert Watson * (non-POSIX) 349a227c57SChris D. Faulhaber * acl_get_perm_np() checks if a permission is in the specified 359a227c57SChris D. Faulhaber * permset (non-POSIX) 364bf60dfaSChris D. Faulhaber * acl_get_permset() returns the permission set in the ACL entry 374bf60dfaSChris D. Faulhaber * acl_get_qualifier() retrieves the qualifier of the tag from the ACL entry 384bf60dfaSChris D. Faulhaber * acl_get_tag_type() returns the tag type for the ACL entry entry_d 39515d7c92SRobert Watson */ 40515d7c92SRobert Watson 41333fc21eSDavid E. O'Brien #include <sys/cdefs.h> 42333fc21eSDavid E. O'Brien __FBSDID("$FreeBSD$"); 43333fc21eSDavid E. O'Brien 44515d7c92SRobert Watson #include <sys/types.h> 457bd44e92SThomas Moestl #include "namespace.h" 46515d7c92SRobert Watson #include <sys/acl.h> 477bd44e92SThomas Moestl #include "un-namespace.h" 484bf60dfaSChris D. Faulhaber 494bf60dfaSChris D. Faulhaber #include <errno.h> 50515d7c92SRobert Watson #include <stdlib.h> 514bf60dfaSChris D. Faulhaber #include <string.h> 52515d7c92SRobert Watson 53515d7c92SRobert Watson acl_t 54515d7c92SRobert Watson acl_get_file(const char *path_p, acl_type_t type) 55515d7c92SRobert Watson { 560f626307SChris D. Faulhaber acl_t aclp; 57515d7c92SRobert Watson int error; 58515d7c92SRobert Watson 59d3352316SRobert Watson aclp = acl_init(ACL_MAX_ENTRIES); 609fd46b02SChris D. Faulhaber if (aclp == NULL) 61f0078215SRobert Watson return (NULL); 62515d7c92SRobert Watson 630f626307SChris D. Faulhaber error = __acl_get_file(path_p, type, &aclp->ats_acl); 64515d7c92SRobert Watson if (error) { 65515d7c92SRobert Watson acl_free(aclp); 66f0078215SRobert Watson return (NULL); 67515d7c92SRobert Watson } 68515d7c92SRobert Watson 69515d7c92SRobert Watson return (aclp); 70515d7c92SRobert Watson } 71515d7c92SRobert Watson 728f45e8c0SRobert Watson acl_t 736394f703SRobert Watson acl_get_link_np(const char *path_p, acl_type_t type) 746394f703SRobert Watson { 756394f703SRobert Watson acl_t aclp; 766394f703SRobert Watson int error; 776394f703SRobert Watson 786394f703SRobert Watson aclp = acl_init(ACL_MAX_ENTRIES); 796394f703SRobert Watson if (aclp == NULL) 806394f703SRobert Watson return (NULL); 816394f703SRobert Watson 826394f703SRobert Watson error = __acl_get_link(path_p, type, &aclp->ats_acl); 836394f703SRobert Watson if (error) { 846394f703SRobert Watson acl_free(aclp); 856394f703SRobert Watson return (NULL); 866394f703SRobert Watson } 876394f703SRobert Watson 886394f703SRobert Watson return (aclp); 896394f703SRobert Watson } 906394f703SRobert Watson 916394f703SRobert Watson acl_t 928f45e8c0SRobert Watson acl_get_fd(int fd) 938f45e8c0SRobert Watson { 940f626307SChris D. Faulhaber acl_t aclp; 958f45e8c0SRobert Watson int error; 968f45e8c0SRobert Watson 978f45e8c0SRobert Watson aclp = acl_init(ACL_MAX_ENTRIES); 989fd46b02SChris D. Faulhaber if (aclp == NULL) 99f0078215SRobert Watson return (NULL); 1008f45e8c0SRobert Watson 1010f626307SChris D. Faulhaber error = ___acl_get_fd(fd, ACL_TYPE_ACCESS, &aclp->ats_acl); 1028f45e8c0SRobert Watson if (error) { 1038f45e8c0SRobert Watson acl_free(aclp); 104f0078215SRobert Watson return (NULL); 1058f45e8c0SRobert Watson } 1068f45e8c0SRobert Watson 1078f45e8c0SRobert Watson return (aclp); 1088f45e8c0SRobert Watson } 109515d7c92SRobert Watson 110515d7c92SRobert Watson acl_t 1118f45e8c0SRobert Watson acl_get_fd_np(int fd, acl_type_t type) 112515d7c92SRobert Watson { 1130f626307SChris D. Faulhaber acl_t aclp; 114515d7c92SRobert Watson int error; 115515d7c92SRobert Watson 116d3352316SRobert Watson aclp = acl_init(ACL_MAX_ENTRIES); 1179fd46b02SChris D. Faulhaber if (aclp == NULL) 118f0078215SRobert Watson return (NULL); 119515d7c92SRobert Watson 1200f626307SChris D. Faulhaber error = ___acl_get_fd(fd, type, &aclp->ats_acl); 121515d7c92SRobert Watson if (error) { 122515d7c92SRobert Watson acl_free(aclp); 123f0078215SRobert Watson return (NULL); 124515d7c92SRobert Watson } 125515d7c92SRobert Watson 126515d7c92SRobert Watson return (aclp); 127515d7c92SRobert Watson } 1284bf60dfaSChris D. Faulhaber 1294bf60dfaSChris D. Faulhaber int 1309a227c57SChris D. Faulhaber acl_get_perm_np(acl_permset_t permset_d, acl_perm_t perm) 1319a227c57SChris D. Faulhaber { 1329a227c57SChris D. Faulhaber 1339fd46b02SChris D. Faulhaber if (permset_d == NULL) { 1340f626307SChris D. Faulhaber errno = EINVAL; 1359fd46b02SChris D. Faulhaber return (-1); 1360f626307SChris D. Faulhaber } 1370f626307SChris D. Faulhaber 1389a227c57SChris D. Faulhaber switch(perm) { 1399a227c57SChris D. Faulhaber case ACL_READ: 1409a227c57SChris D. Faulhaber case ACL_WRITE: 1419a227c57SChris D. Faulhaber case ACL_EXECUTE: 1429a227c57SChris D. Faulhaber if (*permset_d & perm) 1439fd46b02SChris D. Faulhaber return (1); 1449a227c57SChris D. Faulhaber break; 1459a227c57SChris D. Faulhaber default: 1469a227c57SChris D. Faulhaber errno = EINVAL; 1479fd46b02SChris D. Faulhaber return (-1); 1489a227c57SChris D. Faulhaber } 1499a227c57SChris D. Faulhaber 1509fd46b02SChris D. Faulhaber return (0); 1519a227c57SChris D. Faulhaber } 1529a227c57SChris D. Faulhaber 1530f626307SChris D. Faulhaber /* 1540f626307SChris D. Faulhaber * acl_get_permset() (23.4.17): return via permset_p a descriptor to 1550f626307SChris D. Faulhaber * the permission set in the ACL entry entry_d. 1560f626307SChris D. Faulhaber */ 1579a227c57SChris D. Faulhaber int 1584bf60dfaSChris D. Faulhaber acl_get_permset(acl_entry_t entry_d, acl_permset_t *permset_p) 1594bf60dfaSChris D. Faulhaber { 1604bf60dfaSChris D. Faulhaber 1619fd46b02SChris D. Faulhaber if (entry_d == NULL || permset_p == NULL) { 1624bf60dfaSChris D. Faulhaber errno = EINVAL; 1639fd46b02SChris D. Faulhaber return (-1); 1644bf60dfaSChris D. Faulhaber } 1654bf60dfaSChris D. Faulhaber 1664bf60dfaSChris D. Faulhaber *permset_p = &entry_d->ae_perm; 1674bf60dfaSChris D. Faulhaber 1689fd46b02SChris D. Faulhaber return (0); 1694bf60dfaSChris D. Faulhaber } 1704bf60dfaSChris D. Faulhaber 1710f626307SChris D. Faulhaber /* 1720f626307SChris D. Faulhaber * acl_get_qualifier() (23.4.18): retrieve the qualifier of the tag 1730f626307SChris D. Faulhaber * for the ACL entry entry_d. 1740f626307SChris D. Faulhaber */ 1754bf60dfaSChris D. Faulhaber void * 1764bf60dfaSChris D. Faulhaber acl_get_qualifier(acl_entry_t entry_d) 1774bf60dfaSChris D. Faulhaber { 1784bf60dfaSChris D. Faulhaber uid_t *retval; 1794bf60dfaSChris D. Faulhaber 1809fd46b02SChris D. Faulhaber if (entry_d == NULL) { 1814bf60dfaSChris D. Faulhaber errno = EINVAL; 1829fd46b02SChris D. Faulhaber return (NULL); 1834bf60dfaSChris D. Faulhaber } 1844bf60dfaSChris D. Faulhaber 1854bf60dfaSChris D. Faulhaber switch(entry_d->ae_tag) { 1864bf60dfaSChris D. Faulhaber case ACL_USER: 1874bf60dfaSChris D. Faulhaber case ACL_GROUP: 1884bf60dfaSChris D. Faulhaber retval = malloc(sizeof(uid_t)); 1899fd46b02SChris D. Faulhaber if (retval == NULL) 1909fd46b02SChris D. Faulhaber return (NULL); 1914bf60dfaSChris D. Faulhaber *retval = entry_d->ae_id; 1929fd46b02SChris D. Faulhaber return (retval); 1934bf60dfaSChris D. Faulhaber } 1944bf60dfaSChris D. Faulhaber 1954bf60dfaSChris D. Faulhaber errno = EINVAL; 1969fd46b02SChris D. Faulhaber return (NULL); 1974bf60dfaSChris D. Faulhaber } 1984bf60dfaSChris D. Faulhaber 1990f626307SChris D. Faulhaber /* 2000f626307SChris D. Faulhaber * acl_get_tag_type() (23.4.19): return the tag type for the ACL 2010f626307SChris D. Faulhaber * entry entry_p. 2020f626307SChris D. Faulhaber */ 2034bf60dfaSChris D. Faulhaber int 2044bf60dfaSChris D. Faulhaber acl_get_tag_type(acl_entry_t entry_d, acl_tag_t *tag_type_p) 2054bf60dfaSChris D. Faulhaber { 2064bf60dfaSChris D. Faulhaber 2079fd46b02SChris D. Faulhaber if (entry_d == NULL || tag_type_p == NULL) { 2084bf60dfaSChris D. Faulhaber errno = EINVAL; 2099fd46b02SChris D. Faulhaber return (-1); 2104bf60dfaSChris D. Faulhaber } 2114bf60dfaSChris D. Faulhaber 2124bf60dfaSChris D. Faulhaber *tag_type_p = entry_d->ae_tag; 2134bf60dfaSChris D. Faulhaber 2149fd46b02SChris D. Faulhaber return (0); 2154bf60dfaSChris D. Faulhaber } 216