14330ec31SRobert Watson.\"- 24330ec31SRobert Watson.\" Copyright (c) 2001 Robert N. M. Watson 34330ec31SRobert Watson.\" All rights reserved. 44330ec31SRobert Watson.\" 54330ec31SRobert Watson.\" Redistribution and use in source and binary forms, with or without 64330ec31SRobert Watson.\" modification, are permitted provided that the following conditions 74330ec31SRobert Watson.\" are met: 84330ec31SRobert Watson.\" 1. Redistributions of source code must retain the above copyright 94330ec31SRobert Watson.\" notice, this list of conditions and the following disclaimer. 104330ec31SRobert Watson.\" 2. Redistributions in binary form must reproduce the above copyright 114330ec31SRobert Watson.\" notice, this list of conditions and the following disclaimer in the 124330ec31SRobert Watson.\" documentation and/or other materials provided with the distribution. 134330ec31SRobert Watson.\" 144330ec31SRobert Watson.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 154330ec31SRobert Watson.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 164330ec31SRobert Watson.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 174330ec31SRobert Watson.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 184330ec31SRobert Watson.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 194330ec31SRobert Watson.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 204330ec31SRobert Watson.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 214330ec31SRobert Watson.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 224330ec31SRobert Watson.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 234330ec31SRobert Watson.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 244330ec31SRobert Watson.\" SUCH DAMAGE. 254330ec31SRobert Watson.\" 264330ec31SRobert Watson.\" $FreeBSD$ 274330ec31SRobert Watson.\" 284330ec31SRobert Watson.Dd August 22, 2001 294330ec31SRobert Watson.Os 309342a2c7SRobert Watson.Dt VACCESS 9 314330ec31SRobert Watson.Sh NAME 324330ec31SRobert Watson.Nm vaccess 334330ec31SRobert Watson.Nd generate an access control decision using vnode parameters 344330ec31SRobert Watson.Sh SYNOPSIS 35f16b3c0dSChad David.In sys/param.h 369342a2c7SRobert Watson.In sys/vnode.h 374330ec31SRobert Watson.Ft int 389342a2c7SRobert Watson.Fo vaccess 399342a2c7SRobert Watson.Fa "enum vtype type" 409342a2c7SRobert Watson.Fa "mode_t file_mode" 419342a2c7SRobert Watson.Fa "uid_t file_uid" 429342a2c7SRobert Watson.Fa "gid_t file_gid" 439342a2c7SRobert Watson.Fa "mode_t acc_mode" 449342a2c7SRobert Watson.Fa "struct ucred *cred" 459342a2c7SRobert Watson.Fa "int *privused" 469342a2c7SRobert Watson.Fc 474330ec31SRobert Watson.Sh DESCRIPTION 489342a2c7SRobert WatsonThis call implements the logic for the 499342a2c7SRobert Watson.Ux 509342a2c7SRobert Watsondiscretionary file security model 519342a2c7SRobert Watsoncommon to many file systems in 529342a2c7SRobert Watson.Fx . 534330ec31SRobert WatsonIt accepts the vnodes type 549342a2c7SRobert Watson.Fa type , 55ef3f517fSRobert Watsonpermissions via 569342a2c7SRobert Watson.Fa file_mode , 579342a2c7SRobert Watsonowning UID 584330ec31SRobert Watson.Fa file_uid , 599342a2c7SRobert Watsonowning GID 604330ec31SRobert Watson.Fa file_gid , 614330ec31SRobert Watsondesired access mode 624330ec31SRobert Watson.Fa acc_mode , 634330ec31SRobert Watsonrequesting credential 644330ec31SRobert Watson.Fa cred , 659342a2c7SRobert Watsonand an optional call-by-reference 669342a2c7SRobert Watson.Vt int 679342a2c7SRobert Watsonpointer returning whether or not 684330ec31SRobert Watsonprivilege was required for successful evaluation of the call; the 694330ec31SRobert Watson.Fa privused 709342a2c7SRobert Watsonpointer may be set to 719342a2c7SRobert Watson.Dv NULL 729342a2c7SRobert Watsonby the caller in order not to be informed of 734330ec31SRobert Watsonprivilege information, or it may point to an integer that will be set to 744330ec31SRobert Watson1 if privilege is used, and 0 otherwise. 754330ec31SRobert Watson.Pp 764330ec31SRobert WatsonThis call is intended to support implementations of 774330ec31SRobert Watson.Xr VOP_ACCESS 9 , 78b82af3f5SMike Pritchardwhich will use their own access methods to retrieve the vnode properties, 794330ec31SRobert Watsonand then invoke 804330ec31SRobert Watson.Fn vaccess 814330ec31SRobert Watsonin order to perform the actual check. 824330ec31SRobert WatsonImplementations of 834330ec31SRobert Watson.Xr VOP_ACCESS 9 844330ec31SRobert Watsonmay choose to implement additional security mechanisms whose results will 854330ec31SRobert Watsonbe composed with the return value. 864330ec31SRobert Watson.Pp 874330ec31SRobert WatsonThe algorithm used by 884330ec31SRobert Watson.Fn vaccess 894330ec31SRobert Watsonselects a component of the file permission bits based on comparing the 904330ec31SRobert Watsonpassed credential, file owner, and file group. 919342a2c7SRobert WatsonIf the credential's effective UID matches the file owner, then the 924330ec31SRobert Watsonowner component of the permission bits is selected. 939342a2c7SRobert WatsonIf the UID does not match, then the credential's effective GID, followed 949342a2c7SRobert Watsonby additional groups, are compared with the file group\[em]if there is 954330ec31SRobert Watsona match, then the group component of the permission bits is selected. 969342a2c7SRobert WatsonIf neither the credential UID or GIDs match the passed file owner and 979342a2c7SRobert Watsongroup, then the other component of the permission bits is selected. 984330ec31SRobert Watson.Pp 994330ec31SRobert WatsonOnce appropriate protections are selected for the current credential, 1004330ec31SRobert Watsonthe requested access mode, in combination with the vnode type, will be 1014330ec31SRobert Watsoncompared with the discretionary rights available for the credential. 1024330ec31SRobert WatsonIf the rights granted by discretionary protections are insufficient, 1034330ec31SRobert Watsonthen super-user privilege, if available for the credential, will also be 1044330ec31SRobert Watsonconsidered. 1054330ec31SRobert Watson.Sh RETURN VALUES 1064330ec31SRobert Watson.Fn vaccess 1074330ec31SRobert Watsonwill return 0 on success, or a non-zero error value on failure. 1084330ec31SRobert Watson.Sh ERRORS 1094330ec31SRobert Watson.Bl -tag -width Er 1104330ec31SRobert Watson.It Bq Er EACCES 1114330ec31SRobert WatsonPermission denied. 1124330ec31SRobert WatsonAn attempt was made to access a file in a way forbidden by its file access 1134330ec31SRobert Watsonpermissions. 1144330ec31SRobert Watson.It Bq Er EPERM 1154330ec31SRobert WatsonOperation not permitted. 1164330ec31SRobert WatsonAn attempt was made to perform an operation limited to processes with 1174330ec31SRobert Watsonappropriate privileges or to the owner of a file or other resource. 1184330ec31SRobert Watson.El 1194330ec31SRobert Watson.Sh SEE ALSO 120c369ba59SRobert Watson.Xr vaccess_acl_posix1e 9 , 1214330ec31SRobert Watson.Xr vnode 9 , 1224330ec31SRobert Watson.Xr VOP_ACCESS 9 1234330ec31SRobert Watson.Sh AUTHORS 124571dba6eSHiten PandyaThis manual page and the current implementation of 1254330ec31SRobert Watson.Fn vaccess 1264330ec31SRobert Watsonwere written by 1274330ec31SRobert Watson.An Robert Watson . 128