xref: /titanic_41/usr/src/lib/libbsm/common/devalloc.h (revision f63f7506be0210195779706f51c58646e568cc40)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_DEVALLOC_H
28 #define	_DEVALLOC_H
29 
30 #pragma ident	"%Z%%M%	%I%	%E% SMI"
31 
32 #ifdef	__cplusplus
33 extern "C" {
34 #endif
35 
36 #include <stdio.h>
37 #include <fcntl.h>
38 #include <sys/param.h>
39 #include <secdb.h>
40 
41 /*
42  * These are unsupported, SUNWprivate interfaces.
43  */
44 
45 #define	DA_UID			(uid_t)0	/* root */
46 #define	DA_GID			(gid_t)3	/* sys */
47 #define	LOGINDEVPERM		"/etc/logindevperm"
48 #define	DA_DB_LOCK		"/etc/security/.da_db_lock"
49 #define	DA_DEV_LOCK		"/etc/security/.da_dev_lock"
50 #define	DEVALLOC		"/etc/security/device_allocate"
51 #define	DEVMAP			"/etc/security/device_maps"
52 #define	DEFATTRS		"/etc/security/tsol/devalloc_defaults"
53 #define	TMPALLOC		"/etc/security/.device_allocate"
54 #define	TMPMAP			"/etc/security/.device_maps"
55 #define	TMPATTRS		"/etc/security/tsol/.devalloc_defaults"
56 
57 #define	DA_DEFAULT_MIN		"admin_low"
58 #define	DA_DEFAULT_MAX		"admin_high"
59 #define	DA_DEFAULT_CLEAN	"/bin/true"
60 #define	DA_DEFAULT_AUDIO_CLEAN	"/etc/security/lib/audio_clean_wrapper"
61 #define	DA_DEFAULT_DISK_CLEAN	"/etc/security/lib/disk_clean"
62 #define	DA_DEFAULT_TAPE_CLEAN	"/etc/security/lib/st_clean"
63 
64 #define	DA_ON_STR		"DEVICE_ALLOCATION=ON\n"
65 #define	DA_OFF_STR		"DEVICE_ALLOCATION=OFF\n"
66 #define	DA_IS_LABELED		"system_labeled"
67 #define	DA_LABEL_CHECK		"/usr/bin/plabel"
68 #define	DA_DBMODE		0644
69 #define	DA_COUNT		5	/* allocatable devices suppported */
70 					/* audio, cd, floppy, rmdisk, tape */
71 #define	DA_AUTHLEN		MAX_CANON   /* approx. sum of strlen of all */
72 					    /* device auths in auth_list.h */
73 #define	DA_MAXNAME		80
74 #define	DA_BUFSIZE		4096
75 
76 #define	DA_RDWR			O_RDWR|O_CREAT|O_NONBLOCK
77 #define	DA_RDONLY		O_RDONLY|O_NONBLOCK
78 
79 #define	DA_ANYUSER		"*"
80 #define	DA_NOUSER		"@"
81 
82 #define	ALLOC_UID	(uid_t)0	/* root */
83 #define	ALLOC_GID	(gid_t)3	/* sys */
84 #define	ALLOC_ERRID	(uid_t)2	/* bin */
85 #define	ALLOC_MODE	0600
86 #define	DEALLOC_MODE    0000
87 
88 #define	DA_SILENT		0x00000001
89 #define	DA_VERBOSE		0x00000002
90 #define	DA_ADD			0x00000004
91 #define	DA_REMOVE		0x00000008
92 #define	DA_UPDATE		0x00000010
93 #define	DA_ADD_ZONE		0x00000020
94 #define	DA_REMOVE_ZONE		0x00000040
95 #define	DA_FORCE		0x00000080
96 #define	DA_ALLOC_ONLY		0x00000100
97 #define	DA_MAPS_ONLY		0x00000200
98 #define	DA_ON			0x00000400
99 #define	DA_OFF			0x00000800
100 #define	DA_NO_OVERRIDE		0x00001000
101 #define	DA_DEFATTRS		0x00002000
102 
103 #define	DA_AUDIO		0x00001000
104 #define	DA_CD			0x00002000
105 #define	DA_FLOPPY		0x00004000
106 #define	DA_TAPE			0x00008000
107 #define	DA_RMDISK		0x00010000
108 
109 #define	DA_AUDIO_NAME		"audio"
110 #define	DA_SOUND_NAME		"sound"
111 #define	DA_AUDIO_TYPE		DA_AUDIO_NAME
112 #define	DA_AUDIO_DIR		"/dev/sound/"
113 
114 #define	DA_CD_NAME		"cdrom"
115 #define	DA_CD_TYPE		"sr"
116 
117 #define	DA_DISK_DIR		"/dev/dsk/"
118 #define	DA_DISK_DIRR		"/dev/rdsk/"
119 #define	DA_DISKR_DIR		"/dev/(r)dsk"
120 
121 #define	DA_FLOPPY_NAME		"floppy"
122 #define	DA_FLOPPY_TYPE		"fd"
123 
124 #define	DA_RMDISK_NAME		"rmdisk"
125 #define	DA_RMDISK_TYPE		DA_RMDISK_NAME
126 
127 #define	DA_TAPE_NAME		"tape"
128 #define	DA_TAPE_DIR		"/dev/rmt/"
129 #define	DA_TAPE_TYPE		"st"
130 
131 typedef struct _devinfo_t {
132 	char	*devname;
133 	char	*devtype;
134 	char	*devauths;
135 	char	*devexec;
136 	char	*devopts;
137 	char	*devlist;
138 	int	instance;
139 } devinfo_t;
140 
141 typedef struct _deventry_t {
142 	devinfo_t		devinfo;
143 	struct _deventry_t	*next;
144 } deventry_t;
145 
146 typedef struct _devlist_t {
147 	deventry_t	*audio;
148 	deventry_t	*cd;
149 	deventry_t	*floppy;
150 	deventry_t	*tape;
151 	deventry_t	*rmdisk;
152 } devlist_t;
153 
154 typedef struct _da_optargs {
155 	int		optflag;
156 	char		*rootdir;
157 	char		**devnames;
158 	devinfo_t	*devinfo;
159 } da_args;
160 
161 typedef struct _da_defs {
162 	char		*devtype;
163 	kva_t		*devopts;
164 } da_defs_t;
165 
166 da_defs_t *getdadefent(void);
167 da_defs_t *getdadeftype(char *);
168 void freedadefent(da_defs_t *);
169 void setdadefent(void);
170 void enddadefent(void);
171 int da_is_on(void);
172 int da_check_logindevperm(char *);
173 int da_open_devdb(char *, FILE **, FILE **, int);
174 int da_update_device(da_args *);
175 int da_update_defattrs(da_args *);
176 int da_add_list(devlist_t *, char *, int, int);
177 int da_remove_list(devlist_t *, char *, int, char *, int);
178 void da_print_device(int, devlist_t *);
179 
180 
181 #ifdef	__cplusplus
182 }
183 #endif
184 
185 #endif	/* _DEVALLOC_H */
186