15a5eeccaSmarks %{ 25a5eeccaSmarks /* 35a5eeccaSmarks * CDDL HEADER START 45a5eeccaSmarks * 55a5eeccaSmarks * The contents of this file are subject to the terms of the 694d2b9abSmarks * Common Development and Distribution License (the "License"). 794d2b9abSmarks * You may not use this file except in compliance with the License. 85a5eeccaSmarks * 95a5eeccaSmarks * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 105a5eeccaSmarks * or http://www.opensolaris.org/os/licensing. 115a5eeccaSmarks * See the License for the specific language governing permissions 125a5eeccaSmarks * and limitations under the License. 135a5eeccaSmarks * 145a5eeccaSmarks * When distributing Covered Code, include this CDDL HEADER in each 155a5eeccaSmarks * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 165a5eeccaSmarks * If applicable, add the following below this CDDL HEADER, with the 175a5eeccaSmarks * fields enclosed by brackets "[]" replaced with your own identifying 185a5eeccaSmarks * information: Portions Copyright [yyyy] [name of copyright owner] 195a5eeccaSmarks * 205a5eeccaSmarks * CDDL HEADER END 215a5eeccaSmarks * 22da6c28aaSamw * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 235a5eeccaSmarks * Use is subject to license terms. 245a5eeccaSmarks */ 255a5eeccaSmarks 265a5eeccaSmarks #pragma ident "%Z%%M% %I% %E% SMI" 275a5eeccaSmarks 28da6c28aaSamw #include <acl_common.h> 295a5eeccaSmarks #include <aclutils.h> 305a5eeccaSmarks 315a5eeccaSmarks extern int yyinteractive; 325a5eeccaSmarks extern acl_t *yyacl; 335a5eeccaSmarks %} 345a5eeccaSmarks 355a5eeccaSmarks %union { 365a5eeccaSmarks char *str; 375a5eeccaSmarks int val; 385a5eeccaSmarks struct acl_perm_type acl_perm; 395a5eeccaSmarks ace_t ace; 405a5eeccaSmarks aclent_t aclent; 415a5eeccaSmarks acl_t *acl; 425a5eeccaSmarks } 435a5eeccaSmarks 445a5eeccaSmarks 455a5eeccaSmarks %token USER_TOK GROUP_TOK MASK_TOK OTHER_TOK OWNERAT_TOK 465a5eeccaSmarks %token GROUPAT_TOK EVERYONEAT_TOK DEFAULT_USER_TOK DEFAULT_GROUP_TOK 475a5eeccaSmarks %token DEFAULT_MASK_TOK DEFAULT_OTHER_TOK COLON COMMA NL SLASH 485a5eeccaSmarks %token <str> IDNAME PERM_TOK INHERIT_TOK 495a5eeccaSmarks %token <val> ID ERROR ACE_PERM ACE_INHERIT ENTRY_TYPE ACCESS_TYPE 505a5eeccaSmarks 515a5eeccaSmarks %type <str> idname 525a5eeccaSmarks %type <acl_perm> perms perm aclent_perm ace_perms 535a5eeccaSmarks %type <acl> acl_entry 545a5eeccaSmarks %type <ace> ace 555a5eeccaSmarks %type <aclent> aclent 565a5eeccaSmarks %type <val> iflags verbose_iflag compact_iflag access_type id entry_type 575a5eeccaSmarks 585a5eeccaSmarks %left ERROR COLON 595a5eeccaSmarks 605a5eeccaSmarks %% 615a5eeccaSmarks 625a5eeccaSmarks acl: acl_entry NL 635a5eeccaSmarks { 645a5eeccaSmarks yyacl = $1; 655a5eeccaSmarks return (0); 665a5eeccaSmarks } 675a5eeccaSmarks 685a5eeccaSmarks /* This seems illegal, but the old aclfromtext() allows it */ 695a5eeccaSmarks | acl_entry COMMA NL 705a5eeccaSmarks { 715a5eeccaSmarks yyacl = $1; 725a5eeccaSmarks return (0); 735a5eeccaSmarks } 745a5eeccaSmarks | acl_entry COMMA acl 755a5eeccaSmarks { 765a5eeccaSmarks yyacl = $1; 775a5eeccaSmarks return (0); 785a5eeccaSmarks } 795a5eeccaSmarks 805a5eeccaSmarks acl_entry: ace 815a5eeccaSmarks { 825a5eeccaSmarks ace_t *acep; 835a5eeccaSmarks 845a5eeccaSmarks if (yyacl == NULL) { 855a5eeccaSmarks yyacl = acl_alloc(ACE_T); 86*ec965100Smarks if (yyacl == NULL) { 87*ec965100Smarks yycleanup(); 885a5eeccaSmarks return (EACL_MEM_ERROR); 895a5eeccaSmarks } 90*ec965100Smarks } 915a5eeccaSmarks 925a5eeccaSmarks $$ = yyacl; 935a5eeccaSmarks if ($$->acl_type == ACLENT_T) { 945b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 955b233e2dSmarks "Cannot have POSIX draft ACL entries" 9694d2b9abSmarks " with NFSv4/ZFS ACL entries.\n")); 975a5eeccaSmarks acl_free(yyacl); 985a5eeccaSmarks yyacl = NULL; 99*ec965100Smarks yycleanup(); 1005a5eeccaSmarks return (EACL_DIFF_TYPE); 1015a5eeccaSmarks } 1025a5eeccaSmarks 1035a5eeccaSmarks $$->acl_aclp = realloc($$->acl_aclp, 1045a5eeccaSmarks ($$->acl_entry_size * ($$->acl_cnt + 1))); 1055a5eeccaSmarks if ($$->acl_aclp == NULL) { 1065a5eeccaSmarks free (yyacl); 107*ec965100Smarks yycleanup(); 1085a5eeccaSmarks return (EACL_MEM_ERROR); 1095a5eeccaSmarks } 1105a5eeccaSmarks acep = $$->acl_aclp; 1115a5eeccaSmarks acep[$$->acl_cnt] = $1; 1125a5eeccaSmarks $$->acl_cnt++; 113*ec965100Smarks yycleanup(); 1145a5eeccaSmarks } 1155a5eeccaSmarks | aclent 1165a5eeccaSmarks { 1175a5eeccaSmarks aclent_t *aclent; 1185a5eeccaSmarks 1195a5eeccaSmarks if (yyacl == NULL) { 1205a5eeccaSmarks yyacl = acl_alloc(ACLENT_T); 121*ec965100Smarks if (yyacl == NULL) { 122*ec965100Smarks yycleanup(); 1235a5eeccaSmarks return (EACL_MEM_ERROR); 1245a5eeccaSmarks } 125*ec965100Smarks } 1265a5eeccaSmarks 1275a5eeccaSmarks $$ = yyacl; 1285a5eeccaSmarks if ($$->acl_type == ACE_T) { 1295b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 1305b233e2dSmarks "Cannot have NFSv4/ZFS ACL entries" 13194d2b9abSmarks " with POSIX draft ACL entries.\n")); 1325a5eeccaSmarks acl_free(yyacl); 1335a5eeccaSmarks yyacl = NULL; 134*ec965100Smarks yycleanup(); 1355a5eeccaSmarks return (EACL_DIFF_TYPE); 1365a5eeccaSmarks } 1375a5eeccaSmarks 1385a5eeccaSmarks $$->acl_aclp = realloc($$->acl_aclp, 1395a5eeccaSmarks ($$->acl_entry_size * ($$->acl_cnt +1))); 1405a5eeccaSmarks if ($$->acl_aclp == NULL) { 1415a5eeccaSmarks free (yyacl); 142*ec965100Smarks yycleanup(); 1435a5eeccaSmarks return (EACL_MEM_ERROR); 1445a5eeccaSmarks } 1455a5eeccaSmarks aclent = $$->acl_aclp; 1465a5eeccaSmarks aclent[$$->acl_cnt] = $1; 1475a5eeccaSmarks $$->acl_cnt++; 148*ec965100Smarks yycleanup(); 1495a5eeccaSmarks } 1505a5eeccaSmarks 1515a5eeccaSmarks ace: entry_type idname ace_perms access_type 1525a5eeccaSmarks { 1535a5eeccaSmarks int error; 1545a5eeccaSmarks int id; 1555a5eeccaSmarks int mask; 1565a5eeccaSmarks 1575a5eeccaSmarks error = get_id($1, $2, &id); 1585a5eeccaSmarks if (error) { 1595b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 1605b233e2dSmarks "Invalid user %s specified.\n"), $2); 161*ec965100Smarks yycleanup(); 1625a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 1635a5eeccaSmarks } 1645a5eeccaSmarks 1655a5eeccaSmarks $$.a_who = id; 1665a5eeccaSmarks $$.a_flags = ace_entry_type($1); 1675a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 168*ec965100Smarks if (error) { 169*ec965100Smarks yycleanup(); 1705a5eeccaSmarks return (error); 171*ec965100Smarks } 1725a5eeccaSmarks $$.a_type = $4; 1735a5eeccaSmarks 1745a5eeccaSmarks } 1755a5eeccaSmarks | entry_type idname ace_perms access_type COLON id 1765a5eeccaSmarks { 1775a5eeccaSmarks int error; 1785a5eeccaSmarks int id; 1795a5eeccaSmarks 1805a5eeccaSmarks if (yyinteractive) { 1815b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 1825b233e2dSmarks "Extra fields on the end of " 18394d2b9abSmarks "ACL specification.\n")); 184*ec965100Smarks yycleanup(); 1855a5eeccaSmarks return (EACL_UNKNOWN_DATA); 1865a5eeccaSmarks } 1875a5eeccaSmarks error = get_id($1, $2, &id); 1885a5eeccaSmarks if (error) { 1895a5eeccaSmarks $$.a_who = $6; 1905a5eeccaSmarks } else { 1915a5eeccaSmarks $$.a_who = id; 1925a5eeccaSmarks } 1935a5eeccaSmarks $$.a_flags = ace_entry_type($1); 1945a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 195*ec965100Smarks if (error) { 196*ec965100Smarks yycleanup(); 1975a5eeccaSmarks return (error); 198*ec965100Smarks } 1995a5eeccaSmarks $$.a_type = $4; 2005a5eeccaSmarks } 2015a5eeccaSmarks | entry_type idname ace_perms iflags access_type 2025a5eeccaSmarks { 2035a5eeccaSmarks int error; 2045a5eeccaSmarks int id; 2055a5eeccaSmarks 2065a5eeccaSmarks error = get_id($1, $2, &id); 2075a5eeccaSmarks if (error) { 2085b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2095b233e2dSmarks "Invalid user %s specified.\n"), $2); 210*ec965100Smarks yycleanup(); 2115a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 2125a5eeccaSmarks } 2135a5eeccaSmarks 2145a5eeccaSmarks $$.a_who = id; 2155a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2165a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 217*ec965100Smarks if (error) { 218*ec965100Smarks yycleanup(); 2195a5eeccaSmarks return (error); 220*ec965100Smarks } 2215a5eeccaSmarks $$.a_type = $5; 2225a5eeccaSmarks $$.a_flags |= $4; 2235a5eeccaSmarks } 2245a5eeccaSmarks | entry_type idname ace_perms iflags access_type COLON id 2255a5eeccaSmarks { 2265a5eeccaSmarks int error; 2275a5eeccaSmarks int id; 2285a5eeccaSmarks 2295a5eeccaSmarks if (yyinteractive) { 2305b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2315b233e2dSmarks "Extra fields on the end of " 23294d2b9abSmarks "ACL specification.\n")); 233*ec965100Smarks yycleanup(); 2345a5eeccaSmarks return (EACL_UNKNOWN_DATA); 2355a5eeccaSmarks } 2365a5eeccaSmarks error = get_id($1, $2, &id); 2375a5eeccaSmarks if (error) { 2385a5eeccaSmarks $$.a_who = $7; 2395a5eeccaSmarks } else { 2405a5eeccaSmarks $$.a_who = id; 2415a5eeccaSmarks } 2425a5eeccaSmarks 2435a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2445a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 245*ec965100Smarks if (error) { 246*ec965100Smarks yycleanup(); 2475a5eeccaSmarks return (error); 248*ec965100Smarks } 2495a5eeccaSmarks 2505a5eeccaSmarks $$.a_type = $5; 2515a5eeccaSmarks $$.a_flags |= $4; 2525a5eeccaSmarks } 2535a5eeccaSmarks | entry_type ace_perms access_type 2545a5eeccaSmarks { 2555a5eeccaSmarks int error; 2565a5eeccaSmarks 2575a5eeccaSmarks $$.a_who = -1; 2585a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2595a5eeccaSmarks error = ace_perm_mask(&$2, &$$.a_access_mask); 2605a5eeccaSmarks if (error) { 261*ec965100Smarks yycleanup(); 2625a5eeccaSmarks return (error); 2635a5eeccaSmarks } 2645a5eeccaSmarks $$.a_type = $3; 2655a5eeccaSmarks } 2665a5eeccaSmarks | entry_type ace_perms access_type COLON id 2675a5eeccaSmarks { 268*ec965100Smarks yycleanup(); 2695a5eeccaSmarks if (yyinteractive) { 2705b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2715b233e2dSmarks "Extra fields on the end of " 27294d2b9abSmarks "ACL specification.\n")); 2735a5eeccaSmarks return (EACL_UNKNOWN_DATA); 2745a5eeccaSmarks } 2755a5eeccaSmarks 2765a5eeccaSmarks return (EACL_ENTRY_ERROR); 2775a5eeccaSmarks } 2785a5eeccaSmarks | entry_type ace_perms iflags access_type 2795a5eeccaSmarks { 2805a5eeccaSmarks int error; 2815a5eeccaSmarks 2825a5eeccaSmarks $$.a_who = -1; 2835a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2845a5eeccaSmarks error = ace_perm_mask(&$2, &$$.a_access_mask); 285*ec965100Smarks if (error) { 286*ec965100Smarks yycleanup(); 2875a5eeccaSmarks return (error); 288*ec965100Smarks } 2895a5eeccaSmarks $$.a_type = $4; 2905a5eeccaSmarks $$.a_flags |= $3; 2915a5eeccaSmarks 2925a5eeccaSmarks } 2935a5eeccaSmarks | entry_type ace_perms iflags access_type COLON id 2945a5eeccaSmarks { 295*ec965100Smarks yycleanup(); 2965a5eeccaSmarks if (yyinteractive) { 2975b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2985b233e2dSmarks "Extra fields on the end of " 29994d2b9abSmarks "ACL specification.\n")); 3005a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3015a5eeccaSmarks } 3025a5eeccaSmarks return (EACL_ENTRY_ERROR); 3035a5eeccaSmarks } 3045a5eeccaSmarks 3055a5eeccaSmarks aclent: entry_type idname aclent_perm /* user or group */ 3065a5eeccaSmarks { 3075a5eeccaSmarks int error; 3085a5eeccaSmarks int id; 3095a5eeccaSmarks 3105a5eeccaSmarks error = get_id($1, $2, &id); 3115a5eeccaSmarks if (error) { 3125b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3135b233e2dSmarks "Invalid user '%s' specified.\n"), $2); 314*ec965100Smarks yycleanup(); 3155a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 3165a5eeccaSmarks } 3175a5eeccaSmarks 3185a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3195a5eeccaSmarks if (error) { 3205b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 32194d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3225a5eeccaSmarks $3.perm_str); 323*ec965100Smarks yycleanup(); 3245a5eeccaSmarks return (error); 3255a5eeccaSmarks } 3265a5eeccaSmarks $$.a_id = id; 3275a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 3285a5eeccaSmarks if (error) { 3295a5eeccaSmarks acl_error( 3305b233e2dSmarks dgettext(TEXT_DOMAIN, 3315b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 332*ec965100Smarks yycleanup(); 3335a5eeccaSmarks return (error); 3345a5eeccaSmarks } 3355a5eeccaSmarks } 3365a5eeccaSmarks | entry_type COLON aclent_perm /* owner group other */ 3375a5eeccaSmarks { 3385a5eeccaSmarks int error; 3395a5eeccaSmarks 3405a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3415a5eeccaSmarks if (error) { 3425b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 34394d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3445a5eeccaSmarks $3.perm_str); 345*ec965100Smarks yycleanup(); 3465a5eeccaSmarks return (error); 3475a5eeccaSmarks } 3485a5eeccaSmarks $$.a_id = -1; 3495a5eeccaSmarks error = aclent_entry_type($1, 1, &$$.a_type); 3505a5eeccaSmarks if (error) { 3515a5eeccaSmarks acl_error( 3525b233e2dSmarks dgettext(TEXT_DOMAIN, 3535b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 354*ec965100Smarks yycleanup(); 3555a5eeccaSmarks return (error); 3565a5eeccaSmarks } 3575a5eeccaSmarks } 3585a5eeccaSmarks | entry_type COLON aclent_perm COLON id 3595a5eeccaSmarks { 360*ec965100Smarks yycleanup(); 3615a5eeccaSmarks if (yyinteractive) { 3625b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3635b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 3645a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3655a5eeccaSmarks } 3665a5eeccaSmarks return (EACL_ENTRY_ERROR); 3675a5eeccaSmarks } 3685a5eeccaSmarks | entry_type idname aclent_perm COLON id /* user or group */ 3695a5eeccaSmarks { 3705a5eeccaSmarks int error; 3715a5eeccaSmarks int id; 3725a5eeccaSmarks 3735a5eeccaSmarks if (yyinteractive) { 3745b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3755b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 376*ec965100Smarks yycleanup(); 3775a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3785a5eeccaSmarks } 3795a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3805a5eeccaSmarks if (error) { 3815b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 38294d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3835a5eeccaSmarks $3.perm_str); 384*ec965100Smarks yycleanup(); 3855a5eeccaSmarks return (error); 3865a5eeccaSmarks } 3875a5eeccaSmarks error = get_id($1, $2, &id); 3885a5eeccaSmarks if (error) 3895a5eeccaSmarks $$.a_id = $5; 3905a5eeccaSmarks else 3915a5eeccaSmarks $$.a_id = id; 3925a5eeccaSmarks 3935a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 3945a5eeccaSmarks if (error) { 3955a5eeccaSmarks acl_error( 3965b233e2dSmarks dgettext(TEXT_DOMAIN, 3975b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 398*ec965100Smarks yycleanup(); 3995a5eeccaSmarks return (error); 4005a5eeccaSmarks } 4015a5eeccaSmarks } 4025a5eeccaSmarks | entry_type aclent_perm /* mask entry */ 4035a5eeccaSmarks { 4045a5eeccaSmarks int error; 4055a5eeccaSmarks 4065a5eeccaSmarks error = compute_aclent_perms($2.perm_str, &$$.a_perm); 4075a5eeccaSmarks if (error) { 4085b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 40994d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 4105a5eeccaSmarks $2.perm_str); 411*ec965100Smarks yycleanup(); 4125a5eeccaSmarks return (error); 4135a5eeccaSmarks } 4145a5eeccaSmarks $$.a_id = -1; 4155a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 4165a5eeccaSmarks if (error) { 4175a5eeccaSmarks acl_error( 4185b233e2dSmarks dgettext(TEXT_DOMAIN, 4195b233e2dSmarks "Invalid ACL entry type specified %d.\n"), 4205a5eeccaSmarks error); 421*ec965100Smarks yycleanup(); 4225a5eeccaSmarks return (error); 4235a5eeccaSmarks } 4245a5eeccaSmarks } 4255a5eeccaSmarks | entry_type aclent_perm COLON id 4265a5eeccaSmarks { 427*ec965100Smarks yycleanup(); 4285a5eeccaSmarks if (yyinteractive) { 4295b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4305b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 4315a5eeccaSmarks return (EACL_UNKNOWN_DATA); 4325a5eeccaSmarks } 4335a5eeccaSmarks return (EACL_ENTRY_ERROR); 4345a5eeccaSmarks } 4355a5eeccaSmarks 4365a5eeccaSmarks iflags: compact_iflag COLON {$$ = $1;} 4375a5eeccaSmarks | verbose_iflag COLON {$$ = $1;} 4385a5eeccaSmarks | COLON {$$ = 0;} 4395a5eeccaSmarks 4405a5eeccaSmarks compact_iflag : INHERIT_TOK 4415a5eeccaSmarks { 4425a5eeccaSmarks int error; 4435a5eeccaSmarks uint32_t iflags; 4445a5eeccaSmarks 4455a5eeccaSmarks error = compute_ace_inherit($1, &iflags); 4465a5eeccaSmarks if (error) { 4475b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4485b233e2dSmarks "Invalid inheritance flags '%s' specified.\n"), $1); 449*ec965100Smarks yycleanup(); 4505a5eeccaSmarks return (error); 4515a5eeccaSmarks } 4525a5eeccaSmarks $$ = iflags; 4535a5eeccaSmarks } 4545a5eeccaSmarks | INHERIT_TOK SLASH verbose_iflag 4555a5eeccaSmarks { 4565b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4575b233e2dSmarks "Can't mix compact inherit flags with" 45894d2b9abSmarks " verbose inheritance flags.\n")); 459*ec965100Smarks yycleanup(); 4605a5eeccaSmarks return (EACL_INHERIT_ERROR); 4615a5eeccaSmarks } 4625a5eeccaSmarks 4635a5eeccaSmarks verbose_iflag: ACE_INHERIT {$$ |= $1;} 4645a5eeccaSmarks | ACE_INHERIT SLASH verbose_iflag {$$ = $1 | $3;} 4655a5eeccaSmarks | ACE_INHERIT SLASH compact_iflag 4665a5eeccaSmarks { 4675b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4685b233e2dSmarks "Can't mix verbose inherit flags with" 46994d2b9abSmarks " compact inheritance flags.\n")); 470*ec965100Smarks yycleanup(); 47194d2b9abSmarks return (EACL_INHERIT_ERROR); 47294d2b9abSmarks } 47394d2b9abSmarks | ACE_INHERIT SLASH ACCESS_TYPE 47494d2b9abSmarks { 4755b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4765b233e2dSmarks "Inheritance flags can't be mixed with access type.\n")); 477*ec965100Smarks yycleanup(); 4785a5eeccaSmarks return (EACL_INHERIT_ERROR); 4795a5eeccaSmarks } 480*ec965100Smarks | ACE_INHERIT SLASH ERROR 481*ec965100Smarks { 482*ec965100Smarks yycleanup(); 483*ec965100Smarks return ($3); 484*ec965100Smarks } 4855a5eeccaSmarks 4865a5eeccaSmarks aclent_perm: PERM_TOK 4875a5eeccaSmarks { 4885a5eeccaSmarks $$.perm_style = PERM_TYPE_UNKNOWN; 4895a5eeccaSmarks $$.perm_str = $1; 4905a5eeccaSmarks $$.perm_val = 0; 4915a5eeccaSmarks } 4925a5eeccaSmarks | PERM_TOK ERROR 4935a5eeccaSmarks { 4945b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4955b233e2dSmarks "ACL entry permissions are incorrectly specified.\n")); 496*ec965100Smarks yycleanup(); 4975a5eeccaSmarks return ($2); 4985a5eeccaSmarks } 4995a5eeccaSmarks 5005a5eeccaSmarks access_type: ACCESS_TYPE {$$ = $1;} 501*ec965100Smarks | ERROR 502*ec965100Smarks { 503*ec965100Smarks yycleanup(); 504*ec965100Smarks return ($1); 505*ec965100Smarks } 5065a5eeccaSmarks 5075a5eeccaSmarks id: ID {$$ = $1;} 50894d2b9abSmarks | COLON 50994d2b9abSmarks { 5105b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 5115b233e2dSmarks "Invalid uid/gid specified.\nThe field" 51294d2b9abSmarks " should be a numeric value.\n")); 513*ec965100Smarks yycleanup(); 51494d2b9abSmarks return (EACL_UNKNOWN_DATA); 51594d2b9abSmarks } 516*ec965100Smarks | ERROR 517*ec965100Smarks { 518*ec965100Smarks yycleanup(); 519*ec965100Smarks return ($1); 520*ec965100Smarks } 5215a5eeccaSmarks 5225a5eeccaSmarks ace_perms: perm {$$ = $1;} 5235a5eeccaSmarks | aclent_perm COLON {$$ = $1;} 524*ec965100Smarks | ERROR 525*ec965100Smarks { 526*ec965100Smarks yycleanup(); 527*ec965100Smarks return ($1); 528*ec965100Smarks } 5295a5eeccaSmarks 5305a5eeccaSmarks perm: perms COLON {$$ = $1;} 5315a5eeccaSmarks | COLON {$$.perm_style = PERM_TYPE_EMPTY;} 5325a5eeccaSmarks 5335a5eeccaSmarks perms: ACE_PERM 5345a5eeccaSmarks { 5355a5eeccaSmarks $$.perm_style = PERM_TYPE_ACE; 5365a5eeccaSmarks $$.perm_val |= $1; 5375a5eeccaSmarks } 5385a5eeccaSmarks | ACE_PERM SLASH perms 5395a5eeccaSmarks { 5405a5eeccaSmarks $$.perm_style = PERM_TYPE_ACE; 5415a5eeccaSmarks $$.perm_val = $1 | $3.perm_val; 5425a5eeccaSmarks } 5435a5eeccaSmarks | ACE_PERM SLASH aclent_perm 5445a5eeccaSmarks { 5455a5eeccaSmarks 5465b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 5475b233e2dSmarks "Can't mix verbose permissions with" 54894d2b9abSmarks " compact permission.\n")); 549*ec965100Smarks yycleanup(); 5505a5eeccaSmarks return (EACL_PERM_MASK_ERROR); 5515a5eeccaSmarks 5525a5eeccaSmarks } 553*ec965100Smarks | ACE_PERM SLASH ERROR 554*ec965100Smarks { 555*ec965100Smarks yycleanup(); 556*ec965100Smarks return ($3); 557*ec965100Smarks } 55894d2b9abSmarks 5595a5eeccaSmarks 5605a5eeccaSmarks idname: IDNAME {$$ = $1;} 5615a5eeccaSmarks 5625a5eeccaSmarks entry_type: ENTRY_TYPE {$$ = $1;} 563*ec965100Smarks | ERROR 564*ec965100Smarks { 565*ec965100Smarks yycleanup(); 566*ec965100Smarks return ($1); 567*ec965100Smarks } 568