15a5eeccaSmarks %{ 25a5eeccaSmarks /* 35a5eeccaSmarks * CDDL HEADER START 45a5eeccaSmarks * 55a5eeccaSmarks * The contents of this file are subject to the terms of the 694d2b9abSmarks * Common Development and Distribution License (the "License"). 794d2b9abSmarks * You may not use this file except in compliance with the License. 85a5eeccaSmarks * 95a5eeccaSmarks * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 105a5eeccaSmarks * or http://www.opensolaris.org/os/licensing. 115a5eeccaSmarks * See the License for the specific language governing permissions 125a5eeccaSmarks * and limitations under the License. 135a5eeccaSmarks * 145a5eeccaSmarks * When distributing Covered Code, include this CDDL HEADER in each 155a5eeccaSmarks * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 165a5eeccaSmarks * If applicable, add the following below this CDDL HEADER, with the 175a5eeccaSmarks * fields enclosed by brackets "[]" replaced with your own identifying 185a5eeccaSmarks * information: Portions Copyright [yyyy] [name of copyright owner] 195a5eeccaSmarks * 205a5eeccaSmarks * CDDL HEADER END 215a5eeccaSmarks * 22*b249c65cSmarks * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 235a5eeccaSmarks * Use is subject to license terms. 245a5eeccaSmarks */ 255a5eeccaSmarks 265a5eeccaSmarks #pragma ident "%Z%%M% %I% %E% SMI" 275a5eeccaSmarks 28da6c28aaSamw #include <acl_common.h> 295a5eeccaSmarks #include <aclutils.h> 305a5eeccaSmarks 315a5eeccaSmarks extern int yyinteractive; 325a5eeccaSmarks extern acl_t *yyacl; 335a5eeccaSmarks %} 345a5eeccaSmarks 355a5eeccaSmarks %union { 365a5eeccaSmarks char *str; 375a5eeccaSmarks int val; 385a5eeccaSmarks struct acl_perm_type acl_perm; 395a5eeccaSmarks ace_t ace; 405a5eeccaSmarks aclent_t aclent; 415a5eeccaSmarks acl_t *acl; 425a5eeccaSmarks } 435a5eeccaSmarks 445a5eeccaSmarks 45*b249c65cSmarks %token USER_TOK USER_SID_TOK GROUP_TOK GROUP_SID_TOK MASK_TOK OTHER_TOK 46*b249c65cSmarks %token OWNERAT_TOK GROUPAT_TOK EVERYONEAT_TOK DEFAULT_USER_TOK 47*b249c65cSmarks %token DEFAULT_GROUP_TOK DEFAULT_MASK_TOK DEFAULT_OTHER_TOK 48*b249c65cSmarks %token COLON COMMA NL SLASH 495a5eeccaSmarks %token <str> IDNAME PERM_TOK INHERIT_TOK 505a5eeccaSmarks %token <val> ID ERROR ACE_PERM ACE_INHERIT ENTRY_TYPE ACCESS_TYPE 515a5eeccaSmarks 525a5eeccaSmarks %type <str> idname 535a5eeccaSmarks %type <acl_perm> perms perm aclent_perm ace_perms 545a5eeccaSmarks %type <acl> acl_entry 555a5eeccaSmarks %type <ace> ace 565a5eeccaSmarks %type <aclent> aclent 575a5eeccaSmarks %type <val> iflags verbose_iflag compact_iflag access_type id entry_type 585a5eeccaSmarks 595a5eeccaSmarks %left ERROR COLON 605a5eeccaSmarks 615a5eeccaSmarks %% 625a5eeccaSmarks 635a5eeccaSmarks acl: acl_entry NL 645a5eeccaSmarks { 655a5eeccaSmarks yyacl = $1; 665a5eeccaSmarks return (0); 675a5eeccaSmarks } 685a5eeccaSmarks 695a5eeccaSmarks /* This seems illegal, but the old aclfromtext() allows it */ 705a5eeccaSmarks | acl_entry COMMA NL 715a5eeccaSmarks { 725a5eeccaSmarks yyacl = $1; 735a5eeccaSmarks return (0); 745a5eeccaSmarks } 755a5eeccaSmarks | acl_entry COMMA acl 765a5eeccaSmarks { 775a5eeccaSmarks yyacl = $1; 785a5eeccaSmarks return (0); 795a5eeccaSmarks } 805a5eeccaSmarks 815a5eeccaSmarks acl_entry: ace 825a5eeccaSmarks { 835a5eeccaSmarks ace_t *acep; 845a5eeccaSmarks 855a5eeccaSmarks if (yyacl == NULL) { 865a5eeccaSmarks yyacl = acl_alloc(ACE_T); 87ec965100Smarks if (yyacl == NULL) { 88ec965100Smarks yycleanup(); 895a5eeccaSmarks return (EACL_MEM_ERROR); 905a5eeccaSmarks } 91ec965100Smarks } 925a5eeccaSmarks 935a5eeccaSmarks $$ = yyacl; 945a5eeccaSmarks if ($$->acl_type == ACLENT_T) { 955b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 965b233e2dSmarks "Cannot have POSIX draft ACL entries" 9794d2b9abSmarks " with NFSv4/ZFS ACL entries.\n")); 985a5eeccaSmarks acl_free(yyacl); 995a5eeccaSmarks yyacl = NULL; 100ec965100Smarks yycleanup(); 1015a5eeccaSmarks return (EACL_DIFF_TYPE); 1025a5eeccaSmarks } 1035a5eeccaSmarks 1045a5eeccaSmarks $$->acl_aclp = realloc($$->acl_aclp, 1055a5eeccaSmarks ($$->acl_entry_size * ($$->acl_cnt + 1))); 1065a5eeccaSmarks if ($$->acl_aclp == NULL) { 1075a5eeccaSmarks free (yyacl); 108ec965100Smarks yycleanup(); 1095a5eeccaSmarks return (EACL_MEM_ERROR); 1105a5eeccaSmarks } 1115a5eeccaSmarks acep = $$->acl_aclp; 1125a5eeccaSmarks acep[$$->acl_cnt] = $1; 1135a5eeccaSmarks $$->acl_cnt++; 114ec965100Smarks yycleanup(); 1155a5eeccaSmarks } 1165a5eeccaSmarks | aclent 1175a5eeccaSmarks { 1185a5eeccaSmarks aclent_t *aclent; 1195a5eeccaSmarks 1205a5eeccaSmarks if (yyacl == NULL) { 1215a5eeccaSmarks yyacl = acl_alloc(ACLENT_T); 122ec965100Smarks if (yyacl == NULL) { 123ec965100Smarks yycleanup(); 1245a5eeccaSmarks return (EACL_MEM_ERROR); 1255a5eeccaSmarks } 126ec965100Smarks } 1275a5eeccaSmarks 1285a5eeccaSmarks $$ = yyacl; 1295a5eeccaSmarks if ($$->acl_type == ACE_T) { 1305b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 1315b233e2dSmarks "Cannot have NFSv4/ZFS ACL entries" 13294d2b9abSmarks " with POSIX draft ACL entries.\n")); 1335a5eeccaSmarks acl_free(yyacl); 1345a5eeccaSmarks yyacl = NULL; 135ec965100Smarks yycleanup(); 1365a5eeccaSmarks return (EACL_DIFF_TYPE); 1375a5eeccaSmarks } 1385a5eeccaSmarks 1395a5eeccaSmarks $$->acl_aclp = realloc($$->acl_aclp, 1405a5eeccaSmarks ($$->acl_entry_size * ($$->acl_cnt +1))); 1415a5eeccaSmarks if ($$->acl_aclp == NULL) { 1425a5eeccaSmarks free (yyacl); 143ec965100Smarks yycleanup(); 1445a5eeccaSmarks return (EACL_MEM_ERROR); 1455a5eeccaSmarks } 1465a5eeccaSmarks aclent = $$->acl_aclp; 1475a5eeccaSmarks aclent[$$->acl_cnt] = $1; 1485a5eeccaSmarks $$->acl_cnt++; 149ec965100Smarks yycleanup(); 1505a5eeccaSmarks } 1515a5eeccaSmarks 1525a5eeccaSmarks ace: entry_type idname ace_perms access_type 1535a5eeccaSmarks { 1545a5eeccaSmarks int error; 155*b249c65cSmarks uid_t id; 1565a5eeccaSmarks int mask; 1575a5eeccaSmarks 1585a5eeccaSmarks error = get_id($1, $2, &id); 1595a5eeccaSmarks if (error) { 160*b249c65cSmarks bad_entry_type($1, $2); 161ec965100Smarks yycleanup(); 1625a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 1635a5eeccaSmarks } 1645a5eeccaSmarks 1655a5eeccaSmarks $$.a_who = id; 1665a5eeccaSmarks $$.a_flags = ace_entry_type($1); 1675a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 168ec965100Smarks if (error) { 169ec965100Smarks yycleanup(); 1705a5eeccaSmarks return (error); 171ec965100Smarks } 1725a5eeccaSmarks $$.a_type = $4; 1735a5eeccaSmarks 1745a5eeccaSmarks } 1755a5eeccaSmarks | entry_type idname ace_perms access_type COLON id 1765a5eeccaSmarks { 1775a5eeccaSmarks int error; 178*b249c65cSmarks uid_t id; 1795a5eeccaSmarks 1805a5eeccaSmarks if (yyinteractive) { 1815b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 1825b233e2dSmarks "Extra fields on the end of " 18394d2b9abSmarks "ACL specification.\n")); 184ec965100Smarks yycleanup(); 1855a5eeccaSmarks return (EACL_UNKNOWN_DATA); 1865a5eeccaSmarks } 1875a5eeccaSmarks error = get_id($1, $2, &id); 1885a5eeccaSmarks if (error) { 1895a5eeccaSmarks $$.a_who = $6; 1905a5eeccaSmarks } else { 1915a5eeccaSmarks $$.a_who = id; 1925a5eeccaSmarks } 1935a5eeccaSmarks $$.a_flags = ace_entry_type($1); 1945a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 195ec965100Smarks if (error) { 196ec965100Smarks yycleanup(); 1975a5eeccaSmarks return (error); 198ec965100Smarks } 1995a5eeccaSmarks $$.a_type = $4; 2005a5eeccaSmarks } 2015a5eeccaSmarks | entry_type idname ace_perms iflags access_type 2025a5eeccaSmarks { 2035a5eeccaSmarks int error; 204*b249c65cSmarks uid_t id; 2055a5eeccaSmarks 2065a5eeccaSmarks error = get_id($1, $2, &id); 2075a5eeccaSmarks if (error) { 208*b249c65cSmarks bad_entry_type($1, $2); 209ec965100Smarks yycleanup(); 2105a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 2115a5eeccaSmarks } 2125a5eeccaSmarks 2135a5eeccaSmarks $$.a_who = id; 2145a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2155a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 216ec965100Smarks if (error) { 217ec965100Smarks yycleanup(); 2185a5eeccaSmarks return (error); 219ec965100Smarks } 2205a5eeccaSmarks $$.a_type = $5; 2215a5eeccaSmarks $$.a_flags |= $4; 2225a5eeccaSmarks } 2235a5eeccaSmarks | entry_type idname ace_perms iflags access_type COLON id 2245a5eeccaSmarks { 2255a5eeccaSmarks int error; 226*b249c65cSmarks uid_t id; 2275a5eeccaSmarks 2285a5eeccaSmarks if (yyinteractive) { 2295b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2305b233e2dSmarks "Extra fields on the end of " 23194d2b9abSmarks "ACL specification.\n")); 232ec965100Smarks yycleanup(); 2335a5eeccaSmarks return (EACL_UNKNOWN_DATA); 2345a5eeccaSmarks } 2355a5eeccaSmarks error = get_id($1, $2, &id); 2365a5eeccaSmarks if (error) { 2375a5eeccaSmarks $$.a_who = $7; 2385a5eeccaSmarks } else { 2395a5eeccaSmarks $$.a_who = id; 2405a5eeccaSmarks } 2415a5eeccaSmarks 2425a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2435a5eeccaSmarks error = ace_perm_mask(&$3, &$$.a_access_mask); 244ec965100Smarks if (error) { 245ec965100Smarks yycleanup(); 2465a5eeccaSmarks return (error); 247ec965100Smarks } 2485a5eeccaSmarks 2495a5eeccaSmarks $$.a_type = $5; 2505a5eeccaSmarks $$.a_flags |= $4; 2515a5eeccaSmarks } 2525a5eeccaSmarks | entry_type ace_perms access_type 2535a5eeccaSmarks { 2545a5eeccaSmarks int error; 2555a5eeccaSmarks 2565a5eeccaSmarks $$.a_who = -1; 2575a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2585a5eeccaSmarks error = ace_perm_mask(&$2, &$$.a_access_mask); 2595a5eeccaSmarks if (error) { 260ec965100Smarks yycleanup(); 2615a5eeccaSmarks return (error); 2625a5eeccaSmarks } 2635a5eeccaSmarks $$.a_type = $3; 2645a5eeccaSmarks } 2655a5eeccaSmarks | entry_type ace_perms access_type COLON id 2665a5eeccaSmarks { 267ec965100Smarks yycleanup(); 2685a5eeccaSmarks if (yyinteractive) { 2695b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2705b233e2dSmarks "Extra fields on the end of " 27194d2b9abSmarks "ACL specification.\n")); 2725a5eeccaSmarks return (EACL_UNKNOWN_DATA); 2735a5eeccaSmarks } 2745a5eeccaSmarks 2755a5eeccaSmarks return (EACL_ENTRY_ERROR); 2765a5eeccaSmarks } 2775a5eeccaSmarks | entry_type ace_perms iflags access_type 2785a5eeccaSmarks { 2795a5eeccaSmarks int error; 2805a5eeccaSmarks 2815a5eeccaSmarks $$.a_who = -1; 2825a5eeccaSmarks $$.a_flags = ace_entry_type($1); 2835a5eeccaSmarks error = ace_perm_mask(&$2, &$$.a_access_mask); 284ec965100Smarks if (error) { 285ec965100Smarks yycleanup(); 2865a5eeccaSmarks return (error); 287ec965100Smarks } 2885a5eeccaSmarks $$.a_type = $4; 2895a5eeccaSmarks $$.a_flags |= $3; 2905a5eeccaSmarks 2915a5eeccaSmarks } 2925a5eeccaSmarks | entry_type ace_perms iflags access_type COLON id 2935a5eeccaSmarks { 294ec965100Smarks yycleanup(); 2955a5eeccaSmarks if (yyinteractive) { 2965b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2975b233e2dSmarks "Extra fields on the end of " 29894d2b9abSmarks "ACL specification.\n")); 2995a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3005a5eeccaSmarks } 3015a5eeccaSmarks return (EACL_ENTRY_ERROR); 3025a5eeccaSmarks } 3035a5eeccaSmarks 3045a5eeccaSmarks aclent: entry_type idname aclent_perm /* user or group */ 3055a5eeccaSmarks { 3065a5eeccaSmarks int error; 307*b249c65cSmarks uid_t id; 3085a5eeccaSmarks 3095a5eeccaSmarks error = get_id($1, $2, &id); 3105a5eeccaSmarks if (error) { 311*b249c65cSmarks bad_entry_type($1, $2); 312ec965100Smarks yycleanup(); 3135a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 3145a5eeccaSmarks } 3155a5eeccaSmarks 3165a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3175a5eeccaSmarks if (error) { 3185b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 31994d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3205a5eeccaSmarks $3.perm_str); 321ec965100Smarks yycleanup(); 3225a5eeccaSmarks return (error); 3235a5eeccaSmarks } 3245a5eeccaSmarks $$.a_id = id; 3255a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 3265a5eeccaSmarks if (error) { 3275a5eeccaSmarks acl_error( 3285b233e2dSmarks dgettext(TEXT_DOMAIN, 3295b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 330ec965100Smarks yycleanup(); 3315a5eeccaSmarks return (error); 3325a5eeccaSmarks } 3335a5eeccaSmarks } 3345a5eeccaSmarks | entry_type COLON aclent_perm /* owner group other */ 3355a5eeccaSmarks { 3365a5eeccaSmarks int error; 3375a5eeccaSmarks 3385a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3395a5eeccaSmarks if (error) { 3405b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 34194d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3425a5eeccaSmarks $3.perm_str); 343ec965100Smarks yycleanup(); 3445a5eeccaSmarks return (error); 3455a5eeccaSmarks } 3465a5eeccaSmarks $$.a_id = -1; 3475a5eeccaSmarks error = aclent_entry_type($1, 1, &$$.a_type); 3485a5eeccaSmarks if (error) { 3495a5eeccaSmarks acl_error( 3505b233e2dSmarks dgettext(TEXT_DOMAIN, 3515b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 352ec965100Smarks yycleanup(); 3535a5eeccaSmarks return (error); 3545a5eeccaSmarks } 3555a5eeccaSmarks } 3565a5eeccaSmarks | entry_type COLON aclent_perm COLON id 3575a5eeccaSmarks { 358ec965100Smarks yycleanup(); 3595a5eeccaSmarks if (yyinteractive) { 3605b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3615b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 3625a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3635a5eeccaSmarks } 3645a5eeccaSmarks return (EACL_ENTRY_ERROR); 3655a5eeccaSmarks } 3665a5eeccaSmarks | entry_type idname aclent_perm COLON id /* user or group */ 3675a5eeccaSmarks { 3685a5eeccaSmarks int error; 369*b249c65cSmarks uid_t id; 3705a5eeccaSmarks 3715a5eeccaSmarks if (yyinteractive) { 3725b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3735b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 374ec965100Smarks yycleanup(); 3755a5eeccaSmarks return (EACL_UNKNOWN_DATA); 3765a5eeccaSmarks } 3775a5eeccaSmarks error = compute_aclent_perms($3.perm_str, &$$.a_perm); 3785a5eeccaSmarks if (error) { 3795b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 38094d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 3815a5eeccaSmarks $3.perm_str); 382ec965100Smarks yycleanup(); 3835a5eeccaSmarks return (error); 3845a5eeccaSmarks } 3855a5eeccaSmarks error = get_id($1, $2, &id); 3865a5eeccaSmarks if (error) 3875a5eeccaSmarks $$.a_id = $5; 3885a5eeccaSmarks else 3895a5eeccaSmarks $$.a_id = id; 3905a5eeccaSmarks 3915a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 3925a5eeccaSmarks if (error) { 3935a5eeccaSmarks acl_error( 3945b233e2dSmarks dgettext(TEXT_DOMAIN, 3955b233e2dSmarks "Invalid ACL entry type '%s' specified.\n"), $1); 396ec965100Smarks yycleanup(); 3975a5eeccaSmarks return (error); 3985a5eeccaSmarks } 3995a5eeccaSmarks } 4005a5eeccaSmarks | entry_type aclent_perm /* mask entry */ 4015a5eeccaSmarks { 4025a5eeccaSmarks int error; 4035a5eeccaSmarks 4045a5eeccaSmarks error = compute_aclent_perms($2.perm_str, &$$.a_perm); 4055a5eeccaSmarks if (error) { 4065b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 40794d2b9abSmarks "Invalid permission(s) '%s' specified.\n"), 4085a5eeccaSmarks $2.perm_str); 409ec965100Smarks yycleanup(); 4105a5eeccaSmarks return (error); 4115a5eeccaSmarks } 4125a5eeccaSmarks $$.a_id = -1; 4135a5eeccaSmarks error = aclent_entry_type($1, 0, &$$.a_type); 4145a5eeccaSmarks if (error) { 4155a5eeccaSmarks acl_error( 4165b233e2dSmarks dgettext(TEXT_DOMAIN, 4175b233e2dSmarks "Invalid ACL entry type specified %d.\n"), 4185a5eeccaSmarks error); 419ec965100Smarks yycleanup(); 4205a5eeccaSmarks return (error); 4215a5eeccaSmarks } 4225a5eeccaSmarks } 4235a5eeccaSmarks | entry_type aclent_perm COLON id 4245a5eeccaSmarks { 425ec965100Smarks yycleanup(); 4265a5eeccaSmarks if (yyinteractive) { 4275b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4285b233e2dSmarks "Extra fields on the end of ACL specification.\n")); 4295a5eeccaSmarks return (EACL_UNKNOWN_DATA); 4305a5eeccaSmarks } 4315a5eeccaSmarks return (EACL_ENTRY_ERROR); 4325a5eeccaSmarks } 4335a5eeccaSmarks 4345a5eeccaSmarks iflags: compact_iflag COLON {$$ = $1;} 4355a5eeccaSmarks | verbose_iflag COLON {$$ = $1;} 4365a5eeccaSmarks | COLON {$$ = 0;} 4375a5eeccaSmarks 4385a5eeccaSmarks compact_iflag : INHERIT_TOK 4395a5eeccaSmarks { 4405a5eeccaSmarks int error; 4415a5eeccaSmarks uint32_t iflags; 4425a5eeccaSmarks 4435a5eeccaSmarks error = compute_ace_inherit($1, &iflags); 4445a5eeccaSmarks if (error) { 4455b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4465b233e2dSmarks "Invalid inheritance flags '%s' specified.\n"), $1); 447ec965100Smarks yycleanup(); 4485a5eeccaSmarks return (error); 4495a5eeccaSmarks } 4505a5eeccaSmarks $$ = iflags; 4515a5eeccaSmarks } 4525a5eeccaSmarks | INHERIT_TOK SLASH verbose_iflag 4535a5eeccaSmarks { 4545b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4555b233e2dSmarks "Can't mix compact inherit flags with" 45694d2b9abSmarks " verbose inheritance flags.\n")); 457ec965100Smarks yycleanup(); 4585a5eeccaSmarks return (EACL_INHERIT_ERROR); 4595a5eeccaSmarks } 4605a5eeccaSmarks 4615a5eeccaSmarks verbose_iflag: ACE_INHERIT {$$ |= $1;} 4625a5eeccaSmarks | ACE_INHERIT SLASH verbose_iflag {$$ = $1 | $3;} 4635a5eeccaSmarks | ACE_INHERIT SLASH compact_iflag 4645a5eeccaSmarks { 4655b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4665b233e2dSmarks "Can't mix verbose inherit flags with" 46794d2b9abSmarks " compact inheritance flags.\n")); 468ec965100Smarks yycleanup(); 46994d2b9abSmarks return (EACL_INHERIT_ERROR); 47094d2b9abSmarks } 47194d2b9abSmarks | ACE_INHERIT SLASH ACCESS_TYPE 47294d2b9abSmarks { 4735b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4745b233e2dSmarks "Inheritance flags can't be mixed with access type.\n")); 475ec965100Smarks yycleanup(); 4765a5eeccaSmarks return (EACL_INHERIT_ERROR); 4775a5eeccaSmarks } 478ec965100Smarks | ACE_INHERIT SLASH ERROR 479ec965100Smarks { 480ec965100Smarks yycleanup(); 481ec965100Smarks return ($3); 482ec965100Smarks } 4835a5eeccaSmarks 4845a5eeccaSmarks aclent_perm: PERM_TOK 4855a5eeccaSmarks { 4865a5eeccaSmarks $$.perm_style = PERM_TYPE_UNKNOWN; 4875a5eeccaSmarks $$.perm_str = $1; 4885a5eeccaSmarks $$.perm_val = 0; 4895a5eeccaSmarks } 4905a5eeccaSmarks | PERM_TOK ERROR 4915a5eeccaSmarks { 4925b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4935b233e2dSmarks "ACL entry permissions are incorrectly specified.\n")); 494ec965100Smarks yycleanup(); 4955a5eeccaSmarks return ($2); 4965a5eeccaSmarks } 4975a5eeccaSmarks 4985a5eeccaSmarks access_type: ACCESS_TYPE {$$ = $1;} 499ec965100Smarks | ERROR 500ec965100Smarks { 501ec965100Smarks yycleanup(); 502ec965100Smarks return ($1); 503ec965100Smarks } 5045a5eeccaSmarks 5055a5eeccaSmarks id: ID {$$ = $1;} 50694d2b9abSmarks | COLON 50794d2b9abSmarks { 5085b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 5095b233e2dSmarks "Invalid uid/gid specified.\nThe field" 51094d2b9abSmarks " should be a numeric value.\n")); 511ec965100Smarks yycleanup(); 51294d2b9abSmarks return (EACL_UNKNOWN_DATA); 51394d2b9abSmarks } 514ec965100Smarks | ERROR 515ec965100Smarks { 516ec965100Smarks yycleanup(); 517ec965100Smarks return ($1); 518ec965100Smarks } 5195a5eeccaSmarks 5205a5eeccaSmarks ace_perms: perm {$$ = $1;} 5215a5eeccaSmarks | aclent_perm COLON {$$ = $1;} 522ec965100Smarks | ERROR 523ec965100Smarks { 524ec965100Smarks yycleanup(); 525ec965100Smarks return ($1); 526ec965100Smarks } 5275a5eeccaSmarks 5285a5eeccaSmarks perm: perms COLON {$$ = $1;} 5295a5eeccaSmarks | COLON {$$.perm_style = PERM_TYPE_EMPTY;} 5305a5eeccaSmarks 5315a5eeccaSmarks perms: ACE_PERM 5325a5eeccaSmarks { 5335a5eeccaSmarks $$.perm_style = PERM_TYPE_ACE; 5345a5eeccaSmarks $$.perm_val |= $1; 5355a5eeccaSmarks } 5365a5eeccaSmarks | ACE_PERM SLASH perms 5375a5eeccaSmarks { 5385a5eeccaSmarks $$.perm_style = PERM_TYPE_ACE; 5395a5eeccaSmarks $$.perm_val = $1 | $3.perm_val; 5405a5eeccaSmarks } 5415a5eeccaSmarks | ACE_PERM SLASH aclent_perm 5425a5eeccaSmarks { 5435a5eeccaSmarks 5445b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 5455b233e2dSmarks "Can't mix verbose permissions with" 54694d2b9abSmarks " compact permission.\n")); 547ec965100Smarks yycleanup(); 5485a5eeccaSmarks return (EACL_PERM_MASK_ERROR); 5495a5eeccaSmarks 5505a5eeccaSmarks } 551ec965100Smarks | ACE_PERM SLASH ERROR 552ec965100Smarks { 553ec965100Smarks yycleanup(); 554ec965100Smarks return ($3); 555ec965100Smarks } 55694d2b9abSmarks 5575a5eeccaSmarks 5585a5eeccaSmarks idname: IDNAME {$$ = $1;} 5595a5eeccaSmarks 5605a5eeccaSmarks entry_type: ENTRY_TYPE {$$ = $1;} 561ec965100Smarks | ERROR 562ec965100Smarks { 563ec965100Smarks yycleanup(); 564ec965100Smarks return ($1); 565ec965100Smarks } 566*b249c65cSmarks 567*b249c65cSmarks %% 568*b249c65cSmarks static void 569*b249c65cSmarks bad_entry_type(int toketype, char *str) 570*b249c65cSmarks { 571*b249c65cSmarks switch(toketype) { 572*b249c65cSmarks case USER_TOK: 573*b249c65cSmarks case DEFAULT_USER_TOK: 574*b249c65cSmarks acl_error(dgettext(TEXT_DOMAIN, 575*b249c65cSmarks "Invalid user %s specified.\n"), str); 576*b249c65cSmarks break; 577*b249c65cSmarks 578*b249c65cSmarks case GROUP_TOK: 579*b249c65cSmarks case DEFAULT_GROUP_TOK: 580*b249c65cSmarks acl_error(dgettext(TEXT_DOMAIN, 581*b249c65cSmarks "Invalid group %s specified.\n"), str); 582*b249c65cSmarks break; 583*b249c65cSmarks 584*b249c65cSmarks case USER_SID_TOK: 585*b249c65cSmarks acl_error(dgettext(TEXT_DOMAIN, 586*b249c65cSmarks "Invalid user SID %s specified.\n"), str); 587*b249c65cSmarks break; 588*b249c65cSmarks 589*b249c65cSmarks case GROUP_SID_TOK: 590*b249c65cSmarks acl_error(dgettext(TEXT_DOMAIN, 591*b249c65cSmarks "Invalid group SID %s specified.\n"), str); 592*b249c65cSmarks } 593*b249c65cSmarks 594*b249c65cSmarks } 595