xref: /titanic_51/usr/src/lib/libsec/common/aclutils.h (revision 5f41bf46ca5230bc3ee6b7d6a714a3a16a390261) 
1fa9e4066Sahrens /*
2fa9e4066Sahrens  * CDDL HEADER START
3fa9e4066Sahrens  *
4fa9e4066Sahrens  * The contents of this file are subject to the terms of the
549f0e518Smarks  * Common Development and Distribution License (the "License").
649f0e518Smarks  * You may not use this file except in compliance with the License.
7fa9e4066Sahrens  *
8fa9e4066Sahrens  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9fa9e4066Sahrens  * or http://www.opensolaris.org/os/licensing.
10fa9e4066Sahrens  * See the License for the specific language governing permissions
11fa9e4066Sahrens  * and limitations under the License.
12fa9e4066Sahrens  *
13fa9e4066Sahrens  * When distributing Covered Code, include this CDDL HEADER in each
14fa9e4066Sahrens  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15fa9e4066Sahrens  * If applicable, add the following below this CDDL HEADER, with the
16fa9e4066Sahrens  * fields enclosed by brackets "[]" replaced with your own identifying
17fa9e4066Sahrens  * information: Portions Copyright [yyyy] [name of copyright owner]
18fa9e4066Sahrens  *
19fa9e4066Sahrens  * CDDL HEADER END
20fa9e4066Sahrens  */
21fa9e4066Sahrens /*
22b249c65cSmarks  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23fa9e4066Sahrens  * Use is subject to license terms.
24fa9e4066Sahrens  */
25fa9e4066Sahrens 
26fa9e4066Sahrens #ifndef _ACLUTILS_H
27fa9e4066Sahrens #define	_ACLUTILS_H
28fa9e4066Sahrens 
29fa9e4066Sahrens #include <sys/types.h>
30da6c28aaSamw #include <sys/acl.h>
315a5eeccaSmarks #include <strings.h>
325a5eeccaSmarks #include <locale.h>
335a5eeccaSmarks #include <ctype.h>
345a5eeccaSmarks #include <grp.h>
355a5eeccaSmarks #include <pwd.h>
36fa9e4066Sahrens 
37fa9e4066Sahrens #ifdef	__cplusplus
38fa9e4066Sahrens extern "C" {
39fa9e4066Sahrens #endif
40fa9e4066Sahrens 
41fa9e4066Sahrens #define	ACL_REMOVE_ALL		0x0
42fa9e4066Sahrens #define	ACL_REMOVE_FIRST	0x1
43fa9e4066Sahrens 
44fa9e4066Sahrens /*
45fa9e4066Sahrens  * Hint for whether acl_totext() should use
466deb031bSsjelinek  * mnemonics:
47fa9e4066Sahrens  * read_data/list_directory
48fa9e4066Sahrens  * write_data/add_file or
49fa9e4066Sahrens  * append_data/add_subdirectory
50fa9e4066Sahrens  * when object of ACL is known.
51fa9e4066Sahrens  */
52fa9e4066Sahrens 
535a5eeccaSmarks #define	PERM_TYPE_ACE		0x1	/* permissions are of ACE type */
545a5eeccaSmarks #define	PERM_TYPE_UNKNOWN	0x2	/* permission type not yet known */
555a5eeccaSmarks #define	PERM_TYPE_EMPTY		0x4	/* no permissions are specified */
565a5eeccaSmarks 
575a5eeccaSmarks struct acl_perm_type {
585a5eeccaSmarks 	int		perm_style;	/* type of perm style, see above */
595a5eeccaSmarks 	char		*perm_str;	/* string value being returned */
605a5eeccaSmarks 	uint32_t	perm_val;	/* numeric value being returned */
615a5eeccaSmarks };
625a5eeccaSmarks 
63a7746f66Stz204579 /*
64a7746f66Stz204579  * Textual representation of ace_t's access mask
65a7746f66Stz204579  */
66a7746f66Stz204579 #define	READ_DATA_TXT	"read_data/"
67a7746f66Stz204579 #define	WRITE_DATA_TXT	"write_data/"
68a7746f66Stz204579 #define	EXECUTE_TXT	"execute/"
69a7746f66Stz204579 #define	READ_XATTR_TXT	"read_xattr/"
70a7746f66Stz204579 #define	WRITE_XATTR_TXT	"write_xattr/"
71a7746f66Stz204579 #define	READ_ATTRIBUTES_TXT "read_attributes/"
72a7746f66Stz204579 #define	WRITE_ATTRIBUTES_TXT "write_attributes/"
73a7746f66Stz204579 #define	DELETE_TXT	"delete/"
74a7746f66Stz204579 #define	DELETE_CHILD_TXT "delete_child/"
75a7746f66Stz204579 #define	WRITE_OWNER_TXT "write_owner/"
76a7746f66Stz204579 #define	READ_ACL_TXT	"read_acl/"
77a7746f66Stz204579 #define	WRITE_ACL_TXT	"write_acl/"
78a7746f66Stz204579 #define	APPEND_DATA_TXT "append_data/"
79a7746f66Stz204579 #define	READ_DIR_TXT	"list_directory/read_data/"
80a7746f66Stz204579 #define	ADD_DIR_TXT	"add_subdirectory/append_data/"
81a7746f66Stz204579 #define	ADD_FILE_TXT	"add_file/write_data/"
82b249c65cSmarks #define	SYNCHRONIZE_TXT "synchronize/"
83a7746f66Stz204579 
84a7746f66Stz204579 /*
85b249c65cSmarks  * ace_t's entry types
86a7746f66Stz204579  */
87b249c65cSmarks #define	OWNERAT_TXT	"owner@:"
88b249c65cSmarks #define	GROUPAT_TXT	"group@:"
89b249c65cSmarks #define	EVERYONEAT_TXT	"everyone@:"
90a7746f66Stz204579 #define	GROUP_TXT	"group:"
91a7746f66Stz204579 #define	USER_TXT	"user:"
92b249c65cSmarks #define	USERSID_TXT	"usersid:"
93b249c65cSmarks #define	GROUPSID_TXT	"groupsid:"
94a7746f66Stz204579 
95a7746f66Stz204579 /*
96a7746f66Stz204579  * ace_t's access types
97a7746f66Stz204579  */
98a7746f66Stz204579 #define	ALLOW_TXT	"allow"
99a7746f66Stz204579 #define	DENY_TXT	"deny"
100a7746f66Stz204579 #define	ALARM_TXT	"alarm"
101a7746f66Stz204579 #define	AUDIT_TXT	"audit"
102a7746f66Stz204579 #define	UNKNOWN_TXT	"unknown"
103a7746f66Stz204579 
104b249c65cSmarks /*
105b249c65cSmarks  * ace_t's inheritance types
106b249c65cSmarks  */
107b249c65cSmarks 
108b249c65cSmarks #define	FILE_INHERIT_TXT	"file_inherit/"
109b249c65cSmarks #define	DIR_INHERIT_TXT		"dir_inherit/"
110b249c65cSmarks #define	NO_PROPAGATE_TXT	"no_propagate/"
111b249c65cSmarks #define	INHERIT_ONLY_TXT	"inherit_only/"
112b249c65cSmarks #define	INHERITED_ACE_TXT	"inherited/"
113b249c65cSmarks #define	SUCCESSFUL_ACCESS_TXT	"successful_access/"
114b249c65cSmarks #define	FAILED_ACCESS_TXT	"failed_access/"
115b249c65cSmarks 
1165a5eeccaSmarks extern char *yybuf;
1175a5eeccaSmarks extern acl_t *yyacl;
1185a5eeccaSmarks 
1195a5eeccaSmarks extern int yyerror(const char *);
120b249c65cSmarks extern int get_id(int entry_type, char *name, uid_t *id);
121*5f41bf46SMark Shellenbaum extern int get_id_nofail(int entry_type, char *name);
1225a5eeccaSmarks extern int ace_entry_type(int entry_type);
1235a5eeccaSmarks extern int aclent_entry_type(int type, int owning, int *ret);
1245a5eeccaSmarks extern int ace_perm_mask(struct acl_perm_type *, uint32_t *mask);
1255a5eeccaSmarks extern int compute_aclent_perms(char *str, o_mode_t *mask);
1265a5eeccaSmarks extern int compute_ace_inherit(char *str, uint32_t *imask);
127fa9e4066Sahrens extern int acl_addentries(acl_t *, acl_t *, int);
128fa9e4066Sahrens extern int acl_removeentries(acl_t *, acl_t *, int, int);
129fa9e4066Sahrens extern int acl_modifyentries(acl_t *, acl_t *, int);
1305a5eeccaSmarks extern void acl_printacl(acl_t *, int, int);
131fa9e4066Sahrens extern char *acl_strerror(int);
132fa9e4066Sahrens extern acl_t *acl_dup(acl_t *);
133fa9e4066Sahrens extern int acl_type(acl_t *);
134fa9e4066Sahrens extern int acl_cnt(acl_t *);
135fa9e4066Sahrens extern int acl_flags(acl_t *);
136fa9e4066Sahrens extern void *acl_data(acl_t *);
1375a5eeccaSmarks extern void acl_error(const char *, ...);
1385a5eeccaSmarks extern int acl_parse(const char *, acl_t **);
1395a5eeccaSmarks extern int yyparse(void);
1405a5eeccaSmarks extern void yyreset(void);
141ec965100Smarks extern void yycleanup(void);
14249f0e518Smarks extern acl_t *acl_to_aclp(enum acl_type, void *, int);
143b249c65cSmarks extern int sid_to_id(char *, boolean_t, uid_t *);
144fa9e4066Sahrens 
145fa9e4066Sahrens #ifdef	__cplusplus
146fa9e4066Sahrens }
147fa9e4066Sahrens #endif
148fa9e4066Sahrens 
149fa9e4066Sahrens #endif /* _ACLUTILS_H */
150