15a5eeccaSmarks /* 25a5eeccaSmarks * CDDL HEADER START 35a5eeccaSmarks * 45a5eeccaSmarks * The contents of this file are subject to the terms of the 594d2b9abSmarks * Common Development and Distribution License (the "License"). 694d2b9abSmarks * You may not use this file except in compliance with the License. 75a5eeccaSmarks * 85a5eeccaSmarks * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 95a5eeccaSmarks * or http://www.opensolaris.org/os/licensing. 105a5eeccaSmarks * See the License for the specific language governing permissions 115a5eeccaSmarks * and limitations under the License. 125a5eeccaSmarks * 135a5eeccaSmarks * When distributing Covered Code, include this CDDL HEADER in each 145a5eeccaSmarks * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 155a5eeccaSmarks * If applicable, add the following below this CDDL HEADER, with the 165a5eeccaSmarks * fields enclosed by brackets "[]" replaced with your own identifying 175a5eeccaSmarks * information: Portions Copyright [yyyy] [name of copyright owner] 185a5eeccaSmarks * 195a5eeccaSmarks * CDDL HEADER END 205a5eeccaSmarks * 21b249c65cSmarks * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 225a5eeccaSmarks * Use is subject to license terms. 235a5eeccaSmarks */ 245a5eeccaSmarks 255a5eeccaSmarks %{ 265a5eeccaSmarks #include <sys/acl.h> 275a5eeccaSmarks #include <aclutils.h> 28b249c65cSmarks #include <idmap.h> 295a5eeccaSmarks #include <errno.h> 305a5eeccaSmarks #include "acl.tab.h" 315a5eeccaSmarks 325a5eeccaSmarks #ifdef input 335a5eeccaSmarks #undef input 345a5eeccaSmarks #endif 355a5eeccaSmarks 365a5eeccaSmarks #ifdef unput 375a5eeccaSmarks #undef unput 385a5eeccaSmarks #endif 395a5eeccaSmarks 405a5eeccaSmarks int grab_string(char *terminators); 415a5eeccaSmarks static int input(); 425a5eeccaSmarks static void unput(int); 435a5eeccaSmarks 445a5eeccaSmarks int 455a5eeccaSmarks yyerror(const char *s) 465a5eeccaSmarks { 475a5eeccaSmarks return (0); 485a5eeccaSmarks } 495a5eeccaSmarks 505a5eeccaSmarks int 515a5eeccaSmarks yywrap(void) 525a5eeccaSmarks { 535a5eeccaSmarks return (1); 545a5eeccaSmarks } 555a5eeccaSmarks 565a5eeccaSmarks extern char *yybuf; 575a5eeccaSmarks int yybufpos; 585a5eeccaSmarks 59ec965100Smarks /* 60ec965100Smarks * Used for tracking allocated strings while walking through an ACL. 61ec965100Smarks */ 62ec965100Smarks struct yystrings { 63ec965100Smarks char *y_logname; /* user/group name from LOGNAME */ 64ec965100Smarks char *y_perms; /* permssions from PERM_TOK */ 65ec965100Smarks char *y_iflags; /* iflags from INHERIT_TOK */ 66*5f41bf46SMark Shellenbaum char *y_idstr; /* string of appened id */ 67ec965100Smarks } yystrings; 68ec965100Smarks 695a5eeccaSmarks %} 705a5eeccaSmarks 71da6c28aaSamw %e 1500 7294d2b9abSmarks %s TS NS PS AIS AS US ES 73b249c65cSmarks %p 5000 74b249c65cSmarks 755a5eeccaSmarks /* 765a5eeccaSmarks * TS = type state 775a5eeccaSmarks * NS = name state 785a5eeccaSmarks * PS = Permission state 795a5eeccaSmarks * AIS = Allow/deny/inheritance state 8094d2b9abSmarks * AS = Allow state (only used when inheritance detected) 815a5eeccaSmarks * US = UID/GID state 825a5eeccaSmarks * ES = End state 835a5eeccaSmarks */ 845a5eeccaSmarks 85ed78bdc4Smarks ID [0-9]+ 86*5f41bf46SMark Shellenbaum SID S-[^:,\n]+ 87b1a2ca0fSmarks LOGNAME [^:]+: 885a5eeccaSmarks PERM_STR [rRwWxpdDaAcCos-]+ 89da6c28aaSamw INHERIT_STR [fdinFSI-]+ 905a5eeccaSmarks 915a5eeccaSmarks %% 925a5eeccaSmarks 935a5eeccaSmarks <TS>user: { 945a5eeccaSmarks BEGIN NS; 955a5eeccaSmarks yylval.val = USER_TOK; 965a5eeccaSmarks return (ENTRY_TYPE); 975a5eeccaSmarks } 98b249c65cSmarks <TS>usersid: { 99b249c65cSmarks BEGIN NS; 100b249c65cSmarks yylval.val = USER_SID_TOK; 101b249c65cSmarks return (ENTRY_TYPE); 102b249c65cSmarks } 1035a5eeccaSmarks <TS>owner@: { 1045a5eeccaSmarks BEGIN PS; 1055a5eeccaSmarks yylval.val = OWNERAT_TOK; 1065a5eeccaSmarks return (ENTRY_TYPE); 1075a5eeccaSmarks } 1085a5eeccaSmarks <TS>group@: { 1095a5eeccaSmarks BEGIN PS; 1105a5eeccaSmarks yylval.val = GROUPAT_TOK; 1115a5eeccaSmarks return (ENTRY_TYPE); 1125a5eeccaSmarks } 1135a5eeccaSmarks <TS>everyone@: { 1145a5eeccaSmarks BEGIN PS; 1155a5eeccaSmarks yylval.val = EVERYONEAT_TOK; 1165a5eeccaSmarks return (ENTRY_TYPE); 1175a5eeccaSmarks } 1185a5eeccaSmarks <TS>group: { 1195a5eeccaSmarks BEGIN NS; 1205a5eeccaSmarks yylval.val = GROUP_TOK; 1215a5eeccaSmarks return (ENTRY_TYPE); 1225a5eeccaSmarks } 123b249c65cSmarks <TS>groupsid: { 124b249c65cSmarks BEGIN NS; 125b249c65cSmarks yylval.val = GROUP_SID_TOK; 126b249c65cSmarks return (ENTRY_TYPE); 127b249c65cSmarks } 128b249c65cSmarks <TS>sid: { 129b249c65cSmarks BEGIN NS; 130b249c65cSmarks yylval.val = GROUP_SID_TOK; 131b249c65cSmarks return (ENTRY_TYPE); 132b249c65cSmarks } 1335a5eeccaSmarks <TS>mask: { 1345a5eeccaSmarks BEGIN PS; 1355a5eeccaSmarks yylval.val = MASK_TOK; 1365a5eeccaSmarks return (ENTRY_TYPE); 1375a5eeccaSmarks } 1385a5eeccaSmarks <TS>mask:: { 1395a5eeccaSmarks BEGIN PS; 1405a5eeccaSmarks yylval.val = MASK_TOK; 1415a5eeccaSmarks return (ENTRY_TYPE); 1425a5eeccaSmarks } 1435a5eeccaSmarks <TS>other: { 1445a5eeccaSmarks BEGIN PS; 1455a5eeccaSmarks yylval.val = OTHER_TOK; 1465a5eeccaSmarks return (ENTRY_TYPE); 1475a5eeccaSmarks } 1485a5eeccaSmarks <TS>other:: { 1495a5eeccaSmarks BEGIN PS; 1505a5eeccaSmarks yylval.val = OTHER_TOK; 1515a5eeccaSmarks return (ENTRY_TYPE); 1525a5eeccaSmarks } 1535a5eeccaSmarks <TS>defaultuser: { 1545a5eeccaSmarks BEGIN NS; 1555a5eeccaSmarks yylval.val = DEFAULT_USER_TOK; 1565a5eeccaSmarks return (ENTRY_TYPE); 1575a5eeccaSmarks } 1585a5eeccaSmarks <TS>default:user: { 1595a5eeccaSmarks BEGIN NS; 1605a5eeccaSmarks yylval.val = DEFAULT_USER_TOK; 1615a5eeccaSmarks return (ENTRY_TYPE); 1625a5eeccaSmarks } 1635a5eeccaSmarks <TS>defaultgroup: { 1645a5eeccaSmarks BEGIN NS; 1655a5eeccaSmarks yylval.val = DEFAULT_GROUP_TOK; 1665a5eeccaSmarks return (ENTRY_TYPE); 1675a5eeccaSmarks } 1685a5eeccaSmarks <TS>default:group: { 1695a5eeccaSmarks BEGIN NS; 1705a5eeccaSmarks yylval.val = DEFAULT_GROUP_TOK; 1715a5eeccaSmarks return (ENTRY_TYPE); 1725a5eeccaSmarks } 1735a5eeccaSmarks <TS>defaultother: { 1745a5eeccaSmarks BEGIN PS; 1755a5eeccaSmarks yylval.val = DEFAULT_OTHER_TOK; 1765a5eeccaSmarks return (ENTRY_TYPE); 1775a5eeccaSmarks } 1785a5eeccaSmarks <TS>defaultother:: { 1795a5eeccaSmarks BEGIN PS; 1805a5eeccaSmarks yylval.val = DEFAULT_OTHER_TOK; 1815a5eeccaSmarks return (ENTRY_TYPE); 1825a5eeccaSmarks } 1835a5eeccaSmarks <TS>default:other: { 1845a5eeccaSmarks BEGIN PS; 1855a5eeccaSmarks yylval.val = DEFAULT_OTHER_TOK; 1865a5eeccaSmarks return (ENTRY_TYPE); 1875a5eeccaSmarks } 1885a5eeccaSmarks <TS>defaultmask: { 1895a5eeccaSmarks BEGIN PS; 1905a5eeccaSmarks yylval.val = DEFAULT_MASK_TOK; 1915a5eeccaSmarks return (ENTRY_TYPE); 1925a5eeccaSmarks } 1935a5eeccaSmarks <TS>defaultmask:: { 1945a5eeccaSmarks BEGIN PS; 1955a5eeccaSmarks yylval.val = DEFAULT_MASK_TOK; 1965a5eeccaSmarks return (ENTRY_TYPE); 1975a5eeccaSmarks } 1985a5eeccaSmarks <TS>default:mask: { 1995a5eeccaSmarks BEGIN PS; 2005a5eeccaSmarks yylval.val = DEFAULT_MASK_TOK; 2015a5eeccaSmarks return (ENTRY_TYPE); 2025a5eeccaSmarks } 2035a5eeccaSmarks <TS>"\n" { 2045a5eeccaSmarks return (NL); 2055a5eeccaSmarks } 2065a5eeccaSmarks <TS>. { 207e2c4eff1Smarks if (grab_string(":,\n") != 0) { 2085b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2095b233e2dSmarks "Failed to retrieve" 21094d2b9abSmarks " error string.\n")); 2115a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 2125a5eeccaSmarks return (ERROR); 2135a5eeccaSmarks } 2145b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2155b233e2dSmarks "Invalid ACL entry " 21694d2b9abSmarks "type '%s' specified.\n"), yylval.str); 2175a5eeccaSmarks free(yylval.str); 2185a5eeccaSmarks yylval.val = EACL_ENTRY_ERROR; 2195a5eeccaSmarks return (ERROR); 2205a5eeccaSmarks } 2215a5eeccaSmarks <NS>: { 2225a5eeccaSmarks BEGIN PS; 2235a5eeccaSmarks return (COLON); 2245a5eeccaSmarks } 2255a5eeccaSmarks <NS>{LOGNAME} { 2265a5eeccaSmarks yylval.str = strdup(yytext); 2275a5eeccaSmarks if (yylval.str == NULL) { 2285a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 2295a5eeccaSmarks return (ERROR); 2305a5eeccaSmarks } 2315a5eeccaSmarks yylval.str[strlen(yylval.str) -1] = '\0'; 232ec965100Smarks yystrings.y_logname = yylval.str; 2335a5eeccaSmarks BEGIN PS; 2345a5eeccaSmarks return (IDNAME); 2355a5eeccaSmarks } 2365a5eeccaSmarks <NS>"\n" { 2375b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2385b233e2dSmarks "Missing user/group name" 23994d2b9abSmarks " from ACL specification.\n")); 2405a5eeccaSmarks yylval.val = EACL_MISSING_FIELDS; 2415a5eeccaSmarks return (ERROR); 2425a5eeccaSmarks } 2435a5eeccaSmarks <NS>. { 2445a5eeccaSmarks int error; 2455a5eeccaSmarks 246e2c4eff1Smarks error = grab_string(":,\n"); 2475a5eeccaSmarks if (error != 0) { 2485b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2495b233e2dSmarks "Invalid user/group " 25094d2b9abSmarks "name specification.\n")); 2515a5eeccaSmarks yylval.val = EACL_INVALID_USER_GROUP; 2525a5eeccaSmarks } else { 2535b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 2545b233e2dSmarks "User/Group name " 25594d2b9abSmarks "'%s' not specified correctly.\n"), 2565a5eeccaSmarks yylval.str); 2575a5eeccaSmarks free(yylval.str); 2585a5eeccaSmarks yylval.val = EACL_ENTRY_ERROR; 2595a5eeccaSmarks } 2605a5eeccaSmarks return (ERROR); 2615a5eeccaSmarks } 262f92daba9Smarks <PS>read_data/[:/,] { 2635a5eeccaSmarks yylval.val = ACE_READ_DATA; 2645a5eeccaSmarks return (ACE_PERM); 2655a5eeccaSmarks } 266f92daba9Smarks <PS>list_directory/[:/,] { 2675a5eeccaSmarks yylval.val = ACE_LIST_DIRECTORY; 2685a5eeccaSmarks return (ACE_PERM); 2695a5eeccaSmarks } 270f92daba9Smarks <PS>write_data/[:/,] { 2715a5eeccaSmarks yylval.val = ACE_WRITE_DATA; 2725a5eeccaSmarks return (ACE_PERM); 2735a5eeccaSmarks } 274f92daba9Smarks <PS>add_file/[:/,] { 2755a5eeccaSmarks yylval.val = ACE_ADD_FILE; 2765a5eeccaSmarks return (ACE_PERM); 2775a5eeccaSmarks } 278f92daba9Smarks <PS>append_data/[:/,] { 2795a5eeccaSmarks yylval.val = ACE_APPEND_DATA; 2805a5eeccaSmarks return (ACE_PERM); 2815a5eeccaSmarks } 282f92daba9Smarks <PS>add_subdirectory/[:/,] { 2835a5eeccaSmarks yylval.val = ACE_ADD_SUBDIRECTORY; 2845a5eeccaSmarks return (ACE_PERM); 2855a5eeccaSmarks } 286f92daba9Smarks <PS>read_xattr/[:/,] { 2875a5eeccaSmarks yylval.val = ACE_READ_NAMED_ATTRS; 2885a5eeccaSmarks return (ACE_PERM); 2895a5eeccaSmarks } 290f92daba9Smarks <PS>write_xattr/[:/,] { 2915a5eeccaSmarks yylval.val = ACE_WRITE_NAMED_ATTRS; 2925a5eeccaSmarks return (ACE_PERM); 2935a5eeccaSmarks } 294f92daba9Smarks <PS>execute/[:/,] { 2955a5eeccaSmarks yylval.val = ACE_EXECUTE; 2965a5eeccaSmarks return (ACE_PERM); 2975a5eeccaSmarks } 298f92daba9Smarks <PS>delete_child/[:/,] { 2995a5eeccaSmarks yylval.val = ACE_DELETE_CHILD; 3005a5eeccaSmarks return (ACE_PERM); 3015a5eeccaSmarks } 302f92daba9Smarks <PS>read_attributes/[:/,] { 3035a5eeccaSmarks yylval.val = ACE_READ_ATTRIBUTES; 3045a5eeccaSmarks return (ACE_PERM); 3055a5eeccaSmarks } 306f92daba9Smarks <PS>write_attributes/[:/,] { 3075a5eeccaSmarks yylval.val = ACE_WRITE_ATTRIBUTES; 3085a5eeccaSmarks return (ACE_PERM); 3095a5eeccaSmarks } 310f92daba9Smarks <PS>delete/[:/,] { 3115a5eeccaSmarks yylval.val = ACE_DELETE; 3125a5eeccaSmarks return (ACE_PERM); 3135a5eeccaSmarks } 314f92daba9Smarks <PS>read_acl/[:/,] { 3155a5eeccaSmarks yylval.val = ACE_READ_ACL; 3165a5eeccaSmarks return (ACE_PERM); 3175a5eeccaSmarks } 318f92daba9Smarks <PS>write_acl/[:/,] { 3195a5eeccaSmarks yylval.val = ACE_WRITE_ACL; 3205a5eeccaSmarks return (ACE_PERM); 3215a5eeccaSmarks } 322f92daba9Smarks <PS>write_owner/[:/,] { 3235a5eeccaSmarks yylval.val = ACE_WRITE_OWNER; 3245a5eeccaSmarks return (ACE_PERM); 3255a5eeccaSmarks } 326f92daba9Smarks <PS>synchronize/[:/,] { 3275a5eeccaSmarks yylval.val = ACE_SYNCHRONIZE; 3285a5eeccaSmarks return (ACE_PERM); 3295a5eeccaSmarks } 330b249c65cSmarks <PS>read_set/[:/,] { 331b249c65cSmarks yylval.val = ACE_READ_PERMS; 332b249c65cSmarks return (ACE_PERM); 333b249c65cSmarks } 334b249c65cSmarks <PS>write_set/[:/,] { 335b249c65cSmarks yylval.val = ACE_WRITE_PERMS; 336b249c65cSmarks return (ACE_PERM); 337b249c65cSmarks } 338b249c65cSmarks <PS>modify_set/[:/,] { 339b249c65cSmarks yylval.val = ACE_MODIFY_PERMS; 340b249c65cSmarks return (ACE_PERM); 341b249c65cSmarks } 342b249c65cSmarks <PS>full_set/[:/,] { 343b249c65cSmarks yylval.val = ACE_ALL_PERMS; 344b249c65cSmarks return (ACE_PERM); 345b249c65cSmarks } 346e2c4eff1Smarks <PS>{PERM_STR}/[:,\n] { 3475a5eeccaSmarks int c; 3485a5eeccaSmarks 3495a5eeccaSmarks c = input(); 3505a5eeccaSmarks unput(c); 3515a5eeccaSmarks yylval.str = strdup(yytext); 3525a5eeccaSmarks if (yylval.str == NULL) { 3535a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 3545a5eeccaSmarks return (ERROR); 3555a5eeccaSmarks } 356ec965100Smarks yystrings.y_perms = yylval.str; 3575a5eeccaSmarks 3585a5eeccaSmarks /* 3595a5eeccaSmarks * aclent are done after permissions. 3605a5eeccaSmarks */ 3615a5eeccaSmarks if (isdigit(c)) 3625a5eeccaSmarks BEGIN US; 3635a5eeccaSmarks else if (c != ':') 3645a5eeccaSmarks BEGIN ES; 3655a5eeccaSmarks 3665a5eeccaSmarks return (PERM_TOK); 3675a5eeccaSmarks } 3685a5eeccaSmarks <PS>"/:" { 3695b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3705b233e2dSmarks "Invalid permission /: specified.\n")); 3715a5eeccaSmarks yylval.val = EACL_ENTRY_ERROR; 3725a5eeccaSmarks return (ERROR); 3735a5eeccaSmarks } 3745a5eeccaSmarks <PS>: { 3755a5eeccaSmarks int c; 3765a5eeccaSmarks 3775a5eeccaSmarks c = input(); 3785a5eeccaSmarks unput(c); 3795a5eeccaSmarks if (isdigit(c)) 3805a5eeccaSmarks BEGIN (US); 3815a5eeccaSmarks else 3825a5eeccaSmarks BEGIN AIS; 3835a5eeccaSmarks return (COLON); 3845a5eeccaSmarks } 3855a5eeccaSmarks <PS>"/" { 3865a5eeccaSmarks return (SLASH); 3875a5eeccaSmarks } 3885a5eeccaSmarks <PS>"\n" { 3895b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 3905b233e2dSmarks "ACL entry is missing " 39194d2b9abSmarks "permission fields.\n")); 3925a5eeccaSmarks yylval.val = EACL_MISSING_FIELDS; 3935a5eeccaSmarks return (ERROR); 3945a5eeccaSmarks } 395f92daba9Smarks <PS>"," { 396f92daba9Smarks acl_error( 397f92daba9Smarks dgettext(TEXT_DOMAIN, 398f92daba9Smarks "The ',' is not a valid permission field " 399f92daba9Smarks "separator.\nThe comma is used to separate " 400f92daba9Smarks "access control entries.\nSee acl(5) for " 401f92daba9Smarks "examples of specifying ACL entries.\n")); 402f92daba9Smarks yylval.val = EACL_PERM_MASK_ERROR; 403f92daba9Smarks return (ERROR); 404f92daba9Smarks } 4055a5eeccaSmarks <PS>. { 406e2c4eff1Smarks if (grab_string("/:,\n") != 0) { 4075b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4085b233e2dSmarks "Failed to retrieve" 40994d2b9abSmarks " error string.\n")); 4105a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 4115a5eeccaSmarks return (ERROR); 4125a5eeccaSmarks } 4135b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 414e2c4eff1Smarks "Invalid permission(s) '%s' " 41594d2b9abSmarks "specified.\n"), yylval.str); 4165a5eeccaSmarks free(yylval.str); 4175a5eeccaSmarks yylval.val = EACL_PERM_MASK_ERROR; 4185a5eeccaSmarks return (ERROR); 4195a5eeccaSmarks } 42094d2b9abSmarks <AS>allow/[:,\n] { 42194d2b9abSmarks 42294d2b9abSmarks int c; 42394d2b9abSmarks 42494d2b9abSmarks c = input(); 42594d2b9abSmarks unput(c); 42694d2b9abSmarks if (c == ',' || c == '\n') 42794d2b9abSmarks BEGIN ES; 42894d2b9abSmarks else 42994d2b9abSmarks BEGIN US; 43094d2b9abSmarks yylval.val = ACE_ACCESS_ALLOWED_ACE_TYPE; 43194d2b9abSmarks return (ACCESS_TYPE); 43294d2b9abSmarks } 43394d2b9abSmarks <AS>deny/[:,\n] { 43494d2b9abSmarks 43594d2b9abSmarks int c; 43694d2b9abSmarks 43794d2b9abSmarks c = input(); 43894d2b9abSmarks unput(c); 43994d2b9abSmarks if (c == ',' || c == '\n') 44094d2b9abSmarks BEGIN ES; 44194d2b9abSmarks else 44294d2b9abSmarks BEGIN US; 44394d2b9abSmarks 44494d2b9abSmarks yylval.val = ACE_ACCESS_DENIED_ACE_TYPE; 44594d2b9abSmarks return (ACCESS_TYPE); 44694d2b9abSmarks } 447da6c28aaSamw <AS>audit/[:,\n] { 448da6c28aaSamw int c; 449da6c28aaSamw 450da6c28aaSamw c = input(); 451da6c28aaSamw unput(c); 452da6c28aaSamw if (c == ',' || c == '\n') 453da6c28aaSamw BEGIN ES; 454da6c28aaSamw else 455da6c28aaSamw BEGIN US; 456da6c28aaSamw 457da6c28aaSamw yylval.val = ACE_SYSTEM_AUDIT_ACE_TYPE; 458da6c28aaSamw return (ACCESS_TYPE); 459da6c28aaSamw } 460da6c28aaSamw <AS>alarm/[:,\n] { 461da6c28aaSamw int c; 462da6c28aaSamw 463da6c28aaSamw c = input(); 464da6c28aaSamw unput(c); 465da6c28aaSamw if (c == ',' || c == '\n') 466da6c28aaSamw BEGIN ES; 467da6c28aaSamw else 468da6c28aaSamw BEGIN US; 469da6c28aaSamw 470da6c28aaSamw yylval.val = ACE_SYSTEM_ALARM_ACE_TYPE; 471da6c28aaSamw return (ACCESS_TYPE); 472da6c28aaSamw } 47394d2b9abSmarks <AS>: { 47494d2b9abSmarks 4755b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4765b233e2dSmarks "Invalid Access type " 47794d2b9abSmarks "specified.\nThe field is blank, when" 47894d2b9abSmarks " it should be either allow or deny.\n")); 47994d2b9abSmarks yylval.val = EACL_INVALID_ACCESS_TYPE; 48094d2b9abSmarks return (ERROR); 48194d2b9abSmarks } 48294d2b9abSmarks <AS>"\n" { 4835b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4845b233e2dSmarks "ACL access type must be specified.\n")); 48594d2b9abSmarks yylval.val = EACL_INVALID_ACCESS_TYPE; 48694d2b9abSmarks return (ERROR); 48794d2b9abSmarks } 48894d2b9abSmarks <AS>. { 48994d2b9abSmarks if (yytext[0] != '\n' && yytext[0] != '\0') { 490e2c4eff1Smarks if (grab_string(":,\n") != 0) { 4915b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 4925b233e2dSmarks "Failed to " 49394d2b9abSmarks "retrieve error " 49494d2b9abSmarks "string.\n")); 49594d2b9abSmarks yylval.val = EACL_MEM_ERROR; 49694d2b9abSmarks return (ERROR); 49794d2b9abSmarks } 49894d2b9abSmarks acl_error( 4995b233e2dSmarks dgettext(TEXT_DOMAIN, 5005b233e2dSmarks "Invalid access " 50194d2b9abSmarks "type '%s' specified.\n"), 50294d2b9abSmarks yylval.str); 50394d2b9abSmarks } else { 50494d2b9abSmarks acl_error( 5055b233e2dSmarks dgettext(TEXT_DOMAIN, 5065b233e2dSmarks "No access " 50794d2b9abSmarks "type specified.\n"), yylval.str); 50894d2b9abSmarks } 50994d2b9abSmarks 51094d2b9abSmarks free(yylval.str); 51194d2b9abSmarks yylval.val = EACL_INVALID_ACCESS_TYPE; 51294d2b9abSmarks return (ERROR); 51394d2b9abSmarks } 5145a5eeccaSmarks <AIS>allow/[:,\n] { 5155a5eeccaSmarks 5165a5eeccaSmarks int c; 5175a5eeccaSmarks 5185a5eeccaSmarks c = input(); 51994d2b9abSmarks unput(c); 5205a5eeccaSmarks if (c == ',' || c == '\n') 5215a5eeccaSmarks BEGIN ES; 52294d2b9abSmarks else 52394d2b9abSmarks BEGIN US; 5245a5eeccaSmarks yylval.val = ACE_ACCESS_ALLOWED_ACE_TYPE; 5255a5eeccaSmarks return (ACCESS_TYPE); 5265a5eeccaSmarks } 5275a5eeccaSmarks <AIS>deny/[:,\n] { 5285a5eeccaSmarks 5295a5eeccaSmarks int c; 5305a5eeccaSmarks 5315a5eeccaSmarks c = input(); 53294d2b9abSmarks unput(c); 5335a5eeccaSmarks if (c == ',' || c == '\n') 5345a5eeccaSmarks BEGIN ES; 53594d2b9abSmarks else 53694d2b9abSmarks BEGIN US; 53794d2b9abSmarks 5385a5eeccaSmarks yylval.val = ACE_ACCESS_DENIED_ACE_TYPE; 5395a5eeccaSmarks return (ACCESS_TYPE); 5405a5eeccaSmarks } 541da6c28aaSamw <AIS>audit/[:,\n] { 542da6c28aaSamw int c; 543da6c28aaSamw 544da6c28aaSamw c = input(); 545da6c28aaSamw unput(c); 546da6c28aaSamw if (c == ',' || c == '\n') 547da6c28aaSamw BEGIN ES; 548da6c28aaSamw else 549da6c28aaSamw BEGIN US; 550da6c28aaSamw 551da6c28aaSamw yylval.val = ACE_SYSTEM_AUDIT_ACE_TYPE; 552da6c28aaSamw return (ACCESS_TYPE); 553da6c28aaSamw } 554da6c28aaSamw <AIS>alarm/[:,\n] { 555da6c28aaSamw 556da6c28aaSamw int c; 557da6c28aaSamw 558da6c28aaSamw c = input(); 559da6c28aaSamw unput(c); 560da6c28aaSamw if (c == ',' || c == '\n') 561da6c28aaSamw BEGIN ES; 562da6c28aaSamw else 563da6c28aaSamw BEGIN US; 564da6c28aaSamw 565da6c28aaSamw yylval.val = ACE_SYSTEM_ALARM_ACE_TYPE; 566da6c28aaSamw return (ACCESS_TYPE); 567da6c28aaSamw } 568f92daba9Smarks <AIS>file_inherit/[:/,] { 5695a5eeccaSmarks yylval.val = ACE_FILE_INHERIT_ACE; 5705a5eeccaSmarks return (ACE_INHERIT); 5715a5eeccaSmarks } 572f92daba9Smarks <AIS>dir_inherit/[:/,] { 5735a5eeccaSmarks yylval.val = ACE_DIRECTORY_INHERIT_ACE; 5745a5eeccaSmarks return (ACE_INHERIT); 5755a5eeccaSmarks } 576f92daba9Smarks <AIS>no_propagate/[/:,] { 5775a5eeccaSmarks yylval.val = ACE_NO_PROPAGATE_INHERIT_ACE; 5785a5eeccaSmarks return (ACE_INHERIT); 5795a5eeccaSmarks } 580f92daba9Smarks <AIS>inherit_only/[/:,] { 5815a5eeccaSmarks yylval.val = ACE_INHERIT_ONLY_ACE; 5825a5eeccaSmarks return (ACE_INHERIT); 5835a5eeccaSmarks } 584da6c28aaSamw 585da6c28aaSamw <AIS>successful_access/[/:,] { 586da6c28aaSamw yylval.val = ACE_SUCCESSFUL_ACCESS_ACE_FLAG; 587da6c28aaSamw return (ACE_INHERIT); 588da6c28aaSamw } 589da6c28aaSamw <AIS>failed_access/[/:,] { 590da6c28aaSamw yylval.val = ACE_FAILED_ACCESS_ACE_FLAG; 591da6c28aaSamw return (ACE_INHERIT); 592da6c28aaSamw } 593da6c28aaSamw <AIS>inherited/[/:,] { 594da6c28aaSamw yylval.val = ACE_INHERITED_ACE; 595da6c28aaSamw return (ACE_INHERIT); 596da6c28aaSamw } 59794d2b9abSmarks <AIS>{INHERIT_STR}/[:] { 5985a5eeccaSmarks yylval.str = strdup(yytext); 5995a5eeccaSmarks if (yylval.str == NULL) { 6005a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 6015a5eeccaSmarks return (ERROR); 6025a5eeccaSmarks } 603ec965100Smarks yystrings.y_iflags = yylval.str; 6045a5eeccaSmarks return (INHERIT_TOK); 6055a5eeccaSmarks } 6065a5eeccaSmarks <AIS>: { 60794d2b9abSmarks /* 60894d2b9abSmarks * Only inheritance fields should hit this. 60994d2b9abSmarks * allow/deny fields match on ":" as part 61094d2b9abSmarks * of the regexp. 61194d2b9abSmarks */ 61294d2b9abSmarks BEGIN AS; 6135a5eeccaSmarks return (COLON); 6145a5eeccaSmarks } 6155a5eeccaSmarks <AIS>"/" { 6165a5eeccaSmarks return (SLASH); 6175a5eeccaSmarks } 6185a5eeccaSmarks <AIS>"\n" { 6195a5eeccaSmarks acl_error( 6205b233e2dSmarks dgettext(TEXT_DOMAIN, 6215b233e2dSmarks "Invalid ACL specification." 62294d2b9abSmarks "\nWas expecting to find" 62394d2b9abSmarks " access type or inheritance flags.\n"), 62494d2b9abSmarks yylval.str); 6255a5eeccaSmarks yylval.val = EACL_UNKNOWN_DATA; 6265a5eeccaSmarks return (ERROR); 6275a5eeccaSmarks } 628f92daba9Smarks <AIS>"," { 629f92daba9Smarks acl_error( 630f92daba9Smarks dgettext(TEXT_DOMAIN, 631f92daba9Smarks "The ',' is not a valid inheritance field " 632f92daba9Smarks "separator.\nThe comma is used to separate " 633f92daba9Smarks "access control entries.\nSee acl(5) for " 634f92daba9Smarks "examples of specifying ACL entries.\n")); 635f92daba9Smarks yylval.val = EACL_INVALID_ACCESS_TYPE; 636f92daba9Smarks return (ERROR); 637f92daba9Smarks } 6385a5eeccaSmarks <AIS>. { 6395a5eeccaSmarks if (yytext[0] != '\n' && yytext[0] != '\0') { 640e2c4eff1Smarks if (grab_string(":,\n") != 0) { 6415b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 6425b233e2dSmarks "Failed to " 64394d2b9abSmarks "retrieve error " 64494d2b9abSmarks "string.\n")); 6455a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 6465a5eeccaSmarks return (ERROR); 6475a5eeccaSmarks } 6485a5eeccaSmarks acl_error( 6495b233e2dSmarks dgettext(TEXT_DOMAIN, 6505b233e2dSmarks "Invalid inheritance or" 65194d2b9abSmarks " access type '%s' specified.\n"), 6525a5eeccaSmarks yylval.str); 6535a5eeccaSmarks } else { 6545a5eeccaSmarks acl_error( 6555b233e2dSmarks dgettext(TEXT_DOMAIN, 6565b233e2dSmarks "No inheritance or " 65794d2b9abSmarks "access type specified.\n"), 6585a5eeccaSmarks yylval.str); 6595a5eeccaSmarks } 6605a5eeccaSmarks 6615a5eeccaSmarks free(yylval.str); 6625a5eeccaSmarks yylval.val = EACL_INVALID_ACCESS_TYPE; 6635a5eeccaSmarks return (ERROR); 6645a5eeccaSmarks } 665e2c4eff1Smarks <US>{ID}/[,\n] { 6665a5eeccaSmarks BEGIN ES; 667*5f41bf46SMark Shellenbaum yylval.str = strdup(yytext); 668*5f41bf46SMark Shellenbaum if (yylval.str == NULL) { 669*5f41bf46SMark Shellenbaum yylval.val = EACL_MEM_ERROR; 670*5f41bf46SMark Shellenbaum return (ERROR); 671*5f41bf46SMark Shellenbaum } 672*5f41bf46SMark Shellenbaum yystrings.y_idstr = yylval.str; 6735a5eeccaSmarks return (ID); 6745a5eeccaSmarks } 675*5f41bf46SMark Shellenbaum <US>{SID}/[,\n] { 676*5f41bf46SMark Shellenbaum BEGIN ES; 677*5f41bf46SMark Shellenbaum yylval.str = strdup(yytext); 678*5f41bf46SMark Shellenbaum if (yylval.str == NULL) { 679*5f41bf46SMark Shellenbaum yylval.val = EACL_MEM_ERROR; 680*5f41bf46SMark Shellenbaum return (ERROR); 681*5f41bf46SMark Shellenbaum } 682*5f41bf46SMark Shellenbaum yystrings.y_idstr = yylval.str; 683*5f41bf46SMark Shellenbaum return (SID); 684*5f41bf46SMark Shellenbaum } 68594d2b9abSmarks <US>: { 68694d2b9abSmarks return (COLON); 68794d2b9abSmarks } 68894d2b9abSmarks <US>{INHERIT_STR} { /* 68994d2b9abSmarks * Catch specific error to produce 69094d2b9abSmarks * nice message for users who are trying 69194d2b9abSmarks * to use old syntax format which had 69294d2b9abSmarks * inheritance flags as the last field. 69394d2b9abSmarks */ 6945b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 6955b233e2dSmarks "Access type should be final" 69694d2b9abSmarks " field in ACL specification.\n")); 69794d2b9abSmarks yylval.val = EACL_ENTRY_ERROR; 69894d2b9abSmarks return (ERROR); 69994d2b9abSmarks } 7005a5eeccaSmarks <US>. { 7015a5eeccaSmarks if (grab_string(",\n") != 0) { 7025b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 7035b233e2dSmarks "Failed to retrieve" 70494d2b9abSmarks " error string.\n")); 7055a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 7065a5eeccaSmarks return (ERROR); 7075a5eeccaSmarks } 7085a5eeccaSmarks acl_error( 7095b233e2dSmarks dgettext(TEXT_DOMAIN, 7105b233e2dSmarks "Invalid data ':%s' specified" 71194d2b9abSmarks " on end of ACL.\n"), yylval.str); 7125a5eeccaSmarks free(yylval.str); 7135a5eeccaSmarks yylval.val = EACL_ENTRY_ERROR; 7145a5eeccaSmarks return (ERROR); 7155a5eeccaSmarks } 7165a5eeccaSmarks <US>"\n" { 7175b233e2dSmarks acl_error(dgettext(TEXT_DOMAIN, 7185b233e2dSmarks "Missing fields in ACL " 71994d2b9abSmarks "specification.\nWas expecting to find " 72094d2b9abSmarks "uid/gid.\n")); 7215a5eeccaSmarks yylval.val = EACL_ENTRY_ERROR; 7225a5eeccaSmarks return (ERROR); 7235a5eeccaSmarks } 7245a5eeccaSmarks <ES>"," { 7255a5eeccaSmarks BEGIN TS; 7265a5eeccaSmarks return (COMMA); 7275a5eeccaSmarks } 7285a5eeccaSmarks <ES>. { 729e2c4eff1Smarks if (grab_string("/:,\n") != 0) { 7305a5eeccaSmarks acl_error( 7315b233e2dSmarks dgettext(TEXT_DOMAIN, 7325b233e2dSmarks "Failed to retrieve error" 73394d2b9abSmarks " string.\n")); 7345a5eeccaSmarks yylval.val = EACL_MEM_ERROR; 7355a5eeccaSmarks return (ERROR); 7365a5eeccaSmarks } 7375a5eeccaSmarks acl_error( 7385b233e2dSmarks dgettext(TEXT_DOMAIN, 7395b233e2dSmarks "Unrecognized data '%s' found" 74094d2b9abSmarks " in ACL specification.\n"), yylval.str); 7415a5eeccaSmarks free(yylval.str); 7425a5eeccaSmarks yylval.val = EACL_UNKNOWN_DATA; 7435a5eeccaSmarks return (ERROR); 7445a5eeccaSmarks } 7455a5eeccaSmarks <ES>"\n" { 7465a5eeccaSmarks return (NL); 7475a5eeccaSmarks } 7485a5eeccaSmarks %% 7495a5eeccaSmarks 7505a5eeccaSmarks 7515a5eeccaSmarks /* 752e2c4eff1Smarks * Pull string up to terminator off of input string. 7535a5eeccaSmarks * used for retrieving illegal data in ACL specification. 754e2c4eff1Smarks * 755e2c4eff1Smarks * The first set of characters is retrieved from yytext. 756da6c28aaSamw * subsequent characters are pulled from the input stream, 757e2c4eff1Smarks * until either EOF or one of the requested terminators is scene. 758e2c4eff1Smarks * Result is returned in yylval.str which is malloced. 7595a5eeccaSmarks */ 7605a5eeccaSmarks int 7615a5eeccaSmarks grab_string(char *terminators) 7625a5eeccaSmarks { 7635a5eeccaSmarks int c; 7645a5eeccaSmarks int done = 0; 7655a5eeccaSmarks int cnt; 7665a5eeccaSmarks int alloced; 7675a5eeccaSmarks int error = 0; 7685a5eeccaSmarks char *ptr; 7695a5eeccaSmarks 7705a5eeccaSmarks cnt = strlen(yytext); 7715a5eeccaSmarks yylval.str = calloc(cnt + 1, sizeof (char)); 7725a5eeccaSmarks if (yylval.str == NULL) { 7735a5eeccaSmarks return (1); 7745a5eeccaSmarks } 7755a5eeccaSmarks alloced = cnt + 1; 7765a5eeccaSmarks strcpy(yylval.str, yytext); 7775a5eeccaSmarks 7785a5eeccaSmarks do { 7795a5eeccaSmarks c = input(); 7805a5eeccaSmarks if (c == EOF) 7815a5eeccaSmarks break; 7825a5eeccaSmarks 7835a5eeccaSmarks for (ptr = terminators; *ptr; ptr++) { 7845a5eeccaSmarks if (c == *ptr) { 7855a5eeccaSmarks done = 1; 7865a5eeccaSmarks break; 7875a5eeccaSmarks } 7885a5eeccaSmarks } 7895a5eeccaSmarks 7905a5eeccaSmarks if (done) 7915a5eeccaSmarks break; 7925a5eeccaSmarks 793e2c4eff1Smarks if (cnt + 1 >= alloced) { 7945a5eeccaSmarks yylval.str = realloc(yylval.str, 7955a5eeccaSmarks alloced + 80); 7965a5eeccaSmarks alloced += 80; 7975a5eeccaSmarks if (yylval.str == NULL) 7985a5eeccaSmarks return (1); 7995a5eeccaSmarks 8005a5eeccaSmarks memset(yylval.str + cnt, 0, 8015a5eeccaSmarks alloced - strlen(yylval.str)); 8025a5eeccaSmarks } 8035a5eeccaSmarks yylval.str[strlen(yylval.str)] = c; 8045a5eeccaSmarks cnt++; 8055a5eeccaSmarks } while (!done); 8065a5eeccaSmarks 8075a5eeccaSmarks return (error); 8085a5eeccaSmarks } 8095a5eeccaSmarks 8105a5eeccaSmarks static int 8115a5eeccaSmarks input(void) 8125a5eeccaSmarks { 8135a5eeccaSmarks int c; 8145a5eeccaSmarks 8155a5eeccaSmarks c = yybuf[yybufpos++]; 8165a5eeccaSmarks if (c == '\0') { 8175a5eeccaSmarks return (EOF); 8185a5eeccaSmarks } 8195a5eeccaSmarks 8205a5eeccaSmarks return (c); 8215a5eeccaSmarks } 8225a5eeccaSmarks 8235a5eeccaSmarks static void 8245a5eeccaSmarks unput(int c) 8255a5eeccaSmarks { 8265a5eeccaSmarks if (c == '\0') { 8275a5eeccaSmarks return; 8285a5eeccaSmarks } 8295a5eeccaSmarks 8305a5eeccaSmarks if (yybufpos > 0) { 8315a5eeccaSmarks --yybufpos; 8325a5eeccaSmarks } 8335a5eeccaSmarks } 8345a5eeccaSmarks 8355a5eeccaSmarks /* 8365a5eeccaSmarks * return ACE entry type 8375a5eeccaSmarks */ 8385a5eeccaSmarks int 8395a5eeccaSmarks ace_entry_type(int type) 8405a5eeccaSmarks { 8415a5eeccaSmarks int ret = -1; 8425a5eeccaSmarks switch (type) { 8435a5eeccaSmarks case USER_TOK: 844b249c65cSmarks case USER_SID_TOK: 8455a5eeccaSmarks ret = 0; 8465a5eeccaSmarks break; 8475a5eeccaSmarks case GROUP_TOK: 848b249c65cSmarks case GROUP_SID_TOK: 8495a5eeccaSmarks ret = ACE_IDENTIFIER_GROUP; 8505a5eeccaSmarks break; 8515a5eeccaSmarks case OWNERAT_TOK: 8525a5eeccaSmarks ret = ACE_OWNER; 8535a5eeccaSmarks break; 8545a5eeccaSmarks case GROUPAT_TOK: 8555a5eeccaSmarks ret = ACE_IDENTIFIER_GROUP | ACE_GROUP; 8565a5eeccaSmarks break; 8575a5eeccaSmarks case EVERYONEAT_TOK: 8585a5eeccaSmarks ret = ACE_EVERYONE; 8595a5eeccaSmarks break; 8605a5eeccaSmarks } 8615a5eeccaSmarks return (ret); 8625a5eeccaSmarks } 8635a5eeccaSmarks 8645a5eeccaSmarks 8655a5eeccaSmarks /* 8665a5eeccaSmarks * return aclent entry type 8675a5eeccaSmarks */ 8685a5eeccaSmarks int 8695a5eeccaSmarks aclent_entry_type(int type, int owning, int *ret) 8705a5eeccaSmarks { 8715a5eeccaSmarks 8725a5eeccaSmarks *ret = 0; 8735a5eeccaSmarks 8745a5eeccaSmarks switch (type) { 8755a5eeccaSmarks case USER_TOK: 8765a5eeccaSmarks *ret = (owning == 0) ? USER : USER_OBJ; 8775a5eeccaSmarks break; 8785a5eeccaSmarks case GROUP_TOK: 8795a5eeccaSmarks *ret = (owning == 0) ? GROUP : GROUP_OBJ; 8805a5eeccaSmarks break; 8815a5eeccaSmarks case OTHER_TOK: 8825a5eeccaSmarks *ret = OTHER_OBJ; 8835a5eeccaSmarks break; 8845a5eeccaSmarks case MASK_TOK: 8855a5eeccaSmarks *ret = CLASS_OBJ; 8865a5eeccaSmarks break; 8875a5eeccaSmarks case DEFAULT_USER_TOK: 8885a5eeccaSmarks *ret = (owning == 0) ? DEF_USER : DEF_USER_OBJ; 8895a5eeccaSmarks break; 8905a5eeccaSmarks case DEFAULT_GROUP_TOK: 8915a5eeccaSmarks *ret = (owning == 0) ? DEF_GROUP : DEF_GROUP_OBJ; 8925a5eeccaSmarks break; 8935a5eeccaSmarks case DEFAULT_MASK_TOK: 8945a5eeccaSmarks *ret = DEF_CLASS_OBJ; 8955a5eeccaSmarks break; 8965a5eeccaSmarks case DEFAULT_OTHER_TOK: 8975a5eeccaSmarks *ret = DEF_OTHER_OBJ; 8985a5eeccaSmarks break; 8995a5eeccaSmarks default: 9005a5eeccaSmarks return (EACL_ENTRY_ERROR); 9015a5eeccaSmarks } 9025a5eeccaSmarks 9035a5eeccaSmarks return (0); 9045a5eeccaSmarks } 9055a5eeccaSmarks 9065a5eeccaSmarks /* 9075a5eeccaSmarks * convert string into numeric id. 9085a5eeccaSmarks */ 9095a5eeccaSmarks static int 910b249c65cSmarks acl_str_to_id(char *str, uid_t *id) 9115a5eeccaSmarks { 9125a5eeccaSmarks char *end; 9135a5eeccaSmarks uid_t value; 9145a5eeccaSmarks 915ee519a1fSgjelinek errno = 0; 916da6c28aaSamw value = strtoul(str, &end, 10); 9175a5eeccaSmarks 9185a5eeccaSmarks if (errno != 0 || *end != '\0') 9195a5eeccaSmarks return (EACL_INVALID_USER_GROUP); 9205a5eeccaSmarks 9215a5eeccaSmarks *id = value; 9225a5eeccaSmarks 9235a5eeccaSmarks return (0); 9245a5eeccaSmarks } 9255a5eeccaSmarks 9265a5eeccaSmarks /* 9275a5eeccaSmarks * determine either uid/gid for given entry type 9285a5eeccaSmarks */ 9295a5eeccaSmarks int 930b249c65cSmarks get_id(int entry_type, char *name, uid_t *id) 9315a5eeccaSmarks { 9325a5eeccaSmarks struct passwd *pw; 9335a5eeccaSmarks struct group *gr; 934b249c65cSmarks int error = 0; 9355a5eeccaSmarks 936b249c65cSmarks switch (entry_type) { 937b249c65cSmarks case USER_TOK: 938b249c65cSmarks case DEFAULT_USER_TOK: 939b249c65cSmarks if ((error = acl_str_to_id(name, id)) == 0) 940b249c65cSmarks break; 9415a5eeccaSmarks pw = getpwnam(name); 9425a5eeccaSmarks if (pw) { 9435a5eeccaSmarks *id = pw->pw_uid; 944e9dd6a75Smarks error = 0; 9455a5eeccaSmarks } 946b249c65cSmarks break; 947b249c65cSmarks 948b249c65cSmarks case GROUP_TOK: 949b249c65cSmarks case DEFAULT_GROUP_TOK: 950b249c65cSmarks if ((error = acl_str_to_id(name, id)) == 0) 951b249c65cSmarks break; 9525a5eeccaSmarks gr = getgrnam(name); 9535a5eeccaSmarks if (gr) { 9545a5eeccaSmarks *id = gr->gr_gid; 955e9dd6a75Smarks error = 0; 956e9dd6a75Smarks } 957b249c65cSmarks break; 958b249c65cSmarks case USER_SID_TOK: 959b249c65cSmarks if (sid_to_id(name, B_TRUE, id)) 960b249c65cSmarks error = EACL_INVALID_USER_GROUP; 961b249c65cSmarks break; 962b249c65cSmarks 963b249c65cSmarks case GROUP_SID_TOK: 964b249c65cSmarks if (sid_to_id(name, B_FALSE, id)) 965b249c65cSmarks error = EACL_INVALID_USER_GROUP; 966b249c65cSmarks break; 9675a5eeccaSmarks } 9685a5eeccaSmarks 9695a5eeccaSmarks return (error); 9705a5eeccaSmarks } 971b249c65cSmarks 972*5f41bf46SMark Shellenbaum int 973*5f41bf46SMark Shellenbaum get_id_nofail(int entry_type, char *name) 974*5f41bf46SMark Shellenbaum { 975*5f41bf46SMark Shellenbaum uid_t id; 976*5f41bf46SMark Shellenbaum 977*5f41bf46SMark Shellenbaum if (get_id(entry_type, name, &id)) 978*5f41bf46SMark Shellenbaum return (UID_NOBODY); 979*5f41bf46SMark Shellenbaum else 980*5f41bf46SMark Shellenbaum return (id); 981*5f41bf46SMark Shellenbaum } 982*5f41bf46SMark Shellenbaum 9835a5eeccaSmarks /* 9845a5eeccaSmarks * reset beginning state to TS and set character position 9855a5eeccaSmarks * back to zero. 9865a5eeccaSmarks */ 9875a5eeccaSmarks void 9885a5eeccaSmarks yyreset() 9895a5eeccaSmarks { 9905a5eeccaSmarks yybufpos = 0; 991ec965100Smarks memset(&yystrings, 0, sizeof (yystrings)); 9925a5eeccaSmarks BEGIN TS; 9935a5eeccaSmarks } 9945a5eeccaSmarks 995ec965100Smarks void 996ec965100Smarks yycleanup() 997ec965100Smarks { 998ec965100Smarks if (yystrings.y_logname) 999ec965100Smarks free(yystrings.y_logname); 1000ec965100Smarks if (yystrings.y_perms) 1001ec965100Smarks free(yystrings.y_perms); 1002ec965100Smarks if (yystrings.y_iflags) 1003ec965100Smarks free(yystrings.y_iflags); 1004*5f41bf46SMark Shellenbaum if (yystrings.y_idstr) 1005*5f41bf46SMark Shellenbaum free(yystrings.y_idstr); 1006ec965100Smarks yystrings.y_logname = NULL; 1007ec965100Smarks yystrings.y_perms = NULL; 1008ec965100Smarks yystrings.y_iflags = NULL; 1009*5f41bf46SMark Shellenbaum yystrings.y_idstr = NULL; 1010ec965100Smarks } 1011