xref: /titanic_54/usr/src/head/exec_attr.h (revision 7c478bd95313f5f23a4c958a745db2134aa03244)

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 1999-2003 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

#ifndef	_EXEC_ATTR_H
#define	_EXEC_ATTR_H

#pragma ident	"%Z%%M%	%I%	%E% SMI"

#ifdef	__cplusplus
extern "C" {
#endif


#include <sys/types.h>
#include <secdb.h>


#define	EXECATTR_FILENAME		"/etc/security/exec_attr"
#define	EXECATTR_DB_NAME		"exec_attr.org_dir"
#define	EXECATTR_DB_NCOL		7	/* total columns */
#define	EXECATTR_DB_NKEYCOL		3	/* total searchable columns */
#define	EXECATTR_DB_TBLT		"exec_attr_tbl"
#define	EXECATTR_NAME_DEFAULT_KW	"nobody"

#define	EXECATTR_COL0_KW		"name"
#define	EXECATTR_COL1_KW		"policy"
#define	EXECATTR_COL2_KW		"type"
#define	EXECATTR_COL3_KW		"res1"
#define	EXECATTR_COL4_KW		"res2"
#define	EXECATTR_COL5_KW		"id"
#define	EXECATTR_COL6_KW		"attr"

/*
 * indices of searchable columns
 */
#define	EXECATTR_KEYCOL0		0	/* name */
#define	EXECATTR_KEYCOL1		1	/* policy */
#define	EXECATTR_KEYCOL2		5	/* id */


/*
 * Some macros used internally by the nsswitch code
 */

#define	GET_ONE		0	/* get only one exec_attr from list */
#define	GET_ALL		1	/* get all matching exec_attrs in list */


/*
 * Key words used in the exec_attr database
 */
#define	EXECATTR_EUID_KW	"euid"
#define	EXECATTR_EGID_KW	"egid"
#define	EXECATTR_UID_KW		"uid"
#define	EXECATTR_GID_KW		"gid"
#define	EXECATTR_LPRIV_KW	"limitprivs"
#define	EXECATTR_IPRIV_KW	"privs"

/*
 * Nsswitch representation of execution attributes.
 */
typedef struct execstr_s {
	char   *name;		/* profile name */
	char   *policy;		/* suser/rbac/tsol */
	char   *type;		/* cmd/act */
	char   *res1;		/* reserved for future use */
	char   *res2;		/* reserved for future use */
	char   *id;		/* unique ID */
	char   *attr;		/* string of key-value pair attributes */
	struct execstr_s *next;	/* pointer to next entry */
} execstr_t;

typedef struct execattr_s {
	char   *name;		/* profile name */
	char   *policy;		/* suser/rbac/tsol */
	char   *type;		/* cmd/act */
	char   *res1;		/* reserved for future use */
	char   *res2;		/* reserved for future use */
	char   *id;		/* unique ID */
	kva_t  *attr;		/* array of key-value pair attributes */
	struct execattr_s *next;	/* pointer to next entry */
} execattr_t;

typedef struct __private_execattr {
	const char *name;
	const char *type;
	const char *id;
	const char *policy;
	int search_flag;
	execstr_t *head_exec;
	execstr_t *prev_exec;
} _priv_execattr;		/* Un-supported. For Sun internal use only */


#ifdef    __STDC__
extern execattr_t *getexecattr(void);
extern execattr_t *getexecuser(const char *, const char *, const char *, int);
extern execattr_t *getexecprof(const char *, const char *, const char *, int);
extern execattr_t *match_execattr(execattr_t *, const char *, const char *, \
	const char *);
extern void free_execattr(execattr_t *);
extern void setexecattr(void);
extern void endexecattr(void);

#else				/* not __STDC__ */

extern execattr_t *getexecattr();
extern execattr_t *getexecuser();
extern execattr_t *getexecprof();
extern execattr_t *match_execattr();
extern void setexecattr();
extern void endexecattr();
extern void free_execattr();
#endif

#ifdef __cplusplus
}
#endif

#endif	/* _EXEC_ATTR_H */