RETURN(0);
if (is_project_state_change(oattr, la)) {
- if (!md_capable(uc, CAP_SYS_RESOURCE) &&
+ if (!cap_raised(uc->uc_cap, CAP_SYS_RESOURCE) &&
!lustre_in_group_p(uc, ma->ma_enable_chprojid_gid) &&
!(ma->ma_enable_chprojid_gid == -1 &&
mdd_permission_internal(env, obj, oattr, MAY_WRITE)))
(LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL);
if ((uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CAP_FOWNER))
+ !cap_raised(uc->uc_cap, CAP_FOWNER))
RETURN(-EPERM);
/* The IMMUTABLE and APPEND_ONLY flags can
* only be changed by the relevant capability. */
if ((oldflags ^ newflags) &&
- !md_capable(uc, CAP_LINUX_IMMUTABLE))
+ !cap_raised(uc->uc_cap, CAP_LINUX_IMMUTABLE))
RETURN(-EPERM);
if (!S_ISDIR(oattr->la_mode)) {
if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) &&
!(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) {
if ((uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CAP_FOWNER)) {
+ !cap_raised(uc->uc_cap, CAP_FOWNER)) {
rc = mdd_permission_internal(env, obj, oattr,
MAY_WRITE);
if (rc)
if (la->la_valid & LA_MODE) {
if (!(flags & MDS_PERM_BYPASS) &&
(uc->uc_fsuid != oattr->la_uid) &&
- !md_capable(uc, CAP_FOWNER))
+ !cap_raised(uc->uc_cap, CAP_FOWNER))
RETURN(-EPERM);
if (la->la_mode == (umode_t) -1)
/* Also check the setgid bit! */
if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ?
la->la_gid : oattr->la_gid) &&
- !md_capable(uc, CAP_FSETID))
+ !cap_raised(uc->uc_cap, CAP_FSETID))
la->la_mode &= ~S_ISGID;
} else {
la->la_mode = oattr->la_mode;
la->la_uid = oattr->la_uid;
if (((uc->uc_fsuid != oattr->la_uid) ||
(la->la_uid != oattr->la_uid)) &&
- !md_capable(uc, CAP_CHOWN))
+ !cap_raised(uc->uc_cap, CAP_CHOWN))
RETURN(-EPERM);
/* If the user or group of a non-directory has been
if (((uc->uc_fsuid != oattr->la_uid) ||
((la->la_gid != oattr->la_gid) &&
!lustre_in_group_p(uc, la->la_gid))) &&
- !md_capable(uc, CAP_CHOWN))
+ !cap_raised(uc->uc_cap, CAP_CHOWN))
RETURN(-EPERM);
/* Likewise, if the user or group of a non-directory
* can write attributes. */
if (S_ISDIR(attr->la_mode) && (attr->la_mode & S_ISVTX) &&
(uc->uc_fsuid != attr->la_uid) &&
- !md_capable(uc, CAP_FOWNER))
+ !cap_raised(uc->uc_cap, CAP_FOWNER))
RETURN(-EPERM);
} else if (strcmp(name, XATTR_NAME_SOM) != 0 &&
(uc->uc_fsuid != attr->la_uid) &&
- !md_capable(uc, CAP_FOWNER)) {
+ !cap_raised(uc->uc_cap, CAP_FOWNER)) {
RETURN(-EPERM);
}
check_capabilities:
if (!(may_mask & MAY_EXEC) ||
(la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode))
- if (md_capable(uc, CAP_DAC_OVERRIDE))
+ if (cap_raised(uc->uc_cap, CAP_DAC_OVERRIDE))
RETURN(0);
if ((may_mask == MAY_READ) ||
(S_ISDIR(la->la_mode) && !(may_mask & MAY_WRITE)))
- if (md_capable(uc, CAP_DAC_READ_SEARCH))
+ if (cap_raised(uc->uc_cap, CAP_DAC_READ_SEARCH))
RETURN(0);
CDEBUG(D_SEC, "permission denied, mode %x, fsuid %u, uid %u\n",
uc = lu_ucred_assert(env);
if (cattr->la_uid != uc->uc_fsuid &&
- !md_capable(uc, CAP_FOWNER))
+ !cap_raised(uc->uc_cap, CAP_FOWNER))
rc = -EPERM;
}
git://git.whamcloud.com / fs / lustre-release.git / commitdiff