2 * This Cplant(TM) source code is the property of Sandia National
5 * This Cplant(TM) source code is copyrighted by Sandia National
8 * The redistribution of this Cplant(TM) source code is subject to the
9 * terms of the GNU Lesser General Public License
10 * (see cit/LGPL or http://www.gnu.org/licenses/lgpl.html)
12 * Cplant(TM) Copyright 1998-2006 Sandia Corporation.
13 * Under the terms of Contract DE-AC04-94AL85000, there is a non-exclusive
14 * license for use of this work by or on behalf of the US Government.
15 * Export of this program may require a license from the United States
20 * This library is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU Lesser General Public
22 * License as published by the Free Software Foundation; either
23 * version 2.1 of the License, or (at your option) any later version.
25 * This library is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
28 * Lesser General Public License for more details.
30 * You should have received a copy of the GNU Lesser General Public
31 * License along with this library; if not, write to the Free Software
32 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
34 * Questions or comments about this library should be sent to:
37 * Sandia National Laboratories, New Mexico
39 * Albuquerque, NM 87185-1110
48 #include <sys/types.h>
50 #include <sys/queue.h>
56 #include "sysio-symbols.h"
59 * Use a persistent buffer for gids. No, not a cache. We just want to
60 * avoid calling malloc over, and over, and...
62 static gid_t *gids = NULL;
63 static int gidslen = 0;
66 * Check given access type on given inode.
69 _sysio_check_permission(struct pnode *pno, struct creds *crp, int amode)
74 struct intnl_stat *stat;
82 if ((amode & (R_OK|W_OK|X_OK)) != amode)
96 ino = pno->p_base->pb_ino;
99 err = -EACCES; /* assume error */
100 stat = &ino->i_stbuf;
105 if (stat->st_uid == crp->creds_uid) {
106 if ((stat->st_mode & mask) == mask)
116 gids = crp->creds_gids;
117 ngids = crp->creds_ngids;
120 if (stat->st_gid == *gids++) {
122 if ((stat->st_mode & mask) == mask)
133 if ((stat->st_mode & mask) == mask)
140 * Check for RO access to the file due to mount
143 if (amode & W_OK && IS_RDONLY(pno))
153 _sysio_ldgroups(gid_t gid0, gid_t **gidsp, int *gidslenp)
165 * This is far more expensive than I would like. Each time
166 * called it has to go to some length to acquire the
167 * current uid and groups membership. We can't just cache
168 * the result, either. The caller could have altered something
169 * asynchronously. Wish we had easy access to this info.
172 p = realloc(*gidsp, (size_t )n * sizeof(gid_t));
179 i = getgroups(n - 1, *gidsp + 1);
194 * Get current credentials.
197 _sysio_ldcreds(uid_t uid, gid_t gid, struct creds *crp)
201 n = _sysio_ldgroups(gid, &gids, &gidslen);
204 crp->creds_uid = uid;
205 crp->creds_gids = gids;
206 crp->creds_ngids = n;
212 _sysio_getcreds(struct creds *crp)
215 return _sysio_ldcreds(getuid(), getgid(), crp);
219 * Determine if a given access is permitted to a given file.
222 _sysio_permitted(struct pnode *pno, int amode)
227 err = _sysio_ldcreds(geteuid(), getegid(), &cr);
230 err = _sysio_check_permission(pno, &cr, amode);
234 #ifdef ZERO_SUM_MEMORY
236 * Clean up persistent resource on shutdown.
239 _sysio_access_shutdown()
250 SYSIO_INTERFACE_NAME(access)(const char *path, int amode)
252 struct intent intent;
257 SYSIO_INTERFACE_DISPLAY_BLOCK;
259 SYSIO_INTERFACE_ENTER;
261 INTENT_INIT(&intent, INT_GETATTR, NULL, NULL);
262 err = _sysio_namei(_sysio_cwd, path, 0, &intent, &pno);
264 SYSIO_INTERFACE_RETURN(-1, err);
265 err = _sysio_ldcreds(geteuid(), getegid(), &cr);
269 _sysio_check_permission(pno, &cr, amode);
272 SYSIO_INTERFACE_RETURN(err ? -1 : 0, err);
277 sysio_sym_weak_alias(SYSIO_INTERFACE_NAME(access),
278 PREPEND(__, SYSIO_INTERFACE_NAME(access)))
git://git.whamcloud.com / fs / lustre-release.git / blob