GENFS(9) | Kernel Developer's Manual | GENFS(9) |
genfs
—
#include <miscfs/genfs/genfs.h>
int
genfs_can_access
(enum
vtype type, mode_t
file_mode, uid_t
uid, gid_t gid,
mode_t acc_mode,
kauth_cred_t cred);
int
genfs_can_chflags
(kauth_cred_t
cred, enum vtype
type, uid_t
owner_uid, bool
changing_sysflags);
int
genfs_can_chmod
(enum
vtype type, kauth_cred_t
cred, uid_t
cur_uid, gid_t
cur_gid, mode_t
new_mode);
int
genfs_can_chown
(kauth_cred_t
cred, uid_t
cur_uid, gid_t
cur_gid, uid_t
new_uid, gid_t
new_gid);
int
genfs_can_chtimes
(vnode_t
*vp, u_int vaflags,
uid_t owner_uid,
kauth_cred_t cred);
int
genfs_can_extattr
(kauth_cred_t
cred, int
access_mode, vnode_t
*vp, const char
*attr);
int
genfs_can_sticky
(kauth_cred_t
cred, uid_t
dir_uid, uid_t
file_uid);
In other words, these functions are not meant to be called directly. They are intended to be used in kauth(9) vnode scope authorization calls, for providing the fall-back file system decision.
As a rule of thumb, code that looks like this is wrong:
error = genfs_can_foo(...); /* WRONG */
While code that looks like this is right:
error = kauth_authorize_vnode(..., genfs_can_foo(...));
genfs_can_access
(enum vtype
type, mode_t file_mode, uid_t
uid, gid_t gid, mode_t
acc_mode, kauth_cred_t cred)genfs_can_chflags
(kauth_cred_t
cred, enum vtype type, uid_t
owner_uid, bool changing_sysflags)genfs_can_chmod
(enum vtype
type, kauth_cred_t cred, uid_t
cur_uid, gid_t cur_gid, mode_t
new_mode)genfs_can_chown
(kauth_cred_t
cred, uid_t cur_uid, gid_t
cur_gid, uid_t new_uid, gid_t
new_gid)genfs_can_chtimes
(vnode_t
*vp, u_int vaflags, uid_t
owner_uid, kauth_cred_t cred)genfs_can_extattr
(kauth_cred_t
cred, int access_mode, vnode_t
*vp, const char *attr)genfs_can_sticky
(kauth_cred_t
cred, uid_t dir_uid, uid_t
file_uid)March 1, 2012 | NetBSD 9.0 |