130 _is_local(uid_t uid)
135 	    statbuf.st_uid == uid)
142  * Checks if the user with the specified uid has the specified authorization
145 _is_authorized(char *auths, uid_t uid)
158 	if (getpwuid_r(uid, &pw_ent, pw_buf, sizeof (pw_buf)) == NULL)
180 _is_dev_authorized(devalloc_t *da, uid_t uid)
190 		return (_is_authorized(auth_list, uid));
191 	if (_is_local(uid)) {
201 	ares = _is_authorized(auth_list, uid);
303 _list_device(int optflag, uid_t uid, devalloc_t *da, char *zonename)
363 	is_authorized = _is_dev_authorized(da, uid);
386 			if (_check_label(da, zonename, uid,
400 		if (fi.fi_stat.st_uid != uid) {
409 			if (_check_label(da, zonename, uid,
426 			} else if (fi.fi_stat.st_uid != uid) {
438 				if (_check_label(da, zonename, uid,
459 			if (_check_label(da, zonename, uid,
488 list_devices(int optflag, uid_t uid, char *device, char *zonename)
511 		    !_is_authorized(DEFAULT_DEV_ALLOC_AUTH, uid))
561 					(void) _list_device(optflag, uid, da,
574 			error = _list_device(optflag, uid, da, zonename);
582 			(void) _list_device(optflag, uid, da, zonename);
696 mk_alloc(devmap_t *list, uid_t uid, struct zone_path *zpath)
709 		if ((error = _newdac(*file, uid, gid, mode)) != 0) {
722 			if ((error = _newdac(zpath->path[i], uid, gid,
891 exec_clean(int optflag, char *devname, char *path, uid_t uid, char *zonename,
922 	if (getpwuid_r(uid, &pw_ent, pw_buf, sizeof (pw_buf)) == NULL)
999 _deallocate_dev(int optflag, devalloc_t *da, devmap_t *dm_in, uid_t uid,
1058 	is_authorized = _is_dev_authorized(da, uid);
1065 		dprintf("User %d is unauthorized to deallocate\n", (int)uid);
1076 		    _check_label(da, zonename, uid, CHECK_URANGE) != 0) {
1081 	if (!(optflag & FORCE) && stat_buf.st_uid != uid &&
1128 	 * pass the owner's uid to the cleaning script.
1130 	nuid = (stat_buf.st_uid == uid) ? uid : stat_buf.st_uid;
1149 _allocate_dev(int optflag, uid_t uid, devalloc_t *da, char *zonename,
1210 	is_authorized = _is_dev_authorized(da, uid);
1216 		dprintf("User %d is unauthorized to allocate\n", (int)uid);
1225 		if (_check_label(da, zonename, uid, CHECK_DRANGE) != 0) {
1240 			if (_deallocate_dev(dealloc_optflag, da, dm, uid,
1247 		} else if (stat_buf.st_uid == uid) {
1265 		error = exec_clean(optflag, da->da_devname, da->da_devexec, uid,
1303 	if ((error = mk_alloc(dm, uid, &zpath)) != 0) {
1309 		if ((error = _newdac(file_name, uid, getgid(),
1353 allocate(int optflag, uid_t uid, char *device, char *zonename)
1378 			error = _allocate_dev(optflag, uid, da, zonename,
1404 		error = _allocate_dev(optflag, uid, da, zonename, &lock_fd);
1431 deallocate(int optflag, uid_t uid, char *device, char *zonename)
1459 			error = _deallocate_dev(optflag, da, NULL, uid,
1482 			error = _deallocate_dev(optflag, da, NULL, uid,
1504 				error = _deallocate_dev(optflag, da, NULL, uid,
1533 		error = _deallocate_dev(optflag, da, NULL, uid, zonename,
1591 _check_label(devalloc_t *da, char *zonename, uid_t uid, int flag)
1652 		if (getpwuid_r(uid, &pw_ent, pw_buf, sizeof (pw_buf)) == NULL) {
1654 			    (int)uid);
1660 			    (int)uid);
1671 			dprintf("out of user %d label range\n", (int)uid);

Indexes created Tue Jul 24 14:28:13 CEST 2018