Lines Matching refs:allzone

118  * the privilege that is required, and the "allzone" parameter indicates
128 * For (1), priv should be set to the specific privilege, and allzone
130 * For (2), priv should be set to the specific privilege, and allzone
132 * For (3), priv should be set to PRIV_ALL, and allzone should be set
326 priv_policy_override(const cred_t *cr, int priv, boolean_t allzone, va_list ap)
336 } else if (allzone) {
373 priv_policy_err(const cred_t *cr, int priv, boolean_t allzone, const char *msg)
377 audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 0);
378 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
382 if (allzone && !HAS_ALLZONEPRIVS(cr)) {
394 * See block comment above for a description of "priv" and "allzone" usage.
397 priv_policy_ap(const cred_t *cr, int priv, boolean_t allzone, int err,
400 if ((HAS_PRIVILEGE(cr, priv) && (!allzone || HAS_ALLZONEPRIVS(cr))) ||
402 priv_policy_override(cr, priv, allzone, ap) == 0)) {
403 if ((allzone || priv == PRIV_ALL ||
409 allzone ? ZONEPRIVS(cr) : NULL, 1);
412 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
415 priv_policy_err(cr, priv, allzone, msg);
421 priv_policy_va(const cred_t *cr, int priv, boolean_t allzone, int err,
428 ret = priv_policy_ap(cr, priv, allzone, err, msg, ap);
435 priv_policy(const cred_t *cr, int priv, boolean_t allzone, int err,
438 return (priv_policy_va(cr, priv, allzone, err, msg, KLPDARG_NONE));
445 priv_policy_choice(const cred_t *cr, int priv, boolean_t allzone)
448 (!allzone || HAS_ALLZONEPRIVS(cr));
452 (allzone || priv == PRIV_ALL || !PRIV_ISASSERT(priv_basic, priv)) &&
454 audit_priv(priv, allzone ? ZONEPRIVS(cr) : NULL, 1);
457 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
459 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
468 priv_policy_only(const cred_t *cr, int priv, boolean_t allzone)
471 (!allzone || HAS_ALLZONEPRIVS(cr));
474 DTRACE_PROBE2(priv__ok, int, priv, boolean_t, allzone);
476 DTRACE_PROBE2(priv__err, int, priv, boolean_t, allzone);
669 boolean_t allzone = B_FALSE;
682 return (priv_policy_va(cr, PRIV_SYS_MOUNT, allzone, EPERM,
717 allzone = B_TRUE;
735 return (priv_policy_va(cr, PRIV_SYS_MOUNT, allzone, EPERM,
937 boolean_t allzone;
940 allzone = B_TRUE;
942 allzone = B_FALSE;
943 if (priv_policy_va(cr, PRIV_FILE_DAC_WRITE, allzone, EACCES,
1000 boolean_t allzone;
1003 allzone = B_TRUE;
1005 allzone = B_FALSE;
1006 if (priv_policy_va(cr, PRIV_FILE_DAC_WRITE, allzone, EACCES,
1050 boolean_t allzone = B_FALSE;
1066 allzone = owner == 0;
1069 if (PRIV_POLICY_CHOICE(cr, priv, allzone))
1087 boolean_t allzone = B_TRUE;
1092 allzone = B_FALSE;
1094 return (PRIV_POLICY(cr, PRIV_FILE_SETID, allzone, EPERM, NULL));
1141 boolean_t allzone = B_FALSE;
1145 allzone = (owner == 0);
1152 return (PRIV_POLICY(cred, priv, allzone, EPERM, NULL));
1193 * allzone privilege needed when modifying root owned object.
1235 boolean_t allzone = (owner == 0);
1240 return (PRIV_POLICY(cr, PRIV_FILE_OWNER, allzone, EPERM, NULL));
1527 boolean_t allzone = B_FALSE;
1529 allzone = B_TRUE;
1530 return (PRIV_POLICY(cr, PRIV_IPC_OWNER, allzone, EPERM, NULL));
1545 boolean_t allzone = B_FALSE;
1550 PRIV_POLICY(cr, PRIV_IPC_DAC_READ, allzone, EACCES, NULL) != 0)
1555 allzone = B_TRUE;
1557 return (PRIV_POLICY(cr, PRIV_IPC_DAC_WRITE, allzone, EACCES,
1566 boolean_t allzone = B_FALSE;
1571 PRIV_POLICY(cr, PRIV_IPC_DAC_READ, allzone, EACCES, NULL) != 0)
1576 allzone = B_TRUE;
1578 return (PRIV_POLICY(cr, PRIV_IPC_DAC_WRITE, allzone, EACCES,
1659 boolean_t allzone = B_FALSE;
1663 allzone = B_TRUE;
1666 return (checkonly ? !PRIV_POLICY_ONLY(cr, PRIV_PROC_SETID, allzone) :
1667 PRIV_POLICY(cr, PRIV_PROC_SETID, allzone, EPERM, NULL));
1679 boolean_t allzone = B_FALSE;
1683 allzone = B_TRUE;
1685 return (PRIV_POLICY(scr, PRIV_PROC_OWNER, allzone, EPERM, NULL));