ptools/psecflags/psecflags.c

d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe/*
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * This file and its contents are supplied under the terms of the
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * Common Development and Distribution License ("CDDL"), version 1.0.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * You may only use this file in accordance with the terms of version
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * 1.0 of the CDDL.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe *
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * A full copy of the text of the CDDL should have accompanied this
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * source.  A copy of the CDDL is also available via the Internet at
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * http://www.illumos.org/license/CDDL.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe/* Copyright 2015, Richard Lowe. */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <err.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <errno.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <grp.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <libintl.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <procfs.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <project.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <pwd.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <stdio.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <stdlib.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <string.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <sys/secflags.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <sys/types.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <libproc.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe#include <libzonecfg.h>
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Loweextern const char *__progname;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowestatic void
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Loweprint_flags(const char *set, secflagset_t flags)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe{
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    char buf[1024];
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    secflags_to_str(flags, buf, sizeof (buf));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    (void) printf("\t%s:\t%s\n", set, buf);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe}
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe/*
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * Structure defining idtypes known to the priocntl command
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * along with the corresponding names.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe * The idtype values themselves are defined in <sys/procset.h>.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowestatic struct idtypes {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    idtype_t    type;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    char        *name;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe} idtypes [] = {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_ALL,    "all"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_CTID,   "contract"  },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_CTID,   "ctid"      },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_GID,    "gid"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_GID,    "group"     },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_PGID,   "pgid"      },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_PID,    "pid"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_PPID,   "ppid"      },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_PROJID, "project"   },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_PROJID, "projid"    },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_SID,    "session",  },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_SID,    "sid"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_SID,    "sid"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_TASKID, "taskid"    },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_UID,    "uid"       },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_UID,    "user"      },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_ZONEID, "zone"      },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { P_ZONEID, "zoneid"    },
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    { 0,        NULL        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe};
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowestatic int
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowestr2idtype(char *idtypnm, idtype_t *idtypep)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe{
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    struct idtypes  *curp;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    for (curp = idtypes; curp->name != NULL; curp++) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if (strncasecmp(curp->name, idtypnm,
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            strlen(curp->name)) == 0) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            *idtypep = curp->type;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            return (0);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    return (-1);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe}
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowestatic id_t
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowegetid(idtype_t type, char *value)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe{
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    struct passwd *pwd;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    struct group *grp;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    id_t ret;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    char *endp;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    switch (type) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    case P_UID:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if ((pwd = getpwnam(value)) != NULL)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            return (pwd->pw_uid);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    case P_GID:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if ((grp = getgrnam(value)) != NULL)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            return (grp->gr_gid);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    case P_PROJID:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if ((ret = getprojidbyname(value)) != (id_t)-1)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            return (ret);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    case P_ZONEID:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if (zone_get_id(value, &ret) == 0)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            return (ret);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    default:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    errno = 0;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    ret = (id_t)strtoul(value, &endp, 10);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if ((errno != 0) || (*endp != '\0'))
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        return ((id_t)-1);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    return (ret);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe}
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Loweint
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowemain(int argc, char **argv)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe{
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    secflagdelta_t act;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    psecflagwhich_t which = PSF_INHERIT;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    int ret = 0;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    int pgrab_flags = PGRAB_RDONLY;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    int opt;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    char *idtypename = NULL;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    idtype_t idtype = P_PID;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    boolean_t usage = B_FALSE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    boolean_t e_flag = B_FALSE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    boolean_t l_flag = B_FALSE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    boolean_t s_flag = B_FALSE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    int errc = 0;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    while ((opt = getopt(argc, argv, "eFi:ls:")) != -1) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        switch (opt) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 'e':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            e_flag = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 'F':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            pgrab_flags |= PGRAB_FORCE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 'i':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            idtypename = optarg;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 's':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            s_flag = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            if ((strlen(optarg) >= 2) &&
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                ((optarg[1] == '='))) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                switch (optarg[0]) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                case 'L':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    which = PSF_LOWER;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                case 'U':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    which = PSF_UPPER;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                case 'I':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    which = PSF_INHERIT;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                case 'E':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    errx(1, "the effective flags cannot "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                        "be changed", optarg[0]);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                default:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    errx(1, "unknown security flag "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                        "set: '%c'", optarg[0]);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                optarg += 2;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            if (secflags_parse(NULL, optarg, &act) == -1)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                errx(1, "couldn't parse security flags: %s",
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    optarg);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 'l':
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            l_flag = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        default:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            usage = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    argc -= optind;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    argv += optind;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if (l_flag && ((idtypename != NULL) || s_flag || (argc != 0)))
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        usage = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if ((idtypename != NULL) && !s_flag)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        usage = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if (e_flag && !s_flag)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        usage = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if (!l_flag && argc <= 0)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        usage = B_TRUE;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if (usage) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) fprintf(stderr,
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            gettext("usage:\t%s [-F] { pid | core } ...\n"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            __progname);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) fprintf(stderr,
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            gettext("\t%s -s spec [-i idtype] id ...\n"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            __progname);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) fprintf(stderr,
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            gettext("\t%s -s spec -e command [arg]...\n"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            __progname);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) fprintf(stderr, gettext("\t%s -l\n"), __progname);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        return (2);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    if (l_flag) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        secflag_t i;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        const char *name;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        for (i = 0; (name = secflag_to_str(i)) != NULL; i++)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            (void) printf("%s\n", name);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        return (0);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    } else if (s_flag && e_flag) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        /*
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe         * Don't use the strerror() message for EPERM, "Not Owner"
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe         * which is misleading.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe         */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        errc = psecflags(P_PID, P_MYID, which, &act);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        switch (errc) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case 0:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        case EPERM:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            errx(1, gettext("failed setting "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                "security-flags: Permission denied"));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        default:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            err(1, gettext("failed setting security-flags"));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) execvp(argv[0], &argv[0]);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        err(1, "%s", argv[0]);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    } else if (s_flag) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        int i;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        id_t id;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if (idtypename != NULL)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            if (str2idtype(idtypename, &idtype) == -1)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                errx(1, gettext("No such id type: '%s'"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    idtypename);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        for (i = 0; i < argc; i++) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            if ((id = getid(idtype, argv[i])) == (id_t)-1) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                errx(1, gettext("invalid or non-existent "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    "identifier: '%s'"), argv[i]);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            /*
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe             * Don't use the strerror() message for EPERM, "Not
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe             * Owner" which is misleading.
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe             */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            if (psecflags(idtype, id, which, &act) != 0) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                switch (errno) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                case EPERM:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    errx(1, gettext("failed setting "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                        "security-flags: "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                        "Permission denied"));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    break;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                default:
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                    err(1, gettext("failed setting "
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                        "security-flags"));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        return (0);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    /* Display the flags for the given pids */
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    while (argc-- > 0) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        struct ps_prochandle *Pr;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        const char *arg;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        psinfo_t psinfo;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        prsecflags_t *psf;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        int gcode;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if ((Pr = proc_arg_grab(arg = *argv++, PR_ARG_ANY,
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            pgrab_flags, &gcode)) == NULL) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            warnx(gettext("cannot examine %s: %s"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                arg, Pgrab_error(gcode));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            ret = 1;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            continue;
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        (void) memcpy(&psinfo, Ppsinfo(Pr), sizeof (psinfo_t));
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        proc_unctrl_psinfo(&psinfo);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if (Pstate(Pr) == PS_DEAD) {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            (void) printf(gettext("core '%s' of %d:\t%.70s\n"),
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                arg, (int)psinfo.pr_pid, psinfo.pr_psargs);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        } else {
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            (void) printf("%d:\t%.70s\n",
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe                (int)psinfo.pr_pid, psinfo.pr_psargs);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        if (Psecflags(Pr, &psf) != 0)
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe            err(1, gettext("cannot read secflags of %s"), arg);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        print_flags("E", psf->pr_effective);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        print_flags("I", psf->pr_inherit);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        print_flags("L", psf->pr_lower);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        print_flags("U", psf->pr_upper);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        Psecflags_free(psf);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe        Prelease(Pr, 0);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    }
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe    return (ret);
d2a70789f056fc6c9ce3ab047b52126d80b0e3daRichard Lowe}