sh_policy.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 1999-2001 by Sun Microsystems, Inc.
* All rights reserved.
*
* Policy backing functions for kpolicy=suser,profiles=yes
*
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <grp.h>
#include <pwd.h>
#include <strings.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <stdlib.h>
#include "sh_policy.h"
static const char *username;
/*
* get the ruid and passwd name
*/
void
secpolicy_init(void)
{
struct passwd *passwd_ent;
}
}
/*
* stuff pfexec full path at the begining of the argument vector
* for the command to be pfexec'd
*
* return newly allocated argv on success, else return NULL.
*/
static char **
secpolicy_set_argv(char **arg_v)
{
register int i, j;
register int arglen = 0;
return (pfarg_v);
}
for (i = 0; arg_v[i] != 0; i++) {
}
arglen++; /* for null termination */
return (pfarg_v);
}
for (i = 0, j = 1; arg_v[i] != 0; i++, j++) {
}
pfarg_v[j] = 0;
return (pfarg_v);
}
/*
* gets realpath for cmd.
* return 0 on success, else return ENOENT.
*/
static int
{
register char *mover;
char cwd[MAXPATHLEN];
/*
* What about relative paths? Were we passed one?
*/
if (*mover != '/') {
/*
* Everything in here will be considered a relative
* path, and therefore we need to prepend cwd to it.
*/
}
return (ENOENT);
}
}
/*
* Resolve ".." and other such nonsense.
* Now, is there *REALLY* a file there?
*/
return (ENOENT);
}
return (0);
}
/*
* check if the command has execution attributes
* return -
* - NOATTRS : command in profile but has no execution attributes
* - ENOMEM : memory allocation errors
* - ENOENT : command not in profile
*/
int
{
return (status);
}
/*
* command not in profile
*/
return (ENOENT);
}
/*
* In case of "All" profile, we'd go through pfexec
* if it had any attributes.
*/
/*
* command in profile and has attributes
*/
errno = 0;
} else {
(char *const *)xecenv);
}
} else {
}
} else {
/*
* command in profile, but has no attributes
*/
}
return (status);
}