acl.h revision 1eb4e906ec75b9bde421954ace46ef137b0fc9eb
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2014 Garrett D'Amore <garrett@damore.org>
*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
#ifndef _SYS_ACL_H
#define _SYS_ACL_H
#include <sys/acl_impl.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct acl {
int a_type; /* the type of ACL entry */
} aclent_t;
typedef struct ace {
} ace_t;
/*
* The following are Defined types for an aclent_t.
*/
/* default object owner */
/* default additional users */
/* default owning group */
/* default additional groups */
/* default mask entry */
/* default other entry */
/*
* The following are defined for ace_t.
*
* Note, these are intentionally the same as the Windows
* "File Access Rights Constants" you can find on MSDN.
* (See also: "Standard Access Rights" on MSDN).
*
* The equivalent Windows names for these are just like
* those show below, with FILE_ in place of ACE_, except
* as noted below. Also note that Windows uses a special
* privilege: BYPASS_TRAVERSE_CHECKING, normally granted
* to everyone, that causes the absence of ACE_TRAVERSE
* to be ignored.
*/
/*
* Some of the following are the same as Windows uses. (but NOT ALL!)
* See the "ACE_HEADER" structure description on MSDN for details.
* Comments show relations to the MSDN names.
*/
#define ACE_SUCCESSFUL_ACCESS_ACE_FLAG 0x0010
#define ACE_FAILED_ACCESS_ACE_FLAG 0x0020
#define ACE_IDENTIFIER_GROUP 0x0040
#define ACE_OWNER 0x1000
#define ACE_GROUP 0x2000
#define ACE_EVERYONE 0x4000
/* These four are the same as Windows, but with an ACE_ prefix added. */
#define ACE_ACCESS_ALLOWED_ACE_TYPE 0x0000
#define ACE_ACCESS_DENIED_ACE_TYPE 0x0001
#define ACE_SYSTEM_AUDIT_ACE_TYPE 0x0002
#define ACE_SYSTEM_ALARM_ACE_TYPE 0x0003
#define ACL_AUTO_INHERIT 0x0001
#define ACL_PROTECTED 0x0002
#define ACL_DEFAULTED 0x0004
/*
* These are only applicable in a CIFS context.
* Here again, same as Windows, but with an ACE_ prefix added.
*/
#define ACE_ACCESS_ALLOWED_COMPOUND_ACE_TYPE 0x04
#define ACE_ACCESS_ALLOWED_OBJECT_ACE_TYPE 0x05
#define ACE_ACCESS_DENIED_OBJECT_ACE_TYPE 0x06
#define ACE_SYSTEM_AUDIT_OBJECT_ACE_TYPE 0x07
#define ACE_SYSTEM_ALARM_OBJECT_ACE_TYPE 0x08
#define ACE_ACCESS_ALLOWED_CALLBACK_ACE_TYPE 0x09
#define ACE_ACCESS_DENIED_CALLBACK_ACE_TYPE 0x0A
#define ACE_ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE 0x0B
#define ACE_ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE 0x0C
#define ACE_SYSTEM_AUDIT_CALLBACK_ACE_TYPE 0x0D
#define ACE_SYSTEM_ALARM_CALLBACK_ACE_TYPE 0x0E
#define ACE_SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE 0x0F
#define ACE_SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE 0x10
#define ACE_ALL_TYPES 0x001F
#ifdef _KERNEL
typedef struct ace_object {
} ace_object_t;
#endif
/*
* The following flags are supported by both NFSv4 ACLs and ace_t.
*/
#define ACE_NFSV4_SUP_FLAGS (ACE_FILE_INHERIT_ACE | \
#define ACE_INHERIT_FLAGS (ACE_FILE_INHERIT_ACE| \
/* cmd args to acl(2) for aclent_t */
#define GETACL 1
#define SETACL 2
#define GETACLCNT 3
/* cmd's to manipulate ace acls. */
#define ACE_GETACL 4
#define ACE_SETACL 5
#define ACE_GETACLCNT 6
/* minimal acl entries from GETACLCNT */
#define MIN_ACL_ENTRIES 4
#if !defined(_KERNEL)
/* acl check errors */
#define GRP_ERROR 1
#define USER_ERROR 2
#define OTHER_ERROR 3
#define CLASS_ERROR 4
#define DUPLICATE_ERROR 5
#define MISS_ERROR 6
#define MEM_ERROR 7
#define ENTRY_ERROR 8
/*
* similar to ufs_acl.h: changed to char type for user commands (tar, cpio)
* Attribute types
*/
/*
* flag to [f]acl_get()
* controls whether a trivial acl should be returned.
*/
#define ACL_NO_TRIVIAL 0x2
/*
* Flags to control acl_totext()
*/
/*
* Legacy aclcheck errors for aclent_t ACLs
*/
#define EACL_GRP_ERROR GRP_ERROR
#define EACL_USER_ERROR USER_ERROR
#define EACL_OTHER_ERROR OTHER_ERROR
#define EACL_CLASS_ERROR CLASS_ERROR
#define EACL_DUPLICATE_ERROR DUPLICATE_ERROR
#define EACL_MISS_ERROR MISS_ERROR
#define EACL_MEM_ERROR MEM_ERROR
#define EACL_ENTRY_ERROR ENTRY_ERROR
extern aclent_t *aclfromtext(char *, int *);
extern int acl_trivial(const char *);
extern char *acl_totext(acl_t *, int);
extern int acl_fromtext(const char *, acl_t **);
#else /* !defined(_KERNEL) */
extern int cmp2acls(void *, void *);
#endif /* !defined(_KERNEL) */
#ifdef __cplusplus
}
#endif
#endif /* _SYS_ACL_H */