本文整理汇总了C++中crgetuid函数的典型用法代码示例。如果您正苦于以下问题:C++ crgetuid函数的具体用法?C++ crgetuid怎么用?C++ crgetuid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了crgetuid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: zfs_sticky_remove_access
/*
* Decide whether it is okay to remove within a sticky directory.
*
* In sticky directories, write access is not sufficient;
* you can remove entries from a directory only if:
*
* you own the directory,
* you own the entry,
* the entry is a plain file and you have write access,
* or you are privileged (checked in secpolicy...).
*
* The function returns 0 if remove access is granted.
*/
int
zfs_sticky_remove_access(znode_t *zdp, znode_t *zp, cred_t *cr)
{
uid_t uid;
uid_t downer;
uid_t fowner;
zfsvfs_t *zfsvfs = ZTOZSB(zdp);
if (zfsvfs->z_replay)
return (0);
if ((zdp->z_mode & S_ISVTX) == 0)
return (0);
downer = zfs_fuid_map_id(zfsvfs, KUID_TO_SUID(ZTOI(zdp)->i_uid),
cr, ZFS_OWNER);
fowner = zfs_fuid_map_id(zfsvfs, KUID_TO_SUID(ZTOI(zp)->i_uid),
cr, ZFS_OWNER);
if ((uid = crgetuid(cr)) == downer || uid == fowner ||
(S_ISDIR(ZTOI(zp)->i_mode) &&
zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr) == 0))
return (0);
else
return (secpolicy_vnode_remove(cr));
}示例2: zfs_fuid_map_id
uid_t
zfs_fuid_map_id(zfsvfs_t *zfsvfs, uint64_t fuid,
cred_t *cr, zfs_fuid_type_t type)
{
#ifdef HAVE_ZPL
uint32_t index = FUID_INDEX(fuid);
const char *domain;
uid_t id;
if (index == 0)
return (fuid);
domain = zfs_fuid_find_by_idx(zfsvfs, index);
ASSERT(domain != NULL);
if (type == ZFS_OWNER || type == ZFS_ACE_USER) {
(void) kidmap_getuidbysid(crgetzone(cr), domain,
FUID_RID(fuid), &id);
} else {
(void) kidmap_getgidbysid(crgetzone(cr), domain,
FUID_RID(fuid), &id);
}
return (id);
#endif
if(type == ZFS_OWNER || type == ZFS_ACE_USER)
return (crgetuid(cr));
else
return (crgetgid(cr));
}示例3: zfs_sticky_remove_access
/*
* Decide whether it is okay to remove within a sticky directory.
*
* In sticky directories, write access is not sufficient;
* you can remove entries from a directory only if:
*
* you own the directory,
* you own the entry,
* the entry is a plain file and you have write access,
* or you are privileged (checked in secpolicy...).
*
* The function returns 0 if remove access is granted.
*/
int
zfs_sticky_remove_access(znode_t *zdp, znode_t *zp, cred_t *cr)
{
#ifdef HAVE_ZPL
uid_t uid;
uid_t downer;
uid_t fowner;
zfsvfs_t *zfsvfs = zdp->z_zfsvfs;
if (zdp->z_zfsvfs->z_replay)
return (0);
if ((zdp->z_mode & S_ISVTX) == 0)
return (0);
downer = zfs_fuid_map_id(zfsvfs, zdp->z_uid, cr, ZFS_OWNER);
fowner = zfs_fuid_map_id(zfsvfs, zp->z_uid, cr, ZFS_OWNER);
if ((uid = crgetuid(cr)) == downer || uid == fowner ||
(ZTOV(zp)->v_type == VREG &&
zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr) == 0))
return (0);
else
return (secpolicy_vnode_remove(cr));
#endif
return 0;
}示例4: xdr_authloopback
/*
* XDR loopback unix auth parameters.
* NOTE: this is an XDR_ENCODE only routine.
*/
bool_t
xdr_authloopback(XDR *xdrs)
{
uid_t uid;
gid_t gid;
int len;
caddr_t groups;
char *name = uts_nodename();
struct cred *cr;
time_t now;
if (xdrs->x_op != XDR_ENCODE)
return (FALSE);
cr = CRED();
uid = crgetuid(cr);
gid = crgetgid(cr);
len = crgetngroups(cr);
groups = (caddr_t)crgetgroups(cr);
now = gethrestime_sec();
if (xdr_uint32(xdrs, (uint32_t *)&now) &&
xdr_string(xdrs, &name, MAX_MACHINE_NAME) &&
xdr_uid_t(xdrs, &uid) &&
xdr_gid_t(xdrs, &gid) &&
xdr_array(xdrs, &groups, (uint_t *)&len, NGRPS_LOOPBACK,
sizeof (int), (xdrproc_t)xdr_int))
return (TRUE);
return (FALSE);
}示例5: spa_history_log
/*
* Write out a history event.
*/
int
spa_history_log(spa_t *spa, const char *history_str, history_log_type_t what)
{
history_arg_t *ha;
int err = 0;
dmu_tx_t *tx;
ASSERT(what != LOG_INTERNAL);
tx = dmu_tx_create_dd(spa_get_dsl(spa)->dp_mos_dir);
err = dmu_tx_assign(tx, TXG_WAIT);
if (err) {
dmu_tx_abort(tx);
return (err);
}
ha = kmem_alloc(sizeof (history_arg_t), KM_SLEEP);
ha->ha_history_str = strdup(history_str);
ha->ha_zone = strdup(spa_history_zone());
ha->ha_log_type = what;
ha->ha_uid = crgetuid(CRED());
/* Kick this off asynchronously; errors are ignored. */
dsl_sync_task_do_nowait(spa_get_dsl(spa), NULL,
spa_history_log_sync, spa, ha, 0, tx);
dmu_tx_commit(tx);
/* spa_history_log_sync will free ha and strings */
return (err);
}示例6: VMBlockOpen
static int
VMBlockOpen(struct vnode **vpp, // IN: Vnode for file to open
int flag, // IN: Open flags
struct cred *cr // IN: Credentials of caller
#if OS_VFS_VERSION >= 5
, caller_context_t *ctx // IN: Caller's context
#endif
)
{
VMBlockMountInfo *mip;
Bool isRoot = TRUE;
Debug(VMBLOCK_ENTRY_LOGLEVEL, "VMBlockOpen: entry\n");
/*
* The opened vnode is held for us, so we don't need to do anything here
* except make sure only root opens the mount point.
*/
mip = VPTOMIP(*vpp);
if (mip->root == *vpp) {
isRoot = crgetuid(cr) == 0;
}
return isRoot ? 0 : EACCES;
}示例7: zfs_fuid_create_cred
/*
* Create a file system FUID, based on information in the users cred
*/
uint64_t
zfs_fuid_create_cred(zfsvfs_t *zfsvfs, zfs_fuid_type_t type,
dmu_tx_t *tx, cred_t *cr, zfs_fuid_info_t **fuidp)
{
uint64_t idx;
ksid_t *ksid;
uint32_t rid;
char *kdomain;
const char *domain;
uid_t id;
VERIFY(type == ZFS_OWNER || type == ZFS_GROUP);
if (type == ZFS_OWNER)
id = crgetuid(cr);
else
id = crgetgid(cr);
if (!zfsvfs->z_use_fuids || !IS_EPHEMERAL(id))
return ((uint64_t)id);
ksid = crgetsid(cr, (type == ZFS_OWNER) ? KSID_OWNER : KSID_GROUP);
VERIFY(ksid != NULL);
rid = ksid_getrid(ksid);
domain = ksid_getdomain(ksid);
idx = zfs_fuid_find_by_domain(zfsvfs, domain, &kdomain, tx);
zfs_fuid_node_add(fuidp, kdomain, rid, idx, id, type);
return (FUID_ENCODE(idx, rid));
}示例8: splat_cred_test1
static int
splat_cred_test1(struct file *file, void *arg)
{
char str[GROUP_STR_SIZE];
uid_t uid, ruid, suid;
gid_t gid, rgid, sgid, *groups;
int ngroups, i, count = 0;
uid = crgetuid(CRED());
ruid = crgetruid(CRED());
suid = crgetsuid(CRED());
gid = crgetgid(CRED());
rgid = crgetrgid(CRED());
sgid = crgetsgid(CRED());
crhold(CRED());
ngroups = crgetngroups(CRED());
groups = crgetgroups(CRED());
memset(str, 0, GROUP_STR_SIZE);
for (i = 0; i < ngroups; i++) {
count += sprintf(str + count, "%d ", groups[i]);
if (count > (GROUP_STR_SIZE - GROUP_STR_REDZONE)) {
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"Failed too many group entries for temp "
"buffer: %d, %s\n", ngroups, str);
return -ENOSPC;
}
}
crfree(CRED());
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"uid: %d ruid: %d suid: %d "
"gid: %d rgid: %d sgid: %d\n",
uid, ruid, suid, gid, rgid, sgid);
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"ngroups: %d groups: %s\n", ngroups, str);
if (uid || ruid || suid || gid || rgid || sgid) {
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"Failed expected all uids+gids to be %d\n", 0);
return -EIDRM;
}
if (ngroups > NGROUPS_MAX) {
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"Failed ngroups must not exceed NGROUPS_MAX: "
"%d > %d\n", ngroups, NGROUPS_MAX);
return -EIDRM;
}
splat_vprint(file, SPLAT_CRED_TEST1_NAME,
"Success sane CRED(): %d\n", 0);
return 0;
} /* splat_cred_test1() */示例9: zfs_make_xattrdir
int
zfs_make_xattrdir(znode_t *zp, vattr_t *vap, vnode_t **xvpp, cred_t *cr)
{
zfsvfs_t *zfsvfs = zp->z_zfsvfs;
znode_t *xzp;
dmu_tx_t *tx;
int error;
zfs_fuid_info_t *fuidp = NULL;
*xvpp = NULL;
/*
* In FreeBSD, access checking for creating an EA is being done
* in zfs_setextattr(),
*/
#ifndef __FreeBSD__
if (error = zfs_zaccess(zp, ACE_WRITE_NAMED_ATTRS, 0, B_FALSE, cr))
return (error);
#endif
tx = dmu_tx_create(zfsvfs->z_os);
dmu_tx_hold_bonus(tx, zp->z_id);
dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
if (IS_EPHEMERAL(crgetuid(cr)) || IS_EPHEMERAL(crgetgid(cr))) {
if (zfsvfs->z_fuid_obj == 0) {
dmu_tx_hold_bonus(tx, DMU_NEW_OBJECT);
dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
FUID_SIZE_ESTIMATE(zfsvfs));
dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, FALSE, NULL);
} else {
dmu_tx_hold_bonus(tx, zfsvfs->z_fuid_obj);
dmu_tx_hold_write(tx, zfsvfs->z_fuid_obj, 0,
FUID_SIZE_ESTIMATE(zfsvfs));
}
}
error = dmu_tx_assign(tx, zfsvfs->z_assign);
if (error) {
if (error == ERESTART && zfsvfs->z_assign == TXG_NOWAIT)
dmu_tx_wait(tx);
dmu_tx_abort(tx);
return (error);
}
zfs_mknode(zp, vap, tx, cr, IS_XATTR, &xzp, 0, NULL, &fuidp);
ASSERT(xzp->z_phys->zp_parent == zp->z_id);
dmu_buf_will_dirty(zp->z_dbuf, tx);
zp->z_phys->zp_xattr = xzp->z_id;
(void) zfs_log_create(zfsvfs->z_log, tx, TX_MKXATTR, zp,
xzp, "", NULL, fuidp, vap);
if (fuidp)
zfs_fuid_info_free(fuidp);
dmu_tx_commit(tx);
*xvpp = ZTOV(xzp);
return (0);
}示例10: smb_tree_set_execsub_info
static void
smb_tree_set_execsub_info(smb_tree_t *tree, smb_execsub_info_t *subs)
{
subs->e_winname = tree->t_user->u_name;
subs->e_userdom = tree->t_user->u_domain;
subs->e_srv_ipaddr = tree->t_session->local_ipaddr;
subs->e_cli_ipaddr = tree->t_session->ipaddr;
subs->e_cli_netbiosname = tree->t_session->workstation;
subs->e_uid = crgetuid(tree->t_user->u_cred);
}示例11: sam_access_ino
int /* ERRNO if error, 0 if successful. */
sam_access_ino(
sam_node_t *ip, /* pointer to inode. */
int mode, /* mode of access to be verified */
boolean_t locked, /* is ip->inode_rwl held by caller? */
cred_t *credp) /* credentials pointer. */
{
int shift = 0;
ASSERT(!locked || RW_LOCK_HELD(&ip->inode_rwl));
/*
* If requesting write access, and read only filesystem or WORM file
* return error.
*/
if (mode & S_IWRITE) {
if (ip->mp->mt.fi_mflag & MS_RDONLY) {
return (EROFS);
}
if (ip->di.status.b.worm_rdonly && !S_ISDIR(ip->di.mode)) {
return (EROFS);
}
}
if (!locked) {
RW_LOCK_OS(&ip->inode_rwl, RW_READER);
}
/* Use ACL, if present, to check access. */
if (ip->di.status.b.acl) {
int error;
error = sam_acl_access(ip, mode, credp);
if (!locked) {
RW_UNLOCK_OS(&ip->inode_rwl, RW_READER);
}
return (error);
}
if (!locked) {
RW_UNLOCK_OS(&ip->inode_rwl, RW_READER);
}
if (crgetuid(credp) != ip->di.uid) {
shift += 3;
if (!groupmember((uid_t)ip->di.gid, credp)) {
shift += 3;
}
}
mode &= ~(ip->di.mode << shift);
if (mode == 0) {
return (0);
}
return (secpolicy_vnode_access(credp, SAM_ITOV(ip), ip->di.uid, mode));
}示例12: find_ids
/*
* find_ids(packet, mp)
*
* attempt to discern the uid and projid of the originator of a packet by
* looking at the dblks making up the packet - yeuch!
*
* We do it by skipping any fragments with a credp of NULL (originated in
* kernel), taking the first value that isn't NULL to be the credp for the
* whole packet. We also suck the projid from the same fragment.
*/
static void
find_ids(ipgpc_packet_t *packet, mblk_t *mp)
{
cred_t *cr;
cr = msg_getcred(mp, NULL);
if (cr != NULL) {
packet->uid = crgetuid(cr);
packet->projid = crgetprojid(cr);
} else {
packet->uid = (uid_t)-1;
packet->projid = -1;
}
}示例13: tmp_sticky_remove_access
int
tmp_sticky_remove_access(struct tmpnode *dir, struct tmpnode *entry,
struct cred *cr)
{
uid_t uid = crgetuid(cr);
if ((dir->tn_mode & S_ISVTX) &&
uid != dir->tn_uid &&
uid != entry->tn_uid &&
(entry->tn_type != VREG ||
tmp_taccess(entry, VWRITE, cr) != 0))
return (secpolicy_vnode_remove(cr));
return (0);
}示例14: bootfs_access
/*ARGSUSED*/
static int
bootfs_access(vnode_t *vp, int mode, int flags, cred_t *cr,
caller_context_t *ct)
{
int shift = 0;
bootfs_node_t *bpn = (bootfs_node_t *)vp->v_data;
if (crgetuid(cr) != bpn->bvn_attr.va_uid) {
shift += 3;
if (groupmember(bpn->bvn_attr.va_gid, cr) == 0)
shift += 3;
}
return (secpolicy_vnode_access2(cr, vp, bpn->bvn_attr.va_uid,
bpn->bvn_attr.va_mode << shift, mode));
}示例15: nm_access_unlocked
/*
* Standard access() like check. Figure out which mode bits apply
* to the caller then pass the missing mode bits to the secpolicy function.
*/
static int
nm_access_unlocked(void *vnp, int mode, cred_t *crp)
{
struct namenode *nodep = vnp;
int shift = 0;
if (crgetuid(crp) != nodep->nm_vattr.va_uid) {
shift += 3;
if (!groupmember(nodep->nm_vattr.va_gid, crp))
shift += 3;
}
return (secpolicy_vnode_access2(crp, NMTOV(nodep),
nodep->nm_vattr.va_uid, nodep->nm_vattr.va_mode << shift,
mode));
}