Definitions for ACL mapping code. More...

#include <atalk/uuid.h>
#include "directory.h"

Data Structures
struct	darwin_ace_t

struct	darwin_acl_header_t

Macros
#define	ACE_TRIVIAL (ACE_OWNER \| ACE_GROUP \| ACE_EVERYONE)

#define	DARWIN_ACL_FLAGS_PRIVATE (0xffff)

#define	KAUTH_ACL_DEFER_INHERIT (1<<16)

#define	KAUTH_ACL_NO_INHERIT (1<<17)

#define	DARWIN_ACE_FLAGS_KINDMASK 0xf

#define	DARWIN_ACE_FLAGS_PERMIT (1<<0)

#define	DARWIN_ACE_FLAGS_DENY (1<<1)

#define	DARWIN_ACE_FLAGS_INHERITED (1<<4)

#define	DARWIN_ACE_FLAGS_FILE_INHERIT (1<<5)

#define	DARWIN_ACE_FLAGS_DIRECTORY_INHERIT (1<<6)

#define	DARWIN_ACE_FLAGS_LIMIT_INHERIT (1<<7)

#define	DARWIN_ACE_FLAGS_ONLY_INHERIT (1<<8)

#define	DARWIN_ACE_INHERIT_CONTROL_FLAGS

#define	DARWIN_ACE_READ_DATA 0x00000002

#define	DARWIN_ACE_LIST_DIRECTORY 0x00000002

#define	DARWIN_ACE_WRITE_DATA 0x00000004

#define	DARWIN_ACE_ADD_FILE 0x00000004

#define	DARWIN_ACE_EXECUTE 0x00000008

#define	DARWIN_ACE_SEARCH 0x00000008

#define	DARWIN_ACE_DELETE 0x00000010

#define	DARWIN_ACE_APPEND_DATA 0x00000020

#define	DARWIN_ACE_ADD_SUBDIRECTORY 0x00000020

#define	DARWIN_ACE_DELETE_CHILD 0x00000040

#define	DARWIN_ACE_READ_ATTRIBUTES 0x00000080

#define	DARWIN_ACE_WRITE_ATTRIBUTES 0x00000100

#define	DARWIN_ACE_READ_EXTATTRIBUTES 0x00000200

#define	DARWIN_ACE_WRITE_EXTATTRIBUTES 0x00000400

#define	DARWIN_ACE_READ_SECURITY 0x00000800

#define	DARWIN_ACE_WRITE_SECURITY 0x00001000

#define	DARWIN_ACE_TAKE_OWNERSHIP 0x00002000

Enumerations
enum	{ kFileSec_UUID = (1 << 0) , kFileSec_GRPUUID = (1 << 1) , kFileSec_ACL = (1 << 2) , kFileSec_REMOVEACL = (1 << 3) , kFileSec_Inherit = (1 << 4) }

Functions
int	afp_access (AFPObj obj, char ibuf, size_t ibuflen, char rbuf, size_t rbuflen)

int	afp_getacl (AFPObj obj, char ibuf, size_t ibuflen, char rbuf, size_t rbuflen)

int	afp_setacl (AFPObj obj, char ibuf, size_t ibuflen, char rbuf, size_t rbuflen)

int	acltoownermode (const AFPObj obj, const struct vol vol, char path, struct stat st, struct maccess *ma)
	map ACL to user maccess

Detailed Description

Definitions for ACL mapping code.

This is what Apple says about ACL flags in sys/kauth.h:

<Apple> The low 16 bits of the flags field are reserved for filesystem internal use and must be preserved by all APIs. This includes round-tripping flags through user-space interfaces. The high 16 bits of the flags are used to store attributes and to request specific handling of the ACL. </Apple>

The constants are included for reference. We DONT expect them on the wire! We will ignore and spoil em.

Macro Definition Documentation

◆ ACE_TRIVIAL

#define ACE_TRIVIAL (ACE_OWNER | ACE_GROUP | ACE_EVERYONE)

Some stuff for the handling of NFSv4 ACLs

◆ DARWIN_ACE_ADD_FILE

#define DARWIN_ACE_ADD_FILE 0x00000004

◆ DARWIN_ACE_ADD_SUBDIRECTORY

#define DARWIN_ACE_ADD_SUBDIRECTORY 0x00000020

◆ DARWIN_ACE_APPEND_DATA

#define DARWIN_ACE_APPEND_DATA 0x00000020

◆ DARWIN_ACE_DELETE

#define DARWIN_ACE_DELETE 0x00000010

◆ DARWIN_ACE_DELETE_CHILD

#define DARWIN_ACE_DELETE_CHILD 0x00000040

◆ DARWIN_ACE_EXECUTE

#define DARWIN_ACE_EXECUTE 0x00000008

◆ DARWIN_ACE_FLAGS_DENY

#define DARWIN_ACE_FLAGS_DENY (1<<1)

0x00000002

◆ DARWIN_ACE_FLAGS_DIRECTORY_INHERIT

#define DARWIN_ACE_FLAGS_DIRECTORY_INHERIT (1<<6)

0x00000040

◆ DARWIN_ACE_FLAGS_FILE_INHERIT

#define DARWIN_ACE_FLAGS_FILE_INHERIT (1<<5)

0x00000020

◆ DARWIN_ACE_FLAGS_INHERITED

#define DARWIN_ACE_FLAGS_INHERITED (1<<4)

0x00000010

◆ DARWIN_ACE_FLAGS_KINDMASK

#define DARWIN_ACE_FLAGS_KINDMASK 0xf

◆ DARWIN_ACE_FLAGS_LIMIT_INHERIT

#define DARWIN_ACE_FLAGS_LIMIT_INHERIT (1<<7)

0x00000080

◆ DARWIN_ACE_FLAGS_ONLY_INHERIT

#define DARWIN_ACE_FLAGS_ONLY_INHERIT (1<<8)

0x00000100

◆ DARWIN_ACE_FLAGS_PERMIT

#define DARWIN_ACE_FLAGS_PERMIT (1<<0)

0x00000001

◆ DARWIN_ACE_INHERIT_CONTROL_FLAGS

#define DARWIN_ACE_INHERIT_CONTROL_FLAGS

Value:

       (DARWIN_ACE_FLAGS_FILE_INHERIT |\
        DARWIN_ACE_FLAGS_DIRECTORY_INHERIT |\
        DARWIN_ACE_FLAGS_LIMIT_INHERIT |\
        DARWIN_ACE_FLAGS_ONLY_INHERIT)

All flag bits controlling ACE inheritance

◆ DARWIN_ACE_LIST_DIRECTORY

#define DARWIN_ACE_LIST_DIRECTORY 0x00000002

◆ DARWIN_ACE_READ_ATTRIBUTES

#define DARWIN_ACE_READ_ATTRIBUTES 0x00000080

◆ DARWIN_ACE_READ_DATA

#define DARWIN_ACE_READ_DATA 0x00000002

◆ DARWIN_ACE_READ_EXTATTRIBUTES

#define DARWIN_ACE_READ_EXTATTRIBUTES 0x00000200

◆ DARWIN_ACE_READ_SECURITY

#define DARWIN_ACE_READ_SECURITY 0x00000800

◆ DARWIN_ACE_SEARCH

#define DARWIN_ACE_SEARCH 0x00000008

◆ DARWIN_ACE_TAKE_OWNERSHIP

#define DARWIN_ACE_TAKE_OWNERSHIP 0x00002000

◆ DARWIN_ACE_WRITE_ATTRIBUTES

#define DARWIN_ACE_WRITE_ATTRIBUTES 0x00000100

◆ DARWIN_ACE_WRITE_DATA

#define DARWIN_ACE_WRITE_DATA 0x00000004

◆ DARWIN_ACE_WRITE_EXTATTRIBUTES

#define DARWIN_ACE_WRITE_EXTATTRIBUTES 0x00000400

◆ DARWIN_ACE_WRITE_SECURITY

#define DARWIN_ACE_WRITE_SECURITY 0x00001000

◆ DARWIN_ACL_FLAGS_PRIVATE

#define DARWIN_ACL_FLAGS_PRIVATE (0xffff)

ACL Flags

◆ KAUTH_ACL_DEFER_INHERIT

#define KAUTH_ACL_DEFER_INHERIT (1<<16)

inheritance will be deferred until the first rename operation

◆ KAUTH_ACL_NO_INHERIT

#define KAUTH_ACL_NO_INHERIT (1<<17)

this ACL must not be overwritten as part of an inheritance operation

Enumeration Type Documentation

◆ anonymous enum

anonymous enum

FPGet|Set Bitmap

Enumerator
kFileSec_UUID
kFileSec_GRPUUID
kFileSec_ACL
kFileSec_REMOVEACL
kFileSec_Inherit

Function Documentation

◆ acltoownermode()

int acltoownermode	(	const AFPObj *	obj,
		const struct vol *	vol,
		char *	path,
		struct stat *	st,
		struct maccess *	ma
	)

extern

map ACL to user maccess

This is the magic function that makes ACLs usable by calculating the access granted by ACEs to the logged in user.

◆ afp_access()

int afp_access	(	AFPObj *	obj,
		char *	ibuf,
		size_t	ibuflen,
		char *	rbuf,
		size_t *	rbuflen
	)

◆ afp_getacl()

int afp_getacl	(	AFPObj *	obj,
		char *	ibuf,
		size_t	ibuflen,
		char *	rbuf,
		size_t *	rbuflen
	)

◆ afp_setacl()

int afp_setacl	(	AFPObj *	obj,
		char *	ibuf,
		size_t	ibuflen,
		char *	rbuf,
		size_t *	rbuflen
	)

Data Structures

Macros

Enumerations

Functions