1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 1994,2001-2003 Sun Microsystems, Inc. 24 * All rights reserved. 25 * Use is subject to license terms. 26 */ 27 28 /* 29 * ident "%Z%%M% %I% %E% SMI" 30 */ 31 32 const NFS_ACL_MAX_ENTRIES = 1024; 33 34 typedef int uid; 35 typedef unsigned short o_mode; 36 37 /* 38 * This is the format of an ACL which is passed over the network. 39 */ 40 struct aclent { 41 int type; 42 uid id; 43 o_mode perm; 44 }; 45 46 /* 47 * The values for the type element of the aclent structure. 48 */ 49 const NA_USER_OBJ = 0x1; /* object owner */ 50 const NA_USER = 0x2; /* additional users */ 51 const NA_GROUP_OBJ = 0x4; /* owning group of the object */ 52 const NA_GROUP = 0x8; /* additional groups */ 53 const NA_CLASS_OBJ = 0x10; /* file group class and mask entry */ 54 const NA_OTHER_OBJ = 0x20; /* other entry for the object */ 55 const NA_ACL_DEFAULT = 0x1000; /* default flag */ 56 57 /* 58 * The bit field values for the perm element of the aclent 59 * structure. The three values can be combined to form any 60 * of the 8 combinations. 61 */ 62 const NA_READ = 0x4; /* read permission */ 63 const NA_WRITE = 0x2; /* write permission */ 64 const NA_EXEC = 0x1; /* exec permission */ 65 66 /* 67 * This is the structure which contains the ACL entries for a 68 * particular entity. It contains the ACL entries which apply 69 * to this object plus any default ACL entries which are 70 * inherited by its children. 71 * 72 * The values for the mask field are defined below. 73 */ 74 struct secattr { 75 u_int mask; 76 int aclcnt; 77 aclent aclent<NFS_ACL_MAX_ENTRIES>; 78 int dfaclcnt; 79 aclent dfaclent<NFS_ACL_MAX_ENTRIES>; 80 }; 81 82 /* 83 * The values for the mask element of the secattr struct as well 84 * as for the mask element in the arguments in the GETACL2 and 85 * GETACL3 procedures. 86 */ 87 const NA_ACL = 0x1; /* aclent contains a valid list */ 88 const NA_ACLCNT = 0x2; /* the number of entries in the aclent list */ 89 const NA_DFACL = 0x4; /* dfaclent contains a valid list */ 90 const NA_DFACLCNT = 0x8; /* the number of entries in the dfaclent list */ 91 92 /* 93 * This the definition for the GETACL procedure which applies to 94 * NFS Version 2. 95 */ 96 struct GETACL2args { 97 fhandle_t fh; 98 u_int mask; 99 }; 100 101 struct GETACL2resok { 102 struct nfsfattr attr; 103 secattr acl; 104 }; 105 106 union GETACL2res switch (enum nfsstat status) { 107 case ACL2_OK: 108 GETACL2resok resok; 109 default: 110 void; 111 }; 112 113 /* 114 * This is the definition for the SETACL procedure which applies 115 * NFS Version 2. 116 */ 117 struct SETACL2args { 118 fhandle_t fh; 119 secattr acl; 120 }; 121 122 struct SETACL2resok { 123 struct nfsfattr attr; 124 }; 125 126 union SETACL2res switch (enum nfsstat status) { 127 case ACL2_OK: 128 SETACL2resok resok; 129 default: 130 void; 131 }; 132 133 /* 134 * This is the definition for the GETATTR procedure which can be 135 * used as an alternative to the GETATTR in NFS Version 2. The 136 * main difference between this GETATTR and the NFS GETATTR is 137 * that this GETATTR returns the mode of the file without it being 138 * changed to match the min/max permissions mapping that the NFS 139 * Version 2 server does. 140 */ 141 struct GETATTR2args { 142 fhandle_t fh; 143 }; 144 145 struct GETATTR2resok { 146 struct nfsfattr attr; 147 }; 148 149 union GETATTR2res switch (enum nfsstat status) { 150 case ACL2_OK: 151 GETATTR2resok resok; 152 default: 153 void; 154 }; 155 156 /* 157 * This is the definition for the ACCESS procedure which applies 158 * to NFS Version 2. 159 */ 160 struct ACCESS2args { 161 fhandle_t fh; 162 uint32 access; 163 }; 164 165 /* 166 * The following access permissions may be requested: 167 */ 168 const ACCESS2_READ = 0x1; /* read data or readdir a directory */ 169 const ACCESS2_LOOKUP = 0x2; /* lookup a name in a directory */ 170 const ACCESS2_MODIFY = 0x4; /* rewrite existing file data or */ 171 /* modify existing directory entries */ 172 const ACCESS2_EXTEND = 0x8; /* write new data or add directory entries */ 173 const ACCESS2_DELETE = 0x10; /* delete existing directory entry */ 174 const ACCESS2_EXECUTE = 0x20; /* execute file (no meaning for a directory) */ 175 176 struct ACCESS2resok { 177 struct nfsfattr attr; 178 uint32 access; 179 }; 180 181 union ACCESS2res switch (enum nfsstat status) { 182 case ACL2_OK: 183 ACCESS2resok resok; 184 default: 185 void; 186 }; 187 188 /* 189 * This is the definition for the GETXATTRDIR procedure which applies 190 * to NFS Version 2 files. 191 */ 192 struct GETXATTRDIR2args { 193 fhandle_t fh; 194 bool create; 195 }; 196 197 struct GETXATTRDIR2resok { 198 fhandle_t fh; 199 struct nfsfattr attr; 200 }; 201 202 union GETXATTRDIR2res switch (enum nfsstat status) { 203 case ACL2_OK: 204 GETXATTRDIR2resok resok; 205 default: 206 void; 207 }; 208 209 /* 210 * This is the definition for the GETACL procedure which applies 211 * to NFS Version 3 files. 212 */ 213 struct GETACL3args { 214 nfs_fh3 fh; 215 u_int mask; 216 }; 217 218 struct GETACL3resok { 219 post_op_attr attr; 220 secattr acl; 221 }; 222 223 struct GETACL3resfail { 224 post_op_attr attr; 225 }; 226 227 union GETACL3res switch (nfsstat3 status) { 228 case ACL3_OK: 229 GETACL3resok resok; 230 default: 231 GETACL3resfail resfail; 232 }; 233 234 /* 235 * This is the definition for the SETACL procedure which applies 236 * to NFS Version 3 files. 237 */ 238 struct SETACL3args { 239 nfs_fh3 fh; 240 secattr acl; 241 }; 242 243 struct SETACL3resok { 244 post_op_attr attr; 245 }; 246 247 struct SETACL3resfail { 248 post_op_attr attr; 249 }; 250 251 union SETACL3res switch (nfsstat3 status) { 252 case ACL3_OK: 253 SETACL3resok resok; 254 default: 255 SETACL3resfail resfail; 256 }; 257 258 /* 259 * This is the definition for the GETXATTRDIR procedure which applies 260 * to NFS Version 3 files. 261 */ 262 struct GETXATTRDIR3args { 263 nfs_fh3 fh; 264 bool create; 265 }; 266 267 struct GETXATTRDIR3resok { 268 nfs_fh3 fh; 269 post_op_attr attr; 270 }; 271 272 union GETXATTRDIR3res switch (nfsstat3 status) { 273 case ACL3_OK: 274 GETXATTRDIR3resok resok; 275 default: 276 void; 277 }; 278 279 /* 280 * XXX { 281 * This is a transitional interface to enable Solaris NFSv4 282 * clients to manipulate ACLs on Solaris servers until the 283 * spec is complete enough to implement this inside the 284 * NFSv4 protocol itself. NFSv4 does handle extended 285 * attributes in-band. 286 */ 287 288 /* 289 * This is the definition for the GETACL procedure which applies 290 * to NFS Version 4 files. 291 */ 292 struct GETACL4args { 293 nfs_fh4 fh; 294 u_int mask; 295 }; 296 297 struct GETACL4resok { 298 post_op_attr attr; 299 secattr acl; 300 }; 301 302 struct GETACL4resfail { 303 post_op_attr attr; 304 }; 305 306 union GETACL4res switch (nfsstat3 status) { 307 case ACL4_OK: 308 GETACL4resok resok; 309 default: 310 GETACL4resfail resfail; 311 }; 312 313 /* 314 * This is the definition for the SETACL procedure which applies 315 * to NFS Version 4 files. 316 */ 317 struct SETACL4args { 318 nfs_fh4 fh; 319 secattr acl; 320 }; 321 322 struct SETACL4resok { 323 post_op_attr attr; 324 }; 325 326 struct SETACL4resfail { 327 post_op_attr attr; 328 }; 329 330 union SETACL4res switch (nfsstat3 status) { 331 case ACL4_OK: 332 SETACL4resok resok; 333 default: 334 SETACL4resfail resfail; 335 }; 336 337 /* XXX } */ 338 339 /* 340 * Share the port with the NFS service. NFS has to be running 341 * in order for this service to be useful anyway. 342 */ 343 const NFS_ACL_PORT = 2049; 344 345 /* 346 * This is the definition for the ACL network protocol which is used 347 * to provide support for Solaris ACLs for files which are accessed 348 * via NFS Version 2 and NFS Version 3. 349 */ 350 program NFS_ACL_PROGRAM { 351 version NFS_ACL_V2 { 352 void 353 ACLPROC2_NULL(void) = 0; 354 GETACL2res 355 ACLPROC2_GETACL(GETACL2args) = 1; 356 SETACL2res 357 ACLPROC2_SETACL(SETACL2args) = 2; 358 GETATTR2res 359 ACLPROC2_GETATTR(GETATTR2args) = 3; 360 ACCESS2res 361 ACLPROC2_ACCESS(ACCESS2args) = 4; 362 GETXATTRDIR2res 363 ACLPROC2_GETXATTRDIR(GETXATTRDIR2args) = 5; 364 } = 2; 365 version NFS_ACL_V3 { 366 void 367 ACLPROC3_NULL(void) = 0; 368 GETACL3res 369 ACLPROC3_GETACL(GETACL3args) = 1; 370 SETACL3res 371 ACLPROC3_SETACL(SETACL3args) = 2; 372 GETXATTRDIR3res 373 ACLPROC3_GETXATTRDIR(GETXATTRDIR3args) = 3; 374 } = 3; 375 version NFS_ACL_V4 { 376 void 377 ACLPROC4_NULL(void) = 0; 378 GETACL4res 379 ACLPROC4_GETACL(GETACL4args) = 1; 380 SETACL4res 381 ACLPROC4_SETACL(SETACL4args) = 2; 382 } = 4; 383 } = 100227; 384
Indexes created Sun Nov 08 04:09:30 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.