GENFS(9) | Kernel Developer's Manual | GENFS(9) |
genfs
—
#include <miscfs/genfs/genfs.h>
int
genfs_can_chflags
(vnode_t
*vp, kauth_cred_t,
cred",
uid_t owner_uid,
bool
changing_sysflags);
int
genfs_can_chmod
(vnode_t
*vp, kauth_cred_t
cred, uid_t
cur_uid, gid_t
cur_gid, mode_t
new_mode);
int
genfs_can_chown
(vnode_t
*vp, kauth_cred_t
cred, uid_t
cur_uid, gid_t
cur_gid, uid_t
new_uid, gid_t
new_gid);
int
genfs_can_chtimes
(vnode_t
*vp, kauth_cred_t
cred, uid_t
owner_uid, u_int
vaflags);
int
genfs_can_extattr
(vnode_t
*vp, kauth_cred_t
cred, accmode_t
accmode, int
attrnamespace);
int
genfs_can_sticky
(vnode_t
*vp, kauth_cred_t
cred, uid_t
dir_uid, uid_t
file_uid);
In other words, these functions are not meant to be called directly. They are intended to be used in kauth(9) vnode scope authorization calls, for providing the fall-back file system decision.
As a rule of thumb, code that looks like this is wrong:
error = genfs_can_foo(...); /* WRONG */
While code that looks like this is right:
error = kauth_authorize_vnode(..., genfs_can_foo(...));
genfs_can_chflags
(vnode_t
*vp, kauth_cred_t cred)genfs_can_chmod
(vnode_t *vp,
kauth_cred_t cred, uid_t
cur_uid, gid_t cur_gid, mode_t
new_mode)genfs_can_chown
(vnode_t *vp,
kauth_cred_t cred, uid_t
cur_uid, gid_t cur_gid, uid_t
new_uid, gid_t new_gid)genfs_can_chtimes
(vnode_t
*vp, kauth_cred_t cred, uid_t
owner_uid, u_int vaflags)genfs_can_extattr
(vnode_t
*vp, kauth_cred_t cred,
accmode_t accmode, int
attrnamespace)genfs_can_sticky
(vnode_t
*vp, kauth_cred_t cred, uid_t
dir_uid, uid_t file_uid)January 17, 2022 | NetBSD 10.0 |