/*
* check a specified user/group for a requested permission
*/
static int
dsl_check_user_access(objset_t *mos, uint64_t zapobj, const char *perm,
int checkflag, cred_t *cr)
{
//const gid_t *gids;
// int ngids;
//int i;
uint64_t id;
/* check for user */
id = crgetuid(cr);
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_USER, checkflag, &id, perm) == 0)
return (0);
/* check for users primary group */
id = crgetgid(cr);
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_GROUP, checkflag, &id, perm) == 0)
return (0);
/* check for everyone entry */
id = -1;
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_EVERYONE, checkflag, &id, perm) == 0)
return (0);
/* check each supplemental group user is a member of */
/*XXX NOEL: get kauth equivs for the below, crgetngroups, crgetgroups*/
#ifndef __APPLE__
ngids = crgetngroups(cr);
gids = crgetgroups(cr);
for (i = 0; i != ngids; i++) {
id = gids[i];
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_GROUP, checkflag, &id, perm) == 0)
return (0);
}
return (EPERM);
#endif
return 0;
}
/*
* check a specified user/group for a requested permission
*/
static int
dsl_check_user_access(objset_t *mos, uint64_t zapobj, const char *perm,
int checkflag, cred_t *cr)
{
const gid_t *gids;
int ngids;
int i;
uint64_t id;
/* check for user */
id = crgetuid(cr);
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_USER, checkflag, &id, perm) == 0)
return (0);
/* check for users primary group */
id = crgetgid(cr);
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_GROUP, checkflag, &id, perm) == 0)
return (0);
/* check for everyone entry */
id = -1;
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_EVERYONE, checkflag, &id, perm) == 0)
return (0);
/* check each supplemental group user is a member of */
ngids = crgetngroups(cr);
gids = crgetgroups(cr);
for (i = 0; i != ngids; i++) {
id = gids[i];
if (dsl_check_access(mos, zapobj,
ZFS_DELEG_GROUP, checkflag, &id, perm) == 0)
return (0);
}
return (EPERM);
}
/*
* Check if user has requested permission.
*/
int
dsl_deleg_access(const char *dsname, const char *perm, cred_t *cr)
{
dsl_dataset_t *ds;
dsl_dir_t *dd;
dsl_pool_t *dp;
void *cookie;
int error;
char checkflag;
objset_t *mos;
avl_tree_t permsets;
perm_set_t *setnode;
error = dsl_dataset_hold(dsname, FTAG, &ds);
if (error)
return (error);
dp = ds->ds_dir->dd_pool;
mos = dp->dp_meta_objset;
if (dsl_delegation_on(mos) == B_FALSE) {
dsl_dataset_rele(ds, FTAG);
return (ECANCELED);
}
if (spa_version(dmu_objset_spa(dp->dp_meta_objset)) <
SPA_VERSION_DELEGATED_PERMS) {
dsl_dataset_rele(ds, FTAG);
return (EPERM);
}
if (dsl_dataset_is_snapshot(ds)) {
/*
* Snapshots are treated as descendents only,
* local permissions do not apply.
*/
checkflag = ZFS_DELEG_DESCENDENT;
} else {
checkflag = ZFS_DELEG_LOCAL;
}
avl_create(&permsets, perm_set_compare, sizeof (perm_set_t),
offsetof(perm_set_t, p_node));
rw_enter(&dp->dp_config_rwlock, RW_READER);
for (dd = ds->ds_dir; dd != NULL; dd = dd->dd_parent,
checkflag = ZFS_DELEG_DESCENDENT) {
uint64_t zapobj;
boolean_t expanded;
/*
* If not in global zone then make sure
* the zoned property is set
*/
if (!INGLOBALZONE(curproc)) {
uint64_t zoned;
if (dsl_prop_get_dd(dd,
zfs_prop_to_name(ZFS_PROP_ZONED),
8, 1, &zoned, NULL) != 0)
break;
if (!zoned)
break;
}
zapobj = dd->dd_phys->dd_deleg_zapobj;
if (zapobj == 0)
continue;
dsl_load_user_sets(mos, zapobj, &permsets, checkflag, cr);
again:
expanded = B_FALSE;
for (setnode = avl_first(&permsets); setnode;
setnode = AVL_NEXT(&permsets, setnode)) {
if (setnode->p_matched == B_TRUE)
continue;
/* See if this set directly grants this permission */
error = dsl_check_access(mos, zapobj,
ZFS_DELEG_NAMED_SET, 0, setnode->p_setname, perm);
if (error == 0)
goto success;
if (error == EPERM)
setnode->p_matched = B_TRUE;
/* See if this set includes other sets */
error = dsl_load_sets(mos, zapobj,
ZFS_DELEG_NAMED_SET_SETS, 0,
setnode->p_setname, &permsets);
if (error == 0)
setnode->p_matched = expanded = B_TRUE;
}
/*
* If we expanded any sets, that will define more sets,
* which we need to check.
*/
if (expanded)
goto again;
error = dsl_check_user_access(mos, zapobj, perm, checkflag, cr);
if (error == 0)
goto success;
}
error = EPERM;
success:
rw_exit(&dp->dp_config_rwlock);
dsl_dataset_rele(ds, FTAG);
cookie = NULL;
while ((setnode = avl_destroy_nodes(&permsets, &cookie)) != NULL)
kmem_free(setnode, sizeof (perm_set_t));
return (error);
}
/*
* Check if user has requested permission.
*/
int
dsl_deleg_access(const char *ddname, const char *perm, cred_t *cr)
{
dsl_dir_t *dd, *startdd;
dsl_pool_t *dp;
void *cookie;
int error;
char checkflag = ZFS_DELEG_LOCAL;
const char *tail;
objset_t *mos;
avl_tree_t permsets;
perm_set_t *setnode;
/*
* Use tail so that zfs_ioctl() code doesn't have
* to always to to figure out parent name in order
* to do access check. for example renaming a snapshot
*/
error = dsl_dir_open(ddname, FTAG, &startdd, &tail);
if (error)
return (error);
if (tail && tail[0] != '@') {
dsl_dir_close(startdd, FTAG);
return (ENOENT);
}
dp = startdd->dd_pool;
mos = dp->dp_meta_objset;
if (dsl_delegation_on(mos) == B_FALSE) {
dsl_dir_close(startdd, FTAG);
return (ECANCELED);
}
if (spa_version(dmu_objset_spa(dp->dp_meta_objset)) <
SPA_VERSION_DELEGATED_PERMS) {
dsl_dir_close(startdd, FTAG);
return (EPERM);
}
avl_create(&permsets, perm_set_compare, sizeof (perm_set_t),
offsetof(perm_set_t, p_node));
rw_enter(&dp->dp_config_rwlock, RW_READER);
for (dd = startdd; dd != NULL; dd = dd->dd_parent,
checkflag = ZFS_DELEG_DESCENDENT) {
uint64_t zapobj;
boolean_t expanded;
/*
* If not in global zone then make sure
* the zoned property is set
*/
if (!INGLOBALZONE(curproc)) {
uint64_t zoned;
if (dsl_prop_get_ds_locked(dd,
zfs_prop_to_name(ZFS_PROP_ZONED),
8, 1, &zoned, NULL) != 0)
break;
if (!zoned)
break;
}
zapobj = dd->dd_phys->dd_deleg_zapobj;
if (zapobj == 0)
continue;
dsl_load_user_sets(mos, zapobj, &permsets, checkflag, cr);
again:
expanded = B_FALSE;
for (setnode = avl_first(&permsets); setnode;
setnode = AVL_NEXT(&permsets, setnode)) {
if (setnode->p_matched == B_TRUE)
continue;
/* See if this set directly grants this permission */
error = dsl_check_access(mos, zapobj,
ZFS_DELEG_NAMED_SET, 0, setnode->p_setname, perm);
if (error == 0)
goto success;
if (error == EPERM)
setnode->p_matched = B_TRUE;
/* See if this set includes other sets */
error = dsl_load_sets(mos, zapobj,
ZFS_DELEG_NAMED_SET_SETS, 0,
setnode->p_setname, &permsets);
if (error == 0)
setnode->p_matched = expanded = B_TRUE;
}
/*
* If we expanded any sets, that will define more sets,
* which we need to check.
*/
if (expanded)
goto again;
error = dsl_check_user_access(mos, zapobj, perm, checkflag, cr);
if (error == 0)
goto success;
}
error = EPERM;
success:
rw_exit(&dp->dp_config_rwlock);
dsl_dir_close(startdd, FTAG);
cookie = NULL;
while ((setnode = avl_destroy_nodes(&permsets, &cookie)) != NULL)
kmem_free(setnode, sizeof (perm_set_t));
return (error);
}