usr/src/head/exec_attr.h - illumos-gate - Gitiles

 /*
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
  * Common Development and Distribution License (the "License").
  * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
  * See the License for the specific language governing permissions
  * and limitations under the License.
  *
  * When distributing Covered Code, include this CDDL HEADER in each
  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  * If applicable, add the following below this CDDL HEADER, with the
  * fields enclosed by brackets "[]" replaced with your own identifying
  * information: Portions Copyright [yyyy] [name of copyright owner]
  *
  * CDDL HEADER END
  */
 /*
  * Copyright 2014 Garrett D'Amore <garrett@damore.org>
  *
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */

 #ifndef	_EXEC_ATTR_H
 #define	_EXEC_ATTR_H

 #ifdef	__cplusplus
 extern "C" {
 #endif


 #include <sys/types.h>
 #include <secdb.h>


 #define	EXECATTR_FILENAME		"/etc/security/exec_attr"
 #define	EXECATTR_DB_NAME		"exec_attr.org_dir"
 #define	EXECATTR_DB_NCOL		7	/* total columns */
 #define	EXECATTR_DB_NKEYCOL		3	/* total searchable columns */
 #define	EXECATTR_DB_TBLT		"exec_attr_tbl"
 #define	EXECATTR_NAME_DEFAULT_KW	"nobody"

 #define	EXECATTR_COL0_KW		"name"
 #define	EXECATTR_COL1_KW		"policy"
 #define	EXECATTR_COL2_KW		"type"
 #define	EXECATTR_COL3_KW		"res1"
 #define	EXECATTR_COL4_KW		"res2"
 #define	EXECATTR_COL5_KW		"id"
 #define	EXECATTR_COL6_KW		"attr"

 /*
  * indices of searchable columns
  */
 #define	EXECATTR_KEYCOL0		0	/* name */
 #define	EXECATTR_KEYCOL1		1	/* policy */
 #define	EXECATTR_KEYCOL2		5	/* id */


 /*
  * Some macros used internally by the nsswitch code
  */

 /*
  * These macros are bitmasks. GET_ONE and GET_ALL are bitfield 0
  * and thus mutually exclusive. __SEARCH_ALL_POLLS is bitfield
  * 1 and can be logically ORed with GET_ALL if one wants to get
  * all matching profiles from all policies, not just the ones from
  * the currently active policy
  *
  * Testing for these values should be done using the IS_* macros
  * defined below.
  */
 #define	GET_ONE			0
 #define	GET_ALL			1
 #define	__SEARCH_ALL_POLS	2

 /* get only one exec_attr from list */
 #define	IS_GET_ONE(f) (((f) & GET_ALL) == 0)
 /* get all matching exec_attrs in list */
 #define	IS_GET_ALL(f) (((f) & GET_ALL) == 1)
 /* search all existing policies */
 #define	IS_SEARCH_ALL(f) (((f) & __SEARCH_ALL_POLS) == __SEARCH_ALL_POLS)

 /*
  * Key words used in the exec_attr database
  */
 #define	EXECATTR_EUID_KW	"euid"
 #define	EXECATTR_EGID_KW	"egid"
 #define	EXECATTR_UID_KW		"uid"
 #define	EXECATTR_GID_KW		"gid"
 #define	EXECATTR_LPRIV_KW	"limitprivs"
 #define	EXECATTR_IPRIV_KW	"privs"

 /*
  * Nsswitch representation of execution attributes.
  */
 typedef struct execstr_s {
 	char   *name;		/* profile name */
 	char   *policy;		/* suser/rbac/tsol */
 	char   *type;		/* cmd/act */
 	char   *res1;		/* reserved for future use */
 	char   *res2;		/* reserved for future use */
 	char   *id;		/* unique ID */
 	char   *attr;		/* string of key-value pair attributes */
 	struct execstr_s *next;	/* pointer to next entry */
 } execstr_t;

 typedef struct execattr_s {
 	char   *name;		/* profile name */
 	char   *policy;		/* suser/rbac/tsol */
 	char   *type;		/* cmd/act */
 	char   *res1;		/* reserved for future use */
 	char   *res2;		/* reserved for future use */
 	char   *id;		/* unique ID */
 	kva_t  *attr;		/* array of key-value pair attributes */
 	struct execattr_s *next;	/* pointer to next entry */
 } execattr_t;

 typedef struct __private_execattr {
 	const char *name;
 	const char *type;
 	const char *id;
 	const char *policy;
 	int search_flag;
 	execstr_t *head_exec;
 	execstr_t *prev_exec;
 } _priv_execattr;		/* Un-supported. For Sun internal use only */


 extern execattr_t *getexecattr(void);
 extern execattr_t *getexecuser(const char *, const char *, const char *, int);
 extern execattr_t *getexecprof(const char *, const char *, const char *, int);
 extern execattr_t *match_execattr(execattr_t *, const char *, const char *, \
 	const char *);
 extern void free_execattr(execattr_t *);
 extern void setexecattr(void);
 extern void endexecattr(void);

 #ifdef __cplusplus
 }
 #endif

 #endif	/* _EXEC_ATTR_H */
	/*
	* CDDL HEADER START
	*
	* The contents of this file are subject to the terms of the
	* Common Development and Distribution License (the "License").
	* You may not use this file except in compliance with the License.
	*
	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
	* or http://www.opensolaris.org/os/licensing.
	* See the License for the specific language governing permissions
	* and limitations under the License.
	*
	* When distributing Covered Code, include this CDDL HEADER in each
	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
	* If applicable, add the following below this CDDL HEADER, with the
	* fields enclosed by brackets "[]" replaced with your own identifying
	* information: Portions Copyright [yyyy] [name of copyright owner]
	*
	* CDDL HEADER END
	*/
	/*
	* Copyright 2014 Garrett D'Amore <garrett@damore.org>
	*
	* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
	* Use is subject to license terms.
	*/

	#ifndef _EXEC_ATTR_H
	#define _EXEC_ATTR_H

	#ifdef __cplusplus
	extern "C" {
	#endif


	#include <sys/types.h>
	#include <secdb.h>


	#define EXECATTR_FILENAME "/etc/security/exec_attr"
	#define EXECATTR_DB_NAME "exec_attr.org_dir"
	#define EXECATTR_DB_NCOL 7 /* total columns */
	#define EXECATTR_DB_NKEYCOL 3 /* total searchable columns */
	#define EXECATTR_DB_TBLT "exec_attr_tbl"
	#define EXECATTR_NAME_DEFAULT_KW "nobody"

	#define EXECATTR_COL0_KW "name"
	#define EXECATTR_COL1_KW "policy"
	#define EXECATTR_COL2_KW "type"
	#define EXECATTR_COL3_KW "res1"
	#define EXECATTR_COL4_KW "res2"
	#define EXECATTR_COL5_KW "id"
	#define EXECATTR_COL6_KW "attr"

	/*
	* indices of searchable columns
	*/
	#define EXECATTR_KEYCOL0 0 /* name */
	#define EXECATTR_KEYCOL1 1 /* policy */
	#define EXECATTR_KEYCOL2 5 /* id */


	/*
	* Some macros used internally by the nsswitch code
	*/

	/*
	* These macros are bitmasks. GET_ONE and GET_ALL are bitfield 0
	* and thus mutually exclusive. __SEARCH_ALL_POLLS is bitfield
	* 1 and can be logically ORed with GET_ALL if one wants to get
	* all matching profiles from all policies, not just the ones from
	* the currently active policy
	*
	* Testing for these values should be done using the IS_* macros
	* defined below.
	*/
	#define GET_ONE 0
	#define GET_ALL 1
	#define __SEARCH_ALL_POLS 2

	/* get only one exec_attr from list */
	#define IS_GET_ONE(f) (((f) & GET_ALL) == 0)
	/* get all matching exec_attrs in list */
	#define IS_GET_ALL(f) (((f) & GET_ALL) == 1)
	/* search all existing policies */
	#define IS_SEARCH_ALL(f) (((f) & __SEARCH_ALL_POLS) == __SEARCH_ALL_POLS)

	/*
	* Key words used in the exec_attr database
	*/
	#define EXECATTR_EUID_KW "euid"
	#define EXECATTR_EGID_KW "egid"
	#define EXECATTR_UID_KW "uid"
	#define EXECATTR_GID_KW "gid"
	#define EXECATTR_LPRIV_KW "limitprivs"
	#define EXECATTR_IPRIV_KW "privs"

	/*
	* Nsswitch representation of execution attributes.
	*/
	typedef struct execstr_s {
	char name; / profile name */
	char policy; / suser/rbac/tsol */
	char type; / cmd/act */
	char res1; / reserved for future use */
	char res2; / reserved for future use */
	char id; / unique ID */
	char attr; / string of key-value pair attributes */
	struct execstr_s next; / pointer to next entry */
	} execstr_t;

	typedef struct execattr_s {
	char name; / profile name */
	char policy; / suser/rbac/tsol */
	char type; / cmd/act */
	char res1; / reserved for future use */
	char res2; / reserved for future use */
	char id; / unique ID */
	kva_t attr; / array of key-value pair attributes */
	struct execattr_s next; / pointer to next entry */
	} execattr_t;

	typedef struct __private_execattr {
	const char *name;
	const char *type;
	const char *id;
	const char *policy;
	int search_flag;
	execstr_t *head_exec;
	execstr_t *prev_exec;
	} _priv_execattr; /* Un-supported. For Sun internal use only */


	extern execattr_t *getexecattr(void);
	extern execattr_t getexecuser(const char , const char , const char , int);
	extern execattr_t getexecprof(const char , const char , const char , int);
	extern execattr_t match_execattr(execattr_t , const char , const char , \
	const char *);
	extern void free_execattr(execattr_t *);
	extern void setexecattr(void);
	extern void endexecattr(void);

	#ifdef __cplusplus
	}
	#endif

	#endif /* _EXEC_ATTR_H */