mirror of
https://github.com/opnsense/src.git
synced 2026-06-08 16:22:46 -04:00
o Caused FFS_EXTATTR_AUTOSTART to scan two sub-directories of ".attribute"
off of the file system root: "user" for user attributes, and "system"
for system attributes. When the scan occurs, attribute backing files
discovered in those directories will be started in the respective
namespaces. This re-introduces support for auto-starting of user
attributes, which was removed when the "$" prefix for system attributes
was replaced with explicit namespacing.
For users of the TrustedBSD UFS POSIX.1e ACL code, you'll need to:
mv ${FSROOT}/'$posix1e.acl_access' ${FSROOT}/system/posix1e.acl_access
mv ${FSROOT}/'$posix1e.acl_default' ${FSROOT}/system/posix1e.acl_default
For users of the TrustedBSD POSIX.1e Capability code, you'll need to:
mv ${FSROOT}/'$posix1e.cap' ${FSROOT}/system/posix1e.cap
For users of the TrustedBSD MAC code, you'll need to:
mv ${FSROOT}/'$freebsd.mac' ${FSROOT}/system/freebsd.mac
Updated versions of relevant patches will be released in the near
future.
Obtained from: TrustedBSD Project
This commit is contained in:
Robert Watson
parent
9612101e4c
commit
3938ca1cc4
2 changed files with 33 additions and 16 deletions
|
|
@ -35,6 +35,8 @@
|
|||
#define UFS_EXTATTR_MAGIC 0x00b5d5ec
|
||||
#define UFS_EXTATTR_VERSION 0x00000003
|
||||
#define UFS_EXTATTR_FSROOTSUBDIR ".attribute"
|
||||
#define UFS_EXTATTR_SUBDIR_SYSTEM "system"
|
||||
#define UFS_EXTATTR_SUBDIR_USER "user"
|
||||
#define UFS_EXTATTR_MAXEXTATTRNAME 65 /* including null */
|
||||
|
||||
#define UFS_EXTATTR_ATTR_FLAG_INUSE 0x00000001 /* attr has been set */
|
||||
|
|
|
|||
|
|
@ -351,7 +351,6 @@ ufs_extattr_enable_with_open(struct ufsmount *ump, struct vnode *vp,
|
|||
* attribute files. Then invoke ufs_extattr_enable_with_open() on each
|
||||
* to attempt to start the attribute. Leaves the directory locked on
|
||||
* exit.
|
||||
* XXX: Add a EA namespace argument
|
||||
*/
|
||||
static int
|
||||
ufs_extattr_iterate_directory(struct ufsmount *ump, struct vnode *dvp,
|
||||
|
|
@ -454,7 +453,7 @@ ufs_extattr_iterate_directory(struct ufsmount *ump, struct vnode *dvp,
|
|||
int
|
||||
ufs_extattr_autostart(struct mount *mp, struct proc *p)
|
||||
{
|
||||
struct vnode *attr_dvp, /**attr_vp,*/ *rvp;
|
||||
struct vnode *rvp, *attr_dvp, *attr_system_dvp, *attr_user_dvp;
|
||||
int error;
|
||||
|
||||
/*
|
||||
|
|
@ -485,33 +484,49 @@ ufs_extattr_autostart(struct mount *mp, struct proc *p)
|
|||
if (attr_dvp->v_type != VDIR) {
|
||||
printf("ufs_extattr_autostart: %s != VDIR\n",
|
||||
UFS_EXTATTR_FSROOTSUBDIR);
|
||||
goto return_vput;
|
||||
goto return_vput_attr_dvp;
|
||||
}
|
||||
|
||||
error = ufs_extattr_start(mp, p);
|
||||
if (error) {
|
||||
printf("ufs_extattr_autostart: ufs_extattr_start failed (%d)\n",
|
||||
error);
|
||||
goto return_vput;
|
||||
goto return_vput_attr_dvp;
|
||||
}
|
||||
|
||||
/*
|
||||
* Iterate over the directory. Eventually we will lookup sub-
|
||||
* directories and iterate over them independently with different
|
||||
* EA namespaces.
|
||||
*
|
||||
* XXX: Right now, assert that all attributes are in the system
|
||||
* namespace.
|
||||
* Look for two subdirectories: UFS_EXTATTR_SUBDIR_SYSTEM,
|
||||
* UFS_EXTATTR_SUBDIR_USER. For each, iterate over the sub-directory,
|
||||
* and start with appropriate type. Failures in either don't
|
||||
* result in an over-all failure. attr_dvp is left locked to
|
||||
* be cleaned up on exit.
|
||||
*/
|
||||
error = ufs_extattr_iterate_directory(VFSTOUFS(mp), attr_dvp,
|
||||
EXTATTR_NAMESPACE_SYSTEM, p);
|
||||
if (error)
|
||||
printf("ufs_extattr_iterate_directory returned %d\n", error);
|
||||
error = ufs_extattr_lookup(attr_dvp, UE_GETDIR_LOCKPARENT,
|
||||
UFS_EXTATTR_SUBDIR_SYSTEM, &attr_system_dvp, p);
|
||||
if (!error) {
|
||||
error = ufs_extattr_iterate_directory(VFSTOUFS(mp),
|
||||
attr_system_dvp, EXTATTR_NAMESPACE_SYSTEM, p);
|
||||
if (error)
|
||||
printf("ufs_extattr_iterate_directory returned %d\n",
|
||||
error);
|
||||
vput(attr_system_dvp);
|
||||
}
|
||||
|
||||
/* Mask startup failures. */
|
||||
error = ufs_extattr_lookup(attr_dvp, UE_GETDIR_LOCKPARENT,
|
||||
UFS_EXTATTR_SUBDIR_USER, &attr_user_dvp, p);
|
||||
if (!error) {
|
||||
error = ufs_extattr_iterate_directory(VFSTOUFS(mp),
|
||||
attr_user_dvp, EXTATTR_NAMESPACE_USER, p);
|
||||
if (error)
|
||||
printf("ufs_extattr_iterate_directory returned %d\n",
|
||||
error);
|
||||
vput(attr_user_dvp);
|
||||
}
|
||||
|
||||
/* Mask startup failures in sub-directories. */
|
||||
error = 0;
|
||||
|
||||
return_vput:
|
||||
return_vput_attr_dvp:
|
||||
vput(attr_dvp);
|
||||
|
||||
return (error);
|
||||
|
|
|
|||
Loading…
Reference in a new issue