Now
MAIN commitmail json YAML
src/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c@1.14
/
diff
/
nxr@1.14
src/external/cddl/osnet/sys/kern/policy.c@1.4 / diff / nxr@1.4
src/external/cddl/osnet/sys/sys/policy.h@1.6 / diff / nxr@1.6
src/external/cddl/osnet/sys/kern/policy.c@1.4 / diff / nxr@1.4
src/external/cddl/osnet/sys/sys/policy.h@1.6 / diff / nxr@1.6
Take a first whack at making zfs permissions work.
zfs_access uses secpolicy_vnode_access, so it makes no sense for the
latter to call VOP_ACCESS!
Everything seems to return EACCES instead of EPERM, probably because
that's what kauth returns. This should be fixed, but that may
require some nontrivial surgery to zfs's calls to secpolicy_*, which
is where kauth gets involved.
This commit imports some code from illumos to implement the routine
secpolicy_vnode_setattr. This shouldn't be outside dist/, but for
now it is expedient to do so. We ought to fix that, along with all
the other CDDL code outside dist/, when we next import a newer
version of zfs.
zfs_access uses secpolicy_vnode_access, so it makes no sense for the
latter to call VOP_ACCESS!
Everything seems to return EACCES instead of EPERM, probably because
that's what kauth returns. This should be fixed, but that may
require some nontrivial surgery to zfs's calls to secpolicy_*, which
is where kauth gets involved.
This commit imports some code from illumos to implement the routine
secpolicy_vnode_setattr. This shouldn't be outside dist/, but for
now it is expedient to do so. We ought to fix that, along with all
the other CDDL code outside dist/, when we next import a newer
version of zfs.