---
- branch: MAIN
  date: Thu Oct 18 14:22:58 UTC 2012
  files:
  - new: '1.14'
    old: '1.13'
    path: src/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c
    pathrev: src/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c@1.14
    type: modified
  - new: '1.4'
    old: '1.3'
    path: src/external/cddl/osnet/sys/kern/policy.c
    pathrev: src/external/cddl/osnet/sys/kern/policy.c@1.4
    type: modified
  - new: '1.6'
    old: '1.5'
    path: src/external/cddl/osnet/sys/sys/policy.h
    pathrev: src/external/cddl/osnet/sys/sys/policy.h@1.6
    type: modified
  id: 20121018T142258Z.ab4c7a264bce2f96e4fcff01257abb3d0d2d942d
  log: |
    Take a first whack at making zfs permissions work.

    zfs_access uses secpolicy_vnode_access, so it makes no sense for the
    latter to call VOP_ACCESS!

    Everything seems to return EACCES instead of EPERM, probably because
    that's what kauth returns.  This should be fixed, but that may
    require some nontrivial surgery to zfs's calls to secpolicy_*, which
    is where kauth gets involved.

    This commit imports some code from illumos to implement the routine
    secpolicy_vnode_setattr.  This shouldn't be outside dist/, but for
    now it is expedient to do so.  We ought to fix that, along with all
    the other CDDL code outside dist/, when we next import a newer
    version of zfs.
  module: src
  subject: 'CVS commit: src/external/cddl/osnet'
  unixtime: '1350570178'
  user: riastradh