![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to perms.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / contrib / notes / src|
Return to perms.c CVS log | Up to [CSRG BSD Unix] / 43BSD / contrib / notes / src |
1.1 ! root 1: #include "parms.h" ! 2: #include "structs.h" ! 3: ! 4: #ifdef RCSIDENT ! 5: static char rcsid[] = "$Header: perms.c,v 1.7.0.1 85/04/09 11:42:48 notes Rel $"; ! 6: #endif RCSIDENT ! 7: ! 8: /* ! 9: * getperms - opens and reads the permission file to ! 10: * determine the access rights for this user ! 11: * ! 12: * Uses a struture similar to PLATO's. A list is scanned ! 13: * until a match is found. The access rights at that point ! 14: * are then awarded to the user. In the event that no ! 15: * match is found, no access rights are granted. ! 16: * ! 17: * Original Coding: Ray Essick December 1981 ! 18: */ ! 19: #include <grp.h> ! 20: #include <sys/param.h> /* for groups */ ! 21: /* ! 22: * Make sure that the name NGROUPS is defined. ! 23: * pre-4.1a probably doesn't define either. ! 24: * 4.1a uses the NGRPS constant ! 25: * 4.2 uses the NGROUPS constant ! 26: * We make sure that NGROUPS is defined and use that in the ! 27: * generic portion of the routine. The emulation for V7, 4.1, 4.1a ! 28: * and such use the NGRPS or whatever is appropriate. ! 29: */ ! 30: #if defined(NGRPS) && ! defined(NGROUPS) ! 31: #define NGROUPS NGRPS /* name change! */ ! 32: #endif ! 33: #ifndef NGROUPS ! 34: #define NGROUPS 1 /* could be better */ ! 35: #endif NGROUPS ! 36: ! 37: static char *gnameptr[NGROUPS]; /* point to names */ ! 38: static int ngroups = 0; /* true if have gids */ ! 39: ! 40: getperms (io, sysflag, name) ! 41: struct io_f *io; ! 42: int sysflag; /* true for remote system */ ! 43: char *name; ! 44: { ! 45: ! 46: register int i; ! 47: FILE * acs, *fopen (); ! 48: struct group *gr, ! 49: *getgrgid (); ! 50: char fn[WDLEN]; ! 51: struct perm_f entry; ! 52: int hisperms; /* built up perms */ ! 53: int given; /* if assigned perms */ ! 54: ! 55: if (sysflag == 0 && globuid == Notesuid) /* "notes" omnipotent */ ! 56: { ! 57: io -> access = READOK + RESPOK + WRITOK + DRCTOK;/* all */ ! 58: /* ! 59: * should I just set it to -1 or something that turns on ! 60: * all the bits? or leave it with the defined bits only? ! 61: */ ! 62: return; ! 63: } ! 64: ! 65: if (sysflag == 0 && ngroups == 0) ! 66: { ! 67: register int i, ! 68: j; /* temp loop stuff */ ! 69: int gidset[NGROUPS]; /* hold gid list */ ! 70: ! 71: ngroups = NGROUPS; /* max allowed */ ! 72: /* ! 73: * NOTE that the getgroups system call doesn't behave as ! 74: * documented in the 4.2 manual. The manual says to call it ! 75: * ret=getgroups(&ngroups,&gidset) where ngroups is value-result. ! 76: * and ret is 0 on success. Actual implementation works as below. ! 77: */ ! 78: if ((ngroups = getgroups (ngroups, &gidset)) >= 0)/* worked */ ! 79: { ! 80: for (i = 0, j = 0; i < ngroups; i++) /* get names */ ! 81: { ! 82: if ((gr = getgrgid (gidset[i])) == NULL) ! 83: continue; /* bogus, skip it */ ! 84: gnameptr[j++] = strsave (gr -> gr_name);/* save it */ ! 85: } ! 86: ngroups = j; /* save count */ ! 87: } ! 88: } ! 89: io -> access = 0; /* default null */ ! 90: hisperms = 0; /* set up mask */ ! 91: given = 0; ! 92: ! 93: sprintf (fn, "%s/%s/%s", io -> basedir, io -> nf, ACCESS); ! 94: x ((acs = fopen (fn, "r")) == NULL, "getperms: no list"); ! 95: while (fread (&entry, sizeof entry, 1, acs) == 1) ! 96: { ! 97: if ((sysflag != 0) && (entry.ptype != PERMSYSTEM)) ! 98: continue; /* looking for systems */ ! 99: if ((sysflag == 0) && (entry.ptype == PERMSYSTEM)) ! 100: continue; /* users != systems */ ! 101: ! 102: if (strcmp (entry.name, "Other") == 0) ! 103: { ! 104: if (!given) /* he hasn't matched */ ! 105: hisperms = entry.perms; /* give him these */ ! 106: goto gotit; /* and exit ... */ ! 107: } ! 108: switch (entry.ptype) ! 109: { ! 110: case PERMUSER: ! 111: if (strcmp (name, entry.name) == 0) ! 112: { ! 113: hisperms = entry.perms; ! 114: goto gotit; ! 115: } ! 116: break; ! 117: ! 118: case PERMGROUP: /* a group entry */ ! 119: for (i = 0; i < ngroups; i++) /* check all */ ! 120: if (strcmp (entry.name, gnameptr[i]) == 0) ! 121: { ! 122: hisperms |= entry.perms; /* OR them in */ ! 123: given++; /* mark as such */ ! 124: break; ! 125: } ! 126: break; ! 127: ! 128: case PERMSYSTEM: ! 129: if (strcmp (name, entry.name) == 0) ! 130: { ! 131: hisperms = entry.perms; ! 132: given++; ! 133: goto gotit; ! 134: } ! 135: break; ! 136: ! 137: default: /* bad access list */ ! 138: x (1, "getperms: bad list"); ! 139: } ! 140: } ! 141: gotit: ! 142: fclose (acs); /* close the access file */ ! 143: io -> access = hisperms; /* what we built */ ! 144: ! 145: return; ! 146: } ! 147: ! 148: /* ! 149: * Some compatibility routines to let us use the fancy 4.2 Bsd ! 150: * getgroups() system call while running 4.1, 4.1a or V7 kernels. ! 151: * I've undoubtedly missed some kernels. ! 152: */ ! 153: ! 154: ! 155: /* ! 156: * getgroups ! 157: * ! 158: * Returns an integer and a set of groups. ! 159: * Emulates the 4.2 getgroups command under 4.1a Bsd ! 160: * ! 161: * Stolen mostly from the 4.1a command "groups". ! 162: * ! 163: * Ray Essick, January 1984 ! 164: * ! 165: */ ! 166: ! 167: #if defined (BSD41A) ! 168: ! 169: getgroups (ngroups, gidset) ! 170: int ngroups; ! 171: int *gidset; ! 172: { ! 173: register int i; ! 174: register int maxback; /* most to user */ ! 175: int grps[NGRPS / (sizeof (int) * 8)]; /* NGRPS=NGROUPS */ ! 176: ! 177: setgrp (0, grps); /* get groups */ ! 178: maxback = ngroups; /* save limit */ ! 179: ngroups = 0; /* start empty */ ! 180: for (i = 0; i < NGRPS && ngroups < maxback; i++) /* for each */ ! 181: if (grps[i / (sizeof (int) * 8)] & (1 << (i % (sizeof (int) * 8)))) ! 182: { ! 183: *gidset++ = i; /* save the group */ ! 184: ngroups++; /* and count */ ! 185: } ! 186: return (ngroups); ! 187: } ! 188: #endif defined (BSD41A) ! 189: ! 190: /* ! 191: * The V7 and 4.1 version of this system call. Also serves well ! 192: * for the 2.8 Bsd kernels and probably for the more recent BTL ! 193: * kernels. ! 194: * This could be extended to read from /etc/groups to actually give ! 195: * the user all groups he is permitted. ! 196: */ ! 197: ! 198: #if defined (V7) || defined (BSD41) || defined (BSD2x) || defined (USG) ! 199: getgroups (ngroups, gidset) /* simple V7 one */ ! 200: int ngroups; ! 201: int *gidset; ! 202: { ! 203: *gidset = getgid () & GIDMASK; ! 204: ngroups = 1; ! 205: return (1); ! 206: } ! 207: #endif defined (V7) || defined (BSD41) || defined (BSD2x) || defined(USG)
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.