![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to perms.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / contrib / notes / src|
Return to perms.c CVS log | Up to [CSRG BSD Unix] / 43BSD / contrib / notes / src |
1.1 root 1: #include "parms.h"
2: #include "structs.h"
3:
4: #ifdef RCSIDENT
5: static char rcsid[] = "$Header: perms.c,v 1.7.0.1 85/04/09 11:42:48 notes Rel $";
6: #endif RCSIDENT
7:
8: /*
9: * getperms - opens and reads the permission file to
10: * determine the access rights for this user
11: *
12: * Uses a struture similar to PLATO's. A list is scanned
13: * until a match is found. The access rights at that point
14: * are then awarded to the user. In the event that no
15: * match is found, no access rights are granted.
16: *
17: * Original Coding: Ray Essick December 1981
18: */
19: #include <grp.h>
20: #include <sys/param.h> /* for groups */
21: /*
22: * Make sure that the name NGROUPS is defined.
23: * pre-4.1a probably doesn't define either.
24: * 4.1a uses the NGRPS constant
25: * 4.2 uses the NGROUPS constant
26: * We make sure that NGROUPS is defined and use that in the
27: * generic portion of the routine. The emulation for V7, 4.1, 4.1a
28: * and such use the NGRPS or whatever is appropriate.
29: */
30: #if defined(NGRPS) && ! defined(NGROUPS)
31: #define NGROUPS NGRPS /* name change! */
32: #endif
33: #ifndef NGROUPS
34: #define NGROUPS 1 /* could be better */
35: #endif NGROUPS
36:
37: static char *gnameptr[NGROUPS]; /* point to names */
38: static int ngroups = 0; /* true if have gids */
39:
40: getperms (io, sysflag, name)
41: struct io_f *io;
42: int sysflag; /* true for remote system */
43: char *name;
44: {
45:
46: register int i;
47: FILE * acs, *fopen ();
48: struct group *gr,
49: *getgrgid ();
50: char fn[WDLEN];
51: struct perm_f entry;
52: int hisperms; /* built up perms */
53: int given; /* if assigned perms */
54:
55: if (sysflag == 0 && globuid == Notesuid) /* "notes" omnipotent */
56: {
57: io -> access = READOK + RESPOK + WRITOK + DRCTOK;/* all */
58: /*
59: * should I just set it to -1 or something that turns on
60: * all the bits? or leave it with the defined bits only?
61: */
62: return;
63: }
64:
65: if (sysflag == 0 && ngroups == 0)
66: {
67: register int i,
68: j; /* temp loop stuff */
69: int gidset[NGROUPS]; /* hold gid list */
70:
71: ngroups = NGROUPS; /* max allowed */
72: /*
73: * NOTE that the getgroups system call doesn't behave as
74: * documented in the 4.2 manual. The manual says to call it
75: * ret=getgroups(&ngroups,&gidset) where ngroups is value-result.
76: * and ret is 0 on success. Actual implementation works as below.
77: */
78: if ((ngroups = getgroups (ngroups, &gidset)) >= 0)/* worked */
79: {
80: for (i = 0, j = 0; i < ngroups; i++) /* get names */
81: {
82: if ((gr = getgrgid (gidset[i])) == NULL)
83: continue; /* bogus, skip it */
84: gnameptr[j++] = strsave (gr -> gr_name);/* save it */
85: }
86: ngroups = j; /* save count */
87: }
88: }
89: io -> access = 0; /* default null */
90: hisperms = 0; /* set up mask */
91: given = 0;
92:
93: sprintf (fn, "%s/%s/%s", io -> basedir, io -> nf, ACCESS);
94: x ((acs = fopen (fn, "r")) == NULL, "getperms: no list");
95: while (fread (&entry, sizeof entry, 1, acs) == 1)
96: {
97: if ((sysflag != 0) && (entry.ptype != PERMSYSTEM))
98: continue; /* looking for systems */
99: if ((sysflag == 0) && (entry.ptype == PERMSYSTEM))
100: continue; /* users != systems */
101:
102: if (strcmp (entry.name, "Other") == 0)
103: {
104: if (!given) /* he hasn't matched */
105: hisperms = entry.perms; /* give him these */
106: goto gotit; /* and exit ... */
107: }
108: switch (entry.ptype)
109: {
110: case PERMUSER:
111: if (strcmp (name, entry.name) == 0)
112: {
113: hisperms = entry.perms;
114: goto gotit;
115: }
116: break;
117:
118: case PERMGROUP: /* a group entry */
119: for (i = 0; i < ngroups; i++) /* check all */
120: if (strcmp (entry.name, gnameptr[i]) == 0)
121: {
122: hisperms |= entry.perms; /* OR them in */
123: given++; /* mark as such */
124: break;
125: }
126: break;
127:
128: case PERMSYSTEM:
129: if (strcmp (name, entry.name) == 0)
130: {
131: hisperms = entry.perms;
132: given++;
133: goto gotit;
134: }
135: break;
136:
137: default: /* bad access list */
138: x (1, "getperms: bad list");
139: }
140: }
141: gotit:
142: fclose (acs); /* close the access file */
143: io -> access = hisperms; /* what we built */
144:
145: return;
146: }
147:
148: /*
149: * Some compatibility routines to let us use the fancy 4.2 Bsd
150: * getgroups() system call while running 4.1, 4.1a or V7 kernels.
151: * I've undoubtedly missed some kernels.
152: */
153:
154:
155: /*
156: * getgroups
157: *
158: * Returns an integer and a set of groups.
159: * Emulates the 4.2 getgroups command under 4.1a Bsd
160: *
161: * Stolen mostly from the 4.1a command "groups".
162: *
163: * Ray Essick, January 1984
164: *
165: */
166:
167: #if defined (BSD41A)
168:
169: getgroups (ngroups, gidset)
170: int ngroups;
171: int *gidset;
172: {
173: register int i;
174: register int maxback; /* most to user */
175: int grps[NGRPS / (sizeof (int) * 8)]; /* NGRPS=NGROUPS */
176:
177: setgrp (0, grps); /* get groups */
178: maxback = ngroups; /* save limit */
179: ngroups = 0; /* start empty */
180: for (i = 0; i < NGRPS && ngroups < maxback; i++) /* for each */
181: if (grps[i / (sizeof (int) * 8)] & (1 << (i % (sizeof (int) * 8))))
182: {
183: *gidset++ = i; /* save the group */
184: ngroups++; /* and count */
185: }
186: return (ngroups);
187: }
188: #endif defined (BSD41A)
189:
190: /*
191: * The V7 and 4.1 version of this system call. Also serves well
192: * for the 2.8 Bsd kernels and probably for the more recent BTL
193: * kernels.
194: * This could be extended to read from /etc/groups to actually give
195: * the user all groups he is permitted.
196: */
197:
198: #if defined (V7) || defined (BSD41) || defined (BSD2x) || defined (USG)
199: getgroups (ngroups, gidset) /* simple V7 one */
200: int ngroups;
201: int *gidset;
202: {
203: *gidset = getgid () & GIDMASK;
204: ngroups = 1;
205: return (1);
206: }
207: #endif defined (V7) || defined (BSD41) || defined (BSD2x) || defined(USG)
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.