ZFS_DELEG_PERM_SEND, cr));
}
-#ifdef HAVE_SMB_SHARE
-/* ARGSUSED */
-static int
-zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
-{
- vnode_t *vp;
- int error;
-
- if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
- NO_FOLLOW, NULL, &vp)) != 0)
- return (error);
-
- /* Now make sure mntpnt and dataset are ZFS */
-
- if (vp->v_vfsp->vfs_fstype != zfsfstype ||
- (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
- zc->zc_name) != 0)) {
- VN_RELE(vp);
- return (SET_ERROR(EPERM));
- }
-
- VN_RELE(vp);
- return (dsl_deleg_access(zc->zc_name,
- ZFS_DELEG_PERM_SHARE, cr));
-}
-#endif /* HAVE_SMB_SHARE */
-
int
zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
{
-#ifdef HAVE_SMB_SHARE
- if (!INGLOBALZONE(curproc))
- return (SET_ERROR(EPERM));
-
- if (secpolicy_nfs(cr) == 0) {
- return (0);
- } else {
- return (zfs_secpolicy_deleg_share(zc, innvl, cr));
- }
-#else
return (SET_ERROR(ENOTSUP));
-#endif /* HAVE_SMB_SHARE */
}
int
zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
{
-#ifdef HAVE_SMB_SHARE
- if (!INGLOBALZONE(curproc))
- return (SET_ERROR(EPERM));
-
- if (secpolicy_smb(cr) == 0) {
- return (0);
- } else {
- return (zfs_secpolicy_deleg_share(zc, innvl, cr));
- }
-#else
return (SET_ERROR(ENOTSUP));
-#endif /* HAVE_SMB_SHARE */
}
static int
return (error);
}
-/*
- * Remove all ACL files in shares dir
- */
-#ifdef HAVE_SMB_SHARE
-static int
-zfs_smb_acl_purge(znode_t *dzp)
-{
- zap_cursor_t zc;
- zap_attribute_t zap;
- zfsvfs_t *zfsvfs = ZTOZSB(dzp);
- int error;
-
- for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
- (error = zap_cursor_retrieve(&zc, &zap)) == 0;
- zap_cursor_advance(&zc)) {
- if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
- NULL, 0)) != 0)
- break;
- }
- zap_cursor_fini(&zc);
- return (error);
-}
-#endif /* HAVE_SMB_SHARE */
-
static int
zfs_ioc_smb_acl(zfs_cmd_t *zc)
{
-#ifdef HAVE_SMB_SHARE
- vnode_t *vp;
- znode_t *dzp;
- vnode_t *resourcevp = NULL;
- znode_t *sharedir;
- zfsvfs_t *zfsvfs;
- nvlist_t *nvlist;
- char *src, *target;
- vattr_t vattr;
- vsecattr_t vsec;
- int error = 0;
-
- if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
- NO_FOLLOW, NULL, &vp)) != 0)
- return (error);
-
- /* Now make sure mntpnt and dataset are ZFS */
-
- if (vp->v_vfsp->vfs_fstype != zfsfstype ||
- (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
- zc->zc_name) != 0)) {
- VN_RELE(vp);
- return (SET_ERROR(EINVAL));
- }
-
- dzp = VTOZ(vp);
- zfsvfs = ZTOZSB(dzp);
- ZFS_ENTER(zfsvfs);
-
- /*
- * Create share dir if its missing.
- */
- mutex_enter(&zfsvfs->z_lock);
- if (zfsvfs->z_shares_dir == 0) {
- dmu_tx_t *tx;
-
- tx = dmu_tx_create(zfsvfs->z_os);
- dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
- ZFS_SHARES_DIR);
- dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
- error = dmu_tx_assign(tx, TXG_WAIT);
- if (error != 0) {
- dmu_tx_abort(tx);
- } else {
- error = zfs_create_share_dir(zfsvfs, tx);
- dmu_tx_commit(tx);
- }
- if (error != 0) {
- mutex_exit(&zfsvfs->z_lock);
- VN_RELE(vp);
- ZFS_EXIT(zfsvfs);
- return (error);
- }
- }
- mutex_exit(&zfsvfs->z_lock);
-
- ASSERT(zfsvfs->z_shares_dir);
- if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
- VN_RELE(vp);
- ZFS_EXIT(zfsvfs);
- return (error);
- }
-
- switch (zc->zc_cookie) {
- case ZFS_SMB_ACL_ADD:
- vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
- vattr.va_mode = S_IFREG|0777;
- vattr.va_uid = 0;
- vattr.va_gid = 0;
-
- vsec.vsa_mask = VSA_ACE;
- vsec.vsa_aclentp = &full_access;
- vsec.vsa_aclentsz = sizeof (full_access);
- vsec.vsa_aclcnt = 1;
-
- error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
- &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
- if (resourcevp)
- VN_RELE(resourcevp);
- break;
-
- case ZFS_SMB_ACL_REMOVE:
- error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
- NULL, 0);
- break;
-
- case ZFS_SMB_ACL_RENAME:
- if ((error = get_nvlist(zc->zc_nvlist_src,
- zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
- VN_RELE(vp);
- VN_RELE(ZTOV(sharedir));
- ZFS_EXIT(zfsvfs);
- return (error);
- }
- if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
- nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
- &target)) {
- VN_RELE(vp);
- VN_RELE(ZTOV(sharedir));
- ZFS_EXIT(zfsvfs);
- nvlist_free(nvlist);
- return (error);
- }
- error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
- kcred, NULL, 0);
- nvlist_free(nvlist);
- break;
-
- case ZFS_SMB_ACL_PURGE:
- error = zfs_smb_acl_purge(sharedir);
- break;
-
- default:
- error = SET_ERROR(EINVAL);
- break;
- }
-
- VN_RELE(vp);
- VN_RELE(ZTOV(sharedir));
-
- ZFS_EXIT(zfsvfs);
-
- return (error);
-#else
return (SET_ERROR(ENOTSUP));
-#endif /* HAVE_SMB_SHARE */
}
/*
kmem_cache_free(znode_hold_cache, zh);
}
-int
-zfs_create_share_dir(zfsvfs_t *zfsvfs, dmu_tx_t *tx)
-{
-#ifdef HAVE_SMB_SHARE
- zfs_acl_ids_t acl_ids;
- vattr_t vattr;
- znode_t *sharezp;
- vnode_t *vp;
- znode_t *zp;
- int error;
-
- vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
- vattr.va_mode = S_IFDIR | 0555;
- vattr.va_uid = crgetuid(kcred);
- vattr.va_gid = crgetgid(kcred);
-
- sharezp = kmem_cache_alloc(znode_cache, KM_SLEEP);
- sharezp->z_moved = 0;
- sharezp->z_unlinked = 0;
- sharezp->z_atime_dirty = 0;
- sharezp->z_zfsvfs = zfsvfs;
- sharezp->z_is_sa = zfsvfs->z_use_sa;
- sharezp->z_pflags = 0;
-
- vp = ZTOV(sharezp);
- vn_reinit(vp);
- vp->v_type = VDIR;
-
- VERIFY(0 == zfs_acl_ids_create(sharezp, IS_ROOT_NODE, &vattr,
- kcred, NULL, &acl_ids));
- zfs_mknode(sharezp, &vattr, tx, kcred, IS_ROOT_NODE, &zp, &acl_ids);
- ASSERT3P(zp, ==, sharezp);
- ASSERT(!vn_in_dnlc(ZTOV(sharezp))); /* not valid to move */
- POINTER_INVALIDATE(&sharezp->z_zfsvfs);
- error = zap_add(zfsvfs->z_os, MASTER_NODE_OBJ,
- ZFS_SHARES_DIR, 8, 1, &sharezp->z_id, tx);
- zfsvfs->z_shares_dir = sharezp->z_id;
-
- zfs_acl_ids_free(&acl_ids);
- // ZTOV(sharezp)->v_count = 0;
- sa_handle_destroy(sharezp->z_sa_hdl);
- kmem_cache_free(znode_cache, sharezp);
-
- return (error);
-#else
- return (0);
-#endif /* HAVE_SMB_SHARE */
-}
-
static void
zfs_znode_sa_init(zfsvfs_t *zfsvfs, znode_t *zp,
dmu_buf_t *db, dmu_object_type_t obj_type, sa_handle_t *sa_hdl)
sa_handle_destroy(rootzp->z_sa_hdl);
kmem_cache_free(znode_cache, rootzp);
- /*
- * Create shares directory
- */
- error = zfs_create_share_dir(zfsvfs, tx);
- ASSERT(error == 0);
-
for (i = 0; i != size; i++) {
avl_destroy(&zfsvfs->z_hold_trees[i]);
mutex_destroy(&zfsvfs->z_hold_locks[i]);
projects / mirror_zfs.git / commitdiff