Проект OpenNet: MAN VOP_ACCESS (9) Ядро (FreeBSD и Linux)

Интерактивная система просмотра системных руководств (man-ов)

VOP_ACCESS (9)

>> VOP_ACCESS (9) ( FreeBSD man: Ядро )

BSD mandoc

NAME

VOP_ACCESS

 - check access permissions of a file or Unix domain socket

SYNOPSIS

#include <sys/param.h>
#include <sys/vnode.h>
int VOP_ACCESS (struct vnode *vp int mode struct ucred *cred struct thread *td);

DESCRIPTION

This entry point checks the access permissions of the file against the given credentials.

Its arguments are:

Fa vp: The vnode of the file to check.
Fa mode: The type of access required.
Fa cred: The user credentials to check.
Fa td: The thread which is checking.

The Fa mode is a mask which can contain VREAD VWRITE or VEXEC

LOCKS

The vnode will be locked on entry and should remain locked on return.

RETURN VALUES

If the file is accessible in the specified way, then zero is returned, otherwise an appropriate error code is returned.

PSEUDOCODE

int
vop_access(struct vnode *vp, int mode, struct ucred *cred, struct thread *td)
{
    int error;

    /*
     * Disallow write attempts on read-only file systems;
     * unless the file is a socket, fifo, or a block or
     * character device resident on the filesystem.
     */
    if (mode & VWRITE) {
        switch (vp->v_type) {
        case VDIR:
        case VLNK:
        case VREG:
            if (vp->v_mount->mnt_flag & MNT_RDONLY)
                return EROFS;

            break;
        }
    }

    /* If immutable bit set, nobody gets to write it. */
    if ((mode & VWRITE) && vp has immutable bit set)
        return EPERM;

    /* Otherwise, user id 0 always gets access. */
    if (cred->cr_uid == 0)
        return 0;

    mask = 0;

    /* Otherwise, check the owner. */
    if (cred->cr_uid == owner of vp) {
        if (mode & VEXEC)
            mask |= S_IXUSR;
        if (mode & VREAD)
            mask |= S_IRUSR;
        if (mode & VWRITE)
            mask |= S_IWUSR;
        return (((mode of vp) & mask) == mask ? 0 : EACCES);
    }

    /* Otherwise, check the groups. */
    for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++)
        if (group of vp == *gp) {
            if (mode & VEXEC)
                mask |= S_IXGRP;
            if (mode & VREAD)
                mask |= S_IRGRP;
            if (mode & VWRITE)
                mask |= S_IWGRP;
            return (((mode of vp) & mask) == mask ? 0 : EACCES);
        }

    /* Otherwise, check everyone else. */
    if (mode & VEXEC)
        mask |= S_IXOTH;
    if (mode & VREAD)
        mask |= S_IROTH;
    if (mode & VWRITE)
        mask |= S_IWOTH;
    return (((mode of vp) & mask) == mask ? 0 : EACCES);
}

ERRORS

Bq Er EPERM: An attempt was made to change an immutable file.
Bq Er EACCES: The permission bits the file mode or the ACL do not permit the requested access.