From owner-p4-projects@FreeBSD.ORG Tue May 29 15:54:24 2007 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 817A016A469; Tue, 29 May 2007 15:54:24 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 417A916A41F for ; Tue, 29 May 2007 15:54:24 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41]) by mx1.freebsd.org (Postfix) with ESMTP id 31B0313C46A for ; Tue, 29 May 2007 15:54:24 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l4TFsOjq038460 for ; Tue, 29 May 2007 15:54:24 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l4TFsNVK038453 for perforce@freebsd.org; Tue, 29 May 2007 15:54:23 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 29 May 2007 15:54:23 GMT Message-Id: <200705291554.l4TFsNVK038453@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 120567 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 May 2007 15:54:24 -0000 http://perforce.freebsd.org/chv.cgi?CH=120567 Change 120567 by rwatson@rwatson_zoo on 2007/05/29 15:53:45 Move suser(9) compatibility APIs to priv.h; eliminate SUSER_ALLOWJAIL as that knowledge is now handled internally to the privilege check facility. This doesn't compile yet. Affected files ... .. //depot/projects/trustedbsd/priv/sys/sys/priv.h#15 edit .. //depot/projects/trustedbsd/priv/sys/sys/systm.h#13 edit Differences ... ==== //depot/projects/trustedbsd/priv/sys/sys/priv.h#15 (text+ko) ==== @@ -466,6 +466,18 @@ struct ucred; int priv_check(struct thread *td, int priv); int priv_check_cred(struct ucred *cred, int priv, int flags); + +/* + * Continue to support external modules that rely on suser(9) -- for now. + */ +int suser(struct thread *td); +int suser_cred(struct ucred *cred, int flags); + +/* + * For historical reasons, flags to priv_check_cred() retain the SUSER_ + * prefix. + */ +#define SUSER_RUID 2 #endif #endif /* !_SYS_PRIV_H_ */ ==== //depot/projects/trustedbsd/priv/sys/sys/systm.h#13 (text+ko) ==== @@ -236,12 +236,6 @@ void cpu_startprofclock(void); void cpu_stopprofclock(void); -/* flags for suser() and suser_cred() */ -#define SUSER_ALLOWJAIL 1 -#define SUSER_RUID 2 - -int suser(struct thread *td); -int suser_cred(struct ucred *cred, int flags); int cr_cansee(struct ucred *u1, struct ucred *u2); int cr_canseesocket(struct ucred *cred, struct socket *so);