diff options
Diffstat (limited to 'static/freebsd/man9/vaccess_acl_nfs4.9 3.html')
| -rw-r--r-- | static/freebsd/man9/vaccess_acl_nfs4.9 3.html | 111 |
1 files changed, 0 insertions, 111 deletions
diff --git a/static/freebsd/man9/vaccess_acl_nfs4.9 3.html b/static/freebsd/man9/vaccess_acl_nfs4.9 3.html deleted file mode 100644 index 809b8c41..00000000 --- a/static/freebsd/man9/vaccess_acl_nfs4.9 3.html +++ /dev/null @@ -1,111 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">VACCESS_ACL_NFS4(9)</td> - <td class="head-vol">Kernel Developer's Manual</td> - <td class="head-rtitle">VACCESS_ACL_NFS4(9)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">vaccess_acl_nfs4</code> — - <span class="Nd">generate a NFSv4 ACL access control decision using vnode - parameters</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="In">#include - <<a class="In">sys/param.h</a>></code> - <br/> - <code class="In">#include <<a class="In">sys/vnode.h</a>></code> - <br/> - <code class="In">#include <<a class="In">sys/acl.h</a>></code></p> -<p class="Pp"><var class="Ft">int</var> - <br/> - <code class="Fn">vaccess_acl_nfs4</code>(<var class="Fa">enum vtype - type</var>, <var class="Fa">uid_t file_uid</var>, <var class="Fa">gid_t - file_gid</var>, <var class="Fa">struct acl *acl</var>, - <var class="Fa">accmode_t accmode</var>, <var class="Fa">struct ucred - *cred</var>, <var class="Fa">int *privused</var>);</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">This call implements the logic for the - <span class="Ux">UNIX</span> discretionary file security model with NFSv4 - ACL extensions. It accepts the vnodes type <var class="Fa">type</var>, - owning UID <var class="Fa">file_uid</var>, owning GID - <var class="Fa">file_gid</var>, access ACL for the file - <var class="Fa">acl</var>, desired access mode - <var class="Fa">accmode</var>, requesting credential - <var class="Fa">cred</var>, and an optional call-by-reference - <var class="Vt">int</var> pointer returning whether or not privilege was - required for successful evaluation of the call; the - <var class="Fa">privused</var> pointer may be set to - <code class="Dv">NULL</code> by the caller in order not to be informed of - privilege information, or it may point to an integer that will be set to 1 - if privilege is used, and 0 otherwise.</p> -<p class="Pp" id="vaccess_acl_nfs4">This call is intended to support - implementations of <a class="Xr">VOP_ACCESS(9)</a>, which will use their own - access methods to retrieve the vnode properties, and then invoke - <a class="permalink" href="#vaccess_acl_nfs4"><code class="Fn">vaccess_acl_nfs4</code></a>() - in order to perform the actual check. Implementations of - <a class="Xr">VOP_ACCESS(9)</a> may choose to implement additional security - mechanisms whose results will be composed with the return value.</p> -<p class="Pp" id="vaccess_acl_nfs4~2">The algorithm used by - <a class="permalink" href="#vaccess_acl_nfs4~2"><code class="Fn">vaccess_acl_nfs4</code></a>() - is based on the NFSv4 ACL evaluation algorithm, as described in NFSv4 Minor - Version 1, draft-ietf-nfsv4-minorversion1-21.txt. The algorithm selects a - <a class="permalink" href="#matching"><i class="Em" id="matching">matching</i></a> - entry from the access ACL, which may then be composed with an available ACL - mask entry, providing <span class="Ux">UNIX</span> security - compatibility.</p> -<p class="Pp">Once appropriate protections are selected for the current - credential, the requested access mode, in combination with the vnode type, - will be compared with the discretionary rights available for the credential. - If the rights granted by discretionary protections are insufficient, then - super-user privilege, if available for the credential, will also be - considered.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="RETURN_VALUES"><a class="permalink" href="#RETURN_VALUES">RETURN - VALUES</a></h1> -<p class="Pp"><code class="Fn">vaccess_acl_nfs4</code>() will return 0 on - success, or a non-zero error value on failure.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ERRORS"><a class="permalink" href="#ERRORS">ERRORS</a></h1> -<dl class="Bl-tag"> - <dt id="EACCES">[<a class="permalink" href="#EACCES"><code class="Er">EACCES</code></a>]</dt> - <dd>Permission denied. An attempt was made to access a file in a way forbidden - by its file access permissions.</dd> - <dt id="EPERM">[<a class="permalink" href="#EPERM"><code class="Er">EPERM</code></a>]</dt> - <dd>Operation not permitted. An attempt was made to perform an operation - limited to processes with appropriate privileges or to the owner of a file - or other resource.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">vaccess(9)</a>, <a class="Xr">vnode(9)</a>, - <a class="Xr">VOP_ACCESS(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">Current implementation of - <code class="Fn">vaccess_acl_nfs4</code>() was written by - <span class="An">Edward Tomasz Napierala</span> - <<a class="Mt" href="mailto:trasz@FreeBSD.org">trasz@FreeBSD.org</a>>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">This manual page should include a full description of the NFSv4 - ACL evaluation algorithm, or cross reference another page that does.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 18, 2009</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |