From 0dcdcebbf73dcfd26c6a290073e55a5df51f531e Mon Sep 17 00:00:00 2001 From: Dale Rahn Date: Fri, 17 Jun 2005 20:37:32 +0000 Subject: Extended Attributes was a piece to get to ACLs, however ACLs have not been worked on, so EA is pointless to maintain. --- lib/libc/Makefile.inc | 3 +- lib/libc/posix1e/Makefile.inc | 11 -- lib/libc/posix1e/extattr.3 | 97 ------------------ lib/libc/posix1e/extattr_name.c | 79 --------------- lib/libc/posix1e/posix1e.3 | 81 --------------- lib/libc/sys/Makefile.inc | 14 +-- lib/libc/sys/extattr_get_file.2 | 220 ---------------------------------------- 7 files changed, 2 insertions(+), 503 deletions(-) delete mode 100644 lib/libc/posix1e/Makefile.inc delete mode 100644 lib/libc/posix1e/extattr.3 delete mode 100644 lib/libc/posix1e/extattr_name.c delete mode 100644 lib/libc/posix1e/posix1e.3 delete mode 100644 lib/libc/sys/extattr_get_file.2 (limited to 'lib') diff --git a/lib/libc/Makefile.inc b/lib/libc/Makefile.inc index 2a3f4cd5ee1..2530ec86a47 100644 --- a/lib/libc/Makefile.inc +++ b/lib/libc/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.10 2005/03/07 02:26:41 deraadt Exp $ +# $OpenBSD: Makefile.inc,v 1.11 2005/06/17 20:37:31 drahn Exp $ # # This file contains make rules used to build libc # @@ -51,7 +51,6 @@ AINC+= -nostdinc -idirafter ${DESTDIR}/usr/include .include "${LIBCSRCDIR}/thread/Makefile.inc" .include "${LIBCSRCDIR}/time/Makefile.inc" .include "${LIBCSRCDIR}/sys/Makefile.inc" -.include "${LIBCSRCDIR}/posix1e/Makefile.inc" .if (${YP:L} == "yes") .include "${LIBCSRCDIR}/yp/Makefile.inc" .endif diff --git a/lib/libc/posix1e/Makefile.inc b/lib/libc/posix1e/Makefile.inc deleted file mode 100644 index 500755ec237..00000000000 --- a/lib/libc/posix1e/Makefile.inc +++ /dev/null @@ -1,11 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.1 2002/02/22 21:06:00 drahn Exp $ - -.PATH: ${.CURDIR}/../libc/posix1e - -SRCS+= extattr_name.c - -MAN+= posix1e.3 \ - extattr.3 - -MLINKS+= extattr.3 extattr_namespace_to_string.3 \ - extattr.3 extattr_string_to_namespace.3 diff --git a/lib/libc/posix1e/extattr.3 b/lib/libc/posix1e/extattr.3 deleted file mode 100644 index ca8e062ffe7..00000000000 --- a/lib/libc/posix1e/extattr.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: extattr.3,v 1.5 2003/05/03 18:57:40 jmc Exp $ -.\" -.\" Copyright (c) 2001 Dima Dorfman -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD: extattr.3,v 1.3 2001/10/01 16:09:18 ru Exp $ -.\" -.Dd June 24, 2001 -.Dt EXTATTR 3 -.Os -.Sh NAME -.Nm extattr_namespace_to_string , -.Nm extattr_string_to_namespace -.Nd "convert an extended attribute namespace identifier to a string and vice versa" -.Sh SYNOPSIS -.Fd #include -.Fd #include -.Ft int -.Fn extattr_namespace_to_string "int attrnamespace" "char **string" -.Ft int -.Fn extattr_string_to_namespace "const char *string" "int *attrnamespace" -.Sh DESCRIPTION -The -.Fn extattr_namespace_to_string -function converts a VFS extended attribute identifier to a human-readable -string; -the -.Fn extattr_string_to_namespace -function undoes the aforementioned operation, -and converts a human-readable string representing a namespace to a -namespace identifier. -Although a filesystem may implement arbitrary namespaces, -these functions only support the -.Dv EXTATTR_NAMESPACE_USER -.Pq Dq user -and -.Dv EXTATTR_NAMESPACE_SYSTEM -.Pq Dq system -namespaces, -which are defined in -.Xr extattr 9 . -.Pp -These functions are meant to be used in error reporting and other -interactive tasks. -For example, -instead of printing the integer identifying an extended attribute in -an error message, -a program might use -.Fn extattr_namespace_to_string -to obtain a human-readable representation. -Likewise, -instead of requiring a user to enter the integer representing a namespace, -an interactive program might ask for a name and use -.Fn extattr_string_to_namespace -to get the desired identifier. -.Sh RETURN VALUES -If any of the calls are unsuccessful, the value \-1 is returned -and the global variable -.Va errno -is set to indicate the error. -.Sh ERRORS -.Bl -tag -width Er -.It Bq Er EINVAL -The requested namespace could not be identified. -.El -.Sh SEE ALSO -.Xr extattr 2 , -.Xr getextattr 8 , -.Xr setextattr 8 , -.Xr extattr 9 -.Sh HISTORY -Extended attribute support was developed as part of the -.Tn TrustedBSD -Project. -It was developed to support security extensions requiring additional labels -to be associated with each file or directory. diff --git a/lib/libc/posix1e/extattr_name.c b/lib/libc/posix1e/extattr_name.c deleted file mode 100644 index 73496592826..00000000000 --- a/lib/libc/posix1e/extattr_name.c +++ /dev/null @@ -1,79 +0,0 @@ -/* $OpenBSD: extattr_name.c,v 1.1 2002/02/22 21:06:00 drahn Exp $ */ -/*- - * Copyright (c) 2001 Robert N. M. Watson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* -__FBSDID("$FreeBSD: extattr.c,v 1.3 2001/09/30 22:35:07 dillon Exp $"); -*/ - -/* - * TrustedBSD: Utility functions for extended attributes. - */ - -#include -#include - -#include -#include - -int -extattr_namespace_to_string(int attrnamespace, char **string) -{ - - switch(attrnamespace) { - case EXTATTR_NAMESPACE_USER: - if (*string != NULL) - *string = strdup(EXTATTR_NAMESPACE_USER_STRING); - return (0); - - case EXTATTR_NAMESPACE_SYSTEM: - if (*string != NULL) - *string = strdup(EXTATTR_NAMESPACE_SYSTEM_STRING); - return (0); - - default: - errno = EINVAL; - return (-1); - } -} - -int -extattr_string_to_namespace(const char *string, int *attrnamespace) -{ - - if (!strcmp(string, EXTATTR_NAMESPACE_USER_STRING)) { - if (attrnamespace != NULL) - *attrnamespace = EXTATTR_NAMESPACE_USER; - return (0); - } else if (!strcmp(string, EXTATTR_NAMESPACE_SYSTEM_STRING)) { - if (attrnamespace != NULL) - *attrnamespace = EXTATTR_NAMESPACE_SYSTEM; - return (0); - } else { - errno = EINVAL; - return (-1); - } -} diff --git a/lib/libc/posix1e/posix1e.3 b/lib/libc/posix1e/posix1e.3 deleted file mode 100644 index 51da3848623..00000000000 --- a/lib/libc/posix1e/posix1e.3 +++ /dev/null @@ -1,81 +0,0 @@ -.\" $OpenBSD: posix1e.3,v 1.6 2003/05/07 08:52:43 jmc Exp $ -.\" -.\" Copyright (c) 2000 Robert N. M. Watson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD: src/lib/libc/posix1e/posix1e.3,v 1.19 2001/09/11 09:26:38 ru Exp $ -.\" -.Dd January 17, 2000 -.Dt POSIX1E 3 -.Os -.Sh NAME -.Nm posix1e -.Nd introduction to the POSIX.1e security API -.Sh DESCRIPTION -The IEEE POSIX.1e specification never left draft form, but the interfaces -it describes are now widely used despite inherent limitations. -Currently, only a few of the interfaces and features are implemented in -.Ox , -although efforts are underway to complete the integration at this time. -.Pp -POSIX.1e describes five security extensions to the base POSIX.1 API: -Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access -Control, and Information Flow Labels. -.Pp -POSIX.1e defines both syntax and semantics for these features, but fairly -substantial changes are required to implement these features in the -operating system. -.Sh IMPLEMENTATION NOTES -.Fx Ns 's -support for POSIX.1e interfaces and features is still under -development at this time. -.Sh ENVIRONMENT -POSIX.1e assigns security labels to all objects, extending the security -functionality described in POSIX.1. -These additional labels provide fine-grained discretionary access control, -fine-grained capabilities, -and labels necessary for mandatory access control. -POSIX.2c describes -a set of userland utilities for manipulating these labels. -.Sh SEE ALSO -.Xr extattr 9 -.Sh STANDARDS -POSIX.1e is described in IEEE POSIX.1e draft 17. -Discussion of the draft continues on the cross-platform POSIX.1e implementation -mailing list. -To join this list, see the -.Ox -POSIX.1e implementation -page for more information. -.Sh HISTORY -POSIX.1e support was introduced in -.Ox 3.1 -and development continues. -.Sh AUTHORS -.An Robert N M Watson -.An Chris D. Faulhaber -.An Thomas Moestl -.An Ilmar S Habibulin -.Sh BUGS -These features are not yet fully implemented. diff --git a/lib/libc/sys/Makefile.inc b/lib/libc/sys/Makefile.inc index 53a1ac48ce2..1d3a5e0188c 100644 --- a/lib/libc/sys/Makefile.inc +++ b/lib/libc/sys/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.72 2005/06/17 20:36:10 millert Exp $ +# $OpenBSD: Makefile.inc,v 1.73 2005/06/17 20:37:31 drahn Exp $ # $NetBSD: Makefile.inc,v 1.35 1995/10/16 23:49:07 jtc Exp $ # @(#)Makefile.inc 8.1 (Berkeley) 6/17/93 @@ -59,10 +59,6 @@ ASM= accept.o access.o acct.o adjtime.o bind.o chdir.o chflags.o chmod.o \ utimes.o vadvise.o wait4.o write.o writev.o xfspioctl.o __semctl.o \ __syscall.o __sysctl.o -ASM+= extattrctl.o extattr_set_file.o extattr_get_file.o \ - extattr_delete_file.o extattr_set_fd.o extattr_get_fd.o \ - extattr_delete_fd.o - GASM= ${ASM:.o=.go} PASM= ${ASM:.o=.po} SASM= ${ASM:.o=.so} @@ -228,14 +224,6 @@ MAN+= accept.2 access.2 acct.2 adjtime.2 bind.2 brk.2 chdir.2 chflags.2 \ statfs.2 swapctl.2 symlink.2 sync.2 sysarch.2 syscall.2 truncate.2 \ umask.2 unlink.2 utimes.2 vfork.2 wait.2 write.2 -MAN+= extattr_get_file.2 -MLINKS+=extattr_get_file.2 extattr_set_file.2 \ - extattr_get_file.2 extattr_delete_file.2 \ - extattr_get_file.2 extattr_get_fd.2 \ - extattr_get_file.2 extattr_set_fd.2 \ - extattr_get_file.2 extattr_delete_fd.2 \ - extattr_get_file.2 extattr.2 - MAN+= msgctl.2 shmctl.2 shmat.2 semop.2 semget.2 semctl.2 msgsnd.2 msgrcv.2 \ msgget.2 shmget.2 diff --git a/lib/libc/sys/extattr_get_file.2 b/lib/libc/sys/extattr_get_file.2 deleted file mode 100644 index ba9a80def36..00000000000 --- a/lib/libc/sys/extattr_get_file.2 +++ /dev/null @@ -1,220 +0,0 @@ -.\" $OpenBSD: extattr_get_file.2,v 1.6 2003/06/01 20:02:40 jmc Exp $ -.\" -.\" Copyright (c) 2001 Dima Dorfman -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD: extattr_get_file.2,v 1.7 2002/02/10 04:46:28 rwatson Exp $ -.\" -.Dd March 28, 2001 -.Dt EXTATTR 2 -.Os -.Sh NAME -.Nm extattr_get_fd , -.Nm extattr_set_fd , -.Nm extattr_delete_fd , -.Nm extattr_get_file , -.Nm extattr_set_file , -.Nm extattr_delete_file -.Nd system calls to manipulate VFS extended attributes -.Sh SYNOPSIS -.Fd #include -.Fd #include -.Ft ssize_t -.Fn extattr_get_fd "int fd" "int attrnamespace" "const char *attrname" "void *data" "size_t nbytes" -.Ft int -.Fn extattr_set_fd "int fd" "int attrnamespace" "const char *attrname" "const void *data" "size_t nbytes" -.Ft int -.Fn extattr_delete_fd "int fd" "int attrnamespace" "const char *attrname" -.Ft ssize_t -.Fn extattr_get_file "const char *path" "int attrnamespace" "const char *attrname" "void *data" "size_t nbytes" -.Ft int -.Fn extattr_set_file "const char *path" "int attrnamespace" "const char *attrname" "const void *data" "size_t nbytes" -.Ft int -.Fn extattr_delete_file "const char *path" "int attrnamespace" "const char *attrname" -.Sh DESCRIPTION -Named extended attributes are meta-data associated with vnodes -representing files and directories. -They exist as -.Qq Li name=value -pairs within a set of namespaces. -The -.Fn extattr_get_file -call retrieves the value of the specified extended attribute into -a buffer pointed to by -.Fa data -of size -.Fa nbytes . -The -.Fn extattr_set_file -call sets the value of the specified extended attribute to the data -described by -.Fa data . -The -.Fn extattr_delete_file -call deletes the extended attribute specified. -The -.Fn extattr_get_file -and -.Fn extattr_set_file -calls consume the -.Fa data -and -.Fa nbytes -arguments in the style of -.Xr read 2 -and -.Xr write 2 , -respectively. -If -.Fa data -is -.Dv NULL -in a call to -.Fn extattr_get_file -then the size of defined extended attribute data will be returned, rather -than the quantity read, permitting applications to test the size of the -data without performing a read. -.Pp -The -.Fn extatttr_get_fd , -.Fn extattr_set_fd , -and -.Fn extattr_delete_fd -calls are identical to their -.Qq Li _file -counterparts except for the first argument. -The -.Qq Li _fd -functions take a file descriptor, while the -.Qq Li _file -functions take a path. -Both arguments describe a file associated with the extended attribute -that should be manipulated. -.Pp -The following arguments are common to all the system calls described here: -.Bl -tag -width attrnamespace -.It Fa attrnamespace -the namespace in which the extended attribute resides; see -.Xr extattr 9 -.It Fa attrname -the name of the extended attribute -.El -.Pp -Named extended attribute semantics vary by filesystem implementing the call. -Not all operations may be supported for a particular attribute. -Additionally, the format of the data in -.Fa data -is attribute-specific. -.Pp -For more information on named extended attributes, please see -.Xr extattr 9 . -.Sh RETURN VALUES -If successful, the -.Fn extattr_get_file -and -.Fn extattr_set_file -calls return the number of bytes -that were read or written from the -.Fa data , -respectively, or if -.Fa data -was -.Dv NULL , -then -.Fn extattr_get_file -returns the number of bytes available to read. -If any of the calls are unsuccessful, the value \-1 is returned -and the global variable -.Va errno -is set to indicate the error. -.Pp -.Rv -std extattr_delete_file -.Sh ERRORS -The following errors may be returned by the system calls themselves. -Additionally, the filesystem implementing the call may return any -other errors it desires. -.Bl -tag -width Er -.It Bq Er EFAULT -.Fa attrnamespace , -.Fa attrname , -or the memory range defined by -.Fa data -and -.Fa nbytes -points outside the process's allocated address space. -.It Bq Er ENAMETOOLONG -The attribute name was longer than -.Dv EXTATTR_MAXNAMELEN . -.El -.Pp -The -.Fn extattr_get_fd , -.Fn extattr_set_fd , -and -.Fn extattr_delete_fd -functions may also fail if: -.Bl -tag -width Er -.It Bq Er EBADF -The file descriptor referenced by -.Fa fd -was invalid. -.El -.Pp -Additionally, the -.Fn extattr_get_file , -.Fn extattr_set_file , -and -.Fn extattr_delete_file -calls may also fail due to the following errors: -.Bl -tag -width Er -.It Bq Er ENOTDIR -A component of the path prefix is not a directory. -.It Bq Er ENAMETOOLONG -A component of a pathname exceeded 255 characters, -or an entire path name exceeded 1023 characters. -.It Bq Er ENOENT -A component of the path name that must exist does not exist. -.It Bq Er EACCES -Search permission is denied for a component of the path prefix. -.It Bq Er ENOATTR -An attribute does not exist for the specified existing path. -.\" XXX are any missing? -.El -.Sh SEE ALSO -.Xr extattr 3 , -.Xr extattrctl 8 , -.Xr getextattr 8 , -.Xr setextattr 8 , -.Xr extattr 9 -.Sh HISTORY -Extended attribute support was developed as part of the -.Tn TrustedBSD -Project, and introduced in -.Ox 3.1 . -It was developed to support security extensions requiring additional labels -to be associated with each file or directory. -.Sh CAVEATS -This interface is under active development, and as such is subject to -change as applications are adapted to use it. -Developers are discouraged from relying on its stability. -- cgit v1.2.3