Mercurial Mercurial > upstream > illumos > illumos-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
usr/src/uts/common/fs/zfs/dsl_deleg.c
changeset 13509 04570f5cbeca
parent 13055 8c712bbb18ea
child 13512 060607df0c9d
equal deleted inserted replaced
13508:bf0e4028ac3a 13509:04570f5cbeca 
    18  *
 
    18  *
 
    19  * CDDL HEADER END
 
    19  * CDDL HEADER END
 
    20  */
 
    20  */
 
    21 /*
 
    21 /*
 
    22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
 
    22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
 
       
    23  * Copyright (c) 2011 by Delphix. All rights reserved.
 
    23  */
 
    24  */
 
    24 
    25 
    25 /*
 
    26 /*
 
    26  * DSL permissions are stored in a two level zap attribute
 
    27  * DSL permissions are stored in a two level zap attribute
 
    27  * mechanism.   The first level identifies the "class" of
 
    28  * mechanism.   The first level identifies the "class" of
 
   523 		    ZFS_DELEG_GROUP_SETS, checkflag, &id, avl);
 
   524 		    ZFS_DELEG_GROUP_SETS, checkflag, &id, avl);
 
   524 	}
 
   525 	}
 
   525 }
 
   526 }
 
   526 
   527 
   527 /*
 
   528 /*
 
   528  * Check if user has requested permission.
 
   529  * Check if user has requested permission.  If descendent is set, must have
 
       
   530  * descendent perms.
 
   529  */
 
   531  */
 
   530 int
 
   532 int
 
   531 dsl_deleg_access_impl(dsl_dataset_t *ds, const char *perm, cred_t *cr)
 
   533 dsl_deleg_access_impl(dsl_dataset_t *ds, boolean_t descendent, const char *perm,
 
       
   534     cred_t *cr)
 
   532 {
 
   535 {
 
   533 	dsl_dir_t *dd;
 
   536 	dsl_dir_t *dd;
 
   534 	dsl_pool_t *dp;
 
   537 	dsl_pool_t *dp;
 
   535 	void *cookie;
 
   538 	void *cookie;
 
   536 	int	error;
 
   539 	int	error;
 
   547 
   550 
   548 	if (spa_version(dmu_objset_spa(dp->dp_meta_objset)) <
 
   551 	if (spa_version(dmu_objset_spa(dp->dp_meta_objset)) <
 
   549 	    SPA_VERSION_DELEGATED_PERMS)
 
   552 	    SPA_VERSION_DELEGATED_PERMS)
 
   550 		return (EPERM);
 
   553 		return (EPERM);
 
   551 
   554 
   552 	if (dsl_dataset_is_snapshot(ds)) {
 
   555 	if (dsl_dataset_is_snapshot(ds) || descendent) {
 
   553 		/*
 
   556 		/*
 
   554 		 * Snapshots are treated as descendents only,
 
   557 		 * Snapshots are treated as descendents only,
 
   555 		 * local permissions do not apply.
 
   558 		 * local permissions do not apply.
 
   556 		 */
 
   559 		 */
 
   557 		checkflag = ZFS_DELEG_DESCENDENT;
 
   560 		checkflag = ZFS_DELEG_DESCENDENT;
 
   640 
   643 
   641 	error = dsl_dataset_hold(dsname, FTAG, &ds);
 
   644 	error = dsl_dataset_hold(dsname, FTAG, &ds);
 
   642 	if (error)
 
   645 	if (error)
 
   643 		return (error);
 
   646 		return (error);
 
   644 
   647 
   645 	error = dsl_deleg_access_impl(ds, perm, cr);
 
   648 	error = dsl_deleg_access_impl(ds, B_FALSE, perm, cr);
 
   646 	dsl_dataset_rele(ds, FTAG);
 
   649 	dsl_dataset_rele(ds, FTAG);
 
   647 
   650 
   648 	return (error);
 
   651 	return (error);
 
   649 }
 
   652 }
 
   650 
   653
upstream/illumos/illumos-gate