Lines Matching defs:rule
154 struct rule {
155 STAILQ_ENTRY(rule) r_entries;
166 STAILQ_HEAD(rulehead, rule);
175 * Temporary structures used to build a 'struct rule' above.
319 struct rule *rule, *rule_next;
321 STAILQ_FOREACH_SAFE(rule, head, r_entries, rule_next) {
322 free(rule->uids, M_DO);
323 free(rule->gids, M_DO);
324 free(rule, M_DO);
517 parse_target_clause(char *to, struct rule *const rule,
565 nb = &rule->gids_nb;
566 tflags = &rule->gid_flags;
640 nb = &rule->uids_nb;
641 tflags = &rule->uid_flags;
677 if (has_clauses(rule->uids_nb, rule->uid_flags) ||
678 has_clauses(rule->gids_nb, rule->gid_flags)) {
684 rule->uid_flags |= MDF_ANY;
685 rule->gid_flags |= MDF_ANY | MDF_ANY_SUPP |
849 * The second part of a rule, called <target> (or <to>), is a comma-separated
861 parse_single_rule(char *rule, struct rules *const rules,
864 const char *const start = rule;
869 struct rule *new;
879 from_type = strsep_noblanks(&rule, "=");
880 MPASS(from_type != NULL); /* Because 'rule' was not NULL. */
894 from_id = strsep_noblanks(&rule, ":");
919 to_list = strsep_noblanks(&rule, ",");
932 to_list = strsep_noblanks(&rule, ",");
984 * Parse rules specification and produce rule structures out of it.
986 * Returns 0 on success, with '*rulesp' made to point to a 'struct rule'
1013 char *copy, *p, *rule;
1035 while ((rule = strsep_noblanks(&p, ";")) != NULL) {
1036 if (rule[0] == '\0')
1038 error = parse_single_rule(rule, rules, parse_error);
1040 (*parse_error)->pos += rule - copy;
1434 /* If disabled, we'll store an empty rule specification. */
1610 * The passed 'flags' must be those of a rule's matching GID, or the IT_GID type
1641 rule_grant_supplementary_groups(const struct rule *const rule,
1648 const flags_t gid_flags = rule->gid_flags;
1716 for (; rule_idx < rule->gids_nb; ++rule_idx) {
1717 const struct id_spec is = rule->gids[rule_idx];
1766 * Similarly, we have to finish browsing all GIDs from the rule
1770 for (; rule_idx < rule->gids_nb; ++rule_idx) {
1771 const struct id_spec is = rule->gids[rule_idx];
1782 rule_grant_primary_group(const struct rule *const rule,
1789 if ((rule->gid_flags & MDF_ANY) != 0)
1793 if ((rule->gid_flags & MDF_CURRENT) != 0 &&
1795 error = grant_primary_group_from_flags(rule->gid_flags);
1802 found_is = bsearch(&gid_is, rule->gids, rule->gids_nb,
1803 sizeof(*rule->gids), id_spec_cmp);
1815 rule_grant_primary_groups(const struct rule *const rule,
1821 if ((rule->gid_flags & MDF_ANY) != 0)
1824 error = rule_grant_primary_group(rule, old_cred, new_cred->cr_gid);
1827 error = rule_grant_primary_group(rule, old_cred, new_cred->cr_rgid);
1830 error = rule_grant_primary_group(rule, old_cred, new_cred->cr_svgid);
1844 rule_grant_user(const struct rule *const rule,
1850 if ((rule->uid_flags & MDF_ANY) != 0)
1854 if ((rule->uid_flags & MDF_CURRENT) != 0 &&
1860 found_is = bsearch(&uid_is, rule->uids, rule->uids_nb,
1861 sizeof(*rule->uids), id_spec_cmp);
1870 rule_grant_users(const struct rule *const rule,
1876 if ((rule->uid_flags & MDF_ANY) != 0)
1879 error = rule_grant_user(rule, old_cred, new_cred->cr_uid);
1882 error = rule_grant_user(rule, old_cred, new_cred->cr_ruid);
1885 error = rule_grant_user(rule, old_cred, new_cred->cr_svuid);
1893 rule_grant_setcred(const struct rule *const rule,
1898 error = rule_grant_users(rule, old_cred, new_cred);
1901 error = rule_grant_primary_groups(rule, old_cred, new_cred);
1904 error = rule_grant_supplementary_groups(rule, old_cred, new_cred);
1912 rule_applies(const struct rule *const rule, const struct ucred *const cred)
1914 if (rule->from_type == IT_UID && rule->from_id == cred->cr_ruid)
1916 if (rule->from_type == IT_GID && realgroupmember(rule->from_id, cred))
1936 const struct rule *rule;
1975 STAILQ_FOREACH(rule, &rules->head, r_entries)
1976 if (rule_applies(rule, cred)) {
1977 error = rule_grant_setcred(rule, cred, new_cred);