xref: /onnv-gate/usr/src/lib/libbsm/common/devalloc.h (revision 11529:0396f567d7e1) 
11676Sjpk /*
21676Sjpk  * CDDL HEADER START
31676Sjpk  *
41676Sjpk  * The contents of this file are subject to the terms of the
51676Sjpk  * Common Development and Distribution License (the "License").
61676Sjpk  * You may not use this file except in compliance with the License.
71676Sjpk  *
81676Sjpk  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
91676Sjpk  * or http://www.opensolaris.org/os/licensing.
101676Sjpk  * See the License for the specific language governing permissions
111676Sjpk  * and limitations under the License.
121676Sjpk  *
131676Sjpk  * When distributing Covered Code, include this CDDL HEADER in each
141676Sjpk  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
151676Sjpk  * If applicable, add the following below this CDDL HEADER, with the
161676Sjpk  * fields enclosed by brackets "[]" replaced with your own identifying
171676Sjpk  * information: Portions Copyright [yyyy] [name of copyright owner]
181676Sjpk  *
191676Sjpk  * CDDL HEADER END
201676Sjpk  */
211676Sjpk 
221676Sjpk /*
23*11529SJan.Parcel@Sun.COM  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
241676Sjpk  * Use is subject to license terms.
251676Sjpk  */
261676Sjpk 
271676Sjpk #ifndef	_DEVALLOC_H
281676Sjpk #define	_DEVALLOC_H
291676Sjpk 
301676Sjpk #ifdef	__cplusplus
311676Sjpk extern "C" {
321676Sjpk #endif
331676Sjpk 
341676Sjpk #include <stdio.h>
351676Sjpk #include <fcntl.h>
361676Sjpk #include <sys/param.h>
371676Sjpk #include <secdb.h>
381676Sjpk 
391676Sjpk /*
401676Sjpk  * These are unsupported, SUNWprivate interfaces.
411676Sjpk  */
421676Sjpk 
431676Sjpk #define	DA_UID			(uid_t)0	/* root */
441676Sjpk #define	DA_GID			(gid_t)3	/* sys */
454514Saj #define	ALLOC_MODE		0600
46*11529SJan.Parcel@Sun.COM #define	DEALLOC_MODE		0000
474514Saj 
481676Sjpk #define	LOGINDEVPERM		"/etc/logindevperm"
491676Sjpk #define	DA_DB_LOCK		"/etc/security/.da_db_lock"
501676Sjpk #define	DA_DEV_LOCK		"/etc/security/.da_dev_lock"
511676Sjpk #define	DEVALLOC		"/etc/security/device_allocate"
521676Sjpk #define	DEVMAP			"/etc/security/device_maps"
531676Sjpk #define	DEFATTRS		"/etc/security/tsol/devalloc_defaults"
541676Sjpk #define	TMPALLOC		"/etc/security/.device_allocate"
551676Sjpk #define	TMPMAP			"/etc/security/.device_maps"
561676Sjpk #define	TMPATTRS		"/etc/security/tsol/.devalloc_defaults"
571676Sjpk 
581676Sjpk #define	DA_DEFAULT_MIN		"admin_low"
591676Sjpk #define	DA_DEFAULT_MAX		"admin_high"
601676Sjpk #define	DA_DEFAULT_CLEAN	"/bin/true"
611676Sjpk #define	DA_DEFAULT_AUDIO_CLEAN	"/etc/security/lib/audio_clean_wrapper"
621676Sjpk #define	DA_DEFAULT_DISK_CLEAN	"/etc/security/lib/disk_clean"
631676Sjpk #define	DA_DEFAULT_TAPE_CLEAN	"/etc/security/lib/st_clean"
641676Sjpk 
651676Sjpk #define	DA_ON_STR		"DEVICE_ALLOCATION=ON\n"
661676Sjpk #define	DA_OFF_STR		"DEVICE_ALLOCATION=OFF\n"
671676Sjpk #define	DA_IS_LABELED		"system_labeled"
681676Sjpk #define	DA_DBMODE		0644
691676Sjpk #define	DA_COUNT		5	/* allocatable devices suppported */
701676Sjpk 					/* audio, cd, floppy, rmdisk, tape */
711676Sjpk #define	DA_AUTHLEN		MAX_CANON   /* approx. sum of strlen of all */
721676Sjpk 					    /* device auths in auth_list.h */
731676Sjpk #define	DA_MAXNAME		80
74*11529SJan.Parcel@Sun.COM #define	DA_MAX_DEVNO		((8 * sizeof (uint64_t)) - 1)
751676Sjpk #define	DA_BUFSIZE		4096
761676Sjpk 
771676Sjpk #define	DA_RDWR			O_RDWR|O_CREAT|O_NONBLOCK
781676Sjpk #define	DA_RDONLY		O_RDONLY|O_NONBLOCK
791676Sjpk 
801676Sjpk #define	DA_ANYUSER		"*"
811676Sjpk #define	DA_NOUSER		"@"
821676Sjpk 
831676Sjpk #define	DA_SILENT		0x00000001
841676Sjpk #define	DA_VERBOSE		0x00000002
851676Sjpk #define	DA_ADD			0x00000004
861676Sjpk #define	DA_REMOVE		0x00000008
871676Sjpk #define	DA_UPDATE		0x00000010
881676Sjpk #define	DA_ADD_ZONE		0x00000020
891676Sjpk #define	DA_REMOVE_ZONE		0x00000040
901676Sjpk #define	DA_FORCE		0x00000080
911676Sjpk #define	DA_ALLOC_ONLY		0x00000100
921676Sjpk #define	DA_MAPS_ONLY		0x00000200
931676Sjpk #define	DA_ON			0x00000400
941676Sjpk #define	DA_OFF			0x00000800
951676Sjpk #define	DA_NO_OVERRIDE		0x00001000
961676Sjpk #define	DA_DEFATTRS		0x00002000
97*11529SJan.Parcel@Sun.COM #define	DA_EVENT		0x00004000
981676Sjpk 
991676Sjpk #define	DA_AUDIO		0x00001000
1001676Sjpk #define	DA_CD			0x00002000
1011676Sjpk #define	DA_FLOPPY		0x00004000
1021676Sjpk #define	DA_TAPE			0x00008000
1031676Sjpk #define	DA_RMDISK		0x00010000
1041676Sjpk 
1051676Sjpk #define	DA_AUDIO_NAME		"audio"
1061676Sjpk #define	DA_SOUND_NAME		"sound"
1071676Sjpk #define	DA_AUDIO_TYPE		DA_AUDIO_NAME
1081676Sjpk #define	DA_AUDIO_DIR		"/dev/sound/"
1091676Sjpk 
1101676Sjpk #define	DA_CD_NAME		"cdrom"
1111676Sjpk #define	DA_CD_TYPE		"sr"
1121676Sjpk 
1131676Sjpk #define	DA_DISK_DIR		"/dev/dsk/"
1141676Sjpk #define	DA_DISK_DIRR		"/dev/rdsk/"
1151676Sjpk #define	DA_DISKR_DIR		"/dev/(r)dsk"
1161676Sjpk 
1171676Sjpk #define	DA_FLOPPY_NAME		"floppy"
1181676Sjpk #define	DA_FLOPPY_TYPE		"fd"
1191676Sjpk 
1201676Sjpk #define	DA_RMDISK_NAME		"rmdisk"
1211676Sjpk #define	DA_RMDISK_TYPE		DA_RMDISK_NAME
1221676Sjpk 
1231676Sjpk #define	DA_TAPE_NAME		"tape"
1241676Sjpk #define	DA_TAPE_DIR		"/dev/rmt/"
1251676Sjpk #define	DA_TAPE_TYPE		"st"
1261676Sjpk 
1271676Sjpk typedef struct _devinfo_t {
1281676Sjpk 	char	*devname;
1291676Sjpk 	char	*devtype;
1301676Sjpk 	char	*devauths;
1311676Sjpk 	char	*devexec;
1321676Sjpk 	char	*devopts;
1331676Sjpk 	char	*devlist;
1341676Sjpk 	int	instance;
1351676Sjpk } devinfo_t;
1361676Sjpk 
1371676Sjpk typedef struct _deventry_t {
1381676Sjpk 	devinfo_t		devinfo;
1391676Sjpk 	struct _deventry_t	*next;
1401676Sjpk } deventry_t;
1411676Sjpk 
1421676Sjpk typedef struct _devlist_t {
1431676Sjpk 	deventry_t	*audio;
1441676Sjpk 	deventry_t	*cd;
1451676Sjpk 	deventry_t	*floppy;
1461676Sjpk 	deventry_t	*tape;
1471676Sjpk 	deventry_t	*rmdisk;
1481676Sjpk } devlist_t;
1491676Sjpk 
1501676Sjpk typedef struct _da_optargs {
1511676Sjpk 	int		optflag;
1521676Sjpk 	char		*rootdir;
1531676Sjpk 	char		**devnames;
1541676Sjpk 	devinfo_t	*devinfo;
1551676Sjpk } da_args;
1561676Sjpk 
1571676Sjpk typedef struct _da_defs {
1581676Sjpk 	char		*devtype;
1591676Sjpk 	kva_t		*devopts;
1601676Sjpk } da_defs_t;
1611676Sjpk 
1621676Sjpk da_defs_t *getdadefent(void);
1631676Sjpk da_defs_t *getdadeftype(char *);
1641676Sjpk void freedadefent(da_defs_t *);
1651676Sjpk void setdadefent(void);
1661676Sjpk void enddadefent(void);
1671676Sjpk int da_is_on(void);
1681676Sjpk int da_check_logindevperm(char *);
1691676Sjpk int da_open_devdb(char *, FILE **, FILE **, int);
1701676Sjpk int da_update_device(da_args *);
1711676Sjpk int da_update_defattrs(da_args *);
1721676Sjpk int da_add_list(devlist_t *, char *, int, int);
1731676Sjpk int da_remove_list(devlist_t *, char *, int, char *, int);
174*11529SJan.Parcel@Sun.COM int da_rm_list_entry(devlist_t *, char *, int, char *);
1751676Sjpk void da_print_device(int, devlist_t *);
1761676Sjpk 
1771676Sjpk 
1781676Sjpk #ifdef	__cplusplus
1791676Sjpk }
1801676Sjpk #endif
1811676Sjpk 
1821676Sjpk #endif	/* _DEVALLOC_H */
183