Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/libscf/inc/libscf_priv.h
+++ new/usr/src/lib/libscf/inc/libscf_priv.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
|
↓ open down ↓ |
21 lines elided |
↑ open up ↑ |
22 22 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
23 23 * Copyright 2013, Joyent, Inc. All rights reserved.
24 24 */
25 25
26 26 #ifndef _LIBSCF_PRIV_H
27 27 #define _LIBSCF_PRIV_H
28 28
29 29
30 30 #include <libscf.h>
31 31 #include <unistd.h>
32 +#if !defined(NATIVE_BUILD)
33 +#include <sys/secflags.h>
34 +#endif
32 35
33 36 #ifdef __cplusplus
34 37 extern "C" {
35 38 #endif
36 39
37 40 /*
38 41 * NOTE
39 42 *
40 43 * The contents of this file are private to the implementation of Solaris
41 44 * and are subject to change at any time without notice.
42 45 */
43 46
44 47 #define SCF_PG_GENERAL_TYPE SCF_GROUP_FRAMEWORK
45 48 #define SCF_PG_GENERAL_FLAGS 0
46 49
47 50 #define SCF_PG_GENERAL_OVR_TYPE SCF_GROUP_FRAMEWORK
48 51 #define SCF_PG_GENERAL_OVR_FLAGS SCF_PG_FLAG_NONPERSISTENT
49 52
50 53 #define SCF_PG_DEATHROW_TYPE SCF_GROUP_FRAMEWORK
51 54 #define SCF_PG_DEATHROW_FLAGS SCF_PG_FLAG_NONPERSISTENT
52 55
53 56 #define SCF_PG_OPTIONS_TYPE SCF_GROUP_FRAMEWORK
54 57 #define SCF_PG_OPTIONS_FLAGS 0
55 58
56 59 #define SCF_PG_OPTIONS_OVR_TYPE SCF_GROUP_FRAMEWORK
57 60 #define SCF_PG_OPTIONS_OVR_FLAGS SCF_PG_FLAG_NONPERSISTENT
58 61
59 62 #define SCF_PG_RESTARTER_TYPE SCF_GROUP_FRAMEWORK
60 63 #define SCF_PG_RESTARTER_FLAGS SCF_PG_FLAG_NONPERSISTENT
61 64
62 65 #define SCF_PG_RESTARTER_ACTIONS_TYPE SCF_GROUP_FRAMEWORK
63 66 #define SCF_PG_RESTARTER_ACTIONS_FLAGS SCF_PG_FLAG_NONPERSISTENT
64 67
65 68 #define SCF_PROPERTY_CLEAR ((const char *)"maint_off")
66 69 #define SCF_PROPERTY_MAINTENANCE ((const char *)"maint_on")
67 70
68 71 #define SCF_PROPERTY_LOGFILE ((const char *)"logfile")
69 72 #define SCF_PROPERTY_ALT_LOGFILE ((const char *)"alt_logfile")
70 73
71 74 #define SCF_LEGACY_SERVICE ((const char *)"smf/legacy_run")
72 75
73 76 #define SCF_LEGACY_PROPERTY_NAME ((const char *)"name")
74 77 #define SCF_LEGACY_PROPERTY_INODE ((const char *)"inode")
75 78 #define SCF_LEGACY_PROPERTY_SUFFIX ((const char *)"suffix")
76 79
77 80 #define SCF_FMRI_TYPE_SVC 0x1
78 81 #define SCF_FMRI_TYPE_FILE 0x2
79 82
80 83 /*
81 84 * Strings for use in constructing FMRIs
82 85 */
83 86 #define SCF_FMRI_SVC_PREFIX "svc:"
84 87 #define SCF_FMRI_FILE_PREFIX "file:"
85 88 #define SCF_FMRI_SCOPE_PREFIX "//"
86 89 #define SCF_FMRI_LOCAL_SCOPE "localhost"
87 90 #define SCF_FMRI_SCOPE_SUFFIX "@localhost"
88 91 #define SCF_FMRI_SERVICE_PREFIX "/"
89 92 #define SCF_FMRI_INSTANCE_PREFIX ":"
90 93 #define SCF_FMRI_PROPERTYGRP_PREFIX "/:properties/"
91 94 #define SCF_FMRI_PROPERTY_PREFIX "/"
92 95 #define SCF_FMRI_LEGACY_PREFIX "lrc:"
93 96
94 97 /*
95 98 * sulogin Service FMRI
96 99 */
97 100 #define SVC_SULOGIN_FMRI ((const char *)"svc:/system/sulogin")
98 101
99 102 typedef struct scf_decoration_info {
100 103 const char *sdi_name;
101 104 scf_type_t sdi_type;
102 105 scf_value_t *sdi_value; /* can be SCF_DECORATE_CLEAR */
103 106 } scf_decoration_info_t;
104 107
105 108 typedef int (*scf_decoration_func)(const scf_decoration_info_t *, void *);
106 109
107 110 /*
108 111 * calls a callback function for each decoration on the handle. If the
109 112 * callback returns 0, the iteration stops and returns 0. If the callback
110 113 * returns a non-zero value, the iteration continues. After full completion,
111 114 * 1 is returned. On error, -1 is returned.
112 115 */
113 116 int _scf_handle_decorations(scf_handle_t *, scf_decoration_func *,
114 117 scf_value_t *, void *);
115 118
116 119 /*
117 120 * wait for a change to the propertygroup -- may return early.
118 121 * For now, only one of these can be outstanding at a time.
119 122 *
120 123 * The second argument is how long, in seconds, to wait for a response.
121 124 *
122 125 * Returns SCF_COMPLETE on timeout, -1 on error, and SCF_SUCCESS in every
123 126 * other case. You must call scf_pg_update() to see if the object has
124 127 * actually changed.
125 128 */
126 129 int _scf_pg_wait(scf_propertygroup_t *, int);
127 130
128 131 /*
129 132 * set up notifications for changes to a class of property groups (by name
130 133 * and type)
131 134 *
132 135 * Only one thread can be sleeping in _scf_notify_wait() -- others will
133 136 * fail. Deletions give an fmri in the output path.
134 137 *
135 138 * These do not survive unbind()->bind() -- in fact, that is currently the
136 139 * only way to clear them.
137 140 */
138 141 int _scf_notify_add_pgname(scf_handle_t *, const char *);
139 142 int _scf_notify_add_pgtype(scf_handle_t *, const char *);
140 143 int _scf_notify_wait(scf_propertygroup_t *, char *, size_t);
141 144
142 145 /*
143 146 * Internal interfaces for snapshot creation:
144 147 * _scf_snapshot_take_new(), _scf_snapshot_take_new_named(), and
145 148 * _scf_snapshot_take_attach() create a set of snaplevels
146 149 * containing frozen versions of both the instance's property groups and
147 150 * its parent service's property groups. _scf_snapshot_take_new() and
148 151 * _scf_snapshot_take_new_named() create a new snapshot to which the
149 152 * new snaplevels are attached, while _scf_snapshot_take_attach()
150 153 * attaches the new snaplevels to a pre-existing snapshot.
151 154 *
152 155 * _scf_snapshot_take_new_named() records the passed in names into the
153 156 * snaplevel instead of the instance and service name. This creates
154 157 * an inconsistency, which should be resolved by using
155 158 * _scf_snapshot_attach() to attach the new snaplevels to a snapshot
156 159 * underneath the appropriate instance. The first snapshot can
157 160 * then be deleted.
158 161 *
159 162 * _scf_snapshot_attach(snap1, snap2) points snap2 at the snaplevels
160 163 * pointed to by snap1. After a call to either
161 164 * _scf_snapshot_take_attach(snap1, snap2) or
162 165 * _scf_snapshot_attach(inst, snap), scf_snapshot_update() will be
163 166 * required for any open references to snap or snap2 to see the new
164 167 * snaplevels.
165 168 *
166 169 * _scf_snapshot_delete() deletes the snapshot object. While
167 170 * snaplevels, being only loosely connected to snapshots, stay
168 171 * around until they are no longer referenced, any references *through
169 172 * this snapshot object* will be invalidated.
170 173 *
171 174 * _scf_snapshot_take_new() can fail with at least _HANDLE_MISMATCH,
172 175 * _CONNECTION_BROKEN, _INVALID_ARGUMENT, _NO_RESOURCES, _PERMISSION_DENIED,
173 176 * _NOT_SET, _EXISTS.
174 177 *
175 178 * _scf_snapshot_take_new_named() can fail with at least _HANDLE_MISMATCH,
176 179 * _CONNECTION_BROKEN, _INVALID_ARGUMENT, _NO_RESOURCES, _PERMISSION_DENIED,
177 180 * _NOT_SET, _EXISTS.
178 181 *
179 182 * _scf_snapshot_take_attach() can fail with _CONNECTION_BROKEN, _NOT_SET,
180 183 * _PERMISSION_DENIED, _NO_RESOURCES, _INVALID_ARGUMENT.
181 184 *
182 185 * _scf_snapshot_attach() can fail with _HANDLE_MISMATCH, _CONNECTION_BROKEN,
183 186 * _NOT_SET, _NO_RESOURCES, _PERMISSION_DENIED.
184 187 */
185 188 int _scf_snapshot_take_new(scf_instance_t *, const char *, scf_snapshot_t *);
186 189 int _scf_snapshot_take_new_named(scf_instance_t *,
187 190 const char *, const char *, const char *, scf_snapshot_t *);
188 191 int _scf_snapshot_take_attach(scf_instance_t *, scf_snapshot_t *);
189 192 int _scf_snapshot_attach(scf_snapshot_t *, scf_snapshot_t *);
190 193 int _scf_snapshot_delete(scf_snapshot_t *);
191 194
192 195 /*
193 196 * Destructively portions up the first argument into the different portions
194 197 * of a svc: fmri, and returns pointers to the applicable portions. Omitted
195 198 * portions are set to NULL, except for the scope, which is set to the
196 199 * default local scope if not specified.
197 200 *
198 201 * Parsing is attempted in the order of: svc:, file:. The identified type
199 202 * of the service is returned in the second argument and may take a value
200 203 * of: SCF_FMRI_TYPE_SVC or SCF_FMRI_TYPE_FILE.
201 204 *
202 205 * Note that some of the returned pointers (in particular the scope) may not
203 206 * point into the passed buffer.
204 207 */
205 208 int scf_parse_fmri(char *, int *, const char **, const char **, const char **,
206 209 const char **, const char **);
207 210
208 211 int scf_parse_svc_fmri(char *, const char **, const char **, const char **,
209 212 const char **, const char **);
210 213
211 214 int scf_parse_file_fmri(char *fmri, const char **scope, const char **path);
212 215
213 216 ssize_t scf_canonify_fmri(const char *, char *, size_t);
214 217
215 218 int _smf_refresh_instance_i(scf_instance_t *);
216 219
217 220 typedef struct scf_simple_handle {
218 221 scf_handle_t *h;
219 222 scf_snapshot_t *snap;
220 223 scf_instance_t *inst;
221 224 scf_propertygroup_t *running_pg;
222 225 scf_propertygroup_t *editing_pg;
223 226 } scf_simple_handle_t;
224 227
225 228 void scf_simple_handle_destroy(scf_simple_handle_t *);
226 229 scf_simple_handle_t *scf_general_pg_setup(const char *, const char *);
227 230 scf_transaction_t *scf_transaction_setup(scf_simple_handle_t *);
228 231 int scf_transaction_restart(scf_simple_handle_t *, scf_transaction_t *);
229 232 int scf_read_count_property(scf_simple_handle_t *, char *, uint64_t *);
230 233 int scf_set_count_property(scf_transaction_t *, char *, uint64_t, boolean_t);
231 234
232 235 /*
233 236 * Walks all the instances matching a given fmri list. Each fmri in the array
234 237 * can be one of the following:
235 238 *
236 239 * - Full instance name
237 240 * - Full service name
238 241 * - Full property group or property name
239 242 * - Partial service or instance name
240 243 * - A globbed pattern
241 244 *
242 245 * The matching rules for partial fmris are a slightly more complex. We allow
243 246 * for any substring anchored at the end of the instance or service name,
244 247 * provided it begins with a complete element in the fmri. For example, given
245 248 * the fmri "svc:/system/filesystem/local:default", any of the following would
246 249 * be acceptable matches: 'default', 'local', 'local:default',
247 250 * 'filesystem/local'. The following would not be acceptable:
248 251 * 'system/filesystem', 'filesystem/loc', 'system/local'. Possible flag values:
249 252 *
250 253 * SCF_WALK_MULTIPLE Allow individual arguments to correspond to
251 254 * multiple instances.
252 255 *
253 256 * SCF_WALK_LEGACY Walk legacy services (indicated by a non-NULL
254 257 * propery group).
255 258 *
256 259 * SCF_WALK_SERVICE If the user specifies a service, pass the
257 260 * service to the callback without iterating over
258 261 * its instances.
259 262 *
260 263 * SCF_WALK_PROPERTY Allow FMRIs which match property groups or
261 264 * individual properties. Incompatible with
262 265 * SCF_WALK_LEGACY.
263 266 *
264 267 * SCF_WALK_NOINSTANCE Walk only services. Must be used in
265 268 * conjunction with SCF_WALK_SERVICE.
266 269 *
267 270 * SCF_WALK_EXPLICIT Walk only services if the match is exact
268 271 * else return instances. Must be used in
269 272 * conjunction with SCF_WALK_SERVICE.
270 273 *
271 274 * SCF_WALK_UNIPARTIAL Can be combined with SCF_WALK_MULTIPLE
272 275 * so that an error is returned if a partial
273 276 * fmri matches multiple instances, unless
274 277 * a wildcard match is also used.
275 278 *
276 279 * If no arguments are given, then all instances in the service graph are
277 280 * walked.
278 281 *
279 282 * The second to last parameter is set to UU_EXIT_FATAL if one of the arguments
280 283 * is an invalid FMRI or matches multiple FMRIs when SCF_WALK_MULTIPLE is not
281 284 * set.
282 285 *
283 286 * The last parameter is a user-supplied error function that is called when
284 287 * reporting invalid arguments.
285 288 */
286 289
287 290 #define SCF_WALK_MULTIPLE 0x01
288 291 #define SCF_WALK_LEGACY 0x02
289 292 #define SCF_WALK_SERVICE 0x04
290 293 #define SCF_WALK_PROPERTY 0x08
291 294 #define SCF_WALK_NOINSTANCE 0x10
292 295 #define SCF_WALK_EXPLICIT 0x20
293 296 #define SCF_WALK_UNIPARTIAL 0x40
294 297
295 298 /*
296 299 * The default locations of the repository dbs
297 300 */
298 301 #define REPOSITORY_DB "/etc/svc/repository.db"
299 302 #define NONPERSIST_DB "/etc/svc/volatile/svc_nonpersist.db"
300 303 #define FAST_REPOSITORY_DB "/etc/svc/volatile/fast_repository.db"
301 304 #define REPOSITORY_CHECKPOINT "/etc/svc/volatile/checkpoint_repository.db"
302 305
303 306
304 307 typedef struct scf_walkinfo {
305 308 const char *fmri;
306 309 scf_scope_t *scope;
307 310 scf_service_t *svc;
308 311 scf_instance_t *inst;
309 312 scf_propertygroup_t *pg;
310 313 scf_property_t *prop;
311 314 int count; /* svcprop special */
312 315 } scf_walkinfo_t;
313 316
314 317 typedef int (*scf_walk_callback)(void *, scf_walkinfo_t *);
315 318
316 319 scf_error_t scf_walk_fmri(scf_handle_t *, int, char **, int,
317 320 scf_walk_callback, void *, int *, void (*)(const char *, ...));
318 321
319 322 /*
320 323 * Requests a backup of the repository with a particular name, which
321 324 * can be any alphabetic string. Only privileged users can do this.
322 325 *
323 326 * Can fail with:
324 327 * _NOT_BOUND, _CONNECTION_BROKEN, _PERMISSION_DENIED, _INVALID_ARGUMENT,
325 328 * _INTERNAL (path too long, or the backup failed for an odd reason),
326 329 * _BACKEND_READONLY (filesystem is still read-only)
327 330 */
328 331 int _scf_request_backup(scf_handle_t *, const char *);
329 332
330 333 /*
331 334 * Repository switch client
332 335 */
333 336 int _scf_repository_switch(scf_handle_t *, int);
334 337
335 338 /*
336 339 * Determines whether a property group requires authorization to read; this
337 340 * does not in any way reflect whether the caller has that authorization.
338 341 * To determine that, the caller must attempt to read the value of one of the
339 342 * group's properties.
340 343 *
341 344 * Can fail with:
342 345 * _NOT_BOUND, _CONNECTION_BROKEN, _INVALID_ARGUMENT, _INTERNAL,
343 346 * _NO_RESOURCES, _CONSTRAINT_VIOLATED, _DELETED.
344 347 */
345 348 int _scf_pg_is_read_protected(const scf_propertygroup_t *, boolean_t *);
346 349
347 350 /*
348 351 * Sets annotation data for SMF audit logging. Once this function has been
349 352 * set, the next audit record will be preceded by an ADT_smf_annotation
350 353 * with the information provided in this function. This function is used
351 354 * to mark operations which comprise multiple primitive operations such as
352 355 * svccfg import.
353 356 */
354 357 int _scf_set_annotation(scf_handle_t *h, const char *operation,
355 358 const char *file);
356 359
357 360 /*
358 361 * scf_pattern_t
359 362 */
360 363 typedef struct scf_pattern {
361 364 enum {
362 365 PATTERN_INVALID, /* Uninitialized state */
363 366 PATTERN_EXACT,
364 367 PATTERN_GLOB,
365 368 PATTERN_PARTIAL
366 369 } sp_type;
367 370 char *sp_arg; /* Original argument */
368 371 struct scf_match *sp_matches; /* List of matches */
369 372 int sp_matchcount; /* # of matches */
370 373 } scf_pattern_t;
371 374
372 375 int scf_cmp_pattern(char *, scf_pattern_t *);
373 376
374 377 int gen_filenms_from_fmri(const char *, const char *, char *, char *);
375 378
376 379 /*
377 380 * Interfaces for bulk access to SMF-stored configuration.
378 381 *
379 382 * Each scf_propvec_t represents a single property to be read (with
380 383 * scf_read_propvec) or written (with scf_write_propvec).
381 384 *
382 385 * The fields of a scf_propvec_t have the following meanings:
383 386 *
384 387 * pv_prop - the name of the property
385 388 * pv_desc - a description string (optional; to be consumed by the caller)
386 389 * pv_type - the type of the property
387 390 * pv_ptr - where to store the data read, or a pointer to the data to
388 391 * be written
389 392 * pv_aux - additional data influencing the interpretation of pv_ptr
390 393 *
391 394 * The meaning of pv_ptr and pv_aux depends on the type of property. For:
392 395 *
393 396 * boolean - if pv_aux is 0, pv_ptr is a pointer to a boolean_t
394 397 * if pv_aux is non-0, pv_ptr is a pointer to a uint64_t,
395 398 * where pv_aux indicates the bit holding the truth value.
396 399 * count - pv_ptr is a pointer to a uint64_t; pv_aux is unused
397 400 * integer - pv_ptr is a pointer to an int64_t; pv_aux is unused
398 401 * time - pv_ptr is a pointer to an scf_time_t; pv_aux is unused
399 402 * opaque - pv_ptr is a pointer to an scf_opaque_t; pv_aux is unused
400 403 * strings - (scf_read_propvec) pv_ptr is a pointer to a char *
401 404 * (scf_write_propvec) pv_ptr is a pointer to an array of char
402 405 * (both) pv_aux is unused
403 406 */
404 407 typedef struct {
405 408 void *so_addr;
406 409 size_t so_size;
407 410 } scf_opaque_t;
408 411
409 412 typedef struct {
410 413 const char *pv_prop;
411 414 const char *pv_desc;
412 415 scf_type_t pv_type;
413 416 void *pv_ptr;
414 417 uint64_t pv_aux;
415 418 } scf_propvec_t;
416 419
417 420 void scf_clean_propvec(scf_propvec_t *);
418 421 int scf_read_propvec(const char *, const char *, boolean_t, scf_propvec_t *,
419 422 scf_propvec_t **);
420 423 int scf_write_propvec(const char *, const char *, scf_propvec_t *,
421 424 scf_propvec_t **);
422 425
423 426 scf_tmpl_errors_t *_scf_create_errors(const char *, int);
424 427 int _scf_tmpl_add_error(scf_tmpl_errors_t *errs, scf_tmpl_error_type_t type,
425 428 const char *pg_name, const char *prop_name,
426 429 const char *ev1, const char *ev2, const char *actual,
427 430 const char *tmpl_fmri, const char *tmpl_pg_name, const char *tmpl_pg_type,
428 431 const char *tmpl_prop_name, const char *tmpl_prop_type);
429 432 int _scf_tmpl_error_set_prefix(scf_tmpl_errors_t *, const char *);
430 433
431 434 /*
432 435 * Templates definitions
433 436 */
434 437
435 438 /*
436 439 * For CARDINALITY_VIOLATION and RANGE_VIOLATION, te_ev1 holds
437 440 * the min value and te_ev2 holds the max value
438 441 *
439 442 * For MISSING_PG te_ev1 should hold the expected pg_name and
440 443 * expected2 holds the expected pg_type.
441 444 *
442 445 * For SCF_TERR_PG_PATTERN_CONFLICT and SCF_TERR_GENERAL_REDEFINE te_ev1 is
443 446 * the FMRI holding the conflicting pg_pattern. te_ev2 is the name of the
444 447 * conflicting pg_pattern, and actual is the type of the conflicting
445 448 * pg_pattern.
446 449 *
447 450 * SCF_TERR_PROP_PATTERN_CONFLICT te_ev1 is the FMRI holding the
448 451 * conflicting prop_pattern. te_ev2 is the name of the conflicting
449 452 * prop_pattern, and actual is the type of the conflicting prop_pattern.
450 453 *
451 454 * For SCF_TERR_INCLUDE_VALUES te_ev1 is the type specified for the
452 455 * include_values element.
453 456 *
454 457 * For all other errors, te_ev1 should hold the expected value and
455 458 * te_ev2 is ignored
456 459 *
457 460 * te_actual holds the current value of the property
458 461 */
459 462
460 463 struct scf_tmpl_error {
461 464 scf_tmpl_errors_t *te_errs;
462 465 scf_tmpl_error_type_t te_type;
463 466 const char *te_pg_name;
464 467 const char *te_prop_name;
465 468 const char *te_ev1;
466 469 const char *te_ev2;
467 470 const char *te_actual;
468 471 const char *te_tmpl_fmri;
469 472 const char *te_tmpl_pg_name;
470 473 const char *te_tmpl_pg_type;
471 474 const char *te_tmpl_prop_name;
472 475 const char *te_tmpl_prop_type;
473 476 };
474 477
475 478 /*
476 479 * The pg_pattern element has two optional attributes that play a part in
477 480 * selecting the appropriate prefix for the name of the pg_pattern property
478 481 * group. The two attributes are name and type. The appropriate prefix
479 482 * encodes the presence are absence of these attributes.
480 483 *
481 484 * SCF_PG_TM_PG_PATTERN_PREFIX neither attribute
482 485 * SCF_PG_TM_PG_PATTERN_N_PREFIX name only
483 486 * SCF_PG_TM_PG_PATTERN_T_PREFIX type only
484 487 * SCF_PG_TM_PG_PATTERN_NT_PREFIX both name and type
485 488 */
486 489 #define SCF_PG_TM_PG_PAT_BASE "tm_pgpat"
487 490 #define SCF_PG_TM_PG_PATTERN_PREFIX ((const char *)SCF_PG_TM_PG_PAT_BASE \
488 491 "_")
489 492 #define SCF_PG_TM_PG_PATTERN_N_PREFIX ((const char *)SCF_PG_TM_PG_PAT_BASE \
490 493 "n_")
491 494 #define SCF_PG_TM_PG_PATTERN_T_PREFIX ((const char *)SCF_PG_TM_PG_PAT_BASE \
492 495 "t_")
493 496 #define SCF_PG_TM_PG_PATTERN_NT_PREFIX ((const char *)SCF_PG_TM_PG_PAT_BASE \
494 497 "nt_")
495 498 #define SCF_PG_TM_PROP_PATTERN_PREFIX ((const char *)"tm_proppat_")
496 499
497 500 /*
498 501 * Pad character to use when encoding strings for property names.
499 502 */
500 503 #define SCF_ENCODE32_PAD ('-')
501 504
502 505 /*
503 506 * Functions for base 32 encoding/decoding
504 507 */
505 508 int scf_decode32(const char *, size_t, char *, size_t, size_t *, char);
506 509 int scf_encode32(const char *, size_t, char *, size_t, size_t *, char);
507 510
508 511 /*
509 512 * handy functions
510 513 */
511 514 /*
512 515 * _scf_sanitize_locale
513 516 * Make sure a locale string has only alpha-numeric or '_' characters
514 517 */
515 518 void _scf_sanitize_locale(char *);
516 519
517 520 /*
518 521 * _scf_read_tmpl_prop_type_as_string()
519 522 * Handy function to get template property type as a string
520 523 */
521 524 char *_scf_read_tmpl_prop_type_as_string(const scf_prop_tmpl_t *);
522 525 /*
523 526 * _scf_read_single_astring_from_pg()
524 527 * Given a property group (pg) and a property name (pn), this function
525 528 * retrives an astring value from pg/pn.
526 529 */
527 530 char *_scf_read_single_astring_from_pg(scf_propertygroup_t *, const char *);
528 531
529 532 /*
530 533 * scf_instance_delete_prop()
531 534 * Given instance, property group, and property, delete the property.
532 535 */
533 536 int
534 537 scf_instance_delete_prop(scf_instance_t *, const char *, const char *);
535 538
536 539 /*
537 540 * Functions to extract boot config information from FMRI_BOOT_CONFIG
538 541 */
539 542 void scf_get_boot_config(uint8_t *);
540 543 void scf_get_boot_config_ovr(uint8_t *);
541 544 int scf_is_fastboot_default(void);
542 545
543 546 /*
544 547 * Set value of "config_ovr/fastreboot_default".
545 548 */
546 549 int scf_fastreboot_default_set_transient(boolean_t);
547 550
548 551 /*
549 552 * scf_is_compatible_type()
550 553 * Return true if the second type is the same type, or a subtype of the
551 554 * first.
552 555 */
553 556 int scf_is_compatible_type(scf_type_t, scf_type_t);
554 557
555 558 /*
556 559 * Check an array of services and enable any that don't have the
557 560 * "application/auto_enable" property set to "false", which is
558 561 * the interface to turn off this behaviour (see PSARC 2004/739).
559 562 */
560 563 void _check_services(char **);
561 564
562 565 /*
563 566 * _scf_handle_create_and_bind()
564 567 * convenience function that creates and binds a handle
565 568 */
566 569 scf_handle_t *_scf_handle_create_and_bind(scf_version_t);
567 570
568 571 /*
569 572 * _smf_refresh_all_instances()
570 573 * refresh all intances of a service
571 574 * return SCF_SUCCESS or SCF_FAILED on _PERMISSION_DENIED, _BACKEND_ACCESS
572 575 * or _BACKEND_READONLY.
573 576 */
574 577 int _smf_refresh_all_instances(scf_service_t *);
575 578
576 579 /*
577 580 * _scf_get_fma_notify_params()
578 581 * Specialized fuction to get fma notifitation parameters
579 582 */
580 583 int _scf_get_fma_notify_params(const char *, nvlist_t *, int);
581 584
582 585 /*
583 586 * _scf_get_svc_notify_params()
584 587 * Specialized function to get SMF state transition notification parameters
|
↓ open down ↓ |
543 lines elided |
↑ open up ↑ |
585 588 */
586 589 int _scf_get_svc_notify_params(const char *, nvlist_t *, int32_t, int, int);
587 590
588 591 /*
589 592 * _scf_notify_get_params()
590 593 * Specialized function to get notification parametes from a pg into an
591 594 * nvlist_t
592 595 */
593 596 int _scf_notify_get_params(scf_propertygroup_t *, nvlist_t *);
594 597
598 +#if !defined(NATIVE_BUILD)
599 +int scf_default_secflags(scf_handle_t *, psecflags_t *);
600 +#endif
601 +
595 602 #define SCF_NOTIFY_PARAMS_SOURCE_NAME ((const char *)"preference_source")
596 603
597 604 #ifdef __cplusplus
598 605 }
599 606 #endif
600 607
601 608 #endif /* _LIBSCF_PRIV_H */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX