Mercurial > illumos > illumos-gate
changeset 2160:bfe7ab5e1008
6216663 rmformat uses privileges badly
author | zk194757 |
---|---|
date | Fri, 09 Jun 2006 06:20:48 -0700 |
parents | 1a6fcb0ade72 |
children | 9a1a051c8c97 |
files | usr/src/cmd/rmformat/rmf_main.c usr/src/cmd/rmformat/rmf_menu.c usr/src/cmd/rmformat/rmf_misc.c usr/src/cmd/rmformat/rmf_slice.c |
diffstat | 4 files changed, 151 insertions(+), 226 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/rmformat/rmf_main.c Fri Jun 09 01:21:30 2006 -0700 +++ b/usr/src/cmd/rmformat/rmf_main.c Fri Jun 09 06:20:48 2006 -0700 @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -33,7 +32,7 @@ */ -#include <priv.h> +#include <priv_utils.h> #include "rmformat.h" int32_t b_flag = 0; @@ -82,28 +81,13 @@ /* * This program requires file_dac_read, file_dac_write, - * proc_fork, and proc_exec privileges + * proc_fork, proc_exec, and sys_devices privileges. * * child processes require the sys_mount privilege */ - (void) priv_set(PRIV_SET, PRIV_LIMIT, PRIV_FILE_DAC_READ, - PRIV_FILE_DAC_WRITE, PRIV_PROC_FORK, PRIV_PROC_EXEC, - PRIV_SYS_MOUNT, (char *)NULL); - - /* Turn privileges off until needed */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - PRIV_FILE_DAC_WRITE, PRIV_PROC_FORK, PRIV_PROC_EXEC, - PRIV_SYS_MOUNT, (char *)NULL); - - /* Become who we really are */ - if (seteuid(getuid()) < 0) { - PERROR("Can't set effective user id"); - exit(1); - } - if (setegid(getgid()) < 0) { - PERROR("Can't set effective group id"); - exit(1); - } + (void) __init_suid_priv(PU_INHERITPRIVS, + PRIV_FILE_DAC_READ, PRIV_FILE_DAC_WRITE, PRIV_PROC_FORK, + PRIV_PROC_EXEC, PRIV_SYS_MOUNT, PRIV_SYS_DEVICES, NULL); (void) setlocale(LC_ALL, ""); @@ -126,6 +110,7 @@ if (strlen(label) > 8) { (void) fprintf(stderr, gettext("Label is \ restricted to 8 characters.\n")); + __priv_relinquish(); exit(1); } @@ -264,6 +249,7 @@ } else if ((optind == argc) && !l_flag) { (void) fprintf(stderr, gettext("No device specified.\n")); + __priv_relinquish(); exit(1); #if 0 (void) printf("Using floppy device\n"); @@ -272,6 +258,9 @@ } process_options(); + + /* Remove the privileges we gave. */ + __priv_relinquish(); return (0); } @@ -292,6 +281,7 @@ [ -w enable|disable ] [ -W enable|disable ] devname \n"), myname); (void) fprintf(stderr, gettext("\t%s -l [ devname ]\n"), myname); + __priv_relinquish(); exit(1); }
--- a/usr/src/cmd/rmformat/rmf_menu.c Fri Jun 09 01:21:30 2006 -0700 +++ b/usr/src/cmd/rmformat/rmf_menu.c Fri Jun 09 06:20:48 2006 -0700 @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -1000,15 +999,13 @@ /* Get existing Vtoc, don't bother if it fails. */ - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); (void) read_vtoc(fd, &t_vtoc); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); for (i = 0; i < V_NUMPAR; i++) { t_vtoc.v_part[i].p_start = v_toc.v_part[i].p_start; @@ -1020,15 +1017,13 @@ errno = 0; - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write_vtoc(fd, &t_vtoc); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { #ifdef sparc @@ -1160,15 +1155,13 @@ /* Get existing Vtoc */ - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = read_vtoc(fd, &v_toc); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { #ifdef sparc @@ -1189,15 +1182,13 @@ (void) strncpy(v_toc.v_volume, label, LEN_DKL_VVOL); - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write_vtoc(fd, &v_toc); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { #ifdef sparc
--- a/usr/src/cmd/rmformat/rmf_misc.c Fri Jun 09 01:21:30 2006 -0700 +++ b/usr/src/cmd/rmformat/rmf_misc.c Fri Jun 09 06:20:48 2006 -0700 @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -532,15 +531,13 @@ * Attempt to open the device. If it fails, skip it. */ - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); mfd = open(raw_device, O_RDWR | O_NDELAY); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (mfd < 0) { continue; @@ -650,30 +647,26 @@ exit(1); } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); dirp = opendir(tmp_path_name); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (dirp == NULL) { return (-1); } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); have_read_priv = 1; while ((dp = readdir(dirp)) != NULL) { - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, - PRIV_FILE_DAC_READ, (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); have_read_priv = 0; DPRINTF1("Found %s\n", dp->d_name); @@ -686,16 +679,14 @@ break; } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, - PRIV_FILE_DAC_READ, (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); have_read_priv = 1; } if (have_read_priv) { /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, - PRIV_FILE_DAC_READ, (char *)NULL); + (void) __priv_bracket(PRIV_OFF); have_read_priv = 0; } @@ -704,18 +695,16 @@ if (volmgt_running() == 0) { - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); have_read_priv = 1; } fd = open(tmp_path_name, flags); if (have_read_priv) { - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); have_read_priv = 0; } @@ -917,15 +906,13 @@ /* let the fd driver finish constructing the label and writing it. */ - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write_vtoc(fd, &v_toc); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { PERROR("Write vtoc"); @@ -993,33 +980,29 @@ if ((flag == VERIFY_READ) && (!no_raw_rw)) { - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); ret = smedia_raw_read(handle, start_sector, buf, nblocks * blocksize); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if ((ret < 0) || (ret != (nblocks * blocksize))) - return (-1); + return (-1); return (0); - } else if ((flag == VERIFY_WRITE) && (!no_raw_rw)) { + } else if ((flag == VERIFY_WRITE) && (!no_raw_rw)) { - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = smedia_raw_write(handle, start_sector, buf, nblocks * blocksize); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if ((ret < 0) || (ret != (blocksize * nblocks))) return (-1); @@ -1032,15 +1015,13 @@ return (-2); } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); ret = read(fd, buf, nblocks * blocksize); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret != nblocks * blocksize) { return (-1); @@ -1053,15 +1034,13 @@ return (-2); } - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write(fd, buf, nblocks * blocksize); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret != nblocks * blocksize) { return (-1); @@ -1082,13 +1061,13 @@ /* create a child to unmount the path */ - /* need the proc_fork privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_PROC_FORK, (char *)NULL); + /* Turn on the privileges */ + (void) __priv_bracket(PRIV_ON); pid = fork(); - /* drop the proc_fork privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_PROC_FORK, (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (pid < 0) { PERROR("fork failed"); @@ -1100,21 +1079,14 @@ /* get rid of those nasty err messages */ DPRINTF1("call_unmount_prog: calling %s \n", mountp); - /* need the proc_exec privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_PROC_EXEC, - (char *)NULL); + /* Turn on the priviliges. */ + (void) __priv_bracket(PRIV_ON); - /* umount needs the sys_mount privilege */ - (void) priv_set(PRIV_ON, PRIV_INHERITABLE, PRIV_SYS_MOUNT, - (char *)NULL); - - /* Become root again for the exec */ - if (seteuid(0) < 0) { - PERROR("Can't set effective user id to root"); - } if (execl("/usr/sbin/umount", "/usr/sbin/umount", mountp, NULL) < 0) { perror("exec failed"); + /* Turn off the privileges */ + (void) __priv_bracket(PRIV_OFF); exit(-1); } } @@ -1137,13 +1109,13 @@ { int pid, rval; - /* need the proc_fork privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_PROC_FORK, (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); pid = fork(); - /* drop the proc_fork privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_PROC_FORK, (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); /* create a child to unmount the path */ if (pid < 0) { @@ -1157,21 +1129,13 @@ DPRINTF1("call_unmount_prog: calling %s \n", "/usr/bin/volrmmount"); - /* need the proc_exec privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_PROC_EXEC, - (char *)NULL); - - /* volrmmount needs the sys_mount privilege */ - (void) priv_set(PRIV_ON, PRIV_INHERITABLE, PRIV_SYS_MOUNT, - (char *)NULL); - - /* Become root again for the exec */ - if (seteuid(0) < 0) { - PERROR("Can't set effective user id to root"); - } + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); if (execl("/usr/bin/volrmmount", "/usr/bin/volrmmount", "-e", real_name, NULL) < 0) { PERROR("volrmmount exec failed"); + /* Turn off the privileges */ + (void) __priv_bracket(PRIV_OFF); exit(-1); } } else if (waitpid(pid, &rval, 0) == pid) { @@ -1403,9 +1367,8 @@ (strncmp(devnode, "/vol/dev/rdsk", 13) != 0)) return (NULL); - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on the privileges. */ + (void) __priv_bracket(PRIV_ON); /* * Since we are currently running with the user euid it is @@ -1414,9 +1377,8 @@ fd = open(devnode, O_RDONLY|O_NDELAY); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off the privileges. */ + (void) __priv_bracket(PRIV_OFF); if (fd < 0) { return (NULL); @@ -1431,6 +1393,8 @@ dev->d_inq = (uchar_t *)my_zalloc(INQUIRY_DATA_LENGTH); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); if (!inquiry(fd, dev->d_inq)) { DPRINTF1("USCSI ioctl failed %d\n", uscsi_error); @@ -1438,8 +1402,12 @@ free(dev->d_node); (void) close(dev->d_fd); free(dev); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); return (NULL); } + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (user_supplied) { dev->d_name = (char *)my_zalloc(strlen(user_supplied) + 1); @@ -1494,24 +1462,21 @@ int fd; char tmpstr[PATH_MAX]; - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges */ + (void) __priv_bracket(PRIV_ON); /* If everything is fine and proper, no need to analyze */ if ((stat(supplied, &statbuf) == 0) && S_ISCHR(statbuf.st_mode) && ((fd = open(supplied, O_RDONLY|O_NDELAY)) >= 0)) { (void) close(fd); (void) strlcpy(found, supplied, PATH_MAX); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privilege */ + (void) __priv_bracket(PRIV_OFF); return (1); } - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (strncmp(supplied, "/dev/rdsk/", 10) == 0) return (vol_lookup(supplied, found));
--- a/usr/src/cmd/rmformat/rmf_slice.c Fri Jun 09 01:21:30 2006 -0700 +++ b/usr/src/cmd/rmformat/rmf_slice.c Fri Jun 09 06:20:48 2006 -0700 @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -1137,16 +1136,14 @@ return (-1); } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = smedia_raw_read(handle, offset/med_info.sm_blocksize, buf, med_info.sm_blocksize); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); save_errno = errno; errno = save_errno; @@ -1159,15 +1156,13 @@ return (-1); } - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, - PRIV_FILE_DAC_READ, (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = read(fd, buf, sizeof (struct mboot)); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, - PRIV_FILE_DAC_READ, (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret != sizeof (struct mboot)) { PERROR("Could not read master boot record"); @@ -1302,15 +1297,13 @@ errno = 0; - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write_vtoc(fd, &v_toc); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { PERROR("write VTOC failed"); @@ -1403,15 +1396,13 @@ (void) memcpy(&(boot_code.parts), parts, sizeof (parts)); (void) memcpy(fdisk_buf, &boot_code, sizeof (boot_code)); - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = ioctl(fd, DKIOCSMBOOT, fdisk_buf); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret == -1) { if (errno != ENOTTY) { @@ -1419,31 +1410,27 @@ return; } - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); bytes_written = smedia_raw_write(handle, 0, fdisk_buf, blocksize); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); save_errno = errno; errno = save_errno; if (bytes_written != blocksize) { if (errno == ENOTSUP) { - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, - PRIV_FILE_DAC_WRITE, (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write(fd, fdisk_buf, blocksize); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, - PRIV_FILE_DAC_WRITE, (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret != blocksize) { return; @@ -1480,15 +1467,13 @@ errno = 0; - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = write_vtoc(fd, &v_toc); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { PERROR("write VTOC failed"); @@ -1571,15 +1556,13 @@ /* fdisk x86 Solaris partition */ /* VTOC location in solaris partition is DK_LABEL_LOC */ - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = read_vtoc(fd, &t_vtoc); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_brackets(PRIV_OFF); if (ret < 0) { /* No valid vtoc, erase fdisk table. */ @@ -1589,15 +1572,13 @@ } else { /* Sparc Solaris or x86 solaris with faked fdisk */ - /* need the file_dac_read privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn on privileges */ + (void) __priv_bracket(PRIV_ON); ret = read_vtoc(fd, &t_vtoc); - /* drop the file_dac_read privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_READ, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret < 0) { /* No valid vtoc, erase from 0th sector */ @@ -1667,16 +1648,14 @@ } (void) memset(buf, 0, nblocks * med_info.sm_blocksize); - /* need the file_dac_write privilege */ - (void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn on privileges. */ + (void) __priv_bracket(PRIV_ON); ret = smedia_raw_write(handle, offset, buf, nblocks * med_info.sm_blocksize); - /* drop the file_dac_write privilege */ - (void) priv_set(PRIV_OFF, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, - (char *)NULL); + /* Turn off privileges. */ + (void) __priv_bracket(PRIV_OFF); if (ret != (nblocks * med_info.sm_blocksize)) PERROR("error in writing\n");