PSEUDOCODE
int
vop_access(struct vnode *vp, int mode, struct ucred *cred, struct thread *td)
{
int error;
/*
* Disallow write attempts on read-only file systems;
* unless the file is a socket, fifo, or a block or
* character device resident on the filesystem.
*/
if (mode & VWRITE) {
switch (vp->v_type) {
case VDIR:
case VLNK:
case VREG:
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
break;
}
}
/* If immutable bit set, nobody gets to write it. */
if ((mode & VWRITE) && vp has immutable bit set)
return EPERM;
/* Otherwise, user id 0 always gets access. */
if (cred->cr_uid == 0)
return 0;
mask = 0;
/* Otherwise, check the owner. */
if (cred->cr_uid == owner of vp) {
if (mode & VEXEC)
mask |= S_IXUSR;
if (mode & VREAD)
mask |= S_IRUSR;
if (mode & VWRITE)
mask |= S_IWUSR;
return (((mode of vp) & mask) == mask ? 0 : EACCES);
}
/* Otherwise, check the groups. */
for (i = 0, gp = cred->cr_groups; i < cred->cr_ngroups; i++, gp++)
if (group of vp == *gp) {
if (mode & VEXEC)
mask |= S_IXGRP;
if (mode & VREAD)
mask |= S_IRGRP;
if (mode & VWRITE)
mask |= S_IWGRP;
return (((mode of vp) & mask) == mask ? 0 : EACCES);
}
/* Otherwise, check everyone else. */
if (mode & VEXEC)
mask |= S_IXOTH;
if (mode & VREAD)
mask |= S_IROTH;
if (mode & VWRITE)
mask |= S_IWOTH;
return (((mode of vp) & mask) == mask ? 0 : EACCES);
}
ERRORS
