Index: sbin/fsdb/Makefile =================================================================== --- sbin/fsdb/Makefile +++ sbin/fsdb/Makefile @@ -2,6 +2,8 @@ # @(#)Makefile 8.1 (Berkeley) 6/5/93 # $FreeBSD$ +.include + PACKAGE=runtime PROG= fsdb MAN= fsdb.8 @@ -14,4 +16,11 @@ .PATH: ${.CURDIR:H}/fsck_ffs ${SRCTOP}/sys/ufs/ffs \ ${SRCTOP}/tools/diag/prtblknos +.if ${MK_CASPER} != "no" +LIBADD+= casper +LIBADD+= cap_pwd +LIBADD+= cap_grp +CFLAGS+= -DWITH_CASPER +.endif + .include Index: sbin/fsdb/fsdb.h =================================================================== --- sbin/fsdb/fsdb.h +++ sbin/fsdb/fsdb.h @@ -32,10 +32,14 @@ * $FreeBSD$ */ +#include + extern int blread(int fd, char *buf, ufs2_daddr_t blk, long size); extern void rwerror(const char *mesg, ufs2_daddr_t blk); extern int reply(const char *question); +extern cap_channel_t *capgrp; +extern cap_channel_t *cappwd; extern long dev_bsize; extern long secsize; extern int fsmodified; Index: sbin/fsdb/fsdb.c =================================================================== --- sbin/fsdb/fsdb.c +++ sbin/fsdb/fsdb.c @@ -45,6 +45,7 @@ #include #include #include +#include #include #include @@ -63,6 +64,8 @@ static int find_indirblks32(uint32_t blk, int ind_level, uint32_t *blknum); static int find_indirblks64(uint64_t blk, int ind_level, uint64_t *blknum); +cap_channel_t *cappwd, *capgrp; + static void usage(void) { @@ -231,6 +234,7 @@ History *hist; EditLine *elptr; HistEvent he; + cap_channel_t *capcas; curinode = ginode(UFS_ROOTINO); curinum = UFS_ROOTINO; @@ -245,6 +249,30 @@ el_set(elptr, EL_HIST, history, hist); el_source(elptr, NULL); + capcas = cap_init(); + if (capcas == NULL) + err(1, "Unable to contact Casper"); + + /* + * Here we enter capability mode. Further down access to global + * namespaces (e.g filesystem) is restricted (see capsicum(4)). + * We must connect(2) our socket before this point. + */ + + if (caph_enter_casper() < 0) { + err(1, "unable to enter capability mode"); + } + + cappwd = cap_service_open(capcas, "system.pwd"); + if(cappwd == NULL) + err(1, "Unable to open system.pwd service"); + + capgrp = cap_service_open(capcas, "system.grp"); + if(capgrp == NULL) + err(1, "Unable to open system.grp service"); + + cap_close(capcas); + while ((elline = el_gets(elptr, &scratch)) != NULL && scratch != 0) { if (debug) printf("command `%s'\n", elline); Index: sbin/fsdb/fsdbutil.c =================================================================== --- sbin/fsdb/fsdbutil.c +++ sbin/fsdb/fsdbutil.c @@ -44,6 +44,8 @@ #include #include #include +#include +#include #include #include @@ -182,12 +184,18 @@ printf("\n\tATIME=%15.15s %4.4s [%d nsec]\n", &p[4], &p[20], DIP(dp, di_atimensec)); - if ((pw = getpwuid(DIP(dp, di_uid)))) + /* Checks if cappwd is opened or not, different call in both cases */ + if (cappwd != NULL && (pw = cap_getpwuid(cappwd, DIP(dp, di_uid)))) printf("OWNER=%s ", pw->pw_name); + else if (cappwd == NULL && (pw = getpwuid(DIP(dp, di_uid)))) + printf("OWNER=%s ", pw->pw_name); else printf("OWNUID=%u ", DIP(dp, di_uid)); - if ((grp = getgrgid(DIP(dp, di_gid)))) + /* Checks if capgrp is opened or not, different call in both cases */ + if (capgrp != NULL && (grp = cap_getgrgid(capgrp, DIP(dp, di_gid)))) printf("GRP=%s ", grp->gr_name); + else if (capgrp == NULL && (grp = getgrgid(DIP(dp, di_gid)))) + printf("GRP=%s ", grp->gr_name); else printf("GID=%u ", DIP(dp, di_gid));