summaryrefslogtreecommitdiffstats
path: root/sys/kern/subr_acl_posix1e.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/kern/subr_acl_posix1e.c')
-rw-r--r--sys/kern/subr_acl_posix1e.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/kern/subr_acl_posix1e.c b/sys/kern/subr_acl_posix1e.c
index 01e5e3ba..7beca5c 100644
--- a/sys/kern/subr_acl_posix1e.c
+++ b/sys/kern/subr_acl_posix1e.c
@@ -92,7 +92,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid,
* a DAC entry that matches but has failed to allow access.
*/
#ifndef CAPABILITIES
- if (suser_cred(cred, PRISON_ROOT) == 0)
+ if (suser_cred(cred, SUSER_ALLOWJAIL) == 0)
cap_granted = VALLPERM;
else
cap_granted = 0;
@@ -101,24 +101,24 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid,
if (type == VDIR) {
if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
- CAP_DAC_READ_SEARCH, PRISON_ROOT))
+ CAP_DAC_READ_SEARCH, SUSER_ALLOWJAIL))
cap_granted |= VEXEC;
} else {
if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
- CAP_DAC_EXECUTE, PRISON_ROOT))
+ CAP_DAC_EXECUTE, SUSER_ALLOWJAIL))
cap_granted |= VEXEC;
}
if ((acc_mode & VREAD) && !cap_check(cred, NULL, CAP_DAC_READ_SEARCH,
- PRISON_ROOT))
+ SUSER_ALLOWJAIL))
cap_granted |= VREAD;
if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) &&
- !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT))
+ !cap_check(cred, NULL, CAP_DAC_WRITE, SUSER_ALLOWJAIL))
cap_granted |= (VWRITE | VAPPEND);
if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER,
- PRISON_ROOT))
+ SUSER_ALLOWJAIL))
cap_granted |= VADMIN;
#endif /* CAPABILITIES */
OpenPOWER on IntegriCloud