From 2090338957dde65fcb07617b8131344a068f70ff Mon Sep 17 00:00:00 2001
From: ed <ed@FreeBSD.org>
Date: Sun, 1 Jun 2008 14:02:46 +0000
Subject: Revert the changes I made to devfs_setattr() in r179457.

As discussed with Robert Watson and John Baldwin, it would be better if
PTY's are created with proper permissions, turning grantpt() into a
no-op.

Bypassing security frameworks like MAC by passing NOCRED to
VOP_SETATTR() will only make things more complex.

Approved by:	philip (mentor)
---
 sys/fs/devfs/devfs_vnops.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'sys/fs/devfs')

diff --git a/sys/fs/devfs/devfs_vnops.c b/sys/fs/devfs/devfs_vnops.c
index 724f082..813f3a5 100644
--- a/sys/fs/devfs/devfs_vnops.c
+++ b/sys/fs/devfs/devfs_vnops.c
@@ -1264,9 +1264,8 @@ devfs_setattr(struct vop_setattr_args *ap)
 	else
 		gid = vap->va_gid;
 	if (uid != de->de_uid || gid != de->de_gid) {
-		if (ap->a_cred != NOCRED &&
-		    (ap->a_cred->cr_uid != de->de_uid || uid != de->de_uid ||
-		    (gid != de->de_gid && !groupmember(gid, ap->a_cred)))) {
+		if ((ap->a_cred->cr_uid != de->de_uid) || uid != de->de_uid ||
+		    (gid != de->de_gid && !groupmember(gid, ap->a_cred))) {
 			error = priv_check(ap->a_td, PRIV_VFS_CHOWN);
 			if (error)
 				return (error);
@@ -1277,7 +1276,7 @@ devfs_setattr(struct vop_setattr_args *ap)
 	}
 
 	if (vap->va_mode != (mode_t)VNOVAL) {
-		if (ap->a_cred != NOCRED && ap->a_cred->cr_uid != de->de_uid) {
+		if (ap->a_cred->cr_uid != de->de_uid) {
 			error = priv_check(ap->a_td, PRIV_VFS_ADMIN);
 			if (error)
 				return (error);
-- 
cgit v1.1