From 3e283a1bcbc4ec78fb45c4a8b3f683b8e3082c53 Mon Sep 17 00:00:00 2001
From: Bernd Schubert <bschubert@ddn.com>
Date: Thu, 28 Mar 2024 15:18:14 +0100
Subject: Add support for FUSE_CAP_HANDLE_KILLPRIV_V2

This just adds in the basic handler, but does not
use it yet in examples.
---
 include/fuse_common.h | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'include/fuse_common.h')

diff --git a/include/fuse_common.h b/include/fuse_common.h
index 52b691a..f052b67 100644
--- a/include/fuse_common.h
+++ b/include/fuse_common.h
@@ -367,6 +367,23 @@ struct fuse_loop_config_v1 {
  */
 #define FUSE_CAP_HANDLE_KILLPRIV         (1 << 20)
 
+/**
+ * Indicates that the filesystem is responsible for unsetting
+ * setuid and setgid bit and additionally cap (stored as xattr) when a
+ * file is written, truncated, or its owner is changed.
+ * Upon write/truncate suid/sgid is only killed if caller
+ * does not have CAP_FSETID. Additionally upon
+ * write/truncate sgid is killed only if file has group
+ * execute permission. (Same as Linux VFS behavior).
+ * KILLPRIV_V2 requires handling of
+ *   - FUSE_OPEN_KILL_SUIDGID (set in struct fuse_create_in::open_flags)
+ *   - FATTR_KILL_SUIDGID (set in struct fuse_setattr_in::valid)
+ *   - FUSE_WRITE_KILL_SUIDGID (set in struct fuse_write_in::write_flags)
+ *
+ * This feature is disabled by default.
+ */
+#define FUSE_CAP_HANDLE_KILLPRIV_V2         (1 << 21)
+
 /**
  * Indicates that the kernel supports caching symlinks in its page cache.
  *
-- 
cgit v1.2.3