Rename PRIV_VFS_CLEARSUGID to PRIV_VFS_RETAINSUGID, which seems to better

describe the privilege.

OK'ed by:	rwatson

5 files changed, 8 insertions, 7 deletions

diff --git a/sys/gnu/fs/ext2fs/ext2_vnops.c b/sys/gnu/fs/ext2fs/ext2_vnops.c
index c95777b26587..a1167e126962 100644
--- a/sys/gnu/fs/ext2fs/ext2_vnops.c
+++ b/sys/gnu/fs/ext2fs/ext2_vnops.c
@@ -597,7 +597,7 @@ ext2_chown(vp, uid, gid, cred, td)
 	ip->i_uid = uid;
 	ip->i_flag |= IN_CHANGE;
 	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
-		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL) != 0)
 			ip->i_mode &= ~(ISUID | ISGID);
 	}
@@ -1648,7 +1648,7 @@ ext2_makeinode(mode, dvp, vpp, cnp)
 	tvp->v_type = IFTOVT(mode);	/* Rest init'd in getnewvnode(). */
 	ip->i_nlink = 1;
 	if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred)) {
-		if (priv_check_cred(cnp->cn_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(cnp->cn_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL))
 			ip->i_mode &= ~ISGID;
 	}
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 6e80510ca122..550c7d9fc13c 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -638,7 +638,7 @@ prison_priv_check(struct ucred *cred, int priv)
 	case PRIV_VFS_CHFLAGS_DEV:
 	case PRIV_VFS_CHOWN:
 	case PRIV_VFS_CHROOT:
-	case PRIV_VFS_CLEARSUGID:
+	case PRIV_VFS_RETAINSUGID:
 	case PRIV_VFS_FCHROOT:
 	case PRIV_VFS_LINK:
 	case PRIV_VFS_SETGID:
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index e9f620a64ab2..f6c6b72a462a 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -238,7 +238,7 @@
 #define	PRIV_VFS_CHFLAGS_DEV	316	/* Can chflags() a device node. */
 #define	PRIV_VFS_CHOWN		317	/* Can set user; group to non-member. */
 #define	PRIV_VFS_CHROOT		318	/* chroot(). */
-#define	PRIV_VFS_CLEARSUGID	319	/* Don't clear sugid on change. */
+#define	PRIV_VFS_RETAINSUGID	319	/* Can retain sugid bits on change. */
 #define	PRIV_VFS_EXCEEDQUOTA	320	/* Exempt from quota restrictions. */
 #define	PRIV_VFS_EXTATTR_SYSTEM	321	/* Operate on system EA namespace. */
 #define	PRIV_VFS_FCHROOT	322	/* fchroot(). */
diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c
index 2a6ce6b68d14..b25c1df16172 100644
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@@ -790,7 +790,7 @@ ffs_write(ap)
 	 */
 	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid &&
 	    ap->a_cred) {
-		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			DIP_SET(ip, i_mode, ip->i_mode);
@@ -1118,7 +1118,7 @@ ffs_extwrite(struct vnode *vp, struct uio *uio, int ioflag, struct ucred *ucred)
 	 * tampering.
 	 */
 	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ucred) {
-		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_RETAINSUGID,
 		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			dp->di_mode = ip->i_mode;
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c
index 8ea9ab99d360..2f5ecd0457c3 100644
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@@ -787,7 +787,8 @@ good:
 #endif /* QUOTA */
 	ip->i_flag |= IN_CHANGE;
 	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
-		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
+		if (priv_check_cred(cred, PRIV_VFS_RETAINSUGID,
+		    SUSER_ALLOWJAIL)) {
 			ip->i_mode &= ~(ISUID | ISGID);
 			DIP_SET(ip, i_mode, ip->i_mode);
 		}