summaryrefslogtreecommitdiffstats
path: root/lib/libposix1e
diff options
context:
space:
mode:
authorru <ru@FreeBSD.org>2000-12-29 14:08:20 +0000
committerru <ru@FreeBSD.org>2000-12-29 14:08:20 +0000
commit8ba41876884256f20dce333e0a239a8555ee2670 (patch)
tree406fdc6bd2e9339a476078f0728594ca5e4102f4 /lib/libposix1e
parentf6aeda2758e1076d8ebfb1ef7f190c7f3ed5fb8a (diff)
downloadFreeBSD-src-8ba41876884256f20dce333e0a239a8555ee2670.zip
FreeBSD-src-8ba41876884256f20dce333e0a239a8555ee2670.tar.gz
Prepare for mdoc(7)NG.
Diffstat (limited to 'lib/libposix1e')
-rw-r--r--lib/libposix1e/acl.344
-rw-r--r--lib/libposix1e/acl_delete.32
-rw-r--r--lib/libposix1e/acl_dup.34
-rw-r--r--lib/libposix1e/acl_from_text.32
-rw-r--r--lib/libposix1e/acl_get.34
-rw-r--r--lib/libposix1e/acl_init.32
-rw-r--r--lib/libposix1e/acl_to_text.36
-rw-r--r--lib/libposix1e/acl_valid.312
-rw-r--r--lib/libposix1e/cap_dup.32
-rw-r--r--lib/libposix1e/cap_free.32
-rw-r--r--lib/libposix1e/cap_init.32
-rw-r--r--lib/libposix1e/cap_to_text.32
-rw-r--r--lib/libposix1e/posix1e.311
13 files changed, 47 insertions, 48 deletions
diff --git a/lib/libposix1e/acl.3 b/lib/libposix1e/acl.3
index 12dc9a6..74690fb 100644
--- a/lib/libposix1e/acl.3
+++ b/lib/libposix1e/acl.3
@@ -50,7 +50,7 @@ extensions defined that allow for alternative ACL semantics than the
POSIX.1e semantics, such as AFS, NTFS, Coda, and NWFS semantics. Where
routines are non-standard, they are suffixed with _np to indicate that
they are not portable.
-
+.Pp
POSIX.1e describes a set of ACL manipulation routines to manage the
contents of ACLs, as well as their relationships with files. This
manipulation library is not currently implemented in
@@ -68,73 +68,73 @@ and
.Fn acl_to_text ,
passed directly to and from the management routines. In this manner,
an application can remain safely unaware of the contents of ACLs.
-
+.Pp
Available functions, sorted by behavior, include:
-
+.Pp
.Fn acl_delete_def_file ,
.Fn acl_delete_file_np ,
-.Fn acl_delete_fd_np
-
+.Fn acl_delete_fd_np
+.Pp
These functions are described in
.Xr acl_delete 3 ,
and may be used to delete ACLs from file system objects.
-
+.Pp
.Fn acl_free
-
+.Pp
This function is described in
.Xr acl_free 3 ,
and may be used to free userland working ACL storage.
-
+.Pp
.Fn acl_from_text
-
+.Pp
This function is described in
.Xr acl_from_text 3 ,
and may be used to convert a text-form ACL into working ACL state, if
the ACL has POSIX.1e semantics.
-
+.Pp
.Fn acl_get_file ,
.Fn acl_get_fd ,
.Fn acl_get_fd_np
-
+.Pp
These functions are described in
.Xr acl_get 3 ,
and may be used to retrieve ACLs from file system objects.
-
+.Pp
.Fn acl_init
-
+.Pp
This function is described in
.Xr acl_init 3 ,
and may be used to allocate a fresh (empty) ACL structure.
-
+.Pp
.Fn acl_dup
-
+.Pp
This function is described in
.Xr acl_dup 3 ,
and may be used to duplicate an ACL structure.
-
+.Pp
.Fn acl_set_file ,
.Fn acl_set_fd ,
.Fn acl_set_fd_np
-
+.Pp
These functions are described in
.Xr acl_set 3 ,
and may be used to assign an ACL to a file system object.
-
+.Pp
.Fn acl_to_text
-
+.Pp
This function is described in
.Xr acl_to_text 3 ,
and may be used to generate a text-form of a POSIX.1e semantics ACL.
-
+.Pp
.Fn acl_valid ,
.Fn acl_valid_file_np ,
.Fn acl_valid_fd_np
-
+.Pp
Thee functions are described in
.Xr acl_valid 3 ,
and may be used to validate an ACL as correct POSIX.1e-semantics, or
as appropriate for a particular file system object regardless of semantics.
-
+.Pp
Documentation of the internal kernel interfaces backing these calls may
be found in
.Xr acl 9 .
diff --git a/lib/libposix1e/acl_delete.3 b/lib/libposix1e/acl_delete.3
index bcbc54b..9ab46db 100644
--- a/lib/libposix1e/acl_delete.3
+++ b/lib/libposix1e/acl_delete.3
@@ -91,7 +91,7 @@ argument points to an empty string.
Insufficient memory available to fulfill request.
.It Bq Er ENOTDIR
A component of the path prefix is not a directory.
-
+.Pp
Argument
.Va path_p
must be a directory, and is not.
diff --git a/lib/libposix1e/acl_dup.3 b/lib/libposix1e/acl_dup.3
index 1e98084..8ed7915 100644
--- a/lib/libposix1e/acl_dup.3
+++ b/lib/libposix1e/acl_dup.3
@@ -43,14 +43,14 @@ The
.Fn acl_dup
function returns a pointer to a copy of the ACL pointed to by the argument
.Va acl .
-
+.Pp
This function may cause memory to be allocated. The caller should free any
releasable memory, when the new ACL is no longer required, by calling
.Xr acl_free 3
with the
.Va (void*)acl_t
as an argument.
-
+.Pp
Any existing ACL pointers that refer to the ACL referred to by
.Va acl
shall continue to refer to the ACL.
diff --git a/lib/libposix1e/acl_from_text.3 b/lib/libposix1e/acl_from_text.3
index 37bc421..41f36b8 100644
--- a/lib/libposix1e/acl_from_text.3
+++ b/lib/libposix1e/acl_from_text.3
@@ -45,7 +45,7 @@ function converts the text form of an ACL referred to by
.Va buf_p
into the internal working structure for ACLs, appropriate for applying to
files or manipulating.
-
+.Pp
This function may cause memory to be allocated. The caller should free any
releasable memory, when the new ACL is no longer required, by calling
.Xr acl_free 3
diff --git a/lib/libposix1e/acl_get.3 b/lib/libposix1e/acl_get.3
index af523e4..ed017d7 100644
--- a/lib/libposix1e/acl_get.3
+++ b/lib/libposix1e/acl_get.3
@@ -62,14 +62,14 @@ from a file descriptor.
is a non-portable form of
.Fn acl_get_fd
that allows the retrieval of any type of ACL from a file descriptor.
-
+.Pp
This function may cause memory to be allocated. The caller should free
any releasable memory, when the new ACL is no longer required, by calling
.Xr acl_free 3
with the
.Va (void *)acl_t
as an argument.
-
+.Pp
The ACL in the working storage is an independent copy of the ACL associated
with the object referred to by
.Va fd .
diff --git a/lib/libposix1e/acl_init.3 b/lib/libposix1e/acl_init.3
index 18e5118..f6c75fe 100644
--- a/lib/libposix1e/acl_init.3
+++ b/lib/libposix1e/acl_init.3
@@ -49,7 +49,7 @@ storage allocated to contain the ACL is freed by a call to
.Xr acl_free 3 .
When the area is first allocated, it shall contain an an ACL that contains
no ACL entries.
-
+.Pp
This function may cause memory to be allocated. The caller should free any
releasable memory, when the new ACL is no longer required, by calling
.Xr acl_free 3
diff --git a/lib/libposix1e/acl_to_text.3 b/lib/libposix1e/acl_to_text.3
index cfc4acb..e49fdfa 100644
--- a/lib/libposix1e/acl_to_text.3
+++ b/lib/libposix1e/acl_to_text.3
@@ -51,7 +51,7 @@ including the NULL terminator) in the location pointed to by
The format of the text string returned by
.Fn acl_to_text
shall be the POSIX.1e long ACL form.
-
+.Pp
This function allocates any memory necessary to contain the string and
returns a pointer to the string. The caller should free any releasable
memory, when the new string is no longer required, by calling
@@ -83,7 +83,7 @@ to the corresponding value:
Argument
.Va acl
does not point to a valid ACL.
-
+.Pp
The ACL denoted by
.Va acl
contains one or more improperly formed ACL entries, or for some other
@@ -112,7 +112,7 @@ and development continues.
.An Robert N M Watson
.Sh BUGS
These features are not yet fully implemented.
-
+.Pp
.Fn acl_from_text
and
.Fn acl_to_text
diff --git a/lib/libposix1e/acl_valid.3 b/lib/libposix1e/acl_valid.3
index e3f0537..aeae264 100644
--- a/lib/libposix1e/acl_valid.3
+++ b/lib/libposix1e/acl_valid.3
@@ -58,7 +58,7 @@ allow an ACL to be checked in the context of a specific acl type,
.Va type ,
and file system object. In environments where additional ACL types are
supported than just POSIX.1e, this makes more sense.
-
+.Pp
For POSIX.1e semantics, the checks include:
.Bd -literal -offset indent
The three required entries (ACL_USER_OBJ, ACL_GROUP_OBJ,
@@ -67,14 +67,14 @@ the ACL contains any ACL_USER, ACL_GROUP, or any other
implementation-defined entries in the file group class
then one ACL_MASK entry shall also be required. The ACL
shall contain at most on ACL_MASK entry.
-
+.Pp
The qualifier field shall be unique among all entries of
the same POSIX.1e ACL facility defined tag type. The
tag type field shall contain valid values including any
implementation-defined values. Validation of the values
of the qualifier field is implementation-defined.
.Ed
-
+.Pp
The POSIX.1e
.Fn acl_valid
function may reorder the ACL for the purposes of verification; the
@@ -105,12 +105,12 @@ argument is not a valid file descriptor.
Argument
.Va acl
does not point to a valid ACL.
-
+.Pp
One or more of the required ACL entries is not present in
.Va acl .
-
+.Pp
The ACL contains entries that are not unique.
-
+.Pp
The file system rejects the ACL based on fs-specific semantics issues.
.It Bq Er ENAMETOOLONG
A component of a pathname exceeded 255 characters, or an
diff --git a/lib/libposix1e/cap_dup.3 b/lib/libposix1e/cap_dup.3
index fdd4cad..2e874a5 100644
--- a/lib/libposix1e/cap_dup.3
+++ b/lib/libposix1e/cap_dup.3
@@ -52,7 +52,7 @@ the other in any way.
This function may cause memory to be allocated.
The caller should free any releasable memory, when the capability state in
working storage is no longer required, by calling
-.Vn cap_free
+.Fn cap_free
with the cap_t as an argument.
.Sh IMPLEMENTATION NOTES
FreeBSD's support for POSIX.1e interfaces and features is still under
diff --git a/lib/libposix1e/cap_free.3 b/lib/libposix1e/cap_free.3
index ed77355..d83f180 100644
--- a/lib/libposix1e/cap_free.3
+++ b/lib/libposix1e/cap_free.3
@@ -32,7 +32,7 @@
.Os FreeBSD
.Sh NAME
.Nm cap_free
-.Nd Release Memory Allocated to a Capability State in Working Storage
+.Nd "Release Memory Allocated to a Capability State in Working Storage"
.Sh SYNOPSIS
.Fd #include <sys/types.h>
.Fd #include <sys/capability.h>
diff --git a/lib/libposix1e/cap_init.3 b/lib/libposix1e/cap_init.3
index 47e4fe3..3e47c9f 100644
--- a/lib/libposix1e/cap_init.3
+++ b/lib/libposix1e/cap_init.3
@@ -49,7 +49,7 @@ implementation shall be cleared.
This function may cause memory to be allocated.
The caller should free any releasable memory, when the capability state in
working storage is no longer required, by calling
-.Vn cap_free
+.Fn cap_free
with the cap_t as an argument.
.Sh IMPLEMENTATION NOTES
FreeBSD's support for POSIX.1e interfaces and features is still under
diff --git a/lib/libposix1e/cap_to_text.3 b/lib/libposix1e/cap_to_text.3
index a3bd762..881af03 100644
--- a/lib/libposix1e/cap_to_text.3
+++ b/lib/libposix1e/cap_to_text.3
@@ -56,7 +56,7 @@ null terminator) in the location pointed to by
The capability state in working storage idenfied by
.Va cap_p
shall be completely represented in the returned string.
-
+.Pp
This function may cause memory to be allocated.
The caller should free any releasable memory, when the capability state
in working memory is no longer required, by calling
diff --git a/lib/libposix1e/posix1e.3 b/lib/libposix1e/posix1e.3
index 9a5afea..40de11d 100644
--- a/lib/libposix1e/posix1e.3
+++ b/lib/libposix1e/posix1e.3
@@ -44,7 +44,7 @@ it describes are now widely used despite inherent limitations. Currently,
only a few of the interfaces and features are implemented in
.Fx ,
although efforts are underway to complete the integration at this time.
-
+.Pp
POSIX.1e describes five security extensions to the base POSIX.1 API:
Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access
Control, and Information Flow Labels. Of these, the ACL interfaces are
@@ -53,7 +53,7 @@ currently included with
Auditing, Capabilities, and Mandatory
Access Control are in the wings, and Information Flow Labels are not on
the calendar.
-
+.Pp
POSIX.1e defines both syntax and semantics for these features, but fairly
substantial changes are required to implement these features in the
operating system. As shipped,
@@ -64,18 +64,17 @@ access to and manipulation of these ACLs, but support for ACLs is not
provided by any file systems shipped in the base operating system.
Available API calls relating to ACLs are described in detail in
.Xr acl 3 .
-
+.Pp
.Fx
currently provides documentation and APIs for fine-grained capability
support, but implementation is currently not included in the base
system. Documentation of these API calls is provided in
.Xr cap 3 .
-
+.Pp
Additional patches supporting POSIX.1e features are provided by the
TrustedBSD project:
-
+.Pp
http://www.trustedbsd.org
-
.Sh IMPLEMENTATION NOTES
.Fx Ns 's
support for POSIX.1e interfaces and features is still under
OpenPOWER on IntegriCloud